test.sh 2.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117
  1. #!/bin/bash
  2. # SPDX-License-Identifier: GPL-2.0
  3. # Copyright (C) 2020-2025 OpenVPN, Inc.
  4. #
  5. # Author: Antonio Quartulli <antonio@openvpn.net>
  6. #set -x
  7. set -e
  8. source ./common.sh
  9. cleanup
  10. modprobe -q ovpn || true
  11. for p in $(seq 0 ${NUM_PEERS}); do
  12. create_ns ${p}
  13. done
  14. for p in $(seq 0 ${NUM_PEERS}); do
  15. setup_ns ${p} 5.5.5.$((${p} + 1))/24 ${MTU}
  16. done
  17. for p in $(seq 0 ${NUM_PEERS}); do
  18. add_peer ${p}
  19. done
  20. for p in $(seq 1 ${NUM_PEERS}); do
  21. ip netns exec peer0 ${OVPN_CLI} set_peer tun0 ${p} 60 120
  22. ip netns exec peer${p} ${OVPN_CLI} set_peer tun${p} ${p} 60 120
  23. done
  24. sleep 1
  25. for p in $(seq 1 ${NUM_PEERS}); do
  26. ip netns exec peer0 ping -qfc 500 -w 3 5.5.5.$((${p} + 1))
  27. ip netns exec peer0 ping -qfc 500 -s 3000 -w 3 5.5.5.$((${p} + 1))
  28. done
  29. # ping LAN behind client 1
  30. ip netns exec peer0 ping -qfc 500 -w 3 ${LAN_IP}
  31. if [ "$FLOAT" == "1" ]; then
  32. # make clients float..
  33. for p in $(seq 1 ${NUM_PEERS}); do
  34. ip -n peer${p} addr del 10.10.${p}.2/24 dev veth${p}
  35. ip -n peer${p} addr add 10.10.${p}.3/24 dev veth${p}
  36. done
  37. for p in $(seq 1 ${NUM_PEERS}); do
  38. ip netns exec peer${p} ping -qfc 500 -w 3 5.5.5.1
  39. done
  40. fi
  41. ip netns exec peer0 iperf3 -1 -s &
  42. sleep 1
  43. ip netns exec peer1 iperf3 -Z -t 3 -c 5.5.5.1
  44. echo "Adding secondary key and then swap:"
  45. for p in $(seq 1 ${NUM_PEERS}); do
  46. ip netns exec peer0 ${OVPN_CLI} new_key tun0 ${p} 2 1 ${ALG} 0 data64.key
  47. ip netns exec peer${p} ${OVPN_CLI} new_key tun${p} ${p} 2 1 ${ALG} 1 data64.key
  48. ip netns exec peer${p} ${OVPN_CLI} swap_keys tun${p} ${p}
  49. done
  50. sleep 1
  51. echo "Querying all peers:"
  52. ip netns exec peer0 ${OVPN_CLI} get_peer tun0
  53. ip netns exec peer1 ${OVPN_CLI} get_peer tun1
  54. echo "Querying peer 1:"
  55. ip netns exec peer0 ${OVPN_CLI} get_peer tun0 1
  56. echo "Querying non-existent peer 10:"
  57. ip netns exec peer0 ${OVPN_CLI} get_peer tun0 10 || true
  58. echo "Deleting peer 1:"
  59. ip netns exec peer0 ${OVPN_CLI} del_peer tun0 1
  60. ip netns exec peer1 ${OVPN_CLI} del_peer tun1 1
  61. echo "Querying keys:"
  62. for p in $(seq 2 ${NUM_PEERS}); do
  63. ip netns exec peer${p} ${OVPN_CLI} get_key tun${p} ${p} 1
  64. ip netns exec peer${p} ${OVPN_CLI} get_key tun${p} ${p} 2
  65. done
  66. echo "Deleting peer while sending traffic:"
  67. (ip netns exec peer2 ping -qf -w 4 5.5.5.1)&
  68. sleep 2
  69. ip netns exec peer0 ${OVPN_CLI} del_peer tun0 2
  70. # following command fails in TCP mode
  71. # (both ends get conn reset when one peer disconnects)
  72. ip netns exec peer2 ${OVPN_CLI} del_peer tun2 2 || true
  73. echo "Deleting keys:"
  74. for p in $(seq 3 ${NUM_PEERS}); do
  75. ip netns exec peer${p} ${OVPN_CLI} del_key tun${p} ${p} 1
  76. ip netns exec peer${p} ${OVPN_CLI} del_key tun${p} ${p} 2
  77. done
  78. echo "Setting timeout to 3s MP:"
  79. for p in $(seq 3 ${NUM_PEERS}); do
  80. ip netns exec peer0 ${OVPN_CLI} set_peer tun0 ${p} 3 3 || true
  81. ip netns exec peer${p} ${OVPN_CLI} set_peer tun${p} ${p} 0 0
  82. done
  83. # wait for peers to timeout
  84. sleep 5
  85. echo "Setting timeout to 3s P2P:"
  86. for p in $(seq 3 ${NUM_PEERS}); do
  87. ip netns exec peer${p} ${OVPN_CLI} set_peer tun${p} ${p} 3 3
  88. done
  89. sleep 5
  90. cleanup
  91. modprobe -r ovpn || true