**validation-app-engine** an agent based distributed workload resource validation and monitoring engine that lets various quality and reliability engineering teams to validate their products at large scale.
4
stars
3
forks
source link
IPv6 traffic rules are not applied to ip netns namespaces #15
When testing with IPv6, noted that although IPv6 traffic rules are pushed down the the AxonClient, the servers / clients are not being started w/in ip netns namespaces.
rules
[ALLOW UDP traffic on port 5201 from [IPv4Address('30.1.0.10')] to [IPv4Address('30.2.0.5')]., ALLOW TCP traffic on port 5001 from [IPv6Address('2001:db8:abcd:13::a')] to [IPv6Address('2001:db8:abcd:14::5')]., ALLOW HTTP traffic on port 5401 from [IPv4Address('30.2.0.5')] to [IPv4Address('30.1.0.10')]., ALLOW HTTP traffic on port 5401 from [IPv6Address('2001:db8:abcd:14::5')] to [IPv6Address('2001:db8:abcd:13::a')].]
Tail of /var/log/axon/axon.log for the VMs:
VM1 log:
2020-09-15 18:05:05,266::INFO::Worker11::traffic[ 65]::Register traffic called with config [{'endpoint': '30.1.0.10', 'servers': [('HTTP', 5401)], 'clients': [('UDP', 5201, '30.2.0.5', True, 1)]}, {'endpoint': '2001:db8:abcd:13::a', 'servers': [('HTTP', 5401)], 'clients': [('TCP', 5001, '2001:db8:abcd:14::5', True, 1)]}]
2020-09-15 18:05:06,880::INFO::Worker17::traffic[ 100]::=====Start servers called=====
2020-09-15 18:05:06,900::INFO::Worker17::manager[ 272]::Starting HTTP server on port 5401 on interface 30.1.0.10 in namespace 30_1_0_10
2020-09-15 18:05:06,902::INFO::Worker17::nsenter[ 63]::entering net namespace /var/run/netns/30_1_0_10
2020-09-15 18:05:06,972::INFO::Worker17::nsenter[ 68]::leaving net namespace /var/run/netns/30_1_0_10
2020-09-15 18:05:07,184::INFO::Worker17::workers[ 97]::Starting Process with args <class 'axon.traffic.servers.servers.ThreadedHTTPServer'> (('30.1.0.10', 5401), <class 'axon.traffic.servers.servers.HTTPRequestHandler'>) {}
2020-09-15 18:05:08,198::INFO::Worker24::traffic[ 132]::====start clients initiated====
2020-09-15 18:05:08,221::INFO::Worker24::nsenter[ 63]::entering net namespace /var/run/netns/30_1_0_10
2020-09-15 18:05:08,260::INFO::Worker24::nsenter[ 68]::leaving net namespace /var/run/netns/30_1_0_10
2020-09-15 18:05:08,479::INFO::Worker24::workers[ 97]::Starting Process with args <class 'axon.traffic.clients.clients.TrafficClient'> ('30.1.0.10', [('UDP', 5201, '30.2.0.5', True, 1)], <multiprocessing.queues.Queue object at 0x7fb725913518>) {}
2020-09-15 18:13:09,998::INFO::Worker31::traffic[ 124]::====stop clients initiated====
2020-09-15 18:13:10,030::INFO::Worker31::manager[ 387]::Stopping all client processes
2020-09-15 18:13:10,749::INFO::Worker38::traffic[ 92]::=====Stop servers called=====
2020-09-15 18:13:10,750::INFO::Worker38::manager[ 222]::Stopping HTTP server on port 5401
2020-09-15 18:13:11,464::INFO::Worker45::traffic[ 60]::Deleting traffic config for all
VM2 log:
2020-09-15 18:05:17,804::INFO::Worker12::traffic[ 65]::Register traffic called with config [{'endpoint': '30.2.0.5', 'servers': [('UDP', 5201)], 'clients': [('HTTP', 5401, '30.1.0.10', True, 1)]}, {'endpoint': '2001:db8:abcd:14::5', 'servers': [('TCP', 5001)], 'clients': [('HTTP', 5401, '2001:db8:abcd:13::a', True, 1)]}]
2020-09-15 18:05:19,571::INFO::Worker18::traffic[ 100]::=====Start servers called=====
2020-09-15 18:05:19,593::INFO::Worker18::manager[ 272]::Starting UDP server on port 5201 on interface 30.2.0.5 in namespace 30_2_0_5
2020-09-15 18:05:19,594::INFO::Worker18::nsenter[ 63]::entering net namespace /var/run/netns/30_2_0_5
2020-09-15 18:05:19,640::INFO::Worker18::nsenter[ 68]::leaving net namespace /var/run/netns/30_2_0_5
2020-09-15 18:05:19,678::INFO::Worker18::workers[ 97]::Starting Process with args <class 'axon.traffic.servers.servers.ThreadedUDPServer'> (('30.2.0.5', 5201), <class 'axon.traffic.servers.servers.UDPRequestHandler'>) {}
2020-09-15 18:05:20,818::INFO::Worker25::traffic[ 132]::====start clients initiated====
2020-09-15 18:05:20,843::INFO::Worker25::nsenter[ 63]::entering net namespace /var/run/netns/30_2_0_5
2020-09-15 18:05:20,873::INFO::Worker25::nsenter[ 68]::leaving net namespace /var/run/netns/30_2_0_5
2020-09-15 18:05:20,927::INFO::Worker25::workers[ 97]::Starting Process with args <class 'axon.traffic.clients.clients.TrafficClient'> ('30.2.0.5', [('HTTP', 5401, '30.1.0.10', True, 1)], <multiprocessing.queues.Queue object at 0x7f1d1a21d518>) {}
2020-09-15 18:05:21,055::ERROR::Thread-108::clients[ 252]::Exception <urlopen error [Errno 111] Connection refused> for HTTP 30.2.0.5 -> 30.1.0.10:5401, trying again
2020-09-15 18:05:22,067::ERROR::Thread-108::clients[ 260]::Exception <urlopen error [Errno 111] Connection refused> for HTTP 30.2.0.5 -> 30.1.0.10:5401, second try
2020-09-15 18:05:27,083::ERROR::Thread-109::clients[ 252]::Exception <urlopen error [Errno 111] Connection refused> for HTTP 30.2.0.5 -> 30.1.0.10:5401, trying again
2020-09-15 18:05:28,092::ERROR::Thread-109::clients[ 260]::Exception <urlopen error [Errno 111] Connection refused> for HTTP 30.2.0.5 -> 30.1.0.10:5401, second try
2020-09-15 18:05:33,111::ERROR::Thread-110::clients[ 252]::Exception <urlopen error [Errno 111] Connection refused> for HTTP 30.2.0.5 -> 30.1.0.10:5401, trying again
2020-09-15 18:05:34,123::ERROR::Thread-110::clients[ 260]::Exception <urlopen error [Errno 111] Connection refused> for HTTP 30.2.0.5 -> 30.1.0.10:5401, second try
2020-09-15 18:05:39,140::ERROR::Thread-111::clients[ 252]::Exception <urlopen error [Errno 111] Connection refused> for HTTP 30.2.0.5 -> 30.1.0.10:5401, trying again
2020-09-15 18:05:40,151::ERROR::Thread-111::clients[ 260]::Exception <urlopen error [Errno 111] Connection refused> for HTTP 30.2.0.5 -> 30.1.0.10:5401, second try
2020-09-15 18:05:45,165::ERROR::Thread-112::clients[ 252]::Exception <urlopen error [Errno 111] Connection refused> for HTTP 30.2.0.5 -> 30.1.0.10:5401, trying again
2020-09-15 18:05:46,187::ERROR::Thread-112::clients[ 260]::Exception <urlopen error [Errno 111] Connection refused> for HTTP 30.2.0.5 -> 30.1.0.10:5401, second try
2020-09-15 18:13:22,328::INFO::Worker32::traffic[ 124]::====stop clients initiated====
2020-09-15 18:13:22,333::INFO::Worker32::manager[ 387]::Stopping all client processes
2020-09-15 18:13:23,448::INFO::Worker39::traffic[ 92]::=====Stop servers called=====
2020-09-15 18:13:23,448::INFO::Worker39::manager[ 222]::Stopping UDP server on port 5201
2020-09-15 18:13:24,069::INFO::Worker45::traffic[ 60]::Deleting traffic config for all
Also verified via traffic results that the TCP rule for IPv6 above was not reporting results.
When testing with IPv6, noted that although IPv6 traffic rules are pushed down the the AxonClient, the servers / clients are not being started w/in ip netns namespaces.
Tail of /var/log/axon/axon.log for the VMs: VM1 log: 2020-09-15 18:05:05,266::INFO::Worker11::traffic[ 65]::Register traffic called with config [{'endpoint': '30.1.0.10', 'servers': [('HTTP', 5401)], 'clients': [('UDP', 5201, '30.2.0.5', True, 1)]}, {'endpoint': '2001:db8:abcd:13::a', 'servers': [('HTTP', 5401)], 'clients': [('TCP', 5001, '2001:db8:abcd:14::5', True, 1)]}] 2020-09-15 18:05:06,880::INFO::Worker17::traffic[ 100]::=====Start servers called===== 2020-09-15 18:05:06,900::INFO::Worker17::manager[ 272]::Starting HTTP server on port 5401 on interface 30.1.0.10 in namespace 30_1_0_10 2020-09-15 18:05:06,902::INFO::Worker17::nsenter[ 63]::entering net namespace /var/run/netns/30_1_0_10 2020-09-15 18:05:06,972::INFO::Worker17::nsenter[ 68]::leaving net namespace /var/run/netns/30_1_0_10 2020-09-15 18:05:07,184::INFO::Worker17::workers[ 97]::Starting Process with args <class 'axon.traffic.servers.servers.ThreadedHTTPServer'> (('30.1.0.10', 5401), <class 'axon.traffic.servers.servers.HTTPRequestHandler'>) {} 2020-09-15 18:05:08,198::INFO::Worker24::traffic[ 132]::====start clients initiated==== 2020-09-15 18:05:08,221::INFO::Worker24::nsenter[ 63]::entering net namespace /var/run/netns/30_1_0_10 2020-09-15 18:05:08,260::INFO::Worker24::nsenter[ 68]::leaving net namespace /var/run/netns/30_1_0_10 2020-09-15 18:05:08,479::INFO::Worker24::workers[ 97]::Starting Process with args <class 'axon.traffic.clients.clients.TrafficClient'> ('30.1.0.10', [('UDP', 5201, '30.2.0.5', True, 1)], <multiprocessing.queues.Queue object at 0x7fb725913518>) {} 2020-09-15 18:13:09,998::INFO::Worker31::traffic[ 124]::====stop clients initiated==== 2020-09-15 18:13:10,030::INFO::Worker31::manager[ 387]::Stopping all client processes 2020-09-15 18:13:10,749::INFO::Worker38::traffic[ 92]::=====Stop servers called===== 2020-09-15 18:13:10,750::INFO::Worker38::manager[ 222]::Stopping HTTP server on port 5401 2020-09-15 18:13:11,464::INFO::Worker45::traffic[ 60]::Deleting traffic config for all
VM2 log: 2020-09-15 18:05:17,804::INFO::Worker12::traffic[ 65]::Register traffic called with config [{'endpoint': '30.2.0.5', 'servers': [('UDP', 5201)], 'clients': [('HTTP', 5401, '30.1.0.10', True, 1)]}, {'endpoint': '2001:db8:abcd:14::5', 'servers': [('TCP', 5001)], 'clients': [('HTTP', 5401, '2001:db8:abcd:13::a', True, 1)]}] 2020-09-15 18:05:19,571::INFO::Worker18::traffic[ 100]::=====Start servers called===== 2020-09-15 18:05:19,593::INFO::Worker18::manager[ 272]::Starting UDP server on port 5201 on interface 30.2.0.5 in namespace 30_2_0_5 2020-09-15 18:05:19,594::INFO::Worker18::nsenter[ 63]::entering net namespace /var/run/netns/30_2_0_5 2020-09-15 18:05:19,640::INFO::Worker18::nsenter[ 68]::leaving net namespace /var/run/netns/30_2_0_5 2020-09-15 18:05:19,678::INFO::Worker18::workers[ 97]::Starting Process with args <class 'axon.traffic.servers.servers.ThreadedUDPServer'> (('30.2.0.5', 5201), <class 'axon.traffic.servers.servers.UDPRequestHandler'>) {} 2020-09-15 18:05:20,818::INFO::Worker25::traffic[ 132]::====start clients initiated==== 2020-09-15 18:05:20,843::INFO::Worker25::nsenter[ 63]::entering net namespace /var/run/netns/30_2_0_5 2020-09-15 18:05:20,873::INFO::Worker25::nsenter[ 68]::leaving net namespace /var/run/netns/30_2_0_5 2020-09-15 18:05:20,927::INFO::Worker25::workers[ 97]::Starting Process with args <class 'axon.traffic.clients.clients.TrafficClient'> ('30.2.0.5', [('HTTP', 5401, '30.1.0.10', True, 1)], <multiprocessing.queues.Queue object at 0x7f1d1a21d518>) {} 2020-09-15 18:05:21,055::ERROR::Thread-108::clients[ 252]::Exception <urlopen error [Errno 111] Connection refused> for HTTP 30.2.0.5 -> 30.1.0.10:5401, trying again 2020-09-15 18:05:22,067::ERROR::Thread-108::clients[ 260]::Exception <urlopen error [Errno 111] Connection refused> for HTTP 30.2.0.5 -> 30.1.0.10:5401, second try 2020-09-15 18:05:27,083::ERROR::Thread-109::clients[ 252]::Exception <urlopen error [Errno 111] Connection refused> for HTTP 30.2.0.5 -> 30.1.0.10:5401, trying again 2020-09-15 18:05:28,092::ERROR::Thread-109::clients[ 260]::Exception <urlopen error [Errno 111] Connection refused> for HTTP 30.2.0.5 -> 30.1.0.10:5401, second try 2020-09-15 18:05:33,111::ERROR::Thread-110::clients[ 252]::Exception <urlopen error [Errno 111] Connection refused> for HTTP 30.2.0.5 -> 30.1.0.10:5401, trying again 2020-09-15 18:05:34,123::ERROR::Thread-110::clients[ 260]::Exception <urlopen error [Errno 111] Connection refused> for HTTP 30.2.0.5 -> 30.1.0.10:5401, second try 2020-09-15 18:05:39,140::ERROR::Thread-111::clients[ 252]::Exception <urlopen error [Errno 111] Connection refused> for HTTP 30.2.0.5 -> 30.1.0.10:5401, trying again 2020-09-15 18:05:40,151::ERROR::Thread-111::clients[ 260]::Exception <urlopen error [Errno 111] Connection refused> for HTTP 30.2.0.5 -> 30.1.0.10:5401, second try 2020-09-15 18:05:45,165::ERROR::Thread-112::clients[ 252]::Exception <urlopen error [Errno 111] Connection refused> for HTTP 30.2.0.5 -> 30.1.0.10:5401, trying again 2020-09-15 18:05:46,187::ERROR::Thread-112::clients[ 260]::Exception <urlopen error [Errno 111] Connection refused> for HTTP 30.2.0.5 -> 30.1.0.10:5401, second try 2020-09-15 18:13:22,328::INFO::Worker32::traffic[ 124]::====stop clients initiated==== 2020-09-15 18:13:22,333::INFO::Worker32::manager[ 387]::Stopping all client processes 2020-09-15 18:13:23,448::INFO::Worker39::traffic[ 92]::=====Stop servers called===== 2020-09-15 18:13:23,448::INFO::Worker39::manager[ 222]::Stopping UDP server on port 5201 2020-09-15 18:13:24,069::INFO::Worker45::traffic[ 60]::Deleting traffic config for all
Also verified via traffic results that the TCP rule for IPv6 above was not reporting results.