crypto

ethip4

2n1l-10ge2p1x710-ethip4ipsec11tnlsw-ip4base-int-aes128cbc-hmac512sha-scapy

IPv4 IPsec tunnel mode test suite.

[Top] Network topologies: TG-DUT1 2-node topology with one link between nodes.
[Cfg] DUT configuration: On DUT1 create loopback interface, configure loopback an physical interface IPv4 addresses, static ARP

ecord, route and IPsec manual keyed connection in tunnel mode.

[Ver] TG verification: ETH-IP4 packet is sent from TG to DUT1. Packet is received on TG from DUT1.
[Ref] Applicable standard specifications: RFC4303.

 Test Name

 VPP API Test Commands History - Commands Used Per Test Case

 64b-0c-ethip4ipsec11tnlsw-ip4base- 
 int-aes128cbc-hmac512sha-scapy

 DUT1:  
 cli_inband(cmd=’show logging’) 
 show_version() 
 sw_interface_dump(name_filter_valid=False,name_filter=’’) 
 cli_inband(cmd=’trace add dpdk-input 50’) 
 cli_inband(cmd=’trace add vhost-user-input 50’) 
 cli_inband(cmd=’trace add memif-input 50’) 
 cli_inband(cmd=’trace add avf-input 50’) 
 sw_interface_set_flags(sw_if_index=1,flags=1) 
 hw_interface_set_mtu(sw_if_index=1,mtu=9200) 
 sw_interface_set_flags(sw_if_index=2,flags=1) 
 hw_interface_set_mtu(sw_if_index=2,mtu=9200) 
 sw_interface_dump(name_filter_valid=False,name_filter=’’) 
 sw_interface_set_flags(sw_if_index=1,flags=1) 
 hw_interface_set_mtu(sw_if_index=1,mtu=9200) 
 sw_interface_set_flags(sw_if_index=2,flags=1) 
 hw_interface_set_mtu(sw_if_index=2,mtu=9200) 
 sw_interface_dump(name_filter_valid=False,name_filter=’’) 
 sw_interface_add_del_address(sw_if_index=1,is_add=True,del_all=False,prefix={‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8nx01’}}}) 
 ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 1, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:0b’, ‘ip_address’: ‘192.168.10.2’}) 
 ip_route_add_del(is_add=True,is_multipath=True,route={‘table_id’: 0, ‘prefix’: {‘len’: 8, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’nx00x00x00’}}}, ‘n_paths’: 1, ‘paths’: [{‘sw_if_index’: 1, ‘table_id’: 0, ‘rpf_id’: 4294967295, ‘weight’: 1, ‘preference’: 1, ‘type’: 0, ‘flags’: 0, ‘proto’: 0, ‘nh’: {‘address’: {‘ip4’: b’xc0xa8nx02’}, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘n_labels’: 0, ‘label_stack’: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]}]}) 
 exec create loopback interface 
 exec set interface state loop0 up 
 exec set interface ip address VirtualFunctionEthernet3b/3/4 200.0.0.1/24 
 exec set ip neighbor VirtualFunctionEthernet3b/3/4 200.0.0.2 ba:dc:0f:fe:00:0c static 
 exec set interface ip address loop0 100.0.0.1/32 
 exec create ipip tunnel src 100.0.0.1 dst 200.0.0.2 p2p 
 exec ipsec sa add 0 spi 100000 crypto-alg aes-cbc-128 crypto-key 5a434444776d50514a4778564e744551 integ-alg sha-512-256 integ-key 54424c527a594655597a4c73594e65734c6f585056475a6f41585a616d45415950556261596b734d4e4d726f796d506c676e654a656f6a78594d504d45464658 esp 
 exec ipsec sa add 100000 spi 200000 crypto-alg aes-cbc-128 crypto-key 5a434444776d50514a4778564e744551 integ-alg sha-512-256 integ-key 54424c527a594655597a4c73594e65734c6f585056475a6f41585a616d45415950556261596b734d4e4d726f796d506c676e654a656f6a78594d504d45464658 esp 
 exec ipsec tunnel protect ipip0 sa-out 0 sa-in 100000 add 
 exec set interface ip address loop0 100.0.1.1/32 
 exec create ipip tunnel src 100.0.1.1 dst 200.0.0.2 p2p 
 exec ipsec sa add 1 spi 100001 crypto-alg aes-cbc-128 crypto-key 4779774744785277587a7a6e654f4442 integ-alg sha-512-256 integ-key 4a58566a595a5165564764704166584b4579756350626c527a69684462636473666b43465049534866424d7168524174566e5774486f6c784b73625778764971 esp 
 exec ipsec sa add 100001 spi 200001 crypto-alg aes-cbc-128 crypto-key 4779774744785277587a7a6e654f4442 integ-alg sha-512-256 integ-key 4a58566a595a5165564764704166584b4579756350626c527a69684462636473666b43465049534866424d7168524174566e5774486f6c784b73625778764971 esp 
 exec ipsec tunnel protect ipip1 sa-out 1 sa-in 100001 add 
 exec set interface ip address loop0 100.0.2.1/32 
 exec create ipip tunnel src 100.0.2.1 dst 200.0.0.2 p2p 
 exec ipsec sa add 2 spi 100002 crypto-alg aes-cbc-128 crypto-key 63584c6e6f594d626e5a42664e786d45 integ-alg sha-512-256 integ-key 704a7a59686c474f74634a724341474c78694249426d71726d506b6a58486a69456a7a5a666f4c4543705943754c5742516b46506f5777695154446e6564574b esp 
 exec ipsec sa add 100002 spi 200002 crypto-alg aes-cbc-128 crypto-key 63584c6e6f594d626e5a42664e786d45 integ-alg sha-512-256 integ-key 704a7a59686c474f74634a724341474c78694249426d71726d506b6a58486a69456a7a5a666f4c4543705943754c5742516b46506f5777695154446e6564574b esp 
 exec ipsec tunnel protect ipip2 sa-out 2 sa-in 100002 add 
 exec set interface ip address loop0 100.0.3.1/32 
 exec create ipip tunnel src 100.0.3.1 dst 200.0.0.2 p2p 
 exec ipsec sa add 3 spi 100003 crypto-alg aes-cbc-128 crypto-key 6349794c566b5a534443727873446257 integ-alg sha-512-256 integ-key 72454948786a746b756f536c7a6272756c7348467944545754695758414d69474e494b516d5466756e5661774352547776776c6a6559694c795762615756536f esp 
 exec ipsec sa add 100003 spi 200003 crypto-alg aes-cbc-128 crypto-key 6349794c566b5a534443727873446257 integ-alg sha-512-256 integ-key 72454948786a746b756f536c7a6272756c7348467944545754695758414d69474e494b516d5466756e5661774352547776776c6a6559694c795762615756536f esp 
 exec ipsec tunnel protect ipip3 sa-out 3 sa-in 100003 add 
 exec set interface ip address loop0 100.0.4.1/32 
 exec create ipip tunnel src 100.0.4.1 dst 200.0.0.2 p2p 
 exec ipsec sa add 4 spi 100004 crypto-alg aes-cbc-128 crypto-key 4f4b724942576f786f49627a6d4d4673 integ-alg sha-512-256 integ-key 714647566e596e784d494a4c516a4d6c43634a4c696a564f50584f6d6e577151706156526667555a746f7175726a4c6c485776796c79434970484846656d6179 esp 
 exec ipsec sa add 100004 spi 200004 crypto-alg aes-cbc-128 crypto-key 4f4b724942576f786f49627a6d4d4673 integ-alg sha-512-256 integ-key 714647566e596e784d494a4c516a4d6c43634a4c696a564f50584f6d6e577151706156526667555a746f7175726a4c6c485776796c79434970484846656d6179 esp 
 exec ipsec tunnel protect ipip4 sa-out 4 sa-in 100004 add 
 exec set interface ip address loop0 100.0.5.1/32 
 exec create ipip tunnel src 100.0.5.1 dst 200.0.0.2 p2p 
 exec ipsec sa add 5 spi 100005 crypto-alg aes-cbc-128 crypto-key 475a497578716442497552486871626d integ-alg sha-512-256 integ-key 716e4d7967425a727a63645550636644495473514153475a646c616369414471724b4b4f5844765a6c6657777579644e4f43654b69546471744f705167485a61 esp 
 exec ipsec sa add 100005 spi 200005 crypto-alg aes-cbc-128 crypto-key 475a497578716442497552486871626d integ-alg sha-512-256 integ-key 716e4d7967425a727a63645550636644495473514153475a646c616369414471724b4b4f5844765a6c6657777579644e4f43654b69546471744f705167485a61 esp 
 exec ipsec tunnel protect ipip5 sa-out 5 sa-in 100005 add 
 exec set interface ip address loop0 100.0.6.1/32 
 exec create ipip tunnel src 100.0.6.1 dst 200.0.0.2 p2p 
 exec ipsec sa add 6 spi 100006 crypto-alg aes-cbc-128 crypto-key 6f78655a4f67534a4451676a6267524a integ-alg sha-512-256 integ-key 6e654b6749636d77626c4a774d756a454b727650626b6c6f73576c5141746d45587565576f52535079595164484f4a544d77596d784a727467676352514f4346 esp 
 exec ipsec sa add 100006 spi 200006 crypto-alg aes-cbc-128 crypto-key 6f78655a4f67534a4451676a6267524a integ-alg sha-512-256 integ-key 6e654b6749636d77626c4a774d756a454b727650626b6c6f73576c5141746d45587565576f52535079595164484f4a544d77596d784a727467676352514f4346 esp 
 exec ipsec tunnel protect ipip6 sa-out 6 sa-in 100006 add 
 exec set interface ip address loop0 100.0.7.1/32 
 exec create ipip tunnel src 100.0.7.1 dst 200.0.0.2 p2p 
 exec ipsec sa add 7 spi 100007 crypto-alg aes-cbc-128 crypto-key 666677736265617a4b61536d6b614a41 integ-alg sha-512-256 integ-key 736a746e6e494d6c50505871715076516e4e69546a79624a756c747651654341534c76744c4849774a446a49677a6f6b64686543614a6572416a7376474a665a esp 
 exec ipsec sa add 100007 spi 200007 crypto-alg aes-cbc-128 crypto-key 666677736265617a4b61536d6b614a41 integ-alg sha-512-256 integ-key 736a746e6e494d6c50505871715076516e4e69546a79624a756c747651654341534c76744c4849774a446a49677a6f6b64686543614a6572416a7376474a665a esp 
 exec ipsec tunnel protect ipip7 sa-out 7 sa-in 100007 add 
 exec set interface ip address loop0 100.0.8.1/32 
 exec create ipip tunnel src 100.0.8.1 dst 200.0.0.2 p2p 
 exec ipsec sa add 8 spi 100008 crypto-alg aes-cbc-128 crypto-key 4e4946414d45755a6956644461484259 integ-alg sha-512-256 integ-key 4745514f724f4779675767686b76737658735347796347616373544a7966474a49555a4d5672514a6a666f466b7473695149734d4d4e566a537a6f7a6f64434b esp 
 exec ipsec sa add 100008 spi 200008 crypto-alg aes-cbc-128 crypto-key 4e4946414d45755a6956644461484259 integ-alg sha-512-256 integ-key 4745514f724f4779675767686b76737658735347796347616373544a7966474a49555a4d5672514a6a666f466b7473695149734d4d4e566a537a6f7a6f64434b esp 
 exec ipsec tunnel protect ipip8 sa-out 8 sa-in 100008 add 
 exec set interface ip address loop0 100.0.9.1/32 
 exec create ipip tunnel src 100.0.9.1 dst 200.0.0.2 p2p 
 exec ipsec sa add 9 spi 100009 crypto-alg aes-cbc-128 crypto-key 6279577941576e50614b586c4a7a5457 integ-alg sha-512-256 integ-key 54577847726f4248466163586a576e7a78796b614667716648505974624e57677351685243626e4c53736f44574e6c66696f70476d4e5a697544584343516944 esp 
 exec ipsec sa add 100009 spi 200009 crypto-alg aes-cbc-128 crypto-key 6279577941576e50614b586c4a7a5457 integ-alg sha-512-256 integ-key 54577847726f4248466163586a576e7a78796b614667716648505974624e57677351685243626e4c53736f44574e6c66696f70476d4e5a697544584343516944 esp 
 exec ipsec tunnel protect ipip9 sa-out 9 sa-in 100009 add 
 exec set interface ip address loop0 100.0.10.1/32 
 exec create ipip tunnel src 100.0.10.1 dst 200.0.0.2 p2p 
 exec ipsec sa add 10 spi 100010 crypto-alg aes-cbc-128 crypto-key 6955485a4561654b474d464d63664751 integ-alg sha-512-256 integ-key 68764444794d4e495378554b684b50687657424a696457564c646f747172415869645a7a506c4c44506f6b6f55764e4f6447626f4f456c52586e48754c686a64 esp 
 exec ipsec sa add 100010 spi 200010 crypto-alg aes-cbc-128 crypto-key 6955485a4561654b474d464d63664751 integ-alg sha-512-256 integ-key 68764444794d4e495378554b684b50687657424a696457564c646f747172415869645a7a506c4c44506f6b6f55764e4f6447626f4f456c52586e48754c686a64 esp 
 exec ipsec tunnel protect ipip10 sa-out 10 sa-in 100010 add 
 exec set interface unnumbered ipip0 use VirtualFunctionEthernet3b/3/4 
 exec set interface state ipip0 up 
 exec ip route add 20.0.0.0/32 via ipip0 
 exec set interface unnumbered ipip1 use VirtualFunctionEthernet3b/3/4 
 exec set interface state ipip1 up 
 exec ip route add 20.0.0.1/32 via ipip1 
 exec set interface unnumbered ipip2 use VirtualFunctionEthernet3b/3/4 
 exec set interface state ipip2 up 
 exec ip route add 20.0.0.2/32 via ipip2 
 exec set interface unnumbered ipip3 use VirtualFunctionEthernet3b/3/4 
 exec set interface state ipip3 up 
 exec ip route add 20.0.0.3/32 via ipip3 
 exec set interface unnumbered ipip4 use VirtualFunctionEthernet3b/3/4 
 exec set interface state ipip4 up 
 exec ip route add 20.0.0.4/32 via ipip4 
 exec set interface unnumbered ipip5 use VirtualFunctionEthernet3b/3/4 
 exec set interface state ipip5 up 
 exec ip route add 20.0.0.5/32 via ipip5 
 exec set interface unnumbered ipip6 use VirtualFunctionEthernet3b/3/4 
 exec set interface state ipip6 up 
 exec ip route add 20.0.0.6/32 via ipip6 
 exec set interface unnumbered ipip7 use VirtualFunctionEthernet3b/3/4 
 exec set interface state ipip7 up 
 exec ip route add 20.0.0.7/32 via ipip7 
 exec set interface unnumbered ipip8 use VirtualFunctionEthernet3b/3/4 
 exec set interface state ipip8 up 
 exec ip route add 20.0.0.8/32 via ipip8 
 exec set interface unnumbered ipip9 use VirtualFunctionEthernet3b/3/4 
 exec set interface state ipip9 up 
 exec ip route add 20.0.0.9/32 via ipip9 
 exec set interface unnumbered ipip10 use VirtualFunctionEthernet3b/3/4 
 exec set interface state ipip10 up 
 exec ip route add 20.0.0.10/32 via ipip10

2n1l-10ge2p1x710-ethip4ipsec1tnlsw-ip4base-int-aes128cbc-hmac512sha-scapy

IPv4 IPsec tunnel mode test suite.

[Top] Network topologies: TG-DUT1 2-node topology with one link between nodes.
[Cfg] DUT configuration: On DUT1 create loopback interface, configure loopback an physical interface IPv4 addresses, static ARP irecord, route and IPsec manual keyed connection in tunnel mode.
[Ver] TG verification: ETH-IP4 packet is sent from TG to DUT1. Packet is received on TG from DUT1.
[Ref] Applicable standard specifications: RFC4303.

 Test Name

 VPP API Test Commands History - Commands Used Per Test Case

 64b-0c-ethip4ipsec1tnlsw-ip4base- 
 int-aes128cbc-hmac512sha-scapy

 DUT1:  
 cli_inband(cmd=’show logging’) 
 show_version() 
 sw_interface_dump(name_filter_valid=False,name_filter=’’) 
 cli_inband(cmd=’trace add dpdk-input 50’) 
 cli_inband(cmd=’trace add vhost-user-input 50’) 
 cli_inband(cmd=’trace add memif-input 50’) 
 cli_inband(cmd=’trace add avf-input 50’) 
 sw_interface_set_flags(sw_if_index=1,flags=1) 
 hw_interface_set_mtu(sw_if_index=1,mtu=9200) 
 sw_interface_set_flags(sw_if_index=2,flags=1) 
 hw_interface_set_mtu(sw_if_index=2,mtu=9200) 
 sw_interface_dump(name_filter_valid=False,name_filter=’’) 
 sw_interface_set_flags(sw_if_index=1,flags=1) 
 hw_interface_set_mtu(sw_if_index=1,mtu=9200) 
 sw_interface_set_flags(sw_if_index=2,flags=1) 
 hw_interface_set_mtu(sw_if_index=2,mtu=9200) 
 sw_interface_dump(name_filter_valid=False,name_filter=’’) 
 sw_interface_add_del_address(sw_if_index=1,is_add=True,del_all=False,prefix={‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8nx01’}}}) 
 ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 1, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:0b’, ‘ip_address’: ‘192.168.10.2’}) 
 ip_route_add_del(is_add=True,is_multipath=True,route={‘table_id’: 0, ‘prefix’: {‘len’: 8, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’nx00x00x00’}}}, ‘n_paths’: 1, ‘paths’: [{‘sw_if_index’: 1, ‘table_id’: 0, ‘rpf_id’: 4294967295, ‘weight’: 1, ‘preference’: 1, ‘type’: 0, ‘flags’: 0, ‘proto’: 0, ‘nh’: {‘address’: {‘ip4’: b’xc0xa8nx02’}, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘n_labels’: 0, ‘label_stack’: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]}]}) 
 create_loopback_instance(mac_address=0,is_specified=False,user_instance=0) 
 sw_interface_set_flags(sw_if_index=3,flags=1) 
 sw_interface_add_del_address(sw_if_index=2,is_add=True,del_all=False,prefix={‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc8x00x00x01’}}}) 
 ip_neighbor_add_del(is_add=1,neighbor={‘sw_if_index’: 2, ‘flags’: 1, ‘mac_address’: ‘ba:dc:0f:fe:00:0c’, ‘ip_address’: ‘200.0.0.2’}) 
 sw_interface_add_del_address(sw_if_index=3,is_add=True,del_all=False,prefix={‘len’: 32, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’dx00x00x01’}}}) 
 ipip_add_tunnel(tunnel={‘instance’: 4294967295, ‘src’: {‘af’: 0, ‘un’: {‘ip4’: b’dx00x00x01’}}, ‘dst’: {‘af’: 0, ‘un’: {‘ip4’: b’xc8x00x00x02’}}, ‘table_id’: 0, ‘flags’: 0, ‘mode’: 0, ‘dscp’: 0}) 
 ipsec_sad_entry_add(entry={‘sad_id’: 0, ‘spi’: 100000, ‘protocol’: 50, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’GMUTEpQiypVNLRUB’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’yRiihcWYvhEqkZIonAcHjagzZSYXWJaSFmbXejwHoAaFrkJLCESXbMuTthRIYekw’}, ‘flags’: 0, ‘tunnel’: {‘src’: 0, ‘dst’: 0, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘salt’: 0, ‘udp_src_port’: 65535, ‘udp_dst_port’: 65535}) 
 ipsec_sad_entry_add(entry={‘sad_id’: 100000, ‘spi’: 200000, ‘protocol’: 50, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’GMUTEpQiypVNLRUB’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’yRiihcWYvhEqkZIonAcHjagzZSYXWJaSFmbXejwHoAaFrkJLCESXbMuTthRIYekw’}, ‘flags’: 64, ‘tunnel’: {‘src’: 0, ‘dst’: 0, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘salt’: 0, ‘udp_src_port’: 65535, ‘udp_dst_port’: 65535}) 
 ipsec_tunnel_protect_update(tunnel={‘sw_if_index’: 4, ‘nh’: {‘address’: 0, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘sa_out’: 0, ‘n_sa_in’: 1, ‘sa_in’: [100000]}) 
 sw_interface_set_unnumbered(is_add=True,sw_if_index=2,unnumbered_sw_if_index=4) 
 sw_interface_set_flags(sw_if_index=4,flags=1) 
 ip_route_add_del(is_add=1,is_multipath=0,route={‘table_id’: 0, ‘prefix’: {‘len’: 32, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’x14x00x00x00’}}}, ‘n_paths’: 1, ‘paths’: [{‘sw_if_index’: 4, ‘table_id’: 0, ‘rpf_id’: 4294967295, ‘weight’: 1, ‘preference’: 1, ‘type’: 0, ‘flags’: 0, ‘proto’: 0, ‘nh’: {‘address’: 0, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘n_labels’: 0, ‘label_stack’: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]}]})

2n1l-10ge2p1x710-ethip4ipsec1tnlsw-ip4base-policy-aes128cbc-hmac512sha-scapy

IPv4 IPsec tunnel mode test suite.

[Top] Network topologies: TG-DUT1 2-node topology with one link between nodes.
[Cfg] DUT configuration: On DUT1 create loopback interface, configure loopback an physical interface IPv4 addresses, static ARP

ecord, route and IPsec manual keyed connection in tunnel mode.

[Ver] TG verification: ESP packet is sent from TG to DUT1. ESP packet is received on TG from DUT1.
[Ref] Applicable standard specifications: RFC4303.

 Test Name

 VPP API Test Commands History - Commands Used Per Test Case

 64b-0c-ethip4ipsec1tnlsw-ip4base- 
 policy-aes128cbc-hmac512sha-scapy

 DUT1:  
 cli_inband(cmd=’show logging’) 
 show_version() 
 sw_interface_dump(name_filter_valid=False,name_filter=’’) 
 cli_inband(cmd=’trace add dpdk-input 50’) 
 cli_inband(cmd=’trace add vhost-user-input 50’) 
 cli_inband(cmd=’trace add memif-input 50’) 
 cli_inband(cmd=’trace add avf-input 50’) 
 sw_interface_set_flags(sw_if_index=1,flags=1) 
 hw_interface_set_mtu(sw_if_index=1,mtu=9200) 
 sw_interface_set_flags(sw_if_index=2,flags=1) 
 hw_interface_set_mtu(sw_if_index=2,mtu=9200) 
 sw_interface_dump(name_filter_valid=False,name_filter=’’) 
 sw_interface_set_flags(sw_if_index=1,flags=1) 
 hw_interface_set_mtu(sw_if_index=1,mtu=9200) 
 sw_interface_set_flags(sw_if_index=2,flags=1) 
 hw_interface_set_mtu(sw_if_index=2,mtu=9200) 
 sw_interface_dump(name_filter_valid=False,name_filter=’’) 
 sw_interface_add_del_address(sw_if_index=1,is_add=True,del_all=False,prefix={‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}}) 
 sw_interface_add_del_address(sw_if_index=2,is_add=True,del_all=False,prefix={‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x03’}}}) 
 ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 1, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:0b’, ‘ip_address’: ‘192.168.100.2’}) 
 ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 2, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:0c’, ‘ip_address’: ‘192.168.4.4’}) 
 ip_route_add_del(is_add=True,is_multipath=True,route={‘table_id’: 0, ‘prefix’: {‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x00’}}}, ‘n_paths’: 1, ‘paths’: [{‘sw_if_index’: 1, ‘table_id’: 0, ‘rpf_id’: 4294967295, ‘weight’: 1, ‘preference’: 1, ‘type’: 0, ‘flags’: 0, ‘proto’: 0, ‘nh’: {‘address’: {‘ip4’: b’xc0xa8dx02’}, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘n_labels’: 0, ‘label_stack’: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]}]}) 
 ipsec_sad_entry_add(entry={‘sad_id’: 10, ‘spi’: 1001, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’8LoWWK8Kf1qQUbmf’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’oDJyu9bqJtkPJn8jiuieUcNxipFmcg1vXisvilaE9FYjhuiP0Z5lr5uI8QyKUuSW’}, ‘flags’: 4, ‘tunnel’: {‘src’: ‘192.168.100.3’, ‘dst’: ‘192.168.100.2’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500}) 
 ipsec_sad_entry_add(entry={‘sad_id’: 20, ‘spi’: 1000, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’8LoWWK8Kf1qQUbmf’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’oDJyu9bqJtkPJn8jiuieUcNxipFmcg1vXisvilaE9FYjhuiP0Z5lr5uI8QyKUuSW’}, ‘flags’: 4, ‘tunnel’: {‘src’: ‘192.168.100.2’, ‘dst’: ‘192.168.100.3’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500}) 
 ipsec_spd_add_del(is_add=True,spd_id=1) 
 ipsec_interface_add_del_spd(is_add=True,sw_if_index=1,spd_id=1) 
 ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: False, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535}) 
 ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: True, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535}) 
 ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: False, ‘sa_id’: 20, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535}) 
 ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: True, ‘sa_id’: 10, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})

2n1l-10ge2p1x710-ethip4ipsec1tptsw-ip4base-policy-aes128cbc-hmac512sha-scapy

IPv4 IPsec transport mode test suite.

[Top] Network topologies: TG-DUT1 2-node topology with one link between nodes.
[Cfg] DUT configuration: On DUT1 create loopback interface, configure loopback an physical interface IPv4 addresses, static ARP

ecord, route and IPsec manual keyed connection in transport mode.

[Ver] TG verification: ESP packet is sent from TG to DUT1. ESP packet is received on TG from DUT1.
[Ref] Applicable standard specifications: RFC4303.

 Test Name

 VPP API Test Commands History - Commands Used Per Test Case

 64b-0c-ethip4ipsec1tptsw-ip4base- 
 policy-aes128cbc-hmac512sha-scapy

 DUT1:  
 cli_inband(cmd=’show logging’) 
 show_version() 
 sw_interface_dump(name_filter_valid=False,name_filter=’’) 
 cli_inband(cmd=’trace add dpdk-input 50’) 
 cli_inband(cmd=’trace add vhost-user-input 50’) 
 cli_inband(cmd=’trace add memif-input 50’) 
 cli_inband(cmd=’trace add avf-input 50’) 
 sw_interface_set_flags(sw_if_index=1,flags=1) 
 hw_interface_set_mtu(sw_if_index=1,mtu=9200) 
 sw_interface_set_flags(sw_if_index=2,flags=1) 
 hw_interface_set_mtu(sw_if_index=2,mtu=9200) 
 sw_interface_dump(name_filter_valid=False,name_filter=’’) 
 sw_interface_set_flags(sw_if_index=1,flags=1) 
 hw_interface_set_mtu(sw_if_index=1,mtu=9200) 
 sw_interface_set_flags(sw_if_index=2,flags=1) 
 hw_interface_set_mtu(sw_if_index=2,mtu=9200) 
 sw_interface_dump(name_filter_valid=False,name_filter=’’) 
 sw_interface_add_del_address(sw_if_index=1,is_add=True,del_all=False,prefix={‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}}) 
 sw_interface_add_del_address(sw_if_index=2,is_add=True,del_all=False,prefix={‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x03’}}}) 
 ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 1, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:0b’, ‘ip_address’: ‘192.168.100.2’}) 
 ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 2, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:0c’, ‘ip_address’: ‘192.168.4.4’}) 
 ip_route_add_del(is_add=True,is_multipath=True,route={‘table_id’: 0, ‘prefix’: {‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x00’}}}, ‘n_paths’: 1, ‘paths’: [{‘sw_if_index’: 1, ‘table_id’: 0, ‘rpf_id’: 4294967295, ‘weight’: 1, ‘preference’: 1, ‘type’: 0, ‘flags’: 0, ‘proto’: 0, ‘nh’: {‘address’: {‘ip4’: b’xc0xa8dx02’}, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘n_labels’: 0, ‘label_stack’: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]}]}) 
 ipsec_sad_entry_add(entry={‘sad_id’: 10, ‘spi’: 1001, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’D5EnYcXL7LRHYyCO’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’8Nt55sW4WyoqBSAHFMb2olMcI9exeMj1nKVdrvnuR8bVmdvLRhIGWYLlHYfg9G2A’}, ‘flags’: 0, ‘tunnel’: {‘src’: ‘’, ‘dst’: ‘’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500}) 
 ipsec_sad_entry_add(entry={‘sad_id’: 20, ‘spi’: 1000, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’D5EnYcXL7LRHYyCO’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’8Nt55sW4WyoqBSAHFMb2olMcI9exeMj1nKVdrvnuR8bVmdvLRhIGWYLlHYfg9G2A’}, ‘flags’: 0, ‘tunnel’: {‘src’: ‘’, ‘dst’: ‘’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500}) 
 ipsec_spd_add_del(is_add=True,spd_id=1) 
 ipsec_interface_add_del_spd(is_add=True,sw_if_index=1,spd_id=1) 
 ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: False, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535}) 
 ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: True, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535}) 
 ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: False, ‘sa_id’: 20, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535}) 
 ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: True, ‘sa_id’: 10, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})

ethip6

2n1l-10ge2p1x710-ethip6ipsec1tnlsw-ip6base-policy-aes128cbc-hmac512sha-scapy

IPv6 IPsec tunnel mode test suite.

[Top] Network topologies: TG-DUT1 2-node topology with one link between nodes.
[Cfg] DUT configuration: On DUT1 create loopback interface, configure loopback an physical interface IPv6 addresses, static ARP

ecord, route and IPsec manual keyed connection in tunnel mode.

[Ver] TG verification: ESP packet is sent from TG to DUT1. ESP packet is received on TG from DUT1.
[Ref] Applicable standard specifications: RFC4303.

 Test Name

 VPP API Test Commands History - Commands Used Per Test Case

 78b-0c-ethip6ipsec1tnlsw-ip6base- 
 policy-aes128cbc-hmac512sha-scapy

 DUT1:  
 cli_inband(cmd=’show logging’) 
 show_version() 
 sw_interface_dump(name_filter_valid=False,name_filter=’’) 
 cli_inband(cmd=’trace add dpdk-input 50’) 
 cli_inband(cmd=’trace add vhost-user-input 50’) 
 cli_inband(cmd=’trace add memif-input 50’) 
 cli_inband(cmd=’trace add avf-input 50’) 
 sw_interface_set_flags(sw_if_index=1,flags=1) 
 hw_interface_set_mtu(sw_if_index=1,mtu=9200) 
 sw_interface_set_flags(sw_if_index=2,flags=1) 
 hw_interface_set_mtu(sw_if_index=2,mtu=9200) 
 sw_interface_dump(name_filter_valid=False,name_filter=’’) 
 sw_interface_set_flags(sw_if_index=1,flags=1) 
 hw_interface_set_mtu(sw_if_index=1,mtu=9200) 
 sw_interface_set_flags(sw_if_index=2,flags=1) 
 hw_interface_set_mtu(sw_if_index=2,mtu=9200) 
 sw_interface_dump(name_filter_valid=False,name_filter=’’) 
 sw_interface_add_del_address(sw_if_index=1,is_add=True,del_all=False,prefix={‘len’: 64, ‘address’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}}) 
 sw_interface_add_del_address(sw_if_index=2,is_add=True,del_all=False,prefix={‘len’: 64, ‘address’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x03’}}}) 
 ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 1, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:0b’, ‘ip_address’: ‘3ffe:5f::1’}) 
 ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 2, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:0c’, ‘ip_address’: ‘3ffe:60::4’}) 
 ip_address_dump(sw_if_index=1,is_ipv6=True) 
 sw_interface_ip6nd_ra_config(sw_if_index=1,suppress=1) 
 ip_address_dump(sw_if_index=2,is_ipv6=True) 
 sw_interface_ip6nd_ra_config(sw_if_index=2,suppress=1) 
 ip_route_add_del(is_add=True,is_multipath=True,route={‘table_id’: 0, ‘prefix’: {‘len’: 128, ‘address’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}}, ‘n_paths’: 1, ‘paths’: [{‘sw_if_index’: 1, ‘table_id’: 0, ‘rpf_id’: 4294967295, ‘weight’: 1, ‘preference’: 1, ‘type’: 0, ‘flags’: 0, ‘proto’: 1, ‘nh’: {‘address’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘n_labels’: 0, ‘label_stack’: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]}]}) 
 ipsec_sad_entry_add(entry={‘sad_id’: 10, ‘spi’: 1001, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’vd6YGRwc7eWwXZTF’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’k6PqAz2Qto1wGikcmCl5TVuYEMJjVW3MgtGXDnn564DF69pXuyd2hTSRPJZ4ZtEN’}, ‘flags’: 12, ‘tunnel’: {‘src’: ‘3ffe:5f::2’, ‘dst’: ‘3ffe:5f::1’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500}) 
 ipsec_sad_entry_add(entry={‘sad_id’: 20, ‘spi’: 1000, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’vd6YGRwc7eWwXZTF’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’k6PqAz2Qto1wGikcmCl5TVuYEMJjVW3MgtGXDnn564DF69pXuyd2hTSRPJZ4ZtEN’}, ‘flags’: 12, ‘tunnel’: {‘src’: ‘3ffe:5f::1’, ‘dst’: ‘3ffe:5f::2’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500}) 
 ipsec_spd_add_del(is_add=True,spd_id=1) 
 ipsec_interface_add_del_spd(is_add=True,sw_if_index=1,spd_id=1) 
 ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: False, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535}) 
 ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: True, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535}) 
 ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: False, ‘sa_id’: 20, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535}) 
 ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: True, ‘sa_id’: 10, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})

2n1l-10ge2p1x710-ethip6ipsec1tptsw-ip6base-policy-aes128cbc-hmac512sha-scapy

IPv6 IPsec transport mode test suite.

[Top] Network topologies: TG-DUT1 2-node topology with one link between nodes.
[Cfg] DUT configuration: On DUT1 create loopback interface, configure loopback an physical interface IPv6 addresses, static ARP

ecord, route and IPsec manual keyed connection in transport mode.

[Ver] TG verification: ESP packet is sent from TG to DUT1. ESP packet is received on TG from DUT1.
[Ref] Applicable standard specifications: RFC4303.

 Test Name

 VPP API Test Commands History - Commands Used Per Test Case

 78b-0c-ethip6ipsec1tptsw-ip6base- 
 policy-aes128cbc-hmac512sha-scapy

 DUT1:  
 cli_inband(cmd=’show logging’) 
 show_version() 
 sw_interface_dump(name_filter_valid=False,name_filter=’’) 
 cli_inband(cmd=’trace add dpdk-input 50’) 
 cli_inband(cmd=’trace add vhost-user-input 50’) 
 cli_inband(cmd=’trace add memif-input 50’) 
 cli_inband(cmd=’trace add avf-input 50’) 
 sw_interface_set_flags(sw_if_index=1,flags=1) 
 hw_interface_set_mtu(sw_if_index=1,mtu=9200) 
 sw_interface_set_flags(sw_if_index=2,flags=1) 
 hw_interface_set_mtu(sw_if_index=2,mtu=9200) 
 sw_interface_dump(name_filter_valid=False,name_filter=’’) 
 sw_interface_set_flags(sw_if_index=1,flags=1) 
 hw_interface_set_mtu(sw_if_index=1,mtu=9200) 
 sw_interface_set_flags(sw_if_index=2,flags=1) 
 hw_interface_set_mtu(sw_if_index=2,mtu=9200) 
 sw_interface_dump(name_filter_valid=False,name_filter=’’) 
 sw_interface_add_del_address(sw_if_index=1,is_add=True,del_all=False,prefix={‘len’: 64, ‘address’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}}) 
 sw_interface_add_del_address(sw_if_index=2,is_add=True,del_all=False,prefix={‘len’: 64, ‘address’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x03’}}}) 
 ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 1, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:0b’, ‘ip_address’: ‘3ffe:5f::1’}) 
 ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 2, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:0c’, ‘ip_address’: ‘3ffe:60::4’}) 
 ip_address_dump(sw_if_index=1,is_ipv6=True) 
 sw_interface_ip6nd_ra_config(sw_if_index=1,suppress=1) 
 ip_address_dump(sw_if_index=2,is_ipv6=True) 
 sw_interface_ip6nd_ra_config(sw_if_index=2,suppress=1) 
 ip_route_add_del(is_add=True,is_multipath=True,route={‘table_id’: 0, ‘prefix’: {‘len’: 128, ‘address’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}}, ‘n_paths’: 1, ‘paths’: [{‘sw_if_index’: 1, ‘table_id’: 0, ‘rpf_id’: 4294967295, ‘weight’: 1, ‘preference’: 1, ‘type’: 0, ‘flags’: 0, ‘proto’: 1, ‘nh’: {‘address’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘n_labels’: 0, ‘label_stack’: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]}]}) 
 ipsec_sad_entry_add(entry={‘sad_id’: 10, ‘spi’: 1001, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’dBKQ8GQSIqcPCVqd’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’ydCiUuL8SKWqL1iiVXM7QAUhaCPqsTJh90uiX69yfz7T2CrN8iNKHVgobKUdU8R3’}, ‘flags’: 0, ‘tunnel’: {‘src’: ‘’, ‘dst’: ‘’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500}) 
 ipsec_sad_entry_add(entry={‘sad_id’: 20, ‘spi’: 1000, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’dBKQ8GQSIqcPCVqd’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’ydCiUuL8SKWqL1iiVXM7QAUhaCPqsTJh90uiX69yfz7T2CrN8iNKHVgobKUdU8R3’}, ‘flags’: 0, ‘tunnel’: {‘src’: ‘’, ‘dst’: ‘’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500}) 
 ipsec_spd_add_del(is_add=True,spd_id=1) 
 ipsec_interface_add_del_spd(is_add=True,sw_if_index=1,spd_id=1) 
 ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: False, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535}) 
 ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: True, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535}) 
 ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: False, ‘sa_id’: 20, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535}) 
 ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: True, ‘sa_id’: 10, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})