[linux-2.6-block.git] / samples / bpf / test_tunnel_bpf.sh

#!/bin/bash
# SPDX-License-Identifier: GPL-2.0
# In Namespace 0 (at_ns0) using native tunnel
# Overlay IP: 10.1.1.100
# local 192.16.1.100 remote 192.16.1.200
# veth0 IP: 172.16.1.100, tunnel dev <type>00

# Out of Namespace using BPF set/get on lwtunnel
# Overlay IP: 10.1.1.200
# local 172.16.1.200 remote 172.16.1.100
# veth1 IP: 172.16.1.200, tunnel dev <type>11

function config_device {
	ip netns add at_ns0
	ip link add veth0 type veth peer name veth1
	ip link set veth0 netns at_ns0
	ip netns exec at_ns0 ip addr add 172.16.1.100/24 dev veth0
	ip netns exec at_ns0 ip link set dev veth0 up
	ip link set dev veth1 up mtu 1500
	ip addr add dev veth1 172.16.1.200/24
}

function add_gre_tunnel {
	# in namespace
	ip netns exec at_ns0 \
		ip link add dev $DEV_NS type $TYPE key 2 local 172.16.1.100 remote 172.16.1.200
	ip netns exec at_ns0 ip link set dev $DEV_NS up
	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24

	# out of namespace
	ip link add dev $DEV type $TYPE key 2 external
	ip link set dev $DEV up
	ip addr add dev $DEV 10.1.1.200/24
}

function add_ip6gretap_tunnel {

	# assign ipv6 address
	ip netns exec at_ns0 ip addr add ::11/96 dev veth0
	ip netns exec at_ns0 ip link set dev veth0 up
	ip addr add dev veth1 ::22/96
	ip link set dev veth1 up

	# in namespace
	ip netns exec at_ns0 \
		ip link add dev $DEV_NS type $TYPE flowlabel 0xbcdef key 2 \
		local ::11 remote ::22

	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
	ip netns exec at_ns0 ip addr add dev $DEV_NS fc80::100/96
	ip netns exec at_ns0 ip link set dev $DEV_NS up

	# out of namespace
	ip link add dev $DEV type $TYPE external
	ip addr add dev $DEV 10.1.1.200/24
	ip addr add dev $DEV fc80::200/24
	ip link set dev $DEV up
}

function add_erspan_tunnel {
	# in namespace
	ip netns exec at_ns0 \
		ip link add dev $DEV_NS type $TYPE seq key 2 local 172.16.1.100 remote 172.16.1.200 erspan 123
	ip netns exec at_ns0 ip link set dev $DEV_NS up
	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24

	# out of namespace
	ip link add dev $DEV type $TYPE external
	ip link set dev $DEV up
	ip addr add dev $DEV 10.1.1.200/24
}

function add_ip6erspan_tunnel {

	# assign ipv6 address
	ip netns exec at_ns0 ip addr add ::11/96 dev veth0
	ip netns exec at_ns0 ip link set dev veth0 up
	ip addr add dev veth1 ::22/96
	ip link set dev veth1 up

	# in namespace
	ip netns exec at_ns0 \
		ip link add dev $DEV_NS type $TYPE seq key 2 erspan 123 \
		local ::11 remote ::22

	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
	ip netns exec at_ns0 ip link set dev $DEV_NS up

	# out of namespace
	ip link add dev $DEV type $TYPE external
	ip addr add dev $DEV 10.1.1.200/24
	ip link set dev $DEV up
}

function add_vxlan_tunnel {
	# Set static ARP entry here because iptables set-mark works
	# on L3 packet, as a result not applying to ARP packets,
	# causing errors at get_tunnel_{key/opt}.

	# in namespace
	ip netns exec at_ns0 \
		ip link add dev $DEV_NS type $TYPE id 2 dstport 4789 gbp remote 172.16.1.200
	ip netns exec at_ns0 ip link set dev $DEV_NS address 52:54:00:d9:01:00 up
	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
	ip netns exec at_ns0 arp -s 10.1.1.200 52:54:00:d9:02:00
	ip netns exec at_ns0 iptables -A OUTPUT -j MARK --set-mark 0x800FF

	# out of namespace
	ip link add dev $DEV type $TYPE external gbp dstport 4789
	ip link set dev $DEV address 52:54:00:d9:02:00 up
	ip addr add dev $DEV 10.1.1.200/24
	arp -s 10.1.1.100 52:54:00:d9:01:00
}

function add_geneve_tunnel {
	# in namespace
	ip netns exec at_ns0 \
		ip link add dev $DEV_NS type $TYPE id 2 dstport 6081 remote 172.16.1.200
	ip netns exec at_ns0 ip link set dev $DEV_NS up
	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24

	# out of namespace
	ip link add dev $DEV type $TYPE dstport 6081 external
	ip link set dev $DEV up
	ip addr add dev $DEV 10.1.1.200/24
}

function add_ipip_tunnel {
	# in namespace
	ip netns exec at_ns0 \
		ip link add dev $DEV_NS type $TYPE local 172.16.1.100 remote 172.16.1.200
	ip netns exec at_ns0 ip link set dev $DEV_NS up
	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24

	# out of namespace
	ip link add dev $DEV type $TYPE external
	ip link set dev $DEV up
	ip addr add dev $DEV 10.1.1.200/24
}

function attach_bpf {
	DEV=$1
	SET_TUNNEL=$2
	GET_TUNNEL=$3
	tc qdisc add dev $DEV clsact
	tc filter add dev $DEV egress bpf da obj tcbpf2_kern.o sec $SET_TUNNEL
	tc filter add dev $DEV ingress bpf da obj tcbpf2_kern.o sec $GET_TUNNEL
}

function test_gre {
	TYPE=gretap
	DEV_NS=gretap00
	DEV=gretap11
	config_device
	add_gre_tunnel
	attach_bpf $DEV gre_set_tunnel gre_get_tunnel
	ping -c 1 10.1.1.100
	ip netns exec at_ns0 ping -c 1 10.1.1.200
	cleanup
}

function test_ip6gre {
	TYPE=ip6gre
	DEV_NS=ip6gre00
	DEV=ip6gre11
	config_device
	# reuse the ip6gretap function
	add_ip6gretap_tunnel
	attach_bpf $DEV ip6gretap_set_tunnel ip6gretap_get_tunnel
	# underlay
	ping6 -c 4 ::11
	# overlay: ipv4 over ipv6
	ip netns exec at_ns0 ping -c 1 10.1.1.200
	ping -c 1 10.1.1.100
	# overlay: ipv6 over ipv6
	ip netns exec at_ns0 ping6 -c 1 fc80::200
	cleanup
}

function test_ip6gretap {
	TYPE=ip6gretap
	DEV_NS=ip6gretap00
	DEV=ip6gretap11
	config_device
	add_ip6gretap_tunnel
	attach_bpf $DEV ip6gretap_set_tunnel ip6gretap_get_tunnel
	# underlay
	ping6 -c 4 ::11
	# overlay: ipv4 over ipv6
	ip netns exec at_ns0 ping -i .2 -c 1 10.1.1.200
	ping -c 1 10.1.1.100
	# overlay: ipv6 over ipv6
	ip netns exec at_ns0 ping6 -c 1 fc80::200
	cleanup
}

function test_erspan {
	TYPE=erspan
	DEV_NS=erspan00
	DEV=erspan11
	config_device
	add_erspan_tunnel
	attach_bpf $DEV erspan_set_tunnel erspan_get_tunnel
	ping -c 1 10.1.1.100
	ip netns exec at_ns0 ping -c 1 10.1.1.200
	cleanup
}

function test_ip6erspan {
	TYPE=ip6erspan
	DEV_NS=ip6erspan00
	DEV=ip6erspan11
	config_device
	add_ip6erspan_tunnel
	attach_bpf $DEV ip4ip6erspan_set_tunnel ip4ip6erspan_get_tunnel
	ping6 -c 3 ::11
	ip netns exec at_ns0 ping -c 1 10.1.1.200
	cleanup
}

function test_vxlan {
	TYPE=vxlan
	DEV_NS=vxlan00
	DEV=vxlan11
	config_device
	add_vxlan_tunnel
	attach_bpf $DEV vxlan_set_tunnel vxlan_get_tunnel
	ping -c 1 10.1.1.100
	ip netns exec at_ns0 ping -c 1 10.1.1.200
	cleanup
}

function test_geneve {
	TYPE=geneve
	DEV_NS=geneve00
	DEV=geneve11
	config_device
	add_geneve_tunnel
	attach_bpf $DEV geneve_set_tunnel geneve_get_tunnel
	ping -c 1 10.1.1.100
	ip netns exec at_ns0 ping -c 1 10.1.1.200
	cleanup
}

function test_ipip {
	TYPE=ipip
	DEV_NS=ipip00
	DEV=ipip11
	config_device
	tcpdump -nei veth1 &
	cat /sys/kernel/debug/tracing/trace_pipe &
	add_ipip_tunnel
	ethtool -K veth1 gso off gro off rx off tx off
	ip link set dev veth1 mtu 1500
	attach_bpf $DEV ipip_set_tunnel ipip_get_tunnel
	ping -c 1 10.1.1.100
	ip netns exec at_ns0 ping -c 1 10.1.1.200
	ip netns exec at_ns0 iperf -sD -p 5200 > /dev/null
	sleep 0.2
	iperf -c 10.1.1.100 -n 5k -p 5200
	cleanup
}

function cleanup {
	set +ex
	pkill iperf
	ip netns delete at_ns0
	ip link del veth1
	ip link del ipip11
	ip link del gretap11
	ip link del ip6gre11
	ip link del ip6gretap11
	ip link del vxlan11
	ip link del geneve11
	ip link del erspan11
	ip link del ip6erspan11
	pkill tcpdump
	pkill cat
	set -ex
}

trap cleanup 0 2 3 6 9
cleanup
echo "Testing GRE tunnel..."
test_gre
echo "Testing IP6GRE tunnel..."
test_ip6gre
echo "Testing IP6GRETAP tunnel..."
test_ip6gretap
echo "Testing ERSPAN tunnel..."
test_erspan
echo "Testing IP6ERSPAN tunnel..."
test_ip6erspan
echo "Testing VXLAN tunnel..."
test_vxlan
echo "Testing GENEVE tunnel..."
test_geneve
echo "Testing IPIP tunnel..."
test_ipip
echo "*** PASS ***"
Commit	Line	Data
6afb1e28	1	#!/bin/bash
b2441318	2	# SPDX-License-Identifier: GPL-2.0
6afb1e28 WT	3	# In Namespace 0 (at_ns0) using native tunnel
	4	# Overlay IP: 10.1.1.100
	5	# local 192.16.1.100 remote 192.16.1.200
	6	# veth0 IP: 172.16.1.100, tunnel dev <type>00
	7
	8	# Out of Namespace using BPF set/get on lwtunnel
	9	# Overlay IP: 10.1.1.200
	10	# local 172.16.1.200 remote 172.16.1.100
	11	# veth1 IP: 172.16.1.200, tunnel dev <type>11
	12
6afb1e28 WT	13	function config_device {
	14	ip netns add at_ns0
	15	ip link add veth0 type veth peer name veth1
	16	ip link set veth0 netns at_ns0
	17	ip netns exec at_ns0 ip addr add 172.16.1.100/24 dev veth0
	18	ip netns exec at_ns0 ip link set dev veth0 up
a1c82704	19	ip link set dev veth1 up mtu 1500
6afb1e28 WT	20	ip addr add dev veth1 172.16.1.200/24
	21	}
	22
	23	function add_gre_tunnel {
	24	# in namespace
	25	ip netns exec at_ns0 \
	26	ip link add dev $DEV_NS type $TYPE key 2 local 172.16.1.100 remote 172.16.1.200
	27	ip netns exec at_ns0 ip link set dev $DEV_NS up
	28	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
	29
	30	# out of namespace
	31	ip link add dev $DEV type $TYPE key 2 external
	32	ip link set dev $DEV up
	33	ip addr add dev $DEV 10.1.1.200/24
	34	}
	35
56ddd302 WT	36	function add_ip6gretap_tunnel {
	37
	38	# assign ipv6 address
	39	ip netns exec at_ns0 ip addr add ::11/96 dev veth0
	40	ip netns exec at_ns0 ip link set dev veth0 up
	41	ip addr add dev veth1 ::22/96
	42	ip link set dev veth1 up
	43
	44	# in namespace
	45	ip netns exec at_ns0 \
	46	ip link add dev $DEV_NS type $TYPE flowlabel 0xbcdef key 2 \
	47	local ::11 remote ::22
	48
	49	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
	50	ip netns exec at_ns0 ip addr add dev $DEV_NS fc80::100/96
	51	ip netns exec at_ns0 ip link set dev $DEV_NS up
	52
	53	# out of namespace
	54	ip link add dev $DEV type $TYPE external
	55	ip addr add dev $DEV 10.1.1.200/24
	56	ip addr add dev $DEV fc80::200/24
	57	ip link set dev $DEV up
	58	}
	59
ef88f89c WT	60	function add_erspan_tunnel {
	61	# in namespace
	62	ip netns exec at_ns0 \
	63	ip link add dev $DEV_NS type $TYPE seq key 2 local 172.16.1.100 remote 172.16.1.200 erspan 123
	64	ip netns exec at_ns0 ip link set dev $DEV_NS up
	65	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
	66
	67	# out of namespace
	68	ip link add dev $DEV type $TYPE external
	69	ip link set dev $DEV up
	70	ip addr add dev $DEV 10.1.1.200/24
	71	}
	72
d37e3bb7 WT	73	function add_ip6erspan_tunnel {
	74
	75	# assign ipv6 address
	76	ip netns exec at_ns0 ip addr add ::11/96 dev veth0
	77	ip netns exec at_ns0 ip link set dev veth0 up
	78	ip addr add dev veth1 ::22/96
	79	ip link set dev veth1 up
	80
	81	# in namespace
	82	ip netns exec at_ns0 \
	83	ip link add dev $DEV_NS type $TYPE seq key 2 erspan 123 \
	84	local ::11 remote ::22
	85
	86	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
	87	ip netns exec at_ns0 ip link set dev $DEV_NS up
	88
	89	# out of namespace
	90	ip link add dev $DEV type $TYPE external
	91	ip addr add dev $DEV 10.1.1.200/24
	92	ip link set dev $DEV up
	93	}
	94
6afb1e28 WT	95	function add_vxlan_tunnel {
	96	# Set static ARP entry here because iptables set-mark works
	97	# on L3 packet, as a result not applying to ARP packets,
	98	# causing errors at get_tunnel_{key/opt}.
	99
	100	# in namespace
	101	ip netns exec at_ns0 \
	102	ip link add dev $DEV_NS type $TYPE id 2 dstport 4789 gbp remote 172.16.1.200
	103	ip netns exec at_ns0 ip link set dev $DEV_NS address 52:54:00:d9:01:00 up
	104	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
	105	ip netns exec at_ns0 arp -s 10.1.1.200 52:54:00:d9:02:00
	106	ip netns exec at_ns0 iptables -A OUTPUT -j MARK --set-mark 0x800FF
	107
	108	# out of namespace
	109	ip link add dev $DEV type $TYPE external gbp dstport 4789
	110	ip link set dev $DEV address 52:54:00:d9:02:00 up
	111	ip addr add dev $DEV 10.1.1.200/24
	112	arp -s 10.1.1.100 52:54:00:d9:01:00
	113	}
	114
	115	function add_geneve_tunnel {
	116	# in namespace
	117	ip netns exec at_ns0 \
	118	ip link add dev $DEV_NS type $TYPE id 2 dstport 6081 remote 172.16.1.200
	119	ip netns exec at_ns0 ip link set dev $DEV_NS up
	120	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
	121
	122	# out of namespace
	123	ip link add dev $DEV type $TYPE dstport 6081 external
	124	ip link set dev $DEV up
	125	ip addr add dev $DEV 10.1.1.200/24
	126	}
	127
a1c82704 AS	128	function add_ipip_tunnel {
	129	# in namespace
	130	ip netns exec at_ns0 \
	131	ip link add dev $DEV_NS type $TYPE local 172.16.1.100 remote 172.16.1.200
	132	ip netns exec at_ns0 ip link set dev $DEV_NS up
	133	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
	134
	135	# out of namespace
	136	ip link add dev $DEV type $TYPE external
	137	ip link set dev $DEV up
	138	ip addr add dev $DEV 10.1.1.200/24
	139	}
	140
6afb1e28 WT	141	function attach_bpf {
	142	DEV=$1
	143	SET_TUNNEL=$2
	144	GET_TUNNEL=$3
	145	tc qdisc add dev $DEV clsact
	146	tc filter add dev $DEV egress bpf da obj tcbpf2_kern.o sec $SET_TUNNEL
	147	tc filter add dev $DEV ingress bpf da obj tcbpf2_kern.o sec $GET_TUNNEL
	148	}
	149
	150	function test_gre {
	151	TYPE=gretap
	152	DEV_NS=gretap00
	153	DEV=gretap11
	154	config_device
	155	add_gre_tunnel
	156	attach_bpf $DEV gre_set_tunnel gre_get_tunnel
	157	ping -c 1 10.1.1.100
	158	ip netns exec at_ns0 ping -c 1 10.1.1.200
a1c82704	159	cleanup
6afb1e28 WT	160	}
6afb1e28 WT	161
56ddd302 WT	162	function test_ip6gre {
	163	TYPE=ip6gre
	164	DEV_NS=ip6gre00
	165	DEV=ip6gre11
	166	config_device
	167	# reuse the ip6gretap function
	168	add_ip6gretap_tunnel
	169	attach_bpf $DEV ip6gretap_set_tunnel ip6gretap_get_tunnel
	170	# underlay
	171	ping6 -c 4 ::11
	172	# overlay: ipv4 over ipv6
	173	ip netns exec at_ns0 ping -c 1 10.1.1.200
	174	ping -c 1 10.1.1.100
	175	# overlay: ipv6 over ipv6
	176	ip netns exec at_ns0 ping6 -c 1 fc80::200
	177	cleanup
	178	}
	179
	180	function test_ip6gretap {
	181	TYPE=ip6gretap
	182	DEV_NS=ip6gretap00
	183	DEV=ip6gretap11
	184	config_device
	185	add_ip6gretap_tunnel
	186	attach_bpf $DEV ip6gretap_set_tunnel ip6gretap_get_tunnel
	187	# underlay
	188	ping6 -c 4 ::11
	189	# overlay: ipv4 over ipv6
	190	ip netns exec at_ns0 ping -i .2 -c 1 10.1.1.200
	191	ping -c 1 10.1.1.100
	192	# overlay: ipv6 over ipv6
	193	ip netns exec at_ns0 ping6 -c 1 fc80::200
	194	cleanup
	195	}
	196
ef88f89c WT	197	function test_erspan {
	198	TYPE=erspan
	199	DEV_NS=erspan00
	200	DEV=erspan11
	201	config_device
	202	add_erspan_tunnel
	203	attach_bpf $DEV erspan_set_tunnel erspan_get_tunnel
	204	ping -c 1 10.1.1.100
	205	ip netns exec at_ns0 ping -c 1 10.1.1.200
	206	cleanup
	207	}
	208
d37e3bb7 WT	209	function test_ip6erspan {
	210	TYPE=ip6erspan
	211	DEV_NS=ip6erspan00
	212	DEV=ip6erspan11
	213	config_device
	214	add_ip6erspan_tunnel
	215	attach_bpf $DEV ip4ip6erspan_set_tunnel ip4ip6erspan_get_tunnel
	216	ping6 -c 3 ::11
	217	ip netns exec at_ns0 ping -c 1 10.1.1.200
	218	cleanup
	219	}
	220
6afb1e28 WT	221	function test_vxlan {
	222	TYPE=vxlan
	223	DEV_NS=vxlan00
	224	DEV=vxlan11
	225	config_device
	226	add_vxlan_tunnel
	227	attach_bpf $DEV vxlan_set_tunnel vxlan_get_tunnel
	228	ping -c 1 10.1.1.100
	229	ip netns exec at_ns0 ping -c 1 10.1.1.200
a1c82704	230	cleanup
6afb1e28 WT	231	}
	232
	233	function test_geneve {
	234	TYPE=geneve
	235	DEV_NS=geneve00
	236	DEV=geneve11
	237	config_device
	238	add_geneve_tunnel
	239	attach_bpf $DEV geneve_set_tunnel geneve_get_tunnel
	240	ping -c 1 10.1.1.100
	241	ip netns exec at_ns0 ping -c 1 10.1.1.200
a1c82704 AS	242	cleanup
	243	}
	244
	245	function test_ipip {
	246	TYPE=ipip
	247	DEV_NS=ipip00
	248	DEV=ipip11
	249	config_device
	250	tcpdump -nei veth1 &
	251	cat /sys/kernel/debug/tracing/trace_pipe &
	252	add_ipip_tunnel
	253	ethtool -K veth1 gso off gro off rx off tx off
	254	ip link set dev veth1 mtu 1500
	255	attach_bpf $DEV ipip_set_tunnel ipip_get_tunnel
	256	ping -c 1 10.1.1.100
	257	ip netns exec at_ns0 ping -c 1 10.1.1.200
	258	ip netns exec at_ns0 iperf -sD -p 5200 > /dev/null
	259	sleep 0.2
	260	iperf -c 10.1.1.100 -n 5k -p 5200
	261	cleanup
6afb1e28 WT	262	}
	263
	264	function cleanup {
a1c82704 AS	265	set +ex
a1c82704 AS	266	pkill iperf
6afb1e28 WT	267	ip netns delete at_ns0
6afb1e28 WT	268	ip link del veth1
a1c82704 AS	269	ip link del ipip11
a1c82704 AS	270	ip link del gretap11
56ddd302 WT	271	ip link del ip6gre11
56ddd302 WT	272	ip link del ip6gretap11
cc75f851	273	ip link del vxlan11
a1c82704	274	ip link del geneve11
ef88f89c	275	ip link del erspan11
d37e3bb7	276	ip link del ip6erspan11
a1c82704 AS	277	pkill tcpdump
	278	pkill cat
	279	set -ex
6afb1e28 WT	280	}
6afb1e28 WT	281
ef88f89c	282	trap cleanup 0 2 3 6 9
a1c82704	283	cleanup
6afb1e28 WT	284	echo "Testing GRE tunnel..."
6afb1e28 WT	285	test_gre
56ddd302 WT	286	echo "Testing IP6GRE tunnel..."
	287	test_ip6gre
	288	echo "Testing IP6GRETAP tunnel..."
	289	test_ip6gretap
ef88f89c WT	290	echo "Testing ERSPAN tunnel..."
ef88f89c WT	291	test_erspan
d37e3bb7 WT	292	echo "Testing IP6ERSPAN tunnel..."
d37e3bb7 WT	293	test_ip6erspan
6afb1e28 WT	294	echo "Testing VXLAN tunnel..."
6afb1e28 WT	295	test_vxlan
6afb1e28 WT	296	echo "Testing GENEVE tunnel..."
6afb1e28 WT	297	test_geneve
a1c82704 AS	298	echo "Testing IPIP tunnel..."
	299	test_ipip
	300	echo "* PASS *"