The userspace connection tracker doesn't support ALGs, frag reassembly or NAT yet, so skip those tests.
Also, connection tracking state input from a local port is not possible in userspace. Finally, the userspace datapath checks for the IPv4 header checksum, so fix those in the hardcoded packets. Signed-off-by: Daniele Di Proietto <diproiet...@vmware.com> Acked-by: Joe Stringer <j...@ovn.org> Acked-by: Flavio Leitner <f...@sysclose.org> --- tests/system-kmod-macros.at | 28 +++++++++++++++++++++++++ tests/system-ovn.at | 3 +++ tests/system-traffic.at | 32 +++++++++++++++++++++++++--- tests/system-userspace-macros.at | 45 +++++++++++++++++++++++++++++++++++++--- 4 files changed, 102 insertions(+), 6 deletions(-) diff --git a/tests/system-kmod-macros.at b/tests/system-kmod-macros.at index 2134db7..e1b5707 100644 --- a/tests/system-kmod-macros.at +++ b/tests/system-kmod-macros.at @@ -67,3 +67,31 @@ m4_define([CHECK_CONNTRACK], on_exit 'ovstest test-netlink-conntrack flush' ] ) + +# CHECK_CONNTRACK_ALG() +# +# Perform requirements checks for running conntrack ALG tests. The kernel +# supports ALG, so no check is needed. +# +m4_define([CHECK_CONNTRACK_ALG]) + +# CHECK_CONNTRACK_FRAG() +# +# Perform requirements checks for running conntrack fragmentations tests. +# The kernel always supports fragmentation, so no check is needed. +m4_define([CHECK_CONNTRACK_FRAG]) + +# CHECK_CONNTRACK_LOCAL_STACK() +# +# Perform requirements checks for running conntrack tests with local stack. +# The kernel always supports reading the connection state of an skb coming +# from an internal port, without an explicit ct() action, so no check is +# needed. +m4_define([CHECK_CONNTRACK_LOCAL_STACK]) + +# CHECK_CONNTRACK_NAT() +# +# Perform requirements checks for running conntrack NAT tests. The kernel +# always supports NAT, so no check is needed. +# +m4_define([CHECK_CONNTRACK_NAT]) diff --git a/tests/system-ovn.at b/tests/system-ovn.at index 2a94d68..b96b260 100755 --- a/tests/system-ovn.at +++ b/tests/system-ovn.at @@ -2,6 +2,7 @@ AT_SETUP([ovn -- 2 LRs connected via LS, gateway router, SNAT and DNAT]) AT_KEYWORDS([ovnnat]) CHECK_CONNTRACK() +CHECK_CONNTRACK_NAT() ovn_start OVS_TRAFFIC_VSWITCHD_START() ADD_BR([br-int]) @@ -172,6 +173,7 @@ AT_SETUP([ovn -- 2 LRs connected via LS, gateway router, easy SNAT]) AT_KEYWORDS([ovnnat]) CHECK_CONNTRACK() +CHECK_CONNTRACK_NAT() ovn_start OVS_TRAFFIC_VSWITCHD_START() ADD_BR([br-int]) @@ -277,6 +279,7 @@ AT_SETUP([ovn -- load-balancing]) AT_KEYWORDS([ovnlb]) CHECK_CONNTRACK() +CHECK_CONNTRACK_NAT() ovn_start OVS_TRAFFIC_VSWITCHD_START() ADD_BR([br-int]) diff --git a/tests/system-traffic.at b/tests/system-traffic.at index 1cdc2d2..5732d9b 100644 --- a/tests/system-traffic.at +++ b/tests/system-traffic.at @@ -510,13 +510,13 @@ AT_CAPTURE_FILE([ofctl_monitor.log]) AT_CHECK([ovs-ofctl monitor br0 65534 invalid_ttl --detach --no-chdir --pidfile 2> ofctl_monitor.log]) dnl Send an unsolicited reply from port 2. This should be dropped. -AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 2 ct\(table=0\) '50540000000a50540000000908004500001c00000000001100000a0101020a0101010002000100080000']) +AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 2 ct\(table=0\) '50540000000a50540000000908004500001c000000000011a4cd0a0101020a0101010002000100080000']) dnl OK, now start a new connection from port 1. -AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 1 ct\(commit\),controller '50540000000a50540000000908004500001c00000000001100000a0101010a0101020001000200080000']) +AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 1 ct\(commit\),controller '50540000000a50540000000908004500001c000000000011a4cd0a0101010a0101020001000200080000']) dnl Now try a reply from port 2. -AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 2 ct\(table=0\) '50540000000a50540000000908004500001c00000000001100000a0101020a0101010002000100080000']) +AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 2 ct\(table=0\) '50540000000a50540000000908004500001c000000000011a4cd0a0101020a0101010002000100080000']) dnl Check this output. We only see the latter two packets, not the first. AT_CHECK([cat ofctl_monitor.log], [0], [dnl @@ -906,6 +906,7 @@ AT_CLEANUP AT_SETUP([conntrack - multiple zones, local]) CHECK_CONNTRACK() +CHECK_CONNTRACK_LOCAL_STACK() OVS_TRAFFIC_VSWITCHD_START() ADD_NAMESPACES(at_ns0) @@ -953,6 +954,7 @@ AT_CLEANUP AT_SETUP([conntrack - multiple namespaces, internal ports]) CHECK_CONNTRACK() +CHECK_CONNTRACK_LOCAL_STACK() OVS_TRAFFIC_VSWITCHD_START( [set-fail-mode br0 secure -- ]) @@ -993,6 +995,7 @@ AT_CLEANUP AT_SETUP([conntrack - multi-stage pipeline, local]) CHECK_CONNTRACK() +CHECK_CONNTRACK_LOCAL_STACK() OVS_TRAFFIC_VSWITCHD_START() ADD_NAMESPACES(at_ns0) @@ -1382,6 +1385,7 @@ AT_CLEANUP AT_SETUP([conntrack - FTP]) AT_SKIP_IF([test $HAVE_PYFTPDLIB = no]) CHECK_CONNTRACK() +CHECK_CONNTRACK_ALG() OVS_TRAFFIC_VSWITCHD_START() ADD_NAMESPACES(at_ns0, at_ns1) @@ -1468,6 +1472,7 @@ AT_CLEANUP AT_SETUP([conntrack - IPv6 FTP]) AT_SKIP_IF([test $HAVE_PYFTPDLIB = no]) CHECK_CONNTRACK() +CHECK_CONNTRACK_ALG() OVS_TRAFFIC_VSWITCHD_START() ADD_NAMESPACES(at_ns0, at_ns1) @@ -1524,6 +1529,7 @@ AT_CLEANUP AT_SETUP([conntrack - FTP with multiple expectations]) AT_SKIP_IF([test $HAVE_PYFTPDLIB = no]) CHECK_CONNTRACK() +CHECK_CONNTRACK_ALG() OVS_TRAFFIC_VSWITCHD_START() ADD_NAMESPACES(at_ns0, at_ns1) @@ -1588,6 +1594,7 @@ AT_CLEANUP AT_SETUP([conntrack - IPv4 fragmentation ]) CHECK_CONNTRACK() +CHECK_CONNTRACK_FRAG() OVS_TRAFFIC_VSWITCHD_START() ADD_NAMESPACES(at_ns0, at_ns1) @@ -1621,6 +1628,7 @@ AT_CLEANUP AT_SETUP([conntrack - IPv4 fragmentation expiry]) CHECK_CONNTRACK() +CHECK_CONNTRACK_FRAG() OVS_TRAFFIC_VSWITCHD_START() ADD_NAMESPACES(at_ns0, at_ns1) @@ -1651,6 +1659,7 @@ AT_CLEANUP AT_SETUP([conntrack - IPv4 fragmentation + vlan]) CHECK_CONNTRACK() +CHECK_CONNTRACK_FRAG() OVS_TRAFFIC_VSWITCHD_START() ADD_NAMESPACES(at_ns0, at_ns1) @@ -1686,6 +1695,7 @@ AT_CLEANUP AT_SETUP([conntrack - IPv6 fragmentation]) CHECK_CONNTRACK() +CHECK_CONNTRACK_FRAG() OVS_TRAFFIC_VSWITCHD_START() ADD_NAMESPACES(at_ns0, at_ns1) @@ -1725,6 +1735,7 @@ AT_CLEANUP AT_SETUP([conntrack - IPv6 fragmentation expiry]) CHECK_CONNTRACK() +CHECK_CONNTRACK_FRAG() OVS_TRAFFIC_VSWITCHD_START() ADD_NAMESPACES(at_ns0, at_ns1) @@ -1765,6 +1776,7 @@ AT_CLEANUP AT_SETUP([conntrack - IPv6 fragmentation + vlan]) CHECK_CONNTRACK() +CHECK_CONNTRACK_FRAG() OVS_TRAFFIC_VSWITCHD_START() ADD_NAMESPACES(at_ns0, at_ns1) @@ -1808,6 +1820,7 @@ AT_CLEANUP AT_SETUP([conntrack - Fragmentation over vxlan]) OVS_CHECK_VXLAN() CHECK_CONNTRACK() +CHECK_CONNTRACK_FRAG() OVS_TRAFFIC_VSWITCHD_START() ADD_BR([br-underlay]) @@ -1859,6 +1872,7 @@ AT_CLEANUP AT_SETUP([conntrack - IPv6 Fragmentation over vxlan]) OVS_CHECK_VXLAN() CHECK_CONNTRACK() +CHECK_CONNTRACK_FRAG() OVS_TRAFFIC_VSWITCHD_START() ADD_BR([br-underlay]) @@ -1957,6 +1971,7 @@ AT_CLEANUP AT_SETUP([conntrack - simple SNAT]) CHECK_CONNTRACK() +CHECK_CONNTRACK_NAT() OVS_TRAFFIC_VSWITCHD_START() ADD_NAMESPACES(at_ns0, at_ns1) @@ -2003,6 +2018,7 @@ AT_CLEANUP AT_SETUP([conntrack - SNAT with port range]) CHECK_CONNTRACK() +CHECK_CONNTRACK_NAT() OVS_TRAFFIC_VSWITCHD_START() ADD_NAMESPACES(at_ns0, at_ns1) @@ -2050,6 +2066,7 @@ AT_CLEANUP AT_SETUP([conntrack - more complex SNAT]) CHECK_CONNTRACK() +CHECK_CONNTRACK_NAT() OVS_TRAFFIC_VSWITCHD_START() ADD_NAMESPACES(at_ns0, at_ns1) @@ -2101,6 +2118,7 @@ AT_CLEANUP AT_SETUP([conntrack - simple DNAT]) CHECK_CONNTRACK() +CHECK_CONNTRACK_NAT() OVS_TRAFFIC_VSWITCHD_START() ADD_NAMESPACES(at_ns0, at_ns1) @@ -2155,6 +2173,7 @@ AT_CLEANUP AT_SETUP([conntrack - more complex DNAT]) CHECK_CONNTRACK() +CHECK_CONNTRACK_NAT() OVS_TRAFFIC_VSWITCHD_START() ADD_NAMESPACES(at_ns0, at_ns1) @@ -2215,6 +2234,7 @@ AT_CLEANUP AT_SETUP([conntrack - ICMP related with NAT]) CHECK_CONNTRACK() +CHECK_CONNTRACK_NAT() OVS_TRAFFIC_VSWITCHD_START() ADD_NAMESPACES(at_ns0, at_ns1) @@ -2276,6 +2296,7 @@ AT_CLEANUP AT_SETUP([conntrack - FTP with NAT]) AT_SKIP_IF([test $HAVE_PYFTPDLIB = no]) CHECK_CONNTRACK() +CHECK_CONNTRACK_NAT() OVS_TRAFFIC_VSWITCHD_START() @@ -2357,6 +2378,7 @@ AT_CLEANUP AT_SETUP([conntrack - FTP with NAT 2]) AT_SKIP_IF([test $HAVE_PYFTPDLIB = no]) CHECK_CONNTRACK() +CHECK_CONNTRACK_NAT() OVS_TRAFFIC_VSWITCHD_START() ADD_NAMESPACES(at_ns0, at_ns1) @@ -2424,6 +2446,7 @@ AT_CLEANUP AT_SETUP([conntrack - IPv6 HTTP with NAT]) CHECK_CONNTRACK() +CHECK_CONNTRACK_NAT() OVS_TRAFFIC_VSWITCHD_START() ADD_NAMESPACES(at_ns0, at_ns1) @@ -2467,6 +2490,7 @@ AT_CLEANUP AT_SETUP([conntrack - IPv6 FTP with NAT]) AT_SKIP_IF([test $HAVE_PYFTPDLIB = no]) CHECK_CONNTRACK() +CHECK_CONNTRACK_NAT() OVS_TRAFFIC_VSWITCHD_START() ADD_NAMESPACES(at_ns0, at_ns1) @@ -2524,6 +2548,7 @@ AT_CLEANUP AT_SETUP([conntrack - DNAT load balancing]) CHECK_CONNTRACK() +CHECK_CONNTRACK_NAT() OVS_TRAFFIC_VSWITCHD_START() ADD_NAMESPACES(at_ns1, at_ns2, at_ns3, at_ns4) @@ -2610,6 +2635,7 @@ AT_CLEANUP AT_SETUP([conntrack - DNAT load balancing with NC]) CHECK_CONNTRACK() +CHECK_CONNTRACK_NAT() OVS_TRAFFIC_VSWITCHD_START() ADD_NAMESPACES(at_ns1, at_ns2, at_ns3, at_ns4, at_ns5) diff --git a/tests/system-userspace-macros.at b/tests/system-userspace-macros.at index c09a4aa..213425f 100644 --- a/tests/system-userspace-macros.at +++ b/tests/system-userspace-macros.at @@ -60,9 +60,48 @@ m4_define([CONFIGURE_VETH_OFFLOADS], # CHECK_CONNTRACK() # -# Perform requirements checks for running conntrack tests, and flush the -# kernel conntrack tables when the test is finished. +# Perform requirements checks for running conntrack tests. # m4_define([CHECK_CONNTRACK], - [AT_SKIP_IF(true)] + [AT_SKIP_IF([test $HAVE_PYTHON = no])] ) + +# CHECK_CONNTRACK_ALG() +# +# Perform requirements checks for running conntrack ALG tests. The userspace +# doesn't support ALGs yet, so skip the tests +# +m4_define([CHECK_CONNTRACK_ALG], +[ + AT_SKIP_IF([:]) +]) + +# CHECK_CONNTRACK_FRAG() +# +# Perform requirements checks for running conntrack fragmentations tests. +# The userspace doesn't support fragmentation yet, so skip the tests. +m4_define([CHECK_CONNTRACK_FRAG], +[ + AT_SKIP_IF([:]) +]) + +# CHECK_CONNTRACK_LOCAL_STACK() +# +# Perform requirements checks for running conntrack tests with local stack. +# While the kernel connection tracker automatically passes all the connection +# tracking state from an internal port to the OpenvSwitch kernel module, there +# is simply no way of doing that with the userspace, so skip the tests. +m4_define([CHECK_CONNTRACK_LOCAL_STACK], +[ + AT_SKIP_IF([:]) +]) + +# CHECK_CONNTRACK_NAT() +# +# Perform requirements checks for running conntrack NAT tests. The userspace +# doesn't support NATs yet, so skip the tests +# +m4_define([CHECK_CONNTRACK_NAT], +[ + AT_SKIP_IF([:]) +]) -- 2.8.1 _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev