renderers/ofoverlay/src/test/java/org/opendaylight/groupbasedpolicy/renderer/ofoverlay/mapper/portsecurity/PortSecurityFlowsTest.java

   1 package org.opendaylight.groupbasedpolicy.renderer.ofoverlay.mapper.portsecurity;
   2
   3 import org.junit.Before;
   4 import org.junit.Test;
   5 import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.OfWriter;
   6 import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowIdUtils;
   7 import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils;
   8 import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.mapper.MapperUtilsTest;
   9 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpAddress;
  10 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv4Address;
  11 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv4Prefix;
  12 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv6Prefix;
  13 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.MacAddress;
  14 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.FlowId;
  15 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.tables.table.Flow;
  16 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.flow.InstructionsBuilder;
  17 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.flow.Match;
  18 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.flow.MatchBuilder;
  19 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.instruction.list.Instruction;
  20 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.instruction.list.InstructionBuilder;
  21 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint.rev140421.endpoints.Endpoint;
  22 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.forwarding.context.L2FloodDomain;
  23 import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.NodeConnectorId;
  24 import org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.layer._3.match.ArpMatchBuilder;
  25 import org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.layer._3.match.Ipv4MatchBuilder;
  26 import org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.layer._3.match.Ipv6MatchBuilder;
  27
  28 import java.util.ArrayList;
  29 import java.util.List;
  30
  31 import static org.mockito.Mockito.*;
  32
  33 public class PortSecurityFlowsTest extends MapperUtilsTest {
  34
  35     private static final String L3 = "L3";
  36     private static final String DHCP = "dhcp";
  37     private PortSecurityFlows flows;
  38
  39     @Before
  40     public void init() {
  41         tableId = 0;
  42         ofWriter = mock(OfWriter.class);
  43         flows = new PortSecurityFlows(NODE_ID, tableId);
  44     }
  45
  46     @Test
  47     public void testDropFlow_noEthertype() {
  48         Flow testFlow = buildFlow(new FlowId(DROP_ALL), tableId, 100, null, FlowUtils.dropInstructions()).build();
  49
  50         flows.dropFlow(100, null, ofWriter);
  51         verify(ofWriter, times(1)).writeFlow(NODE_ID, tableId, testFlow);
  52     }
  53
  54     @Test
  55     public void testDropFlow_ipV4Ethertype() {
  56         MatchBuilder matchBuilder = new MatchBuilder();
  57         matchBuilder.setEthernetMatch(FlowUtils.ethernetMatch(null, null, FlowUtils.IPv4));
  58         Match match = matchBuilder.build();
  59         Flow testFlow = buildFlow(FlowIdUtils.newFlowId(tableId, DROP, match), tableId, 100, match,
  60                 FlowUtils.dropInstructions()).build();
  61
  62         flows.dropFlow(100, FlowUtils.IPv4, ofWriter);
  63         verify(ofWriter, times(1)).writeFlow(NODE_ID, tableId, testFlow);
  64     }
  65
  66     @Test
  67     public void testDropFlow_ipV6Ethertype() {
  68         MatchBuilder matchBuilder = new MatchBuilder();
  69         matchBuilder.setEthernetMatch(FlowUtils.ethernetMatch(null, null, FlowUtils.IPv6));
  70         Match match = matchBuilder.build();
  71         Flow testFlow = buildFlow(FlowIdUtils.newFlowId(tableId, DROP, match), tableId, 100, match,
  72                 FlowUtils.dropInstructions()).build();
  73
  74         flows.dropFlow(100, FlowUtils.IPv6, ofWriter);
  75         verify(ofWriter, times(1)).writeFlow(NODE_ID, tableId, testFlow);
  76     }
  77
  78     @Test
  79     public void testDropFlow_arpEthertype() {
  80         MatchBuilder matchBuilder = new MatchBuilder();
  81         matchBuilder.setEthernetMatch(FlowUtils.ethernetMatch(null, null, FlowUtils.ARP));
  82         Match match = matchBuilder.build();
  83         Flow testFlow = buildFlow(FlowIdUtils.newFlowId(tableId, DROP, match), tableId, 100, match,
  84                 FlowUtils.dropInstructions()).build();
  85
  86         flows.dropFlow(100, FlowUtils.ARP, ofWriter);
  87         verify(ofWriter, times(1)).writeFlow(NODE_ID, tableId, testFlow);
  88     }
  89
  90     @Test
  91     public void testFlowAllowFromTunnel_vxLan() {
  92         final int VXLAN_PORT = 0;
  93         MatchBuilder matchBuilder = new MatchBuilder();
  94         matchBuilder.setInPort(new NodeConnectorId(String.valueOf(VXLAN_PORT)));
  95         Match match = matchBuilder.build();
  96         Flow testFlow = buildFlow(FlowIdUtils.newFlowId(tableId, ALLOW, match), tableId, 300, match,
  97                 FlowUtils.gotoTableInstructions((short) 2)).build();
  98
  99         flows.allowFromTunnelFlow((short) 2, 300, new NodeConnectorId(CONNECTOR_0), ofWriter);
 100         verify(ofWriter, times(1)).writeFlow(NODE_ID, tableId, testFlow);
 101
 102     }
 103
 104     @Test
 105     public void testFlowAllowFromTunnel_vxLanGpe() {
 106         final int VXLAN_PORT = 1;
 107         MatchBuilder matchBuilder = new MatchBuilder();
 108         matchBuilder.setInPort(new NodeConnectorId(String.valueOf(VXLAN_PORT)));
 109         Match match = matchBuilder.build();
 110         Flow testFlow = buildFlow(FlowIdUtils.newFlowId(tableId, ALLOW, match), tableId, 300, match,
 111                 FlowUtils.gotoTableInstructions((short) 2)).build();
 112
 113         flows.allowFromTunnelFlow((short) 2, 300, new NodeConnectorId(CONNECTOR_1), ofWriter);
 114         verify(ofWriter, times(1)).writeFlow(NODE_ID, tableId, testFlow);
 115
 116     }
 117
 118     @Test
 119     public void testL3flow_ipv4() {
 120         Endpoint testEp = buildEndpoint(IPV4_0, MAC_0, CONNECTOR_0).build();
 121
 122         MatchBuilder matchBuilder = new MatchBuilder();
 123         matchBuilder.setEthernetMatch(FlowUtils.ethernetMatch(MAC_0, null, FlowUtils.IPv4))
 124                 .setLayer3Match(new Ipv4MatchBuilder()
 125                         .setIpv4Source(new Ipv4Prefix(IPV4_0.getValue() + IP_PREFIX_32)).build())
 126                 .setInPort(new NodeConnectorId(CONNECTOR_0));
 127         Match match = matchBuilder.build();
 128
 129         Flow testFlow = buildFlow(FlowIdUtils.newFlowId(tableId, L3, match), tableId, 100, match,
 130                 FlowUtils.gotoTableInstructions((short) 2)).build();
 131
 132         flows.l3Flow((short) 2, testEp, new NodeConnectorId(CONNECTOR_0), new MacAddress(MAC_0), 100, false, ofWriter);
 133         verify(ofWriter, times(1)).writeFlow(NODE_ID, tableId, testFlow);
 134     }
 135
 136     @Test
 137     public void testL3flow_ipv4Arp() {
 138         Endpoint testEp = buildEndpoint(IPV4_0, MAC_1, CONNECTOR_1).build();
 139
 140         MatchBuilder matchBuilder = new MatchBuilder();
 141         matchBuilder.setEthernetMatch(FlowUtils.ethernetMatch(MAC_1, null, FlowUtils.ARP))
 142                 .setLayer3Match(new ArpMatchBuilder().setArpSourceTransportAddress(new Ipv4Prefix(IPV4_0.getValue()
 143                         + IP_PREFIX_32)).build())
 144                 .setInPort(new NodeConnectorId(CONNECTOR_1));
 145         Match match = matchBuilder.build();
 146
 147         Flow testFlow = buildFlow(FlowIdUtils.newFlowId(tableId, L3, match), tableId, 100, match,
 148                 FlowUtils.gotoTableInstructions((short) 2)).build();
 149
 150         flows.l3Flow((short) 2, testEp, new NodeConnectorId(CONNECTOR_1), new MacAddress(MAC_1), 100, true, ofWriter);
 151         verify(ofWriter, times(1)).writeFlow(NODE_ID, tableId, testFlow);
 152     }
 153
 154     @Test
 155     public void testL3flow_ipv6() {
 156         Endpoint testEp = buildEndpoint(IPV6_1, MAC_0, CONNECTOR_0).build();
 157
 158         MatchBuilder matchBuilder = new MatchBuilder();
 159         matchBuilder.setEthernetMatch(FlowUtils.ethernetMatch(MAC_0, null, FlowUtils.IPv6))
 160                 .setLayer3Match(new Ipv6MatchBuilder()
 161                         .setIpv6Source(new Ipv6Prefix(IPV6_1.getValue() + IP_PREFIX_128)).build())
 162                 .setInPort(new NodeConnectorId(CONNECTOR_0));
 163         Match match = matchBuilder.build();
 164
 165         Flow testFlow = buildFlow(FlowIdUtils.newFlowId(tableId, L3, match), tableId, 100, match,
 166                 FlowUtils.gotoTableInstructions((short) 2)).build();
 167
 168         flows.l3Flow((short) 2, testEp, new NodeConnectorId(CONNECTOR_0), new MacAddress(MAC_0), 100, false, ofWriter);
 169         verify(ofWriter, times(1)).writeFlow(NODE_ID, tableId, testFlow);
 170     }
 171
 172     @Test
 173     public void testL3flow_ipv6Arp() {
 174         Endpoint testEp = buildEndpoint(IPV6_1, MAC_1, CONNECTOR_1).build();
 175
 176         flows.l3Flow((short) 2, testEp, new NodeConnectorId(CONNECTOR_1), new MacAddress(MAC_1), 100, true, ofWriter);
 177         verifyZeroInteractions(ofWriter);
 178     }
 179
 180     @Test
 181     public void testL3DhcpDoraFlow() {
 182         IpAddress ipAddress = new IpAddress(new Ipv4Address("255.255.255.255"));
 183         MacAddress macAddress = new MacAddress(MAC_1);
 184         NodeConnectorId connectorId = new NodeConnectorId(CONNECTOR_1);
 185
 186         MatchBuilder matchBuilder = new MatchBuilder();
 187         matchBuilder.setEthernetMatch(FlowUtils.ethernetMatch(macAddress, null, FlowUtils.IPv4))
 188                 .setLayer3Match(new Ipv4MatchBuilder()
 189                         .setIpv4Destination(new Ipv4Prefix(ipAddress.getIpv4Address().getValue() + IP_PREFIX_32)).build())
 190                 .setInPort(connectorId);
 191         Match match = matchBuilder.build();
 192
 193         Flow testFlow = buildFlow(FlowIdUtils.newFlowId(tableId, DHCP, match), tableId, 50, match,
 194                 FlowUtils.gotoTableInstructions((short) 2)).build();
 195
 196         flows.l3DhcpDoraFlow((short) 2, new NodeConnectorId(CONNECTOR_1), new MacAddress(MAC_1), 50, ofWriter);
 197         verify(ofWriter, times(1)).writeFlow(NODE_ID, tableId, testFlow);
 198     }
 199
 200     @Test
 201     public void testL2Flow() {
 202         MacAddress macAddress = new MacAddress(MAC_0);
 203         NodeConnectorId connectorId = new NodeConnectorId(CONNECTOR_0);
 204
 205         MatchBuilder matchBuilder = new MatchBuilder();
 206         matchBuilder.setEthernetMatch(FlowUtils.ethernetMatch(macAddress, null, null))
 207                 .setInPort(connectorId);
 208         Match match = matchBuilder.build();
 209
 210         Flow testFlow = buildFlow(FlowIdUtils.newFlowId(tableId, L2, match), tableId, 100, match,
 211                 FlowUtils.gotoTableInstructions((short) 2)).build();
 212
 213         flows.l2flow((short) 2, new NodeConnectorId(CONNECTOR_0), new MacAddress(MAC_0), 100, ofWriter);
 214         verify(ofWriter, times(1)).writeFlow(NODE_ID, tableId, testFlow);
 215     }
 216
 217     @Test
 218     public void testPopVlanTagsOnExternalPortFlow() {
 219         NodeConnectorId connectorId = new NodeConnectorId(CONNECTOR_0);
 220         MatchBuilder matchBuilder = new MatchBuilder();
 221         matchBuilder.setVlanMatch(FlowUtils.vlanMatch(1, true))
 222                 .setInPort(connectorId);
 223         Match match = matchBuilder.build();
 224
 225         List<Instruction> instructions = new ArrayList<>();
 226         instructions.add(FlowUtils.popVlanInstruction(0));
 227         instructions.add(new InstructionBuilder().setOrder(1)
 228                 .setInstruction(FlowUtils.gotoTableIns((short) 0))
 229                 .build());
 230         InstructionsBuilder instructionsBuilder = new InstructionsBuilder();
 231         instructionsBuilder.setInstruction(instructions);
 232
 233         List<L2FloodDomain> l2FloodDomains = getL2FloodDomainList(false);
 234
 235         Flow testFlow = buildFlow(FlowIdUtils.newFlowId(tableId, "allowExternalPopVlan", match), tableId, 200, match,
 236                 instructionsBuilder.build()).build();
 237
 238         flows.popVlanTagsOnExternalPortFlows((short) 0, connectorId, l2FloodDomains, 200, ofWriter);
 239         verify(ofWriter, times(1)).writeFlow(NODE_ID, tableId, testFlow);
 240     }
 241
 242     @Test
 243     public void testAllowFromExternalPortFlow() {
 244         NodeConnectorId connectorId = new NodeConnectorId(CONNECTOR_0);
 245
 246         MatchBuilder matchBuilder = new MatchBuilder();
 247         matchBuilder.setInPort(connectorId);
 248         Match match = matchBuilder.build();
 249
 250         Flow testFlow = buildFlow(FlowIdUtils.newFlowId(tableId, "allowExternal", match), tableId, 250, match,
 251                 FlowUtils.gotoTableInstructions((short) 2)).build();
 252         flows.allowFromExternalPortFlow((short) 2, connectorId, 250, ofWriter);
 253         verify(ofWriter, times(1)).writeFlow(NODE_ID, tableId, testFlow);
 254     }
 255 }