2.15. template_ipsec module

class template_ipsec.IpsecTcpTests

Bases: object

test_tcp_checksum()

verify checksum correctness for vpp generated packets

class template_ipsec.IpsecTraTests

Bases: object

test_tra_basic(count=1)

ipsec v4 transport basic test

test_tra_burst()

ipsec v4 transport burst test

class template_ipsec.IpsecTunTests

Bases: object

test_tun_basic(count=1)

ipsec 4o4 tunnel basic test

test_tun_burst()

ipsec 4o4 tunnel burst test

class template_ipsec.TemplateIpsec(methodName='runTest')

Bases: framework.VppTestCase

TRANSPORT MODE:

—— encrypt —

|tra_if| <——-> |VPP|

—— decrypt —

TUNNEL MODE:

—— encrypt — plain —

|tun_if| <——- |VPP| <—— |pg1|

—— — —

—— decrypt — plain —

|tun_if| ——-> |VPP| ——> |pg1|

—— — —

auth_algo = 'HMAC-SHA1-96'

auth_algo_vpp_id = 2

auth_key = 'C91KUR9GYMm5GfkEvNjX'

configure_sa_tra()

configure_sa_tun()

crypt_algo = 'AES-CBC'

crypt_algo_vpp_id = 1

crypt_key = 'JPjyOWBeVEQiMe7h'

gen_encrypt_pkts(sa, sw_intf, src, dst, count=1)

gen_pkts(sw_intf, src, dst, count=1)

payload = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'

remote_tun_if_host = '1.1.1.1'

scapy_tra_sa_id = 30

scapy_tra_spi = 2001

scapy_tun_sa_id = 10

scapy_tun_spi = 1001

send_and_expect(input, pkts, output, count=1)

classmethod setUpClass()

Perform class setup before running the testcase Remove shared memory files, start vpp and connect the vpp-api

tearDown()

Show various debug prints after each test

tra_spd_id = 2

tun_spd_id = 1

vpp_ah_protocol = 0

vpp_esp_protocol = 1

vpp_tra_sa_id = 40

vpp_tra_spi = 2000

vpp_tun_sa_id = 20

vpp_tun_spi = 1000