doc: update dao community lab section

Venkata Ravichandra Mynidi · akamaluddin · commit 11d2e1ccaad1 · 2025-01-06T13:13:44.000-08:00
The changeset adds documentation on DAO community lab usage for VPP and TLS usecases. Signed-off-by: Venkata Ravichandra Mynidi <vmynidi@marvell.com> Change-Id: I0ce6a6d5fef25a0a3663ed23e2f5a60adc8408f5 Reviewed-on: https://sj1git1.cavium.com/c/IP/SW/dataplane/dpu-offload/+/142595 Reviewed-by: Abed Mohammad Kamaluddin <akamaluddin@marvell.com> Tested-by: Abed Mohammad Kamaluddin <akamaluddin@marvell.com>
diff --git a/doc/guides/community_lab/index.rst b/doc/guides/community_lab/index.rst
@@ -0,0 +1,12 @@
+..  SPDX-License-Identifier: Marvell-MIT
+    Copyright (c) 2024 Marvell.
+
+DAO Community Lab
+=================
+
+.. toctree::
+    :maxdepth: 1
+    :numbered:
+
+    vpp_lab
+    tls_lab
diff --git a/doc/guides/community_lab/tls_lab.rst b/doc/guides/community_lab/tls_lab.rst
@@ -0,0 +1,63 @@
+
+..  SPDX-License-Identifier: Marvell-MIT
+    Copyright (c) 2024 Marvell.
+
+Running TLS applications
+========================
+
+Prerequisites
+-------------
+a. Linux booted on Host and DPU
+
+b. Login to your docker on host and DPU
+
+c. Bind the pktio and crypto devices to vfio-pci
+
+.. code-block:: console
+
+   source dao-env.sh
+
+
+DAO Environment Setup
+---------------------
+Following step is required to run only once after the first login to docker
+
+.. code-block:: console
+
+   ~# source /dao-env.sh
+
+
+OpenSSL Speed Application
+-------------------------
+a. Run speed application without engine
+
+.. code-block:: console
+
+  ~# cd /usr/lib/cn10k/openssl-1.1.1q/bin
+  ~# export LD_LIBRARY_PATH=/usr/lib/cn10k/openssl-1.1.1q/lib/
+  ~# ./openssl speed -elapsed -async_jobs +24 -evp aes-256-gcm
+  ~# ./openssl speed -elapsed rsa2048
+
+b. Run speed application with engine
+
+.. code-block:: console
+
+  ~# OPENSSL_CONF=/opt/openssl.cnf ./openssl speed -elapsed -async_jobs +24 -evp aes-256-gcm
+  ~# OPENSSL_CONF=/opt/openssl.cnf ./openssl speed -elapsed -async_jobs +24 rsa2048
+
+
+Openssl server and client
+-------------------------
+c. Run openssl s_server on DPU
+
+.. code-block:: console
+
+  ~# OPENSSL_CONF=/opt/openssl.cnf ./openssl s_server -key certs/server.key.pem -cert certs/server.crt.pem -accept 4433 -tls1_2
+
+d. Run openssl s_client on x86 host machine
+
+.. code-block:: console
+
+  ~# openssl s_client -connect <DUT_IP>:4433 -tls1_2
+
+  <DUT_IP> is the IP of s_server on DPU
diff --git a/doc/guides/community_lab/vpp_lab.rst b/doc/guides/community_lab/vpp_lab.rst
@@ -0,0 +1,146 @@
+
+..  SPDX-License-Identifier: Marvell-MIT
+    Copyright (c) 2024 Marvell.
+
+Running VPP applications
+========================
+
+Prerequisites
+-------------
+a. Linux booted on Host and DPU
+
+b. Login to your docker on host and DPU
+
+c. Bind the pktio and crypto devices to vfio-pci
+
+.. code-block:: console
+
+   source dao-env.sh
+
+
+DAO Environment Setup
+---------------------
+Following step is required to run only once after the first login to docker
+
+.. code-block:: console
+
+   ~# source /dao-env.sh
+
+
+L3 Router
+---------
+a. start vpp with config file at /etc/vpp/pktio_startup.conf
+
+.. code-block:: console
+
+   ~# vpp -c /etc/vpp/pktio_startup.conf
+
+
+b. start vppctl command on console
+
+.. code-block:: console
+
+   ~# vppctl
+
+   vpp# set int state eth0 up
+   vpp# set int state eth1 up
+   vpp# set int ip address eth0 10.29.10.1/24
+   vpp# set int ip address eth1 10.29.20.2/24
+   vpp# set ip neighbor eth0  10.29.10.10 00:00:00:01:01:01
+   vpp# set ip neighbor eth1  10.29.20.20 00:00:00:02:01:01
+   vpp# ip route add 10.29.10.10/24 via eth0
+   vpp# ip route add 10.29.20.20/24 via eth1
+   vpp# show int
+   vpp# trace add eth0-rx 5
+
+c. On host x86 machine, configure the IPs of the interfaces to send traffic
+
+.. code-block:: console
+
+   ~# ifconfig intf1  10.29.10.10/24
+   ~# ifconfig intf2  10.29.20.20/24
+
+d. Run tshark capture on intf2
+
+.. code-block:: console
+
+   ~# tshark -i intf2 -Y "udp" -V
+
+e. Run scapy and send traffic
+
+.. code-block:: console
+
+   ~# scapy
+
+    >>> sendp(Ether(dst="ba:7a:5a:ae:c7:ab",src="00:00:00:01:01:01")/IP(src="10.29.10.10",dst="10.29.20.20",len=60)/UDP(dport=4000,sport=4000,len=40)/Raw(RandString(size=32)), iface="intf1", return_packets=True, count=100)
+
+f. Observe the traffic on tshark console on x86 host
+
+g. On VPP console check the graph walk
+
+.. code-block:: console
+
+   vpp# show trace
+
+
+VPP as IPsec Tunnel Originator
+------------------------------
+h. start vpp with config file at /etc/vpp/pktio_startup.conf
+
+.. code-block:: console
+
+   ~# vpp -c /etc/vpp/crypto_startup.conf
+
+i. start vppctl command on console
+
+.. code-block:: console
+
+   ~# vppctl
+
+   vpp# set int ip address eth0 10.29.10.1/24
+   vpp# set int state eth0 up
+   vpp# set ip neighbor eth0 10.29.10.10 00:00:00:01:01:01
+   vpp# set int promiscuous on eth0
+   vpp# set int ip address eth1 192.168.1.1/24
+   vpp# set ip neighbor eth1 192.168.1.2 00:00:00:02:01:01
+   vpp# set int state eth1 up
+   vpp# set int promiscuous on eth1
+   vpp# set ipsec async mode on
+   vpp# ipsec itf create
+   vpp# ipsec sa add 10 spi 1001 esp crypto-key 4a506a794f574265564551694d653768 crypto-alg aes-gcm-128 tunnel src 192.168.1.1 dst 192.168.1.2 esp
+   vpp# ipsec sa add 20 spi 2001 inbound crypto-alg aes-gcm-128 crypto-key 4d4662776d4d55747559767176596965 tunnel src 192.168.1.2 dst 192.168.1.1 esp
+   vpp# ipsec tunnel protect sa-out 10 ipsec0
+   vpp# set int state ipsec0 up
+   vpp# set interface unnum ipsec0 use eth1
+   vpp# ip route add 10.29.20.20/24 via ipsec0
+   vpp# show int
+   vpp# pcap trace tx  intfc eth1 max 100 file outbound_enc.pcap
+   vpp# trace add eth0-rx 5
+
+j. On host x86 machine, configure the IPs of the interfaces to send traffic
+
+.. code-block:: console
+
+   ~# ifconfig intf1  10.29.10.10/24
+   ~# ifconfig intf2  10.29.20.20/24
+
+k. Run tshark capture on intf2
+
+.. code-block:: console
+
+   ~# tshark -i intf2 -Y "esp" -V
+
+l. Run scapy and send traffic
+
+.. code-block:: console
+
+   ~# scapy
+
+    >>> sendp(Ether(dst="ba:7a:5a:ae:c7:ab",src="00:00:00:01:01:01")/IP(src="10.29.10.10",dst="10.29.20.20",len=60)/UDP(dport=4000,sport=4000,len=40)/Raw(RandString(size=32)), iface="intf1", return_packets=True, count=5)
+
+m. Observe the ESP traffic on tshark console on x86 host
+   ~# tshark -i intf2 -Y "esp" -V
+
+n. On VPP console check the graph walk
+   vpp# show trace
+
diff --git a/doc/guides/index.rst b/doc/guides/index.rst
@@ -14,4 +14,5 @@ Welcome to Data Accelerator Offload(DAO) Documentation
  howtoguides/index
  contributing/index
  rel_notes/index
+ community_lab/index
  faq/index
