test_vxlan_mdb.sh 93 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442244324442445244624472448244924502451245224532454245524562457245824592460246124622463246424652466246724682469247024712472247324742475247624772478247924802481248224832484248524862487248824892490249124922493249424952496249724982499250025012502250325042505250625072508250925102511251225132514251525162517251825192520252125222523252425252526252725282529253025312532253325342535253625372538253925402541254225432544254525462547254825492550255125522553255425552556255725582559256025612562
  1. #!/bin/bash
  2. # SPDX-License-Identifier: GPL-2.0
  3. #
  4. # This test is for checking VXLAN MDB functionality. The topology consists of
  5. # two sets of namespaces: One for the testing of IPv4 underlay and another for
  6. # IPv6. In both cases, both IPv4 and IPv6 overlay traffic are tested.
  7. #
  8. # Data path functionality is tested by sending traffic from one of the upper
  9. # namespaces and checking using ingress tc filters that the expected traffic
  10. # was received by one of the lower namespaces.
  11. #
  12. # +------------------------------------+ +------------------------------------+
  13. # | ns1_v4 | | ns1_v6 |
  14. # | | | |
  15. # | br0.10 br0.4000 br0.20 | | br0.10 br0.4000 br0.20 |
  16. # | + + + | | + + + |
  17. # | | | | | | | | | |
  18. # | | | | | | | | | |
  19. # | +---------+---------+ | | +---------+---------+ |
  20. # | | | | | |
  21. # | | | | | |
  22. # | + | | + |
  23. # | br0 | | br0 |
  24. # | + | | + |
  25. # | | | | | |
  26. # | | | | | |
  27. # | + | | + |
  28. # | vx0 | | vx0 |
  29. # | | | |
  30. # | | | |
  31. # | veth0 | | veth0 |
  32. # | + | | + |
  33. # +-----------------|------------------+ +-----------------|------------------+
  34. # | |
  35. # +-----------------|------------------+ +-----------------|------------------+
  36. # | + | | + |
  37. # | veth0 | | veth0 |
  38. # | | | |
  39. # | | | |
  40. # | vx0 | | vx0 |
  41. # | + | | + |
  42. # | | | | | |
  43. # | | | | | |
  44. # | + | | + |
  45. # | br0 | | br0 |
  46. # | + | | + |
  47. # | | | | | |
  48. # | | | | | |
  49. # | +---------+---------+ | | +---------+---------+ |
  50. # | | | | | | | | | |
  51. # | | | | | | | | | |
  52. # | + + + | | + + + |
  53. # | br0.10 br0.4000 br0.10 | | br0.10 br0.4000 br0.20 |
  54. # | | | |
  55. # | ns2_v4 | | ns2_v6 |
  56. # +------------------------------------+ +------------------------------------+
  57. source lib.sh
  58. ret=0
  59. CONTROL_PATH_TESTS="
  60. basic_star_g_ipv4_ipv4
  61. basic_star_g_ipv6_ipv4
  62. basic_star_g_ipv4_ipv6
  63. basic_star_g_ipv6_ipv6
  64. basic_sg_ipv4_ipv4
  65. basic_sg_ipv6_ipv4
  66. basic_sg_ipv4_ipv6
  67. basic_sg_ipv6_ipv6
  68. star_g_ipv4_ipv4
  69. star_g_ipv6_ipv4
  70. star_g_ipv4_ipv6
  71. star_g_ipv6_ipv6
  72. sg_ipv4_ipv4
  73. sg_ipv6_ipv4
  74. sg_ipv4_ipv6
  75. sg_ipv6_ipv6
  76. dump_ipv4_ipv4
  77. dump_ipv6_ipv4
  78. dump_ipv4_ipv6
  79. dump_ipv6_ipv6
  80. flush
  81. "
  82. DATA_PATH_TESTS="
  83. encap_params_ipv4_ipv4
  84. encap_params_ipv6_ipv4
  85. encap_params_ipv4_ipv6
  86. encap_params_ipv6_ipv6
  87. starg_exclude_ir_ipv4_ipv4
  88. starg_exclude_ir_ipv6_ipv4
  89. starg_exclude_ir_ipv4_ipv6
  90. starg_exclude_ir_ipv6_ipv6
  91. starg_include_ir_ipv4_ipv4
  92. starg_include_ir_ipv6_ipv4
  93. starg_include_ir_ipv4_ipv6
  94. starg_include_ir_ipv6_ipv6
  95. starg_exclude_p2mp_ipv4_ipv4
  96. starg_exclude_p2mp_ipv6_ipv4
  97. starg_exclude_p2mp_ipv4_ipv6
  98. starg_exclude_p2mp_ipv6_ipv6
  99. starg_include_p2mp_ipv4_ipv4
  100. starg_include_p2mp_ipv6_ipv4
  101. starg_include_p2mp_ipv4_ipv6
  102. starg_include_p2mp_ipv6_ipv6
  103. egress_vni_translation_ipv4_ipv4
  104. egress_vni_translation_ipv6_ipv4
  105. egress_vni_translation_ipv4_ipv6
  106. egress_vni_translation_ipv6_ipv6
  107. all_zeros_mdb_ipv4
  108. all_zeros_mdb_ipv6
  109. mdb_fdb_ipv4_ipv4
  110. mdb_fdb_ipv6_ipv4
  111. mdb_fdb_ipv4_ipv6
  112. mdb_fdb_ipv6_ipv6
  113. mdb_torture_ipv4_ipv4
  114. mdb_torture_ipv6_ipv4
  115. mdb_torture_ipv4_ipv6
  116. mdb_torture_ipv6_ipv6
  117. "
  118. # All tests in this script. Can be overridden with -t option.
  119. TESTS="
  120. $CONTROL_PATH_TESTS
  121. $DATA_PATH_TESTS
  122. "
  123. VERBOSE=0
  124. PAUSE_ON_FAIL=no
  125. PAUSE=no
  126. ################################################################################
  127. # Utilities
  128. log_test()
  129. {
  130. local rc=$1
  131. local expected=$2
  132. local msg="$3"
  133. if [ ${rc} -eq ${expected} ]; then
  134. printf "TEST: %-60s [ OK ]\n" "${msg}"
  135. nsuccess=$((nsuccess+1))
  136. else
  137. ret=1
  138. nfail=$((nfail+1))
  139. printf "TEST: %-60s [FAIL]\n" "${msg}"
  140. if [ "$VERBOSE" = "1" ]; then
  141. echo " rc=$rc, expected $expected"
  142. fi
  143. if [ "${PAUSE_ON_FAIL}" = "yes" ]; then
  144. echo
  145. echo "hit enter to continue, 'q' to quit"
  146. read a
  147. [ "$a" = "q" ] && exit 1
  148. fi
  149. fi
  150. if [ "${PAUSE}" = "yes" ]; then
  151. echo
  152. echo "hit enter to continue, 'q' to quit"
  153. read a
  154. [ "$a" = "q" ] && exit 1
  155. fi
  156. [ "$VERBOSE" = "1" ] && echo
  157. }
  158. run_cmd()
  159. {
  160. local cmd="$1"
  161. local out
  162. local stderr="2>/dev/null"
  163. if [ "$VERBOSE" = "1" ]; then
  164. printf "COMMAND: $cmd\n"
  165. stderr=
  166. fi
  167. out=$(eval $cmd $stderr)
  168. rc=$?
  169. if [ "$VERBOSE" = "1" -a -n "$out" ]; then
  170. echo " $out"
  171. fi
  172. return $rc
  173. }
  174. tc_check_packets()
  175. {
  176. local ns=$1; shift
  177. local id=$1; shift
  178. local handle=$1; shift
  179. local count=$1; shift
  180. local pkts
  181. sleep 0.1
  182. pkts=$(tc -n $ns -j -s filter show $id \
  183. | jq ".[] | select(.options.handle == $handle) | \
  184. .options.actions[0].stats.packets")
  185. [[ $pkts == $count ]]
  186. }
  187. ################################################################################
  188. # Setup
  189. setup_common_ns()
  190. {
  191. local ns=$1; shift
  192. local local_addr=$1; shift
  193. ip netns exec $ns sysctl -qw net.ipv4.ip_forward=1
  194. ip netns exec $ns sysctl -qw net.ipv4.fib_multipath_use_neigh=1
  195. ip netns exec $ns sysctl -qw net.ipv4.conf.default.ignore_routes_with_linkdown=1
  196. ip netns exec $ns sysctl -qw net.ipv6.conf.all.keep_addr_on_down=1
  197. ip netns exec $ns sysctl -qw net.ipv6.conf.all.forwarding=1
  198. ip netns exec $ns sysctl -qw net.ipv6.conf.default.forwarding=1
  199. ip netns exec $ns sysctl -qw net.ipv6.conf.default.ignore_routes_with_linkdown=1
  200. ip netns exec $ns sysctl -qw net.ipv6.conf.all.accept_dad=0
  201. ip netns exec $ns sysctl -qw net.ipv6.conf.default.accept_dad=0
  202. ip -n $ns link set dev lo up
  203. ip -n $ns address add $local_addr dev lo
  204. ip -n $ns link set dev veth0 up
  205. ip -n $ns link add name br0 up type bridge vlan_filtering 1 \
  206. vlan_default_pvid 0 mcast_snooping 0
  207. ip -n $ns link add link br0 name br0.10 up type vlan id 10
  208. bridge -n $ns vlan add vid 10 dev br0 self
  209. ip -n $ns link add link br0 name br0.20 up type vlan id 20
  210. bridge -n $ns vlan add vid 20 dev br0 self
  211. ip -n $ns link add link br0 name br0.4000 up type vlan id 4000
  212. bridge -n $ns vlan add vid 4000 dev br0 self
  213. ip -n $ns link add name vx0 up master br0 type vxlan \
  214. local $local_addr dstport 4789 external vnifilter
  215. bridge -n $ns link set dev vx0 vlan_tunnel on
  216. bridge -n $ns vlan add vid 10 dev vx0
  217. bridge -n $ns vlan add vid 10 dev vx0 tunnel_info id 10010
  218. bridge -n $ns vni add vni 10010 dev vx0
  219. bridge -n $ns vlan add vid 20 dev vx0
  220. bridge -n $ns vlan add vid 20 dev vx0 tunnel_info id 10020
  221. bridge -n $ns vni add vni 10020 dev vx0
  222. bridge -n $ns vlan add vid 4000 dev vx0 pvid
  223. bridge -n $ns vlan add vid 4000 dev vx0 tunnel_info id 14000
  224. bridge -n $ns vni add vni 14000 dev vx0
  225. }
  226. setup_common()
  227. {
  228. local ns1=$1; shift
  229. local ns2=$1; shift
  230. local local_addr1=$1; shift
  231. local local_addr2=$1; shift
  232. ip link add name veth0 type veth peer name veth1
  233. ip link set dev veth0 netns $ns1 name veth0
  234. ip link set dev veth1 netns $ns2 name veth0
  235. setup_common_ns $ns1 $local_addr1
  236. setup_common_ns $ns2 $local_addr2
  237. }
  238. setup_v4()
  239. {
  240. setup_ns ns1_v4 ns2_v4
  241. setup_common $ns1_v4 $ns2_v4 192.0.2.1 192.0.2.2
  242. ip -n $ns1_v4 address add 192.0.2.17/28 dev veth0
  243. ip -n $ns2_v4 address add 192.0.2.18/28 dev veth0
  244. ip -n $ns1_v4 route add default via 192.0.2.18
  245. ip -n $ns2_v4 route add default via 192.0.2.17
  246. }
  247. cleanup_v4()
  248. {
  249. cleanup_ns $ns2_v4 $ns1_v4
  250. }
  251. setup_v6()
  252. {
  253. setup_ns ns1_v6 ns2_v6
  254. setup_common $ns1_v6 $ns2_v6 2001:db8:1::1 2001:db8:1::2
  255. ip -n $ns1_v6 address add 2001:db8:2::1/64 dev veth0 nodad
  256. ip -n $ns2_v6 address add 2001:db8:2::2/64 dev veth0 nodad
  257. ip -n $ns1_v6 route add default via 2001:db8:2::2
  258. ip -n $ns2_v6 route add default via 2001:db8:2::1
  259. }
  260. cleanup_v6()
  261. {
  262. cleanup_ns $ns2_v6 $ns1_v6
  263. }
  264. setup()
  265. {
  266. set -e
  267. setup_v4
  268. setup_v6
  269. sleep 5
  270. set +e
  271. }
  272. cleanup()
  273. {
  274. cleanup_v6 &> /dev/null
  275. cleanup_v4 &> /dev/null
  276. }
  277. ################################################################################
  278. # Tests - Control path
  279. basic_common()
  280. {
  281. local ns1=$1; shift
  282. local grp_key=$1; shift
  283. local vtep_ip=$1; shift
  284. # Test basic control path operations common to all MDB entry types.
  285. # Basic add, replace and delete behavior.
  286. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
  287. log_test $? 0 "MDB entry addition"
  288. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010"
  289. log_test $? 0 "MDB entry presence after addition"
  290. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
  291. log_test $? 0 "MDB entry replacement"
  292. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010"
  293. log_test $? 0 "MDB entry presence after replacement"
  294. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
  295. log_test $? 0 "MDB entry deletion"
  296. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010"
  297. log_test $? 254 "MDB entry presence after deletion"
  298. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
  299. log_test $? 255 "Non-existent MDB entry deletion"
  300. # Default protocol and replacement.
  301. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
  302. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \"proto static\""
  303. log_test $? 0 "MDB entry default protocol"
  304. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 $grp_key permanent proto 123 dst $vtep_ip src_vni 10010"
  305. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \"proto 123\""
  306. log_test $? 0 "MDB entry protocol replacement"
  307. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
  308. # Default destination port and replacement.
  309. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
  310. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \" dst_port \""
  311. log_test $? 1 "MDB entry default destination port"
  312. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 $grp_key permanent dst $vtep_ip dst_port 1234 src_vni 10010"
  313. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \"dst_port 1234\""
  314. log_test $? 0 "MDB entry destination port replacement"
  315. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
  316. # Default destination VNI and replacement.
  317. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
  318. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \" vni \""
  319. log_test $? 1 "MDB entry default destination VNI"
  320. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 $grp_key permanent dst $vtep_ip vni 1234 src_vni 10010"
  321. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \"vni 1234\""
  322. log_test $? 0 "MDB entry destination VNI replacement"
  323. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
  324. # Default outgoing interface and replacement.
  325. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
  326. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \" via \""
  327. log_test $? 1 "MDB entry default outgoing interface"
  328. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010 via veth0"
  329. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \"via veth0\""
  330. log_test $? 0 "MDB entry outgoing interface replacement"
  331. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
  332. # Common error cases.
  333. run_cmd "bridge -n $ns1 mdb add dev vx0 port veth0 $grp_key permanent dst $vtep_ip src_vni 10010"
  334. log_test $? 255 "MDB entry with mismatch between device and port"
  335. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key temp dst $vtep_ip src_vni 10010"
  336. log_test $? 255 "MDB entry with temp state"
  337. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent vid 10 dst $vtep_ip src_vni 10010"
  338. log_test $? 255 "MDB entry with VLAN"
  339. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp 01:02:03:04:05:06 permanent dst $vtep_ip src_vni 10010"
  340. log_test $? 255 "MDB entry MAC address"
  341. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent"
  342. log_test $? 255 "MDB entry without extended parameters"
  343. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent proto 3 dst $vtep_ip src_vni 10010"
  344. log_test $? 255 "MDB entry with an invalid protocol"
  345. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip vni $((2 ** 24)) src_vni 10010"
  346. log_test $? 255 "MDB entry with an invalid destination VNI"
  347. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni $((2 ** 24))"
  348. log_test $? 255 "MDB entry with an invalid source VNI"
  349. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent src_vni 10010"
  350. log_test $? 255 "MDB entry without a remote destination IP"
  351. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
  352. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
  353. log_test $? 255 "Duplicate MDB entries"
  354. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
  355. }
  356. basic_star_g_ipv4_ipv4()
  357. {
  358. local ns1=$ns1_v4
  359. local grp_key="grp 239.1.1.1"
  360. local vtep_ip=198.51.100.100
  361. echo
  362. echo "Control path: Basic (*, G) operations - IPv4 overlay / IPv4 underlay"
  363. echo "--------------------------------------------------------------------"
  364. basic_common $ns1 "$grp_key" $vtep_ip
  365. }
  366. basic_star_g_ipv6_ipv4()
  367. {
  368. local ns1=$ns1_v4
  369. local grp_key="grp ff0e::1"
  370. local vtep_ip=198.51.100.100
  371. echo
  372. echo "Control path: Basic (*, G) operations - IPv6 overlay / IPv4 underlay"
  373. echo "--------------------------------------------------------------------"
  374. basic_common $ns1 "$grp_key" $vtep_ip
  375. }
  376. basic_star_g_ipv4_ipv6()
  377. {
  378. local ns1=$ns1_v6
  379. local grp_key="grp 239.1.1.1"
  380. local vtep_ip=2001:db8:1000::1
  381. echo
  382. echo "Control path: Basic (*, G) operations - IPv4 overlay / IPv6 underlay"
  383. echo "--------------------------------------------------------------------"
  384. basic_common $ns1 "$grp_key" $vtep_ip
  385. }
  386. basic_star_g_ipv6_ipv6()
  387. {
  388. local ns1=$ns1_v6
  389. local grp_key="grp ff0e::1"
  390. local vtep_ip=2001:db8:1000::1
  391. echo
  392. echo "Control path: Basic (*, G) operations - IPv6 overlay / IPv6 underlay"
  393. echo "--------------------------------------------------------------------"
  394. basic_common $ns1 "$grp_key" $vtep_ip
  395. }
  396. basic_sg_ipv4_ipv4()
  397. {
  398. local ns1=$ns1_v4
  399. local grp_key="grp 239.1.1.1 src 192.0.2.129"
  400. local vtep_ip=198.51.100.100
  401. echo
  402. echo "Control path: Basic (S, G) operations - IPv4 overlay / IPv4 underlay"
  403. echo "--------------------------------------------------------------------"
  404. basic_common $ns1 "$grp_key" $vtep_ip
  405. }
  406. basic_sg_ipv6_ipv4()
  407. {
  408. local ns1=$ns1_v4
  409. local grp_key="grp ff0e::1 src 2001:db8:100::1"
  410. local vtep_ip=198.51.100.100
  411. echo
  412. echo "Control path: Basic (S, G) operations - IPv6 overlay / IPv4 underlay"
  413. echo "---------------------------------------------------------------------"
  414. basic_common $ns1 "$grp_key" $vtep_ip
  415. }
  416. basic_sg_ipv4_ipv6()
  417. {
  418. local ns1=$ns1_v6
  419. local grp_key="grp 239.1.1.1 src 192.0.2.129"
  420. local vtep_ip=2001:db8:1000::1
  421. echo
  422. echo "Control path: Basic (S, G) operations - IPv4 overlay / IPv6 underlay"
  423. echo "--------------------------------------------------------------------"
  424. basic_common $ns1 "$grp_key" $vtep_ip
  425. }
  426. basic_sg_ipv6_ipv6()
  427. {
  428. local ns1=$ns1_v6
  429. local grp_key="grp ff0e::1 src 2001:db8:100::1"
  430. local vtep_ip=2001:db8:1000::1
  431. echo
  432. echo "Control path: Basic (S, G) operations - IPv6 overlay / IPv6 underlay"
  433. echo "--------------------------------------------------------------------"
  434. basic_common $ns1 "$grp_key" $vtep_ip
  435. }
  436. star_g_common()
  437. {
  438. local ns1=$1; shift
  439. local grp=$1; shift
  440. local src1=$1; shift
  441. local src2=$1; shift
  442. local src3=$1; shift
  443. local vtep_ip=$1; shift
  444. local all_zeros_grp=$1; shift
  445. # Test control path operations specific to (*, G) entries.
  446. # Basic add, replace and delete behavior.
  447. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
  448. log_test $? 0 "(*, G) MDB entry addition with source list"
  449. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010"
  450. log_test $? 0 "(*, G) MDB entry presence after addition"
  451. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010"
  452. log_test $? 0 "(S, G) MDB entry presence after addition"
  453. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
  454. log_test $? 0 "(*, G) MDB entry replacement with source list"
  455. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010"
  456. log_test $? 0 "(*, G) MDB entry presence after replacement"
  457. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010"
  458. log_test $? 0 "(S, G) MDB entry presence after replacement"
  459. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
  460. log_test $? 0 "(*, G) MDB entry deletion"
  461. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010"
  462. log_test $? 254 "(*, G) MDB entry presence after deletion"
  463. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010"
  464. log_test $? 254 "(S, G) MDB entry presence after deletion"
  465. # Default filter mode and replacement.
  466. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent dst $vtep_ip src_vni 10010"
  467. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep exclude"
  468. log_test $? 0 "(*, G) MDB entry default filter mode"
  469. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode include source_list $src1 dst $vtep_ip src_vni 10010"
  470. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep include"
  471. log_test $? 0 "(*, G) MDB entry after replacing filter mode to \"include\""
  472. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010"
  473. log_test $? 0 "(S, G) MDB entry after replacing filter mode to \"include\""
  474. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep blocked"
  475. log_test $? 1 "\"blocked\" flag after replacing filter mode to \"include\""
  476. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
  477. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep exclude"
  478. log_test $? 0 "(*, G) MDB entry after replacing filter mode to \"exclude\""
  479. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grep grp $grp src $src1 src_vni 10010"
  480. log_test $? 0 "(S, G) MDB entry after replacing filter mode to \"exclude\""
  481. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep blocked"
  482. log_test $? 0 "\"blocked\" flag after replacing filter mode to \"exclude\""
  483. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
  484. # Default source list and replacement.
  485. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent dst $vtep_ip src_vni 10010"
  486. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep source_list"
  487. log_test $? 1 "(*, G) MDB entry default source list"
  488. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1,$src2,$src3 dst $vtep_ip src_vni 10010"
  489. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010"
  490. log_test $? 0 "(S, G) MDB entry of 1st source after replacing source list"
  491. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src2 src_vni 10010"
  492. log_test $? 0 "(S, G) MDB entry of 2nd source after replacing source list"
  493. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src3 src_vni 10010"
  494. log_test $? 0 "(S, G) MDB entry of 3rd source after replacing source list"
  495. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1,$src3 dst $vtep_ip src_vni 10010"
  496. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010"
  497. log_test $? 0 "(S, G) MDB entry of 1st source after removing source"
  498. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src2 src_vni 10010"
  499. log_test $? 254 "(S, G) MDB entry of 2nd source after removing source"
  500. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src3 src_vni 10010"
  501. log_test $? 0 "(S, G) MDB entry of 3rd source after removing source"
  502. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
  503. # Default protocol and replacement.
  504. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
  505. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \"proto static\""
  506. log_test $? 0 "(*, G) MDB entry default protocol"
  507. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \"proto static\""
  508. log_test $? 0 "(S, G) MDB entry default protocol"
  509. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 proto bgp dst $vtep_ip src_vni 10010"
  510. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \"proto bgp\""
  511. log_test $? 0 "(*, G) MDB entry protocol after replacement"
  512. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \"proto bgp\""
  513. log_test $? 0 "(S, G) MDB entry protocol after replacement"
  514. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
  515. # Default destination port and replacement.
  516. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
  517. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \" dst_port \""
  518. log_test $? 1 "(*, G) MDB entry default destination port"
  519. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \" dst_port \""
  520. log_test $? 1 "(S, G) MDB entry default destination port"
  521. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip dst_port 1234 src_vni 10010"
  522. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \" dst_port 1234 \""
  523. log_test $? 0 "(*, G) MDB entry destination port after replacement"
  524. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \" dst_port 1234 \""
  525. log_test $? 0 "(S, G) MDB entry destination port after replacement"
  526. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
  527. # Default destination VNI and replacement.
  528. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
  529. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \" vni \""
  530. log_test $? 1 "(*, G) MDB entry default destination VNI"
  531. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \" vni \""
  532. log_test $? 1 "(S, G) MDB entry default destination VNI"
  533. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip vni 1234 src_vni 10010"
  534. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \" vni 1234 \""
  535. log_test $? 0 "(*, G) MDB entry destination VNI after replacement"
  536. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \" vni 1234 \""
  537. log_test $? 0 "(S, G) MDB entry destination VNI after replacement"
  538. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
  539. # Default outgoing interface and replacement.
  540. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
  541. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \" via \""
  542. log_test $? 1 "(*, G) MDB entry default outgoing interface"
  543. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \" via \""
  544. log_test $? 1 "(S, G) MDB entry default outgoing interface"
  545. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010 via veth0"
  546. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \" via veth0 \""
  547. log_test $? 0 "(*, G) MDB entry outgoing interface after replacement"
  548. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \" via veth0 \""
  549. log_test $? 0 "(S, G) MDB entry outgoing interface after replacement"
  550. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
  551. # Error cases.
  552. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $all_zeros_grp permanent filter_mode exclude dst $vtep_ip src_vni 10010"
  553. log_test $? 255 "All-zeros group with filter mode"
  554. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $all_zeros_grp permanent source_list $src1 dst $vtep_ip src_vni 10010"
  555. log_test $? 255 "All-zeros group with source list"
  556. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode include dst $vtep_ip src_vni 10010"
  557. log_test $? 255 "(*, G) INCLUDE with an empty source list"
  558. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $grp dst $vtep_ip src_vni 10010"
  559. log_test $? 255 "Invalid source in source list"
  560. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent source_list $src1 dst $vtep_ip src_vni 10010"
  561. log_test $? 255 "Source list without filter mode"
  562. }
  563. star_g_ipv4_ipv4()
  564. {
  565. local ns1=$ns1_v4
  566. local grp=239.1.1.1
  567. local src1=192.0.2.129
  568. local src2=192.0.2.130
  569. local src3=192.0.2.131
  570. local vtep_ip=198.51.100.100
  571. local all_zeros_grp=0.0.0.0
  572. echo
  573. echo "Control path: (*, G) operations - IPv4 overlay / IPv4 underlay"
  574. echo "--------------------------------------------------------------"
  575. star_g_common $ns1 $grp $src1 $src2 $src3 $vtep_ip $all_zeros_grp
  576. }
  577. star_g_ipv6_ipv4()
  578. {
  579. local ns1=$ns1_v4
  580. local grp=ff0e::1
  581. local src1=2001:db8:100::1
  582. local src2=2001:db8:100::2
  583. local src3=2001:db8:100::3
  584. local vtep_ip=198.51.100.100
  585. local all_zeros_grp=::
  586. echo
  587. echo "Control path: (*, G) operations - IPv6 overlay / IPv4 underlay"
  588. echo "--------------------------------------------------------------"
  589. star_g_common $ns1 $grp $src1 $src2 $src3 $vtep_ip $all_zeros_grp
  590. }
  591. star_g_ipv4_ipv6()
  592. {
  593. local ns1=$ns1_v6
  594. local grp=239.1.1.1
  595. local src1=192.0.2.129
  596. local src2=192.0.2.130
  597. local src3=192.0.2.131
  598. local vtep_ip=2001:db8:1000::1
  599. local all_zeros_grp=0.0.0.0
  600. echo
  601. echo "Control path: (*, G) operations - IPv4 overlay / IPv6 underlay"
  602. echo "--------------------------------------------------------------"
  603. star_g_common $ns1 $grp $src1 $src2 $src3 $vtep_ip $all_zeros_grp
  604. }
  605. star_g_ipv6_ipv6()
  606. {
  607. local ns1=$ns1_v6
  608. local grp=ff0e::1
  609. local src1=2001:db8:100::1
  610. local src2=2001:db8:100::2
  611. local src3=2001:db8:100::3
  612. local vtep_ip=2001:db8:1000::1
  613. local all_zeros_grp=::
  614. echo
  615. echo "Control path: (*, G) operations - IPv6 overlay / IPv6 underlay"
  616. echo "--------------------------------------------------------------"
  617. star_g_common $ns1 $grp $src1 $src2 $src3 $vtep_ip $all_zeros_grp
  618. }
  619. sg_common()
  620. {
  621. local ns1=$1; shift
  622. local grp=$1; shift
  623. local src=$1; shift
  624. local vtep_ip=$1; shift
  625. local all_zeros_grp=$1; shift
  626. # Test control path operations specific to (S, G) entries.
  627. # Default filter mode.
  628. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp src $src permanent dst $vtep_ip src_vni 10010"
  629. run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src src_vni 10010 | grep include"
  630. log_test $? 0 "(S, G) MDB entry default filter mode"
  631. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp src $src permanent dst $vtep_ip src_vni 10010"
  632. # Error cases.
  633. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp src $src permanent filter_mode include dst $vtep_ip src_vni 10010"
  634. log_test $? 255 "(S, G) with filter mode"
  635. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp src $src permanent source_list $src dst $vtep_ip src_vni 10010"
  636. log_test $? 255 "(S, G) with source list"
  637. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp src $grp permanent dst $vtep_ip src_vni 10010"
  638. log_test $? 255 "(S, G) with an invalid source list"
  639. run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $all_zeros_grp src $src permanent dst $vtep_ip src_vni 10010"
  640. log_test $? 255 "All-zeros group with source"
  641. }
  642. sg_ipv4_ipv4()
  643. {
  644. local ns1=$ns1_v4
  645. local grp=239.1.1.1
  646. local src=192.0.2.129
  647. local vtep_ip=198.51.100.100
  648. local all_zeros_grp=0.0.0.0
  649. echo
  650. echo "Control path: (S, G) operations - IPv4 overlay / IPv4 underlay"
  651. echo "--------------------------------------------------------------"
  652. sg_common $ns1 $grp $src $vtep_ip $all_zeros_grp
  653. }
  654. sg_ipv6_ipv4()
  655. {
  656. local ns1=$ns1_v4
  657. local grp=ff0e::1
  658. local src=2001:db8:100::1
  659. local vtep_ip=198.51.100.100
  660. local all_zeros_grp=::
  661. echo
  662. echo "Control path: (S, G) operations - IPv6 overlay / IPv4 underlay"
  663. echo "--------------------------------------------------------------"
  664. sg_common $ns1 $grp $src $vtep_ip $all_zeros_grp
  665. }
  666. sg_ipv4_ipv6()
  667. {
  668. local ns1=$ns1_v6
  669. local grp=239.1.1.1
  670. local src=192.0.2.129
  671. local vtep_ip=2001:db8:1000::1
  672. local all_zeros_grp=0.0.0.0
  673. echo
  674. echo "Control path: (S, G) operations - IPv4 overlay / IPv6 underlay"
  675. echo "--------------------------------------------------------------"
  676. sg_common $ns1 $grp $src $vtep_ip $all_zeros_grp
  677. }
  678. sg_ipv6_ipv6()
  679. {
  680. local ns1=$ns1_v6
  681. local grp=ff0e::1
  682. local src=2001:db8:100::1
  683. local vtep_ip=2001:db8:1000::1
  684. local all_zeros_grp=::
  685. echo
  686. echo "Control path: (S, G) operations - IPv6 overlay / IPv6 underlay"
  687. echo "--------------------------------------------------------------"
  688. sg_common $ns1 $grp $src $vtep_ip $all_zeros_grp
  689. }
  690. ipv4_grps_get()
  691. {
  692. local max_grps=$1; shift
  693. local i
  694. for i in $(seq 0 $((max_grps - 1))); do
  695. echo "239.1.1.$i"
  696. done
  697. }
  698. ipv6_grps_get()
  699. {
  700. local max_grps=$1; shift
  701. local i
  702. for i in $(seq 0 $((max_grps - 1))); do
  703. echo "ff0e::$(printf %x $i)"
  704. done
  705. }
  706. dump_common()
  707. {
  708. local ns1=$1; shift
  709. local local_addr=$1; shift
  710. local remote_prefix=$1; shift
  711. local fn=$1; shift
  712. local max_vxlan_devs=2
  713. local max_remotes=64
  714. local max_grps=256
  715. local num_entries
  716. local batch_file
  717. local grp
  718. local i j
  719. # The kernel maintains various markers for the MDB dump. Add a test for
  720. # large scale MDB dump to make sure that all the configured entries are
  721. # dumped and that the markers are used correctly.
  722. # Create net devices.
  723. for i in $(seq 1 $max_vxlan_devs); do
  724. ip -n $ns1 link add name vx-test${i} up type vxlan \
  725. local $local_addr dstport 4789 external vnifilter
  726. done
  727. # Create batch file with MDB entries.
  728. batch_file=$(mktemp)
  729. for i in $(seq 1 $max_vxlan_devs); do
  730. for j in $(seq 1 $max_remotes); do
  731. for grp in $($fn $max_grps); do
  732. echo "mdb add dev vx-test${i} port vx-test${i} grp $grp permanent dst ${remote_prefix}${j}" >> $batch_file
  733. done
  734. done
  735. done
  736. # Program the batch file and check for expected number of entries.
  737. bridge -n $ns1 -b $batch_file
  738. for i in $(seq 1 $max_vxlan_devs); do
  739. num_entries=$(bridge -n $ns1 mdb show dev vx-test${i} | grep "permanent" | wc -l)
  740. [[ $num_entries -eq $((max_grps * max_remotes)) ]]
  741. log_test $? 0 "Large scale dump - VXLAN device #$i"
  742. done
  743. rm -rf $batch_file
  744. }
  745. dump_ipv4_ipv4()
  746. {
  747. local ns1=$ns1_v4
  748. local local_addr=192.0.2.1
  749. local remote_prefix=198.51.100.
  750. local fn=ipv4_grps_get
  751. echo
  752. echo "Control path: Large scale MDB dump - IPv4 overlay / IPv4 underlay"
  753. echo "-----------------------------------------------------------------"
  754. dump_common $ns1 $local_addr $remote_prefix $fn
  755. }
  756. dump_ipv6_ipv4()
  757. {
  758. local ns1=$ns1_v4
  759. local local_addr=192.0.2.1
  760. local remote_prefix=198.51.100.
  761. local fn=ipv6_grps_get
  762. echo
  763. echo "Control path: Large scale MDB dump - IPv6 overlay / IPv4 underlay"
  764. echo "-----------------------------------------------------------------"
  765. dump_common $ns1 $local_addr $remote_prefix $fn
  766. }
  767. dump_ipv4_ipv6()
  768. {
  769. local ns1=$ns1_v6
  770. local local_addr=2001:db8:1::1
  771. local remote_prefix=2001:db8:1000::
  772. local fn=ipv4_grps_get
  773. echo
  774. echo "Control path: Large scale MDB dump - IPv4 overlay / IPv6 underlay"
  775. echo "-----------------------------------------------------------------"
  776. dump_common $ns1 $local_addr $remote_prefix $fn
  777. }
  778. dump_ipv6_ipv6()
  779. {
  780. local ns1=$ns1_v6
  781. local local_addr=2001:db8:1::1
  782. local remote_prefix=2001:db8:1000::
  783. local fn=ipv6_grps_get
  784. echo
  785. echo "Control path: Large scale MDB dump - IPv6 overlay / IPv6 underlay"
  786. echo "-----------------------------------------------------------------"
  787. dump_common $ns1 $local_addr $remote_prefix $fn
  788. }
  789. flush()
  790. {
  791. local num_entries
  792. echo
  793. echo "Control path: Flush"
  794. echo "-------------------"
  795. # Add entries with different attributes and check that they are all
  796. # flushed when the flush command is given with no parameters.
  797. # Different source VNI.
  798. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10010"
  799. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.2 permanent dst 198.51.100.1 src_vni 10011"
  800. # Different routing protocol.
  801. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.3 permanent proto bgp dst 198.51.100.1 src_vni 10010"
  802. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.4 permanent proto zebra dst 198.51.100.1 src_vni 10010"
  803. # Different destination IP.
  804. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.5 permanent dst 198.51.100.1 src_vni 10010"
  805. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.6 permanent dst 198.51.100.2 src_vni 10010"
  806. # Different destination port.
  807. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.7 permanent dst 198.51.100.1 dst_port 11111 src_vni 10010"
  808. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.8 permanent dst 198.51.100.1 dst_port 22222 src_vni 10010"
  809. # Different VNI.
  810. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.9 permanent dst 198.51.100.1 vni 10010 src_vni 10010"
  811. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.10 permanent dst 198.51.100.1 vni 10020 src_vni 10010"
  812. run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
  813. num_entries=$(bridge -n $ns1_v4 mdb show dev vx0 | wc -l)
  814. [[ $num_entries -eq 0 ]]
  815. log_test $? 0 "Flush all"
  816. # Check that entries are flushed when port is specified as the VXLAN
  817. # device and that an error is returned when port is specified as a
  818. # different net device.
  819. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10010"
  820. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.2 src_vni 10010"
  821. run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 port vx0"
  822. run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010"
  823. log_test $? 254 "Flush by port - matching"
  824. run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 port veth0"
  825. log_test $? 255 "Flush by port - non-matching"
  826. # Check that when flushing by source VNI only entries programmed with
  827. # the specified source VNI are flushed and the rest are not.
  828. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10010"
  829. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.2 src_vni 10010"
  830. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10011"
  831. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.2 src_vni 10011"
  832. run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 src_vni 10010"
  833. run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010"
  834. log_test $? 254 "Flush by source VNI - matching"
  835. run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10011"
  836. log_test $? 0 "Flush by source VNI - non-matching"
  837. run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
  838. # Check that all entries are flushed when "permanent" is specified and
  839. # that an error is returned when "nopermanent" is specified.
  840. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10010"
  841. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.2 src_vni 10010"
  842. run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 permanent"
  843. run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010"
  844. log_test $? 254 "Flush by \"permanent\" state"
  845. run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 nopermanent"
  846. log_test $? 255 "Flush by \"nopermanent\" state"
  847. # Check that when flushing by routing protocol only entries programmed
  848. # with the specified routing protocol are flushed and the rest are not.
  849. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent proto bgp dst 198.51.100.1 src_vni 10010"
  850. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent proto zebra dst 198.51.100.2 src_vni 10010"
  851. run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 proto bgp"
  852. run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep \"proto bgp\""
  853. log_test $? 1 "Flush by routing protocol - matching"
  854. run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep \"proto zebra\""
  855. log_test $? 0 "Flush by routing protocol - non-matching"
  856. run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
  857. # Check that when flushing by destination IP only entries programmed
  858. # with the specified destination IP are flushed and the rest are not.
  859. # IPv4.
  860. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10010"
  861. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.2 src_vni 10010"
  862. run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 dst 198.51.100.2"
  863. run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 198.51.100.2"
  864. log_test $? 1 "Flush by IPv4 destination IP - matching"
  865. run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 198.51.100.1"
  866. log_test $? 0 "Flush by IPv4 destination IP - non-matching"
  867. run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
  868. # IPv6.
  869. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 2001:db8:1000::1 src_vni 10010"
  870. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 2001:db8:1000::2 src_vni 10010"
  871. run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 dst 2001:db8:1000::2"
  872. run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 2001:db8:1000::2"
  873. log_test $? 1 "Flush by IPv6 destination IP - matching"
  874. run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 2001:db8:1000::1"
  875. log_test $? 0 "Flush by IPv6 destination IP - non-matching"
  876. run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
  877. # Check that when flushing by UDP destination port only entries
  878. # programmed with the specified port are flushed and the rest are not.
  879. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst_port 11111 dst 198.51.100.1 src_vni 10010"
  880. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst_port 22222 dst 198.51.100.2 src_vni 10010"
  881. run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 dst_port 11111"
  882. run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep \"dst_port 11111\""
  883. log_test $? 1 "Flush by UDP destination port - matching"
  884. run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep \"dst_port 22222\""
  885. log_test $? 0 "Flush by UDP destination port - non-matching"
  886. run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
  887. # When not specifying a UDP destination port for an entry, traffic is
  888. # encapsulated with the device's UDP destination port. Check that when
  889. # flushing by the device's UDP destination port only entries programmed
  890. # with this port are flushed and the rest are not.
  891. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10010"
  892. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst_port 22222 dst 198.51.100.2 src_vni 10010"
  893. run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 dst_port 4789"
  894. run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 198.51.100.1"
  895. log_test $? 1 "Flush by device's UDP destination port - matching"
  896. run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 198.51.100.2"
  897. log_test $? 0 "Flush by device's UDP destination port - non-matching"
  898. run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
  899. # Check that when flushing by destination VNI only entries programmed
  900. # with the specified destination VNI are flushed and the rest are not.
  901. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent vni 20010 dst 198.51.100.1 src_vni 10010"
  902. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent vni 20011 dst 198.51.100.2 src_vni 10010"
  903. run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 vni 20010"
  904. run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep \" vni 20010\""
  905. log_test $? 1 "Flush by destination VNI - matching"
  906. run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep \" vni 20011\""
  907. log_test $? 0 "Flush by destination VNI - non-matching"
  908. run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
  909. # When not specifying a destination VNI for an entry, traffic is
  910. # encapsulated with the source VNI. Check that when flushing by a
  911. # destination VNI that is equal to the source VNI only such entries are
  912. # flushed and the rest are not.
  913. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10010"
  914. run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent vni 20010 dst 198.51.100.2 src_vni 10010"
  915. run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 vni 10010"
  916. run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 198.51.100.1"
  917. log_test $? 1 "Flush by destination VNI equal to source VNI - matching"
  918. run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 198.51.100.2"
  919. log_test $? 0 "Flush by destination VNI equal to source VNI - non-matching"
  920. run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
  921. # Test that an error is returned when trying to flush using VLAN ID.
  922. run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 vid 10"
  923. log_test $? 255 "Flush by VLAN ID"
  924. }
  925. ################################################################################
  926. # Tests - Data path
  927. encap_params_common()
  928. {
  929. local ns1=$1; shift
  930. local ns2=$1; shift
  931. local vtep1_ip=$1; shift
  932. local vtep2_ip=$1; shift
  933. local plen=$1; shift
  934. local enc_ethtype=$1; shift
  935. local grp=$1; shift
  936. local grp_dmac=$1; shift
  937. local src=$1; shift
  938. local mz=$1; shift
  939. # Test that packets forwarded by the VXLAN MDB are encapsulated with
  940. # the correct parameters. Transmit packets from the first namespace and
  941. # check that they hit the corresponding filters on the ingress of the
  942. # second namespace.
  943. run_cmd "tc -n $ns2 qdisc replace dev veth0 clsact"
  944. run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
  945. run_cmd "ip -n $ns2 address replace $vtep1_ip/$plen dev lo"
  946. run_cmd "ip -n $ns2 address replace $vtep2_ip/$plen dev lo"
  947. # Check destination IP.
  948. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip src_vni 10010"
  949. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep2_ip src_vni 10020"
  950. run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $vtep1_ip action pass"
  951. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  952. tc_check_packets "$ns2" "dev vx0 ingress" 101 1
  953. log_test $? 0 "Destination IP - match"
  954. run_cmd "ip netns exec $ns1 $mz br0.20 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  955. tc_check_packets "$ns2" "dev vx0 ingress" 101 1
  956. log_test $? 0 "Destination IP - no match"
  957. run_cmd "tc -n $ns2 filter del dev vx0 ingress pref 1 handle 101 flower"
  958. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep2_ip src_vni 10020"
  959. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10010"
  960. # Check destination port.
  961. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip src_vni 10010"
  962. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip dst_port 1111 src_vni 10020"
  963. run_cmd "tc -n $ns2 filter replace dev veth0 ingress pref 1 handle 101 proto $enc_ethtype flower ip_proto udp dst_port 4789 action pass"
  964. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  965. tc_check_packets "$ns2" "dev veth0 ingress" 101 1
  966. log_test $? 0 "Default destination port - match"
  967. run_cmd "ip netns exec $ns1 $mz br0.20 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  968. tc_check_packets "$ns2" "dev veth0 ingress" 101 1
  969. log_test $? 0 "Default destination port - no match"
  970. run_cmd "tc -n $ns2 filter replace dev veth0 ingress pref 1 handle 101 proto $enc_ethtype flower ip_proto udp dst_port 1111 action pass"
  971. run_cmd "ip netns exec $ns1 $mz br0.20 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  972. tc_check_packets "$ns2" "dev veth0 ingress" 101 1
  973. log_test $? 0 "Non-default destination port - match"
  974. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  975. tc_check_packets "$ns2" "dev veth0 ingress" 101 1
  976. log_test $? 0 "Non-default destination port - no match"
  977. run_cmd "tc -n $ns2 filter del dev veth0 ingress pref 1 handle 101 flower"
  978. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10020"
  979. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10010"
  980. # Check default VNI.
  981. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip src_vni 10010"
  982. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip src_vni 10020"
  983. run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_key_id 10010 action pass"
  984. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  985. tc_check_packets "$ns2" "dev vx0 ingress" 101 1
  986. log_test $? 0 "Default destination VNI - match"
  987. run_cmd "ip netns exec $ns1 $mz br0.20 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  988. tc_check_packets "$ns2" "dev vx0 ingress" 101 1
  989. log_test $? 0 "Default destination VNI - no match"
  990. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip vni 10020 src_vni 10010"
  991. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip vni 10010 src_vni 10020"
  992. run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_key_id 10020 action pass"
  993. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  994. tc_check_packets "$ns2" "dev vx0 ingress" 101 1
  995. log_test $? 0 "Non-default destination VNI - match"
  996. run_cmd "ip netns exec $ns1 $mz br0.20 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  997. tc_check_packets "$ns2" "dev vx0 ingress" 101 1
  998. log_test $? 0 "Non-default destination VNI - no match"
  999. run_cmd "tc -n $ns2 filter del dev vx0 ingress pref 1 handle 101 flower"
  1000. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10020"
  1001. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10010"
  1002. }
  1003. encap_params_ipv4_ipv4()
  1004. {
  1005. local ns1=$ns1_v4
  1006. local ns2=$ns2_v4
  1007. local vtep1_ip=198.51.100.100
  1008. local vtep2_ip=198.51.100.200
  1009. local plen=32
  1010. local enc_ethtype="ip"
  1011. local grp=239.1.1.1
  1012. local grp_dmac=01:00:5e:01:01:01
  1013. local src=192.0.2.129
  1014. echo
  1015. echo "Data path: Encapsulation parameters - IPv4 overlay / IPv4 underlay"
  1016. echo "------------------------------------------------------------------"
  1017. encap_params_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $enc_ethtype \
  1018. $grp $grp_dmac $src "mausezahn"
  1019. }
  1020. encap_params_ipv6_ipv4()
  1021. {
  1022. local ns1=$ns1_v4
  1023. local ns2=$ns2_v4
  1024. local vtep1_ip=198.51.100.100
  1025. local vtep2_ip=198.51.100.200
  1026. local plen=32
  1027. local enc_ethtype="ip"
  1028. local grp=ff0e::1
  1029. local grp_dmac=33:33:00:00:00:01
  1030. local src=2001:db8:100::1
  1031. echo
  1032. echo "Data path: Encapsulation parameters - IPv6 overlay / IPv4 underlay"
  1033. echo "------------------------------------------------------------------"
  1034. encap_params_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $enc_ethtype \
  1035. $grp $grp_dmac $src "mausezahn -6"
  1036. }
  1037. encap_params_ipv4_ipv6()
  1038. {
  1039. local ns1=$ns1_v6
  1040. local ns2=$ns2_v6
  1041. local vtep1_ip=2001:db8:1000::1
  1042. local vtep2_ip=2001:db8:2000::1
  1043. local plen=128
  1044. local enc_ethtype="ipv6"
  1045. local grp=239.1.1.1
  1046. local grp_dmac=01:00:5e:01:01:01
  1047. local src=192.0.2.129
  1048. echo
  1049. echo "Data path: Encapsulation parameters - IPv4 overlay / IPv6 underlay"
  1050. echo "------------------------------------------------------------------"
  1051. encap_params_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $enc_ethtype \
  1052. $grp $grp_dmac $src "mausezahn"
  1053. }
  1054. encap_params_ipv6_ipv6()
  1055. {
  1056. local ns1=$ns1_v6
  1057. local ns2=$ns2_v6
  1058. local vtep1_ip=2001:db8:1000::1
  1059. local vtep2_ip=2001:db8:2000::1
  1060. local plen=128
  1061. local enc_ethtype="ipv6"
  1062. local grp=ff0e::1
  1063. local grp_dmac=33:33:00:00:00:01
  1064. local src=2001:db8:100::1
  1065. echo
  1066. echo "Data path: Encapsulation parameters - IPv6 overlay / IPv6 underlay"
  1067. echo "------------------------------------------------------------------"
  1068. encap_params_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $enc_ethtype \
  1069. $grp $grp_dmac $src "mausezahn -6"
  1070. }
  1071. starg_exclude_ir_common()
  1072. {
  1073. local ns1=$1; shift
  1074. local ns2=$1; shift
  1075. local vtep1_ip=$1; shift
  1076. local vtep2_ip=$1; shift
  1077. local plen=$1; shift
  1078. local grp=$1; shift
  1079. local grp_dmac=$1; shift
  1080. local valid_src=$1; shift
  1081. local invalid_src=$1; shift
  1082. local mz=$1; shift
  1083. # Install a (*, G) EXCLUDE MDB entry with one source and two remote
  1084. # VTEPs. Make sure that the source in the source list is not forwarded
  1085. # and that a source not in the list is forwarded. Remove one of the
  1086. # VTEPs from the entry and make sure that packets are only forwarded to
  1087. # the remaining VTEP.
  1088. run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
  1089. run_cmd "ip -n $ns2 address replace $vtep1_ip/$plen dev lo"
  1090. run_cmd "ip -n $ns2 address replace $vtep2_ip/$plen dev lo"
  1091. run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $vtep1_ip action pass"
  1092. run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 102 proto all flower enc_dst_ip $vtep2_ip action pass"
  1093. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $invalid_src dst $vtep1_ip src_vni 10010"
  1094. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $invalid_src dst $vtep2_ip src_vni 10010"
  1095. # Check that invalid source is not forwarded to any VTEP.
  1096. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1097. tc_check_packets "$ns2" "dev vx0 ingress" 101 0
  1098. log_test $? 0 "Block excluded source - first VTEP"
  1099. tc_check_packets "$ns2" "dev vx0 ingress" 102 0
  1100. log_test $? 0 "Block excluded source - second VTEP"
  1101. # Check that valid source is forwarded to both VTEPs.
  1102. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1103. tc_check_packets "$ns2" "dev vx0 ingress" 101 1
  1104. log_test $? 0 "Forward valid source - first VTEP"
  1105. tc_check_packets "$ns2" "dev vx0 ingress" 102 1
  1106. log_test $? 0 "Forward valid source - second VTEP"
  1107. # Remove second VTEP.
  1108. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep2_ip src_vni 10010"
  1109. # Check that invalid source is not forwarded to any VTEP.
  1110. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1111. tc_check_packets "$ns2" "dev vx0 ingress" 101 1
  1112. log_test $? 0 "Block excluded source after removal - first VTEP"
  1113. tc_check_packets "$ns2" "dev vx0 ingress" 102 1
  1114. log_test $? 0 "Block excluded source after removal - second VTEP"
  1115. # Check that valid source is forwarded to the remaining VTEP.
  1116. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1117. tc_check_packets "$ns2" "dev vx0 ingress" 101 2
  1118. log_test $? 0 "Forward valid source after removal - first VTEP"
  1119. tc_check_packets "$ns2" "dev vx0 ingress" 102 1
  1120. log_test $? 0 "Forward valid source after removal - second VTEP"
  1121. }
  1122. starg_exclude_ir_ipv4_ipv4()
  1123. {
  1124. local ns1=$ns1_v4
  1125. local ns2=$ns2_v4
  1126. local vtep1_ip=198.51.100.100
  1127. local vtep2_ip=198.51.100.200
  1128. local plen=32
  1129. local grp=239.1.1.1
  1130. local grp_dmac=01:00:5e:01:01:01
  1131. local valid_src=192.0.2.129
  1132. local invalid_src=192.0.2.145
  1133. echo
  1134. echo "Data path: (*, G) EXCLUDE - IR - IPv4 overlay / IPv4 underlay"
  1135. echo "-------------------------------------------------------------"
  1136. starg_exclude_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
  1137. $grp_dmac $valid_src $invalid_src "mausezahn"
  1138. }
  1139. starg_exclude_ir_ipv6_ipv4()
  1140. {
  1141. local ns1=$ns1_v4
  1142. local ns2=$ns2_v4
  1143. local vtep1_ip=198.51.100.100
  1144. local vtep2_ip=198.51.100.200
  1145. local plen=32
  1146. local grp=ff0e::1
  1147. local grp_dmac=33:33:00:00:00:01
  1148. local valid_src=2001:db8:100::1
  1149. local invalid_src=2001:db8:200::1
  1150. echo
  1151. echo "Data path: (*, G) EXCLUDE - IR - IPv6 overlay / IPv4 underlay"
  1152. echo "-------------------------------------------------------------"
  1153. starg_exclude_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
  1154. $grp_dmac $valid_src $invalid_src "mausezahn -6"
  1155. }
  1156. starg_exclude_ir_ipv4_ipv6()
  1157. {
  1158. local ns1=$ns1_v6
  1159. local ns2=$ns2_v6
  1160. local vtep1_ip=2001:db8:1000::1
  1161. local vtep2_ip=2001:db8:2000::1
  1162. local plen=128
  1163. local grp=239.1.1.1
  1164. local grp_dmac=01:00:5e:01:01:01
  1165. local valid_src=192.0.2.129
  1166. local invalid_src=192.0.2.145
  1167. echo
  1168. echo "Data path: (*, G) EXCLUDE - IR - IPv4 overlay / IPv6 underlay"
  1169. echo "-------------------------------------------------------------"
  1170. starg_exclude_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
  1171. $grp_dmac $valid_src $invalid_src "mausezahn"
  1172. }
  1173. starg_exclude_ir_ipv6_ipv6()
  1174. {
  1175. local ns1=$ns1_v6
  1176. local ns2=$ns2_v6
  1177. local vtep1_ip=2001:db8:1000::1
  1178. local vtep2_ip=2001:db8:2000::1
  1179. local plen=128
  1180. local grp=ff0e::1
  1181. local grp_dmac=33:33:00:00:00:01
  1182. local valid_src=2001:db8:100::1
  1183. local invalid_src=2001:db8:200::1
  1184. echo
  1185. echo "Data path: (*, G) EXCLUDE - IR - IPv6 overlay / IPv6 underlay"
  1186. echo "-------------------------------------------------------------"
  1187. starg_exclude_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
  1188. $grp_dmac $valid_src $invalid_src "mausezahn -6"
  1189. }
  1190. starg_include_ir_common()
  1191. {
  1192. local ns1=$1; shift
  1193. local ns2=$1; shift
  1194. local vtep1_ip=$1; shift
  1195. local vtep2_ip=$1; shift
  1196. local plen=$1; shift
  1197. local grp=$1; shift
  1198. local grp_dmac=$1; shift
  1199. local valid_src=$1; shift
  1200. local invalid_src=$1; shift
  1201. local mz=$1; shift
  1202. # Install a (*, G) INCLUDE MDB entry with one source and two remote
  1203. # VTEPs. Make sure that the source in the source list is forwarded and
  1204. # that a source not in the list is not forwarded. Remove one of the
  1205. # VTEPs from the entry and make sure that packets are only forwarded to
  1206. # the remaining VTEP.
  1207. run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
  1208. run_cmd "ip -n $ns2 address replace $vtep1_ip/$plen dev lo"
  1209. run_cmd "ip -n $ns2 address replace $vtep2_ip/$plen dev lo"
  1210. run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $vtep1_ip action pass"
  1211. run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 102 proto all flower enc_dst_ip $vtep2_ip action pass"
  1212. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode include source_list $valid_src dst $vtep1_ip src_vni 10010"
  1213. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode include source_list $valid_src dst $vtep2_ip src_vni 10010"
  1214. # Check that invalid source is not forwarded to any VTEP.
  1215. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1216. tc_check_packets "$ns2" "dev vx0 ingress" 101 0
  1217. log_test $? 0 "Block excluded source - first VTEP"
  1218. tc_check_packets "$ns2" "dev vx0 ingress" 102 0
  1219. log_test $? 0 "Block excluded source - second VTEP"
  1220. # Check that valid source is forwarded to both VTEPs.
  1221. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1222. tc_check_packets "$ns2" "dev vx0 ingress" 101 1
  1223. log_test $? 0 "Forward valid source - first VTEP"
  1224. tc_check_packets "$ns2" "dev vx0 ingress" 102 1
  1225. log_test $? 0 "Forward valid source - second VTEP"
  1226. # Remove second VTEP.
  1227. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep2_ip src_vni 10010"
  1228. # Check that invalid source is not forwarded to any VTEP.
  1229. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1230. tc_check_packets "$ns2" "dev vx0 ingress" 101 1
  1231. log_test $? 0 "Block excluded source after removal - first VTEP"
  1232. tc_check_packets "$ns2" "dev vx0 ingress" 102 1
  1233. log_test $? 0 "Block excluded source after removal - second VTEP"
  1234. # Check that valid source is forwarded to the remaining VTEP.
  1235. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1236. tc_check_packets "$ns2" "dev vx0 ingress" 101 2
  1237. log_test $? 0 "Forward valid source after removal - first VTEP"
  1238. tc_check_packets "$ns2" "dev vx0 ingress" 102 1
  1239. log_test $? 0 "Forward valid source after removal - second VTEP"
  1240. }
  1241. starg_include_ir_ipv4_ipv4()
  1242. {
  1243. local ns1=$ns1_v4
  1244. local ns2=$ns2_v4
  1245. local vtep1_ip=198.51.100.100
  1246. local vtep2_ip=198.51.100.200
  1247. local plen=32
  1248. local grp=239.1.1.1
  1249. local grp_dmac=01:00:5e:01:01:01
  1250. local valid_src=192.0.2.129
  1251. local invalid_src=192.0.2.145
  1252. echo
  1253. echo "Data path: (*, G) INCLUDE - IR - IPv4 overlay / IPv4 underlay"
  1254. echo "-------------------------------------------------------------"
  1255. starg_include_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
  1256. $grp_dmac $valid_src $invalid_src "mausezahn"
  1257. }
  1258. starg_include_ir_ipv6_ipv4()
  1259. {
  1260. local ns1=$ns1_v4
  1261. local ns2=$ns2_v4
  1262. local vtep1_ip=198.51.100.100
  1263. local vtep2_ip=198.51.100.200
  1264. local plen=32
  1265. local grp=ff0e::1
  1266. local grp_dmac=33:33:00:00:00:01
  1267. local valid_src=2001:db8:100::1
  1268. local invalid_src=2001:db8:200::1
  1269. echo
  1270. echo "Data path: (*, G) INCLUDE - IR - IPv6 overlay / IPv4 underlay"
  1271. echo "-------------------------------------------------------------"
  1272. starg_include_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
  1273. $grp_dmac $valid_src $invalid_src "mausezahn -6"
  1274. }
  1275. starg_include_ir_ipv4_ipv6()
  1276. {
  1277. local ns1=$ns1_v6
  1278. local ns2=$ns2_v6
  1279. local vtep1_ip=2001:db8:1000::1
  1280. local vtep2_ip=2001:db8:2000::1
  1281. local plen=128
  1282. local grp=239.1.1.1
  1283. local grp_dmac=01:00:5e:01:01:01
  1284. local valid_src=192.0.2.129
  1285. local invalid_src=192.0.2.145
  1286. echo
  1287. echo "Data path: (*, G) INCLUDE - IR - IPv4 overlay / IPv6 underlay"
  1288. echo "-------------------------------------------------------------"
  1289. starg_include_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
  1290. $grp_dmac $valid_src $invalid_src "mausezahn"
  1291. }
  1292. starg_include_ir_ipv6_ipv6()
  1293. {
  1294. local ns1=$ns1_v6
  1295. local ns2=$ns2_v6
  1296. local vtep1_ip=2001:db8:1000::1
  1297. local vtep2_ip=2001:db8:2000::1
  1298. local plen=128
  1299. local grp=ff0e::1
  1300. local grp_dmac=33:33:00:00:00:01
  1301. local valid_src=2001:db8:100::1
  1302. local invalid_src=2001:db8:200::1
  1303. echo
  1304. echo "Data path: (*, G) INCLUDE - IR - IPv6 overlay / IPv6 underlay"
  1305. echo "-------------------------------------------------------------"
  1306. starg_include_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
  1307. $grp_dmac $valid_src $invalid_src "mausezahn -6"
  1308. }
  1309. starg_exclude_p2mp_common()
  1310. {
  1311. local ns1=$1; shift
  1312. local ns2=$1; shift
  1313. local mcast_grp=$1; shift
  1314. local plen=$1; shift
  1315. local grp=$1; shift
  1316. local grp_dmac=$1; shift
  1317. local valid_src=$1; shift
  1318. local invalid_src=$1; shift
  1319. local mz=$1; shift
  1320. # Install a (*, G) EXCLUDE MDB entry with one source and one multicast
  1321. # group to which packets are sent. Make sure that the source in the
  1322. # source list is not forwarded and that a source not in the list is
  1323. # forwarded.
  1324. run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
  1325. run_cmd "ip -n $ns2 address replace $mcast_grp/$plen dev veth0 autojoin"
  1326. run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $mcast_grp action pass"
  1327. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $invalid_src dst $mcast_grp src_vni 10010 via veth0"
  1328. # Check that invalid source is not forwarded.
  1329. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1330. tc_check_packets "$ns2" "dev vx0 ingress" 101 0
  1331. log_test $? 0 "Block excluded source"
  1332. # Check that valid source is forwarded.
  1333. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1334. tc_check_packets "$ns2" "dev vx0 ingress" 101 1
  1335. log_test $? 0 "Forward valid source"
  1336. # Remove the VTEP from the multicast group.
  1337. run_cmd "ip -n $ns2 address del $mcast_grp/$plen dev veth0"
  1338. # Check that valid source is not received anymore.
  1339. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1340. tc_check_packets "$ns2" "dev vx0 ingress" 101 1
  1341. log_test $? 0 "Receive of valid source after removal from group"
  1342. }
  1343. starg_exclude_p2mp_ipv4_ipv4()
  1344. {
  1345. local ns1=$ns1_v4
  1346. local ns2=$ns2_v4
  1347. local mcast_grp=238.1.1.1
  1348. local plen=32
  1349. local grp=239.1.1.1
  1350. local grp_dmac=01:00:5e:01:01:01
  1351. local valid_src=192.0.2.129
  1352. local invalid_src=192.0.2.145
  1353. echo
  1354. echo "Data path: (*, G) EXCLUDE - P2MP - IPv4 overlay / IPv4 underlay"
  1355. echo "---------------------------------------------------------------"
  1356. starg_exclude_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp $grp_dmac \
  1357. $valid_src $invalid_src "mausezahn"
  1358. }
  1359. starg_exclude_p2mp_ipv6_ipv4()
  1360. {
  1361. local ns1=$ns1_v4
  1362. local ns2=$ns2_v4
  1363. local mcast_grp=238.1.1.1
  1364. local plen=32
  1365. local grp=ff0e::1
  1366. local grp_dmac=33:33:00:00:00:01
  1367. local valid_src=2001:db8:100::1
  1368. local invalid_src=2001:db8:200::1
  1369. echo
  1370. echo "Data path: (*, G) EXCLUDE - P2MP - IPv6 overlay / IPv4 underlay"
  1371. echo "---------------------------------------------------------------"
  1372. starg_exclude_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp $grp_dmac \
  1373. $valid_src $invalid_src "mausezahn -6"
  1374. }
  1375. starg_exclude_p2mp_ipv4_ipv6()
  1376. {
  1377. local ns1=$ns1_v6
  1378. local ns2=$ns2_v6
  1379. local mcast_grp=ff0e::2
  1380. local plen=128
  1381. local grp=239.1.1.1
  1382. local grp_dmac=01:00:5e:01:01:01
  1383. local valid_src=192.0.2.129
  1384. local invalid_src=192.0.2.145
  1385. echo
  1386. echo "Data path: (*, G) EXCLUDE - P2MP - IPv4 overlay / IPv6 underlay"
  1387. echo "---------------------------------------------------------------"
  1388. starg_exclude_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp $grp_dmac \
  1389. $valid_src $invalid_src "mausezahn"
  1390. }
  1391. starg_exclude_p2mp_ipv6_ipv6()
  1392. {
  1393. local ns1=$ns1_v6
  1394. local ns2=$ns2_v6
  1395. local mcast_grp=ff0e::2
  1396. local plen=128
  1397. local grp=ff0e::1
  1398. local grp_dmac=33:33:00:00:00:01
  1399. local valid_src=2001:db8:100::1
  1400. local invalid_src=2001:db8:200::1
  1401. echo
  1402. echo "Data path: (*, G) EXCLUDE - P2MP - IPv6 overlay / IPv6 underlay"
  1403. echo "---------------------------------------------------------------"
  1404. starg_exclude_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp $grp_dmac \
  1405. $valid_src $invalid_src "mausezahn -6"
  1406. }
  1407. starg_include_p2mp_common()
  1408. {
  1409. local ns1=$1; shift
  1410. local ns2=$1; shift
  1411. local mcast_grp=$1; shift
  1412. local plen=$1; shift
  1413. local grp=$1; shift
  1414. local grp_dmac=$1; shift
  1415. local valid_src=$1; shift
  1416. local invalid_src=$1; shift
  1417. local mz=$1; shift
  1418. # Install a (*, G) INCLUDE MDB entry with one source and one multicast
  1419. # group to which packets are sent. Make sure that the source in the
  1420. # source list is forwarded and that a source not in the list is not
  1421. # forwarded.
  1422. run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
  1423. run_cmd "ip -n $ns2 address replace $mcast_grp/$plen dev veth0 autojoin"
  1424. run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $mcast_grp action pass"
  1425. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode include source_list $valid_src dst $mcast_grp src_vni 10010 via veth0"
  1426. # Check that invalid source is not forwarded.
  1427. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1428. tc_check_packets "$ns2" "dev vx0 ingress" 101 0
  1429. log_test $? 0 "Block excluded source"
  1430. # Check that valid source is forwarded.
  1431. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1432. tc_check_packets "$ns2" "dev vx0 ingress" 101 1
  1433. log_test $? 0 "Forward valid source"
  1434. # Remove the VTEP from the multicast group.
  1435. run_cmd "ip -n $ns2 address del $mcast_grp/$plen dev veth0"
  1436. # Check that valid source is not received anymore.
  1437. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1438. tc_check_packets "$ns2" "dev vx0 ingress" 101 1
  1439. log_test $? 0 "Receive of valid source after removal from group"
  1440. }
  1441. starg_include_p2mp_ipv4_ipv4()
  1442. {
  1443. local ns1=$ns1_v4
  1444. local ns2=$ns2_v4
  1445. local mcast_grp=238.1.1.1
  1446. local plen=32
  1447. local grp=239.1.1.1
  1448. local grp_dmac=01:00:5e:01:01:01
  1449. local valid_src=192.0.2.129
  1450. local invalid_src=192.0.2.145
  1451. echo
  1452. echo "Data path: (*, G) INCLUDE - P2MP - IPv4 overlay / IPv4 underlay"
  1453. echo "---------------------------------------------------------------"
  1454. starg_include_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp $grp_dmac \
  1455. $valid_src $invalid_src "mausezahn"
  1456. }
  1457. starg_include_p2mp_ipv6_ipv4()
  1458. {
  1459. local ns1=$ns1_v4
  1460. local ns2=$ns2_v4
  1461. local mcast_grp=238.1.1.1
  1462. local plen=32
  1463. local grp=ff0e::1
  1464. local grp_dmac=33:33:00:00:00:01
  1465. local valid_src=2001:db8:100::1
  1466. local invalid_src=2001:db8:200::1
  1467. echo
  1468. echo "Data path: (*, G) INCLUDE - P2MP - IPv6 overlay / IPv4 underlay"
  1469. echo "---------------------------------------------------------------"
  1470. starg_include_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp $grp_dmac \
  1471. $valid_src $invalid_src "mausezahn -6"
  1472. }
  1473. starg_include_p2mp_ipv4_ipv6()
  1474. {
  1475. local ns1=$ns1_v6
  1476. local ns2=$ns2_v6
  1477. local mcast_grp=ff0e::2
  1478. local plen=128
  1479. local grp=239.1.1.1
  1480. local grp_dmac=01:00:5e:01:01:01
  1481. local valid_src=192.0.2.129
  1482. local invalid_src=192.0.2.145
  1483. echo
  1484. echo "Data path: (*, G) INCLUDE - P2MP - IPv4 overlay / IPv6 underlay"
  1485. echo "---------------------------------------------------------------"
  1486. starg_include_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp $grp_dmac \
  1487. $valid_src $invalid_src "mausezahn"
  1488. }
  1489. starg_include_p2mp_ipv6_ipv6()
  1490. {
  1491. local ns1=$ns1_v6
  1492. local ns2=$ns2_v6
  1493. local mcast_grp=ff0e::2
  1494. local plen=128
  1495. local grp=ff0e::1
  1496. local grp_dmac=33:33:00:00:00:01
  1497. local valid_src=2001:db8:100::1
  1498. local invalid_src=2001:db8:200::1
  1499. echo
  1500. echo "Data path: (*, G) INCLUDE - P2MP - IPv6 overlay / IPv6 underlay"
  1501. echo "---------------------------------------------------------------"
  1502. starg_include_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp $grp_dmac \
  1503. $valid_src $invalid_src "mausezahn -6"
  1504. }
  1505. egress_vni_translation_common()
  1506. {
  1507. local ns1=$1; shift
  1508. local ns2=$1; shift
  1509. local mcast_grp=$1; shift
  1510. local plen=$1; shift
  1511. local proto=$1; shift
  1512. local grp=$1; shift
  1513. local grp_dmac=$1; shift
  1514. local src=$1; shift
  1515. local mz=$1; shift
  1516. # When P2MP tunnels are used with optimized inter-subnet multicast
  1517. # (OISM) [1], the ingress VTEP does not perform VNI translation and
  1518. # uses the VNI of the source broadcast domain (BD). If the egress VTEP
  1519. # is a member in the source BD, then no VNI translation is needed.
  1520. # Otherwise, the egress VTEP needs to translate the VNI to the
  1521. # supplementary broadcast domain (SBD) VNI, which is usually the L3VNI.
  1522. #
  1523. # In this test, remove the VTEP in the second namespace from VLAN 10
  1524. # (VNI 10010) and make sure that a packet sent from this VLAN on the
  1525. # first VTEP is received by the SVI corresponding to the L3VNI (14000 /
  1526. # VLAN 4000) on the second VTEP.
  1527. #
  1528. # The second VTEP will be able to decapsulate the packet with VNI 10010
  1529. # because this VNI is configured on its shared VXLAN device. Later,
  1530. # when ingressing the bridge, the VNI to VLAN lookup will fail because
  1531. # the VTEP is not a member in VLAN 10, which will cause the packet to
  1532. # be tagged with VLAN 4000 since it is configured as PVID.
  1533. #
  1534. # [1] https://datatracker.ietf.org/doc/html/draft-ietf-bess-evpn-irb-mcast
  1535. run_cmd "tc -n $ns2 qdisc replace dev br0.4000 clsact"
  1536. run_cmd "ip -n $ns2 address replace $mcast_grp/$plen dev veth0 autojoin"
  1537. run_cmd "tc -n $ns2 filter replace dev br0.4000 ingress pref 1 handle 101 proto $proto flower src_ip $src dst_ip $grp action pass"
  1538. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp src $src permanent dst $mcast_grp src_vni 10010 via veth0"
  1539. # Remove the second VTEP from VLAN 10.
  1540. run_cmd "bridge -n $ns2 vlan del vid 10 dev vx0"
  1541. # Make sure that packets sent from the first VTEP over VLAN 10 are
  1542. # received by the SVI corresponding to the L3VNI (14000 / VLAN 4000) on
  1543. # the second VTEP, since it is configured as PVID.
  1544. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1545. tc_check_packets "$ns2" "dev br0.4000 ingress" 101 1
  1546. log_test $? 0 "Egress VNI translation - PVID configured"
  1547. # Remove PVID flag from VLAN 4000 on the second VTEP and make sure
  1548. # packets are no longer received by the SVI interface.
  1549. run_cmd "bridge -n $ns2 vlan add vid 4000 dev vx0"
  1550. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1551. tc_check_packets "$ns2" "dev br0.4000 ingress" 101 1
  1552. log_test $? 0 "Egress VNI translation - no PVID configured"
  1553. # Reconfigure the PVID and make sure packets are received again.
  1554. run_cmd "bridge -n $ns2 vlan add vid 4000 dev vx0 pvid"
  1555. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1556. tc_check_packets "$ns2" "dev br0.4000 ingress" 101 2
  1557. log_test $? 0 "Egress VNI translation - PVID reconfigured"
  1558. }
  1559. egress_vni_translation_ipv4_ipv4()
  1560. {
  1561. local ns1=$ns1_v4
  1562. local ns2=$ns2_v4
  1563. local mcast_grp=238.1.1.1
  1564. local plen=32
  1565. local proto="ipv4"
  1566. local grp=239.1.1.1
  1567. local grp_dmac=01:00:5e:01:01:01
  1568. local src=192.0.2.129
  1569. echo
  1570. echo "Data path: Egress VNI translation - IPv4 overlay / IPv4 underlay"
  1571. echo "----------------------------------------------------------------"
  1572. egress_vni_translation_common $ns1 $ns2 $mcast_grp $plen $proto $grp \
  1573. $grp_dmac $src "mausezahn"
  1574. }
  1575. egress_vni_translation_ipv6_ipv4()
  1576. {
  1577. local ns1=$ns1_v4
  1578. local ns2=$ns2_v4
  1579. local mcast_grp=238.1.1.1
  1580. local plen=32
  1581. local proto="ipv6"
  1582. local grp=ff0e::1
  1583. local grp_dmac=33:33:00:00:00:01
  1584. local src=2001:db8:100::1
  1585. echo
  1586. echo "Data path: Egress VNI translation - IPv6 overlay / IPv4 underlay"
  1587. echo "----------------------------------------------------------------"
  1588. egress_vni_translation_common $ns1 $ns2 $mcast_grp $plen $proto $grp \
  1589. $grp_dmac $src "mausezahn -6"
  1590. }
  1591. egress_vni_translation_ipv4_ipv6()
  1592. {
  1593. local ns1=$ns1_v6
  1594. local ns2=$ns2_v6
  1595. local mcast_grp=ff0e::2
  1596. local plen=128
  1597. local proto="ipv4"
  1598. local grp=239.1.1.1
  1599. local grp_dmac=01:00:5e:01:01:01
  1600. local src=192.0.2.129
  1601. echo
  1602. echo "Data path: Egress VNI translation - IPv4 overlay / IPv6 underlay"
  1603. echo "----------------------------------------------------------------"
  1604. egress_vni_translation_common $ns1 $ns2 $mcast_grp $plen $proto $grp \
  1605. $grp_dmac $src "mausezahn"
  1606. }
  1607. egress_vni_translation_ipv6_ipv6()
  1608. {
  1609. local ns1=$ns1_v6
  1610. local ns2=$ns2_v6
  1611. local mcast_grp=ff0e::2
  1612. local plen=128
  1613. local proto="ipv6"
  1614. local grp=ff0e::1
  1615. local grp_dmac=33:33:00:00:00:01
  1616. local src=2001:db8:100::1
  1617. echo
  1618. echo "Data path: Egress VNI translation - IPv6 overlay / IPv6 underlay"
  1619. echo "----------------------------------------------------------------"
  1620. egress_vni_translation_common $ns1 $ns2 $mcast_grp $plen $proto $grp \
  1621. $grp_dmac $src "mausezahn -6"
  1622. }
  1623. all_zeros_mdb_common()
  1624. {
  1625. local ns1=$1; shift
  1626. local ns2=$1; shift
  1627. local vtep1_ip=$1; shift
  1628. local vtep2_ip=$1; shift
  1629. local vtep3_ip=$1; shift
  1630. local vtep4_ip=$1; shift
  1631. local plen=$1; shift
  1632. local ipv4_grp=239.1.1.1
  1633. local ipv4_grp_dmac=01:00:5e:01:01:01
  1634. local ipv4_unreg_grp=239.2.2.2
  1635. local ipv4_unreg_grp_dmac=01:00:5e:02:02:02
  1636. local ipv4_ll_grp=224.0.0.100
  1637. local ipv4_ll_grp_dmac=01:00:5e:00:00:64
  1638. local ipv4_src=192.0.2.129
  1639. local ipv6_grp=ff0e::1
  1640. local ipv6_grp_dmac=33:33:00:00:00:01
  1641. local ipv6_unreg_grp=ff0e::2
  1642. local ipv6_unreg_grp_dmac=33:33:00:00:00:02
  1643. local ipv6_ll_grp=ff02::1
  1644. local ipv6_ll_grp_dmac=33:33:00:00:00:01
  1645. local ipv6_src=2001:db8:100::1
  1646. # Install all-zeros (catchall) MDB entries for IPv4 and IPv6 traffic
  1647. # and make sure they only forward unregistered IP multicast traffic
  1648. # which is not link-local. Also make sure that each entry only forwards
  1649. # traffic from the matching address family.
  1650. # Associate two different VTEPs with one all-zeros MDB entry: Two with
  1651. # the IPv4 entry (0.0.0.0) and another two with the IPv6 one (::).
  1652. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp 0.0.0.0 permanent dst $vtep1_ip src_vni 10010"
  1653. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp 0.0.0.0 permanent dst $vtep2_ip src_vni 10010"
  1654. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp :: permanent dst $vtep3_ip src_vni 10010"
  1655. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp :: permanent dst $vtep4_ip src_vni 10010"
  1656. # Associate one VTEP from each set with a regular MDB entry: One with
  1657. # an IPv4 entry and another with an IPv6 one.
  1658. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $ipv4_grp permanent dst $vtep1_ip src_vni 10010"
  1659. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $ipv6_grp permanent dst $vtep3_ip src_vni 10010"
  1660. # Add filters to match on decapsulated traffic in the second namespace.
  1661. run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
  1662. run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $vtep1_ip action pass"
  1663. run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 102 proto all flower enc_dst_ip $vtep2_ip action pass"
  1664. run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 103 proto all flower enc_dst_ip $vtep3_ip action pass"
  1665. run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 104 proto all flower enc_dst_ip $vtep4_ip action pass"
  1666. # Configure the VTEP addresses in the second namespace to enable
  1667. # decapsulation.
  1668. run_cmd "ip -n $ns2 address replace $vtep1_ip/$plen dev lo"
  1669. run_cmd "ip -n $ns2 address replace $vtep2_ip/$plen dev lo"
  1670. run_cmd "ip -n $ns2 address replace $vtep3_ip/$plen dev lo"
  1671. run_cmd "ip -n $ns2 address replace $vtep4_ip/$plen dev lo"
  1672. # Send registered IPv4 multicast and make sure it only arrives to the
  1673. # first VTEP.
  1674. run_cmd "ip netns exec $ns1 mausezahn br0.10 -a own -b $ipv4_grp_dmac -A $ipv4_src -B $ipv4_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1675. tc_check_packets "$ns2" "dev vx0 ingress" 101 1
  1676. log_test $? 0 "Registered IPv4 multicast - first VTEP"
  1677. tc_check_packets "$ns2" "dev vx0 ingress" 102 0
  1678. log_test $? 0 "Registered IPv4 multicast - second VTEP"
  1679. # Send unregistered IPv4 multicast that is not link-local and make sure
  1680. # it arrives to the first and second VTEPs.
  1681. run_cmd "ip netns exec $ns1 mausezahn br0.10 -a own -b $ipv4_unreg_grp_dmac -A $ipv4_src -B $ipv4_unreg_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1682. tc_check_packets "$ns2" "dev vx0 ingress" 101 2
  1683. log_test $? 0 "Unregistered IPv4 multicast - first VTEP"
  1684. tc_check_packets "$ns2" "dev vx0 ingress" 102 1
  1685. log_test $? 0 "Unregistered IPv4 multicast - second VTEP"
  1686. # Send IPv4 link-local multicast traffic and make sure it does not
  1687. # arrive to any VTEP.
  1688. run_cmd "ip netns exec $ns1 mausezahn br0.10 -a own -b $ipv4_ll_grp_dmac -A $ipv4_src -B $ipv4_ll_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1689. tc_check_packets "$ns2" "dev vx0 ingress" 101 2
  1690. log_test $? 0 "Link-local IPv4 multicast - first VTEP"
  1691. tc_check_packets "$ns2" "dev vx0 ingress" 102 1
  1692. log_test $? 0 "Link-local IPv4 multicast - second VTEP"
  1693. # Send registered IPv4 multicast using a unicast MAC address and make
  1694. # sure it does not arrive to any VTEP.
  1695. run_cmd "ip netns exec $ns1 mausezahn br0.10 -a own -b 00:11:22:33:44:55 -A $ipv4_src -B $ipv4_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1696. tc_check_packets "$ns2" "dev vx0 ingress" 101 2
  1697. log_test $? 0 "Registered IPv4 multicast with a unicast MAC - first VTEP"
  1698. tc_check_packets "$ns2" "dev vx0 ingress" 102 1
  1699. log_test $? 0 "Registered IPv4 multicast with a unicast MAC - second VTEP"
  1700. # Send registered IPv4 multicast using a broadcast MAC address and make
  1701. # sure it does not arrive to any VTEP.
  1702. run_cmd "ip netns exec $ns1 mausezahn br0.10 -a own -b bcast -A $ipv4_src -B $ipv4_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1703. tc_check_packets "$ns2" "dev vx0 ingress" 101 2
  1704. log_test $? 0 "Registered IPv4 multicast with a broadcast MAC - first VTEP"
  1705. tc_check_packets "$ns2" "dev vx0 ingress" 102 1
  1706. log_test $? 0 "Registered IPv4 multicast with a broadcast MAC - second VTEP"
  1707. # Make sure IPv4 traffic did not reach the VTEPs associated with
  1708. # IPv6 entries.
  1709. tc_check_packets "$ns2" "dev vx0 ingress" 103 0
  1710. log_test $? 0 "IPv4 traffic - third VTEP"
  1711. tc_check_packets "$ns2" "dev vx0 ingress" 104 0
  1712. log_test $? 0 "IPv4 traffic - fourth VTEP"
  1713. # Reset IPv4 filters before testing IPv6 traffic.
  1714. run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $vtep1_ip action pass"
  1715. run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 102 proto all flower enc_dst_ip $vtep2_ip action pass"
  1716. # Send registered IPv6 multicast and make sure it only arrives to the
  1717. # third VTEP.
  1718. run_cmd "ip netns exec $ns1 mausezahn -6 br0.10 -a own -b $ipv6_grp_dmac -A $ipv6_src -B $ipv6_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1719. tc_check_packets "$ns2" "dev vx0 ingress" 103 1
  1720. log_test $? 0 "Registered IPv6 multicast - third VTEP"
  1721. tc_check_packets "$ns2" "dev vx0 ingress" 104 0
  1722. log_test $? 0 "Registered IPv6 multicast - fourth VTEP"
  1723. # Send unregistered IPv6 multicast that is not link-local and make sure
  1724. # it arrives to the third and fourth VTEPs.
  1725. run_cmd "ip netns exec $ns1 mausezahn -6 br0.10 -a own -b $ipv6_unreg_grp_dmac -A $ipv6_src -B $ipv6_unreg_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1726. tc_check_packets "$ns2" "dev vx0 ingress" 103 2
  1727. log_test $? 0 "Unregistered IPv6 multicast - third VTEP"
  1728. tc_check_packets "$ns2" "dev vx0 ingress" 104 1
  1729. log_test $? 0 "Unregistered IPv6 multicast - fourth VTEP"
  1730. # Send IPv6 link-local multicast traffic and make sure it does not
  1731. # arrive to any VTEP.
  1732. run_cmd "ip netns exec $ns1 mausezahn -6 br0.10 -a own -b $ipv6_ll_grp_dmac -A $ipv6_src -B $ipv6_ll_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1733. tc_check_packets "$ns2" "dev vx0 ingress" 103 2
  1734. log_test $? 0 "Link-local IPv6 multicast - third VTEP"
  1735. tc_check_packets "$ns2" "dev vx0 ingress" 104 1
  1736. log_test $? 0 "Link-local IPv6 multicast - fourth VTEP"
  1737. # Send registered IPv6 multicast using a unicast MAC address and make
  1738. # sure it does not arrive to any VTEP.
  1739. run_cmd "ip netns exec $ns1 mausezahn -6 br0.10 -a own -b 00:11:22:33:44:55 -A $ipv6_src -B $ipv6_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1740. tc_check_packets "$ns2" "dev vx0 ingress" 103 2
  1741. log_test $? 0 "Registered IPv6 multicast with a unicast MAC - third VTEP"
  1742. tc_check_packets "$ns2" "dev vx0 ingress" 104 1
  1743. log_test $? 0 "Registered IPv6 multicast with a unicast MAC - fourth VTEP"
  1744. # Send registered IPv6 multicast using a broadcast MAC address and make
  1745. # sure it does not arrive to any VTEP.
  1746. run_cmd "ip netns exec $ns1 mausezahn -6 br0.10 -a own -b bcast -A $ipv6_src -B $ipv6_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1747. tc_check_packets "$ns2" "dev vx0 ingress" 103 2
  1748. log_test $? 0 "Registered IPv6 multicast with a broadcast MAC - third VTEP"
  1749. tc_check_packets "$ns2" "dev vx0 ingress" 104 1
  1750. log_test $? 0 "Registered IPv6 multicast with a broadcast MAC - fourth VTEP"
  1751. # Make sure IPv6 traffic did not reach the VTEPs associated with
  1752. # IPv4 entries.
  1753. tc_check_packets "$ns2" "dev vx0 ingress" 101 0
  1754. log_test $? 0 "IPv6 traffic - first VTEP"
  1755. tc_check_packets "$ns2" "dev vx0 ingress" 102 0
  1756. log_test $? 0 "IPv6 traffic - second VTEP"
  1757. }
  1758. all_zeros_mdb_ipv4()
  1759. {
  1760. local ns1=$ns1_v4
  1761. local ns2=$ns2_v4
  1762. local vtep1_ip=198.51.100.101
  1763. local vtep2_ip=198.51.100.102
  1764. local vtep3_ip=198.51.100.103
  1765. local vtep4_ip=198.51.100.104
  1766. local plen=32
  1767. echo
  1768. echo "Data path: All-zeros MDB entry - IPv4 underlay"
  1769. echo "----------------------------------------------"
  1770. all_zeros_mdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $vtep3_ip \
  1771. $vtep4_ip $plen
  1772. }
  1773. all_zeros_mdb_ipv6()
  1774. {
  1775. local ns1=$ns1_v6
  1776. local ns2=$ns2_v6
  1777. local vtep1_ip=2001:db8:1000::1
  1778. local vtep2_ip=2001:db8:2000::1
  1779. local vtep3_ip=2001:db8:3000::1
  1780. local vtep4_ip=2001:db8:4000::1
  1781. local plen=128
  1782. echo
  1783. echo "Data path: All-zeros MDB entry - IPv6 underlay"
  1784. echo "----------------------------------------------"
  1785. all_zeros_mdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $vtep3_ip \
  1786. $vtep4_ip $plen
  1787. }
  1788. mdb_fdb_common()
  1789. {
  1790. local ns1=$1; shift
  1791. local ns2=$1; shift
  1792. local vtep1_ip=$1; shift
  1793. local vtep2_ip=$1; shift
  1794. local plen=$1; shift
  1795. local proto=$1; shift
  1796. local grp=$1; shift
  1797. local grp_dmac=$1; shift
  1798. local src=$1; shift
  1799. local mz=$1; shift
  1800. # Install an MDB entry and an FDB entry and make sure that the FDB
  1801. # entry only forwards traffic that was not forwarded by the MDB.
  1802. # Associate the MDB entry with one VTEP and the FDB entry with another
  1803. # VTEP.
  1804. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip src_vni 10010"
  1805. run_cmd "bridge -n $ns1 fdb add 00:00:00:00:00:00 dev vx0 self static dst $vtep2_ip src_vni 10010"
  1806. # Add filters to match on decapsulated traffic in the second namespace.
  1807. run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
  1808. run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto $proto flower ip_proto udp dst_port 54321 enc_dst_ip $vtep1_ip action pass"
  1809. run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 102 proto $proto flower ip_proto udp dst_port 54321 enc_dst_ip $vtep2_ip action pass"
  1810. # Configure the VTEP addresses in the second namespace to enable
  1811. # decapsulation.
  1812. run_cmd "ip -n $ns2 address replace $vtep1_ip/$plen dev lo"
  1813. run_cmd "ip -n $ns2 address replace $vtep2_ip/$plen dev lo"
  1814. # Send IP multicast traffic and make sure it is forwarded by the MDB
  1815. # and only arrives to the first VTEP.
  1816. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1817. tc_check_packets "$ns2" "dev vx0 ingress" 101 1
  1818. log_test $? 0 "IP multicast - first VTEP"
  1819. tc_check_packets "$ns2" "dev vx0 ingress" 102 0
  1820. log_test $? 0 "IP multicast - second VTEP"
  1821. # Send broadcast traffic and make sure it is forwarded by the FDB and
  1822. # only arrives to the second VTEP.
  1823. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b bcast -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1824. tc_check_packets "$ns2" "dev vx0 ingress" 101 1
  1825. log_test $? 0 "Broadcast - first VTEP"
  1826. tc_check_packets "$ns2" "dev vx0 ingress" 102 1
  1827. log_test $? 0 "Broadcast - second VTEP"
  1828. # Remove the MDB entry and make sure that IP multicast is now forwarded
  1829. # by the FDB to the second VTEP.
  1830. run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10010"
  1831. run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
  1832. tc_check_packets "$ns2" "dev vx0 ingress" 101 1
  1833. log_test $? 0 "IP multicast after removal - first VTEP"
  1834. tc_check_packets "$ns2" "dev vx0 ingress" 102 2
  1835. log_test $? 0 "IP multicast after removal - second VTEP"
  1836. }
  1837. mdb_fdb_ipv4_ipv4()
  1838. {
  1839. local ns1=$ns1_v4
  1840. local ns2=$ns2_v4
  1841. local vtep1_ip=198.51.100.100
  1842. local vtep2_ip=198.51.100.200
  1843. local plen=32
  1844. local proto="ipv4"
  1845. local grp=239.1.1.1
  1846. local grp_dmac=01:00:5e:01:01:01
  1847. local src=192.0.2.129
  1848. echo
  1849. echo "Data path: MDB with FDB - IPv4 overlay / IPv4 underlay"
  1850. echo "------------------------------------------------------"
  1851. mdb_fdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $proto $grp \
  1852. $grp_dmac $src "mausezahn"
  1853. }
  1854. mdb_fdb_ipv6_ipv4()
  1855. {
  1856. local ns1=$ns1_v4
  1857. local ns2=$ns2_v4
  1858. local vtep1_ip=198.51.100.100
  1859. local vtep2_ip=198.51.100.200
  1860. local plen=32
  1861. local proto="ipv6"
  1862. local grp=ff0e::1
  1863. local grp_dmac=33:33:00:00:00:01
  1864. local src=2001:db8:100::1
  1865. echo
  1866. echo "Data path: MDB with FDB - IPv6 overlay / IPv4 underlay"
  1867. echo "------------------------------------------------------"
  1868. mdb_fdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $proto $grp \
  1869. $grp_dmac $src "mausezahn -6"
  1870. }
  1871. mdb_fdb_ipv4_ipv6()
  1872. {
  1873. local ns1=$ns1_v6
  1874. local ns2=$ns2_v6
  1875. local vtep1_ip=2001:db8:1000::1
  1876. local vtep2_ip=2001:db8:2000::1
  1877. local plen=128
  1878. local proto="ipv4"
  1879. local grp=239.1.1.1
  1880. local grp_dmac=01:00:5e:01:01:01
  1881. local src=192.0.2.129
  1882. echo
  1883. echo "Data path: MDB with FDB - IPv4 overlay / IPv6 underlay"
  1884. echo "------------------------------------------------------"
  1885. mdb_fdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $proto $grp \
  1886. $grp_dmac $src "mausezahn"
  1887. }
  1888. mdb_fdb_ipv6_ipv6()
  1889. {
  1890. local ns1=$ns1_v6
  1891. local ns2=$ns2_v6
  1892. local vtep1_ip=2001:db8:1000::1
  1893. local vtep2_ip=2001:db8:2000::1
  1894. local plen=128
  1895. local proto="ipv6"
  1896. local grp=ff0e::1
  1897. local grp_dmac=33:33:00:00:00:01
  1898. local src=2001:db8:100::1
  1899. echo
  1900. echo "Data path: MDB with FDB - IPv6 overlay / IPv6 underlay"
  1901. echo "------------------------------------------------------"
  1902. mdb_fdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $proto $grp \
  1903. $grp_dmac $src "mausezahn -6"
  1904. }
  1905. mdb_grp1_loop()
  1906. {
  1907. local ns1=$1; shift
  1908. local vtep1_ip=$1; shift
  1909. local grp1=$1; shift
  1910. while true; do
  1911. bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp1 dst $vtep1_ip src_vni 10010
  1912. bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp1 permanent dst $vtep1_ip src_vni 10010
  1913. done >/dev/null 2>&1
  1914. }
  1915. mdb_grp2_loop()
  1916. {
  1917. local ns1=$1; shift
  1918. local vtep1_ip=$1; shift
  1919. local vtep2_ip=$1; shift
  1920. local grp2=$1; shift
  1921. while true; do
  1922. bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp2 dst $vtep1_ip src_vni 10010
  1923. bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp2 permanent dst $vtep1_ip src_vni 10010
  1924. bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp2 permanent dst $vtep2_ip src_vni 10010
  1925. done >/dev/null 2>&1
  1926. }
  1927. mdb_torture_common()
  1928. {
  1929. local ns1=$1; shift
  1930. local vtep1_ip=$1; shift
  1931. local vtep2_ip=$1; shift
  1932. local grp1=$1; shift
  1933. local grp1_dmac=$1; shift
  1934. local grp2=$1; shift
  1935. local grp2_dmac=$1; shift
  1936. local src=$1; shift
  1937. local mz=$1; shift
  1938. local pid1
  1939. local pid2
  1940. local pid3
  1941. local pid4
  1942. # Continuously send two streams that are forwarded by two different MDB
  1943. # entries. The first entry will be added and deleted in a loop. This
  1944. # allows us to test that the data path does not use freed MDB entry
  1945. # memory. The second entry will have two remotes, one that is added and
  1946. # deleted in a loop and another that is replaced in a loop. This allows
  1947. # us to test that the data path does not use freed remote entry memory.
  1948. # The test is considered successful if nothing crashed.
  1949. # Create the MDB entries that will be continuously deleted / replaced.
  1950. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp1 permanent dst $vtep1_ip src_vni 10010"
  1951. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp2 permanent dst $vtep1_ip src_vni 10010"
  1952. run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp2 permanent dst $vtep2_ip src_vni 10010"
  1953. mdb_grp1_loop $ns1 $vtep1_ip $grp1 &
  1954. pid1=$!
  1955. mdb_grp2_loop $ns1 $vtep1_ip $vtep2_ip $grp2 &
  1956. pid2=$!
  1957. ip netns exec $ns1 $mz br0.10 -a own -b $grp1_dmac -A $src -B $grp1 -t udp sp=12345,dp=54321 -p 100 -c 0 -q &
  1958. pid3=$!
  1959. ip netns exec $ns1 $mz br0.10 -a own -b $grp2_dmac -A $src -B $grp2 -t udp sp=12345,dp=54321 -p 100 -c 0 -q &
  1960. pid4=$!
  1961. sleep 30
  1962. kill -9 $pid1 $pid2 $pid3 $pid4
  1963. wait $pid1 $pid2 $pid3 $pid4 2>/dev/null
  1964. log_test 0 0 "Torture test"
  1965. }
  1966. mdb_torture_ipv4_ipv4()
  1967. {
  1968. local ns1=$ns1_v4
  1969. local vtep1_ip=198.51.100.100
  1970. local vtep2_ip=198.51.100.200
  1971. local grp1=239.1.1.1
  1972. local grp1_dmac=01:00:5e:01:01:01
  1973. local grp2=239.2.2.2
  1974. local grp2_dmac=01:00:5e:02:02:02
  1975. local src=192.0.2.129
  1976. echo
  1977. echo "Data path: MDB torture test - IPv4 overlay / IPv4 underlay"
  1978. echo "----------------------------------------------------------"
  1979. mdb_torture_common $ns1 $vtep1_ip $vtep2_ip $grp1 $grp1_dmac $grp2 \
  1980. $grp2_dmac $src "mausezahn"
  1981. }
  1982. mdb_torture_ipv6_ipv4()
  1983. {
  1984. local ns1=$ns1_v4
  1985. local vtep1_ip=198.51.100.100
  1986. local vtep2_ip=198.51.100.200
  1987. local grp1=ff0e::1
  1988. local grp1_dmac=33:33:00:00:00:01
  1989. local grp2=ff0e::2
  1990. local grp2_dmac=33:33:00:00:00:02
  1991. local src=2001:db8:100::1
  1992. echo
  1993. echo "Data path: MDB torture test - IPv6 overlay / IPv4 underlay"
  1994. echo "----------------------------------------------------------"
  1995. mdb_torture_common $ns1 $vtep1_ip $vtep2_ip $grp1 $grp1_dmac $grp2 \
  1996. $grp2_dmac $src "mausezahn -6"
  1997. }
  1998. mdb_torture_ipv4_ipv6()
  1999. {
  2000. local ns1=$ns1_v6
  2001. local vtep1_ip=2001:db8:1000::1
  2002. local vtep2_ip=2001:db8:2000::1
  2003. local grp1=239.1.1.1
  2004. local grp1_dmac=01:00:5e:01:01:01
  2005. local grp2=239.2.2.2
  2006. local grp2_dmac=01:00:5e:02:02:02
  2007. local src=192.0.2.129
  2008. echo
  2009. echo "Data path: MDB torture test - IPv4 overlay / IPv6 underlay"
  2010. echo "----------------------------------------------------------"
  2011. mdb_torture_common $ns1 $vtep1_ip $vtep2_ip $grp1 $grp1_dmac $grp2 \
  2012. $grp2_dmac $src "mausezahn"
  2013. }
  2014. mdb_torture_ipv6_ipv6()
  2015. {
  2016. local ns1=$ns1_v6
  2017. local vtep1_ip=2001:db8:1000::1
  2018. local vtep2_ip=2001:db8:2000::1
  2019. local grp1=ff0e::1
  2020. local grp1_dmac=33:33:00:00:00:01
  2021. local grp2=ff0e::2
  2022. local grp2_dmac=33:33:00:00:00:02
  2023. local src=2001:db8:100::1
  2024. echo
  2025. echo "Data path: MDB torture test - IPv6 overlay / IPv6 underlay"
  2026. echo "----------------------------------------------------------"
  2027. mdb_torture_common $ns1 $vtep1_ip $vtep2_ip $grp1 $grp1_dmac $grp2 \
  2028. $grp2_dmac $src "mausezahn -6"
  2029. }
  2030. ################################################################################
  2031. # Usage
  2032. usage()
  2033. {
  2034. cat <<EOF
  2035. usage: ${0##*/} OPTS
  2036. -t <test> Test(s) to run (default: all)
  2037. (options: $TESTS)
  2038. -c Control path tests only
  2039. -d Data path tests only
  2040. -p Pause on fail
  2041. -P Pause after each test before cleanup
  2042. -v Verbose mode (show commands and output)
  2043. EOF
  2044. }
  2045. ################################################################################
  2046. # Main
  2047. trap cleanup EXIT
  2048. while getopts ":t:cdpPvh" opt; do
  2049. case $opt in
  2050. t) TESTS=$OPTARG;;
  2051. c) TESTS=${CONTROL_PATH_TESTS};;
  2052. d) TESTS=${DATA_PATH_TESTS};;
  2053. p) PAUSE_ON_FAIL=yes;;
  2054. P) PAUSE=yes;;
  2055. v) VERBOSE=$(($VERBOSE + 1));;
  2056. h) usage; exit 0;;
  2057. *) usage; exit 1;;
  2058. esac
  2059. done
  2060. # Make sure we don't pause twice.
  2061. [ "${PAUSE}" = "yes" ] && PAUSE_ON_FAIL=no
  2062. if [ "$(id -u)" -ne 0 ];then
  2063. echo "SKIP: Need root privileges"
  2064. exit $ksft_skip;
  2065. fi
  2066. if [ ! -x "$(command -v ip)" ]; then
  2067. echo "SKIP: Could not run test without ip tool"
  2068. exit $ksft_skip
  2069. fi
  2070. if [ ! -x "$(command -v bridge)" ]; then
  2071. echo "SKIP: Could not run test without bridge tool"
  2072. exit $ksft_skip
  2073. fi
  2074. if [ ! -x "$(command -v mausezahn)" ]; then
  2075. echo "SKIP: Could not run test without mausezahn tool"
  2076. exit $ksft_skip
  2077. fi
  2078. if [ ! -x "$(command -v jq)" ]; then
  2079. echo "SKIP: Could not run test without jq tool"
  2080. exit $ksft_skip
  2081. fi
  2082. bridge mdb help 2>&1 | grep -q "flush"
  2083. if [ $? -ne 0 ]; then
  2084. echo "SKIP: iproute2 bridge too old, missing VXLAN MDB flush support"
  2085. exit $ksft_skip
  2086. fi
  2087. # Start clean.
  2088. cleanup
  2089. for t in $TESTS
  2090. do
  2091. setup; $t; cleanup;
  2092. done
  2093. if [ "$TESTS" != "none" ]; then
  2094. printf "\nTests passed: %3d\n" ${nsuccess}
  2095. printf "Tests failed: %3d\n" ${nfail}
  2096. fi
  2097. exit $ret