crypto

ethip4

2n1l-10ge2p1x710-ethip4ipsec11tnlsw-ip4base-int-aes128cbc-hmac512sha-scapy

2n1l-10ge2p1x710-ethip4ipsec11tnlsw-ip4base-int-aes128cbc-hmac512sha-scapy

IPv4 IPsec tunnel mode test suite.

  • [Top] Network topologies: TG-DUT1 2-node topology with one link between nodes.

  • [Cfg] DUT configuration: On DUT1 create loopback interface, configure loopback an physical interface IPv4 addresses, static ARP record, route and IPsec manual keyed connection in tunnel mode.

  • [Ver] TG verification: ETH-IP4 packet is sent from TG to DUT1. Packet is received on TG from DUT1.

  • [Ref] Applicable standard specifications: RFC4303.

 Test Name 

 VPP API Test Commands History - Commands Used Per Test Case 

 64b-0c-ethip4ipsec11tnlsw-ip4base- 
int-aes128cbc-hmac512sha-scapy

 DUT1:  
cli_inband(cmd=’show logging’)
show_version()
sw_interface_dump(name_filter_valid=False,name_filter=’’)
cli_inband(cmd=’trace add dpdk-input 50’)
cli_inband(cmd=’trace add vhost-user-input 50’)
cli_inband(cmd=’trace add memif-input 50’)
cli_inband(cmd=’trace add avf-input 50’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_add_del_address(sw_if_index=1,is_add=True,del_all=False,prefix={‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8nx01’}}})
ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 1, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:00’, ‘ip_address’: ‘192.168.10.2’})
ip_route_add_del(is_add=True,is_multipath=True,route={‘table_id’: 0, ‘prefix’: {‘len’: 8, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’nx00x00x00’}}}, ‘n_paths’: 1, ‘paths’: [{‘sw_if_index’: 1, ‘table_id’: 0, ‘rpf_id’: 4294967295, ‘weight’: 1, ‘preference’: 1, ‘type’: 0, ‘flags’: 0, ‘proto’: 0, ‘nh’: {‘address’: {‘ip4’: b’xc0xa8nx02’}, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘n_labels’: 0, ‘label_stack’: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]}]})
exec create loopback interface
exec set interface state loop0 up
exec set interface ip address VirtualFunctionEthernet3b/3/2 200.0.0.1/24
exec set ip neighbor VirtualFunctionEthernet3b/3/2 200.0.0.2 ba:dc:0f:fe:00:0a static
exec set interface ip address loop0 100.0.0.1/32
exec create ipip tunnel src 100.0.0.1 dst 200.0.0.2 p2p
exec ipsec sa add 0 spi 100000 crypto-alg aes-cbc-128 crypto-key 63644a67684b5844446f5a65706d427a integ-alg sha-512-256 integ-key 586b4451546b70634a44734e46786d4d746b7a57584d71484f4c6c7a4b666272657353555a59704459686879516b565558476f7359637877565a786169574a49 esp
exec ipsec sa add 100000 spi 200000 crypto-alg aes-cbc-128 crypto-key 63644a67684b5844446f5a65706d427a integ-alg sha-512-256 integ-key 586b4451546b70634a44734e46786d4d746b7a57584d71484f4c6c7a4b666272657353555a59704459686879516b565558476f7359637877565a786169574a49 esp
exec ipsec tunnel protect ipip0 sa-out 0 sa-in 100000 add
exec set interface ip address loop0 100.0.1.1/32
exec create ipip tunnel src 100.0.1.1 dst 200.0.0.2 p2p
exec ipsec sa add 1 spi 100001 crypto-alg aes-cbc-128 crypto-key 444a46527a56757276506c615a4f516b integ-alg sha-512-256 integ-key 4c4f75436a4c4b555a4d454f747776646d46737749504e69716a6579585059594c6e745a67684e7a6f57464e736b4d634d57506a43745a6a7356736641595242 esp
exec ipsec sa add 100001 spi 200001 crypto-alg aes-cbc-128 crypto-key 444a46527a56757276506c615a4f516b integ-alg sha-512-256 integ-key 4c4f75436a4c4b555a4d454f747776646d46737749504e69716a6579585059594c6e745a67684e7a6f57464e736b4d634d57506a43745a6a7356736641595242 esp
exec ipsec tunnel protect ipip1 sa-out 1 sa-in 100001 add
exec set interface ip address loop0 100.0.2.1/32
exec create ipip tunnel src 100.0.2.1 dst 200.0.0.2 p2p
exec ipsec sa add 2 spi 100002 crypto-alg aes-cbc-128 crypto-key 7348414a62786e4c476f7451414d6357 integ-alg sha-512-256 integ-key 58616255414b577755764369645a657268594b694c416b617051464d614e7148666769424c6675524b546d514355736242567061514257577271686a486d5a68 esp
exec ipsec sa add 100002 spi 200002 crypto-alg aes-cbc-128 crypto-key 7348414a62786e4c476f7451414d6357 integ-alg sha-512-256 integ-key 58616255414b577755764369645a657268594b694c416b617051464d614e7148666769424c6675524b546d514355736242567061514257577271686a486d5a68 esp
exec ipsec tunnel protect ipip2 sa-out 2 sa-in 100002 add
exec set interface ip address loop0 100.0.3.1/32
exec create ipip tunnel src 100.0.3.1 dst 200.0.0.2 p2p
exec ipsec sa add 3 spi 100003 crypto-alg aes-cbc-128 crypto-key 496a6870646946735253734a684e5279 integ-alg sha-512-256 integ-key 514a69774c6d4570586f467257756e727772657748696d45676b6f6d70566a7a66754d6154635670735343796649686a496f64695851614f545851624b726741 esp
exec ipsec sa add 100003 spi 200003 crypto-alg aes-cbc-128 crypto-key 496a6870646946735253734a684e5279 integ-alg sha-512-256 integ-key 514a69774c6d4570586f467257756e727772657748696d45676b6f6d70566a7a66754d6154635670735343796649686a496f64695851614f545851624b726741 esp
exec ipsec tunnel protect ipip3 sa-out 3 sa-in 100003 add
exec set interface ip address loop0 100.0.4.1/32
exec create ipip tunnel src 100.0.4.1 dst 200.0.0.2 p2p
exec ipsec sa add 4 spi 100004 crypto-alg aes-cbc-128 crypto-key 634744736b4b6578664c75696d775066 integ-alg sha-512-256 integ-key 62516a4e53557a4c43594c525a4b6f514876696c52427a525349776768674a586e664c5743424d48727143436e47644f5873637943726359726f6a4e7857786f esp
exec ipsec sa add 100004 spi 200004 crypto-alg aes-cbc-128 crypto-key 634744736b4b6578664c75696d775066 integ-alg sha-512-256 integ-key 62516a4e53557a4c43594c525a4b6f514876696c52427a525349776768674a586e664c5743424d48727143436e47644f5873637943726359726f6a4e7857786f esp
exec ipsec tunnel protect ipip4 sa-out 4 sa-in 100004 add
exec set interface ip address loop0 100.0.5.1/32
exec create ipip tunnel src 100.0.5.1 dst 200.0.0.2 p2p
exec ipsec sa add 5 spi 100005 crypto-alg aes-cbc-128 crypto-key 4649527377716d6b6c42614747444a4b integ-alg sha-512-256 integ-key 5457766d516c426d4a776c454e674956475a635456617052474664486e6456527747587445536b7848486b6570416b4a4f6643785979524d754965727943546e esp
exec ipsec sa add 100005 spi 200005 crypto-alg aes-cbc-128 crypto-key 4649527377716d6b6c42614747444a4b integ-alg sha-512-256 integ-key 5457766d516c426d4a776c454e674956475a635456617052474664486e6456527747587445536b7848486b6570416b4a4f6643785979524d754965727943546e esp
exec ipsec tunnel protect ipip5 sa-out 5 sa-in 100005 add
exec set interface ip address loop0 100.0.6.1/32
exec create ipip tunnel src 100.0.6.1 dst 200.0.0.2 p2p
exec ipsec sa add 6 spi 100006 crypto-alg aes-cbc-128 crypto-key 4c506a65754e4a627663744d74754358 integ-alg sha-512-256 integ-key 414c42674742446471416e59596c6f7257667366646a624b6b785069576e57595a7078646852576f514b44595744635649597078595565426545505477626771 esp
exec ipsec sa add 100006 spi 200006 crypto-alg aes-cbc-128 crypto-key 4c506a65754e4a627663744d74754358 integ-alg sha-512-256 integ-key 414c42674742446471416e59596c6f7257667366646a624b6b785069576e57595a7078646852576f514b44595744635649597078595565426545505477626771 esp
exec ipsec tunnel protect ipip6 sa-out 6 sa-in 100006 add
exec set interface ip address loop0 100.0.7.1/32
exec create ipip tunnel src 100.0.7.1 dst 200.0.0.2 p2p
exec ipsec sa add 7 spi 100007 crypto-alg aes-cbc-128 crypto-key 49486f417a536d797a63456c6d4a636a integ-alg sha-512-256 integ-key 6a42785371686f4e727a63616d50644872576672515642506a656861536d4e4a464b4a51634766657947566771714b436f48787572496a647a774663586c4866 esp
exec ipsec sa add 100007 spi 200007 crypto-alg aes-cbc-128 crypto-key 49486f417a536d797a63456c6d4a636a integ-alg sha-512-256 integ-key 6a42785371686f4e727a63616d50644872576672515642506a656861536d4e4a464b4a51634766657947566771714b436f48787572496a647a774663586c4866 esp
exec ipsec tunnel protect ipip7 sa-out 7 sa-in 100007 add
exec set interface ip address loop0 100.0.8.1/32
exec create ipip tunnel src 100.0.8.1 dst 200.0.0.2 p2p
exec ipsec sa add 8 spi 100008 crypto-alg aes-cbc-128 crypto-key 544951547149786f7a417452504a6252 integ-alg sha-512-256 integ-key 756c416267505772547371634e70736e7556545a6c734851797a54614843694149584d7356527a4654745a4a774b6e675269616668427466577557686a4a484c esp
exec ipsec sa add 100008 spi 200008 crypto-alg aes-cbc-128 crypto-key 544951547149786f7a417452504a6252 integ-alg sha-512-256 integ-key 756c416267505772547371634e70736e7556545a6c734851797a54614843694149584d7356527a4654745a4a774b6e675269616668427466577557686a4a484c esp
exec ipsec tunnel protect ipip8 sa-out 8 sa-in 100008 add
exec set interface ip address loop0 100.0.9.1/32
exec create ipip tunnel src 100.0.9.1 dst 200.0.0.2 p2p
exec ipsec sa add 9 spi 100009 crypto-alg aes-cbc-128 crypto-key 494b6550634879726c6242444755594f integ-alg sha-512-256 integ-key 69567a476c554a687967484572595a545348585258584d4e4864757770674a4d47746f5642645256767a46474e4e4c764a4c7764595371674b5650797661544d esp
exec ipsec sa add 100009 spi 200009 crypto-alg aes-cbc-128 crypto-key 494b6550634879726c6242444755594f integ-alg sha-512-256 integ-key 69567a476c554a687967484572595a545348585258584d4e4864757770674a4d47746f5642645256767a46474e4e4c764a4c7764595371674b5650797661544d esp
exec ipsec tunnel protect ipip9 sa-out 9 sa-in 100009 add
exec set interface ip address loop0 100.0.10.1/32
exec create ipip tunnel src 100.0.10.1 dst 200.0.0.2 p2p
exec ipsec sa add 10 spi 100010 crypto-alg aes-cbc-128 crypto-key 4a4a51746953656b7a75516e656d7850 integ-alg sha-512-256 integ-key 77616b5563596f555a774b735064617166654f4b4846544d744e58536c52596c4c6254436b786b6d6f6561534f4b726c4278716966466d58766e516a6c62476a esp
exec ipsec sa add 100010 spi 200010 crypto-alg aes-cbc-128 crypto-key 4a4a51746953656b7a75516e656d7850 integ-alg sha-512-256 integ-key 77616b5563596f555a774b735064617166654f4b4846544d744e58536c52596c4c6254436b786b6d6f6561534f4b726c4278716966466d58766e516a6c62476a esp
exec ipsec tunnel protect ipip10 sa-out 10 sa-in 100010 add
exec set interface unnumbered ipip0 use VirtualFunctionEthernet3b/3/2
exec set interface state ipip0 up
exec ip route add 20.0.0.0/32 via ipip0
exec set interface unnumbered ipip1 use VirtualFunctionEthernet3b/3/2
exec set interface state ipip1 up
exec ip route add 20.0.0.1/32 via ipip1
exec set interface unnumbered ipip2 use VirtualFunctionEthernet3b/3/2
exec set interface state ipip2 up
exec ip route add 20.0.0.2/32 via ipip2
exec set interface unnumbered ipip3 use VirtualFunctionEthernet3b/3/2
exec set interface state ipip3 up
exec ip route add 20.0.0.3/32 via ipip3
exec set interface unnumbered ipip4 use VirtualFunctionEthernet3b/3/2
exec set interface state ipip4 up
exec ip route add 20.0.0.4/32 via ipip4
exec set interface unnumbered ipip5 use VirtualFunctionEthernet3b/3/2
exec set interface state ipip5 up
exec ip route add 20.0.0.5/32 via ipip5
exec set interface unnumbered ipip6 use VirtualFunctionEthernet3b/3/2
exec set interface state ipip6 up
exec ip route add 20.0.0.6/32 via ipip6
exec set interface unnumbered ipip7 use VirtualFunctionEthernet3b/3/2
exec set interface state ipip7 up
exec ip route add 20.0.0.7/32 via ipip7
exec set interface unnumbered ipip8 use VirtualFunctionEthernet3b/3/2
exec set interface state ipip8 up
exec ip route add 20.0.0.8/32 via ipip8
exec set interface unnumbered ipip9 use VirtualFunctionEthernet3b/3/2
exec set interface state ipip9 up
exec ip route add 20.0.0.9/32 via ipip9
exec set interface unnumbered ipip10 use VirtualFunctionEthernet3b/3/2
exec set interface state ipip10 up
exec ip route add 20.0.0.10/32 via ipip10

2n1l-10ge2p1x710-ethip4ipsec1tnlsw-ip4base-int-aes128cbc-hmac512sha-scapy

2n1l-10ge2p1x710-ethip4ipsec1tnlsw-ip4base-int-aes128cbc-hmac512sha-scapy

IPv4 IPsec tunnel mode test suite.

  • [Top] Network topologies: TG-DUT1 2-node topology with one link between nodes.

  • [Cfg] DUT configuration: On DUT1 create loopback interface, configure loopback an physical interface IPv4 addresses, static ARP irecord, route and IPsec manual keyed connection in tunnel mode.

  • [Ver] TG verification: ETH-IP4 packet is sent from TG to DUT1. Packet is received on TG from DUT1.

  • [Ref] Applicable standard specifications: RFC4303.

 Test Name 

 VPP API Test Commands History - Commands Used Per Test Case 

 64b-0c-ethip4ipsec1tnlsw-ip4base- 
int-aes128cbc-hmac512sha-scapy

 DUT1:  
cli_inband(cmd=’show logging’)
show_version()
sw_interface_dump(name_filter_valid=False,name_filter=’’)
cli_inband(cmd=’trace add dpdk-input 50’)
cli_inband(cmd=’trace add vhost-user-input 50’)
cli_inband(cmd=’trace add memif-input 50’)
cli_inband(cmd=’trace add avf-input 50’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_add_del_address(sw_if_index=1,is_add=True,del_all=False,prefix={‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8nx01’}}})
ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 1, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:00’, ‘ip_address’: ‘192.168.10.2’})
ip_route_add_del(is_add=True,is_multipath=True,route={‘table_id’: 0, ‘prefix’: {‘len’: 8, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’nx00x00x00’}}}, ‘n_paths’: 1, ‘paths’: [{‘sw_if_index’: 1, ‘table_id’: 0, ‘rpf_id’: 4294967295, ‘weight’: 1, ‘preference’: 1, ‘type’: 0, ‘flags’: 0, ‘proto’: 0, ‘nh’: {‘address’: {‘ip4’: b’xc0xa8nx02’}, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘n_labels’: 0, ‘label_stack’: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]}]})
create_loopback_instance(mac_address=0,is_specified=False,user_instance=0)
sw_interface_set_flags(sw_if_index=3,flags=1)
sw_interface_add_del_address(sw_if_index=2,is_add=True,del_all=False,prefix={‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc8x00x00x01’}}})
ip_neighbor_add_del(is_add=1,neighbor={‘sw_if_index’: 2, ‘flags’: 1, ‘mac_address’: ‘ba:dc:0f:fe:00:0a’, ‘ip_address’: ‘200.0.0.2’})
sw_interface_add_del_address(sw_if_index=3,is_add=True,del_all=False,prefix={‘len’: 32, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’dx00x00x01’}}})
ipip_add_tunnel(tunnel={‘instance’: 4294967295, ‘src’: {‘af’: 0, ‘un’: {‘ip4’: b’dx00x00x01’}}, ‘dst’: {‘af’: 0, ‘un’: {‘ip4’: b’xc8x00x00x02’}}, ‘table_id’: 0, ‘flags’: 0, ‘mode’: 0, ‘dscp’: 0})
ipsec_sad_entry_add_del_v3(is_add=True,entry={‘sad_id’: 0, ‘spi’: 100000, ‘protocol’: 50, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’LOPDVIYQdQUmiWRj’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’giYPcqXvVOMAeJDkJLWQNcakpziqTKJItwgdIDCLzuZFXSUsbUSNVMpojbToGDXE’}, ‘flags’: 0, ‘tunnel’: {‘src’: 0, ‘dst’: 0, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘salt’: 0, ‘udp_src_port’: 65535, ‘udp_dst_port’: 65535})
ipsec_sad_entry_add_del_v3(is_add=True,entry={‘sad_id’: 100000, ‘spi’: 200000, ‘protocol’: 50, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’LOPDVIYQdQUmiWRj’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’giYPcqXvVOMAeJDkJLWQNcakpziqTKJItwgdIDCLzuZFXSUsbUSNVMpojbToGDXE’}, ‘flags’: 64, ‘tunnel’: {‘src’: 0, ‘dst’: 0, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘salt’: 0, ‘udp_src_port’: 65535, ‘udp_dst_port’: 65535})
ipsec_tunnel_protect_update(tunnel={‘sw_if_index’: 4, ‘nh’: {‘address’: 0, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘sa_out’: 0, ‘n_sa_in’: 1, ‘sa_in’: [100000]})
sw_interface_set_unnumbered(is_add=True,sw_if_index=2,unnumbered_sw_if_index=4)
sw_interface_set_flags(sw_if_index=4,flags=1)
ip_route_add_del(is_add=1,is_multipath=0,route={‘table_id’: 0, ‘prefix’: {‘len’: 32, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’x14x00x00x00’}}}, ‘n_paths’: 1, ‘paths’: [{‘sw_if_index’: 4, ‘table_id’: 0, ‘rpf_id’: 4294967295, ‘weight’: 1, ‘preference’: 1, ‘type’: 0, ‘flags’: 0, ‘proto’: 0, ‘nh’: {‘address’: 0, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘n_labels’: 0, ‘label_stack’: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]}]})

2n1l-10ge2p1x710-ethip4ipsec1tnlsw-ip4base-policy-aes128cbc-hmac512sha-scapy

2n1l-10ge2p1x710-ethip4ipsec1tnlsw-ip4base-policy-aes128cbc-hmac512sha-scapy

IPv4 IPsec tunnel mode test suite.

  • [Top] Network topologies: TG-DUT1 2-node topology with one link between nodes.

  • [Cfg] DUT configuration: On DUT1 create loopback interface, configure loopback an physical interface IPv4 addresses, static ARP record, route and IPsec manual keyed connection in tunnel mode.

  • [Ver] TG verification: ESP packet is sent from TG to DUT1. ESP packet is received on TG from DUT1.

  • [Ref] Applicable standard specifications: RFC4303.

 Test Name 

 VPP API Test Commands History - Commands Used Per Test Case 

 64b-0c-ethip4ipsec1tnlsw-ip4base- 
policy-aes128cbc-hmac512sha-scapy

 DUT1:  
cli_inband(cmd=’show logging’)
show_version()
sw_interface_dump(name_filter_valid=False,name_filter=’’)
cli_inband(cmd=’trace add dpdk-input 50’)
cli_inband(cmd=’trace add vhost-user-input 50’)
cli_inband(cmd=’trace add memif-input 50’)
cli_inband(cmd=’trace add avf-input 50’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_add_del_address(sw_if_index=1,is_add=True,del_all=False,prefix={‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}})
sw_interface_add_del_address(sw_if_index=2,is_add=True,del_all=False,prefix={‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x03’}}})
ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 1, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:00’, ‘ip_address’: ‘192.168.100.2’})
ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 2, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:0a’, ‘ip_address’: ‘192.168.4.4’})
ip_route_add_del(is_add=True,is_multipath=True,route={‘table_id’: 0, ‘prefix’: {‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x00’}}}, ‘n_paths’: 1, ‘paths’: [{‘sw_if_index’: 1, ‘table_id’: 0, ‘rpf_id’: 4294967295, ‘weight’: 1, ‘preference’: 1, ‘type’: 0, ‘flags’: 0, ‘proto’: 0, ‘nh’: {‘address’: {‘ip4’: b’xc0xa8dx02’}, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘n_labels’: 0, ‘label_stack’: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]}]})
ipsec_sad_entry_add_del_v3(is_add=True,entry={‘sad_id’: 10, ‘spi’: 1001, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’LYBz8b4QSLCO5D6k’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’pOYKFG1qsCc5nyHU24rmAYVJhN9fnoarPHHIELRn95Ay1wJRYCcscFEOBoxlVeCN’}, ‘flags’: 4, ‘tunnel’: {‘src’: ‘192.168.100.3’, ‘dst’: ‘192.168.100.2’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500})
ipsec_sad_entry_add_del_v3(is_add=True,entry={‘sad_id’: 20, ‘spi’: 1000, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’LYBz8b4QSLCO5D6k’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’pOYKFG1qsCc5nyHU24rmAYVJhN9fnoarPHHIELRn95Ay1wJRYCcscFEOBoxlVeCN’}, ‘flags’: 4, ‘tunnel’: {‘src’: ‘192.168.100.2’, ‘dst’: ‘192.168.100.3’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500})
ipsec_spd_add_del(is_add=True,spd_id=1)
ipsec_interface_add_del_spd(is_add=True,sw_if_index=1,spd_id=1)
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: False, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: True, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: False, ‘sa_id’: 20, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: True, ‘sa_id’: 10, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})

2n1l-10ge2p1x710-ethip4ipsec1tptsw-ip4base-policy-aes128cbc-hmac512sha-scapy

2n1l-10ge2p1x710-ethip4ipsec1tptsw-ip4base-policy-aes128cbc-hmac512sha-scapy

IPv4 IPsec transport mode test suite.

  • [Top] Network topologies: TG-DUT1 2-node topology with one link between nodes.

  • [Cfg] DUT configuration: On DUT1 create loopback interface, configure loopback an physical interface IPv4 addresses, static ARP record, route and IPsec manual keyed connection in transport mode.

  • [Ver] TG verification: ESP packet is sent from TG to DUT1. ESP packet is received on TG from DUT1.

  • [Ref] Applicable standard specifications: RFC4303.

 Test Name 

 VPP API Test Commands History - Commands Used Per Test Case 

 64b-0c-ethip4ipsec1tptsw-ip4base- 
policy-aes128cbc-hmac512sha-scapy

 DUT1:  
cli_inband(cmd=’show logging’)
show_version()
sw_interface_dump(name_filter_valid=False,name_filter=’’)
cli_inband(cmd=’trace add dpdk-input 50’)
cli_inband(cmd=’trace add vhost-user-input 50’)
cli_inband(cmd=’trace add memif-input 50’)
cli_inband(cmd=’trace add avf-input 50’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_add_del_address(sw_if_index=1,is_add=True,del_all=False,prefix={‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}})
sw_interface_add_del_address(sw_if_index=2,is_add=True,del_all=False,prefix={‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x03’}}})
ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 1, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:00’, ‘ip_address’: ‘192.168.100.2’})
ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 2, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:0a’, ‘ip_address’: ‘192.168.4.4’})
ip_route_add_del(is_add=True,is_multipath=True,route={‘table_id’: 0, ‘prefix’: {‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x00’}}}, ‘n_paths’: 1, ‘paths’: [{‘sw_if_index’: 1, ‘table_id’: 0, ‘rpf_id’: 4294967295, ‘weight’: 1, ‘preference’: 1, ‘type’: 0, ‘flags’: 0, ‘proto’: 0, ‘nh’: {‘address’: {‘ip4’: b’xc0xa8dx02’}, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘n_labels’: 0, ‘label_stack’: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]}]})
ipsec_sad_entry_add_del_v3(is_add=True,entry={‘sad_id’: 10, ‘spi’: 1001, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’BGDcurmPZijhRvcF’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’xEqhDW2FKavWOKe3UYyOg9vYbYKDIP8fHOzUCSXXydP8cTSfTUG35UJ8TfIgL4ir’}, ‘flags’: 0, ‘tunnel’: {‘src’: ‘’, ‘dst’: ‘’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500})
ipsec_sad_entry_add_del_v3(is_add=True,entry={‘sad_id’: 20, ‘spi’: 1000, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’BGDcurmPZijhRvcF’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’xEqhDW2FKavWOKe3UYyOg9vYbYKDIP8fHOzUCSXXydP8cTSfTUG35UJ8TfIgL4ir’}, ‘flags’: 0, ‘tunnel’: {‘src’: ‘’, ‘dst’: ‘’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500})
ipsec_spd_add_del(is_add=True,spd_id=1)
ipsec_interface_add_del_spd(is_add=True,sw_if_index=1,spd_id=1)
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: False, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: True, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: False, ‘sa_id’: 20, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: True, ‘sa_id’: 10, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})

ethip6

2n1l-10ge2p1x710-ethip6ipsec1tnlsw-ip6base-policy-aes128cbc-hmac512sha-scapy

2n1l-10ge2p1x710-ethip6ipsec1tnlsw-ip6base-policy-aes128cbc-hmac512sha-scapy

IPv6 IPsec tunnel mode test suite.

  • [Top] Network topologies: TG-DUT1 2-node topology with one link between nodes.

  • [Cfg] DUT configuration: On DUT1 create loopback interface, configure loopback an physical interface IPv6 addresses, static ARP record, route and IPsec manual keyed connection in tunnel mode.

  • [Ver] TG verification: ESP packet is sent from TG to DUT1. ESP packet is received on TG from DUT1.

  • [Ref] Applicable standard specifications: RFC4303.

 Test Name 

 VPP API Test Commands History - Commands Used Per Test Case 

 78b-0c-ethip6ipsec1tnlsw-ip6base- 
policy-aes128cbc-hmac512sha-scapy

 DUT1:  
cli_inband(cmd=’show logging’)
show_version()
sw_interface_dump(name_filter_valid=False,name_filter=’’)
cli_inband(cmd=’trace add dpdk-input 50’)
cli_inband(cmd=’trace add vhost-user-input 50’)
cli_inband(cmd=’trace add memif-input 50’)
cli_inband(cmd=’trace add avf-input 50’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_add_del_address(sw_if_index=1,is_add=True,del_all=False,prefix={‘len’: 64, ‘address’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}})
sw_interface_add_del_address(sw_if_index=2,is_add=True,del_all=False,prefix={‘len’: 64, ‘address’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x03’}}})
ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 1, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:00’, ‘ip_address’: ‘3ffe:5f::1’})
ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 2, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:0a’, ‘ip_address’: ‘3ffe:60::4’})
ip_address_dump(sw_if_index=1,is_ipv6=True)
sw_interface_ip6nd_ra_config(sw_if_index=1,suppress=1)
ip_address_dump(sw_if_index=2,is_ipv6=True)
sw_interface_ip6nd_ra_config(sw_if_index=2,suppress=1)
ip_route_add_del(is_add=True,is_multipath=True,route={‘table_id’: 0, ‘prefix’: {‘len’: 128, ‘address’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}}, ‘n_paths’: 1, ‘paths’: [{‘sw_if_index’: 1, ‘table_id’: 0, ‘rpf_id’: 4294967295, ‘weight’: 1, ‘preference’: 1, ‘type’: 0, ‘flags’: 0, ‘proto’: 1, ‘nh’: {‘address’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘n_labels’: 0, ‘label_stack’: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]}]})
ipsec_sad_entry_add_del_v3(is_add=True,entry={‘sad_id’: 10, ‘spi’: 1001, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’eMwREqKoQJfjyJvV’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’Vy1VeQXQ4fsxn2ehVzY41d72sA3fO8upyMMs5Hxzxl8JfBr6TRuBdD2e7vhJNvkX’}, ‘flags’: 12, ‘tunnel’: {‘src’: ‘3ffe:5f::2’, ‘dst’: ‘3ffe:5f::1’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500})
ipsec_sad_entry_add_del_v3(is_add=True,entry={‘sad_id’: 20, ‘spi’: 1000, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’eMwREqKoQJfjyJvV’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’Vy1VeQXQ4fsxn2ehVzY41d72sA3fO8upyMMs5Hxzxl8JfBr6TRuBdD2e7vhJNvkX’}, ‘flags’: 12, ‘tunnel’: {‘src’: ‘3ffe:5f::1’, ‘dst’: ‘3ffe:5f::2’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500})
ipsec_spd_add_del(is_add=True,spd_id=1)
ipsec_interface_add_del_spd(is_add=True,sw_if_index=1,spd_id=1)
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: False, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: True, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: False, ‘sa_id’: 20, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: True, ‘sa_id’: 10, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})

2n1l-10ge2p1x710-ethip6ipsec1tptsw-ip6base-policy-aes128cbc-hmac512sha-scapy

2n1l-10ge2p1x710-ethip6ipsec1tptsw-ip6base-policy-aes128cbc-hmac512sha-scapy

IPv6 IPsec transport mode test suite.

  • [Top] Network topologies: TG-DUT1 2-node topology with one link between nodes.

  • [Cfg] DUT configuration: On DUT1 create loopback interface, configure loopback an physical interface IPv6 addresses, static ARP record, route and IPsec manual keyed connection in transport mode.

  • [Ver] TG verification: ESP packet is sent from TG to DUT1. ESP packet is received on TG from DUT1.

  • [Ref] Applicable standard specifications: RFC4303.

 Test Name 

 VPP API Test Commands History - Commands Used Per Test Case 

 78b-0c-ethip6ipsec1tptsw-ip6base- 
policy-aes128cbc-hmac512sha-scapy

 DUT1:  
cli_inband(cmd=’show logging’)
show_version()
sw_interface_dump(name_filter_valid=False,name_filter=’’)
cli_inband(cmd=’trace add dpdk-input 50’)
cli_inband(cmd=’trace add vhost-user-input 50’)
cli_inband(cmd=’trace add memif-input 50’)
cli_inband(cmd=’trace add avf-input 50’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_add_del_address(sw_if_index=1,is_add=True,del_all=False,prefix={‘len’: 64, ‘address’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}})
sw_interface_add_del_address(sw_if_index=2,is_add=True,del_all=False,prefix={‘len’: 64, ‘address’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x03’}}})
ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 1, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:00’, ‘ip_address’: ‘3ffe:5f::1’})
ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 2, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:0a’, ‘ip_address’: ‘3ffe:60::4’})
ip_address_dump(sw_if_index=1,is_ipv6=True)
sw_interface_ip6nd_ra_config(sw_if_index=1,suppress=1)
ip_address_dump(sw_if_index=2,is_ipv6=True)
sw_interface_ip6nd_ra_config(sw_if_index=2,suppress=1)
ip_route_add_del(is_add=True,is_multipath=True,route={‘table_id’: 0, ‘prefix’: {‘len’: 128, ‘address’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}}, ‘n_paths’: 1, ‘paths’: [{‘sw_if_index’: 1, ‘table_id’: 0, ‘rpf_id’: 4294967295, ‘weight’: 1, ‘preference’: 1, ‘type’: 0, ‘flags’: 0, ‘proto’: 1, ‘nh’: {‘address’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘n_labels’: 0, ‘label_stack’: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]}]})
ipsec_sad_entry_add_del_v3(is_add=True,entry={‘sad_id’: 10, ‘spi’: 1001, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’j29p1uc4HeWLhKgw’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’ZwvsEZteYP32A9tkeLrBbI6xEJ77BJ6WZKjmWOztKzPZKQ5ahz6zPTA99ouK3YSb’}, ‘flags’: 0, ‘tunnel’: {‘src’: ‘’, ‘dst’: ‘’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500})
ipsec_sad_entry_add_del_v3(is_add=True,entry={‘sad_id’: 20, ‘spi’: 1000, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’j29p1uc4HeWLhKgw’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’ZwvsEZteYP32A9tkeLrBbI6xEJ77BJ6WZKjmWOztKzPZKQ5ahz6zPTA99ouK3YSb’}, ‘flags’: 0, ‘tunnel’: {‘src’: ‘’, ‘dst’: ‘’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500})
ipsec_spd_add_del(is_add=True,spd_id=1)
ipsec_interface_add_del_spd(is_add=True,sw_if_index=1,spd_id=1)
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: False, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: True, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: False, ‘sa_id’: 20, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: True, ‘sa_id’: 10, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})