From patchwork Thu Aug 2 00:35:56 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yi-Hung Wei X-Patchwork-Id: 952499 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=openvswitch.org (client-ip=140.211.169.12; helo=mail.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="f4wS9FFB"; dkim-atps=neutral Received: from mail.linuxfoundation.org (mail.linuxfoundation.org [140.211.169.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 41gs0s4mdlz9s3q for ; Thu, 2 Aug 2018 10:45:49 +1000 (AEST) Received: from mail.linux-foundation.org (localhost [127.0.0.1]) by mail.linuxfoundation.org (Postfix) with ESMTP id 7FB22E78; Thu, 2 Aug 2018 00:41:22 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@mail.linuxfoundation.org Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id E55ADE71 for ; Thu, 2 Aug 2018 00:41:20 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-pl0-f49.google.com (mail-pl0-f49.google.com [209.85.160.49]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id AE9897C1 for ; Thu, 2 Aug 2018 00:41:19 +0000 (UTC) Received: by mail-pl0-f49.google.com with SMTP id u11-v6so202864plq.5 for ; Wed, 01 Aug 2018 17:41:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=GG7Ofp/9TM1z6D9fY4Tk0yFAZsHNDh3uKv5prBpwzcU=; b=f4wS9FFBFZr/KytBiYPQ8NCYN1fQ+slb0joFc+qt7aU21g4kPJsv4FKLsYsYSKoLM3 hX3YwKDJn+7E5EkXh3RQchh6jLUIBlyBhk1GJZ6drIVedd5cBCylpnYls8unVdNugiyM AvHGXy9JovX218+t+2yKs9NP7BTkoLBTYZKtuKJrnGa/IXLDcNij4oy15L2Ixg09fN3p L2BqABi4UMGT/eVRVCB+g27rwVrVp7LkBdZrmmk++kkKzQD/iBybWEnEYunh4/rLD9dr ryHHCrdUVvQh/dL3U/KPOSrDSOLEg5Gj6fFUV6xu8V/HOaXfBCK9Jknq8kdh80oEOr9m BXPg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=GG7Ofp/9TM1z6D9fY4Tk0yFAZsHNDh3uKv5prBpwzcU=; b=LctvvmQlhT6WUn/McGB4WZnKY0N7ImkHypD7j7ZbJjb4ZOyIiE9VDxByhxTkqRwubS NTGNLrUhXpM0NVdzxZI7WH9HxiLw3MjkTN0gW7nKIfAm5fX0uV05VqLY6gQR2VmKdMAy 2IU0sdpdX7Jz3Y1j4MmWEQc2+6v5ObkovV74uhgNOPPMkX0Pe0EUlaQypvbSzsUFAiEy QG14DYi3E0NRxhE/f5YFXbipCqCrFR1/Y3HTRSOK8r3GRLzI/kZPbzdF5tWn4bIVWKK+ i3S520UiSl5/4bwnYRDuGkvkS1qxj16uWvRwFgK9o54rxOldyYx+iapUXbLP1UKkOv51 N9sg== X-Gm-Message-State: AOUpUlELFZx9kdG8td+YUWxah91WDyGXYePl3HzusWBSAMweNL9u0pX2 WfRDhMnEY7YmMIr25s54DqtBd5Qn X-Google-Smtp-Source: AAOMgpdCAQ+ukl0gt30IfT7+MqkLtYuDwK7ImRedz0IZY6UhuuR6U81CwKb62dZlCLwGjAHL2//uKw== X-Received: by 2002:a17:902:8a4:: with SMTP id 33-v6mr473534pll.82.1533170478841; Wed, 01 Aug 2018 17:41:18 -0700 (PDT) Received: from Husky.eng.vmware.com ([66.170.99.1]) by smtp.gmail.com with ESMTPSA id s73-v6sm328627pfi.154.2018.08.01.17.41.17 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 01 Aug 2018 17:41:17 -0700 (PDT) From: Yi-Hung Wei To: dev@openvswitch.org Date: Wed, 1 Aug 2018 17:35:56 -0700 Message-Id: <1533170156-769-12-git-send-email-yihung.wei@gmail.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1533170156-769-1-git-send-email-yihung.wei@gmail.com> References: <1533170156-769-1-git-send-email-yihung.wei@gmail.com> X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: [ovs-dev] [PATCH v2 11/11] system-traffic: Add conntrack per zoen limit test case X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: ovs-dev-bounces@openvswitch.org Errors-To: ovs-dev-bounces@openvswitch.org Signed-off-by: Yi-Hung Wei --- tests/system-traffic.at | 75 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 75 insertions(+) diff --git a/tests/system-traffic.at b/tests/system-traffic.at index cbd954257ae8..1e6bf1e75565 100644 --- a/tests/system-traffic.at +++ b/tests/system-traffic.at @@ -2918,6 +2918,81 @@ tcp,orig=(src=10.1.1.1,dst=10.1.1.2,sport=,dport=),reply=(src= OVS_TRAFFIC_VSWITCHD_STOP AT_CLEANUP +AT_SETUP([conntrack - limit by zone]) +CHECK_CONNTRACK() +CHECK_CT_DPIF_FLUSH_BY_CT_TUPLE() +OVS_TRAFFIC_VSWITCHD_START() + +ADD_NAMESPACES(at_ns0, at_ns1) + +ADD_VETH(p0, at_ns0, br0, "10.1.1.1/24") +ADD_VETH(p1, at_ns1, br0, "10.1.1.2/24") + +AT_DATA([flows.txt], [dnl +priority=1,action=drop +priority=10,arp,action=normal +priority=100,in_port=1,udp,action=ct(commit),2 +priority=100,in_port=2,udp,action=ct(zone=3,commit),1 +]) + +AT_CHECK([ovs-ofctl --bundle add-flows br0 flows.txt]) + +AT_CHECK([ovs-appctl dpctl/ct-set-limits default=10 zone=0,limit=5 zone=1,limit=15 zone=2,limit=3 zone=3,limit=3]) +AT_CHECK([ovs-appctl dpctl/ct-del-limits zone=1,2,4]) +AT_CHECK([ovs-appctl dpctl/ct-get-limits zone=0,1,2,3], [],[dnl +default_limit=10 zone=0,limit=5,count=0 zone=1,limit=10,count=0 zone=2,limit=10,count=0 zone=3,limit=3,count=0 +]) + +dnl Test UDP from port 1 +AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 "in_port=1 packet=50540000000a50540000000908004500001c000000000011a4cd0a0101010a0101020001000200080000 actions=resubmit(,0)"]) +AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 "in_port=1 packet=50540000000a50540000000908004500001c000000000011a4cd0a0101010a0101020001000300080000 actions=resubmit(,0)"]) +AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 "in_port=1 packet=50540000000a50540000000908004500001c000000000011a4cd0a0101010a0101020001000400080000 actions=resubmit(,0)"]) +AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 "in_port=1 packet=50540000000a50540000000908004500001c000000000011a4cd0a0101010a0101020001000500080000 actions=resubmit(,0)"]) +AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 "in_port=1 packet=50540000000a50540000000908004500001c000000000011a4cd0a0101010a0101020001000600080000 actions=resubmit(,0)"]) +AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 "in_port=1 packet=50540000000a50540000000908004500001c000000000011a4cd0a0101010a0101020001000700080000 actions=resubmit(,0)"]) +AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 "in_port=1 packet=50540000000a50540000000908004500001c000000000011a4cd0a0101010a0101020001000800080000 actions=resubmit(,0)"]) +AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 "in_port=1 packet=50540000000a50540000000908004500001c000000000011a4cd0a0101010a0101020001000900080000 actions=resubmit(,0)"]) +AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 "in_port=1 packet=50540000000a50540000000908004500001c000000000011a4cd0a0101010a0101020001000a00080000 actions=resubmit(,0)"]) + +AT_CHECK([ovs-appctl dpctl/ct-get-limits zone=0,1,2,3,4,5], [0], [dnl +default_limit=10 zone=0,limit=5,count=5 zone=1,limit=10,count=0 zone=2,limit=10,count=0 zone=3,limit=3,count=0 zone=4,limit=10,count=0 zone=5,limit=10,count=0 +]) + +dnl Test ct-get-limits for all zoens +AT_CHECK([ovs-appctl dpctl/ct-get-limits], [0], [dnl +default_limit=10 zone=0,limit=5,count=5 zone=3,limit=3,count=0 +]) + +AT_CHECK([ovs-appctl dpctl/dump-conntrack | grep "orig=.src=10\.1\.1\.1," | sort ], [0], [dnl +udp,orig=(src=10.1.1.1,dst=10.1.1.2,sport=1,dport=2),reply=(src=10.1.1.2,dst=10.1.1.1,sport=2,dport=1) +udp,orig=(src=10.1.1.1,dst=10.1.1.2,sport=1,dport=3),reply=(src=10.1.1.2,dst=10.1.1.1,sport=3,dport=1) +udp,orig=(src=10.1.1.1,dst=10.1.1.2,sport=1,dport=4),reply=(src=10.1.1.2,dst=10.1.1.1,sport=4,dport=1) +udp,orig=(src=10.1.1.1,dst=10.1.1.2,sport=1,dport=5),reply=(src=10.1.1.2,dst=10.1.1.1,sport=5,dport=1) +udp,orig=(src=10.1.1.1,dst=10.1.1.2,sport=1,dport=6),reply=(src=10.1.1.2,dst=10.1.1.1,sport=6,dport=1) +]) + +dnl Test UDP from port 2 +AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 "in_port=2 packet=50540000000a50540000000908004500001c000000000011a4cd0a0101030a0101040001000200080000 actions=resubmit(,0)"]) +AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 "in_port=2 packet=50540000000a50540000000908004500001c000000000011a4cd0a0101030a0101040001000300080000 actions=resubmit(,0)"]) +AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 "in_port=2 packet=50540000000a50540000000908004500001c000000000011a4cd0a0101030a0101040001000400080000 actions=resubmit(,0)"]) +AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 "in_port=2 packet=50540000000a50540000000908004500001c000000000011a4cd0a0101030a0101040001000500080000 actions=resubmit(,0)"]) +AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 "in_port=2 packet=50540000000a50540000000908004500001c000000000011a4cd0a0101030a0101040001000600080000 actions=resubmit(,0)"]) + +AT_CHECK([ovs-appctl dpctl/ct-get-limits zone=0,3], [0], [dnl +default_limit=10 zone=0,limit=5,count=5 zone=3,limit=3,count=3 +]) + +AT_CHECK([ovs-appctl dpctl/dump-conntrack | grep "orig=.src=10\.1\.1\.3," | sort ], [0], [dnl +udp,orig=(src=10.1.1.3,dst=10.1.1.4,sport=1,dport=2),reply=(src=10.1.1.4,dst=10.1.1.3,sport=2,dport=1),zone=3 +udp,orig=(src=10.1.1.3,dst=10.1.1.4,sport=1,dport=3),reply=(src=10.1.1.4,dst=10.1.1.3,sport=3,dport=1),zone=3 +udp,orig=(src=10.1.1.3,dst=10.1.1.4,sport=1,dport=4),reply=(src=10.1.1.4,dst=10.1.1.3,sport=4,dport=1),zone=3 +]) + +OVS_TRAFFIC_VSWITCHD_STOP(["dnl +/could not create datapath/d +/(Cannot allocate memory) on packet/d"]) +AT_CLEANUP + AT_SETUP([FTP - no conntrack]) AT_SKIP_IF([test $HAVE_FTP = no]) OVS_TRAFFIC_VSWITCHD_START()