7 files changed, 358 insertions, 0 deletions
diff --git a/tests/topotests/bgp_flowspec/__init__.py b/tests/topotests/bgp_flowspec/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/topotests/bgp_flowspec/__init__.py
diff --git a/tests/topotests/bgp_flowspec/exabgp.env b/tests/topotests/bgp_flowspec/exabgp.env
new file mode 100644
index 0000000..a328e04
--- /dev/null
+++ b/tests/topotests/bgp_flowspec/exabgp.env
@@ -0,0 +1,54 @@
+
+[exabgp.api]
+encoder = text
+highres = false
+respawn = false
+socket = ''
+
+[exabgp.bgp]
+openwait = 60
+
+[exabgp.cache]
+attributes = true
+nexthops = true
+
+[exabgp.daemon]
+daemonize = true
+pid = '/var/run/exabgp/exabgp.pid'
+user = 'exabgp'
+##daemonize = false
+
+[exabgp.log]
+all = false
+configuration = true
+daemon = true
+destination = '/var/log/exabgp.log'
+enable = true
+level = INFO
+message = false
+network = true
+packets = false
+parser = false
+processes = true
+reactor = true
+rib = false
+routes = false
+short = false
+timers = false
+
+[exabgp.pdb]
+enable = false
+
+[exabgp.profile]
+enable = false
+file = ''
+
+[exabgp.reactor]
+speed = 1.0
+
+[exabgp.tcp]
+acl = false
+bind = ''
+delay = 0
+once = false
+port = 179
diff --git a/tests/topotests/bgp_flowspec/peer1/exabgp.cfg b/tests/topotests/bgp_flowspec/peer1/exabgp.cfg
new file mode 100644
index 0000000..383a95b
--- /dev/null
+++ b/tests/topotests/bgp_flowspec/peer1/exabgp.cfg
@@ -0,0 +1,33 @@
+neighbor 10.0.1.1 {
+router-id 10.0.1.101;
+hold-time 10;
+local-address 10.0.1.101;
+local-as 100;
+peer-as 100;
+flow {
+route {
+match {
+source 1.1.1.2/32;
+destination 3.3.3.3/32;
+packet-length <200;
+}
+then {
+redirect 50.0.0.2;
+rate-limit 55;
+}
+}
+#end route 1
+route {
+match {
+source 1::2/128/0;
+destination 3::3/128/0;
+packet-length <200;
+}
+then {
+redirect 50::2;
+rate-limit 55;
+}
+}
+#end route 2
+}
+}
diff --git a/tests/topotests/bgp_flowspec/r1/bgpd.conf b/tests/topotests/bgp_flowspec/r1/bgpd.conf
new file mode 100644
index 0000000..4b7a20f
--- /dev/null
+++ b/tests/topotests/bgp_flowspec/r1/bgpd.conf
@@ -0,0 +1,19 @@
+!
+hostname r1
+password zebra
+log stdout debugging
+router bgp 100
+ bgp router-id 10.0.1.1
+ neighbor 10.0.1.101 remote-as 100
+ neighbor 10.0.1.101 timers 3 10
+ neighbor 10.0.1.101 update-source 10.0.1.1
+ address-family ipv6 flowspec
+  local-install r1-eth0
+  neighbor 10.0.1.101 activate
+ exit-address-family
+ address-family ipv4 flowspec
+  local-install r1-eth0
+  neighbor 10.0.1.101 activate
+ exit-address-family
+ !
+!
diff --git a/tests/topotests/bgp_flowspec/r1/summary.txt b/tests/topotests/bgp_flowspec/r1/summary.txt
new file mode 100644
index 0000000..82426f3
--- /dev/null
+++ b/tests/topotests/bgp_flowspec/r1/summary.txt
@@ -0,0 +1,50 @@
+{
+"ipv4Unicast":{
+  "routerId":"10.0.1.1",
+  "as":100,
+  "vrfName":"default",
+  "peerCount":1,
+  "peers":{
+    "10.0.1.101":{
+      "outq":0,
+      "inq":0,
+      "pfxRcd":0,
+      "pfxSnt":0,
+      "state":"Established"
+    }
+  },
+  "totalPeers":1
+},
+"ipv4Flowspec":{
+  "routerId":"10.0.1.1",
+  "as":100,
+  "vrfName":"default",
+  "peerCount":1,
+  "peers":{
+    "10.0.1.101":{
+      "outq":0,
+      "inq":0,
+      "pfxRcd":1,
+      "pfxSnt":0,
+      "state":"Established"
+    }
+  },
+  "totalPeers":1
+},
+"ipv6Flowspec":{
+  "routerId":"10.0.1.1",
+  "as":100,
+  "vrfName":"default",
+  "peerCount":1,
+  "peers":{
+    "10.0.1.101":{
+      "outq":0,
+      "inq":0,
+      "pfxRcd":1,
+      "pfxSnt":0,
+      "state":"Established"
+    }
+  },
+  "totalPeers":1
+}
+}
diff --git a/tests/topotests/bgp_flowspec/r1/zebra.conf b/tests/topotests/bgp_flowspec/r1/zebra.conf
new file mode 100644
index 0000000..4b103cb
--- /dev/null
+++ b/tests/topotests/bgp_flowspec/r1/zebra.conf
@@ -0,0 +1,9 @@
+!
+hostname r1
+password zebra
+ip table range 500 600
+interface r1-eth0
+ ip address 10.0.1.1/24
+ ipv6 address 1001::1/112
+!
+
diff --git a/tests/topotests/bgp_flowspec/test_bgp_flowspec_topo.py b/tests/topotests/bgp_flowspec/test_bgp_flowspec_topo.py
new file mode 100644
index 0000000..a2be859
--- /dev/null
+++ b/tests/topotests/bgp_flowspec/test_bgp_flowspec_topo.py
@@ -0,0 +1,193 @@
+#!/usr/bin/env python
+# SPDX-License-Identifier: ISC
+
+#
+# test_bgp_flowspec_topo.py
+# Part of NetDEF Topology Tests
+#
+# Copyright (c) 2019 by 6WIND
+#
+
+"""
+test_bgp_flowspec_topo.py: Test BGP topology with Flowspec EBGP peering
+
+
+                          +------+------+
+                          |    peer1    |
+                          | BGP peer 1  |
+                          |192.168.0.161|
+                          |             |
+                          +------+------+
+                        .2       | r1-eth0
+                                 |
+                           ~~~~~~~~~ 
+                      +---~~    s1   ~~------+
+                          ~~         ~~
+                            ~~~~~~~~~
+                                | 10.0.1.1 r1-eth0
+                                | 1001::1  r1-eth0
+                       +--------+--------+
+                       |    r1           |
+                       |BGP 192.168.0.162|
+                       |                 |
+                       |                 |
+                       |                 |
+                       +-----------------+
+
+"""
+
+import json
+import functools
+import os
+import sys
+import pytest
+
+# Save the Current Working Directory to find configuration files.
+CWD = os.path.dirname(os.path.realpath(__file__))
+sys.path.append(os.path.join(CWD, "../"))
+
+# pylint: disable=C0413
+# Import topogen and topotest helpers
+from lib import topotest
+from lib.topogen import Topogen, TopoRouter, get_topogen
+from lib.topolog import logger
+from lib.common_config import generate_support_bundle
+
+# Required to instantiate the topology builder class.
+
+
+pytestmark = [pytest.mark.bgpd]
+
+
+#####################################################
+##
+##   Network Topology Definition
+##
+#####################################################
+
+
+def build_topo(tgen):
+    tgen.add_router("r1")
+
+    # Setup Control Path Switch 1. r1-eth0
+    switch = tgen.add_switch("s1")
+    switch.add_link(tgen.gears["r1"])
+
+    ## Add eBGP ExaBGP neighbors
+    peer_ip = "10.0.1.101"  ## peer
+    peer_route = "via 10.0.1.1"  ## router
+    peer = tgen.add_exabgp_peer("peer1", ip=peer_ip, defaultRoute=peer_route)
+    switch.add_link(peer)
+
+
+#####################################################
+##
+##   Tests starting
+##
+#####################################################
+
+
+def setup_module(module):
+    tgen = Topogen(build_topo, module.__name__)
+
+    tgen.start_topology()
+    # check for zebra capability
+    router = tgen.gears["r1"]
+
+    # Get r1 reference and run Daemons
+    logger.info("Launching BGP and ZEBRA on r1")
+    router = tgen.gears["r1"]
+    router.load_config(
+        TopoRouter.RD_ZEBRA, os.path.join(CWD, "{}/zebra.conf".format("r1"))
+    )
+    router.load_config(
+        TopoRouter.RD_BGP, os.path.join(CWD, "{}/bgpd.conf".format("r1"))
+    )
+    router.start()
+
+    peer_list = tgen.exabgp_peers()
+    for pname, peer in peer_list.items():
+        peer_dir = os.path.join(CWD, pname)
+        env_file = os.path.join(CWD, "exabgp.env")
+        peer.start(peer_dir, env_file)
+        logger.info(pname)
+
+
+def teardown_module(module):
+    tgen = get_topogen()
+    tgen.stop_topology()
+
+
+def test_bgp_convergence():
+    "Test for BGP topology convergence"
+    tgen = get_topogen()
+
+    # Skip if previous fatal error condition is raised
+
+    if tgen.routers_have_failure():
+        pytest.skip(tgen.errors)
+
+    logger.info("waiting for bgp convergence")
+
+    # Expected result
+    router = tgen.gears["r1"]
+    reffile = os.path.join(CWD, "r1/summary.txt")
+
+    expected = json.loads(open(reffile).read())
+
+    test_func = functools.partial(
+        topotest.router_json_cmp, router, "show bgp summary json", expected
+    )
+    _, res = topotest.run_and_expect(test_func, None, count=210, wait=1)
+    assertmsg = "BGP router network did not converge"
+    if res is not None:
+        generate_support_bundle()
+        assert res is None, assertmsg
+    generate_support_bundle()
+
+
+def test_bgp_flowspec():
+    tgen = get_topogen()
+
+    # Skip if previous fatal error condition is raised
+    if tgen.routers_have_failure():
+        pytest.skip(tgen.errors)
+
+    router = tgen.gears["r1"]
+
+    logger.info("Check BGP FS entry for 3.3.3.3 with redirect IP")
+    output = router.vtysh_cmd(
+        "show bgp ipv4 flowspec 3.3.3.3", isjson=False, daemon="bgpd"
+    )
+    logger.info(output)
+    if (
+        "NH 50.0.0.2" not in output
+        or "FS:redirect IP" not in output
+        or "Packet Length < 200" not in output
+    ):
+        assertmsg = "traffic to 3.3.3.3 should have been detected as FS entry. NOK"
+        assert 0, assertmsg
+    else:
+        logger.info("Check BGP FS entry for 3.3.3.3 with redirect IP OK")
+
+    logger.info("Check BGP FS entry for 3::3 with redirect IP")
+    output = router.vtysh_cmd(
+        "show bgp ipv6 flowspec 3::3", isjson=False, daemon="bgpd"
+    )
+    logger.info(output)
+    if (
+        "NH 50::2" not in output
+        or "FS:redirect IP" not in output
+        or "Packet Length < 200" not in output
+    ):
+        assertmsg = "traffic to 3::3 should have been detected as FS entry. NOK"
+        assert 0, assertmsg
+    else:
+        logger.info("Check BGP FS entry for 3::3 with redirect IP OK")
+
+
+if __name__ == "__main__":
+    args = ["-s"] + sys.argv[1:]
+    ret = pytest.main(args)
+
+    sys.exit(ret)