Age | Commit message (Collapse) | Author |
|
Without this change, this test produces quite opaque errors as valid TCP
segments are not logged; what we see in the end is any random traffic that
happened *after* the final TCP segment.
PiperOrigin-RevId: 346864169
|
|
PiperOrigin-RevId: 346852543
|
|
PiperOrigin-RevId: 346840424
|
|
PiperOrigin-RevId: 346818310
|
|
Recursive make is difficult to follow and debug. Drop this by using
internal functions, which, while difficult, are easier than trying to
following recursive invokations.
Further simplify the Makefile by collapsing the image bits and removing
the tools/vm directory, which is effectively unused.
Fixes #4952
PiperOrigin-RevId: 346569133
|
|
PiperOrigin-RevId: 346487763
|
|
Prior to this change tcpdump would fail to create its output file
because the destination directory was owned by root. This would later
cause killall to fail, as tcpdump was not running. Check exit code of
tcpdump/tshark to produce better error messages should this regress.
PiperOrigin-RevId: 346353911
|
|
Avoid action at a distance where both `snifferArgs` and `snifferProg`
must stay in sync.
PiperOrigin-RevId: 346341231
|
|
- Remove unused constants
- Correct function doc comment
- Remove useless cast
- Restore comment removed in an earlier change
PiperOrigin-RevId: 346205943
|
|
PiperOrigin-RevId: 346109185
|
|
With the recent changes db36d948fa63ce950d94a5e8e9ebc37956543661, we try
to balance the receive window advertisements between payload lengths vs
segment overhead length. This works fine when segment size are much
higher than the overhead, but not otherwise. In cases where the segment
length is smaller than the segment overhead, we may end up not
advertising zero receive window for long time and end up tail-dropping
segments. This is especially pronounced when application socket reads
are slow or stopped. In this change we do not grow the right edge of
the receive window for smaller segment sizes similar to Linux.
Also, we keep track of the socket buffer usage and let the window grow
if the application is actively reading data.
Fixes #4903
PiperOrigin-RevId: 345832012
|
|
PiperOrigin-RevId: 345701623
|
|
However, receiving duplicated fragments will not cause reassembly to
fail. This is what Linux does too:
https://github.com/torvalds/linux/blob/38525c6/net/ipv4/inet_fragment.c#L355
PiperOrigin-RevId: 345309546
|
|
Stop showing wrong timeout values in packetimpact test error messages. e.g.
"got frames ... want ... during -123ms"
PiperOrigin-RevId: 345144938
|
|
...as defined by RFC 2710. Querier (router)-side MLDv1 is not yet
supported.
The core state machine is shared with IGMPv2.
This is guarded behind a flag (ipv6.Options.MLDEnabled).
Tests: ip_test.TestMGP*
Bug #4861
PiperOrigin-RevId: 344344095
|
|
To create DUTs in parallel, we need to create goroutines to do the setup. The
old code base has a lot of t.Fatal(f) usage in those setup functions which is
not great for this change: "FailNow must be called from the goroutine running
the test or benchmark function, not from other goroutines created during the
test" (https://golang.org/pkg/testing/#T.FailNow).
- Cleanup all t.Fatal(f) usage in DUT.Prepare()
- use goroutines to create DUTs in parallel
PiperOrigin-RevId: 344275809
|
|
Added a new flag num_duts to the test runner to create multiple DUTs for the
testbench can connect to.
PiperOrigin-RevId: 344195435
|
|
Because the code handles a bad header as "payload" right up to the last moment
we need to make sure payload handling does not remove the error information.
Fixes #4909
PiperOrigin-RevId: 344141690
|
|
1. setsockopt(SO_RCVTIMEO, 0) == never timeout
2. float64(time.Microsecond/time.Second) == 0
3. packetimpact tests use a lot of 1s timeouts
This becomes a more significant problem because of a recent change that binds
the sniffer only on the specific testNet interface so now the traffic on the
ctrlNet cannot wake up the blocking call anymore.
PiperOrigin-RevId: 344123465
|
|
Summary of the approach: the test runner will set up a few DUTs according to
a flag and pass all the test networks to the testbench. The testbench will only
reside in a single container. The testbench will put all the test networks into
a buffered channel which served as a semaphore and now the user can freely use
t.Parallel() in (sub)tests and the true parallelism will be determined by how
many DUTs are configured. Creating DUTs on demand is not supported yet, the
test author should determine the number of DUTs to be used statically.
Specifically in this change:
- Don't export any global variables about the test network in testbench.
- Sniffer only binds on the local interface because it will be possible to have
multiple interfaces to multiple DUTs in a single testbench container.
- Migrate existing tests to stop using global variables.
PiperOrigin-RevId: 343965962
|
|
Group addressable endpoints can simply check if it has joined the
multicast group without maintaining address endpoints. This also
helps remove the dependency on AddressableEndpoint from
GroupAddressableEndpoint.
Now that group addresses are not tracked with address endpoints, we can
avoid accidentally obtaining a route with a multicast local address.
PiperOrigin-RevId: 343336912
|
|
PiperOrigin-RevId: 343144023
|
|
Updates #4427
PiperOrigin-RevId: 342703931
|
|
PiperOrigin-RevId: 342366891
|
|
RELNOTES: n/a
PiperOrigin-RevId: 342176296
|
|
Most packets don't have options but they are an integral part of the
standard. Teaching the ipv4 code how to handle them will simplify future
testing and use. Because Options are so rare it is worth making sure
that the extra work is kept out of the fast path as much as possible.
Prior to this change, all usages of the IHL field of the IPv4Fields/Encode
system set it to the same constant value except in a couple of tests
for bad values. From this change IHL will not be a constant as it will
depend on the size of any Options. Since ipv4.Encode() now handles the
options it becomes a possible source of errors to let the callers set
this value, so remove it entirely and calculate the value from the size
of the Options if present (or not) therefore guaranteeing a correct value.
Fixes #4709
RELNOTES: n/a
PiperOrigin-RevId: 341864765
|
|
Teach ICMP.Parser/ToBytes to handle some non echo ICMP packets.
Teach IPv4.Parser that fragments only have a payload, not an upper layer.
Fix IPv4 and IPv6 reassembly tests to handle the change.
Fixes #4758
PiperOrigin-RevId: 341549665
|
|
PiperOrigin-RevId: 341470647
|
|
PiperOrigin-RevId: 340763455
|
|
The IPv6 reassembly test was also refactored to be easily extended with
more cases.
PiperOrigin-RevId: 339768605
|
|
PiperOrigin-RevId: 339699771
|
|
This makes handling inbound fragmented packets easier, because a fragmented
packet might not have an actual ICMP header but only a payload. After this
change, the ICMPv4 is the last layer you can get because the payload is
embedded in it.
Note that this makes it consistent with the ICMPv6 implementation.
While I'm here, I've also added the Ident and Sequence fields on the ICMPv4
type. Defaults are still zero.
PiperOrigin-RevId: 339577094
|
|
PiperOrigin-RevId: 339476515
|
|
By exposing an ALL_TESTS list in defs.bzl we can make sure all packetimpact
users get to agree on the list of all tests. A defect in this approach is that
we have to keep a list of packetimpact_testbench rules in the BUILD file. An
helper validate_all_tests has been added to help keep BUILD and .bzl files in
sync.
PiperOrigin-RevId: 337411839
|
|
PiperOrigin-RevId: 336350318
|
|
This change also adds support to go_stateify for detecting an appropriate
receiver name, avoiding a large number of false positives.
PiperOrigin-RevId: 335994587
|
|
Most of the IPv4 fragmentation code was moved in the fragmentation
package and it is reused by IPv6 fragmentation.
Test:
- pkg/tcpip/network/ipv4:ipv4_test
- pkg/tcpip/network/ipv6:ipv6_test
- pkg/tcpip/network/fragmentation:fragmentation_test
Fixes #4389
PiperOrigin-RevId: 335714280
|
|
When the socket is set with SO_LINGER and close()'d in the initial state, it
should not linger and return immediately.
PiperOrigin-RevId: 334263149
|
|
segment_queue today has its own standalone limit of MaxUnprocessedSegments but
this can be a problem in UnlockUser() we do not release the lock till there are
segments to be processed. What can happen is as handleSegments dequeues packets
more keep getting queued and we will never release the lock. This can keep
happening even if the receive buffer is full because nothing can read() till we
release the lock.
Further having a separate limit for pending segments makes it harder to track
memory usage etc. Unifying the limits makes it easier to reason about memory in
use and makes the overall buffer behaviour more consistent.
PiperOrigin-RevId: 333508122
|
|
PiperOrigin-RevId: 333400865
|
|
TCP needs to enqueue any send requests arriving when the connection is in
SYN_SENT state. The data should be sent out soon after completion of the
connection handshake.
Fixes #3995
PiperOrigin-RevId: 332482041
|
|
There are two device names on the test net.
- The sniffer/injector device which is always a linux device. Only the
testbench library is interested in this device.
- The device which is on the DUT. It happens to be the same device as
the former if DUT is linux. An individual test might be interested in
this device if the test cares about the device name.
PiperOrigin-RevId: 332112968
|
|
PiperOrigin-RevId: 332097286
|
|
gVisor stack ignores RSTs when in TIME_WAIT which is not the default
Linux behavior. Add a packetimpact test to test the same.
Also update code comments to reflect the rationale for the current
gVisor behavior.
PiperOrigin-RevId: 331629879
|
|
Packetimpact on Fuchsia was formerly using the Linux test device name. This
change fixes that.
PiperOrigin-RevId: 331211518
|
|
PiperOrigin-RevId: 329902747
|
|
blaze test <test_name>_fuchsia_test will run the corresponding packetimpact
test against fuchsia.
PiperOrigin-RevId: 329835290
|
|
On receiving an ACK with unacceptable ACK number, in a closing state,
TCP, needs to reply back with an ACK with correct seq and ack numbers and
remain in same state. This change is as per RFC793 page 37, but with a
difference that it does not apply to ESTABLISHED state, just as in Linux.
Also add more tests to check for OTW sequence number and unacceptable
ack numbers in these states.
Fixes #3785
PiperOrigin-RevId: 329616283
|
|
PiperOrigin-RevId: 329526153
|
|
This prevents setting stale errno on responses.
Also fixes TestDiscardsUDPPacketsWithMcastSourceAddressV6 to use correct
multicast addresses in test.
Fixes #3793
PiperOrigin-RevId: 329391155
|