Increase default packet count to 3 in assert_ping
One packet is typically not enough to determine if an IP is responding since the first could get dropped during ARP resolution. Change the default to 3 since that should be sufficient. Also, some callers were specifying a timeout of 5 seconds, which isn't all that useful since if the packet never made it out, waiting longer isn't going to help. Let them use the default of 1. Change-Id: I9c32b7840522fb8e1ce0ea1b2361f5d35e008aae
This commit is contained in:
parent
1987d30416
commit
8ec680b668
|
@ -98,7 +98,7 @@ def set_namespace_gateway(port_dev, gateway_ip):
|
|||
port_dev.route.add_gateway(gateway_ip)
|
||||
|
||||
|
||||
def assert_ping(src_namespace, dst_ip, timeout=1, count=1):
|
||||
def assert_ping(src_namespace, dst_ip, timeout=1, count=3):
|
||||
ipversion = netaddr.IPAddress(dst_ip).version
|
||||
ping_command = 'ping' if ipversion == 4 else 'ping6'
|
||||
ns_ip_wrapper = ip_lib.IPWrapper(src_namespace)
|
||||
|
|
|
@ -965,8 +965,8 @@ class TestDvrRouter(framework.L3AgentTestFramework):
|
|||
'scope1', 'scope1')
|
||||
# Internal networks that are in the same address scope can connected
|
||||
# each other
|
||||
net_helpers.assert_ping(test_machine1.namespace, test_machine2.ip, 5)
|
||||
net_helpers.assert_ping(test_machine2.namespace, test_machine1.ip, 5)
|
||||
net_helpers.assert_ping(test_machine1.namespace, test_machine2.ip)
|
||||
net_helpers.assert_ping(test_machine2.namespace, test_machine1.ip)
|
||||
|
||||
def test_connection_from_diff_address_scope(self):
|
||||
self.agent.conf.agent_mode = 'dvr_snat'
|
||||
|
@ -1001,8 +1001,8 @@ class TestDvrRouter(framework.L3AgentTestFramework):
|
|||
src_machine = self.useFixture(
|
||||
machine_fixtures.FakeMachine(br_ex, '19.4.4.12/24'))
|
||||
# Floating ip should work no matter of address scope
|
||||
net_helpers.assert_ping(src_machine.namespace, fip_same_scope, 5)
|
||||
net_helpers.assert_ping(src_machine.namespace, fip_diff_scope, 5)
|
||||
net_helpers.assert_ping(src_machine.namespace, fip_same_scope)
|
||||
net_helpers.assert_ping(src_machine.namespace, fip_diff_scope)
|
||||
|
||||
def test_direct_route_for_address_scope(self):
|
||||
self.agent.conf.agent_mode = 'dvr_snat'
|
||||
|
@ -1018,8 +1018,7 @@ class TestDvrRouter(framework.L3AgentTestFramework):
|
|||
machine_fixtures.FakeMachine(br_ex, '19.4.4.12/24', gw_ip))
|
||||
# For the internal networks that are in the same address scope as
|
||||
# external network, they can directly route to external network
|
||||
net_helpers.assert_ping(
|
||||
src_machine.namespace, machine_same_scope.ip, 5)
|
||||
net_helpers.assert_ping(src_machine.namespace, machine_same_scope.ip)
|
||||
# For the internal networks that are not in the same address scope as
|
||||
# external networks. SNAT will be used. Direct route will not work
|
||||
# here.
|
||||
|
|
|
@ -341,8 +341,8 @@ class L3AgentTestCase(framework.L3AgentTestFramework):
|
|||
'scope1', 'scope1')
|
||||
# Internal networks that are in the same address scope can connected
|
||||
# each other
|
||||
net_helpers.assert_ping(test_machine1.namespace, test_machine2.ip, 5)
|
||||
net_helpers.assert_ping(test_machine2.namespace, test_machine1.ip, 5)
|
||||
net_helpers.assert_ping(test_machine1.namespace, test_machine2.ip)
|
||||
net_helpers.assert_ping(test_machine2.namespace, test_machine1.ip)
|
||||
|
||||
def test_connection_from_diff_address_scope(self):
|
||||
test_machine1, test_machine2, _ = self._setup_address_scope(
|
||||
|
@ -372,8 +372,8 @@ class L3AgentTestCase(framework.L3AgentTestFramework):
|
|||
src_machine = self.useFixture(
|
||||
machine_fixtures.FakeMachine(br_ex, '19.4.4.12/24'))
|
||||
# Floating ip should work no matter of address scope
|
||||
net_helpers.assert_ping(src_machine.namespace, fip_same_scope, 5)
|
||||
net_helpers.assert_ping(src_machine.namespace, fip_diff_scope, 5)
|
||||
net_helpers.assert_ping(src_machine.namespace, fip_same_scope)
|
||||
net_helpers.assert_ping(src_machine.namespace, fip_diff_scope)
|
||||
|
||||
def test_direct_route_for_address_scope(self):
|
||||
(machine_same_scope, machine_diff_scope,
|
||||
|
@ -388,8 +388,7 @@ class L3AgentTestCase(framework.L3AgentTestFramework):
|
|||
machine_fixtures.FakeMachine(br_ex, '19.4.4.12/24', gw_ip))
|
||||
# For the internal networks that are in the same address scope as
|
||||
# external network, they can directly route to external network
|
||||
net_helpers.assert_ping(
|
||||
src_machine.namespace, machine_same_scope.ip, 5)
|
||||
net_helpers.assert_ping(src_machine.namespace, machine_same_scope.ip)
|
||||
# For the internal networks that are not in the same address scope as
|
||||
# external networks. SNAT will be used. Direct route will not work
|
||||
# here.
|
||||
|
@ -408,8 +407,8 @@ class L3AgentTestCase(framework.L3AgentTestFramework):
|
|||
|
||||
# For the internal networks that are in the same address scope as
|
||||
# external network, they should be able to reach the floating ip
|
||||
net_helpers.assert_ping(machine_same_scope.namespace, fip, 5)
|
||||
net_helpers.assert_ping(machine_same_scope.namespace, fip)
|
||||
# For the port with fip, it should be able to reach the internal
|
||||
# networks that are in the same address scope as external network
|
||||
net_helpers.assert_ping(machine_diff_scope.namespace,
|
||||
machine_same_scope.ip, 5)
|
||||
machine_same_scope.ip)
|
||||
|
|
|
@ -182,18 +182,18 @@ class ARPSpoofTestCase(OVSAgentTestBase):
|
|||
self._setup_arp_spoof_for_port(self.dst_p.name, [self.dst_addr])
|
||||
self.src_p.addr.add('%s/24' % self.src_addr)
|
||||
self.dst_p.addr.add('%s/24' % self.dst_addr)
|
||||
net_helpers.assert_ping(self.src_namespace, self.dst_addr, count=2)
|
||||
net_helpers.assert_ping(self.src_namespace, self.dst_addr)
|
||||
|
||||
def test_mac_spoof_blocks_wrong_mac(self):
|
||||
self._setup_arp_spoof_for_port(self.src_p.name, [self.src_addr])
|
||||
self._setup_arp_spoof_for_port(self.dst_p.name, [self.dst_addr])
|
||||
self.src_p.addr.add('%s/24' % self.src_addr)
|
||||
self.dst_p.addr.add('%s/24' % self.dst_addr)
|
||||
net_helpers.assert_ping(self.src_namespace, self.dst_addr, count=2)
|
||||
net_helpers.assert_ping(self.src_namespace, self.dst_addr)
|
||||
# changing the allowed mac should stop the port from working
|
||||
self._setup_arp_spoof_for_port(self.src_p.name, [self.src_addr],
|
||||
mac='00:11:22:33:44:55')
|
||||
net_helpers.assert_no_ping(self.src_namespace, self.dst_addr, count=2)
|
||||
net_helpers.assert_no_ping(self.src_namespace, self.dst_addr)
|
||||
|
||||
def test_arp_spoof_doesnt_block_ipv6(self):
|
||||
self.src_addr = '2000::1'
|
||||
|
@ -205,7 +205,7 @@ class ARPSpoofTestCase(OVSAgentTestBase):
|
|||
# make sure the IPv6 addresses are ready before pinging
|
||||
self.src_p.addr.wait_until_address_ready(self.src_addr)
|
||||
self.dst_p.addr.wait_until_address_ready(self.dst_addr)
|
||||
net_helpers.assert_ping(self.src_namespace, self.dst_addr, count=2)
|
||||
net_helpers.assert_ping(self.src_namespace, self.dst_addr)
|
||||
|
||||
def test_arp_spoof_blocks_response(self):
|
||||
# this will prevent the destination from responding to the ARP
|
||||
|
@ -250,7 +250,7 @@ class ARPSpoofTestCase(OVSAgentTestBase):
|
|||
self.dst_addr])
|
||||
self.src_p.addr.add('%s/24' % self.src_addr)
|
||||
self.dst_p.addr.add('%s/24' % self.dst_addr)
|
||||
net_helpers.assert_ping(self.src_namespace, self.dst_addr, count=2)
|
||||
net_helpers.assert_ping(self.src_namespace, self.dst_addr)
|
||||
|
||||
def test_arp_spoof_icmpv6_neigh_advt_allowed_address_pairs(self):
|
||||
self.src_addr = '2000::1'
|
||||
|
@ -262,14 +262,14 @@ class ARPSpoofTestCase(OVSAgentTestBase):
|
|||
# make sure the IPv6 addresses are ready before pinging
|
||||
self.src_p.addr.wait_until_address_ready(self.src_addr)
|
||||
self.dst_p.addr.wait_until_address_ready(self.dst_addr)
|
||||
net_helpers.assert_ping(self.src_namespace, self.dst_addr, count=2)
|
||||
net_helpers.assert_ping(self.src_namespace, self.dst_addr)
|
||||
|
||||
def test_arp_spoof_allowed_address_pairs_0cidr(self):
|
||||
self._setup_arp_spoof_for_port(self.dst_p.name, ['9.9.9.9/0',
|
||||
'1.2.3.4'])
|
||||
self.src_p.addr.add('%s/24' % self.src_addr)
|
||||
self.dst_p.addr.add('%s/24' % self.dst_addr)
|
||||
net_helpers.assert_ping(self.src_namespace, self.dst_addr, count=2)
|
||||
net_helpers.assert_ping(self.src_namespace, self.dst_addr)
|
||||
|
||||
def test_arp_spoof_disable_port_security(self):
|
||||
# block first and then disable port security to make sure old rules
|
||||
|
@ -279,7 +279,7 @@ class ARPSpoofTestCase(OVSAgentTestBase):
|
|||
psec=False)
|
||||
self.src_p.addr.add('%s/24' % self.src_addr)
|
||||
self.dst_p.addr.add('%s/24' % self.dst_addr)
|
||||
net_helpers.assert_ping(self.src_namespace, self.dst_addr, count=2)
|
||||
net_helpers.assert_ping(self.src_namespace, self.dst_addr)
|
||||
|
||||
def test_arp_spoof_disable_network_port(self):
|
||||
# block first and then disable port security to make sure old rules
|
||||
|
@ -290,7 +290,7 @@ class ARPSpoofTestCase(OVSAgentTestBase):
|
|||
device_owner=n_const.DEVICE_OWNER_ROUTER_GW)
|
||||
self.src_p.addr.add('%s/24' % self.src_addr)
|
||||
self.dst_p.addr.add('%s/24' % self.dst_addr)
|
||||
net_helpers.assert_ping(self.src_namespace, self.dst_addr, count=2)
|
||||
net_helpers.assert_ping(self.src_namespace, self.dst_addr)
|
||||
|
||||
def _setup_arp_spoof_for_port(self, port, addrs, psec=True,
|
||||
device_owner='nobody', mac=None):
|
||||
|
|
Loading…
Reference in New Issue