Table of Contents
1. Audience
This document assumes basic knowledge of TRex, and assumes that TRex is installed and configured. For information, see the manual, especially the material up to the Basic Usage section.
2. Stateless support
2.1. High level functionality
-
Large scale - Supports about 10-22 million packets per second (mpps) per core, scalable with the number of cores
-
Support for 1, 10, 25, 40, and 100 Gb/sec interfaces
-
Support for multiple traffic profiles per interface
-
Profile can support multiple streams, scalable to 10K parallel streams
-
Supported for each stream:
-
Packet template - ability to build any packet (including malformed) using Scapy (example: MPLS/IPv4/Ipv6/GRE/VXLAN/NSH)
-
Field Engine program
-
Ability to change any field inside the packet (example: src_ip = 10.0.0.1-10.0.0.255)
-
Ability to change the packet size (example: random packet size 64-9K)
-
-
Mode - Continuous/Burst/Multi-burst support
-
Rate can be specified as:
-
Packets per second (example: 14MPPS)
-
L1 bandwidth (example: 500Mb/sec)
-
L2 bandwidth (example: 500Mb/sec)
-
Interface link percentage (example: 10%)
-
-
Support for HLTAPI-like profile definition
-
Action - stream can trigger a stream
-
-
Interactive support - Fast Console, GUI
-
Statistics per interface
-
Statistics per stream done in hardware
-
Latency and jitter per stream
-
Blazingly fast automation support
-
Python 2.7/3.0 Client API
-
Python HLTAPI Client API
-
-
Multi-user support - multiple users can interact with the same TRex instance simultaneously
-
Routing protocols support — RIP/BGP/OSPF using BIRD
2.1.1. Traffic profile example
The following example shows three streams configured for Continuous, Burst, and Multi-burst traffic.
2.2. IXIA IXExplorer vs TRex
TRex has limited functionality compared to IXIA, but has some advantages. The following table summarizes the differences:
| Feature | IXExplorer | TRex | Description |
|---|---|---|---|
Line rate |
Yes |
10-24MPPS/core, depends on the use case |
|
Multi stream |
255 |
Software limited to ~20K |
|
Packet build flexibility |
Limited |
Scapy - Unlimited |
Example: GRE/VXLAN/NSH is supported. Can be extended to future protocols. |
Packet Field Engine |
Limited |
Unlimited |
|
Tx Mode |
Continuous/Burst/Multi-burst |
Continuous/Burst/Multi-burst |
|
ARP/IPv6 ND Emulation |
Yes |
Yes |
|
DHCP Client Emulation |
Yes |
Yes |
|
Extendable Emulation framework |
No |
Yes |
|
Automation |
TCL/Python wrapper to TCL |
Native Python/Scapy |
|
Automation speed sec |
30 sec |
1 msec |
Test of load/start/stop/get counters |
HLTAPI |
Full support. 2000 pages of documentation |
Limited. 20 pages of documentation |
|
Per Stream statistics |
255 streams with 4 global masks |
128 rules for XL710/X710 hardware and software impl for 82599/I350/X550 |
Some packet type restrictions apply to XL710/X710. Software mode can be extended to 32K rules. |
Latency Jitter |
Yes. Nanosecond resolution (hardware-based) |
Yes. Microsecond resolution (software-based) |
|
Multi-user support |
Yes |
Yes |
|
GUI |
Very good |
WIP, packet builder, Field Engine, global port statistics, latency, per stream statistics. Differs from IXIA GUI - for details, see: trex-stateless-gui |
|
Cisco pyATS support |
Yes |
Yes - Python 2.7/Python 3.4 |
|
Routing Emulation |
Yes |
Yes |
2.3. RPC Architecture
A JSON-RPC2 thread in the TRex control plane core provides support for interactive mode.
- Layers
-
-
Control transport protocol: ZMQ working in REQ/RES mode.
-
RPC protocol on top of the control transport protocol: JSON-RPC2.
-
Asynchronous transport: ZMQ working in SUB/PUB mode (used for asynchronous events such as interface change mode, counters, and so on).
-
- Interfaces
-
-
Automation API: Python is the first client to implement the Python automation API.
-
User interface: The console uses the Python API to implement a user interface for TRex.
-
GUI : The GUI works on top of the JSON-RPC2 layer.
-
- Control of TRex interfaces
-
-
Numerous users can control a single TRex server together, from different interfaces.
-
Users acquire individual TRex interfaces exclusively. Example: Two users control a 4-port TRex server. User A acquires interfaces 0 and 1; User B acquires interfaces 3 and 4.
-
Only one user interface (console or GUI) can have read/write control of a specific interface. This enables caching the TRex server interface information in the client core. Example: User A, with two acquired interfaces, can have only one read/write control session at a time.
-
A user can set up numerous read-only clients on a single interface - for example, for monitoring traffic statistics on the interface.
-
A client in read-write mode can acquire a statistic in real time (with ASYNC ZMQ). This enables viewing statistics through numerous user interfaces (console and GUI) simultaneously.
-
- Synchronization
-
-
A client syncs with the TRex server to get the state in connection time, and caches the server information locally after the state has changed.
-
If a client crashes or exits, it syncs again after reconnecting.
-
For details about the TRex RPC server, see the RPC specification.
2.3.1. RPC architecture highlights
The RPC architecture provides the following advantages:
-
Fast interaction with TRex server. Loading, starting, and stopping a profile for an interface is very fast - about 2000 cycles/sec.
-
Leverages Python/Scapy for building a packet/Field Engine.
-
HLTAPI compiler complexity is handled in Python.
2.4. TRex Objects
-
TRex: Each TRex instance supports numerous interfaces.
-
Interface: Each interface supports one or more traffic profiles.
-
Traffic profile: Each traffic profile supports one or more streams.
-
Stream: Each stream includes:
-
Packet: Packet template up to 9 KB
-
Field Engine: Determines field to change and whether to change packet size
-
Mode: Specifies how to send packets: Continuous/Burst/Multi-burst
-
Rx Stats: Statistics to collect for each stream
-
Rate: Rate (packets per second or bandwidth)
-
Action: Specifies stream to follow when the current stream is complete (valid for Continuous or Burst modes)
-
2.5. Stateful vs Stateless
TRex Stateless support enables basic L2/L3 testing, relevant mostly for a switch or router. In Stateless mode it is possible to define a stream with a one packet template, define a program to change any fields in the packet, and run the stream in one of the following modes:
-
Continuous
-
Burst
-
Multi-burst
Stateless mode does not support learning NAT translation, as there is no context of flow/client/server.
-
In Stateful mode, the basic building block is a flow/application (composed of many packets).
-
Stateless mode is much more flexible, enabling you to define any type of packet, and build a simple program.
| Feature | Stateful | Stateless |
|---|---|---|
Per flow state |
Yes |
No |
NAT |
Yes |
No |
Tunnel |
Some are supported |
Yes |
L7 App emulation |
Yes |
No |
Any type of packet |
No |
Yes |
Latency Jitter |
Global/Per flow |
Per Stream |
2.5.1. Using Stateless mode to mimic Stateful mode
Stateless mode can mimic some, but not all functionality of Stateful mode.
For example, you can load a PCAP with the number of packets as a link of streams:
a→b→c→d→ back to a
You can then create a program for each stream to change:
src_ip=10.0.0.1-10.0.0.254
This creates traffic similar to that of Stateful mode, but with a completely different basis.
If you are confused you probably need Stateless. :-)
2.6. TRex package folders
| Location | Description |
|---|---|
/ |
t-rex-64/dpdk_set_ports/stl-sim |
/stl |
Stateless native (py) profiles |
/stl/hlt |
Stateless HLT profiles |
/ko |
Kernel modules for DPDK |
/external_libs |
Python external libs used by server/clients |
/exp |
Golden PCAP file for unit-tests |
/cfg |
Examples of config files |
/cap2 |
Stateful profiles |
/avl |
Stateful profiles - SFR profile |
/automation |
Python client/server code for both Stateful and Stateless |
/automation/regression |
Regression for Stateless and Stateful |
/automation/config |
Regression setups config files |
/automation/trex_control_plane/interactive/trex |
Stateless lib and Console |
/automation/trex_control_plane/interactive/trex/stl |
Stateless lib |
/automation/trex_control_plane/interactive/trex/examples/stl |
Stateless examples |
2.7. Getting Started Tutorials
The tutorials in this section demonstrate basic TRex stateless use cases. Examples include common and moderately advanced TRex concepts.
2.7.1. Tutorial: Prepare TRex configuration file
- Goal
-
Define the TRex physical or virtual ports and create configuration file.
Follow this chapter first time configuration
2.7.2. Tutorial: Load TRex server, Simple IPv4 UDP
- Goal
-
Send simple UDP packets from all ports of a TRex server.
- Traffic profile
-
The following profile defines one stream, with an IP/UDP packet template with 10 bytes of x(0x78) of payload. For more examples of defining packets using Scapy, see the Scapy documentation.
- File
from trex_stl_lib.api import * class STLS1(object): def create_stream (self): return STLStream( packet = STLPktBuilder( pkt = Ether()/IP(src="16.0.0.1",dst="48.0.0.1")/ UDP(dport=12,sport=1025)/(10*'x')), mode = STLTXCont())
def get_streams (self, direction = 0, **kwargs):
# create 1 stream return [ self.create_stream() ] # dynamic load - used for TRex console or simulator def register():
return STLS1()
| Defines the packet. In this case, the packet is IP/UDP with 10 bytes of x. For more information, see the Scapy documentation. |
| Mode: Continuous. Rate: 1 PPS (default rate is 1 PPS) |
|
The get_streams function is mandatory.
|
|
Each traffic profile module requires a register function.
|
|
The SRC/DST MAC addresses are taken from /etc/trex_cfg.yaml. To change them, add Ether(dst="00:00:dd:dd:00:01") with the desired destination. |
- Start TRex as a server
|
|
The TRex package includes all required packages. It is not necessary to install any Python packages (including Scapy). |
[bash]>sudo ./t-rex-64 -i
-
Wait until the server is up and running.
-
(Optional) Use
-cto add more cores. -
(Optional) Use
--cfgto specify a different configuration file. The default is /etc/trex_cfg.yaml.
- Connect with console
-
On the same machine, in a new terminal window (open a new window using
xterm, orsshagain), connect to TRex usingtrex-console.
[bash]>trex-console ## show dynamic statistic >tui
| Connects to the TRex server from the local machine. |
|
Start the traffic on all ports at 10 mbps. Can also specify as MPPS. Example: 14 MPPS (-m 14mpps).
|
| Pauses the traffic. |
| Resumes. |
| Stops traffic on all ports. |
|
|
If you have a connection error, open the /etc/trex_cfg.yaml file and remove keywords such as |
- Viewing streams
-
To display stream data for all ports, use
streams -a.
trex>streams -a Port 0: ID | packet type | length | mode | rate | next stream ----------------------------------------------------------------------------------- 1 | Ethernet:IP:UDP:Raw | 56 | Continuous | 1.00 pps | -1 Port 1: ID | packet type | length | mode | rate | next stream ----------------------------------------------------------------------------------- 1 | Ethernet:IP:UDP:Raw | 56 | Continuous | 1.00 pps | -1 Port 2: ID | packet type | length | mode | rate | next stream ----------------------------------------------------------------------------------- 1 | Ethernet:IP:UDP:Raw | 56 | Continuous | 1.00 pps | -1 Port 3: ID | packet type | length | mode | rate | next stream ----------------------------------------------------------------------------------- 1 | Ethernet:IP:UDP:Raw | 56 | Continuous | 1.00 pps | -1
- Viewing command help
-
To view help for a command, use
<command> --help. - Viewing general statistics
-
To view general statistics, open a "textual user interface" with
tui.
TRex >tui Global Statistics Connection : localhost, Port 4501 Version : v1.93, UUID: N/A Cpu Util : 0.2% : Total Tx L2 : 40.01 Mb/sec Total Tx L1 : 52.51 Mb/sec Total Rx : 40.01 Mb/sec Total Pps : 78.14 Kpkt/sec : Drop Rate : 0.00 b/sec Queue Full : 0 pkts Port Statistics port | 0 | 1 | -------------------------------------------------------- owner | hhaim | hhaim | state | ACTIVE | ACTIVE | -- | | | Tx bps L2 | 10.00 Mbps | 10.00 Mbps | Tx bps L1 | 13.13 Mbps | 13.13 Mbps | Tx pps | 19.54 Kpps | 19.54 Kpps | Line Util. | 0.13 % | 0.13 % | --- | | | Rx bps | 10.00 Mbps | 10.00 Mbps | Rx pps | 19.54 Kpps | 19.54 Kpps | ---- | | | opackets | 1725794 | 1725794 | ipackets | 1725794 | 1725794 | obytes | 110450816 | 110450816 | ibytes | 110450816 | 110450816 | tx-bytes | 110.45 MB | 110.45 MB | rx-bytes | 110.45 MB | 110.45 MB | tx-pkts | 1.73 Mpkts | 1.73 Mpkts | rx-pkts | 1.73 Mpkts | 1.73 Mpkts | ----- | | | oerrors | 0 | 0 | ierrors | 0 | 0 | status: / browse: 'q' - quit, 'g' - dashboard, '0-3' - port display dashboard: 'p' - pause, 'c' - clear, '-' - low 5%, '+' - up 5%,
- Discussion
-
In this example TRex sends the same packet from all ports. If your setup is connected with loopback, you will see Tx packets from port 0 in Rx port 1 and vice versa. If you have DUT with static route, you might see all packets going to a specific port.
interface TenGigabitEthernet0/0/0 mtu 9000 ip address 1.1.9.1 255.255.255.0 ! interface TenGigabitEthernet0/1/0 mtu 9000 ip address 1.1.10.1 255.255.255.0 ! ip route 16.0.0.0 255.0.0.0 1.1.9.2 ip route 48.0.0.0 255.0.0.0 1.1.10.2
In this example all packets are routed to the TenGigabitEthernet0/1/0 port. The following example uses the direction flag to change this.
class STLS1(object): def create_stream (self): return STLStream( packet = STLPktBuilder( pkt = Ether()/IP(src="16.0.0.1",dst="48.0.0.1")/ UDP(dport=12,sport=1025)/(10*'x') ), mode = STLTXCont()) def get_streams (self, direction = 0, **kwargs): # create 1 stream if direction==0:
|
This use of the direction flag causes a different packet to be sent for each direction.
|
2.7.3. Tutorial: Connect from a remote server
- Goal
-
Connect by console from remote machine to a TRex server.
- Check that TRex server is operational
-
Ensure that the TRex server is running. If not, run TRex in interactive mode.
[bash]>sudo ./t-rex-64 -i
- Connect with Console
-
From a remote machine, use
trex-consoleto connect. Include the-sflag, as shown below, to specify the server.
[bash]>trex-console -s csi-kiwi-02 #
| TRex server is csi-kiwi-02. |
The TRex client requires Python versions 2.7.x or 3.4.x. To change the Python version, set the PYTHON environment variable as follows:
[tcsh]>setenv PYTHON /bin/python #tcsh
[bash]>extern PYTHON=/bin/mypython #bash
|
|
The client machine should run Python 2.7.x or 3.4.x. Cisco CEL/ADS is supported. The TRex package includes the required client archive. |
2.7.4. Tutorial: Source and Destination MAC addresses
- Goal
-
Change the source/destination MAC address.
Each TRex port has a source and destination MAC (DUT) configured in the /etc/trex_cfg.yaml configuration file. The source MAC is not necessarily the hardware MAC address configured in EEPROM. By default, the hardware-specified MAC addresses (source and destination) are used. If a source or destination MAC address is configured explicitly, that address has priority over the hardware-specified default.
| Scapy | Source MAC | Destination MAC |
|---|---|---|
Ether() |
trex_cfg (src) |
trex_cfg(dst) |
Ether(src="00:bb:12:34:56:01") |
00:bb:12:34:56:01 |
trex_cfg(dst) |
Ether(dst="00:bb:12:34:56:01") |
trex_cfg(src) |
00:bb:12:34:56:01 |
def create_stream (self): base_pkt = Ether(src="00:bb:12:34:56:01")/
| Specifying the source interface MAC replaces the default specified in the configuration YAML file. |
|
A TRex port receives a packet only if the packet’s destination MAC matches the HW Src MAC defined for that port in the |
To set ports to promiscuous mode and show the port status:
trex>portattr -a --prom on #
| Configures all ports to promiscuous mode. |
| Show port status. |
| "on" indicates port promiscuous mode. |
To change ports to promiscuous mode by Python API:
c = STLClient(verbose_level ="error") c.connect() my_ports=[0,1] # prepare our ports c.reset(ports = my_ports) # port info, mac-addr info, speed print c.get_port_info(my_ports)
| Get port info for all ports. |
|
Change the port attribute to promiscuous = True.
|
For more information see the Python Client API.
|
|
Interfaces are not set to promiscuous mode by default. Typically, after changing the port to promiscuous mode for a specific test, it is advisable to change it back to non-promiscuous mode. |
2.7.5. Tutorial: Python automation
- Goal
-
Simple automation test using Python from a local or remote machine.
- Directories
-
Python API examples: automation/trex_control_plane/interactive/trex/examples/stl
Python API library: automation/trex_control_plane/interactive/trex/stl
The TRex console uses the Python API library to interact with the TRex server using the JSON-RPC2 protocol over ZMQ.
- File
import stl_path# add both streams to ports c.add_streams(s1, ports = [0]) c.add_streams(s2, ports = [1]) # clear the stats before injecting c.clear_stats() # choose rate and start traffic for 10 seconds on 5 mpps print "Running 5 Mpps on ports 0, 1 for 10 seconds..." c.start(ports = [0, 1], mult = "5mpps", duration = 10)
# block until done c.wait_on_traffic(ports = [0, 1])
# read the stats after the test stats = c.get_stats()
print json.dumps(stats[0], indent = 4, separators=(',', ': '), sort_keys = True) print json.dumps(stats[1], indent = 4, separators=(',', ': '), sort_keys = True) lost_a = stats[0]["opackets"] - stats[1]["ipackets"] lost_b = stats[1]["opackets"] - stats[0]["ipackets"] print "\npackets lost from 0 --> 1: {0} pkts".format(lost_a) print "packets lost from 1 --> 0: {0} pkts".format(lost_b) if (lost_a == 0) and (lost_b == 0): passed = True else: passed = False except STLError as e: passed = False print e finally: c.disconnect()
if passed: print "\nTest has passed :-)\n" else: print "\nTest has failed :-(\n" # run the tests simple_burst()
| Imports the stl_path. The path here is specific to this example. When configuring, provide the path to your stl_trex library. |
| Imports TRex Stateless library. When configuring, provide the path to your TRex Stateless library. |
| Creates packet per direction using Scapy. |
| See the Field Engine section for information. |
| Connects to the local TRex. Username and server can be added. |
| Acquires the ports. |
| Loads the traffic profile and start generating traffic. |
| Waits for the traffic to be finished. There is a polling function so you can test do something while waiting. |
| Get port statistics. |
| Disconnects. |
See TRex Stateless Python API for details about using the Python APIs.
2.7.6. Tutorial: HLT Python API
HLT Python API is a layer on top of the native layer. It supports the standard Cisco traffic generator API. For more information, see Cisco/IXIA/Spirent documentation.
TRex supports a limited number of HLTAPI arguments. It is recommended to use the native API for simplicity and flexibility.
Supported HLT Python API classes:
-
Device Control
-
connect
-
cleanup_session
-
device_info
-
info
-
-
Interface
-
interface_config
-
interface_stats
-
-
Traffic
-
traffic_config - not all arguments are supported
-
traffic_control
-
traffic_stats
-
For details, see: Appendix
- File
import sys import argparse import stl_path from trex_stl_lib.api import *
| Imports the native TRex API. |
| Imports the HLT API. |
2.7.7. Tutorial: Simple IPv4/UDP packet simulator
- Goal
-
Use the TRex Stateless simulator.
Demonstrates the most basic use case for the TRex simulator.
The TRex package includes a simulator tool, stl-sim. The simulator operates as a Python script that calls an executable. The platform requirements for the simulator tool are the same as for TRex.
The TRex simulator can:
-
Test your traffic profiles before running them on TRex.
-
Generate an output PCAP file.
-
Simulate a number of threads.
-
Convert from one type of profile to another.
-
Convert any profile to JSON (API). See: TRex stream specification
Example traffic profile:
from trex_stl_lib.api import * class STLS1(object): def create_stream (self): return STLStream( packet = STLPktBuilder( pkt = Ether()/IP(src="16.0.0.1",dst="48.0.0.1")/ UDP(dport=12,sport=1025)/(10*'x')
| Defines the packet - in this case, IP/UDP with 10 bytes of x. |
| Mode is Continuous, with a rate of 1 PPS. (Default rate: 1 PPS) |
|
Each traffic profile module requires a register function.
|
The following runs the traffic profile through the TRex simulator, limiting the number of packets to 10, and storing the output in a PCAP file.
[bash]>./stl-sim -f stl/udp_1pkt_simple.py -o b.pcap -l 10 executing command: 'bp-sim-64-debug --pcap --sl --cores 1 --limit 5000 -f /tmp/tmpq94Tfx -o b.pcap' General info: ------------ image type: debug I/O output: b.pcap packet limit: 10 core recording: merge all Configuration info: ------------------- ports: 2 cores: 1 Port Config: ------------ stream count: 1 max PPS : 1.00 pps max BPS L1 : 672.00 bps max BPS L2 : 512.00 bps line util. : 0.00 % Starting simulation... Simulation summary: ------------------- simulated 10 packets written 10 packets to 'b.pcap'
Contents of the output PCAP file produced by the simulator in the previous step:
Adding --json displays the details of the JSON command for adding a stream:
[bash]>./stl-sim -f stl/udp_1pkt_simple.py --json [ { "id": 1, "jsonrpc": "2.0", "method": "add_stream", "params": { "handler": 0, "port_id": 0, "stream": { "action_count": 0, "enabled": true, "flags": 0, "isg": 0.0, "mode": { "rate": { "type": "pps", "value": 1.0 }, "type": "continuous" }, "next_stream_id": -1, "packet": { "binary": "AAAAAQAAAAAAAgAACABFAAAmAA", "meta": "" }, "rx_stats": { "enabled": false }, "self_start": true, "vm": { "instructions": [], "split_by_var": "" } }, "stream_id": 1 } }, { "id": 1, "jsonrpc": "2.0", "method": "start_traffic", "params": { "duration": -1, "force": true, "handler": 0, "mul": { "op": "abs", "type": "raw", "value": 1.0 }, "port_id": 0 } } ]
For more information about stream definition, see the RPC specification.
To convert the profile to YAML format:
$./stl-sim -f stl/udp_1pkt_simple.py --yaml - stream: action_count: 0 enabled: true flags: 0 isg: 0.0 mode: pps: 1.0 type: continuous packet: binary: AAAAAQAAAAAAAgAACABFAAAmAAEAAEARO meta: '' rx_stats: enabled: false self_start: true vm: instructions: [] split_by_var: ''
To display packet details, use the --pkt option (using Scapy).
[bash]>./stl-sim -f stl/udp_1pkt_simple.py --pkt ======================= Stream 0 ======================= ###[ Ethernet ]### dst = 00:00:00:01:00:00 src = 00:00:00:02:00:00 type = IPv4 ###[ IP ]### version = 4L ihl = 5L tos = 0x0 len = 38 id = 1 flags = frag = 0L ttl = 64 proto = udp chksum = 0x3ac5 src = 16.0.0.1 dst = 48.0.0.1 \options \ ###[ UDP ]### sport = blackjack dport = 12 len = 18 chksum = 0x6161 ###[ Raw ]### load = 'xxxxxxxxxx' 0000 00 00 00 01 00 00 00 00 00 02 00 00 08 00 45 00 ..............E. 0010 00 26 00 01 00 00 40 11 3A C5 10 00 00 01 30 00 .&....@.:.....0. 0020 00 01 04 01 00 0C 00 12 61 61 78 78 78 78 78 78 ........aaxxxxxx 0030 78 78 78 78 xxxx
To convert any profile type to native again, use the --native option, as shown in the following example, which includes the input file, the command to convert it to native, and the output:
- name: udp_64B stream: self_start: True packet: binary: AAAAAAAAAAAAAAAACABFAAAuBNIAAH8R9usQAAABMAAAAQQBBAEAEgAAAAAAAAAAAAAAAAAAAAAAAAAA mode: type: continuous pps: 100
Command to convert to native:
[bash]>./stl-sim -f my_yaml.yaml --native
The output:
# !!! Auto-generated code !!! from trex_stl_lib.api import * class STLS1(object): def get_streams(self): streams = [] packet = (Ether(src='00:de:01:0a:01:00', dst='00:50:56:80:0d:28', type=2048) / IP(src='101.0.0.1', proto=17, dst='102.0.0.1', chksum=28605, len=46, flags=2L, ihl=5L, id=0) / UDP(dport=2001, sport=2001, len=26, chksum=1176) / Raw(load='\xde\xad\xbe\xef\x00\x01\x06\x07\x08\x09\x0a\x0b\x00\x9b\xe7\xdb\x82M')) vm = STLScVmRaw([], split_by_field = '') stream = STLStream(packet = CScapyTRexPktBuilder(pkt = packet, vm = vm), name = 'udp_64B', mac_src_override_by_pkt = 0, mac_dst_override_mode = 0, mode = STLTXCont(pps = 100)) streams.append(stream) return streams def register(): return STLS1()
- Discussion
-
The following are the main traffic profile formats. Native is the preferred format. There is a separation between how the traffic is defined and how to control/activate it. The API/Console/GUI can load a traffic profile and start/stop/get a statistic. Due to this separation it is possible to share traffic profiles.
| Profile Type | Format | Description |
|---|---|---|
Native |
Python |
Most flexible. Any format can be converted to native using the |
HLT |
Python |
Uses HLT arguments. |
YAML/JSON |
YAML/JSON |
The common denominator traffic profile. Information is shared between console, GUI, and simulator in YAML format. This format is difficult to use for defining packets; primarily for machine use. YAML can be converted to native using the |
2.7.8. Tutorial: Port layer mode configuration
- Goal
-
Configure TRex port with either IPv4 or MAC address.
TRex ports can operate in two different mutually exclusive modes:
-
Layer 2 mode - MAC level configuration
-
Layer 3 mode - IPv4/IPv6 configuration
| Mode | Port configuration requirements | Notes |
|---|---|---|
Layer 2 mode |
When configuring a port for L2 mode, must provide the destination MAC address for the port (Legacy mode previous to v2.12 version). |
- |
Layer 3 mode |
When configuring a port for L3, must provide both source IPv4/IPv6 address and a IPv4/IPv6 destination address. |
As an intergral part of configuring L3, the client will try to ARP resolve the destination address and automatically configure the correct destination MAC, instead of sending an ARP request when starting traffic. |
trex>service trex>l2 --help usage: port [-h] --port PORT --dst DST_MAC Configures a port in L2 mode optional arguments: -h, --help show this help message and exit --port PORT, -p PORT source port for the action --dst DST_MAC Configure destination MAC address trex(service)>l2 -p 0 --dst 6A:A7:B5:3A:4E:FF Setting port 0 in L2 mode: [SUCCESS] trex>service --off
client.set_service_mode(port = 0, enabled = True) client.set_l2_mode(port = 0, dst_mac = "6A:A7:B5:3A:4E:FF") client.set_service_mode(port = 0, enabled = False)
trex>service trex(service)>l3 --help usage: port [-h] --port PORT --src SRC_IPV4 --dst DST_IPV4 Configures a port in L3 mode optional arguments: -h, --help show this help message and exit --port PORT, -p PORT source port for the action --src SRC_IPV4 Configure source IPv4 address --dst DST_IPV4 Configure destination IPv4 address trex(service)>l3 -p 0 --src 1.1.1.2 --dst 1.1.1.1 Setting port 0 in L3 mode: [SUCCESS] ARP resolving address '1.1.1.1': [SUCCESS] trex>service --off
client.set_service_mode(port = 0, enabled = True) client.set_l3_mode(port = 0, src_ipv4 = '1.1.1.2', dst_ipv4 = '1.1.1.1') client.set_service_mode(port = 0, enabled = False)
2.8. Port service mode
In normal operation mode, to preserve high speed processing of packets, TRex ignores most of the rx traffic, with the exception of counting/statistic and handling latency flows.
The modes:
-
On : All the packets are forwarded to rx to be processed by Client or Capture.
-
Off - Only latency packets are forwarded. Before v2.66 non TCP UDP were forward to rx in software mode after v2.66 (including) only in filter mode those packets are forwarded for more flexibility.
-
Filter [bgp, no_tcp_udp, emu, transport, mdns, dhcp, all] - In this case specific packets are forwarded to rx. An example can be BGP packets for BIRD. It is relevant only for software mode,
--softwareUsing filter mode you would be able to run TCP/UDP traffic in high rate while keeping the routing protocols function. The performance would be as good as "off", the only penalty comes from the software mode that requires all packets to be processed in the rx side.
|
|
Filter mode is new from version v2.66 |
The following illustrates how rx packets are handled. Only a portion are forwarded to the rx handling module and none are forwarded back to the Python client.
In service mode, a port responds to ping and ARP requests, and also enables forwarding packets to the Python control plane for applying full duplex protocols (DCHP, IPv6 neighboring, and so on).
The following illustrates how packets can be forwarded back to the Python client.
Service mode can be useful when writing Python plugins for emulation (example: IPV6 ND/DHCP) to prepare the setup. Then you can move to normal mode for high speed testing.
trex>service --help usage: service [-h] [-p PORTS [PORTS ...] | -a] [--bgp] [--dhcp] [--mdns] [--emu] [--tran] [--no-tcp-udp] [--all] [--off] Configures port for service mode. In service mode ports will reply to ARP, PING and etc. optional arguments: -h, --help show this help message and exit -p PORTS [PORTS ...], --port PORTS [PORTS ...] A list of ports on which to apply the command -a Set this flag to apply the command on all available ports --bgp filter mode with bgp packets forward to rx --dhcp filter mode with dhcpv4/dhcpv6 packets forward to rx --mdns filter mode with mDNS packets forward to rx --emu filter mode for all emu services rx --tran filter mode with tcp/udp packets forward to rx (generated by emu) --no-tcp-udp filter mode with no_tcp_udp packets forward to rx --all Allow every filter possible --off Deactivates services on port(s) trex>service Enabling service mode on port(s) [0, 1]: [SUCCESS] trex(service)>service --off Disabling service mode on port(s) [0, 1]: [SUCCESS]
client.set_service_mode(ports = [0, 1], enabled = True) client.set_service_mode(ports = [0, 1], enabled = False)
2.8.1. ARP / ICMP response
|
|
Only when in service mode, ports will reply to ICMP echo requests and ARP requests. |
2.9. Packet capturing
|
|
This section is relevant only for service mode. |
In service mode, TRex provides a few ways to examine and manipulate both Rx and Tx packets.
Packet capturing is implemented by allocating one more more fast, in-memory queues on the server side that copy-and-store the packet buffer.
Each queue can be defined with the following attributes:
-
Storage
-
Which ports on either Tx/Rx it should capture
-
Whether it should be cyclic or fixed
The above architecture implies that we can capture at high speed for a short amount of time.
For example, a queue of 1 million packets can be allocated as a cyclic queue and be active with a rate of couple of MPPS. This effectively provides a sampling of the last 1 million packets seen by the server with the given filters.
2.9.1. BPF Filtering
Before demonstrating how to use Packet Capturing, it is helpful to review how filtering is done.
Each packet capture is assigned a filter (by default, a filter that matches any packet). Any filter that follows the syntax rules of The Berekely Packet Filter (BPF) can be assigned.
BPF filters are widely used by the Linux kernel, TCP dump and others. Basically any tcpdump filtering tutorial can be used to define a filter for TRex.
Some simple examples using BPF:
-
All ARP or ICMP packets:
'arp or icmp'-
All UDP packets with destination port 53:
'udp and dst 53'-
All packets VLAN tagged 200 and TCP SYN:
'vlan 200 and tcp[tcpflags] == tcp-syn'For more examples, refer to BPF and tcpdump examples available online.
2.9.2. BPFJIT
TRex server uses BPF JIT, a compiled version of BPF to native code, to allow very fast filtering. So high speed filtering is very much possible in TRex.
Before
The following is a snapshot of a XL710 with Intel® Xeon® CPU E5-2667 v3 @ 3.20GHz handling 15.72 mpps before applying a BPF filter.
Global Statistics connection : localhost, Port 4501 total_tx_L2 : 8.18 Gb/sec version : v2.28 total_tx_L1 : 10.73 Gb/sec cpu_util. : 3.31% @ 14 cores (7 per port) total_rx : 8.18 Gb/sec rx_cpu_util. : 82.0% / 15.72 Mpkt/sec
After
With a non-hitting filter to measure the effect of using the BPF filter:
Global Statistics connection : localhost, Port 4501 total_tx_L2 : 8.21 Gb/sec version : v2.28 total_tx_L1 : 10.77 Gb/sec cpu_util. : 3.37% @ 14 cores (7 per port) total_rx : 8.21 Gb/sec rx_cpu_util. : 86.4% / 15.63 Mpkt/sec
There is almost zero impact (<5%) on CPU utilization for negative filtering.
Of course, a hitting filter will have impact but usually on a very small portion of the traffic.
2.9.3. API usage
Using the Python API is fairly simple:
# move port 1 to service mode as we want to capture traffic on it client.set_service_mode(ports = 1) # start a capture on port 1 Rx side with a limit, a mode and a *BPF* filter for any UDP with dst port 53 capture = client.start_capture(rx_ports = 1, limit = 100, mode = 'fixed', bpf_filter = 'udp and dst 53') # execute your code here # save the packets to a file or to a list (see the Python API docs) client.stop_capture(capture['id'], '/home/mydir/port_0_rx.pcap') # exit service mode on port 1 client.set_service_mode(ports = 1, enabled = False)
2.9.4. Console usage
The console provides couple of flexible ways to handle packet capturing
-
Capture Monitoring
-
Capture Recording
Capture monitoring
Capture monitoring is a non-persistent method for capturing and showing packets from either Tx / Rx of one or more ports.
Monitoring has 3 modes:
-
Low Verbose - A short line per packet will be displayed
-
High Verbose - Full Scapy show will be displayed per packet
-
Wireshark Pipe - Launches Wireshark with a pipe connected to the traffic being captured
The first two options display packet information on the console. This is ideal if a moderate amount of traffic is being monitored. However, if a large amount of traffic is being monitored, consider Wireshark Pipe or the Capture Recording method.
trex>service
| Move to service mode to allow capturing. |
| Activate a capture monitor on port 3 Rx side with verbose on. |
| Send an ARP request on port 3. |
| The console shows the returning packet. |
| is-at ARP response was captured. |
trex(service)>capture monitor start --rx 3 -f udp -p
| Activate a monitor using a Wireshark pipe and a UDP filter (BPF). |
| Attempts to launch Wireshark with a connection to the pipe. |
| Console is blocked until connection is established. |
| Monitor is active. |
| Sends ARP request. |
Capture recording
In addition to monitoring, the console allows a simple recording as well. Recording enables you to define a fixed-size queue which then can be saved to a PCAP file.
trex(service)>capture record start --rx 3 --limit 200
| Start a packet record on port 3 Rx side with a limit of 200 packets. |
| A new capture is created with an ID 4. |
| Show the capture status - currently empty. |
| Start traffic on port 0, which is connected to port 3. |
| Show the capture status - full. |
| Save 200 packets to an output file: /tmp/rx_3.pcap |
2.9.5. Using capture as a counter
Another use of packet capturing is counting. Instead of fetching the packets, you can simply count packets that hit the BPF filter.
For example, to count any packet that is UDP with source port of 5000, you can simply attach an empty capture with the correct BPF filter and examine the matched field:
trex(service)>capture record start --rx 3 --limit 0 -f udp and src 5000 Starting packet capturing up to 0 packets [SUCCESS] *** Capturing ID is set to '14' *** *** Please call 'capture record stop --id 14 -o <out.pcap>' when done *** trex(service)>capture Active Recorders ID | Status | Matched | Packets | Bytes | RX Ports | BPF Filter ------------------------------------------------------------------------------------------------------- 14 | ACTIVE | 0 | [0/0] | 0 B | 3 | udp and src 5000 trex(service)>
The Matched field indicates how many packets matched the filter.
2.9.6. Using capture port for faster packet capture / packet injection
Using the packet capture mechanism to inspect packets on TRex client python side typically yields to a transfer rate of about 5000 packets/sec due to the polling nature and the overhead of the RPC protocol.
In order to do faster packet transfer between TRex server and TRex client, as well as improving the injection of packets, the capture port feature can be used. It typically runs about 4x faster than the TRex capture.
This feature enables oneTRex server to connect to an already-opened ZeroMQ socket that will solely used to send / receive raw packets for a given TRex port. Pushing some data on this socket will translate to a new packet sent on the TRex port, while the packets received on the port will sent over the ZeroMQ socket as well.
Optionally, a BPF filter can be also specified to restrict the packets sent from TRex server to the TRex client side.
Here is a usage example that will first send one packet on TRex port 0, and then blocks until one IP packet is received back:
import zmq # Bind our ZeroMQ socket so that the TRex server can connect to it capture_port = "ipc:///tmp/trex_capture_port" zmq_context = zmq.Context() zmq_socket = zmq_context.socket(zmq.PAIR) zmq_socket.bind(capture_port) # move port 0 to service mode as we want to start capture port on it client.set_service_mode(ports = 0) # start a trex capture port on port 0 with *BPF* filter for any IP packets client.start_capture_port(port = 0, endpoint = capture_port, bpf_filter = 'ip') # Send one packet (using scapy here) zmq_socket.send(bytes(Ether()/IP()/IP()/UDP())) # Wait until we get an IP packet on TRex port 0 and display it parsed using Scapy received_packet = zmq_socket.recv() Ether(received_packet).show2() # Stop capture port client.stop_capture_port(port = 0) # exit service mode on port 0 client.set_service_mode(ports = 0, enabled = False)
2.9.7. Video tutorials
This tutorial demonstrates the new packet capture ability.
2.10. Neighboring protocols
To preserve high speed traffic generation, TRex handles neighboring protocols in the pre-test phase.
A test that requires running a neighboring protocol should first move to service mode, execute the required steps in Python, switch back to normal mode, and start the actual test.
2.10.1. ARP
A basic neighboring protocol that is provided as part of TRex is ARP.
Example setup:
trex>service #
| Enable service mode. |
| Set IPv4/default gateway. It will resolve the ARP. |
| Repeat ARP resolution. |
| Exit from service mode. |
To revert back to MAC address mode (without ARP resolution):
trex>l2 -p 0 --dst 00:00:00:01:00:00 #
| Disable service mode. |
client.set_service_mode(ports = [0, 1], enabled = True)
| Enable service mode. |
| Configure IPv4 and default gateway. |
| Disable service mode. |
2.10.2. ICMP
Another basic protocol provided with TRex is ICMP. It is possible, under service mode, to ping the DUT or even a TRex port from the console / API.
trex(service)>ping --help usage: ping [-h] --port PORT -d PING_IPV4 [-s PKT_SIZE] [-n COUNT] pings the server / specific IP optional arguments: -h, --help show this help message and exit --port PORT, -p PORT source port for the action -d PING_IPV4 which IPv4 to ping -s PKT_SIZE packet size to use -n COUNT, --count COUNT How many times to ping [default is 5] trex(service)>ping -p 0 -d 1.1.2.2 Pinging 1.1.2.2 from port 0 with 64 bytes of data: Reply from 1.1.2.2: bytes=64, time=27.72ms, TTL=127 Reply from 1.1.2.2: bytes=64, time=1.40ms, TTL=127 Reply from 1.1.2.2: bytes=64, time=1.31ms, TTL=127 Reply from 1.1.2.2: bytes=64, time=1.78ms, TTL=127 Reply from 1.1.2.2: bytes=64, time=1.95ms, TTL=127
# move to service mode client.set_service_mode(ports = ports, enabled = True) # configure port 0, 1 to Layer 3 mode client.set_l3_mode(port = 0, src_ipv4 = '1.1.1.2', dst_ipv4 = '1.1.1.1') client.set_l3_mode(port = 1, src_ipv4 = '1.1.2.2', dst_ipv4 = '1.1.2.1') # ping port 1 from port 0 through the router client.ping_ip(src_port = 0, dst_ipv4 = '1.1.2.2', pkt_size = 64)
| Check connectivity. |
2.10.3. IPv6 ND client
Current: TRex supports scanning of network for IPv6-enabled neighbors, and pinging nearby devices from the console.
Plans for future phase: Add support at the CPP server.
The advantage of those methods is that they can be easily extended to simulate a large number of clients in automation.
Scanning example:
Ping example:
Those utilities (available from API as well) can help user to configure next hop. From the console, one could set "l2" destination MAC taken from the scan6 result:
For setting own IPv6, we use local address as described in RFC 3513.
For scanning of network, we ping the multicast address ff02::1 and establish connection via NS/ND conversations.
Additional links on scanning network:
-
Scanning of network in Ubuntu: scan6
Example of using IPv6 methods in automation:
2.10.4. Linux network namespace
From version v2.50 it is possible to attach a few Linux Network Namespaces to TRex physical interface. Each host in a namespace a.k.a Node simulating a real client. Using this method, it is possible to simulate a network with many Linux network devices, each with its own separate network stack (e.g. different ipv4/ipv6/QinQ/Dot1Q/routing/arp tables etc.)
The above figure shows two hosts, host4 and host5 attached to a virtual switch (implemented inside TRex). TRex port itself has its own namespace with its own IPv4 and IPv6 configuration (using the old API). Each host when created has a distinct mac address as a key and network configuration (IPv4,IPv6, Dot1Q,QinQ etc). The protocols are implemented by the Linux kernel (timeout,arp table,ipv6,routing per namespace).
- Let’s take an example of ingress and egress packets
-
DUT ARP request packet comes from DUT to host4 (whois host4 -broadcast). This packet reachs the TRex Rx core (due to service mode configuration in STL and by default in ASTF). Rx core will broadcast it to all nodes (host4,host5,trex-port1) host4 will answer with unicast ARP response tat will reach the DUT (by TRex switch implementation)
IPv6 MLD/Broadcast packets generated by a node (multicast/boradcast packet) will be forward only to DUT. DUT broadcast/multicast packets will be forward to all nodes.
|
|
When a new node is created. It will not send gratuitous arp Multicast/Promiscuous mode should be enabled in port level else unitcast packets won’t reach the nodes |
- The API capabilities are
-
-
Create a new node and associated it to a physical port (e.g. port 0).
-
Configure node with IPv4 and/or IPv6.
-
Remove a Node from a port.
-
Get statistics/status
-
One downside of this method is that it is a bit slow to add/remove new nodes. It could take ~100msec (due to kernel interaction) to create one. However, once the nodes were created TRex will be able to handle many of them without a problem as the traffic rate is not high (multicast/broadcast packets only) TRex can handle bursts of multicast (DUT→ many nodes) by splitting this operation to many small operations.
The scale is limited by the kernel memory and creation time.
Beacuse it is a very slow operation the API is a bit different than what we have today.
- differences
-
-
reset API will not remove all the nodes
-
Once client disconnected/connected there is no sync with the nodes information
-
"Service mode" shoule be enabled in STL (for ASTF there is no need)
-
Need to enable multicast/promiscuous mode
-
Add
stack: linux_basedin trex_cfg.yaml see Linux Stack
-
- version: 2 interfaces: ['82:00.0', '82:00.1'] stack: linux_based ...
full API could be found namespace API
Types of nodes
All nodes (node==veth) are identified by a unique MAC address, however there are some differences. There are 3 types of nodes: Normal, Shared Namespace and Bird nodes.
Normal Node
These are the default type of nodes, creating 1 namespace and 1 veth pair. Adding another new node will create another namespace with 1 veth pair. These nodes are configured by ipv4 and a default gateway (all traffic are forward to the default single veth)
cmds = NSCmds() MAC = "00:01:02:03:04:05" cmds.add_node(MAC)
| defualt node is normal node, specifying only mac address |
| configuring ipv4 with ip address and a default gateway |
More examples can be found here
Shared Namespace Node
These are nodes(veth) attached to a pre-created namespace. This way you can create multiple veths attached to the same namespace. These nodes are configured by ipv4 and a subnet mask and also can set default gateway for the whole namespace (set to one of the veth) The configuration of Dot1Q/QinQ is per veth and not per namespace
cmds = NSCmds() cmds.add_node(mac = "00:01:02:03:04:05", shared_ns = "my-ns")
| "my-ns" is the name of the pre-created namespace |
| creating a second veth pair in the same namespace |
| must specify shared_ns parameter |
Bird Node
Bird node is a specific case of shared namespace node. Bird namespace is created once running TRex with "--bird-server" flag, in that way they are similar to shared namespace.
To learn more on the usage of bird with TRex see:
Summary of node types differences
Node Type |
Node : veth ratio |
Namespace creation |
Subnet mask |
Default Gateway |
Normal |
1 : 1 |
Created on each node |
Not in use, using default gateway |
1 for the whole node |
Shared Namespace |
1 : Many |
Created by "add_shared_ns" command, name determined by TRex |
Configured at "set_ipv4/6" |
1 for the whole namespace |
Bird |
1 : Many |
Pre-created , name determined by TRex |
Configured at "set_ipv4/6" |
Not in use, using subnet mask |
|
|
Notice namespaces cannot communicate with each other since they are all passing packets through TRex ports to the DUT. |
Add one node using batch API
In this example, one node with MAC: "00:01:02:03:04:05" and ipv4="1.1.1.3" default_gateway ="1.1.1.2" and IPv6 enabled will be added.
The API takes a batch of operations. Those operation could work in parallel to other API (e.g. traffic)
to verify the response need to call wait_for_async_results API
c = STLClient(verbose_level = 'error')
c.connect()
my_ports=[0,1]
c.reset(ports = my_ports)
# move to service mode
c.set_service_mode (ports = my_ports, enabled = True)
cmds=NSCmds()
MAC="00:01:02:03:04:05"
cmds.add_node(MAC) # add namespace
cmds.set_vlan(MAC,[123,123]) # add valn + QinQ tags
cmds.set_ipv4(MAC,"1.1.1.3","1.1.1.2") # configure ipv4 and default gateway
cmds.set_ipv6(MAC,True) # enable ipv6 (auto mode, get src addrees from the router)
# start the batch
c.set_namespace_start( 0, cmds)
# wait for the results
res = c.wait_for_async_results(0)
# print the results
print(res); | reset API won’t remove old nodes |
| move to service mode |
| define a NSCmds object,it will be filled with async commands |
| Add a new node |
| configure ipv4 |
| enable ipv6 |
| provide the objects with all the commands to set_namespace_start |
| wait for the operation to finished |
Blocking API
c = STLClient(verbose_level = 'error') c.connect() my_ports=[0,1] c.reset(ports = my_ports) # move to service mode c.set_service_mode (ports = my_ports, enabled = True) # remove all old name spaces from all the ports c.namespace_remove_all() # utility function MAC="00:01:02:03:04:05" # each function will block c.set_namespace(0,method='add_node',mac=MAC)
| There is no need to fill the object NSCmds. Call set_namespace API with the namespace requested API |
Statistics query
c = STLClient(verbose_level = 'error') c.connect() my_ports=[0,1] c.reset(ports = my_ports) # get all active nodes on port 0 r=c.set_namespace(0, method='get_nodes')
| Get the active nodes (mac for each node) |
| Get full information per node |
| Get stats counters (names/type) |
| Get counters values |
Ping to a new node
In this setup there are two ports 1.1.1.1 (port0) <→ 1.1.1.2 (port1)
This is the configuration before:
trex>portattr -a
Port Status
port | 0 | 1
----------------+----------------------+---------------------
driver | net_vmxnet3 | net_vmxnet3
description | VMXNET3 Ethernet C | VMXNET3 Ethernet C
link status | UP | UP
link speed | 10 Gb/s | 10 Gb/s
port status | IDLE | IDLE
promiscuous | off | off
multicast | on | on
flow ctrl | N/A | N/A
vxlan fs | N/A | N/A
-- | |
layer mode | IPv4 | IPv4
src IPv4 | 1.1.1.1 | 1.1.1.2
IPv6 | off | off
src MAC | 00:0c:29:b4:e7:e9 | 00:0c:29:b4:e7:11
--- | |
Destination | 1.1.1.2 | 1.1.1.1
ARP Resolution | 00:0c:29:b4:e7:11 | 00:0c:29:b4:e7:e9
---- | |
VLAN | - | -
----- | |
PCI Address | 0000:0b:00.0 | 0000:0c:00.0
NUMA Node | 0 | 0
RX Filter Mode | hardware match | hardware match
RX Queueing | off | off
Grat ARP | off | off
------ | |Let’s make sure we are in promiscuous mode and service mode
trex>portattr --mul on trex>portattr --prom on trex>service
trex>portattr -a Port Status port | 0 | 1 ----------------+----------------------+--------------------- driver | net_vmxnet3 | net_vmxnet3 description | VMXNET3 Ethernet C | VMXNET3 Ethernet C link status | UP | UP link speed | 10 Gb/s | 10 Gb/s port status | IDLE | IDLE promiscuous | on | on multicast | on | on flow ctrl | N/A | N/A vxlan fs | N/A | N/A -- | | layer mode | IPv4 | IPv4 src IPv4 | 1.1.1.1 | 1.1.1.2 IPv6 | off | off src MAC | 00:0c:29:b4:e7:e9 | 00:0c:29:b4:e7:11 --- | | Destination | 1.1.1.2 | 1.1.1.1 ARP Resolution | 00:0c:29:b4:e7:11 | 00:0c:29:b4:e7:e9 ---- | | VLAN | - | - ----- | | PCI Address | 0000:0b:00.0 | 0000:0c:00.0 NUMA Node | 0 | 0 RX Filter Mode | hardware match | hardware match RX Queueing | off | off Grat ARP | off | off ------
Let’s call this script to add a new node on port 0
cmds=NSCmds()
MAC="00:01:02:03:04:05"
cmds.add_node(MAC)
cmds.set_ipv4(MAC,"1.1.1.3","1.1.1.2")
cmds.set_ipv6(MAC,True)
res = c.set_namespace_start( 0, cmds)
res = c.wait_for_async_results(0)
Now we can ping to the new node
trex(service)>l3 -p 1 --src 1.1.1.2 --dst 1.1.1.3 trex(service)>ping -p 1 -d 1.1.1.3 Pinging 1.1.1.3 from port 1 with 64 bytes of data: Reply from 1.1.1.3: bytes=64, time=32.29ms, TTL=64 Reply from 1.1.1.3: bytes=64, time=3.73ms, TTL=64 Reply from 1.1.1.3: bytes=64, time=3.89ms, TTL=64 Reply from 1.1.1.3: bytes=64, time=2.85ms, TTL=64 Reply from 1.1.1.3: bytes=64, time=2.82ms, TTL=64
to debug it from Linux shell you can do this
$sudo ip netns showThis will shows al the network namespace
for port 0 the name is trex-a-0-x where X is the number of the namespace
to look into the information
$sudo ip netns exec trex-a-0-1 ifconfig trex-a-0-1-L: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 9280 inet 1.1.1.3 netmask 255.255.255.255 broadcast 0.0.0.0 inet6 fe80::201:2ff:fe03:405 prefixlen 64 scopeid 0x20<link> ether 00:01:02:03:04:05 txqueuelen 1000 (Ethernet) RX packets 1 bytes 60 (60.0 B) RX errors 0 dropped 1 overruns 0 frame 0 TX packets 8 bytes 648 (648.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
|
|
It is possible to monitor and capture the traffic from/to the namespace using the usual capture capability |
|
|
You won’t be able to ping 1.1.1.1 (original port ip) as TRex ping has one default gateway |
Console commands example
The Console commands objective is for low scale operation add/removing one node at a time The folowing example present that
trex(service)>ns add -p 0 --mac 00:01:02:03:04:05 --src 1.1.1.3 --dst 1.1.1.2 --ipv6 trex(service)>ns show-node -p 0 --mac 00:01:02:03:04:05 {'nodes': [{'ether': {'src': '00:01:02:03:04:05'}, 'ipv4': {'dst': '1.1.1.2', 'src': '1.1.1.3'}, 'ipv6': {'enabled': True, 'src': ''}, 'linux-ns': 'trex-a-0-1', 'linux-veth-external': 'trex-a-0-1-T', 'linux-veth-internal': 'trex-a-0-1-L', 'vlan': {'tags': []}}]} trex(service)>ns show-nodes -p 0 Setting port 0 in with namespace configuration [SUCCESS] wait_for_async_results [SUCCESS] ns nods node-id | mac -----------+------------------ 0 | 00:01:02:03:04:05 trex(service)>ns show-counters -p 0 Setting port 0 in with namespace configuration [SUCCESS] wait_for_async_results [SUCCESS] ns stats name | value | help ---------------------+-------------------+--------------------- rx_unicast_bytes | 60 | rx unicast bytes tx_multicast_bytes | 648 | tx multicast bytes rx_unicast_pkts | 1 | rx unicast pkts tx_multicast_pkts | 8 | tx multicast pkts rx_multicast_bytes | 480 | rx multicast bytes rx_multicast_pkts | 8 | rx multicast pkts
2.11. Traffic profile tutorials
2.11.1. Tutorial: Simple interleaving streams
- Goal
-
Demonstrate interleaving of multiple streams.
The following example demonstrates 3 streams with different rates (10, 20, 40 PPS) and different start times, based on an inter-stream gap (ISG) of 0, 25 msec, or 50 msec.
- File
def create_stream (self): # create a base packet and pad it to size size = self.fsize - 4 # no FCS base_pkt = Ether()/IP(src="16.0.0.1",dst="48.0.0.1")/UDP(dport=12,sport=1025)
| Defines template packets using Scapy. |
| Defines streams with rate of 10 PPS. |
| Defines streams with rate of 20 PPS. |
|
Defines streams with rate of 40 PPS.
|
- Discussion
-
-
Stream #1
-
Schedules a packet each 100 msec
-
-
Stream #2
-
Schedules a packet each 50 msec
-
Starts 25 msec after stream #1
-
-
Stream #3
-
Schedules a packet each 25 msec
-
Starts 50 msec after stream #1
-
-
You can run the traffic profile in the TRex simulator and view the details in the PCAP file containing the simulation output.
[bash]>./stl-sim -f stl/simple_3pkt.py -o b.pcap -l 200
To run the traffic profile from console in TRex, use the following command.
trex>start -f stl/simple_3pkt.py -m 10mbps
2.11.2. Tutorial: Multi burst streams - action next stream
- Goal
-
Create a profile with a stream that trigger another stream
The following example demonstrates:
-
More than one stream
-
Burst of 10 packets
-
One stream activating another stream (see
self_start=Falsein the traffic profile)
def create_stream (self): # create a base packet and pad it to size size = self.fsize - 4 # no FCS base_pkt = Ether()/IP(src="16.0.0.1",dst="48.0.0.1")/UDP(dport=12,sport=1025) base_pkt1 = Ether()/IP(src="16.0.0.2",dst="48.0.0.1")/UDP(dport=12,sport=1025) base_pkt2 = Ether()/IP(src="16.0.0.3",dst="48.0.0.1")/UDP(dport=12,sport=1025) pad = max(0, size - len(base_pkt)) * 'x' return STLProfile( [ STLStream( isg = 10.0, # star in delay name ='S0', packet = STLPktBuilder(pkt = base_pkt/pad), mode = STLTXSingleBurst( pps = 10, total_pkts = 10),
|
Stream S0 is configured to self_start=True, starts after 10 sec.
|
|
S1 is configured to self_start=False, activated by stream S0.
|
| S2 is activated by S1. |
To run the simulation, use this command.
[bash]>./stl-sim -f stl/stl/burst_3pkt_60pkt.py -o b.pcap
The generated PCAP file has 60 packets. The first 10 packets have src_ip=16.0.0.1. The next 20 packets has src_ip=16.0.0.2. The next 30 packets has src_ip=16.0.0.3.
This run the profile from console use this command.
TRex>start -f stl/stl/burst_3pkt_60pkt.py --port 0
2.11.3. Tutorial: Multi-burst mode
Goal : Use Multi-burst transmit mode
def create_stream (self):
# create a base packet and pad it to size
size = self.fsize - 4 # no FCS
base_pkt = Ether()/IP(src="16.0.0.1",dst="48.0.0.1")/UDP(dport=12,sport=1025)
base_pkt1 = Ether()/IP(src="16.0.0.2",dst="48.0.0.1")/UDP(dport=12,sport=1025)
pad = max(0, size - len(base_pkt)) * 'x'
return STLProfile( [ STLStream( isg = 10.0, # start in delay
name ='S0',
packet = STLPktBuilder(pkt = base_pkt/pad),
mode = STLTXSingleBurst( pps = 10, total_pkts = self.burst_size),
next = 'S1'), # point to next stream
STLStream( self_start = False, # stream is disabled. Enabled by S0
name ='S1',
packet = STLPktBuilder(pkt = base_pkt1/pad),
mode = STLTXMultiBurst( pps = 1000,
pkts_per_burst = 4,
ibg = 1000000.0,
count = 5)
)
]).get_streams()
| Stream S0 waits 10 usec (inter-stream gap, ISG) and then sends a burst of self.burst_size packets at 10 PPS. |
| Multi-burst of 5 bursts of 4 packets with an inter-burst gap of 1 second. |
The following illustration does not fully match the Python example cited above. It has been simplified, such as using a 0.5 second ISG, for illustration purposes.
2.11.4. Tutorial: Loops of streams
Goal: Demonstrate a limited loop of streams.
def create_stream (self): # create a base packet and pad it to size size = self.fsize - 4 # no FCS base_pkt = Ether()/IP(src="16.0.0.1",dst="48.0.0.1")/UDP(dport=12,sport=1025) base_pkt1 = Ether()/IP(src="16.0.0.2",dst="48.0.0.1")/UDP(dport=12,sport=1025) base_pkt2 = Ether()/IP(src="16.0.0.3",dst="48.0.0.1")/UDP(dport=12,sport=1025) pad = max(0, size - len(base_pkt)) * 'x' return STLProfile( [ STLStream( isg = 10.0, # start in delay name ='S0', packet = STLPktBuilder(pkt = base_pkt/pad), mode = STLTXSingleBurst( pps = 10, total_pkts = 1), next = 'S1'), # point to next stream STLStream( self_start = False, # stream is disabled. Enabled by S0 name ='S1', packet = STLPktBuilder(pkt = base_pkt1/pad), mode = STLTXSingleBurst( pps = 10, total_pkts = 2), next = 'S2' ), STLStream( self_start = False, # stream is disabled. Enabled by S1 name ='S2', packet = STLPktBuilder(pkt = base_pkt2/pad), mode = STLTXSingleBurst( pps = 10, total_pkts = 3 ), action_count = 2, # loop 2 times
| Go back to S0, but limit it to 2 loops. |
2.11.5. Tutorial: IMIX with UDP packets, bi-directional
Goal: Demonstrate how to create an IMIX traffic profile.
This profile defines 3 streams, with packets of different sizes. The rate is different for each stream/size. See the Wikipedia article on Internet Mix.
- File
def __init__ (self): # default IP range self.ip_range = {'src': {'start': "10.0.0.1", 'end': "10.0.0.254"}, 'dst': {'start': "8.0.0.1", 'end': "8.0.0.254"}} # default IMIX properties self.imix_table = [ {'size': 60, 'pps': 28, 'isg':0 }, {'size': 590, 'pps': 16, 'isg':0.1 }, {'size': 1514, 'pps': 4, 'isg':0.2 } ] def create_stream (self, size, pps, isg, vm ): # create a base packet and pad it to size base_pkt = Ether()/IP()/UDP() pad = max(0, size - len(base_pkt)) * 'x' pkt = STLPktBuilder(pkt = base_pkt/pad, vm = vm) return STLStream(isg = isg, packet = pkt, mode = STLTXCont(pps = pps)) def get_streams (self, direction = 0, **kwargs):
| Constructs a diffrent stream for each direction (replaces src and dest). |
| Even port id has direction==0 and odd has direction==1. |
| Field Engine program to change fields within the packets. |
2.11.6. Tutorial: Field Engine, syn attack
The following example demonstrates changing packet fields. The Field Engine (FE) has a limited number of instructions/operation, which support most use cases.
The FE can:
-
Allocate stream variables in a stream context
-
Write a stream variable to a packet offset
-
Change packet size
-
and more…
-
Plan for future version: Add LuaJIT to be more flexible at the cost of performance.
Examples:
-
Change ipv4.tos value (1 to 10)
-
Change packet size to a random value in the range 64 to 9K
-
Create a range of flows (change src_ip, dest_ip, src_port, dest_port)
-
Update the IPv4 checksum
For more information, see: TRex RPC Server
The following example demonstrates creating a SYN attack from many src addresses to one server.
- File
def create_stream (self): # TCP SYN base_pkt = Ether()/IP(dst="48.0.0.1")/TCP(dport=80,flags="S")
| Creates SYN packet using Scapy . |
|
Defines a stream variable name=ip_src, size 4 bytes, for IPv4.
|
|
Defines a stream variable name=src_port, size 2 bytes, for port.
|
|
Writes ip_src stream var into IP.src packet offset. Scapy calculates the offset. Can specify IP:1.src for a second IP header in the packet.
|
|
Fixes IPv4 checksum. Provides the header name IP. Can specify IP:1 for a second IP.
|
|
Writes src_port stream var into TCP.sport packet offset. TCP checksum is not updated here.
|
|
Original Scapy cannot calculate offset for a header/field by name. This offset capability will not work for all cases. In some complex cases, Scapy may rebuild the header. In such cases, specify the offset as a number. |
Output PCAP file:
| pkt | Client IPv4 | Client Port |
|---|---|---|
1 |
17.152.71.218 |
5814 |
2 |
17.7.6.30 |
26810 |
3 |
17.3.32.200 |
1810 |
4 |
17.135.236.168 |
55810 |
5 |
17.46.240.12 |
1078 |
6 |
16.133.91.247 |
2323 |
2.11.7. Tutorial: Field Engine, tuple generator
The following example creates multiple flows from the same packet template. The Tuple Generator instructions are used to create two stream variables for IP and port. See: TRex RPC Server
base_pkt = Ether()/IP(src="16.0.0.1",dst="48.0.0.1")/UDP(dport=12,sport=1025) pad = max(0, size - len(base_pkt)) * 'x' vm = STLScVmRaw( [ STLVmTupleGen ( ip_min="16.0.0.1",
| Defines a struct with two dependent variables: tuple.ip, tuple.port |
|
Writes the tuple.ip variable to IPv4.src field offset.
|
|
Writes the tuple.port variable to UDP.sport field offset. Set UDP.checksum to 0.
|
| pkt | Client IPv4 | Client Port |
|---|---|---|
1 |
16.0.0.1 |
1025 |
2 |
16.0.0.2 |
1025 |
3 |
16.0.0.1 |
1026 |
4 |
16.0.0.2 |
1026 |
5 |
16.0.0.1 |
1027 |
6 |
16.0.0.2 |
1027 |
-
Number of clients: 2: 16.0.0.1 and 16.0.0.2
-
Number of flows is limited to 129020: (2 * (65535-1025))
-
The stream variable size should match the size of the FlowVarWr instruction.
2.11.8. Tutorial: Field Engine, write to a bit-field packet
The following example writes a stream variable to a bit field packet variable. In this example, an MPLS label field is changed.
Label |
TC |
S |
TTL |
||||||||||||||||||||||||||||
0 |
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
0 |
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
0 |
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
0 |
1 |
def create_stream (self):
# 2 MPLS label the internal with s=1 (last one)
pkt = Ether()/
MPLS(label=17,cos=1,s=0,ttl=255)/
MPLS(label=0,cos=1,s=1,ttl=12)/
IP(src="16.0.0.1",dst="48.0.0.1")/
UDP(dport=12,sport=1025)/('x'*20)
vm = STLScVmRaw( [ STLVmFlowVar(name="mlabel",
min_value=1,
max_value=2000,
size=2, op="inc"), # 2 bytes var
STLVmWrMaskFlowVar(fv_name="mlabel",
pkt_offset= "MPLS:1.label",
pkt_cast_size=4,
mask=0xFFFFF000,shift=12) # write to 20bit MSB
]
)
# burst of 100 packets
return STLStream(packet = STLPktBuilder(pkt = pkt ,vm = vm),
mode = STLTXSingleBurst( pps = 1, total_pkts = 100) )
| Defines a variable size of 2 bytes. |
| Writes the stream variable label with a shift of 12 bits, with a 20-bit MSB mask. Cast the stream variables of 2 bytes to 4 bytes. |
| Change the second MPLS header. |
2.11.9. Tutorial: Field Engine, random packet size
The following example demonstrates varies the packet size randomly, as follows:
-
Defines the template packet with maximum size.
-
Trims the packet to the size you want.
-
Updates the packet fields according to the new size.
def create_stream (self):
# pkt
p_l2 = Ether()
p_l3 = IP(src="16.0.0.1",dst="48.0.0.1")
p_l4 = UDP(dport=12,sport=1025)
pyld_size = max(0, self.max_pkt_size_l3 - len(p_l3/p_l4))
base_pkt = p_l2/p_l3/p_l4/('\x55'*(pyld_size))
l3_len_fix =-(len(p_l2))
l4_len_fix =-(len(p_l2/p_l3))
# vm
vm = STLScVmRaw( [ STLVmFlowVar(name="fv_rand",
min_value=64,
max_value=len(base_pkt),
size=2,
op="random"),
STLVmTrimPktSize("fv_rand"), # total packet size
STLVmWrFlowVar(fv_name="fv_rand",
pkt_offset= "IP.len",
add_val=l3_len_fix), # fix ip len
STLVmFixIpv4(offset = "IP"),
STLVmWrFlowVar(fv_name="fv_rand",
pkt_offset= "UDP.len",
add_val=l4_len_fix) # fix udp len
]
) | Defines a random stream variable with the maximum size of the packet. |
|
Trims the packet size to the fv_rand value.
|
| Fixes ip.len to reflect the packet size. |
| Fixes udp.len to reflect the packet size. |
2.11.10. Tutorial: Field Engine: Pre-caching to improve performance
The following example demonstrates how to significantly improve Field Engine performance, if necessary.
The Field Engine has a cost in CPU resources: CPU cycles and CPU memory bandwidth (bandwidth available for CPU to read from or write to memory). It is possible to significantly improve performance by caching the packets and running the Field Engine offline (before sending the packets). Typically, this is done with small packets (example: 64 bytes) where performance is an issue. This method can also improve a large-packet senario with a complex Field Engine program.
Limitations of the pre-caching method:
-
Only a limited number of packets can be cached. The total number of cached packets for all the streams on all ports is limited by the memory pool (range: approximately 10 - 40K).
-
Pre-caching packets is not appropriate for some traffic requirements. Examples: A program that steps in prime numbers or uses a random variable.
An example of a scenario that cannot use this method, due to the packet limitation, is a program that changes the src_ip randomly. Pre-caching a limited number of packets would not be compatible with continuously varying the src_ip randomly.
def create_stream (self):
# create a base packet and pad it to size
size = self.fsize - 4; # no FCS
base_pkt = Ether()/IP(src="16.0.0.1",dst="48.0.0.1")/UDP(dport=12,sport=1025)
pad = max(0, size - len(base_pkt)) * 'x'
vm = STLScVmRaw( [ STLVmFlowVar ( "ip_src",
min_value="10.0.0.1",
max_value="10.0.0.255",
size=4, step=1,op="inc"),
STLVmWrFlowVar (fv_name="ip_src",
pkt_offset= "IP.src" ),
STLVmFixIpv4(offset = "IP")
],
split_by_field = "ip_src",
cache_size =255 # the cache size
);
pkt = STLPktBuilder(pkt = base_pkt/pad,
vm = vm)
stream = STLStream(packet = pkt,
mode = STLTXCont())
return stream
|
Cache 255 packets. The range is the same as the ip_src stream variable.
|
This example FE program is fully compatible with pre-caching - the traffic output is exactly the same as when running without pre-caching. Caching the packets enables the program to run 2 to 5 times faster.
2.11.11. Tutorial: New Scapy header
The following example uses a header that is not supported by Scapy by default. The example demonstrates VXLAN support.
# Adding header that does not exists yet in Scapy # This was taken from pull request of Scapy # # RFC 7348 - Virtual eXtensible Local Area Network (VXLAN):
| Downloads and adds a Scapy header from the specified location. An alternative is to write a Scapy header. |
| Apply the header. |
For more information how to define headers see Adding new protocols in the Scapy documentation.
2.11.12. Tutorial: Field Engine, Multiple Clients
The following example generates traffic from many clients with different IP/MAC addresses to one server.
-
Send a gratuitous ARP from B→D with server IP/MAC (58.55.1.1).
-
DUT learns the ARP of server IP/MAC (58.55.1.1).
-
Send traffic from A→C with many client IP/MAC addresses.
Example:
-
Base source IPv4: 55.55.1.1
-
Destination IPv4: 58.55.1.1
Increment src ipt portion starting at 55.55.1.1 for n number of clients (55.55.1.1, 55.55.1.2)
Src MAC: Start with 0000.dddd.0001, increment MAC in steps of 1
Dst MAC: Fixed 58.55.1.1
The following sends a gratuitous ARP from the TRex server port for this server (58.0.0.1).
def create_stream (self): # create a base packet and pad it to size base_pkt = Ether(src="00:00:dd:dd:01:01", dst="ff:ff:ff:ff:ff:ff")/ ARP(psrc="58.55.1.1", hwsrc="00:00:dd:dd:01:01", hwdst="00:00:dd:dd:01:01", pdst="58.55.1.1")
Then traffic can be sent from client side: A→C
class STLS1(object): def __init__ (self): self.num_clients =30000 # max is 16bit self.fsize =64 def create_stream (self): # create a base packet and pad it to size size = self.fsize - 4 # no FCS base_pkt = Ether(src="00:00:dd:dd:00:01")/ IP(src="55.55.1.1",dst="58.55.1.1")/UDP(dport=12,sport=1025) pad = max(0, size - len(base_pkt)) * 'x' vm = STLScVmRaw( [ STLVmFlowVar(name="mac_src", min_value=1, max_value=self.num_clients, size=2, op="inc"), # 1 byte varible, range 1-10 STLVmWrFlowVar(fv_name="mac_src", pkt_offset= 10),
|
Writes the stream variable mac_src with an offset of 10 (last 2 bytes of src_mac field). The offset is specified explicitly as 10 bytes from the beginning of the packet.
|
|
Writes the stream variable mac_src with an offset determined by the offset of IP.src plus the offset_fixup of 2.
|
2.11.13. Tutorial: Field Engine, many clients with ARP
In the following example, there are two switches: SW1 and SW2. TRex port 0 is connected to SW1 and TRex port 1 is connected to SW2. There are 253 hosts connected to SW1 and SW2 with two network ports.
| Name | Description |
|---|---|
TRex port 0 MAC |
00:00:01:00:00:01 |
TRex port 0 IPv4 |
16.0.0.1 |
IPv4 host client side range |
16.0.0.2-16.0.0.254 |
MAC host client side range |
00:00:01:00:00:02-00:00:01:00:00:FE |
| Name | Description |
|---|---|
TRex port 1 MAC |
00:00:02:00:00:01 |
TRex port 1 IPv4 |
48.0.0.1 |
IPv4 host server side range |
48.0.0.2-48.0.0.254 |
MAC host server side range |
00:00:02:00:00:02-00:00:02:00:00:FE |
In the following example, there are two switches: SW1 and SW2. TRex port 0 is connected to SW1 and TRex port 1 is connected to SW2. In this example, because there are many hosts connected to the same network using SW1 and not as a next hop, we would like to teach SW1 the MAC addresses of the hosts and not to send the traffic directly to the hosts MAC (as it is unknown). For that we would send an ARP to all the hosts (16.0.0.2-16.0.0.254) from TRex port 0 and gratuitous ARP from server side (48.0.0.1) TRex port 1 as the first stage of the test.
Procedure:
-
Send a gratuitous ARP from TRex port 1 with server IP/MAC (48.0.0.1). Now SW2 will know that 48.0.0.1 is located after this port of SW2.
-
Send ARP request for all hosts from port 0 with a range of 16.0.0.2-16.0.0.254. Now all switch ports will learn the PORT/MAC locations. Without this stage, the first packets from TRex port 0 would be flooded to all switch ports.
-
Send traffic from TRex0→clients, port 1→servers.
base_pkt = Ether(dst="ff:ff:ff:ff:ff:ff")/ ARP(psrc="16.0.0.1",hwsrc="00:00:01:00:00:01", pdst="16.0.0.2")
| ARP packet with TRex port 0 MAC and IP and pdst as variable. |
|
Write it to ARP.pdst.
|
base_pkt = Ether(src="00:00:02:00:00:01",dst="ff:ff:ff:ff:ff:ff")/
ARP(psrc="48.0.0.1",hwsrc="00:00:02:00:00:01",
hwdst="00:00:02:00:00:01", pdst="48.0.0.1")
| Gratuitous ARP packet with TRex port 1 MAC and IP. No VM is needed. |
|
|
This can be also be done for IPv6. ARP could be replaced with Neighbor Solicitation IPv6 packet. |
2.11.14. Tutorial: Field Engine, null stream
The following example creates a stream with no packets. The example uses the inter-stream gap (ISG) of the null stream, and then starts a new stream. Essentially, this uses one property of the stream (ISG) without actually including packets in the stream.
This method can create loops like the following:
- File
def create_stream(self): size = self.fsize - 4 # no FCS base_pkt = Ether()/IP(src = "16.0.0.1", dst = "48.0.0.1")/UDP(dport = 12, sport = 1025) pad = max(0, size - len(base_pkt)) * 'x' return STLProfile([ STLStream( name = 'S1',
| S1 - Sends a burst of packets, then proceed to stream NULL. |
| NULL - Waits the inter-stream gap (ISG) time, then proceeds to S1. |
Null stream configuration requirements:
-
Mode: Single Burst
-
dummy_stream = True
2.11.15. Tutorial: Field Engine, stream barrier (split)
(Future feature - not yet implemented)
In some situations, it is necessary to split streams into threads in such a way that specific streams will continue only after all the threads have passed the same path. In the figure below, a barrier ensures that stream S3 starts only after all threads of S2 are complete.
2.11.16. Tutorial: PCAP file to one stream
- Goal
-
Load a stream template packet from a PCAP file instead of Scapy.
Assumption: The PCAP file contains only one packet. If the PCAP file contains more than one packet, this procedure loads only the first packet.
- File
def get_streams (self, direction = 0, **kwargs):
return [STLStream(packet =
STLPktBuilder(pkt ="stl/udp_64B_no_crc.pcap"), # path relative to pwd
mode = STLTXCont(pps=10)) ]
| Takes the packet from the specified PCAP file. The file location is relative to the directory in which you are running the script. |
def get_streams (self, direction = 0, **kwargs):
return [STLStream(packet = STLPktBuilder(pkt ="udp_64B_no_crc.pcap",
path_relative_to_profile = True),
mode = STLTXCont(pps=10)) ]
| Takes the packet from the PCAP file, relative to the directory of the profile file location. |
2.11.17. Tutorial: Teredo tunnel (IPv6 over IPv4)
The following example demonstrates creating an IPv6 packet within an IPv4 packet, and creating a range of IP addresses.
def create_stream (self): # Teredo Ipv6 over Ipv4 pkt = Ether()/IP(src="16.0.0.1",dst="48.0.0.1")/ UDP(dport=3797,sport=3544)/ IPv6(dst="2001:0:4137:9350:8000:f12a:b9c8:2815", src="2001:4860:0:2001::68")/ UDP(dport=12,sport=1025)/ICMPv6Unknown() vm = STLScVmRaw( [ # tuple gen for inner Ipv6 STLVmTupleGen ( ip_min="16.0.0.1", ip_max="16.0.0.2", port_min=1025, port_max=65535, name="tuple"),
|
Defines a stream struct called tuple with the following variables: tuple.ip, tuple.port
|
|
Writes a stream tuple.ip variable with an offset determined by the IPv6.src offset plus the offset_fixup of 12 bytes (only 4 LSB).
|
|
Writes a stream tuple.port variable into the second UDP header.
|
2.11.18. Tutorial: Mask instruction
STLVmWrMaskFlowVar is single-instruction-multiple-data Field Engine instruction. The pseudocode is as follows:
uint32_t val=(cast_to_size)rd_from_variable("name") # read flow-var val+=m_add_value # add value if (m_shift>0) { # shift val=val<<m_shift } else { if (m_shift<0) { val=val>>(-m_shift) } } pkt_val=rd_from_pkt(pkt_offset) # RMW pkt_val = (pkt_val & ~m_mask) | (val & m_mask) wr_to_pkt(pkt_offset,pkt_val)
- Example 1
-
In this example, STLVmWrMaskFlowVar casts a stream variable with 2 bytes to be 1 byte.
vm = STLScVmRaw( [ STLVmFlowVar(name="mac_src", min_value=1, max_value=30, size=2, op="dec",step=1), STLVmWrMaskFlowVar(fv_name="mac_src", pkt_offset= 11, pkt_cast_size=1, mask=0xff) # mask command ->write it as one byte ] )
- Example 2
-
In this example, STLVmWrMaskFlowVar shifts a variable by 8, which effectively multiplies by 256.
vm = STLScVmRaw( [ STLVmFlowVar(name="mac_src",
min_value=1,
max_value=30,
size=2, op="dec",step=1),
STLVmWrMaskFlowVar(fv_name="mac_src",
pkt_offset= 10,
pkt_cast_size=2,
mask=0xff00,
shift=8) # take the var shift it 8 (x256) write only to LSB
]
)| value |
|---|
0x0100 |
0x0200 |
0x0300 |
- Example 3
-
In this example, STLVmWrMaskFlowVar generates the values shown in the table below as offset values for
pkt_offset.
vm = STLScVmRaw( [ STLVmFlowVar(name="mac_src", min_value=1, max_value=30, size=2, op="dec",step=1), STLVmWrMaskFlowVar(fv_name="mac_src", pkt_offset= 10, pkt_cast_size=1, mask=0x1, shift=-1)
|
Divides the value of mac_src by 2, and writes the LSB. For every two packets, the value written is changed.
|
| value |
|---|
0x00 |
0x00 |
0x01 |
0x01 |
0x00 |
0x00 |
0x01 |
0x01 |
2.11.19. Tutorial: Advanced traffic profile
- Goal
-
-
Define a different profile to operate in each traffic direction.
-
Define a different profile for each port.
-
Tune a profile tune by the arguments of tunables.
-
Every traffic profile must define the following function:
def get_streams (self, direction = 0, **kwargs)
direction is a mandatory field, required for any profile being loaded.
A profile can have any key-value pairs. Key-value pairs are called "tunables" and can be used to customize the profile.
The profile defines which tunables can be input to customize output.
- Usage notes for defining parameters
-
-
All parameters require default values.
-
A profile must be loadable with no parameters specified.
-
Every tunable must be expressed as key-value pair with a default value.
-
All automatically provided values that are not tunables are defined by kwargs (Python keyword arguments).
-
For example, for the profile below, pcap_with_vm.py:
-
The profile receives direction as a tunable and mandatory field.
-
The profile defines 4 additional tunables.
-
Automatic values such as port_id, which are not tunables, will be provided on kwargs.
- File
def get_streams (self, direction = 0, ipg_usec = 10.0, loop_count = 5, ip_src_range = None, ip_dst_range = {'start' : '10.0.0.1', 'end': '10.0.0.254'}, **kwargs)
- Direction
-
directionis a tunable that is always provided by the API/console when loading a profile, but it can be overridden by the user. It is used to make the traffic profile more usable - for example, as a bi-directional profile. However, the profile can ignore this parameter.
By default, direction is defined as the remainder of port_id divided by 2 (0 for even port_id, 1 for odd port_id).
def get_streams (self, direction = 0,**kwargs): if direction = 0: rate =100
| Specifies different rates (100 and 200), based on direction. |
$start -f ex1.py -a
For 4 interfaces:
-
Interfaces 0 and 2: direction 0
-
Interfaces 1 and 3: direction 1
The rate changes accordingly.
- Customizing Profiles Using 'port_id'
-
Keyword arguments (kwargs) provide default values that are passed along to the profile.
In the following, port_id (port ID for the profile) is a **kwarg. Using port_id, you can define a complex profile based on different ID of ports, providing a different profile for each port.
def create_streams (self, direction = 0, **args): port_id = args.get('port_id') if port_id == 0: return [STLHltStream(tcp_src_port_mode = 'decrement', tcp_src_port_count = 10, tcp_src_port = 1234, tcp_dst_port_mode = 'increment', tcp_dst_port_count = 10, tcp_dst_port = 1234, name = 'test_tcp_ranges', direction = direction, rate_pps = rate, ), ] if port_id == 1: return STLHltStream( #enable_auto_detect_instrumentation = '1', # not supported yet ip_dst_addr = '192.168.1.3', ip_dst_count = '1', ip_dst_mode = 'increment', ip_dst_step = '0.0.0.1', ip_src_addr = '192.168.0.3', ip_src_count = '1', ip_src_mode = 'increment', ip_src_step = '0.0.0.1', l3_imix1_ratio = 7, l3_imix1_size = 70, l3_imix2_ratio = 4, l3_imix2_size = 570, l3_imix3_ratio = 1, l3_imix3_size = 1518, l3_protocol = 'ipv4', length_mode = 'imix', #mac_dst_mode = 'discovery', # not supported yet mac_src = '00.00.c0.a8.00.03', mac_src2 = '00.00.c0.a8.01.03', pkts_per_burst = '200000', rate_percent = '0.4', transmit_mode = 'continuous', vlan_id = '1', direction = direction, ) if port_id = 3: ..
- Full example using the TRex Console
-
The following command displays information about tunables for the pcap_with_vm.py traffic profile.
-=TRex Console v1.1=- Type 'help' or '?' for supported actions trex>profile -f stl/pcap_with_vm.py Profile Information: General Information: Filename: stl/pcap_with_vm.py Stream count: 5 Specific Information: Type: Python Module Tunables: ['direction = 0', 'ip_src_range = None', 'loop_count = 5', 'ipg_usec = 10.0', "ip_dst_range = {'start': '10.0.0.1', 'end': '10.0.0.254'}"] trex>
You can specify values for tunables. The following command changes two values (ipg_usec and loop_count):
trex>start -f stl/pcap_with_vm.py -t ipg_usec=15.0,loop_count=25 Removing all streams from port(s) [0, 1, 2, 3]: [SUCCESS] Attaching 5 streams to port(s) [0]: [SUCCESS] Attaching 5 streams to port(s) [1]: [SUCCESS] Attaching 5 streams to port(s) [2]: [SUCCESS] Attaching 5 streams to port(s) [3]: [SUCCESS] Starting traffic on port(s) [0, 1, 2, 3]: [SUCCESS] 61.10 [ms] trex>
The following command customizes these to different ports:
trex>start -f stl/pcap_with_vm.py --port 0 1 -t ipg_usec=15.0,loop_count=25#ipg_usec=100,loop_count=300 Removing all streams from port(s) [0, 1]: [SUCCESS] Attaching 5 streams to port(s) [0]: [SUCCESS] Attaching 5 streams to port(s) [1]: [SUCCESS] Starting traffic on port(s) [0, 1]: [SUCCESS] 51.00 [ms] trex>
2.11.20. Tutorial: Per stream statistics
-
Per stream statistics are implemented using hardware assist when possible (examples: Intel X710/XL710 NIC flow director rules).
-
With other NICs (examples: Intel I350, 82599), per stream statistics are implemented in software.
-
Implementation:
-
User chooses 32-bit packet group ID (pg_id) for each stream that requires statistics reporting. The same pg_id can be used for more than one stream. In this case, statistics for all streams with the same pg_id will be combined.
-
The IPv4 identification (or IPv6 flow label for IPv6 packet) field of the stream is changed to a value within the reserved range 0xff00 to 0xffff (0xff00 to 0xfffff for IPv6). Note that if a stream for which no statistics are needed has an IPv4 Id (or IPv6 flow label) in the reserved range, it is changed (the left bit becomes 0).
-
Software implementation: Hardware rules are used to direct packets from relevant streams to rx threads, where they are counted.
-
Hardware implementation: Hardware rules are inserted to count packets from relevant streams.
-
-
Summed up statistics (per stream, per port) is sent using a ZMQ channel to clients upon request.
- Limitations
-
The feature supports only following packet types.
-
IPv4 over Ethernet.
-
IPv4 with one VLAN tag (except 82599 which does not support this type of packet).
-
IPv6 over Ethernet (except 82599 which does not support this type of packet).
-
IPv6 with one VLAN tag (except 82599 which does not support this type of packet).
-
Beginning with version 2.21, QinQ (two vlan tags) is supported if using “- - software” command line argument (details).
-
-
Maximum number of concurrent streams (with different pg_id) on which statistics may be collected is described in the following table.
| NIC type | Max streams supported using HW filters | Using “- - software” (from version 2.23) |
|---|---|---|
i350 |
255 |
1023 |
x710 |
127 |
1023 |
xl710 |
255 |
1023 |
82599 |
127 |
1023 |
Mellanox |
127 |
127 |
virtio/vmxnet/other virtual NICs (Always working implicitly in “- - software” mode) |
1023 |
1023 |
-
On x710/xl710 cards, rx bytes counters (rx-bps, rx-bps-L1, …) are not supported. This is because we use hardware counters which support only packets count on these cards.
Starting from version 2.21, you can specify the “--no-hw-flow-stat” command line argument to make x710 behave like other cards, and count statistics in software. This enables RX byte count support, but limits the total rate of streams that can be counted.
Two examples follow, one using the console and the other using the Python API.
- Console
-
The following simple traffic profile defines 2 streams and configures them with 2 different PG IDs.
- File
class STLS1(object): def get_streams (self, direction = 0): return [STLStream(packet = STLPktBuilder(pkt ="stl/udp_64B_no_crc.pcap"), mode = STLTXCont(pps = 1000), flow_stats = STLFlowStats(pg_id = 7)),
| Assigned to PG ID 7. |
| Assigned to PG ID 12. |
The following command injects this to the console and uses the textual user interface (TUI) to display the TRex activity:
trex>start -f stl/flow_stats.py --port 0 Removing all streams from port(s) [0]: [SUCCESS] Attaching 2 streams to port(s) [0]: [SUCCESS] Starting traffic on port(s) [0]: [SUCCESS] 155.81 [ms] trex>tui Streams Statistics PG ID | 12 | 7 -------------------------------------------------- Tx pps | 5.00 Kpps | 999.29 pps #
| Tx bandwidth of the streams matches the configured values. |
| Rx bandwidth (999.29 pps) matches the Tx bandwidth (999.29 pps), indicating that there were no drops. |
| RX byte count is not supported on this platform (no hardware support for byte count), so TRex displays N/A. You can add “--no-hw-flow-stat” command line argument to count everything in software, but max rate of streams that can be tracked will be lower. |
| opackets/ipackets/obytes/ibytes appear twice, first with accurate number, and second time formatted. |
- Flow Stats Using The Python API
-
The Python API example uses the following traffic profile:
def rx_example (tx_port, rx_port, burst_size): # create client c = STLClient() try: pkt = STLPktBuilder(pkt = Ether()/IP(src="16.0.0.1",dst="48.0.0.1")/ UDP(dport=12,sport=1025)/IP()/'a_payload_example') s1 = STLStream(name = 'rx', packet = pkt, flow_stats = STLFlowStats(pg_id = 5),
| Configures the stream to use PG ID 5. |
| The structure of the object 'flow_stats' is described below. |
2.11.21. Tutorial: flow_stats object structure
The flow_stats object is a dictionary whose keys are the configured PG IDs. The next level is a dictionary containing tx_pkts, tx_bytes, rx_pkts, and rx_bytes (on supported HW). Each of these keys contains a dictionary of per port values.
The following shows a flow_stats object for 3 PG IDs after a specific run:
{
5: {'rx_pkts' : {0: 0, 1: 0, 2: 500000, 3: 0, 'total': 500000},
'tx_bytes' : {0: 0, 1: 39500000, 2: 0, 3: 0, 'total': 39500000},
'tx_pkts' : {0: 0, 1: 500000, 2: 0, 3: 0, 'total': 500000}},
7: {'rx_pkts' : {0: 0, 1: 0, 2: 0, 3: 288, 'total': 288},
'tx_bytes' : {0: 17280, 1: 0, 2: 0, 3: 0, 'total': 17280},
'tx_pkts' : {0: 288, 1: 0, 2: 0, 3: 0, 'total': 288}},
12: {'rx_pkts' : {0: 0, 1: 0, 2: 0, 3: 1439, 'total': 1439},
'tx_bytes': {0: 849600, 1: 0, 2: 0, 3: 0, 'total': 849600},
'tx_pkts' : {0: 1440, 1: 0, 2: 0, 3: 0, 'total': 1440}}
}2.11.22. Tutorial: Per stream latency/jitter/packet errors
-
Per stream latency/jitter is implemented by software. This is an extension of the per stream statistics. Whenever you choose to display latency info for a stream, the statistics described in the "Per stream statistics" section are also available.
-
Implementation:
-
Select a 32-bit packet group ID (pg_id) for each stream that requires latency reporting. The pg_id should be unique per stream.
-
The IPv4 identification field (or IPv6 flow label in case of IPv6 packet) of the stream is changed to a defined constant value (in the reserved range described in the "per stream statistics" section), to signal to the hardware to pass the stream to the software.
-
The last 16 bytes of the packet payload are used to pass needed information: ID of the stream, packet sequence number (per stream), timestamp of packet transmission.
-
-
Gathered info (per stream) is sent to clients over a ZeroMQ messaging channel upon request.
- Limitations
-
The feature supports only the following packet types. (Exception: When using the “--software” command line arg, all packet types are supported.)
-
IPv4 over Ethernet
-
IPv4 with one VLAN tag (except 82599 which does not support this type of packet)
-
IPv6 over Ethernet (except 82599 which does not support this type of packet)
-
IPv6 with one VLAN tag (except 82599 which does not support this type of packet)
-
-
Packets must contain at least 16 bytes of payload.
-
Each stream must have unique pg_id number. This also means that a given "latency collecting" stream can’t be transmitted from two interfaces in parallel (internally it means that there are two streams).
-
Maximum number of concurrent streams (with different pg_id) on which latency info may be collected: 128 (in addition to the streams which collect per stream statistics)
-
Global multiplier does not apply to this type of stream. Latency streams are processed by software, so multiplying them might inadvertently overwhelm the RX core. Consequently, if you have profile with 1 latency stream and 1 non-latency stream, and you change the traffic multipler, the latency stream keeps the same rate. To change the rate of a latency stream, manually edit the profile file. Usually this is not necessary because normally you stress the system using non latency stream, and (in parallel) measure latency using a constant-rate latency stream.
|
|
Latency streams (transmit or receive) are not supported at full line rate like normal streams. This is a design feature intended to keep latency measurement accurate while preserving CPU resources. Typically, it is sufficient to have a low-rate latency stream. For example, if the required latency resolution is 10 usec, it is not necessary to send a latency stream at a speed higher than 100 KPPS. Typically, queues are built over time, so it is not possible that one packet will have latency and another packet in the same path will not have the same latency. The non-latency streams can be at full line rate, to load the DUT, while the low speed latency streams measure the latency of this path. Do not make the total rate of latency streams higher than 5 MPPS. |
Two examples follow, using console and Python API.
- Console
-
The following simple traffic profile defines 2 streams and configures them with 2 different PG IDs.
- File
class STLS1(object): def get_streams (self, direction = 0): return [STLStream(packet = STLPktBuilder(pkt ="stl/udp_64B_no_crc.pcap"), mode = STLTXCont(pps = 1000), flow_stats = STLFlowLatencyStats(pg_id = 7)),
| Assigned to PG ID 7, PPS would be 1000 regardless of the multplier. |
| Assigned to PG ID 12, PPS would be 5000 regardless of the multplier. |
The following command injects this to the console and uses the textual user interface (TUI) to display the TRex activity:
trex>start -f stl/flow_stats.py --port 0 trex>tui Latency Statistics (usec) PG ID | 7 | 12 ---------------------------------------------- Max latency | 0 | 0 #
| Maximum latency measured over the stream lifetime (in usec). |
| Average latency over the stream lifetime (usec). |
| Maximum latency measured between last two data reads from server (currently reads every 0.5 second). Numbers below are maximum latency for previous measuring intervals, so the output displays the latency history for the last few seconds. |
| Jitter of latency measurements. |
| Indication of number of errors (sum of seq_too_high and seq_too_low). You can see description in Python API doc below). In the future it will be possible to zoom in to see specific counters. For now, if you need to see specific counters, use the Python API. |
Example using Python API:
- Example File
stats = c.get_stats()
flow_stats = stats['flow_stats'].get(5)
lat_stats = stats['latency'].get(5)
tx_pkts = flow_stats['tx_pkts'].get(tx_port, 0)
tx_bytes = flow_stats['tx_bytes'].get(tx_port, 0)
rx_pkts = flow_stats['rx_pkts'].get(rx_port, 0)
drops = lat_stats['err_cntrs']['dropped']
ooo = lat_stats['err_cntrs']['out_of_order']
dup = lat_stats['err_cntrs']['dup']
sth = lat_stats['err_cntrs']['seq_too_high']
stl = lat_stats['err_cntrs']['seq_too_low']
lat = lat_stats['latency']
jitter = lat['jitter']
avg = lat['average']
tot_max = lat['total_max']
last_max = lat['last_max']
hist = lat ['histogram']
# lat_stats will be in this format
latency_stats == {
'err_cntrs':{ # error counters
u'dup':0, # Same sequence number was received twice in a row
u'out_of_order':0, # Packets received with sequence number too low (We assume it is reorder)
u'dropped':0 # Estimate of number of packets that were dropped (using seq number)
u'seq_too_high':0, # seq number too high events
u'seq_too_low':0, # seq number too low events
},
'latency':{
'jitter':0, # in usec
'average':15.2, # average latency (usec)
'last_max':0, # last 0.5 sec window maximum latency (usec)
'total_max':44, # maximum latency (usec)
'histogram':[ # histogram of latency
{
u'key':20, # bucket counting packets with latency in the range 20 to 30 usec
u'val':489342 # number of samples that hit this bucket's range
},
{
u'key':30,
u'val':10512
},
{
u'key':40,
u'val':143
},
{
'key':0, # bucket counting packets with latency in the range 0 to 10 usec
'val':3
}
]
}
},
| Get the Latency dictionary. |
|
For calculating packet error events, we add sequence number to each packet’s payload. We decide what went wrong only according to sequence number
of last packet received and that of the previous packet. seq_too_low and seq_too_high count events we see. dup, out_of_order and dropped
are heuristics we apply to try and understand what happened. They will be accurate in common error scenarios.
We describe few scenarios below to help understand this. |
- Error counters scenarios
-
-
Scenario 1: Receive a packet with seq num 10, and another packet with seq num 10. We increment dup and seq_too_low by 1.
-
Scenario 2: Receive a packet with seq num 10 and then a packet with seq num 15. We assume 4 packets were dropped, and increment dropped by 4, and seq_too_high by 1. We expect next packet to arrive with sequence number 16.
-
Continuation of Scenario 2: Receive a packet with seq num 11. We increment seq_too_low by 1. We increment out_of_order by 1. We decrement dropped by 1. (The assumption is that one of the packets that was considered as dropped before has actually arrived out of order.)
-
2.11.23. Tutorial: HLT profiles
HLTAPI traffic_config() function has a set of arguments for creating streams.
It is possible to define TRex traffic profile using those arguments, which are converted under the hood to native Scapy/Field Engine instructions.
For limitations see here.
class STLS1(object): ''' Create 2 Eth/IP/UDP streams with different packet size: First stream will start from 64 bytes (default) and will increase until max_size (9,216) Seconds stream will decrease the packet size in reverse way ''' def create_streams (self): max_size = 9*1024 return [STLHltStream(length_mode = 'increment', frame_size_max = max_size, l3_protocol = 'ipv4', ip_src_addr = '16.0.0.1', ip_dst_addr = '48.0.0.1', l4_protocol = 'udp', udp_src_port = 1025, udp_dst_port = 12, rate_pps = 1, ), STLHltStream(length_mode = 'decrement', frame_size_max = max_size, l3_protocol = 'ipv4', ip_src_addr = '16.0.0.1', ip_dst_addr = '48.0.0.1', l4_protocol = 'udp', udp_src_port = 1025, udp_dst_port = 12, rate_pps = 1, ) ] def get_streams (self, direction = 0, **kwargs): return self.create_streams()
The following command, executed within a bash window, runs the traffic profile with the simulator to generate a PCAP file.
[bash]>./stl-sim -f stl/hlt/hlt_udp_inc_dec_len_9k.py -o b.pcap -l 10
The following commands, executed within a bash window, convert to native JSON or YAML.
[bash]>./stl-sim -f stl/hlt/hlt_udp_inc_dec_len_9k.py --json
[bash]>./stl-sim -f stl/hlt/hlt_udp_inc_dec_len_9k.py --yaml
Alternatively, use the following command to convert to a native Python profile.
[bash]>./stl-sim -f stl/hlt/hlt_udp_inc_dec_len_9k.py --native
# !!! Auto-generated code !!! from trex_stl_lib.api import * class STLS1(object): def get_streams(self): streams = [] packet = (Ether(src='00:00:01:00:00:01', dst='00:00:00:00:00:00', type=2048) / IP(proto=17, chksum=5882, len=9202, ihl=5L, id=0) / UDP(dport=12, sport=1025, len=9182, chksum=55174) / Raw(load='!' * 9174)) vm = STLScVmRaw([CTRexVmDescFlowVar(name='pkt_len', size=2, op='inc', init_value=64, min_value=64, max_value=9216, step=1), CTRexVmDescTrimPktSize(fv_name='pkt_len'), CTRexVmDescWrFlowVar(fv_name='pkt_len', pkt_offset=16, add_val=-14, is_big=True), CTRexVmDescWrFlowVar(fv_name='pkt_len', pkt_offset=38, add_val=-34, is_big=True), CTRexVmDescFixIpv4(offset=14)], split_by_field = 'pkt_len') stream = STLStream(packet = CScapyTRexPktBuilder(pkt = packet, vm = vm), mode = STLTXCont(pps = 1.0)) streams.append(stream) packet = (Ether(src='00:00:01:00:00:01', dst='00:00:00:00:00:00', type=2048) / IP(proto=17, chksum=5882, len=9202, ihl=5L, id=0) / UDP(dport=12, sport=1025, len=9182, chksum=55174) / Raw(load='!' * 9174)) vm = STLScVmRaw([CTRexVmDescFlowVar(name='pkt_len', size=2, op='dec', init_value=9216, min_value=64, max_value=9216, step=1), CTRexVmDescTrimPktSize(fv_name='pkt_len'), CTRexVmDescWrFlowVar(fv_name='pkt_len', pkt_offset=16, add_val=-14, is_big=True), CTRexVmDescWrFlowVar(fv_name='pkt_len', pkt_offset=38, add_val=-34, is_big=True), CTRexVmDescFixIpv4(offset=14)], split_by_field = 'pkt_len') stream = STLStream(packet = CScapyTRexPktBuilder(pkt = packet, vm = vm), mode = STLTXCont(pps = 1.0)) streams.append(stream) return streams def register(): return STLS1()
Use the following command within the TRex console to run the profile.
TRex>start -f stl/hlt/hlt_udp_inc_dec_len_9k.py -m 10mbps -a
2.11.24. Tutorial: Core pinning
- Goal
-
Demonstrate how to assign a stream to a specific core. Core pinning was developed to avoid possible out of order for packets of the same stream.
The following example demonstrates 2 continuous streams S0 and S1 which are pinned to cores 0 and 1 respectively.
def create_stream (self): base_pkt = Ether()/IP(src="55.55.1.1",dst="58.0.0.1")/UDP(dport=12,sport=1025) return STLProfile ([STLStream(name = 'S0', packet = STLPktBuilder(pkt = base_pkt), mode = STLTXCont(), core_id = 0),
| Creates a continuous stream named S0 which runs on core 0. |
|
Creates a continuous stream named S1 which runs on core 1.
|
You need to run TRex with at least two cores for this tutorial to work.
You can define the number of cores with the -c flag:
[bash]>sudo ./t-rex-64 --no-sca -i -c 7 #
| Runs TRex with 7 cores. |
To run the console use the following command:
[bash]>./trex-console -s <TRex hostname>
To run the traffic profile from console in TRex, use the following command:
trex>start -f automation/trex_control_plane/interactive/trex/examples/stl/core_pinning_tutorial.py -m 10gbps
To see the statistics use the following console command:
trex>stats -c2.11.25. Tutorial: Field Engine variable split to cores
- Goal
-
Demonstrate how to split to cores a field engine variable. By default all the variables are split to cores and each core updates the variable by step * number of cores. In case we want each core to update the variable by step only, we set this parameter to false.
- File
def create_stream (self, direction): base_pkt = Ether()/IP()/UDP() ip_range = {'src': {'start': "10.0.0.1", 'end': "10.0.0.254"}, 'dst': {'start': "8.0.0.1", 'end': "8.0.0.254"}} if (direction == 0): src = ip_range['src'] dst = ip_range['dst'] else: src = ip_range['dst'] dst = ip_range['src'] vm = STLVM() vm.var(name="src", min_value=src['start'], max_value=src['end'], size=4, op='inc', split_to_cores = False) #
| The source address variable is not split to cores, hence it will be incremented by step = 1 in each core. |
| By default the destination address variable is split to cores, as such it will be incremented by step * number of cores in each core. |
| Repeatable random variables can also be split to cores. The source port is such a variable and hence it will change once in number of cores. |
You can simulate the profile using the STL simulator:
[bash]>./stl-sim -f stl/split_var_to_cores.py -o b.pcap -c 7
In the pcap we can see that each source address is repeated number of cores times, meanwhile the destination addresses are repeated once. The same holds for the source and destination port.
2.11.26. Tutorial: Field Engine dependent variables
Sometimes we would like to have a type of dependency between our field engine variables. For example, we want one variable to perform its op only if another variable finished wrapping around. A classical case would be getting all the combinations of two letters aa, ab, …, az, ba, …, bz, …, zz. We want the first letter to update only after we got all the possible values of the second letter. For such cases, we implemented the next_var feature.
- Goal
-
Demonstrate the next_var feature and how to use it.
- File
def create_stream (self): base_pkt = Ether()/IP()/UDP(dport=12, sport=1025)/ (24 * 'x') vm = STLVM() vm.var(name='IP_src', min_value=None, max_value=None, size=4, op='dec', step=1, value_list = ['16.0.0.1', '10.0.0.1', '14.0.0.1'], next_var='var1')
| The next_var can be used in any type of variable whose wrap around is defined, such an example is a value list. var1 will increment only after a wrap around of IP_src. |
| var2 will increment only after var1 performs a full wrap around. |
| Repeatable random variables also support the next_var feature as the wrap around for such a variable is defined. In case you want to use the next_var with randomness, define a repeatable random and don’t use op='random' for a regular variable. |
| A variable that has some other variable pointing at it must run on a single core. This is implemented as the default action, hence no need to explicitly set split_to_cores=False. |
You can simulate the profile using the STL simulator:
[bash]>./stl-sim -f stl/dependent_field_engine_vars.py -o b.pcap
2.11.27. Tutorial: Latency using hardware assist
This feature is a combination of software and hardware NIC’s IEEE 1588 support. It is disable by default and should be enabled by this compilation flag RTE_LIBRTE_IEEE1588. When enabled there is a 30%-10% performance impcat on i40e and mlx5 drivers. In HW terminology it is also referred as TimeSync feature. NIC can take timestamps of sent and received latency packets. Using DPDK APIs we can read these timestamps from the NIC HW register. Using the 2-step mechanism of IEEE 1588 (PTP) protocol we send the accurate timestamp (t1) which is read from the NIC in a Follow Up packet rather than in the same packet. Received timestamp (t2) is still taken on the first packet (SYNC) itself. In this way with a combination of software(PTP protocol, DPDK APIs) and HW support (leveraging IEEE 1588 support) more accurate latency and jitter measurements can be obtatined.
- Limitations
-
There are few limitations in this method of Latency Measurement which are listed below. (Some are Temporary)
-
The type and size of the latency packet is fixed. IP UDP packet with UDP payload carrying the PTP packet. Size is 106 bytes.
-
Since IEEE 1588 (PTP) protocol uses a well known port number. The latency stream which we create need to use destination port as 319.
-
Not All types of NIC support this feature. Currently tested and verified on I40E. Around 8 types support IEEE 1588v2 as per DPDK documentation.
-
Since there is some work involved in DPDK to keep both Vector code and IEEE 1588 code working together currently we cannot enable the DPDK config (RTE_LIBRTE_IEEE1588) by default. So, in order to use this feature we need to enable RTE_LIBRTE_IEEE1588 config COMPILE time and then we can dynamically enable or disable this feature based on requirement.
-
- How to Use
-
There is a new property added in the Latency stream through which we can enable or disable IEEE_1588 in python script ( for enabling, ieee_1588 = true). Other than that the Type, packet size and port number needs to be set as mentioned above in limitations section. Also please refer to the example provided for the same. have a look
scripts/stl/udp_1pkt_src_ip_split_latency_ieee_1588.py
# packet for IEEE 1588 base_lat_pkt = Ether()/IP(src=src_ip,dst=dst_ip)/UDP(dport=319,sport=1025) pkt = STLPktBuilder(pkt = base_pkt/pad, vm = vm) stream = [STLStream(packet = pkt, mode = STLTXCont(pps=1)), # latency stream STLStream(packet = STLPktBuilder(pkt = base_lat_pkt/pad_latency), mode = STLTXCont(pps=1000), flow_stats = STLFlowLatencyStats(pg_id = 12+port_id, ieee_1588 = True)) # enable 1588
You can query if the driver support this feature using get get_system_info API
2.12. Dynamic multiple profiles
TRex can support multiple profiles operations on the same port similar to virtual interfaces (from v2.57)
In the console, profile ids can be specified via -p argument.
The expression in TRex console allows -p <port number>.<profile id> instead of port number. This is done for backward compatibility reasons
For example, start imix.py profile on port 0.imix and udp_1pkt.py profile on port 0.udp1pkt.
In this way, imix and udp1pkt traffic can be running simultaneously and independently on port 0.
- Example
# start(add) dynamic profile on port 0.imix(3 streams are running on IMIX) trex> start -f stl/imix.py -p 0.imix # start(add) dynamic profile on port 0.udp1pkt trex> start -f stl/udp_1pkt.py -p 0.udp1pkt # start(add) dynamic profile on port 1.imix(3 streams are running on IMIX) trex> start -f stl/imix.py -p 1.imix # start(add) dynamic profile on port 1.udp1pkt trex> start -f stl/udp_1pkt.py -p 1.udp1pkt # show all streams trex> streams Port 0: ID | profile | length | rate | -----------+----------------+---------+------------------+- 1 | imix | 64 | 28 pps | 2 | imix | 594 | 16 pps | 3 | imix | 1518 | 4 pps | 4 | udp1pkt | 64 | 1 pps | Port 1: ID | profile | length | rate | -----------+----------------+----------+---------------+-- 1 | imix | 64 | 28 pps | 2 | imix | 594 | 16 pps | 3 | imix | 1518 | 4 pps | 4 | udp1pkt | 64 | 1 pps | # change packet rate of udp1pkt during run-time trex> update -p 0.udp1pkt -m 1gbps # pause traffic on port 0.udp1pkt (traffic on 0.imix is still running trex> pause -p 0.udp1pkt # show all profiles trex> profiles Port 0: Profile ID | state | stream ID ----------------+------------+----------- udp1pkt | PAUSE | [4] imix | TX | [1, 2, 3] Port 1: Profile ID | state | stream ID ----------------+------------+----------- udp1pkt | TX | [4] imix | TX | [1, 2, 3] # resume every paused traffic on port 0 (including 0.udp1pkt) trex> resume -p 0.* Resume traffic on port(s) [0.udp1pkt]: [SUCCESS] # stop traffic on 0.imix (traffic on 0.udp1pkt is still running) trex> stop -p 0.imix # stop all traffic on port 0 trex> stop -p 0.* # stop and remove all traffic on port 1 trex> stop -p 1.* --remove # show all streams trex>streams Port 0: ID | profile | length | mode | rate | -----------+---------------+----------+------------------+-----------------+- 1 | imix | 64 | Continuous | 28 pps | 2 | imix | 594 | Continuous | 16 pps | 3 | imix | 1518 | Continuous | 4 pps | 4 | udp1pkt | 64 | Continuous | 1 pps |
From API perspective it is the same expect the port id that could include the profile id.
Some exceptions:
-
pgid should be unique, it is not possible to run flow-stats with the same id on different profiles
-
push pcap remote can’t be run in parallel with another profile
def dynamic_profile (self):
port_list = [self.tx_port, self.rx_port]
profile_list = ["p1", "p2"]
stream_pg_id = 0
port = 0
try:
# start profiles 0.p1 0.p2 (two profiles on all ports)
for profile in profile_list:
stream_pg_id = stream_pg_id + 1
s1 = STLStream(name = 'latency',
packet = self.pkt,
mode = STLTXCont(percentage = self.percentage),
flow_stats = STLFlowLatencyStats(pg_id = stream_pg_id))
port_profile = str(port) + "." + str(profile) #e.g 0.p1
self.c.add_streams([s1], ports = port_profile)
self.c.start(ports = port_profile)
# stop all profiles on port 0 using 0.*
self.c.stop(ports = str(port)+".*")
except STLError as e:
assert False , '{0}'.format(e)
2.13. Functional Tutorials
On functional tests we demonstrate a way to test certain cases which does not require high bandwidth but instead require more flexibility such as fetching all the packets on the RX side.
2.13.1. Tutorial: Testing Dot1Q VLAN tagging
- Goal
-
Generate a Dot1Q packet with a vlan tag and verify the returned packet is on the same vlan.
- File
The following example is presented here in a simplified form. See the file above for the full working example.
#passed a connected client object and two ports def test_dot1q (c, rx_port, tx_port): # activate service mode on RX code c.set_service_mode(ports = rx_port) # generate a simple Dot1Q pkt = Ether() / Dot1Q(vlan = 100) / IP() # start a capture capture = c.start_capture(rx_ports = rx_port) # push the Dot1Q packet to TX port... we need 'force' because this is under service mode print('\nSending 1 Dot1Q packet(s) on port {}'.format(tx_port)) c.push_packets(ports = tx_port, pkts = pkt, force = True) c.wait_on_traffic(ports = tx_port) rx_pkts = [] c.stop_capture(capture_id = capture['id'], output = rx_pkts) print('\nRecived {} packets on port {}:\n'.format(len(rx_pkts), rx_port)) c.set_service_mode(ports = rx_port, enabled = False) # got back one packet assert(len(rx_pkts) == 1) rx_scapy_pkt = Ether(rx_pkts[0]['binary']) # it's a Dot1Q with the same VLAN assert('Dot1Q' in rx_scapy_pkt) assert(rx_scapy_pkt.vlan == 100) rx_scapy_pkt.show2()
2.13.2. Tutorial: Testing IPv4 ping - echo request / echo reply
- Goal
-
Generate a ICMP echo request from one interface to another one and validate the response.
- File
# test a echo request / echo reply def test_ping (c, tx_port, rx_port): # activate service mode on RX code c.set_service_mode(ports = [tx_port, rx_port]) # fetch the config tx_port_attr = c.get_port_attr(port = tx_port) rx_port_attr = c.get_port_attr(port = rx_port) assert(tx_port_attr['layer_mode'] == 'IPv4') assert(rx_port_attr['layer_mode'] == 'IPv4') pkt = Ether() / IP(src = tx_port_attr['src_ipv4'], dst = rx_port_attr['src_ipv4']) / ICMP(type = 8) # start a capture on the sending port capture = c.start_capture(rx_ports = tx_port) print('\nSending ping request on port {}'.format(tx_port)) # send the ping packet c.push_packets(ports = tx_port, pkts = pkt, force = True) c.wait_on_traffic(ports = tx_port) # fetch the packet rx_pkts = [] c.stop_capture(capture_id = capture['id'], output = rx_pkts) print('\nRecived {} packets on port {}:\n'.format(len(rx_pkts), tx_port)) c.set_service_mode(ports = rx_port, enabled = False) # got back one packet assert(len(rx_pkts) == 1) rx_scapy_pkt = Ether(rx_pkts[0]['binary']) # check for ICMP reply assert('ICMP' in rx_scapy_pkt) assert(rx_scapy_pkt['ICMP'].type == 0) rx_scapy_pkt.show2()
2.14. Services
|
|
The following section relies on service mode - please refer to service mode section for more details |
2.14.1. Overview
While under service mode, TRex provides the ability to run services.
A service is an instance of a service type that has a certain request / response state machine.
For example, the ARP service type provides a way to create ARP request instances that can be then executed by TRex in a parallel way supporting up to ~1000 requests in parallel.
The following diagram illustrates how services fit in the general flow:
|
|
A simple example |
The simplest example of a service execution:
# import the ARP service from trex_stl_lib.services.trex_stl_service_arp import STLServiceARP # create a service context on port 0 ctx = client.create_service_ctx(port = 0) # generate single ARP request from 1.1.1.5 to 1.1.1.1 arp = STLServiceARP(ctx, src_ip = '1.1.1.5', dst_ip = '1.1.1.1') # move to service mode and execute service client.set_service_mode(ports = 0) try: ctx.run(arp) finally: client.set_service_mode(ports = 0, enabled = False) # show the ARP result print(arp.get_record())
Recieved ARP reply from: 1.1.1.1, hw: b8:46:dd:63:21:e4"
There are two main usages for services:
-
Customizing Tests
-
Control Plane Stress
2.14.2. Customizing Tests
Services provides an easy way to customize tests:
executing services can be used to dynamically acquire data prior to the test and then generate a test based on the results.
|
|
An example of using DHCP service to cutomize a test |
Let’s assume that our topology includes a DHCP server which will allow traffic from previously leased addreses only. Without services we will not be able to statically generate a test that will be accepted by the server.
However, with services we can generate clients using the DHCP service type and used the leased addresses to generate traffic.
Let’s take a deep dive into how to use Python API to implement the above example:
# first we import the relevant service from trex_stl_lib.services.trex_stl_service_dhcp import STLServiceDHCP # next we generate a service context on the required port # all services will be executed on the same port - there is no cross-port service execution ctx = client.create_service_ctx(port = 0) # generate 100 clients from random MACs (random MAC function omitted) # you can, of course, supply specific MAC addresses dhcps = [STLServiceDHCP(mac = random_mac()) for _ in range(100)] # now we execute the service context under service mode client.set_service_mode(ports = 0) try: ctx.run(dhcps) finally: client.set_service_mode(ports = 0, enabled = False) # inspect the DHCP execution result for dhcp in dhcps: record = dhcp.get_record() print('client: MAC {0} - DHCP: {1}'.format(dhcp.get_mac(),record)) # let's filter all the DHCPs that successfuly moved to 'BOUND' state # refer to the DHCP code reference to see all the available states bounded_dhcps = [dhcp for dhcp in dhcps if dhcp.state == 'BOUND'] # we can use the above results to generate traffic from the leased addresses streams = [] for bound_dhcp in bounded_dhcps: record = bound_dhcp.get_record() pkt = STLPktBuilder(pkt = Ether(src=record.client_mac)/ IP(src=record.client_ip,dst=record.server_ip)/ UDP) streams.append(STLStream(packet = pkt, mode = STLTXSingleBurst(total_pkts = 1000))) # add streams and generate traffic client.add_streams(ports = 0, streams = streams) client.start(ports = 0, mult = '100%') client.wait_on_traffic()
And here is how the output (partial) looks like:
client: MAC 3c:1d:08:91:7f:34 - DHCP: ip: 1.1.1.8, server_ip: 1.1.1.1, subnet: 255.255.255.0 client: MAC 21:3c:a3:3f:cb:a7 - DHCP: ip: 1.1.1.5, server_ip: 1.1.1.1, subnet: 255.255.255.0 client: MAC f9:ba:11:51:91:8b - DHCP: ip: 1.1.1.7, server_ip: 1.1.1.1, subnet: 255.255.255.0 client: MAC b8:46:dd:63:21:e4 - DHCP: ip: 1.1.1.11, server_ip: 1.1.1.1, subnet: 255.255.255.0 client: MAC b8:38:f9:c7:1c:6e - DHCP: ip: 1.1.1.9, server_ip: 1.1.1.1, subnet: 255.255.255.0 client: MAC 44:27:f1:f3:9a:bd - DHCP: ip: 1.1.1.10, server_ip: 1.1.1.1, subnet: 255.255.255.0 client: MAC cd:8d:c6:c9:5c:6a - DHCP: ip: 1.1.1.2, server_ip: 1.1.1.1, subnet: 255.255.255.0 client: MAC 51:ee:33:d9:d8:9f - DHCP: ip: 1.1.1.3, server_ip: 1.1.1.1, subnet: 255.255.255.0 client: MAC 75:f2:22:ce:86:47 - DHCP: ip: 1.1.1.4, server_ip: 1.1.1.1, subnet: 255.255.255.0 client: MAC 19:bb:56:20:52:3b - DHCP: ip: 1.1.1.6, server_ip: 1.1.1.1, subnet: 255.255.255.0
|
|
An example of using IPv6 ND to establish IPv6 neighborships before running DP tests. |
The IPv6 ND service has many options, most of them are not mandatory: mandatory parameters:
-
ctx: the service context object
-
dst_ip: the IPv6 neighbor address to be resolved
-
src_ip: the IPv6 source address to be used
optional parameters:
-
retries: number of retries in case of timeouts (default=1)
-
src_mac: source mac address to be used in Ethernet packets (default taken from port in use)
-
timeout: timeout in seconds to wait for neighbor advertisements in response to our neighbor solicitation packets (default 2)
-
verify_timeout: timeout in seconds to wait for neighbor soliciation messages from a neighbor, after our NS was answered (Neighbor verification is not always performed, but depends on our state in the neighbors ND cache).
-
vlan: vlan identifiers used for dot1q/dot1ad vlan headers (e.g. [200,2] uses outer vlan 200, inner vlan 2)
-
fmt: encapsulation format used for vlan tagging (Q: dot1q, D: dot1ad). Double tagging can be formatted with "QQ" (double-dot1q) or "DQ" (dot1q in dot1ad), or DD or QD ….
-
verbose_level: increase logging of IPv6 service instances (e.g service_level = STLServiceIPv6ND.ERROR)
#!/usr/bin/python from stl_path import * from trex_stl_lib.api import * from trex_stl_lib.services.trex_stl_service_IPv6ND import STLServiceIPv6ND c = STLClient() c.connect() c.acquire(force = True) c.set_service_mode(ports = 0) # create service context ctx = c.create_service_ctx(port = 0) nd_service = STLServiceIPv6ND( ctx, src_ip = "2001:db8:10:22::15", dst_ip = "2001:db8:10:22::1", vlan = [ 500, 22], timeout=2, verify_timeout=6, fmt = "QQ", verbose_level = STLServiceIPv6ND.INFO ) ctx.run(nd_service) print nd_service.get_record()
2.14.3. Control Plane Stress Tests
Another practical use-case of services is to simply use the first phase as the main phase and focus on generating many control plane requests.
For example, the same DHCP example can be used to stress out a DHCP server by generating many requests.
Now, even though service mode is slower that regular mode, and service context execution is even slower as we wait for response from the server there are still two major benefits:
-
Parallelism - When generating many service instances, there will be minimum impact on the total run time as we execute services in parallel
-
Flexibility - Putting aside performance, TRex services are written in Python and uses Scapy to generate traffic and thus are very easy to manipulate and custom fit
2.14.4. Currently Provided Services
Currently, the implemented services provided with TRex package are:
-
ARP - provides an ARP resolution for an IPv4 address
-
ICMPv4 - provides Ping IPv4 for an IPv4 address
-
DHCP - provides a DHCP bound/release lease address
-
IPv6ND - provides IPv6 neighbor discovery
We are planning to add more and hope for contribution in this area
2.14.5. A Detailed DHCP Example
Full DHCP example can be found under the following GitHub link:
2.14.6. Limitations
There is no limitation on the types of services that are being executed. It is possible to run ARP and DHCP in parallel if it is needed.
The only limitation is that services run under context which is bounded to a single port.
There is no way to forward response from another port to the context.
Also, the number of service instances per execution is currently limited to 1000.
2.14.7. Console plugins
Another usage of services (or even mix of them) is plugins infrastructure in trex-console.
Plugins system is a way to dynamically import and run some code.
trex>plugins -h usage: plugins [-h] ... Show / load / use plugins optional arguments: -h, --help show this help message and exit command: show Show / search for plugins load Load (or implicitly reload) plugin by name unload Unload plugin by name
Plugins are located in console/plugins directory, and their filename begins with "plugin_".
They can be searched via "show" command and loaded via "load" command:
trex>plugins load wlc Loading plugin: wlc [SUCCESS] trex>plugins show +----------------------+-----------------+ | Plugin name | Loaded | +======================+=================+ | IPv6ND | No | +----------------------+-----------------+ | hello | No | +----------------------+-----------------+ | wlc | Yes | +----------------------+-----------------+
Now, loaded plugin can be seen in menu of plugins and used:
trex>plugins -h usage: plugins [-h] ... Show / load / use plugins optional arguments: -h, --help show this help message and exit command: show Show / search for plugins load Load (or implicitly reload) plugin by name unload Unload plugin by name wlc WLC testing related functionality trex>plugins wlc -h usage: plugins wlc [-h] {add_client,base,close,create_ap,reconnect,show,start} ... optional arguments: -h, --help show this help message and exit commands: {add_client,base,close,create_ap,reconnect,show,start} add_client Add client(s) to AP(s) base Set base values of MAC, IP etc. for created AP/Client. Will be increased for each new device. close Closes all wlc-related stuff create_ap Create AP(s) on port reconnect Reconnect disconnected AP(s) or Client(s). show Show status of APs start Start traffic on behalf on client(s). trex>plugins wlc create_ap -p 0 Enabling service mode on port(s) [0]: [SUCCESS] Discovering WLC [SUCCESS] Establishing DTLS connection [SUCCESS] Join WLC and get SSID [SUCCESS]
Example of plugin (file console/plugins/plugin_hello.py):
#!/usr/bin/python from console.plugins import * ''' Example plugin ''' class Hello_Plugin(ConsolePlugin): def plugin_description(self): return 'Simple example' # used to init stuff def plugin_load(self): # Adding arguments to be used at do_* functions self.add_argument(type = str, dest = 'username', # <----- variable name to be used help = 'Username to greet') # We build argparser from do_* functions, stripping the "do_" from name def do_greet(self, username): # <------ username was registered in plugin_load '''Greet some username''' self.trex_client.logger.log('Hello, %s!' % bold(username.capitalize())) # <--- trex_client is set implicitly
|
|
An plugin that uses the IPv6 service, that allows experimenting with IPv6 from the console. |
trex(service)>plugins load IPv6ND Loading plugin: IPv6ND [SUCCESS] trex(service)>plugins IPv6ND -h usage: plugins IPv6ND [-h] {clear,resolve,status} ... optional arguments: -h, --help show this help message and exit commands: {clear,resolve,status} clear clear IPv6 ND requests/entries resolve perform IPv6 neighbor discovery status show status of generated ND requests trex(service)>plugins IPv6ND resolve -h usage: IPv6ND resolve [-h] -p PORT -s SRC_IP [-m SRC_MAC] -d DST_IP [-v VLAN] [-f FMT] [-t TIMEOUT] [-T VERIFY_TIMEOUT] [-c COUNT] [-r RATE] [-R RETRIES] [-V] perform IPv6 neighbor discovery optional arguments: -h, --help show this help message and exit -p PORT, --port PORT trex port to use -s SRC_IP, --src-ip SRC_IP src ip to use -m SRC_MAC, --src-mac SRC_MAC src mac to use -d DST_IP, --dst-ip DST_IP IPv6 dst ip to discover -v VLAN, --vlan VLAN vlan(s) to use (comma separated) -f FMT, --format FMT vlan encapsulation to use (QQ: qinq, DA: 802.1AD -> 802.1q) -t TIMEOUT, --timeout TIMEOUT timeout to wait for NA -T VERIFY_TIMEOUT, --verify-timeout VERIFY_TIMEOUT timeout to wait for neighbor verification NS -c COUNT, --count COUNT nr of nd to perform (auto-scale src-addr to test parallel NDs) -r RATE, --rate RATE rate limiter value to pass to services framework -R RETRIES, --retries RETRIES number of retries in case no answer was received -V, --verbose verbose mode
Perform 3 parallel ND operations, where source IPv6 addresses are incremented automatically:
trex(service)>plugins IPv6ND resolve -c 3 -v 500,22 -p 0 -s 2001:db8:10:22::70 -d 2001:db8:10:22::1 -V --format QQ -T 6 performing ND for 3 addresses. NA response timeout............: 2s Neighbor verification timeout..: 6s ND: TX NS: 2001:db8:10:22::70,74:a0:2f:b4:97:49 -> 2001:db8:10:22::1 (retry 0) ND: TX NS: 2001:db8:10:22::71,74:a0:2f:b4:97:49 -> 2001:db8:10:22::1 (retry 0) ND: TX NS: 2001:db8:10:22::72,74:a0:2f:b4:97:49 -> 2001:db8:10:22::1 (retry 0) ND: RX NA: 2001:db8:10:22::70 <- 2001:db8:10:22::1, 00:05:73:a0:00:01 ND: RX NA: 2001:db8:10:22::72 <- 2001:db8:10:22::1, 00:05:73:a0:00:01 ND: timeout for 2001:db8:10:22::71,74:a0:2f:b4:97:49 <-- 2001:db8:10:22::1 (retry 0) ND: TX NS: 2001:db8:10:22::71,74:a0:2f:b4:97:49 -> 2001:db8:10:22::1 (retry 1) ND: RX NA: 2001:db8:10:22::71 <- 2001:db8:10:22::1, 00:05:73:a0:00:01 ND: RX NS: 2001:db8:10:22::70 <-- 2001:db8:10:22::d,00:de:fb:1d:83:c4 ND: TX NA: 2001:db8:10:22::70,74:a0:2f:b4:97:49 -> 2001:db8:10:22::d,00:de:fb:1d:83:c4 ND: RX NS: 2001:db8:10:22::70 <-- 2001:db8:10:22::c,00:de:fb:1d:84:c5 ND: TX NA: 2001:db8:10:22::70,74:a0:2f:b4:97:49 -> 2001:db8:10:22::c,00:de:fb:1d:84:c5 ND: RX NS: 2001:db8:10:22::71 <-- 2001:db8:10:22::c,00:de:fb:1d:84:c5 ND: TX NA: 2001:db8:10:22::71,74:a0:2f:b4:97:49 -> 2001:db8:10:22::c,00:de:fb:1d:84:c5 ND: RX NS: 2001:db8:10:22::71 <-- 2001:db8:10:22::d,00:de:fb:1d:83:c4 ND: TX NA: 2001:db8:10:22::71,74:a0:2f:b4:97:49 -> 2001:db8:10:22::d,00:de:fb:1d:83:c4 ND: RX NS: 2001:db8:10:22::72 <-- 2001:db8:10:22::d,00:de:fb:1d:83:c4 ND: TX NA: 2001:db8:10:22::72,74:a0:2f:b4:97:49 -> 2001:db8:10:22::d,00:de:fb:1d:83:c4 ND: RX NS: 2001:db8:10:22::72 <-- 2001:db8:10:22::c,00:de:fb:1d:84:c5 ND: TX NA: 2001:db8:10:22::72,74:a0:2f:b4:97:49 -> 2001:db8:10:22::c,00:de:fb:1d:84:c5 trex(service)>
Show status of local IPv6 neighborships:
trex(service)>plugins IPv6ND status ND Status --------- used vlan(s)...................: [500, 22] used encapsulation.............: QQ number of IPv6 source addresses: 3 SRC MAC SRC IPv6 | DST IPv6 DST MAC STATE VERIFIED -------------------------------------------------------------------------------------------------------------------------- 74:a0:2f:b4:97:49 2001:db8:10:22::70 | 2001:db8:10:22::1 00:05:73:a0:00:01 REACHABLE 2 74:a0:2f:b4:97:49 2001:db8:10:22::71 | 2001:db8:10:22::1 00:05:73:a0:00:01 REACHABLE 2 74:a0:2f:b4:97:49 2001:db8:10:22::72 | 2001:db8:10:22::1 00:05:73:a0:00:01 REACHABLE 2 resolved..: 3 unresolved: 0 verified..: 3 trex(service)>
Clear local IPv6 neighborships:
trex(service)>plugins IPv6ND clear trex(service)>plugins IPv6ND status ND Status --------- used vlan(s)...................: [500, 22] used encapsulation.............: QQ number of IPv6 source addresses: 3 SRC MAC SRC IPv6 | DST IPv6 DST MAC STATE VERIFIED ------------------------------------------------------------------------------------------------------------------------ resolved..: 0 unresolved: 0 verified..: 0 trex(service)>
2.15. PCAP Based Traffic Tutorials
2.15.1. PCAP Based Traffic
TRex provides a method for using pre-recorded traffic as a profile template. Typically, there are two ways to create a profile or a test based on a PCAP:
-
Local PCAP push
-
Server-based push
Local PCAP push
In this method, the PCAP file is loaded locally by the Python client, transformed to a list of streams, each one with a single packet carrying a payload and pointing to the next packet.
This method can provide every type of functionality that a regular list of streams might have. However, due to the overhead of processing and sending a list of streams, the file size is limited (default: 1 MB).
Pro:
-
Supports most CAP file formats
-
Supports Field Engine
-
Provides a way of locally manipulating packets as streams
-
Supports the same rate as regular streams
Con:
-
Limited file size
-
High configuration time due to transmitting the CAP file as streams
Server-based push
The server-based push method enables TRex to inject larger PCAP files. The mechanism is quite different from the local PCAP push method, with distinct advantages and limitations.
In this method, you provide a server with a PCAP file. The server loads the file and injects the packets, one after another. The file size is unlimted, enabling any number of packets to be injected. Setting up the server with the required configuration involves less overhead than the local PCAP push method.
Pro:
-
Unlimited PCAP file size
-
No overhead in sending any size of PCAP to the server
Con:
-
Does not support Field Engine
-
Supports only PCAP and ERF formats
-
"Dual" mode is usable only with ERF format
-
File path must be accessible from the server
-
Rate of transmition (and IPG) is usually limited by I/O performance and buffering (HDD).
2.15.2. Tutorial: Simple PCAP file - Profile
- Goal
-
Load a PCAP file with a number of packets, creating a stream with a burst value of 1 for each packet. The inter-stream gap (ISG) for each stream is equal to the inter-packet gap (IPG).
- File
def get_streams (self, ipg_usec = 10.0,
| The inter-stream gap in microseconds. |
| Loop count. |
| Input PCAP file. |
The figure shows the streams for a PCAP file with 3 packets, with a loop configured.
-
Each stream is configured to Burst mode with 1 packet.
-
Each stream triggers the next stream.
-
The last stream triggers the first with
action_loop=loop_countifloop_count> 1.
The profile runs on one DP thread because it has a burst with 1 packet. (Cannot split in this case.)
To run this example, enter:
[bash]>./stl-sim -f stl/pcap.py --yaml
The following output appears:
$./stl-sim -f stl/pcap.py --yaml - name: 1 next: 2
| Each stream triggers the next stream. |
| The last stream triggers the first. |
|
The current loop count is given in: action_count: 1
|
|
Self_start is enabled for the first stream, disabled for all other streams.
|
2.15.3. Tutorial: Simple PCAP file - API
For this case we can use the local push method:
c = STLClient(server = "localhost") try: c.connect() c.reset(ports = [0]) d = c.push_pcap(pcap_file = "my_file.pcap", # our local PCAP file ports = 0, # use port 0 ipg_usec = 100, # IPG count = 1) # inject only once c.wait_on_traffic() stats = c.get_stats() opackets = stats[port]['opackets'] print("{0} packets were Tx on port {1}\n".format(opackets, port)) except STLError as e: print(e) sys.exit(1) finally: c.disconnect()
2.15.4. Tutorial: PCAP file iterating over dest IP
For this case we can use the local push method:
c = STLClient(server = "localhost") try: c.connect() port = 0 c.reset(ports = [port]) vm = STLIPRange(dst = {'start': '10.0.0.1', 'end': '10.0.0.254', 'step' : 1}) c.push_pcap(pcap_file = "my_file.pcap", # our local PCAP file ports = port, # use 'port' ipg_usec = 100, # IPG count = 1, # inject only once vm = vm # provide VM object ) c.wait_on_traffic() stats = c.get_stats() opackets = stats[port]['opackets'] print("{0} packets were Tx on port {1}\n".format(opackets, port)) except STLError as e: print(e) sys.exit(1) finally: c.disconnect()
2.15.5. Tutorial: PCAP file with VLAN
This is an interesting case where we can provide the push API with a function hook. The hook is called for each packet that is loaded from the PCAP file.
# generate a packet hook function with a VLAN ID def packet_hook_generator (vlan_id): # this function will be called for each packet and will expect # the new packet as a return value def packet_hook (packet): packet = Ether(packet) if vlan_id >= 0 and vlan_id <= 4096: packet_l3 = packet.payload packet = Ether() / Dot1Q(vlan = vlan_id) / packet_l3 return str(packet) return packet_hook c = STLClient(server = "localhost") try: c.connect() port = 0 c.reset(ports = [port]) vm = STLIPRange(dst = {'start': '10.0.0.1', 'end': '10.0.0.254', 'step' : 1}) d = c.push_pcap(pcap_file = "my_file.pcap", ports = port, ipg_usec = 100, count = 1, packet_hook = packet_hook_generator(vlan_id = 1) ) c.wait_on_traffic() stats = c.get_stats() opackets = stats[port]['opackets'] print("{0} packets were Tx on port {1}\n".format(opackets, port)) except STLError as e: print(e) sys.exit(1) finally: c.disconnect()
2.15.6. Tutorial: PCAP file and Field Engine - Profile
The following example loads a PCAP file to many streams, and attaches the Field Engine program to each stream. For example, the Field Engine can change the IP.src of all the streams to a random IP address.
- File
def create_vm (self, ip_src_range, ip_dst_range):
if not ip_src_range and not ip_dst_range:
return None
# until the feature of offsets will be fixed for PCAP use hard coded offsets
vm = []
if ip_src_range:
vm += [STLVmFlowVar(name="src",
min_value = ip_src_range['start'],
max_value = ip_src_range['end'],
size = 4, op = "inc"),
#STLVmWrFlowVar(fv_name="src",pkt_offset= "IP.src")
STLVmWrFlowVar(fv_name="src",pkt_offset = 26)
]
if ip_dst_range:
vm += [STLVmFlowVar(name="dst",
min_value = ip_dst_range['start'],
max_value = ip_dst_range['end'],
size = 4, op = "inc"),
#STLVmWrFlowVar(fv_name="dst",pkt_offset= "IP.dst")
STLVmWrFlowVar(fv_name="dst",pkt_offset = 30)
]
vm += [#STLVmFixIpv4(offset = "IP")
STLVmFixIpv4(offset = 14)
]
return vm
def get_streams (self,
ipg_usec = 10.0,
loop_count = 5,
ip_src_range = None,
ip_dst_range = {'start' : '10.0.0.1',
'end': '10.0.0.254'}):
vm = self.create_vm(ip_src_range, ip_dst_range)
profile = STLProfile.load_pcap(self.pcap_file,
ipg_usec = ipg_usec,
loop_count = loop_count,
vm = vm)
return profile.get_streams() | Creates Field Engine program. |
| Applies the Field Engine to all packets → converts to streams. |
| pkt | IPv4 | flow |
|---|---|---|
1 |
10.0.0.1 |
1 |
2 |
10.0.0.1 |
1 |
3 |
10.0.0.1 |
1 |
4 |
10.0.0.1 |
1 |
5 |
10.0.0.1 |
1 |
6 |
10.0.0.1 |
1 |
7 |
10.0.0.2 |
2 |
8 |
10.0.0.2 |
2 |
9 |
10.0.0.2 |
2 |
10 |
10.0.0.2 |
2 |
11 |
10.0.0.2 |
2 |
12 |
10.0.0.2 |
2 |
2.15.7. Tutorial: Server-side method with large PCAP file
The example below uses the remote push API method, providing a PCAP file to a remote server. Note: The file path to the PCAP file must be visible to the server.
c = STLClient(server = "localhost") try: c.connect() c.reset(ports = [0]) # use an absolute path so the server can reach this pcap_file = os.path.abspath(pcap_file) c.push_remote(pcap_file = pcap_file, ports = 0, ipg_usec = 100, count = 1) c.wait_on_traffic() stats = c.get_stats() opackets = stats[port]['opackets'] print("{0} packets were Tx on port {1}\n".format(opackets, port)) except STLError as e: print(e) sys.exit(1) finally: c.disconnect()
2.15.8. Tutorial: A long list of PCAP files of varied sizes
A scenario with several PCAP files is a good candidate for the remote push API. The total overhead for sending the PCAP files will be high if there is a long list of separate PCAP files. So in this case, it is preferable to inject them with a remote API and to save the transmission of the packets.
c = STLClient(server = "localhost") try: c.connect() c.reset(ports = [0]) # iterate over the list and send each file to the server for pcap_file in pcap_file_list: pcap_file = os.path.abspath(pcap_file) c.push_remote(pcap_file = pcap_file, ports = 0, ipg_usec = 100, count = 1) c.wait_on_traffic() stats = c.get_stats() opackets = stats[port]['opackets'] print("{0} packets were Tx on port {1}\n".format(opackets, port)) except STLError as e: print(e) sys.exit(1) finally: c.disconnect()
2.16. Performance Tweaking
This section describes some advanced features that can help to optimize TRex performance. These features are not active "out of the box" because they might have some impact on other functionality, and in general, might sacrafice one or more properties. Users can decide on any trade-offs individually before employing these optimizations.
2.16.1. Caching MBUFs
see here
2.16.2. Core masking per interface
By default, TRex will regard any TX command with a greedy approach: All DP cores associated with this port will be assigned in order to produce the maximum throughput.
However, in some cases it might be beneficial to provide a port with a subset of the cores to use, such as when injecting traffic on two ports, when the following conditions are met:
-
The two ports are adjacent.
-
The profile is symmetric.
Due to TRex architecture, adjacent ports (example: port 0 and port 1) share the same cores, and using the greedy approach will cause all the cores to transmit on both port 0 and port 1.
When the profile is symmetric, performance can be improved by pinning half of the cores to port 0, and half of the cores to port 1, thus avoiding cache trashing and bouncing. If the profile is not symmetric, the static pinning may deny CPU cycles from the more congested port.
TRex provides this in two ways, described below.
2.16.3. Predefind modes
As described above, the default mode is split mode, but you can configure a predefined mode called pin. This can be done by API or from the console.
trex>start -f stl/syn_attack.py -m 40mpps --total -p 0 1 --pin <-- provide '--pin' to the command Removing all streams from port(s) [0, 1]: [SUCCESS] Attaching 1 streams to port(s) [0]: [SUCCESS] Attaching 1 streams to port(s) [1]: [SUCCESS] Starting traffic on port(s) [0, 1]: [SUCCESS] 60.20 [ms] trex>
c.start(ports=[port_a, port_b], mult=rate, core_mask=STLClient.CORE_MASK_PIN) #
| core_mask = STLClient.CORE_MASK_PIN |
c.start(ports = [port_a, port_b], mult = rate, core_mask=[0x1,0x2]) #
| DP Core 0 (mask==1) is assigned to port 1, and DP core 1 (mask==2) assigned to port 2. |
The CPU Util table, available in the TUI window, shows that each core was reserved for an interface:
Global Stats: Total Tx L2 : 20.49 Gb/sec Total Tx L1 : 26.89 Gb/sec Total Rx : 20.49 Gb/sec Total Pps : 40.01 Mpkt/sec <-- Performance meets the requested rate Drop Rate : 0.00 b/sec Queue Full : 0 pkts Cpu Util(%) Thread | Avg | Latest | -1 | -2 | -3 | -4 | -5 | -6 | -7 | -8 0 (0) | 92 | 92 | 92 | 91 | 91 | 92 | 91 | 92 | 93 | 94 1 (IDLE) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 2 (1) | 96 | 95 | 95 | 96 | 96 | 96 | 96 | 95 | 94 | 95 3 (IDLE) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 4 (0) | 92 | 93 | 93 | 91 | 91 | 93 | 93 | 93 | 93 | 93 5 (IDLE) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 6 (1) | 88 | 88 | 88 | 88 | 88 | 88 | 88 | 88 | 87 | 87 7 (IDLE) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0
If we had used the default mode, the table would have looked like the following, with significantly worse performance:
Global Stats: Total Tx L2 : 12.34 Gb/sec Total Tx L1 : 16.19 Gb/sec Total Rx : 12.34 Gb/sec Total Pps : 24.09 Mpkt/sec <-- Performance is much lower than requested Drop Rate : 0.00 b/sec Queue Full : 0 pkts Cpu Util(%) Thread | Avg | Latest | -1 | -2 | -3 | -4 | -5 | -6 | -7 | -8 0 (0,1) | 100 | 100 | 100 | 100 | 100 | 100 | 100 | 100 | 100 | 100 1 (IDLE) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 2 (0,1) | 100 | 100 | 100 | 100 | 100 | 100 | 100 | 100 | 100 | 100 3 (IDLE) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 4 (0,1) | 100 | 100 | 100 | 100 | 100 | 100 | 100 | 100 | 100 | 100 5 (IDLE) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 6 (0,1) | 100 | 100 | 100 | 100 | 100 | 100 | 100 | 100 | 100 | 100 7 (IDLE) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0
This feature is also available from the Python API by providing: CORE_MASK_SPLIT or CORE_MASK_PIN to the start API.
2.16.4. Manual mask
For debugging or advanced core scheduling you might choose to provide a manual masking to specify to the server which cores to use.
Example:
-
2 interfaces: interface 0 and interface 1
-
A profile that utilizes 95% of the traffic on one side, and provides 5% of the traffic in the other direction.
-
8 cores assigned to the two interfaces.
To assign 3 cores to interface 0 and 1 core to interface 1, execute the following in the console (or if using the API, provide a list of masks to the start command):
trex>start -f stl/syn_attack.py -m 10mpps --total -p 0 1 --core_mask 0xE 0x1 Removing all streams from port(s) [0, 1]: [SUCCESS] Attaching 1 streams to port(s) [0]: [SUCCESS] Attaching 1 streams to port(s) [1]: [SUCCESS] Starting traffic on port(s) [0, 1]: [SUCCESS] 37.19 [ms] trex>
c.start(ports = [port_a, port_b], mult = rate,core_mask=[0x0xe,0x1])
| Mask of cores per port. |
The following output is appears in the TUI CPU Util window:
Total Tx L2 : 5.12 Gb/sec Total Tx L1 : 6.72 Gb/sec Total Rx : 5.12 Gb/sec Total Pps : 10.00 Mpkt/sec Drop Rate : 0.00 b/sec Queue Full : 0 pkts Cpu Util(%) Thread | Avg | Latest | -1 | -2 | -3 | -4 | -5 | -6 | -7 | -8 0 (1) | 45 | 45 | 45 | 45 | 45 | 45 | 46 | 45 | 46 | 45 1 (IDLE) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 2 (0) | 15 | 15 | 14 | 15 | 15 | 14 | 14 | 14 | 14 | 14 3 (IDLE) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 4 (0) | 14 | 14 | 14 | 14 | 14 | 14 | 14 | 14 | 15 | 14 5 (IDLE) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 6 (0) | 15 | 15 | 15 | 15 | 15 | 15 | 15 | 15 | 15 | 15 7 (IDLE) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0
2.17. Reference
Additional profiles and examples are available in the stl/hlt folder.
For information about the Python client API, see the Python Client API documentation.
2.18. Console tutorial
see here for console tutorial
2.19. Benchmarks of 40G NICs
2.20. Bird integration
2.20.1. Overview
Bird Internet Routing Daemon is a project aimed to develop a fully functional Linux dynamic IP routing daemon. It was integrated into TRex to run alongside in order to utilize its features together with Python automation API.
|
|
If you are compiling TRex from scratch, make sure to compile with the appropriate Bird flag. |
2.20.2. FAQ
You can find the Bird FAQ here: Bird’s FAQ
2.20.3. High level Features
-
BIRD 2.0 supports the following protocols: Bird Protocols
-
Run on top of IPv4 and IPv6 (using kernel veth)
-
BGP (eBGP/iBGP), RPKI (RFC 6480)/RFC 6483 records type are pv4,ipv6,vpn4,vpn6,multicast,flow4,flow6
-
RFC 4271 - Border Gateway Protocol 4 (BGP)
-
RFC 1997 - BGP Communities Attribute
-
RFC 2385 - Protection of BGP Sessions via TCP MD5 Signature
-
RFC 2545 - Use of BGP Multiprotocol Extensions for IPv6
-
RFC 2918 - Route Refresh Capability
-
RFC 3107 - Carrying Label Information in BGP
-
RFC 4360 - BGP Extended Communities Attribute
-
RFC 4364 - BGP/MPLS IPv4 Virtual Private Networks
-
RFC 4456 - BGP Route Reflection
-
RFC 4486 - Subcodes for BGP Cease Notification Message
-
RFC 4659 - BGP/MPLS IPv6 Virtual Private Networks
-
RFC 4724 - Graceful Restart Mechanism for BGP
-
RFC 4760 - Multiprotocol extensions for BGP
-
RFC 4798 - Connecting IPv6 Islands over IPv4 MPLS
-
RFC 5065 - AS confederations for BGP
-
RFC 5082 - Generalized TTL Security Mechanism
-
RFC 5492 - Capabilities Advertisement with BGP
-
RFC 5549 - Advertising IPv4 NLRI with an IPv6 Next Hop
-
RFC 5575 - Dissemination of Flow Specification Rules
-
RFC 5668 - 4-Octet AS Specific BGP Extended Community
-
RFC 6286 - AS-Wide Unique BGP Identifier
-
RFC 6608 - Subcodes for BGP Finite State Machine Error
-
RFC 6793 - BGP Support for 4-Octet AS Numbers
-
RFC 7311 - Accumulated IGP Metric Attribute for BGP
-
RFC 7313 - Enhanced Route Refresh Capability for BGP
-
RFC 7606 - Revised Error Handling for BGP UPDATE Messages
-
RFC 7911 - Advertisement of Multiple Paths in BGP
-
RFC 7947 - Internet Exchange BGP Route Server
-
RFC 8092 - BGP Large Communities Attribute
-
RFC 8203 - BGP Administrative Shutdown Communication
-
RFC 8212 - Default EBGP Route Propagation Behavior without Policies
-
-
OSPF (v2/v3) RFC 2328/ RFC 5340
-
RIP - RIPv1 (RFC 1058),RIPv2 (RFC 2453), RIPng (RFC 2080), and RIP cryptographic authentication (RFC 4822).
-
-
Scale of Millions of routes (depends on the protocol scale e.g. BGP) in a few seconds
-
Integration with Multi-RX software model (
-softwareand-chigher than 1) to support dynamic filters for BIRD protocols while keeping high rates of traffic. -
Can support up to 10K veth (virtual interfaces) each with different QinQ/VLAN configuration.
-
Simple automation Python API for pushing configuration and reading statistics.
2.20.4. Integration Topology
The Bird process (PyBird Server) runs on it’s own namespace on a TRex machine. It uses veths to communicate with the default namespace and transfer routes/data to TRex and from there to the DUT.
A single Bird process runs, but in this process we can simulate multiple instances of routing protocols. In the following sections, we will see how to run multiple BGP instances.
The Client uses PyBird Client in order to communicate with Bird through JSON-RPC2 over ZMQ API (each component described below).
Bird uses the TRex Linux namespace feature, therefore it is important to enable it before we proceed.
In this image we can see the general architecture. Specifically in this case, we are using two veths (one per physical interface), to connect TRex with the Bird namespace.
2.20.5. First Time Running
Let’s start with a simple example, pushing a few BGP routes to an ASR1K router.
As aforementioned, Bird uses the TRex Linux namespace feature, hence the first step is to enable it. If you want to read more about the Linux stack in TRex, please refer to: Linux Stack. The trex_cfg.yaml file should contain "stack: linux_based":
- version: 2 interfaces: ['82:00.0', '82:00.1'] stack: linux_based ...
In our topology the Bird veths are on the same subnet as the TRex ports. We must configure the TRex port to promiscuous mode so that the physical ports will forward Bird packets to the Bird daemon. In case your protocol uses multicast packets, we must configure the port in multicast mode as well.
-
First, let’s configure BGP on ASR1K:
asr1001-01#configure terminal Enter configuration commands, one per line. End with CNTL/Z. asr1001-01(config)#router bgp 65000 asr1001-01(config-router)#neighbor 1.1.1.3 remote-as 65000 asr1001-01(config-router)#neighbor 1.1.1.3 soft-reconfiguration inbound asr1001-01(config-router)#neighbor 1.1.2.3 remote-as 65000 asr1001-01(config-router)#neighbor 1.1.2.3 soft-reconfiguration inbound asr1001-01(config-router)#end
|
|
We are using soft-reconfiguration so we can see the received routes from each neighbor. |
-
Next, we run TRex in in software mode (with one or multiple cores) and set the Bird server flag:
[bash]>sudo ./t-rex-64 -i --bird-server --software -c 2
The --bird-server flag will load the Bird daemon (PyBird Client) and PyBird Server.
In another shell, let’s run the following script: stl/add_bird_node.py
Let’s take a look at a simplified version of the script. For more details check: Simple Bird node adding
c = STLClient(verbose_level = 'debug') my_ports = [0, 1] c.connect() c.acquire(ports = my_ports) c.set_service_mode(ports = my_ports, enabled = True)
| Setting TRex on service mode. |
| Use BirdCFGCreator in order to create a new Bird configuration |
| Setting the configuration we just created. |
| Create a Bird node |
| dot1Q is a configuration of veth not namespace. |
| Ensure Bird works on the protocols we just set. |
| Exit the PyBirdClient gracefully. |
Let’s see the router:
asr1001-01#show ip bgp summary BGP router identifier 1.1.2.1, local AS number 65000 BGP table version is 88, main routing table version 88 2 network entries using 496 bytes of memory 2 path entries using 240 bytes of memory 1/1 BGP path/bestpath attribute entries using 248 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP using 984 total bytes of memory BGP activity 35/33 prefixes, 50/48 paths, scan interval 60 secs Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 1.1.1.3 4 65000 0 0 1 0 0 15:39:20 Active 1.1.2.3 4 65000 5 4 88 0 0 00:00:06 2 asr1001-01#show ip bgp neighbors 1.1.2.3 received-routes BGP table version is 88, local router ID is 1.1.2.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *>i 10.10.10.0/24 1.1.1.3 100 0 i *>i 10.10.20.0/24 1.1.2.3 100 0 i Total number of prefixes 2
We can see that the router recognizes both its Bird neighbors.
|
|
The BGP neighboring between 1.1.1.3 and 1.1.1.1 in the router is in active because the router is not configured with dot1Q encapsulation, while the PyBird instance is. |
The Bird node at 1.1.2.3 successfully injected both routes to the router.
Pay attention that here we simulated two separate BGP instances.
2.20.6. Tutorial: Bird node adding using TRex console
All the tutorials are based on the topology here
- Goal
-
Demonstrate how to use Bird in TRex Console.
1) Open TRex console:
[bash]> ./trex-console
2) Enable service mode for wanted ports (-a for all). We also need to apply promiscuous and multicast to the ports:
trex>service -a trex(service)>portattr --prom on --mult on
3) Next, we load the Bird plugin:
trex(service)>plugins load bird
4) Let’s add a Bird node with the required parameters: (need at least aport and MAC address):
trex(service)>plugins bird add_node -p 0 --mac 00:00:00:00:00:06 --ipv4 1.1.1.3 --ipv4-subnet 24 trex(service)>plugins bird show_nodes -p 0 Bird Nodes Information Node MAC | ipv4 address | ipv4 subnet | ipv6 enabled | ipv6 address | ------------------+-------------------+-------------------+-------------------+-------------------+ 00:00:00:00:00:06 | 1.1.1.3 | 24 | False | - | ipv6 subnet | vlans | tpids -------------------+-------------------+------------------ - | - | -
5) Let’s take a look at a simple BGP Bird configuration with two BGP instances:
> more bird/cfg/bgp.conf router id 100.100.100.100; protocol device { scan time 1; } protocol bgp my_bgp1 { local 1.1.1.3 as 65000; # put your local ip and as number here neighbor 1.1.1.1 as 65000; # put your dut ip and as number here ipv4 { import all; # import all ipv4 routes export all; # export all ipv4 routes }; } # run a second instance protocol bgp my_bgp2 { local 1.1.2.3 as 65000; neighbor 1.1.2.1 as 65000; ipv4 { import all; export all; }; }
> more bird/cfg/ipv4_routes.conf protocol static { ipv4 { import all; export all; }; route 42.42.42.0/32 via 1.1.1.3; route 42.42.42.1/32 via 1.1.1.3; route 42.42.42.2/32 via 1.1.1.3; route 42.42.42.3/32 via 1.1.1.3; route 42.42.42.4/32 via 1.1.1.3; route 42.42.42.5/32 via 1.1.1.3; route 42.42.42.6/32 via 1.1.1.3; route 42.42.42.7/32 via 1.1.1.3; route 42.42.42.8/32 via 1.1.1.3; route 42.42.42.9/32 via 1.1.1.3; route 42.42.42.10/32 via 1.1.1.3; }
6) Set your wanted Bird config file and your routes file (examples located at "bird/cfg/*.conf"):
trex(service)>plugins bird set_config -f bird/cfg/bgp.conf -r bird/cfg/ipv4_routes.conf Bird configuration result: Configured successfully
You can as an alternative generate your own routes on fly using three flags (all required):
trex(service)>plugins bird set_config -f bird/cfg/bgp.conf --first-ip 42.42.42.0 --total-routes 100 --next-hop 1.1.1.3 Bird configuration result: Configured successfully
This will add 100 static routes of /32 nets with 1.1.1.3 as next-hop, starting from 42.42.42.0 till 42.42.42.100:
42.42.42.0/32 via 1.1.1.3; 42.42.42.1/32 via 1.1.1.3; ... 42.42.42.100/32 via 1.1.1.3;
7) We can see the running bird configuration using the following command:
trex(service)>plugins bird show_config router id 100.100.100.100; protocol device { scan time 1; } protocol bgp my_bgp1 { local 1.1.1.3 as 65000; neighbor 1.1.1.1 as 65000; ipv4 { import all; export all; }; } protocol bgp my_bgp2 { local 1.1.2.3 as 65000; neighbor 1.1.2.1 as 65000; ipv4 { import all; export all; }; } protocol static { ipv4 { import all; export all; }; route 42.42.42.0/32 via 1.1.1.3; route 42.42.42.1/32 via 1.1.1.3; route 42.42.42.2/32 via 1.1.1.3; route 42.42.42.3/32 via 1.1.1.3; route 42.42.42.4/32 via 1.1.1.3; route 42.42.42.5/32 via 1.1.1.3; route 42.42.42.6/32 via 1.1.1.3; route 42.42.42.7/32 via 1.1.1.3; route 42.42.42.8/32 via 1.1.1.3; route 42.42.42.9/32 via 1.1.1.3; route 42.42.42.10/32 via 1.1.1.3; }
8) We can see the protocol instances we are running in Bird:
trex(service)>plugins bird show_protocols Name Proto Table State Since Info device1 Device --- up 10:06:44.626 my_bgp1 BGP --- up 10:08:00.079 Established my_bgp2 BGP --- start 10:07:55.295 Active Socket: Connection closed static1 Static master4 up 10:07:55.295
|
|
The second BGP instance is Active but not Established. This is because we didn’t add a Bird node in that namespace. |
9) Let’s see it from the router’s side:
asr1001-01#show ip bgp summary BGP router identifier 1.1.2.1, local AS number 65000 BGP table version is 97, main routing table version 97 7 network entries using 1736 bytes of memory 7 path entries using 840 bytes of memory 1/1 BGP path/bestpath attribute entries using 248 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP using 2824 total bytes of memory BGP activity 42/35 prefixes, 57/50 paths, scan interval 60 secs Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 1.1.1.3 4 65000 7 6 97 0 0 00:02:38 7 1.1.2.3 4 65000 0 0 1 0 0 00:06:30 Idle asr1001-01#show ip bgp neighbors 1.1.1.3 received-routes BGP table version is 97, local router ID is 1.1.2.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *>i 42.42.42.0/32 1.1.1.3 100 0 i *>i 42.42.42.1/32 1.1.1.3 100 0 i *>i 42.42.42.2/32 1.1.1.3 100 0 i *>i 42.42.42.3/32 1.1.1.3 100 0 i *>i 42.42.42.4/32 1.1.1.3 100 0 i *>i 42.42.42.5/32 1.1.1.3 100 0 i *>i 42.42.42.10/32 1.1.1.3 100 0 i Total number of prefixes 7 asr1001-01#show ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override Gateway of last resort is not set 1.0.0.0/8 is variably subnetted, 4 subnets, 2 masks C 1.1.1.0/24 is directly connected, TenGigabitEthernet0/0/0 L 1.1.1.1/32 is directly connected, TenGigabitEthernet0/0/0 C 1.1.2.0/24 is directly connected, TenGigabitEthernet0/0/1 L 1.1.2.1/32 is directly connected, TenGigabitEthernet0/0/1 42.0.0.0/32 is subnetted, 7 subnets B 42.42.42.0 [200/0] via 1.1.1.3, 00:03:28 B 42.42.42.1 [200/0] via 1.1.1.3, 00:03:28 B 42.42.42.2 [200/0] via 1.1.1.3, 00:03:28 B 42.42.42.3 [200/0] via 1.1.1.3, 00:03:28 B 42.42.42.4 [200/0] via 1.1.1.3, 00:03:28 B 42.42.42.5 [200/0] via 1.1.1.3, 00:03:28 B 42.42.42.10 [200/0] via 1.1.1.3, 00:03:28
10) We can still generate UDP/TCP traffic while BGP is running. But for that we need to move to service filtered mode:
trex(service)>service --bgp --no-tcp-udp
11) To remove all the nodes, we can run:
trex(service)>ns remove-all
2.20.7. Tutorial: Bird with IPv6
We can run BGP on top of IPv6 as well as on top of IPv4. We are going to show here a simple Bird BGP configuration for IPv6. Of course, the router needs to be configured with IPv6 as well.
trex(service)>plugins bird add_node -p 0 --mac 00:00:00:01:00:07 --ipv6-enable --ipv6 2001:db8:0:2222::3 --ipv6-subnet 64
plugins bird set_config -f bird/cfg/bgp_ipv6.conf> cat scripts/bird/cfg/bgp_ipv6.conf router id 100.100.100.100; protocol device { scan time 1; } protocol bgp my_bgp { local 2001:db8:0:2222::3 as 65000; neighbor 2001:db8:0:2222::1 as 65000; ipv6 { import all; export all; }; }
2.20.8. Tutorial: Leveraging the Bird configuration files
Bird configuration files offer a full range of possibilities. They are very close to a programming language and we can define in them functions, filters, variables etc.
- Goal
-
Export only locally originating routes in our BGP instances.
In the previous examples we explored the possibility of running two BGP instances. We saw however that both the instances export all the routes. For example let’s say we have the following IPv4 routes file:
protocol static {
ipv4 {
import all;
export all;
};
route 42.42.42.1/32 via 1.1.1.3;
route 42.42.42.2/32 via 1.1.2.3;
}The router will receive all the static routes from both the neighbors and add the correct route in its routing table:
asr1001-01#show ip bgp summary BGP router identifier 1.1.2.1, local AS number 65000 BGP table version is 125, main routing table version 125 2 network entries using 496 bytes of memory 4 path entries using 480 bytes of memory 1/1 BGP path/bestpath attribute entries using 248 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP using 1224 total bytes of memory BGP activity 53/42 prefixes, 79/75 paths, scan interval 60 secs Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 1.1.1.3 4 65000 8 5 125 0 0 00:01:00 2 1.1.2.3 4 65000 7 6 125 0 0 00:00:47 2 asr1001-01#show ip bgp neighbors 1.1.1.3 received-routes BGP table version is 125, local router ID is 1.1.2.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *>i 42.42.42.1/32 1.1.1.3 100 0 i *>i 42.42.42.2/32 1.1.2.3 100 0 i Total number of prefixes 2 asr1001-01#show ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override Gateway of last resort is not set 1.0.0.0/8 is variably subnetted, 4 subnets, 2 masks C 1.1.1.0/24 is directly connected, TenGigabitEthernet0/0/0 L 1.1.1.1/32 is directly connected, TenGigabitEthernet0/0/0 C 1.1.2.0/24 is directly connected, TenGigabitEthernet0/0/1 L 1.1.2.1/32 is directly connected, TenGigabitEthernet0/0/1 42.0.0.0/32 is subnetted, 2 subnets B 42.42.42.1 [200/0] via 1.1.1.3, 00:01:53 B 42.42.42.2 [200/0] via 1.1.2.3, 00:00:57
What if we want to publish only the locally originating routes? Meaning the 1.1.1.3 node will publish only 42.42.42.1/32 since it originates at 1.1.1.3 while, the 1.1.2.3 node will only publish 42.42.42.2/32?
We can achieve the required quite easily, if we slightly modify our BGP conf file to the following:
> cat scripts/bird/cfg/bgp_filter.conf router id 100.100.100.100; protocol device { scan time 1; } protocol bgp my_bgp1 { local 1.1.1.3 as 65000; # put your local ip and as number here neighbor 1.1.1.1 as 65000; # put your dut ip and as number here ipv4 { import all; export filter { # only locally originating routes if gw = 1.1.1.3 then accept; else reject; }; }; } # second instance protocol bgp my_bgp2 { local 1.1.2.3 as 65000; neighbor 1.1.2.1 as 65000; ipv4 { import all; export filter { print from; if gw = 1.1.2.3 then accept; else reject; }; }; }
We applied a simple filter, that exports routes whose gateway (gw) is ourselves. In this case, the router will receive the following:
asr1001-01#show ip bgp summary BGP router identifier 1.1.2.1, local AS number 65000 BGP table version is 126, main routing table version 126 2 network entries using 496 bytes of memory 2 path entries using 240 bytes of memory 1/1 BGP path/bestpath attribute entries using 248 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP using 984 total bytes of memory BGP activity 53/51 prefixes, 79/77 paths, scan interval 60 secs Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 1.1.1.3 4 65000 23 16 126 0 0 00:11:05 1 1.1.2.3 4 65000 23 18 126 0 0 00:10:53 1 asr1001-01#show ip bgp neighbors 1.1.1.3 received-routes BGP table version is 126, local router ID is 1.1.2.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *>i 42.42.42.1/32 1.1.1.3 100 0 i Total number of prefixes 1
TRex supports all the configuration files that Bird offers. To leverage these configuration files at best, please refer to the Bird documentation. Complex traffic engineering can be achieved quite easily using the correct attributes, functions and filters that the Bird configuration files can offer.
2.20.9. Tutorial: Simple Bird node adding
- Goal
-
Demonstrate adding a Bird node as implemented in
add_bird_node.py.
As for now, in order to add a Bird node you need to connect and acquire the wanted port/s and set service mode on. Afterwards you can use the set_bird_node method as follows:
c = STLClient(verbose_level = 'debug')
| We can use STL or ASTF clients. |
| Bird requires promiscuous mode applied. It also requires multicast, depending on protocol. |
| Service mode must be set. |
| The physical port to which the node will be attached. |
| The Mac address for the new Bird node, needs to be unique. |
| The IPv4 address for the new node, MUST be on the same subnet with DUT interface. |
| Busy wait until Bird confirms connection established on "my_bgp1" protocol. |
|
|
In case we add another Bird node with different parameters but the same Mac address an exception will be raised. Mac addresses must be unique. |
2.20.10. Tutorial: Advanced Bird node adding
- Goal
-
Demonstrate a more advanced way of adding a Bird node.
The simple way we just saw uses the Namespace API to add a Bird node. Specifically, it uses the add_node function:
... cmds.add_node(mac, is_bird=True) ...
The flow for the set_bird_node Bird API we saw goes like this:
-
Check if a Bird node with that Mac address already exists.
-
Set "promiscuous" mode on.
-
Remove all the namespaces and nodes from the node_port we want bird to work on.
-
Create the Bird node.
-
Set IPv4 with a subnet.
-
Enable IPv6.
-
Send all commands asynchronously.
-
Wait for the commands to finish.
You may use the underlying add_node function and change the logic of set_bird_node to your requirements but we do not suggest it.
2.20.11. BirdCFGCreator
- Goal
-
Show how to create the final
bird.conffile with the routing protocols and the routes themselves (as static routes).
The BirdCFGCreator creates the Bird config file that the PyBirdServer needs in order to inject the routes. Here we define the routing protocols and their parameters.
The BirdCFGCreator SDK is located here: Stateless Python API - Bird CFG Creator
As a parameter you may provide your own configuration file as a string. Any valid Bird configuration will work.
In case you don’t provide one, it will use our default configuration. The default configuration contains only "device protocol" scanning new devices every 1 second and a dummy "router id" IP.
|
|
The configuration file must be valid according to Bird’s Documentation |
Adding Routing Protocols
Once we create a BirdCFGCreator object, dummy or not, we can add protocols instances to it:
List of supported protocols: Bird’s Protocols Documentation
bird_cfg = BirdCFGCreator() # using default cfg bgp_data1 = """ local 1.1.1.3 as 65000; neighbor 1.1.1.1 as 65000; ipv4 { import all; export all; }; """ bird_cfg.add_protocol(protocol = "bgp", name = "my_bgp1", data = bgp_data1)
Adding Routes
Finally, after we have added our routing protocols, we can add routes to inject.
There are two types of routes:
-
Simple routes
-
Extended routes.
Simple routes are static routes with a gateway/next_hop parameter, that can be an IP or an interface name. These are the routes we saw until now. Extended routes are generic routes, where the next_hop value can contain all types of attributes. Let us look at a couple of examples.
Here is a simple route addition:
bird_cfg = BirdCFGCreator() # using default cfg bird_cfg.add_route(dst_cidr = "42.42.42.42/32", next_hop = "1.1.1.3")
And here is an extended route addition:
bird_cfg = BirdCFGCreator() # using default cfg next_hop = """ 198.51.100.100 { ospf_metric2 = 100; # Set extended attribute ospf_tag = 2; # Set extended attribute bfd; # BFD-controlled route } """ bird_cfg.add_route(dst_cidr = "42.42.42.42/32", next_hop = next_hop)
For a list of the possible attributes, please refer to Bird’s documentation.
Creating The Final Configuration
Once we have added our protocols and our routes, we can build the final configuration file, prior to sending it to the PyBird Server using the PyBirdClient.
bird_config = bird_cfg.build_config()
2.20.12. PyBird Client
- Goal
-
Show the API for communicating with PyBird Server located on TRex machine using JSON-RPC2 over ZMQ.
For the SDK of PyBirdClient refer to: Stateless Python API - PyBird Client
Flow Example
Let us look at a simple flow:
pybird_c = PyBirdClient(ip='localhost', port=4509)
| Create a PyBird client, which should connect to the PyBird Server on local host at port 4509. |
| Connect to the PyBird server, required for every method. |
| Acquire handler from server, required for command methods. |
| Get configuration of the server, a query method. |
| Setting an empty config file, a command method. |
| Release the acquired handler. |
| Disconnect from server. |
Commands
The API in PyBird is divided into two categories: query and commands.
In case of using a query like: get_config, connecting will be enough. In case of using a command like: set_config you have to connect and acquire.
The TRex client object uses this object as its underlay, but it is possible to use it directly .
|
|
PyBird Client will release & disconnect anyway when the object is destroyed. But it’s not recommended to rely on that. |
PyBird performance numbers
| Routes | time(sec) | ASR1K CPU% |
|---|---|---|
10 |
1 |
1 % |
1,000,000 |
20 |
100% 70K route/sec |
Bird Console
If you want to communicate directly with Bird you may use the Bird Console.
cd scripts/bird ./birdcl -s /tmp/trex-bird/bird.ctl #
| Default Bird socket file path |
You can learn more of Bird console commands at Bird Remote Control Doc.
|
|
Do not apply commands that may alter the Bird configuration while TRex is running with Bird server, only use it for query commands. |
2.21. Appendix
2.21.1. Scapy packet examples
# UDP header Ether()/IP(src="16.0.0.1",dst="48.0.0.1")/UDP(dport=12,sport=1025) # UDP over one vlan Ether()/Dot1Q(vlan=12)/IP(src="16.0.0.1",dst="48.0.0.1")/UDP(dport=12,sport=1025) # UDP QinQ Ether()/Dot1Q(vlan=12)/Dot1Q(vlan=12)/IP(src="16.0.0.1",dst="48.0.0.1")/UDP(dport=12,sport=1025) #TCP over IP over VLAN Ether()/Dot1Q(vlan=12)/IP(src="16.0.0.1",dst="48.0.0.1")/TCP(dport=12,sport=1025) # IPv6 over vlan Ether()/Dot1Q(vlan=12)/IPv6(src="::5")/TCP(dport=12,sport=1025) #Ipv6 over UDP over IP Ether()/IP()/UDP()/IPv6(src="::5")/TCP(dport=12,sport=1025) #DNS packet Ether()/IP()/UDP()/DNS() #HTTP packet Ether()/IP()/TCP()/"GET / HTTP/1.1\r\nHost: www.google.com\r\n\r\n"
2.21.2. HLT supported Arguments
connect
| Argument | Default | Comment |
|---|---|---|
device |
localhost |
ip or hostname of TRex |
trex_rpc_port |
None |
TRex extention: RPC port of TRex server (for several TRexes under same OS) |
trex_pub_port |
None |
TRex extention: Publisher port of TRex server (for several TRexes under same OS) |
trex_timeout_sec |
None |
TRex extention: Timeout of rpc/pub connections |
port_list |
None |
list of ports |
username |
TRexUser |
|
reset |
True |
|
break_locks |
False |
cleanup_session
| Argument | Default | Comment |
|---|---|---|
maintain_lock |
False |
release ports at the end or not |
port_list |
None |
|
port_handle |
None |
traffic_config
| Argument | Default | Comment |
|---|---|---|
mode |
None |
( create | modify | remove | reset ) |
split_by_cores |
split |
( split | duplicate | single ) TRex extention: split = split traffic by cores, duplicate = duplicate traffic for all cores, single = run only with sinle core (not implemented yet) |
load_profile |
None |
TRex extention: path to filename with stream profile (stream builder parameters will be ignored, limitation: modify) |
consistent_random |
False |
TRex extention: False (default) = random sequence will be different every run, True = random sequence will be same every run |
ignore_macs |
False |
TRex extention: True = use MACs from server configuration, no MAC VM (workaround on lack of ARP) |
disable_flow_stats |
False |
TRex extention: True = don’t use flow stats for this stream, (workaround for limitation on type of packet for flow_stats) |
flow_stats_id |
None |
TRex extention: uint, for use of STLHltStream, specifies id for flow stats (see stateless manual for flow_stats details) |
port_handle |
None |
|
port_handle2 |
None |
|
bidirectional |
False |
|
stream builder parameters |
||
transmit_mode |
continuous |
( continuous | multi_burst | single_burst ) |
rate_pps |
None |
|
rate_bps |
None |
|
rate_percent |
10 |
|
stream_id |
None |
|
name |
None |
|
direction |
0 |
TRex extention: 1 = exchange sources and destinations, 0 = do nothing |
pkts_per_burst |
1 |
|
burst_loop_count |
1 |
|
inter_burst_gap |
12 |
|
length_mode |
fixed |
( auto | fixed | increment | decrement | random | imix ) |
l3_imix1_size |
64 |
|
l3_imix1_ratio |
7 |
|
l3_imix2_size |
570 |
|
l3_imix2_ratio |
4 |
|
l3_imix3_size |
1518 |
|
l3_imix3_ratio |
1 |
|
l3_imix4_size |
9230 |
|
l3_imix4_ratio |
0 |
|
L2 |
||
frame_size |
64 |
|
frame_size_min |
64 |
|
frame_size_max |
64 |
|
frame_size_step |
1 |
|
l2_encap |
ethernet_ii |
( ethernet_ii | ethernet_ii_vlan ) |
mac_src |
00:00:01:00:00:01 |
|
mac_dst |
00:00:00:00:00:00 |
|
mac_src2 |
00:00:01:00:00:01 |
|
mac_dst2 |
00:00:00:00:00:00 |
|
mac_src_mode |
fixed |
( fixed | increment | decrement | random ) |
mac_src_step |
1 |
we are changing only 32 lowest bits |
mac_src_count |
1 |
|
mac_dst_mode |
fixed |
( fixed | increment | decrement | random ) |
mac_dst_step |
1 |
we are changing only 32 lowest bits |
mac_dst_count |
1 |
|
mac_src2_mode |
fixed |
( fixed | increment | decrement | random ) |
mac_src2_step |
1 |
|
mac_src2_count |
1 |
|
mac_dst2_mode |
fixed |
( fixed | increment | decrement | random ) |
mac_dst2_step |
1 |
|
mac_dst2_count |
1 |
|
vlan options below can have multiple values for nested Dot1Q headers |
||
vlan_user_priority |
1 |
|
vlan_priority_mode |
fixed |
( fixed | increment | decrement | random ) |
vlan_priority_count |
1 |
|
vlan_priority_step |
1 |
|
vlan_id |
0 |
|
vlan_id_mode |
fixed |
( fixed | increment | decrement | random ) |
vlan_id_count |
1 |
|
vlan_id_step |
1 |
|
vlan_cfi |
1 |
|
vlan_protocol_tag_id |
None |
|
L3, general |
||
l3_protocol |
None |
( ipv4 | ipv6 ) |
l3_length_min |
110 |
|
l3_length_max |
238 |
|
l3_length_step |
1 |
|
L3, IPv4 |
||
ip_precedence |
0 |
|
ip_tos_field |
0 |
|
ip_mbz |
0 |
|
ip_delay |
0 |
|
ip_throughput |
0 |
|
ip_reliability |
0 |
|
ip_cost |
0 |
|
ip_reserved |
0 |
|
ip_dscp |
0 |
|
ip_cu |
0 |
|
l3_length |
None |
|
ip_id |
0 |
|
ip_fragment_offset |
0 |
|
ip_ttl |
64 |
|
ip_checksum |
None |
|
ip_src_addr |
0.0.0.0 |
|
ip_dst_addr |
192.0.0.1 |
|
ip_src_mode |
fixed |
( fixed | increment | decrement | random ) |
ip_src_step |
1 |
ip or number |
ip_src_count |
1 |
|
ip_dst_mode |
fixed |
( fixed | increment | decrement | random ) |
ip_dst_step |
1 |
ip or number |
ip_dst_count |
1 |
|
L3, IPv6 |
||
ipv6_traffic_class |
0 |
|
ipv6_flow_label |
0 |
|
ipv6_length |
None |
|
ipv6_next_header |
None |
|
ipv6_hop_limit |
64 |
|
ipv6_src_addr |
fe80:0:0:0:0:0:0:12 |
|
ipv6_dst_addr |
fe80:0:0:0:0:0:0:22 |
|
ipv6_src_mode |
fixed |
( fixed | increment | decrement | random ) |
ipv6_src_step |
1 |
we are changing only 32 lowest bits; can be ipv6 or number |
ipv6_src_count |
1 |
|
ipv6_dst_mode |
fixed |
( fixed | increment | decrement | random ) |
ipv6_dst_step |
1 |
we are changing only 32 lowest bits; can be ipv6 or number |
ipv6_dst_count |
1 |
|
L4, TCP |
||
l4_protocol |
None |
( tcp | udp ) |
tcp_src_port |
1024 |
|
tcp_dst_port |
80 |
|
tcp_seq_num |
1 |
|
tcp_ack_num |
1 |
|
tcp_data_offset |
5 |
|
tcp_fin_flag |
0 |
|
tcp_syn_flag |
0 |
|
tcp_rst_flag |
0 |
|
tcp_psh_flag |
0 |
|
tcp_ack_flag |
0 |
|
tcp_urg_flag |
0 |
|
tcp_window |
4069 |
|
tcp_checksum |
None |
|
tcp_urgent_ptr |
0 |
|
tcp_src_port_mode |
increment |
( increment | decrement | random ) |
tcp_src_port_step |
1 |
|
tcp_src_port_count |
1 |
|
tcp_dst_port_mode |
increment |
( increment | decrement | random ) |
tcp_dst_port_step |
1 |
|
tcp_dst_port_count |
1 |
|
L4, UDP |
||
udp_src_port |
1024 |
|
udp_dst_port |
80 |
|
udp_length |
None |
|
udp_dst_port_mode |
increment |
( increment | decrement | random ) |
udp_src_port_step |
1 |
|
udp_src_port_count |
1 |
|
udp_src_port_mode |
increment |
( increment | decrement | random ) |
udp_dst_port_step |
1 |
|
udp_dst_port_count |
1 |
|
traffic_control
| Argument | Default | Comment |
|---|---|---|
action |
None |
( clear_stats | run | stop | sync_run | poll | reset ) |
port_handle |
None |
traffic_stats
| Argument | Default | Comment |
|---|---|---|
mode |
aggregate |
( all | aggregate | streams ) |
port_handle |
None |
2.21.3. FD.IO open source project using TRex
2.21.4. Using Stateless client via JSON-RPC
For functions that do not require complex objects and can use JSON-serializable input/output, you can use Stateless API via JSON-RPC proxy server.
Thus, you can use Stateless TRex from any language supporting JSON-RPC.
How to run TRex side:
-
Run the Stateless TRex server in one of 2 ways:
-
Option 1: Run TRex directly in shell:
[bash]>sudo ./t-rex-64 -i
-
Option 2: Run TRex via JSON-RPC command to
trex_daemon_server:start_trex(trex_cmd_options, user, block_to_success = True, timeout = 40, stateless = True)
-
-
Run the RPC "Proxy" to stateless in one of 2 ways:
-
Option 1: Run directly:
cd scripts/automation/trex_control_plane/server/ python rpc_proxy_server.py
-
Option 2: Send JSON-RPC command to
master_daemon:if not master_daemon.is_stl_rpc_proxy_running(): master_daemon.start_stl_rpc_proxy()
-
Now you can send requests to the rpc_proxy_server and get results as an array of 2 values:
-
If the request failed, result will be: [False, <traceback log with error>]
-
If the request succeded, result will be: [True, <return value of called function>]
You can find an example of how to use the "Proxy" here: using_rpc_proxy.py
Native Stateless API functions:
-
acquire
-
connect
-
disconnect
-
get_stats
-
get_warnings
-
push_remote
-
reset
-
wait_on_traffic
These functions can be called directly as
server.push_remote('udp_traffic.pcap').
If you need any other function of a stateless client, you can either add it to rpc_proxy_server.py, or use this method:
server.native_method(func_name="func_name", *args, **kwargs)
HLTAPI Methods can be called here as well:
-
connect
-
cleanup_session
-
interface_config
-
traffic_config
-
traffic_control
-
traffic_stats
|
|
In case of name collision with native functions (such as connect), for HLTAPI, function will change to have "hlt_" prefix. |
Example of running from Java:
package com.cisco.trex_example; import java.net.URL; import java.util.ArrayList; import java.util.Arrays; import java.util.Map; import java.util.HashMap; import com.googlecode.jsonrpc4j.JsonRpcHttpClient; public class TrexMain { @SuppressWarnings("rawtypes") public static Object verify(ArrayList response) { if ((boolean) response.get(0)) { return response.get(1); } System.out.println("Error: " + response.get(1)); System.exit(1); return null; } @SuppressWarnings("rawtypes") public static void main(String[] args) throws Throwable { try { String trex_host = "csi-trex-11"; int rpc_proxy_port = 8095; Map<String, Object> kwargs = new HashMap<>(); ArrayList<Integer> ports = new ArrayList<Integer>(); HashMap res_dict = new HashMap<>(); ArrayList res_list = new ArrayList(); JsonRpcHttpClient rpcConnection = new JsonRpcHttpClient(new URL("http://" + trex_host + ":" + rpc_proxy_port)); System.out.println("Initializing Native Client"); kwargs.put("server", trex_host); kwargs.put("force", true); verify(rpcConnection.invoke("native_proxy_init", kwargs, ArrayList.class)); kwargs.clear(); System.out.println("Connecting to TRex server"); verify(rpcConnection.invoke("connect", kwargs, ArrayList.class)); System.out.println("Resetting all ports"); verify(rpcConnection.invoke("reset", kwargs, ArrayList.class)); System.out.println("Getting ports info"); kwargs.put("func_name", "get_port_info"); // some "custom" function res_list = (ArrayList) verify(rpcConnection.invoke("native_method", kwargs, ArrayList.class)); System.out.println("Ports info is: " + Arrays.toString(res_list.toArray())); kwargs.clear(); for (int i = 0; i < res_list.size(); i++) { Map port = (Map) res_list.get(i); ports.add((int)port.get("index")); } System.out.println("Sending pcap to ports: " + Arrays.toString(ports.toArray())); kwargs.put("pcap_filename", "stl/sample.pcap"); verify(rpcConnection.invoke("push_remote", kwargs, ArrayList.class)); kwargs.clear(); verify(rpcConnection.invoke("wait_on_traffic", kwargs, ArrayList.class)); System.out.println("Getting stats"); res_dict = (HashMap) verify(rpcConnection.invoke("get_stats", kwargs, ArrayList.class)); System.out.println("Stats: " + res_dict.toString()); System.out.println("Deleting Native Client instance"); verify(rpcConnection.invoke("native_proxy_del", kwargs, ArrayList.class)); } catch (Throwable e) { e.printStackTrace(); } } }
2.21.5. Using Emu client via JSON-RPC
Using the same idea as with the Stateless proxy, we added support for an Emu Proxy that will allow JSON-RPC communication from any language to the Emu Python Client, which itself communicates with the Emu server.
The following figure provides a simple overview and the objects:
This design has some advantages:
-
You don’t need to implement Client Code, ever.
-
You will get to use our Python Api, which is always updated.
But also some disadvantages:
-
Passing Python classes via JSON-RPC from another language is difficult.
-
Slower.
How to run:
-
Run TRex server using together with Emu, for example:
[bash]>sudo ./t-rex-64 -i --software --emu
-
Run the RPC "Proxy" to Emu in one of 2 ways:
-
Option 1: Run directly:
cd scripts/automation/trex_control_plane/server/ python rpc_proxy_server.py --emu #
Note the --emuflag. By default only the Stateless Proxy is created. -
Option 2: Send JSON-RPC command to
master_daemonwhich must be started with--emu-rpc-proxy.if not master_daemon.is_stl_rpc_proxy_running(): master_daemon.start_stl_rpc_proxy()
Make sure that the master_daemonis started with--emu-rpc-proxy.
-
Emu Methods:
-
connect
-
is_connected
-
disconnect
-
load_profile
-
remove_profile
-
add_ns
-
remove_ns
-
add_clients
-
remove_clients
-
get_counters
-
get_server_version
These methods can be called simply by prepending emu_. For example:
server.emu_connect()
However make sure you initialize the Emu proxy first:
server.emu_proxy_init(server = args.server, force = True)
For other EmuClient methods that are not listed above, you can use emu_method, i.e:
server.emu_method(func_name = "get_all_ns_and_clients")
Emu Plugin Methods
For plugin methods you can use emu_plugin_method by providing the plugin_name and the func_name:
server.emu_plugin_method(plugin_name = "arp", func_name = "get_counters", **{ 'ns_key': {'vport': 0, 'tpid': [0, 0], 'tci': [0, 0], 'py/object': 'trex.emu.trex_emu_profile.EMUNamespaceKey'}, 'zero': True, 'verbose': True }))
Complex Python Types
JSON-RPC supports primitive seriazable types like strings, numbers, list, dictionaries etc.. However, for a lot of EmuClient methods and Emu plugin methods we need complex types.
Such examples are EmuNamespaceKey, EmuClientKey, etc..
Unlike the Stateless Proxy, the Emu Proxy has support for non primitive types. We achieve this using jsonpickle.
|
|
jsonpickle can execute arbitrary Python code. Do not load jsonpickles from untrusted / unauthenticated sources. |
You can encode any Python Type into a string using jsonpickle
import outer_packages import jsonpickle from trex.emu.api import * ns_key = EMUNamespaceKey(vport=0) enc = jsonpickle.encode(ns_key)
| Encode the Python object to a string. |
| Decode the string to a Python object. |
From any JSON-RPC client, for example Java, you can send a jsonpickle encoded string to the Emu Proxy which will in terms decode it using jsonpickle. This way we can pass complex Python types to the Emu Proxy.
|
|
|
2.21.6. Bird Compilation
Just add "--with-bird" flag to configure command like so:
[bash]> ./b configure --with-bird [bash]> ./b build
- From Bird’s Documentation:
-
For compiling BIRD you need these programs and libraries:
-
GNU C Compiler (or LLVM Clang)
-
GNU Make
-
GNU Bison
-
GNU M4
-
Flex
-
ncurses library
-
GNU Readline library
-
libssh library (optional, for RPKI-Router protocol)
-
|
|
In case of compilation problems, try build with "-v" flag in order to see bird compilation output. |