From 5ee0fec71da8384f7841d92a1a3ef529a69b5717 Mon Sep 17 00:00:00 2001 From: sarthurdev <965089+sarthurdev@users.noreply.github.com> Date: Sun, 13 Jun 2021 14:21:05 +0200 Subject: smoketest: ipsec: T1501: Use VLAN in smoketest to avoid lease from QEMU built-in DHCP server --- smoketest/scripts/cli/test_vpn_ipsec.py | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) (limited to 'smoketest/scripts/cli') diff --git a/smoketest/scripts/cli/test_vpn_ipsec.py b/smoketest/scripts/cli/test_vpn_ipsec.py index 820762fc2..627d73d5c 100755 --- a/smoketest/scripts/cli/test_vpn_ipsec.py +++ b/smoketest/scripts/cli/test_vpn_ipsec.py @@ -14,6 +14,7 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . +import os import unittest from base_vyostest_shim import VyOSUnitTestSHIM @@ -25,6 +26,8 @@ tunnel_path = ['interfaces', 'tunnel'] nhrp_path = ['protocols', 'nhrp'] base_path = ['vpn', 'ipsec'] +dhcp_waiting_file = '/tmp/ipsec_dhcp_waiting' + class TestVPNIPsec(VyOSUnitTestSHIM.TestCase): def tearDown(self): self.cli_delete(base_path) @@ -38,7 +41,7 @@ class TestVPNIPsec(VyOSUnitTestSHIM.TestCase): self.cli_delete(base_path) # Interface for dhcp-interface - self.cli_set(ethernet_path + ['eth0', 'address', 'dhcp']) + self.cli_set(ethernet_path + ['eth0', 'vif', '100', 'address', 'dhcp']) # Use VLAN to avoid getting IP from qemu dhcp server # Set IKE/ESP Groups self.cli_set(base_path + ["esp-group", "MyESPGroup", "proposal", "1", "encryption", "aes128"]) @@ -48,19 +51,21 @@ class TestVPNIPsec(VyOSUnitTestSHIM.TestCase): self.cli_set(base_path + ["ike-group", "MyIKEGroup", "proposal", "1", "hash", "sha1"]) # Site to site - self.cli_set(base_path + ["ipsec-interfaces", "interface", "eth0"]) + self.cli_set(base_path + ["ipsec-interfaces", "interface", "eth0.100"]) self.cli_set(base_path + ["site-to-site", "peer", "203.0.113.45", "authentication", "mode", "pre-shared-secret"]) self.cli_set(base_path + ["site-to-site", "peer", "203.0.113.45", "authentication", "pre-shared-secret", "MYSECRETKEY"]) self.cli_set(base_path + ["site-to-site", "peer", "203.0.113.45", "ike-group", "MyIKEGroup"]) self.cli_set(base_path + ["site-to-site", "peer", "203.0.113.45", "default-esp-group", "MyESPGroup"]) - self.cli_set(base_path + ["site-to-site", "peer", "203.0.113.45", "dhcp-interface", "eth0"]) + self.cli_set(base_path + ["site-to-site", "peer", "203.0.113.45", "dhcp-interface", "eth0.100"]) self.cli_set(base_path + ["site-to-site", "peer", "203.0.113.45", "tunnel", "1", "protocol", "gre"]) self.cli_commit() - ipsec_dhcp_waiting = read_file('/tmp/ipsec_dhcp_waiting') + self.assertTrue(os.path.exists(dhcp_waiting_file)) + + dhcp_waiting = read_file(dhcp_waiting_file) + self.assertIn('eth0.100', dhcp_waiting) # Ensure dhcp-failed interface was added for dhclient hook - self.assertIn('eth0', ipsec_dhcp_waiting) # Ensure dhcp-failed interface was added for dhclient hook self.assertTrue(process_named_running('charon')) # Commit should've still succeeded and launched charon def test_site_to_site(self): -- cgit v1.2.3