diff options
| author | Christian Breunig <christian@breunig.cc> | 2024-02-28 20:56:54 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-02-28 20:56:54 +0100 |
| commit | 5896eacd12f16d1b9810b325c205179a1606c885 (patch) | |
| tree | 90f70d19c3c44f3671c1d77417308356fcbfd7f7 /smoketest/scripts/cli/test_vrf.py | |
| parent | fdfe194634f7a15c2299a3a3bffbe64fe578f466 (diff) | |
| parent | 88dfa47ded706ea53a7b10ed058ddd5023226896 (diff) | |
| download | vyos-1x-5896eacd12f16d1b9810b325c205179a1606c885.tar.gz vyos-1x-5896eacd12f16d1b9810b325c205179a1606c885.zip | |
Merge pull request #3059 from vyos/mergify/bp/sagitta/pr-3055
vrf: conntrack: T6073: Populate VRF zoning chains only while conntrack is required (backport #3055)
Diffstat (limited to 'smoketest/scripts/cli/test_vrf.py')
| -rwxr-xr-x | smoketest/scripts/cli/test_vrf.py | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/smoketest/scripts/cli/test_vrf.py b/smoketest/scripts/cli/test_vrf.py index 438387f2d..c96b8e374 100755 --- a/smoketest/scripts/cli/test_vrf.py +++ b/smoketest/scripts/cli/test_vrf.py @@ -529,5 +529,28 @@ class VRFTest(VyOSUnitTestSHIM.TestCase): self.assertNotIn(f' no ip nht resolve-via-default', frrconfig) self.assertNotIn(f' no ipv6 nht resolve-via-default', frrconfig) + def test_vrf_conntrack(self): + table = '1000' + nftables_rules = { + 'vrf_zones_ct_in': ['ct original zone set iifname map @ct_iface_map'], + 'vrf_zones_ct_out': ['ct original zone set oifname map @ct_iface_map'] + } + + self.cli_set(base_path + ['name', 'blue', 'table', table]) + self.cli_commit() + + # Conntrack rules should not be present + for chain, rule in nftables_rules.items(): + self.verify_nftables_chain(rule, 'inet vrf_zones', chain, inverse=True) + + self.cli_set(['nat']) + self.cli_commit() + + # Conntrack rules should now be present + for chain, rule in nftables_rules.items(): + self.verify_nftables_chain(rule, 'inet vrf_zones', chain, inverse=False) + + self.cli_delete(['nat']) + if __name__ == '__main__': unittest.main(verbosity=2) |