summaryrefslogtreecommitdiff
path: root/smoketest
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-08-19 18:14:13 +0200
committerChristian Poessinger <christian@poessinger.com>2021-08-21 15:26:35 +0200
commitb7bfcb6ef0e712bb8c39241051e716a833b2ffe8 (patch)
tree6bc7ae43df3fd7e20976dad68cf98a856b236cab /smoketest
parent6bd780887c0e13dc9272ec499ebc6f01cfaf7ea6 (diff)
downloadvyos-1x-b7bfcb6ef0e712bb8c39241051e716a833b2ffe8.tar.gz
vyos-1x-b7bfcb6ef0e712bb8c39241051e716a833b2ffe8.zip
interfaces: T3090: migrate adjust-mss from "firewall options" to "interface" level
Getting rid of "set firewall options" and move it from: set firewall options interface ethX adjust-mss 1400 set firewall options interface ethX adjust-mss6 1400 to: set interfaces ethernet ethX ip adjust-mss 1400 set interfaces ethernet ethX ipv6 adjust-mss 1400 In addition add an extra option called clamp-mss-to-pmtu instead of a value.
Diffstat (limited to 'smoketest')
-rw-r--r--smoketest/scripts/cli/base_interfaces_test.py22
1 files changed, 20 insertions, 2 deletions
diff --git a/smoketest/scripts/cli/base_interfaces_test.py b/smoketest/scripts/cli/base_interfaces_test.py
index 7f69b8444..63f742a8d 100644
--- a/smoketest/scripts/cli/base_interfaces_test.py
+++ b/smoketest/scripts/cli/base_interfaces_test.py
@@ -556,13 +556,16 @@ class BasicInterfaceTest:
if not self._test_ip:
self.skipTest('not supported')
+ arp_tmo = '300'
+ mss = '1420'
+
for interface in self._interfaces:
- arp_tmo = '300'
path = self._base_path + [interface]
for option in self._options.get(interface, []):
self.cli_set(path + option.split())
# Options
+ self.cli_set(path + ['ip', 'adjust-mss', mss])
self.cli_set(path + ['ip', 'arp-cache-timeout', arp_tmo])
self.cli_set(path + ['ip', 'disable-arp-filter'])
self.cli_set(path + ['ip', 'disable-forwarding'])
@@ -576,6 +579,12 @@ class BasicInterfaceTest:
self.cli_commit()
for interface in self._interfaces:
+ base_options = f'-A FORWARD -o {interface} -p tcp -m tcp --tcp-flags SYN,RST SYN'
+ out = cmd('sudo iptables-save -t mangle')
+ for line in out.splitlines():
+ if line.startswith(base_options):
+ self.assertIn(f'--set-mss {mss}', line)
+
tmp = read_file(f'/proc/sys/net/ipv4/neigh/{interface}/base_reachable_time_ms')
self.assertEqual(tmp, str((int(arp_tmo) * 1000))) # tmo value is in milli seconds
@@ -607,19 +616,28 @@ class BasicInterfaceTest:
if not self._test_ipv6:
self.skipTest('not supported')
+ mss = '1400'
+ dad_transmits = '10'
+
for interface in self._interfaces:
- dad_transmits = '10'
path = self._base_path + [interface]
for option in self._options.get(interface, []):
self.cli_set(path + option.split())
# Options
+ self.cli_set(path + ['ipv6', 'adjust-mss', mss])
self.cli_set(path + ['ipv6', 'disable-forwarding'])
self.cli_set(path + ['ipv6', 'dup-addr-detect-transmits', dad_transmits])
self.cli_commit()
for interface in self._interfaces:
+ base_options = f'-A FORWARD -o {interface} -p tcp -m tcp --tcp-flags SYN,RST SYN'
+ out = cmd('sudo ip6tables-save -t mangle')
+ for line in out.splitlines():
+ if line.startswith(base_options):
+ self.assertIn(f'--set-mss {mss}', line)
+
tmp = read_file(f'/proc/sys/net/ipv6/conf/{interface}/forwarding')
self.assertEqual('0', tmp)