From f402d360caa8cdf053325ac3033b3ee812c11c21 Mon Sep 17 00:00:00 2001 From: Elio Martinez Date: Thu, 7 Mar 2019 05:00:52 -0500 Subject: [PATCH] Manual Tests: Networking DNAT Subdomain This patch includes 3 main test cases that can asure the DNAT functionallity. Those test cases are designed in order to verify that our existing VM keeps alive and reachable after normal system operations such as lock/unlock. Every tests is checking and creating port forwarding rules and the behavior after those mentioned operations. Change-Id: I352190b6b95e4e694fe80e5abd2122f46284f81f --- .../networking/Networking_DNAT.rst | 159 +++++++++++++++++- 1 file changed, 157 insertions(+), 2 deletions(-) diff --git a/doc/source/manual_tests/networking/Networking_DNAT.rst b/doc/source/manual_tests/networking/Networking_DNAT.rst index 9bbedd8..c88e7d5 100644 --- a/doc/source/manual_tests/networking/Networking_DNAT.rst +++ b/doc/source/manual_tests/networking/Networking_DNAT.rst @@ -2,8 +2,163 @@ Networking DNAT =============== - - .. contents:: :local: :depth: 1 + +----------- +NET_DNAT_08 +----------- + +:Test ID: NET_DNAT_08 +:Test Title: External Access to VM through UDP-lite. +:Tags: DNAT + +~~~~~~~~~~~~~~~~~~ +Testcase Objective +~~~~~~~~~~~~~~~~~~ + +Verify that we have external access to a Virtual Machine using UDP-lite +protocol. + +~~~~~~~~~~~~~~~~~~~ +Test Pre-Conditions +~~~~~~~~~~~~~~~~~~~ + +a) 4 VMs + +~~~~~~~~~~ +Test Steps +~~~~~~~~~~ + +1. Create two port forwarding rules + +:: + + $ neutron portorwarding-create --inside-addr --inside-port --outside-port --protocol {udp-lite} [--description ] + +3. Create 2 porforwanding from GUI, admin-> routers -> tenant -router-> + Port Forwarding-> Add Rule: + +:: + + public-ip:8080 (upd-lite) -> private-ip 1:80 (VM1) + public-ip:8081 (upd-lite) -> private-ip2 1:80 (VM2) + public-ip:8082 (upd-lite) -> private-ip3 1:80 (VM3) + public-ip:8084 (upd-lite) -> private-ip4 1:80 (VM4) + +4. Enable SNAT for the router: + +:: + + $ neutron router-update tenant-router --external-gateway-info type-dict network_id=,enable_snat=true + +4. Connect through ssh to VM to make port open to listen. + +5. Send upd-list packets to each VM from outside. Verify only the routed VM + received packets from outside using the designated port with the specified + protocol, + +~~~~~~~~~~~~~~~~~ +Expected Behavior +~~~~~~~~~~~~~~~~~ + +With the port forwarding, we should be able to send upd-lite packages through +each VM with the port specification. + +----------- +NET_DNAT_11 +----------- + +:Test ID: NET_DNAT_11 +:Test Title: External Access to VM after VM Maintenance +:Tags: DNAT + +~~~~~~~~~~~~~~~~~~ +Testcase Objective +~~~~~~~~~~~~~~~~~~ + +Verify that external access to the VM still open after any of the VM +Maintenance operation such as Live-Migrate, Cold-Migrate and Evacuation. + +~~~~~~~~~~~~~~~~~~~ +Test Pre-Conditions +~~~~~~~~~~~~~~~~~~~ + +1. Create a Router + +2. Launch a VM + +~~~~~~~~~~ +Test Steps +~~~~~~~~~~ + +1. Create a port forwarding rule + +:: + + $ neutron portforwarding-create --insde-addr --inside-port --outside-port + +2. Perform live migration + +3. Evacuate VM + +4. Perform cold migration + +~~~~~~~~~~~~~~~~~ +Expected Behavior +~~~~~~~~~~~~~~~~~ + +After the port rule creation, the instance should keep comunication with the +compute-controller after regular maintenance operations. + +----------- +NET_DNAT_12 +----------- + +:Test ID: NET_DNAT_12 +:Test Title: Access to VM works after Locking operations +:Tags: DNAT + +~~~~~~~~~~~~~~~~~~ +Testcase Objective +~~~~~~~~~~~~~~~~~~ + +Verify that VM stills accessible after lock/unlock operations on compute node. + +~~~~~~~~~~~~~~~~~~~ +Test Pre-Conditions +~~~~~~~~~~~~~~~~~~~ + +1. Create a Router +2. Launch a VM + +~~~~~~~~~~ +Test Steps +~~~~~~~~~~ + +1. Create a port forwarding rule + +:: + + $ neutron portforwarding-create --inside-addr --inside-port --outside-port + +2. Perform evacuate of the VM on the existing compute. + +3. Verify access after the lock/unlock operation of the VM, the VM should be + reachable. This can be accomplished with a ping to the vm following the port + forwarding rule. + +~~~~~~~~~~~~~~~~~ +Expected Behavior +~~~~~~~~~~~~~~~~~ + +This test should show that the VM is reachable after a normal lock/unlock +operation, no matter that the compute where it was created with specific port +rules and forwarding. + +~~~~~~~~~~~ +References: +~~~~~~~~~~~ + +[0] - [https://docs.openstack.org/newton/networking-guide/intro-nat.html]