Commit | Line | Data |
---|---|---|
305c0418 VN |
1 | #!/bin/bash |
2 | # SPDX-License-Identifier: GPL-2.0 | |
3 | ||
4 | # This test is for checking the [no]localbypass VXLAN device option. The test | |
5 | # configures two VXLAN devices in the same network namespace and a tc filter on | |
6 | # the loopback device that drops encapsulated packets. The test sends packets | |
7 | # from the first VXLAN device and verifies that by default these packets are | |
8 | # received by the second VXLAN device. The test then enables the nolocalbypass | |
9 | # option and verifies that packets are no longer received by the second VXLAN | |
10 | # device. | |
11 | ||
d79e907b | 12 | source lib.sh |
305c0418 | 13 | ret=0 |
305c0418 VN |
14 | |
15 | TESTS=" | |
16 | nolocalbypass | |
17 | " | |
18 | VERBOSE=0 | |
19 | PAUSE_ON_FAIL=no | |
20 | PAUSE=no | |
21 | ||
22 | ################################################################################ | |
23 | # Utilities | |
24 | ||
25 | log_test() | |
26 | { | |
27 | local rc=$1 | |
28 | local expected=$2 | |
29 | local msg="$3" | |
30 | ||
31 | if [ ${rc} -eq ${expected} ]; then | |
32 | printf "TEST: %-60s [ OK ]\n" "${msg}" | |
33 | nsuccess=$((nsuccess+1)) | |
34 | else | |
35 | ret=1 | |
36 | nfail=$((nfail+1)) | |
37 | printf "TEST: %-60s [FAIL]\n" "${msg}" | |
38 | if [ "$VERBOSE" = "1" ]; then | |
39 | echo " rc=$rc, expected $expected" | |
40 | fi | |
41 | ||
42 | if [ "${PAUSE_ON_FAIL}" = "yes" ]; then | |
43 | echo | |
44 | echo "hit enter to continue, 'q' to quit" | |
45 | read a | |
46 | [ "$a" = "q" ] && exit 1 | |
47 | fi | |
48 | fi | |
49 | ||
50 | if [ "${PAUSE}" = "yes" ]; then | |
51 | echo | |
52 | echo "hit enter to continue, 'q' to quit" | |
53 | read a | |
54 | [ "$a" = "q" ] && exit 1 | |
55 | fi | |
56 | ||
57 | [ "$VERBOSE" = "1" ] && echo | |
58 | } | |
59 | ||
60 | run_cmd() | |
61 | { | |
62 | local cmd="$1" | |
63 | local out | |
64 | local stderr="2>/dev/null" | |
65 | ||
66 | if [ "$VERBOSE" = "1" ]; then | |
67 | printf "COMMAND: $cmd\n" | |
68 | stderr= | |
69 | fi | |
70 | ||
71 | out=$(eval $cmd $stderr) | |
72 | rc=$? | |
73 | if [ "$VERBOSE" = "1" -a -n "$out" ]; then | |
74 | echo " $out" | |
75 | fi | |
76 | ||
77 | return $rc | |
78 | } | |
79 | ||
80 | tc_check_packets() | |
81 | { | |
82 | local ns=$1; shift | |
83 | local id=$1; shift | |
84 | local handle=$1; shift | |
85 | local count=$1; shift | |
86 | local pkts | |
87 | ||
88 | sleep 0.1 | |
89 | pkts=$(tc -n $ns -j -s filter show $id \ | |
90 | | jq ".[] | select(.options.handle == $handle) | \ | |
91 | .options.actions[0].stats.packets") | |
92 | [[ $pkts == $count ]] | |
93 | } | |
94 | ||
95 | ################################################################################ | |
96 | # Setup | |
97 | ||
98 | setup() | |
99 | { | |
d79e907b | 100 | setup_ns ns1 |
305c0418 | 101 | |
d79e907b HL |
102 | ip -n $ns1 address add 192.0.2.1/32 dev lo |
103 | ip -n $ns1 address add 198.51.100.1/32 dev lo | |
305c0418 | 104 | |
d79e907b | 105 | ip -n $ns1 link add name vx0 up type vxlan id 100 local 198.51.100.1 \ |
305c0418 | 106 | dstport 4789 nolearning |
d79e907b | 107 | ip -n $ns1 link add name vx1 up type vxlan id 100 dstport 4790 |
305c0418 VN |
108 | } |
109 | ||
110 | cleanup() | |
111 | { | |
d79e907b | 112 | cleanup_ns $ns1 |
305c0418 VN |
113 | } |
114 | ||
115 | ################################################################################ | |
116 | # Tests | |
117 | ||
118 | nolocalbypass() | |
119 | { | |
120 | local smac=00:01:02:03:04:05 | |
121 | local dmac=00:0a:0b:0c:0d:0e | |
122 | ||
d79e907b | 123 | run_cmd "bridge -n $ns1 fdb add $dmac dev vx0 self static dst 192.0.2.1 port 4790" |
305c0418 | 124 | |
d79e907b HL |
125 | run_cmd "tc -n $ns1 qdisc add dev vx1 clsact" |
126 | run_cmd "tc -n $ns1 filter add dev vx1 ingress pref 1 handle 101 proto all flower src_mac $smac dst_mac $dmac action pass" | |
305c0418 | 127 | |
d79e907b HL |
128 | run_cmd "tc -n $ns1 qdisc add dev lo clsact" |
129 | run_cmd "tc -n $ns1 filter add dev lo ingress pref 1 handle 101 proto ip flower ip_proto udp dst_port 4790 action drop" | |
305c0418 | 130 | |
d79e907b | 131 | run_cmd "ip -n $ns1 -d -j link show dev vx0 | jq -e '.[][\"linkinfo\"][\"info_data\"][\"localbypass\"] == true'" |
305c0418 VN |
132 | log_test $? 0 "localbypass enabled" |
133 | ||
d79e907b | 134 | run_cmd "ip netns exec $ns1 mausezahn vx0 -a $smac -b $dmac -c 1 -p 100 -q" |
305c0418 | 135 | |
d79e907b | 136 | tc_check_packets "$ns1" "dev vx1 ingress" 101 1 |
305c0418 VN |
137 | log_test $? 0 "Packet received by local VXLAN device - localbypass" |
138 | ||
d79e907b | 139 | run_cmd "ip -n $ns1 link set dev vx0 type vxlan nolocalbypass" |
305c0418 | 140 | |
d79e907b | 141 | run_cmd "ip -n $ns1 -d -j link show dev vx0 | jq -e '.[][\"linkinfo\"][\"info_data\"][\"localbypass\"] == false'" |
305c0418 VN |
142 | log_test $? 0 "localbypass disabled" |
143 | ||
d79e907b | 144 | run_cmd "ip netns exec $ns1 mausezahn vx0 -a $smac -b $dmac -c 1 -p 100 -q" |
305c0418 | 145 | |
d79e907b | 146 | tc_check_packets "$ns1" "dev vx1 ingress" 101 1 |
305c0418 VN |
147 | log_test $? 0 "Packet not received by local VXLAN device - nolocalbypass" |
148 | ||
d79e907b | 149 | run_cmd "ip -n $ns1 link set dev vx0 type vxlan localbypass" |
305c0418 | 150 | |
d79e907b | 151 | run_cmd "ip -n $ns1 -d -j link show dev vx0 | jq -e '.[][\"linkinfo\"][\"info_data\"][\"localbypass\"] == true'" |
305c0418 VN |
152 | log_test $? 0 "localbypass enabled" |
153 | ||
d79e907b | 154 | run_cmd "ip netns exec $ns1 mausezahn vx0 -a $smac -b $dmac -c 1 -p 100 -q" |
305c0418 | 155 | |
d79e907b | 156 | tc_check_packets "$ns1" "dev vx1 ingress" 101 2 |
305c0418 VN |
157 | log_test $? 0 "Packet received by local VXLAN device - localbypass" |
158 | } | |
159 | ||
160 | ################################################################################ | |
161 | # Usage | |
162 | ||
163 | usage() | |
164 | { | |
165 | cat <<EOF | |
166 | usage: ${0##*/} OPTS | |
167 | ||
168 | -t <test> Test(s) to run (default: all) | |
169 | (options: $TESTS) | |
170 | -p Pause on fail | |
171 | -P Pause after each test before cleanup | |
172 | -v Verbose mode (show commands and output) | |
173 | EOF | |
174 | } | |
175 | ||
176 | ################################################################################ | |
177 | # Main | |
178 | ||
179 | trap cleanup EXIT | |
180 | ||
181 | while getopts ":t:pPvh" opt; do | |
182 | case $opt in | |
183 | t) TESTS=$OPTARG ;; | |
184 | p) PAUSE_ON_FAIL=yes;; | |
185 | P) PAUSE=yes;; | |
186 | v) VERBOSE=$(($VERBOSE + 1));; | |
187 | h) usage; exit 0;; | |
188 | *) usage; exit 1;; | |
189 | esac | |
190 | done | |
191 | ||
192 | # Make sure we don't pause twice. | |
193 | [ "${PAUSE}" = "yes" ] && PAUSE_ON_FAIL=no | |
194 | ||
195 | if [ "$(id -u)" -ne 0 ];then | |
196 | echo "SKIP: Need root privileges" | |
197 | exit $ksft_skip; | |
198 | fi | |
199 | ||
200 | if [ ! -x "$(command -v ip)" ]; then | |
201 | echo "SKIP: Could not run test without ip tool" | |
202 | exit $ksft_skip | |
203 | fi | |
204 | ||
205 | if [ ! -x "$(command -v bridge)" ]; then | |
206 | echo "SKIP: Could not run test without bridge tool" | |
207 | exit $ksft_skip | |
208 | fi | |
209 | ||
210 | if [ ! -x "$(command -v mausezahn)" ]; then | |
211 | echo "SKIP: Could not run test without mausezahn tool" | |
212 | exit $ksft_skip | |
213 | fi | |
214 | ||
215 | if [ ! -x "$(command -v jq)" ]; then | |
216 | echo "SKIP: Could not run test without jq tool" | |
217 | exit $ksft_skip | |
218 | fi | |
219 | ||
220 | ip link help vxlan 2>&1 | grep -q "localbypass" | |
221 | if [ $? -ne 0 ]; then | |
222 | echo "SKIP: iproute2 ip too old, missing VXLAN nolocalbypass support" | |
223 | exit $ksft_skip | |
224 | fi | |
225 | ||
226 | cleanup | |
227 | ||
228 | for t in $TESTS | |
229 | do | |
230 | setup; $t; cleanup; | |
231 | done | |
232 | ||
233 | if [ "$TESTS" != "none" ]; then | |
234 | printf "\nTests passed: %3d\n" ${nsuccess} | |
235 | printf "Tests failed: %3d\n" ${nfail} | |
236 | fi | |
237 | ||
238 | exit $ret |