gre_ipv6_lladdr.sh 4.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184
  1. #!/bin/bash
  2. # SPDX-License-Identifier: GPL-2.0
  3. source ./lib.sh
  4. PAUSE_ON_FAIL="no"
  5. # The trap function handler
  6. #
  7. exit_cleanup_all()
  8. {
  9. cleanup_all_ns
  10. exit "${EXIT_STATUS}"
  11. }
  12. # Add fake IPv4 and IPv6 networks on the loopback device, to be used as
  13. # underlay by future GRE devices.
  14. #
  15. setup_basenet()
  16. {
  17. ip -netns "${NS0}" link set dev lo up
  18. ip -netns "${NS0}" address add dev lo 192.0.2.10/24
  19. ip -netns "${NS0}" address add dev lo 2001:db8::10/64 nodad
  20. }
  21. # Check the IPv6 configuration of a network device.
  22. #
  23. # We currently check the generation of the link-local IPv6 address and the
  24. # creation of the ff00::/8 multicast route.
  25. #
  26. # Parameters:
  27. #
  28. # * $1: The network device to test
  29. # * $2: An extra regular expression that should be matched (to verify the
  30. # presence of extra attributes)
  31. # * $3: The expected return code from grep (to allow checking the absence of
  32. # a link-local address)
  33. # * $4: The user visible name for the scenario being tested
  34. #
  35. check_ipv6_device_config()
  36. {
  37. local DEV="$1"
  38. local EXTRA_MATCH="$2"
  39. local XRET="$3"
  40. local MSG="$4"
  41. RET=0
  42. set +e
  43. ip -netns "${NS0}" -6 address show dev "${DEV}" scope link | grep "fe80::" | grep -q "${EXTRA_MATCH}"
  44. check_err_fail "${XRET}" $? "IPv6 link-local address generation"
  45. ip -netns "${NS0}" -6 route show table local type multicast ff00::/8 proto kernel | grep -q "${DEV}"
  46. check_err_fail 0 $? "IPv6 multicast route creation"
  47. log_test "${MSG}"
  48. set -e
  49. }
  50. # Create a GRE device and verify that it gets an IPv6 link-local address as
  51. # expected.
  52. #
  53. # Parameters:
  54. #
  55. # * $1: The device type (gre, ip6gre, gretap or ip6gretap)
  56. # * $2: The local underlay IP address (can be an IPv4, an IPv6 or "any")
  57. # * $3: The remote underlay IP address (can be an IPv4, an IPv6 or "any")
  58. # * $4: The IPv6 interface identifier generation mode to use for the GRE
  59. # device (eui64, none, stable-privacy or random).
  60. #
  61. test_gre_device()
  62. {
  63. local GRE_TYPE="$1"
  64. local LOCAL_IP="$2"
  65. local REMOTE_IP="$3"
  66. local MODE="$4"
  67. local ADDR_GEN_MODE
  68. local MATCH_REGEXP
  69. local MSG
  70. ip link add netns "${NS0}" name gretest type "${GRE_TYPE}" local "${LOCAL_IP}" remote "${REMOTE_IP}"
  71. case "${MODE}" in
  72. "eui64")
  73. ADDR_GEN_MODE=0
  74. MATCH_REGEXP=""
  75. MSG="${GRE_TYPE}, mode: 0 (EUI64), ${LOCAL_IP} -> ${REMOTE_IP}"
  76. XRET=0
  77. ;;
  78. "none")
  79. ADDR_GEN_MODE=1
  80. MATCH_REGEXP=""
  81. MSG="${GRE_TYPE}, mode: 1 (none), ${LOCAL_IP} -> ${REMOTE_IP}"
  82. XRET=1 # No link-local address should be generated
  83. ;;
  84. "stable-privacy")
  85. ADDR_GEN_MODE=2
  86. MATCH_REGEXP="stable-privacy"
  87. MSG="${GRE_TYPE}, mode: 2 (stable privacy), ${LOCAL_IP} -> ${REMOTE_IP}"
  88. XRET=0
  89. # Initialise stable_secret (required for stable-privacy mode)
  90. ip netns exec "${NS0}" sysctl -qw net.ipv6.conf.gretest.stable_secret="2001:db8::abcd"
  91. ;;
  92. "random")
  93. ADDR_GEN_MODE=3
  94. MATCH_REGEXP="stable-privacy"
  95. MSG="${GRE_TYPE}, mode: 3 (random), ${LOCAL_IP} -> ${REMOTE_IP}"
  96. XRET=0
  97. ;;
  98. esac
  99. # Check the IPv6 device configuration when it goes up
  100. ip netns exec "${NS0}" sysctl -qw net.ipv6.conf.gretest.addr_gen_mode="${ADDR_GEN_MODE}"
  101. ip -netns "${NS0}" link set dev gretest up
  102. check_ipv6_device_config gretest "${MATCH_REGEXP}" "${XRET}" "config: ${MSG}"
  103. # Now disable link-local address generation
  104. ip -netns "${NS0}" link set dev gretest down
  105. ip netns exec "${NS0}" sysctl -qw net.ipv6.conf.gretest.addr_gen_mode=1
  106. ip -netns "${NS0}" link set dev gretest up
  107. # Check the IPv6 device configuration when link-local address
  108. # generation is re-enabled while the device is already up
  109. ip netns exec "${NS0}" sysctl -qw net.ipv6.conf.gretest.addr_gen_mode="${ADDR_GEN_MODE}"
  110. check_ipv6_device_config gretest "${MATCH_REGEXP}" "${XRET}" "update: ${MSG}"
  111. ip -netns "${NS0}" link del dev gretest
  112. }
  113. test_gre4()
  114. {
  115. local GRE_TYPE
  116. local MODE
  117. for GRE_TYPE in "gre" "gretap"; do
  118. printf "\n####\nTesting IPv6 configuration of ${GRE_TYPE} devices\n####\n\n"
  119. for MODE in "eui64" "none" "stable-privacy" "random"; do
  120. test_gre_device "${GRE_TYPE}" 192.0.2.10 192.0.2.11 "${MODE}"
  121. test_gre_device "${GRE_TYPE}" any 192.0.2.11 "${MODE}"
  122. test_gre_device "${GRE_TYPE}" 192.0.2.10 any "${MODE}"
  123. done
  124. done
  125. }
  126. test_gre6()
  127. {
  128. local GRE_TYPE
  129. local MODE
  130. for GRE_TYPE in "ip6gre" "ip6gretap"; do
  131. printf "\n####\nTesting IPv6 configuration of ${GRE_TYPE} devices\n####\n\n"
  132. for MODE in "eui64" "none" "stable-privacy" "random"; do
  133. test_gre_device "${GRE_TYPE}" 2001:db8::10 2001:db8::11 "${MODE}"
  134. test_gre_device "${GRE_TYPE}" any 2001:db8::11 "${MODE}"
  135. test_gre_device "${GRE_TYPE}" 2001:db8::10 any "${MODE}"
  136. done
  137. done
  138. }
  139. usage()
  140. {
  141. echo "Usage: $0 [-p]"
  142. exit 1
  143. }
  144. while getopts :p o
  145. do
  146. case $o in
  147. p) PAUSE_ON_FAIL="yes";;
  148. *) usage;;
  149. esac
  150. done
  151. setup_ns NS0
  152. set -e
  153. trap exit_cleanup_all EXIT
  154. setup_basenet
  155. test_gre4
  156. test_gre6