Overview¶
Virtual Topologies¶
CSIT VPP Device tests are executed in Physical containerized topologies created on demand using set of scripts hosted and developed under CSIT repository. It runs on physical baremetal servers hosted by LF FD.io project. Based on the packet path thru SUT Containers, three distinct logical topology types are used for VPP DUT data plane testing:
vfNIC-to-vfNIC switching topologies.
vfNIC-to-vhost-user switching topologies.
vfNIC-to-memif switching topologies.
vfNIC-to-vfNIC Switching¶
The simplest physical topology for software data plane application like VPP is vfNIC-to-vfNIC switching. Tested virtual topologies for 2-Node testbeds are shown in figures below.
SUT1 is Docker Container (running Ubuntu, depending on the test suite), TG is a Traffic Generator (running Ubuntu Container). SUTs run VPP SW application in Linux user-mode as a Device Under Test (DUT) within the container. TG runs Scapy SW application as a packet Traffic Generator. Network connectivity between SUTs and to TG is provided using virtual function of physical NICs.
Virtual topologies are created on-demand whenever a verification job is started (e.g. triggered by the gerrit patch submission) and destroyed upon completion of all functional tests. Each node is a container running on physical server. During the test execution, all nodes are reachable thru the Management (not shown above for clarity).
vfNIC-to-vhost-user Switching¶
vfNIC-to-vhost-user switching topology test cases require VPP DUT to communicate with Virtual Machine (VM) over Vhost-user virtual interfaces. VM is created on SUT1 for the duration of these particular test cases only. Virtual test topology with VM is shown in the figure below.
vfNIC-to-memif Switching¶
vfNIC-to-memif switching topology test cases require VPP DUT to communicate with another Docker Container over memif interfaces. Container is created for the duration of these particular test cases only and it is running the same VPP version as running on DUT. Virtual test topology with Memif is shown in the figure below.
Functional Tests Coverage¶
CSIT-2202 includes following VPP functionality tested in VPP Device environment:
Functionality |
Description |
---|---|
ACL (classify) |
Ingress Access Control List security for L2 Bridge-Domain MAC switching, IPv4 routing, IPv6 routing. |
ACL (acl_plugin) |
Ingress and Egress Access Control List security in stateless and stateful mode for L2 Bridge-Domain MAC switching, IPv4 routing, IPv6 routing. |
ADL |
ADL address allow-list and block-list filtering for IPv4 and IPv6 routing. |
GENEVE |
GENEVE tunnels for IPv4 routing. |
IPSec |
IPSec tunnel and transport modes. |
IPv4 |
IPv4 routing, ICMPv4. |
IPv6 |
IPv4 routing, ICMPv6. |
L2BD |
L2 Bridge-Domain switching for untagged Ethernet. |
L2XC |
L2 Cross-Connect switching for untagged Ethernet. |
MACIP (acl_plugin) |
Ingress Access Control List security for L2 Bridge-Domain MAC switching based on mix of MAC and IP address matches. |
Memif Interface |
Baseline VPP memif interface tests. |
NAT44 |
Network Address and Port Translation deterministic mode and endpoint-dependent mode tests for IPv4. |
QoS Policer Metering |
Ingress packet rate metering and marking for IPv4, IPv6. |
SRv6 |
Segment routing over IPv6, base and proxy. |
Tap Interface |
Baseline Linux tap interface tests. |
VLAN Tag |
L2 VLAN subinterfaces. |
Vhost-user Interface |
Baseline VPP vhost-user interface tests. |
VXLAN |
VXLAN overlay tunneling for L2-over-IPv4 and -over-IPv6. |
Tests Naming¶
CSIT-2202 follows a common structured naming convention for all performance and system functional tests, introduced in CSIT-17.01.
The naming should be intuitive for majority of the tests. Complete description of CSIT test naming convention is provided on Test Naming.