crypto

ethip4

2n1l-10ge2p1x710-ethip4ipsec11tnlsw-ip4base-int-aes128cbc-hmac512sha-scapy

2n1l-10ge2p1x710-ethip4ipsec11tnlsw-ip4base-int-aes128cbc-hmac512sha-scapy

IPv4 IPsec tunnel mode test suite.

  • [Top] Network topologies: TG-DUT1 2-node topology with one link between nodes.

  • [Cfg] DUT configuration: On DUT1 create loopback interface, configure loopback an physical interface IPv4 addresses, static ARP record, route and IPsec manual keyed connection in tunnel mode.

  • [Ver] TG verification: ETH-IP4 packet is sent from TG to DUT1. Packet is received on TG from DUT1.

  • [Ref] Applicable standard specifications: RFC4303.

 Test Name 

 VPP API Test Commands History - Commands Used Per Test Case 

 64b-0c-ethip4ipsec11tnlsw-ip4base- 
int-aes128cbc-hmac512sha-scapy

 DUT1:  
cli_inband(cmd=’show logging’)
show_version()
sw_interface_dump(name_filter_valid=False,name_filter=’’)
cli_inband(cmd=’trace add dpdk-input 50’)
cli_inband(cmd=’trace add vhost-user-input 50’)
cli_inband(cmd=’trace add memif-input 50’)
cli_inband(cmd=’trace add avf-input 50’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_add_del_address(sw_if_index=1,is_add=True,del_all=False,prefix={‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8nx01’}}})
ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 1, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:18’, ‘ip_address’: ‘192.168.10.2’})
ip_route_add_del(is_add=True,is_multipath=True,route={‘table_id’: 0, ‘prefix’: {‘len’: 8, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’nx00x00x00’}}}, ‘n_paths’: 1, ‘paths’: [{‘sw_if_index’: 1, ‘table_id’: 0, ‘rpf_id’: 4294967295, ‘weight’: 1, ‘preference’: 1, ‘type’: 0, ‘flags’: 0, ‘proto’: 0, ‘nh’: {‘address’: {‘ip4’: b’xc0xa8nx02’}, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘n_labels’: 0, ‘label_stack’: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]}]})
exec create loopback interface
exec set interface state loop0 up
exec set interface ip address VirtualFunctionEthernet3b/5/1 200.0.0.1/24
exec set ip neighbor VirtualFunctionEthernet3b/5/1 200.0.0.2 ba:dc:0f:fe:00:19 static
exec set interface ip address loop0 100.0.0.1/32
exec create ipip tunnel src 100.0.0.1 dst 200.0.0.2 p2p
exec ipsec sa add 0 spi 100000 crypto-alg aes-cbc-128 crypto-key 77575543735468427a427768616d616d integ-alg sha-512-256 integ-key 525a4f42516d4e6e5a6870476973725a756c73576f5655714d5368564153446f775a456a57756b684649457753644e737470456e6b51764c59465443466b7741 esp
exec ipsec sa add 100000 spi 200000 crypto-alg aes-cbc-128 crypto-key 77575543735468427a427768616d616d integ-alg sha-512-256 integ-key 525a4f42516d4e6e5a6870476973725a756c73576f5655714d5368564153446f775a456a57756b684649457753644e737470456e6b51764c59465443466b7741 esp
exec ipsec tunnel protect ipip0 sa-out 0 sa-in 100000 add
exec set interface ip address loop0 100.0.1.1/32
exec create ipip tunnel src 100.0.1.1 dst 200.0.0.2 p2p
exec ipsec sa add 1 spi 100001 crypto-alg aes-cbc-128 crypto-key 54416966546f6d6b7065595252725171 integ-alg sha-512-256 integ-key 68536c6d444757666a41446b6f43636e5a776c6a6d424e614f6764757a5262796b5173715067474a6c626b4852654e5a796b62447445795a497155595a6e7269 esp
exec ipsec sa add 100001 spi 200001 crypto-alg aes-cbc-128 crypto-key 54416966546f6d6b7065595252725171 integ-alg sha-512-256 integ-key 68536c6d444757666a41446b6f43636e5a776c6a6d424e614f6764757a5262796b5173715067474a6c626b4852654e5a796b62447445795a497155595a6e7269 esp
exec ipsec tunnel protect ipip1 sa-out 1 sa-in 100001 add
exec set interface ip address loop0 100.0.2.1/32
exec create ipip tunnel src 100.0.2.1 dst 200.0.0.2 p2p
exec ipsec sa add 2 spi 100002 crypto-alg aes-cbc-128 crypto-key 4c5958764f4d517479685568676f5161 integ-alg sha-512-256 integ-key 624a66524564746c42734376446a62696e514154694c7178724b7a617943476c4e7363715865705a7977505774557a52696c64727149535044715345786e7a4f esp
exec ipsec sa add 100002 spi 200002 crypto-alg aes-cbc-128 crypto-key 4c5958764f4d517479685568676f5161 integ-alg sha-512-256 integ-key 624a66524564746c42734376446a62696e514154694c7178724b7a617943476c4e7363715865705a7977505774557a52696c64727149535044715345786e7a4f esp
exec ipsec tunnel protect ipip2 sa-out 2 sa-in 100002 add
exec set interface ip address loop0 100.0.3.1/32
exec create ipip tunnel src 100.0.3.1 dst 200.0.0.2 p2p
exec ipsec sa add 3 spi 100003 crypto-alg aes-cbc-128 crypto-key 536563576f6a5073734278576642785a integ-alg sha-512-256 integ-key 4652517342736770524e595641795374437448657173486b41645a69756e774543576b4c516f4d507a674944516c6a7441754a7667794b54745844737978414b esp
exec ipsec sa add 100003 spi 200003 crypto-alg aes-cbc-128 crypto-key 536563576f6a5073734278576642785a integ-alg sha-512-256 integ-key 4652517342736770524e595641795374437448657173486b41645a69756e774543576b4c516f4d507a674944516c6a7441754a7667794b54745844737978414b esp
exec ipsec tunnel protect ipip3 sa-out 3 sa-in 100003 add
exec set interface ip address loop0 100.0.4.1/32
exec create ipip tunnel src 100.0.4.1 dst 200.0.0.2 p2p
exec ipsec sa add 4 spi 100004 crypto-alg aes-cbc-128 crypto-key 706d78796e5242457464716d66524465 integ-alg sha-512-256 integ-key 764549664777726655566762747852465165486a6d694750474c7179417351676e4571564d6852594a6f68514d69574c546d5976494a7679684a6c774b6c4171 esp
exec ipsec sa add 100004 spi 200004 crypto-alg aes-cbc-128 crypto-key 706d78796e5242457464716d66524465 integ-alg sha-512-256 integ-key 764549664777726655566762747852465165486a6d694750474c7179417351676e4571564d6852594a6f68514d69574c546d5976494a7679684a6c774b6c4171 esp
exec ipsec tunnel protect ipip4 sa-out 4 sa-in 100004 add
exec set interface ip address loop0 100.0.5.1/32
exec create ipip tunnel src 100.0.5.1 dst 200.0.0.2 p2p
exec ipsec sa add 5 spi 100005 crypto-alg aes-cbc-128 crypto-key 4a6d4e6f5a626f566874614d6c664762 integ-alg sha-512-256 integ-key 7067667859654f626948496f42465945425a796a54575671446761574c6265464f53786956717a62494a714458655a6178764a59634d707553435062526d6763 esp
exec ipsec sa add 100005 spi 200005 crypto-alg aes-cbc-128 crypto-key 4a6d4e6f5a626f566874614d6c664762 integ-alg sha-512-256 integ-key 7067667859654f626948496f42465945425a796a54575671446761574c6265464f53786956717a62494a714458655a6178764a59634d707553435062526d6763 esp
exec ipsec tunnel protect ipip5 sa-out 5 sa-in 100005 add
exec set interface ip address loop0 100.0.6.1/32
exec create ipip tunnel src 100.0.6.1 dst 200.0.0.2 p2p
exec ipsec sa add 6 spi 100006 crypto-alg aes-cbc-128 crypto-key 7a48716b4c5559724355795647547874 integ-alg sha-512-256 integ-key 655676567846554b634f526e674255676d535a49494364706c4c6745457a75564c53454365514f6b556971684d4e7071667764776f49536d54704c7749636548 esp
exec ipsec sa add 100006 spi 200006 crypto-alg aes-cbc-128 crypto-key 7a48716b4c5559724355795647547874 integ-alg sha-512-256 integ-key 655676567846554b634f526e674255676d535a49494364706c4c6745457a75564c53454365514f6b556971684d4e7071667764776f49536d54704c7749636548 esp
exec ipsec tunnel protect ipip6 sa-out 6 sa-in 100006 add
exec set interface ip address loop0 100.0.7.1/32
exec create ipip tunnel src 100.0.7.1 dst 200.0.0.2 p2p
exec ipsec sa add 7 spi 100007 crypto-alg aes-cbc-128 crypto-key 646a55684c52556a6b49584f534e6252 integ-alg sha-512-256 integ-key 4868776d7a7a414853774667654b656570586e56425855624c52436a54697654564f6c48755a6f6772754e496b74437a48674167706b6149494c564555745573 esp
exec ipsec sa add 100007 spi 200007 crypto-alg aes-cbc-128 crypto-key 646a55684c52556a6b49584f534e6252 integ-alg sha-512-256 integ-key 4868776d7a7a414853774667654b656570586e56425855624c52436a54697654564f6c48755a6f6772754e496b74437a48674167706b6149494c564555745573 esp
exec ipsec tunnel protect ipip7 sa-out 7 sa-in 100007 add
exec set interface ip address loop0 100.0.8.1/32
exec create ipip tunnel src 100.0.8.1 dst 200.0.0.2 p2p
exec ipsec sa add 8 spi 100008 crypto-alg aes-cbc-128 crypto-key 6e426c704e444153524341687a43574d integ-alg sha-512-256 integ-key 76587948444853716658526d7a736d566471657768726b54596255566b5852584464675378454c515a6c766652695a6861664478657976616356586a64494a61 esp
exec ipsec sa add 100008 spi 200008 crypto-alg aes-cbc-128 crypto-key 6e426c704e444153524341687a43574d integ-alg sha-512-256 integ-key 76587948444853716658526d7a736d566471657768726b54596255566b5852584464675378454c515a6c766652695a6861664478657976616356586a64494a61 esp
exec ipsec tunnel protect ipip8 sa-out 8 sa-in 100008 add
exec set interface ip address loop0 100.0.9.1/32
exec create ipip tunnel src 100.0.9.1 dst 200.0.0.2 p2p
exec ipsec sa add 9 spi 100009 crypto-alg aes-cbc-128 crypto-key 444275686e504b5165536c4a674f7174 integ-alg sha-512-256 integ-key 736e6679474f49724c5a5150416f644e774d58746e6a6a6b7875437376727241654e4a634779644c59794e5470596650516677655973457362795a6c4d5a6251 esp
exec ipsec sa add 100009 spi 200009 crypto-alg aes-cbc-128 crypto-key 444275686e504b5165536c4a674f7174 integ-alg sha-512-256 integ-key 736e6679474f49724c5a5150416f644e774d58746e6a6a6b7875437376727241654e4a634779644c59794e5470596650516677655973457362795a6c4d5a6251 esp
exec ipsec tunnel protect ipip9 sa-out 9 sa-in 100009 add
exec set interface ip address loop0 100.0.10.1/32
exec create ipip tunnel src 100.0.10.1 dst 200.0.0.2 p2p
exec ipsec sa add 10 spi 100010 crypto-alg aes-cbc-128 crypto-key 6a5073634d43706e4f5a67586b6a656d integ-alg sha-512-256 integ-key 5a456841634473717a5067636d627445794d734a5a5a4f4e4352664349426d68465161526c494370716e674c736448416c4f44635a4647466c65436e796d5553 esp
exec ipsec sa add 100010 spi 200010 crypto-alg aes-cbc-128 crypto-key 6a5073634d43706e4f5a67586b6a656d integ-alg sha-512-256 integ-key 5a456841634473717a5067636d627445794d734a5a5a4f4e4352664349426d68465161526c494370716e674c736448416c4f44635a4647466c65436e796d5553 esp
exec ipsec tunnel protect ipip10 sa-out 10 sa-in 100010 add
exec set interface unnumbered ipip0 use VirtualFunctionEthernet3b/5/1
exec set interface state ipip0 up
exec ip route add 20.0.0.0/32 via ipip0
exec set interface unnumbered ipip1 use VirtualFunctionEthernet3b/5/1
exec set interface state ipip1 up
exec ip route add 20.0.0.1/32 via ipip1
exec set interface unnumbered ipip2 use VirtualFunctionEthernet3b/5/1
exec set interface state ipip2 up
exec ip route add 20.0.0.2/32 via ipip2
exec set interface unnumbered ipip3 use VirtualFunctionEthernet3b/5/1
exec set interface state ipip3 up
exec ip route add 20.0.0.3/32 via ipip3
exec set interface unnumbered ipip4 use VirtualFunctionEthernet3b/5/1
exec set interface state ipip4 up
exec ip route add 20.0.0.4/32 via ipip4
exec set interface unnumbered ipip5 use VirtualFunctionEthernet3b/5/1
exec set interface state ipip5 up
exec ip route add 20.0.0.5/32 via ipip5
exec set interface unnumbered ipip6 use VirtualFunctionEthernet3b/5/1
exec set interface state ipip6 up
exec ip route add 20.0.0.6/32 via ipip6
exec set interface unnumbered ipip7 use VirtualFunctionEthernet3b/5/1
exec set interface state ipip7 up
exec ip route add 20.0.0.7/32 via ipip7
exec set interface unnumbered ipip8 use VirtualFunctionEthernet3b/5/1
exec set interface state ipip8 up
exec ip route add 20.0.0.8/32 via ipip8
exec set interface unnumbered ipip9 use VirtualFunctionEthernet3b/5/1
exec set interface state ipip9 up
exec ip route add 20.0.0.9/32 via ipip9
exec set interface unnumbered ipip10 use VirtualFunctionEthernet3b/5/1
exec set interface state ipip10 up
exec ip route add 20.0.0.10/32 via ipip10

2n1l-10ge2p1x710-ethip4ipsec1tnlsw-ip4base-int-aes128cbc-hmac512sha-scapy

2n1l-10ge2p1x710-ethip4ipsec1tnlsw-ip4base-int-aes128cbc-hmac512sha-scapy

IPv4 IPsec tunnel mode test suite.

  • [Top] Network topologies: TG-DUT1 2-node topology with one link between nodes.

  • [Cfg] DUT configuration: On DUT1 create loopback interface, configure loopback an physical interface IPv4 addresses, static ARP irecord, route and IPsec manual keyed connection in tunnel mode.

  • [Ver] TG verification: ETH-IP4 packet is sent from TG to DUT1. Packet is received on TG from DUT1.

  • [Ref] Applicable standard specifications: RFC4303.

 Test Name 

 VPP API Test Commands History - Commands Used Per Test Case 

 64b-0c-ethip4ipsec1tnlsw-ip4base- 
int-aes128cbc-hmac512sha-scapy

 DUT1:  
cli_inband(cmd=’show logging’)
show_version()
sw_interface_dump(name_filter_valid=False,name_filter=’’)
cli_inband(cmd=’trace add dpdk-input 50’)
cli_inband(cmd=’trace add vhost-user-input 50’)
cli_inband(cmd=’trace add memif-input 50’)
cli_inband(cmd=’trace add avf-input 50’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_add_del_address(sw_if_index=1,is_add=True,del_all=False,prefix={‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8nx01’}}})
ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 1, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:18’, ‘ip_address’: ‘192.168.10.2’})
ip_route_add_del(is_add=True,is_multipath=True,route={‘table_id’: 0, ‘prefix’: {‘len’: 8, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’nx00x00x00’}}}, ‘n_paths’: 1, ‘paths’: [{‘sw_if_index’: 1, ‘table_id’: 0, ‘rpf_id’: 4294967295, ‘weight’: 1, ‘preference’: 1, ‘type’: 0, ‘flags’: 0, ‘proto’: 0, ‘nh’: {‘address’: {‘ip4’: b’xc0xa8nx02’}, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘n_labels’: 0, ‘label_stack’: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]}]})
create_loopback_instance(mac_address=0,is_specified=False,user_instance=0)
sw_interface_set_flags(sw_if_index=3,flags=1)
sw_interface_add_del_address(sw_if_index=2,is_add=True,del_all=False,prefix={‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc8x00x00x01’}}})
ip_neighbor_add_del(is_add=1,neighbor={‘sw_if_index’: 2, ‘flags’: 1, ‘mac_address’: ‘ba:dc:0f:fe:00:19’, ‘ip_address’: ‘200.0.0.2’})
sw_interface_add_del_address(sw_if_index=3,is_add=True,del_all=False,prefix={‘len’: 32, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’dx00x00x01’}}})
ipip_add_tunnel(tunnel={‘instance’: 4294967295, ‘src’: {‘af’: 0, ‘un’: {‘ip4’: b’dx00x00x01’}}, ‘dst’: {‘af’: 0, ‘un’: {‘ip4’: b’xc8x00x00x02’}}, ‘table_id’: 0, ‘flags’: 0, ‘mode’: 0, ‘dscp’: 0})
ipsec_sad_entry_add_del_v3(is_add=True,entry={‘sad_id’: 0, ‘spi’: 100000, ‘protocol’: 50, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’OZgrEZXOapwwNYDL’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’ocXVFSHveuiOieLTbjRiebvVjMXufVAkjkaytxiTgbtBFhClheOljQTEfMzUjTgB’}, ‘flags’: 0, ‘tunnel’: {‘src’: 0, ‘dst’: 0, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘salt’: 0, ‘udp_src_port’: 65535, ‘udp_dst_port’: 65535})
ipsec_sad_entry_add_del_v3(is_add=True,entry={‘sad_id’: 100000, ‘spi’: 200000, ‘protocol’: 50, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’OZgrEZXOapwwNYDL’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’ocXVFSHveuiOieLTbjRiebvVjMXufVAkjkaytxiTgbtBFhClheOljQTEfMzUjTgB’}, ‘flags’: 64, ‘tunnel’: {‘src’: 0, ‘dst’: 0, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘salt’: 0, ‘udp_src_port’: 65535, ‘udp_dst_port’: 65535})
ipsec_tunnel_protect_update(tunnel={‘sw_if_index’: 4, ‘nh’: {‘address’: 0, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘sa_out’: 0, ‘n_sa_in’: 1, ‘sa_in’: [100000]})
sw_interface_set_unnumbered(is_add=True,sw_if_index=2,unnumbered_sw_if_index=4)
sw_interface_set_flags(sw_if_index=4,flags=1)
ip_route_add_del(is_add=1,is_multipath=0,route={‘table_id’: 0, ‘prefix’: {‘len’: 32, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’x14x00x00x00’}}}, ‘n_paths’: 1, ‘paths’: [{‘sw_if_index’: 4, ‘table_id’: 0, ‘rpf_id’: 4294967295, ‘weight’: 1, ‘preference’: 1, ‘type’: 0, ‘flags’: 0, ‘proto’: 0, ‘nh’: {‘address’: 0, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘n_labels’: 0, ‘label_stack’: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]}]})

2n1l-10ge2p1x710-ethip4ipsec1tnlsw-ip4base-policy-aes128cbc-hmac512sha-scapy

2n1l-10ge2p1x710-ethip4ipsec1tnlsw-ip4base-policy-aes128cbc-hmac512sha-scapy

IPv4 IPsec tunnel mode test suite.

  • [Top] Network topologies: TG-DUT1 2-node topology with one link between nodes.

  • [Cfg] DUT configuration: On DUT1 create loopback interface, configure loopback an physical interface IPv4 addresses, static ARP record, route and IPsec manual keyed connection in tunnel mode.

  • [Ver] TG verification: ESP packet is sent from TG to DUT1. ESP packet is received on TG from DUT1.

  • [Ref] Applicable standard specifications: RFC4303.

 Test Name 

 VPP API Test Commands History - Commands Used Per Test Case 

 64b-0c-ethip4ipsec1tnlsw-ip4base- 
policy-aes128cbc-hmac512sha-scapy

 DUT1:  
cli_inband(cmd=’show logging’)
show_version()
sw_interface_dump(name_filter_valid=False,name_filter=’’)
cli_inband(cmd=’trace add dpdk-input 50’)
cli_inband(cmd=’trace add vhost-user-input 50’)
cli_inband(cmd=’trace add memif-input 50’)
cli_inband(cmd=’trace add avf-input 50’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_add_del_address(sw_if_index=1,is_add=True,del_all=False,prefix={‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}})
sw_interface_add_del_address(sw_if_index=2,is_add=True,del_all=False,prefix={‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x03’}}})
ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 1, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:18’, ‘ip_address’: ‘192.168.100.2’})
ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 2, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:19’, ‘ip_address’: ‘192.168.4.4’})
ip_route_add_del(is_add=True,is_multipath=True,route={‘table_id’: 0, ‘prefix’: {‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x00’}}}, ‘n_paths’: 1, ‘paths’: [{‘sw_if_index’: 1, ‘table_id’: 0, ‘rpf_id’: 4294967295, ‘weight’: 1, ‘preference’: 1, ‘type’: 0, ‘flags’: 0, ‘proto’: 0, ‘nh’: {‘address’: {‘ip4’: b’xc0xa8dx02’}, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘n_labels’: 0, ‘label_stack’: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]}]})
ipsec_sad_entry_add_del_v3(is_add=True,entry={‘sad_id’: 10, ‘spi’: 1001, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’JGDYPNziSjjMLGLZ’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’SNDEUaOuBUqStKxqFqah4clWVnXSkD1ZpLYTlWe2nmmpUeG7MtiXB2tN1rUUOMHA’}, ‘flags’: 4, ‘tunnel’: {‘src’: ‘192.168.100.3’, ‘dst’: ‘192.168.100.2’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500})
ipsec_sad_entry_add_del_v3(is_add=True,entry={‘sad_id’: 20, ‘spi’: 1000, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’JGDYPNziSjjMLGLZ’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’SNDEUaOuBUqStKxqFqah4clWVnXSkD1ZpLYTlWe2nmmpUeG7MtiXB2tN1rUUOMHA’}, ‘flags’: 4, ‘tunnel’: {‘src’: ‘192.168.100.2’, ‘dst’: ‘192.168.100.3’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500})
ipsec_spd_add_del(is_add=True,spd_id=1)
ipsec_interface_add_del_spd(is_add=True,sw_if_index=1,spd_id=1)
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: False, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: True, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: False, ‘sa_id’: 20, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: True, ‘sa_id’: 10, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})

2n1l-10ge2p1x710-ethip4ipsec1tptsw-ip4base-policy-aes128cbc-hmac512sha-scapy

2n1l-10ge2p1x710-ethip4ipsec1tptsw-ip4base-policy-aes128cbc-hmac512sha-scapy

IPv4 IPsec transport mode test suite.

  • [Top] Network topologies: TG-DUT1 2-node topology with one link between nodes.

  • [Cfg] DUT configuration: On DUT1 create loopback interface, configure loopback an physical interface IPv4 addresses, static ARP record, route and IPsec manual keyed connection in transport mode.

  • [Ver] TG verification: ESP packet is sent from TG to DUT1. ESP packet is received on TG from DUT1.

  • [Ref] Applicable standard specifications: RFC4303.

 Test Name 

 VPP API Test Commands History - Commands Used Per Test Case 

 64b-0c-ethip4ipsec1tptsw-ip4base- 
policy-aes128cbc-hmac512sha-scapy

 DUT1:  
cli_inband(cmd=’show logging’)
show_version()
sw_interface_dump(name_filter_valid=False,name_filter=’’)
cli_inband(cmd=’trace add dpdk-input 50’)
cli_inband(cmd=’trace add vhost-user-input 50’)
cli_inband(cmd=’trace add memif-input 50’)
cli_inband(cmd=’trace add avf-input 50’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_add_del_address(sw_if_index=1,is_add=True,del_all=False,prefix={‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}})
sw_interface_add_del_address(sw_if_index=2,is_add=True,del_all=False,prefix={‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x03’}}})
ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 1, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:18’, ‘ip_address’: ‘192.168.100.2’})
ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 2, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:19’, ‘ip_address’: ‘192.168.4.4’})
ip_route_add_del(is_add=True,is_multipath=True,route={‘table_id’: 0, ‘prefix’: {‘len’: 24, ‘address’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x00’}}}, ‘n_paths’: 1, ‘paths’: [{‘sw_if_index’: 1, ‘table_id’: 0, ‘rpf_id’: 4294967295, ‘weight’: 1, ‘preference’: 1, ‘type’: 0, ‘flags’: 0, ‘proto’: 0, ‘nh’: {‘address’: {‘ip4’: b’xc0xa8dx02’}, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘n_labels’: 0, ‘label_stack’: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]}]})
ipsec_sad_entry_add_del_v3(is_add=True,entry={‘sad_id’: 10, ‘spi’: 1001, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’TSaf1lng3xZhjldy’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’78yNWae1m9leTgV6mTomthVYDKLf7WSsGupxLnrggufLCX6ISBcSVsiEyni1JLMy’}, ‘flags’: 0, ‘tunnel’: {‘src’: ‘’, ‘dst’: ‘’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500})
ipsec_sad_entry_add_del_v3(is_add=True,entry={‘sad_id’: 20, ‘spi’: 1000, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’TSaf1lng3xZhjldy’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’78yNWae1m9leTgV6mTomthVYDKLf7WSsGupxLnrggufLCX6ISBcSVsiEyni1JLMy’}, ‘flags’: 0, ‘tunnel’: {‘src’: ‘’, ‘dst’: ‘’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500})
ipsec_spd_add_del(is_add=True,spd_id=1)
ipsec_interface_add_del_spd(is_add=True,sw_if_index=1,spd_id=1)
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: False, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: True, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx02’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8dx03’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: False, ‘sa_id’: 20, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: True, ‘sa_id’: 10, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘remote_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x03x03’}}, ‘local_address_start’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘local_address_stop’: {‘af’: 0, ‘un’: {‘ip4’: b’xc0xa8x04x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})

ethip6

2n1l-10ge2p1x710-ethip6ipsec1tnlsw-ip6base-policy-aes128cbc-hmac512sha-scapy

2n1l-10ge2p1x710-ethip6ipsec1tnlsw-ip6base-policy-aes128cbc-hmac512sha-scapy

IPv6 IPsec tunnel mode test suite.

  • [Top] Network topologies: TG-DUT1 2-node topology with one link between nodes.

  • [Cfg] DUT configuration: On DUT1 create loopback interface, configure loopback an physical interface IPv6 addresses, static ARP record, route and IPsec manual keyed connection in tunnel mode.

  • [Ver] TG verification: ESP packet is sent from TG to DUT1. ESP packet is received on TG from DUT1.

  • [Ref] Applicable standard specifications: RFC4303.

 Test Name 

 VPP API Test Commands History - Commands Used Per Test Case 

 78b-0c-ethip6ipsec1tnlsw-ip6base- 
policy-aes128cbc-hmac512sha-scapy

 DUT1:  
cli_inband(cmd=’show logging’)
show_version()
sw_interface_dump(name_filter_valid=False,name_filter=’’)
cli_inband(cmd=’trace add dpdk-input 50’)
cli_inband(cmd=’trace add vhost-user-input 50’)
cli_inband(cmd=’trace add memif-input 50’)
cli_inband(cmd=’trace add avf-input 50’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_add_del_address(sw_if_index=1,is_add=True,del_all=False,prefix={‘len’: 64, ‘address’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}})
sw_interface_add_del_address(sw_if_index=2,is_add=True,del_all=False,prefix={‘len’: 64, ‘address’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x03’}}})
ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 1, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:18’, ‘ip_address’: ‘3ffe:5f::1’})
ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 2, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:19’, ‘ip_address’: ‘3ffe:60::4’})
ip_address_dump(sw_if_index=1,is_ipv6=True)
sw_interface_ip6nd_ra_config(sw_if_index=1,suppress=1)
ip_address_dump(sw_if_index=2,is_ipv6=True)
sw_interface_ip6nd_ra_config(sw_if_index=2,suppress=1)
ip_route_add_del(is_add=True,is_multipath=True,route={‘table_id’: 0, ‘prefix’: {‘len’: 128, ‘address’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}}, ‘n_paths’: 1, ‘paths’: [{‘sw_if_index’: 1, ‘table_id’: 0, ‘rpf_id’: 4294967295, ‘weight’: 1, ‘preference’: 1, ‘type’: 0, ‘flags’: 0, ‘proto’: 1, ‘nh’: {‘address’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘n_labels’: 0, ‘label_stack’: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]}]})
ipsec_sad_entry_add_del_v3(is_add=True,entry={‘sad_id’: 10, ‘spi’: 1001, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’i1aSTAoBZGBwMrDl’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’Cr2CDqB8SIGwAH7v5kNDJLJgEoZrtBb9T5xVuBMWw42qCJS9rQIqN2Hp2fu171oi’}, ‘flags’: 12, ‘tunnel’: {‘src’: ‘3ffe:5f::2’, ‘dst’: ‘3ffe:5f::1’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500})
ipsec_sad_entry_add_del_v3(is_add=True,entry={‘sad_id’: 20, ‘spi’: 1000, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’i1aSTAoBZGBwMrDl’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’Cr2CDqB8SIGwAH7v5kNDJLJgEoZrtBb9T5xVuBMWw42qCJS9rQIqN2Hp2fu171oi’}, ‘flags’: 12, ‘tunnel’: {‘src’: ‘3ffe:5f::1’, ‘dst’: ‘3ffe:5f::2’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500})
ipsec_spd_add_del(is_add=True,spd_id=1)
ipsec_interface_add_del_spd(is_add=True,sw_if_index=1,spd_id=1)
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: False, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: True, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: False, ‘sa_id’: 20, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: True, ‘sa_id’: 10, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})

2n1l-10ge2p1x710-ethip6ipsec1tptsw-ip6base-policy-aes128cbc-hmac512sha-scapy

2n1l-10ge2p1x710-ethip6ipsec1tptsw-ip6base-policy-aes128cbc-hmac512sha-scapy

IPv6 IPsec transport mode test suite.

  • [Top] Network topologies: TG-DUT1 2-node topology with one link between nodes.

  • [Cfg] DUT configuration: On DUT1 create loopback interface, configure loopback an physical interface IPv6 addresses, static ARP record, route and IPsec manual keyed connection in transport mode.

  • [Ver] TG verification: ESP packet is sent from TG to DUT1. ESP packet is received on TG from DUT1.

  • [Ref] Applicable standard specifications: RFC4303.

 Test Name 

 VPP API Test Commands History - Commands Used Per Test Case 

 78b-0c-ethip6ipsec1tptsw-ip6base- 
policy-aes128cbc-hmac512sha-scapy

 DUT1:  
cli_inband(cmd=’show logging’)
show_version()
sw_interface_dump(name_filter_valid=False,name_filter=’’)
cli_inband(cmd=’trace add dpdk-input 50’)
cli_inband(cmd=’trace add vhost-user-input 50’)
cli_inband(cmd=’trace add memif-input 50’)
cli_inband(cmd=’trace add avf-input 50’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_set_flags(sw_if_index=1,flags=1)
hw_interface_set_mtu(sw_if_index=1,mtu=9200)
sw_interface_set_flags(sw_if_index=2,flags=1)
hw_interface_set_mtu(sw_if_index=2,mtu=9200)
sw_interface_dump(name_filter_valid=False,name_filter=’’)
sw_interface_add_del_address(sw_if_index=1,is_add=True,del_all=False,prefix={‘len’: 64, ‘address’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}})
sw_interface_add_del_address(sw_if_index=2,is_add=True,del_all=False,prefix={‘len’: 64, ‘address’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x03’}}})
ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 1, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:18’, ‘ip_address’: ‘3ffe:5f::1’})
ip_neighbor_add_del(is_add=True,neighbor={‘sw_if_index’: 2, ‘flags’: 0, ‘mac_address’: ‘ba:dc:0f:fe:00:19’, ‘ip_address’: ‘3ffe:60::4’})
ip_address_dump(sw_if_index=1,is_ipv6=True)
sw_interface_ip6nd_ra_config(sw_if_index=1,suppress=1)
ip_address_dump(sw_if_index=2,is_ipv6=True)
sw_interface_ip6nd_ra_config(sw_if_index=2,suppress=1)
ip_route_add_del(is_add=True,is_multipath=True,route={‘table_id’: 0, ‘prefix’: {‘len’: 128, ‘address’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}}, ‘n_paths’: 1, ‘paths’: [{‘sw_if_index’: 1, ‘table_id’: 0, ‘rpf_id’: 4294967295, ‘weight’: 1, ‘preference’: 1, ‘type’: 0, ‘flags’: 0, ‘proto’: 1, ‘nh’: {‘address’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}, ‘via_label’: 1048576, ‘obj_id’: 4294967295}, ‘n_labels’: 0, ‘label_stack’: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]}]})
ipsec_sad_entry_add_del_v3(is_add=True,entry={‘sad_id’: 10, ‘spi’: 1001, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’AphQZma1oe1vKxTV’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’sESMjXb8VkCyuXkWYgHzPU1YyEwnFezfsobGk0lXJ3E31A2yKStsIuYcc995gyQz’}, ‘flags’: 0, ‘tunnel’: {‘src’: ‘’, ‘dst’: ‘’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500})
ipsec_sad_entry_add_del_v3(is_add=True,entry={‘sad_id’: 20, ‘spi’: 1000, ‘crypto_algorithm’: 1, ‘crypto_key’: {‘length’: 16, ‘data’: b’AphQZma1oe1vKxTV’}, ‘integrity_algorithm’: 6, ‘integrity_key’: {‘length’: 64, ‘data’: b’sESMjXb8VkCyuXkWYgHzPU1YyEwnFezfsobGk0lXJ3E31A2yKStsIuYcc995gyQz’}, ‘flags’: 0, ‘tunnel’: {‘src’: ‘’, ‘dst’: ‘’, ‘table_id’: 0, ‘encap_decap_flags’: 0, ‘dscp’: 0}, ‘protocol’: 50, ‘udp_src_port’: 4500, ‘udp_dst_port’: 4500})
ipsec_spd_add_del(is_add=True,spd_id=1)
ipsec_interface_add_del_spd(is_add=True,sw_if_index=1,spd_id=1)
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: False, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 100, ‘is_outbound’: True, ‘sa_id’: 0, ‘policy’: 0, ‘protocol’: 50, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x01’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00_x00x00x00x00x00x00x00x00x00x00x00x02’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: False, ‘sa_id’: 20, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})
ipsec_spd_entry_add_del(is_add=True,entry={‘spd_id’: 1, ‘priority’: 10, ‘is_outbound’: True, ‘sa_id’: 10, ‘policy’: 3, ‘protocol’: 0, ‘remote_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘remote_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00ax00x00x00x00x00x00x00x00x00x00x00x03’}}, ‘local_address_start’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘local_address_stop’: {‘af’: 1, ‘un’: {‘ip6’: b’?xfex00`x00x00x00x00x00x00x00x00x00x00x00x04’}}, ‘remote_port_start’: 0, ‘remote_port_stop’: 65535, ‘local_port_start’: 0, ‘local_port_stop’: 65535})