aboutsummaryrefslogtreecommitdiffstats
path: root/sfc/tests/functest/README.tests
diff options
context:
space:
mode:
Diffstat (limited to 'sfc/tests/functest/README.tests')
-rw-r--r--sfc/tests/functest/README.tests48
1 files changed, 48 insertions, 0 deletions
diff --git a/sfc/tests/functest/README.tests b/sfc/tests/functest/README.tests
new file mode 100644
index 00000000..d4e3df3e
--- /dev/null
+++ b/sfc/tests/functest/README.tests
@@ -0,0 +1,48 @@
+## These are the current available test cases ##
+
+## TEST ONE CHAIN - sfc_one_chain_two_service_functions ##
+
+We create one client and one server using nova. Then, 2 SFs are created using
+tacker. A chain is created where both SFs are included.
+
+vxlan_tool is started in both SFs and HTTP traffic is sent from the client to
+the server. If it works, the vxlan_tool is modified to block HTTP traffic.
+It is tried again and it should fail because packets are dropped. Then, that
+SF stops blocking and the other SF starts blocking HTTP and the connection is
+tried again.
+
+
+## TEST TWO CHAINS - sfc_two_chains_SSH_and_HTTP ##
+
+We create one client and one server using nova. Then, 2 SFs are created using
+tacker. Two chains are created, having one SF each.
+
+vxlan_tool is started in both SFs, one SF blocks SSH traffic and the other SF
+block HTTP traffic. First, the client traffic is classified to chain1, where
+HTTP should work but SSH sould not. This is tested and after that the
+classification is changed to classified to chain2, where HTTP should not work
+but SSH should work. This is tested again.
+
+
+## TEST SYMMETRIC - sfc_symmetric_chain ##
+
+One client and one server are created using nova. The server will be running
+a web server on port 80.
+
+Then one Service Function (SF) is created using Tacker. This service function
+will be running a firewall that blocks the traffic in a specific port (e.g.
+33333). A symmetric service chain routing the traffic throught this SF will be
+created as well.
+
+1st check: The client is able to reach the server using a source port different
+from the one that the firewall blocks (e.g 22222), and the response gets back
+to the client.
+
+2nd check: The client is able to reach the server using the source port that
+the firewall blocks, but responses back from the server are blocked, as the
+symmetric service chain makes them go through the firewall that blocks on the
+destination port initially used as source port by the client (e.g. 33333).
+
+If the client is able to receive the response, it would be a symptom of the
+symmetric chain not working, as traffic would be flowing from server to client
+directly without traversing the SF.