diff options
| author | Mark Gray <mark.d.gray@redhat.com> | 2021-04-01 09:58:27 -0400 |
|---|---|---|
| committer | Ilya Maximets <i.maximets@ovn.org> | 2021-04-01 19:13:31 +0200 |
| commit | 8fc62df8b135f8d2975ff794ecc15297312c8e93 (patch) | |
| tree | c29a906f16bd3ab798091914cd6e428524b4dacc /ipsec/ovs-monitor-ipsec.in | |
| parent | d6afbc00d5b37a62a5544d65c3cc6e689422c273 (diff) | |
| download | openvswitch-8fc62df8b135f8d2975ff794ecc15297312c8e93.tar.gz | |
ipsec: Introduce IPsec system tests for Libreswan.
This patch adds system tests for OVS IPsec using Libreswan.
If Libreswan is not present on the system, the tests will
be skipped.
These tests set up an underlay switch with bridge 'br0'
to carry encrypted traffic between two emulated "nodes".
Each "node" is a separate network namespace ('left' and
'right') and runs an instance of the Libreswan "pluto"
daemon, ovs-monitor-ipsec, ovs-vswitch and ovsdb-server.
Each test sets up IPsec between the two emulated "nodes"
using various configurations (currently tunnel
type, IPv6/IPv6, authentication method, local_ip). After
configuration, connectivity between the two nodes is
tested and the underlay traffic is also inspected to
ensure the traffic is encrypted.
All IPsec system tests can be run by using the ipsec
keyword:
sudo make check-kernel TESTSUITEFLAGS='-k ipsec'
Signed-off-by: Mark Gray <mark.d.gray@redhat.com>
Acked-by: Aaron Conole <aconole@redhat.com>
Acked-by: Eelco Chaudron <echaudro@redhat.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
Diffstat (limited to 'ipsec/ovs-monitor-ipsec.in')
0 files changed, 0 insertions, 0 deletions