test_vxlan_nh.sh 5.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223
  1. #!/bin/bash
  2. # SPDX-License-Identifier: GPL-2.0
  3. source lib.sh
  4. TESTS="
  5. basic_tx_ipv4
  6. basic_tx_ipv6
  7. learning
  8. proxy_ipv4
  9. proxy_ipv6
  10. "
  11. VERBOSE=0
  12. ################################################################################
  13. # Utilities
  14. run_cmd()
  15. {
  16. local cmd="$1"
  17. local out
  18. local stderr="2>/dev/null"
  19. if [ "$VERBOSE" = "1" ]; then
  20. echo "COMMAND: $cmd"
  21. stderr=
  22. fi
  23. out=$(eval "$cmd" "$stderr")
  24. rc=$?
  25. if [ "$VERBOSE" -eq 1 ] && [ -n "$out" ]; then
  26. echo " $out"
  27. fi
  28. return $rc
  29. }
  30. ################################################################################
  31. # Cleanup
  32. exit_cleanup_all()
  33. {
  34. cleanup_all_ns
  35. exit "${EXIT_STATUS}"
  36. }
  37. ################################################################################
  38. # Tests
  39. nh_stats_get()
  40. {
  41. ip -n "$ns1" -s -j nexthop show id 10 | jq ".[][\"group_stats\"][][\"packets\"]"
  42. }
  43. tc_stats_get()
  44. {
  45. tc_rule_handle_stats_get "dev dummy1 egress" 101 ".packets" "-n $ns1"
  46. }
  47. basic_tx_common()
  48. {
  49. local af_str=$1; shift
  50. local proto=$1; shift
  51. local local_addr=$1; shift
  52. local plen=$1; shift
  53. local remote_addr=$1; shift
  54. RET=0
  55. # Test basic Tx functionality. Check that stats are incremented on
  56. # both the FDB nexthop group and the egress device.
  57. run_cmd "ip -n $ns1 link add name dummy1 up type dummy"
  58. run_cmd "ip -n $ns1 route add $remote_addr/$plen dev dummy1"
  59. run_cmd "tc -n $ns1 qdisc add dev dummy1 clsact"
  60. run_cmd "tc -n $ns1 filter add dev dummy1 egress proto $proto pref 1 handle 101 flower ip_proto udp dst_ip $remote_addr dst_port 4789 action pass"
  61. run_cmd "ip -n $ns1 address add $local_addr/$plen dev lo"
  62. run_cmd "ip -n $ns1 nexthop add id 1 via $remote_addr fdb"
  63. run_cmd "ip -n $ns1 nexthop add id 10 group 1 fdb"
  64. run_cmd "ip -n $ns1 link add name vx0 up type vxlan id 10010 local $local_addr dstport 4789"
  65. run_cmd "bridge -n $ns1 fdb add 00:11:22:33:44:55 dev vx0 self static nhid 10"
  66. run_cmd "ip netns exec $ns1 mausezahn vx0 -a own -b 00:11:22:33:44:55 -c 1 -q"
  67. busywait "$BUSYWAIT_TIMEOUT" until_counter_is "== 1" nh_stats_get > /dev/null
  68. check_err $? "FDB nexthop group stats did not increase"
  69. busywait "$BUSYWAIT_TIMEOUT" until_counter_is "== 1" tc_stats_get > /dev/null
  70. check_err $? "tc filter stats did not increase"
  71. log_test "VXLAN FDB nexthop: $af_str basic Tx"
  72. }
  73. basic_tx_ipv4()
  74. {
  75. basic_tx_common "IPv4" ipv4 192.0.2.1 32 192.0.2.2
  76. }
  77. basic_tx_ipv6()
  78. {
  79. basic_tx_common "IPv6" ipv6 2001:db8:1::1 128 2001:db8:1::2
  80. }
  81. learning()
  82. {
  83. RET=0
  84. # When learning is enabled on the VXLAN device, an incoming packet
  85. # might try to refresh an FDB entry that points to an FDB nexthop group
  86. # instead of an ordinary remote destination. Check that the kernel does
  87. # not crash in this situation.
  88. run_cmd "ip -n $ns1 address add 192.0.2.1/32 dev lo"
  89. run_cmd "ip -n $ns1 address add 192.0.2.2/32 dev lo"
  90. run_cmd "ip -n $ns1 nexthop add id 1 via 192.0.2.3 fdb"
  91. run_cmd "ip -n $ns1 nexthop add id 10 group 1 fdb"
  92. run_cmd "ip -n $ns1 link add name vx0 up type vxlan id 10010 local 192.0.2.1 dstport 12345 localbypass"
  93. run_cmd "ip -n $ns1 link add name vx1 up type vxlan id 10020 local 192.0.2.2 dstport 54321 learning"
  94. run_cmd "bridge -n $ns1 fdb add 00:11:22:33:44:55 dev vx0 self static dst 192.0.2.2 port 54321 vni 10020"
  95. run_cmd "bridge -n $ns1 fdb add 00:aa:bb:cc:dd:ee dev vx1 self static nhid 10"
  96. run_cmd "ip netns exec $ns1 mausezahn vx0 -a 00:aa:bb:cc:dd:ee -b 00:11:22:33:44:55 -c 1 -q"
  97. log_test "VXLAN FDB nexthop: learning"
  98. }
  99. proxy_common()
  100. {
  101. local af_str=$1; shift
  102. local local_addr=$1; shift
  103. local plen=$1; shift
  104. local remote_addr=$1; shift
  105. local neigh_addr=$1; shift
  106. local ping_cmd=$1; shift
  107. RET=0
  108. # When the "proxy" option is enabled on the VXLAN device, the device
  109. # will suppress ARP requests and IPv6 Neighbor Solicitation messages if
  110. # it is able to reply on behalf of the remote host. That is, if a
  111. # matching and valid neighbor entry is configured on the VXLAN device
  112. # whose MAC address is not behind the "any" remote (0.0.0.0 / ::). The
  113. # FDB entry for the neighbor's MAC address might point to an FDB
  114. # nexthop group instead of an ordinary remote destination. Check that
  115. # the kernel does not crash in this situation.
  116. run_cmd "ip -n $ns1 address add $local_addr/$plen dev lo"
  117. run_cmd "ip -n $ns1 nexthop add id 1 via $remote_addr fdb"
  118. run_cmd "ip -n $ns1 nexthop add id 10 group 1 fdb"
  119. run_cmd "ip -n $ns1 link add name vx0 up type vxlan id 10010 local $local_addr dstport 4789 proxy"
  120. run_cmd "ip -n $ns1 neigh add $neigh_addr lladdr 00:11:22:33:44:55 nud perm dev vx0"
  121. run_cmd "bridge -n $ns1 fdb add 00:11:22:33:44:55 dev vx0 self static nhid 10"
  122. run_cmd "ip netns exec $ns1 $ping_cmd"
  123. log_test "VXLAN FDB nexthop: $af_str proxy"
  124. }
  125. proxy_ipv4()
  126. {
  127. proxy_common "IPv4" 192.0.2.1 32 192.0.2.2 192.0.2.3 \
  128. "arping -b -c 1 -s 192.0.2.1 -I vx0 192.0.2.3"
  129. }
  130. proxy_ipv6()
  131. {
  132. proxy_common "IPv6" 2001:db8:1::1 128 2001:db8:1::2 2001:db8:1::3 \
  133. "ndisc6 -r 1 -s 2001:db8:1::1 -w 1 2001:db8:1::3 vx0"
  134. }
  135. ################################################################################
  136. # Usage
  137. usage()
  138. {
  139. cat <<EOF
  140. usage: ${0##*/} OPTS
  141. -t <test> Test(s) to run (default: all)
  142. (options: $TESTS)
  143. -p Pause on fail
  144. -v Verbose mode (show commands and output)
  145. EOF
  146. }
  147. ################################################################################
  148. # Main
  149. while getopts ":t:pvh" opt; do
  150. case $opt in
  151. t) TESTS=$OPTARG;;
  152. p) PAUSE_ON_FAIL=yes;;
  153. v) VERBOSE=$((VERBOSE + 1));;
  154. h) usage; exit 0;;
  155. *) usage; exit 1;;
  156. esac
  157. done
  158. require_command mausezahn
  159. require_command arping
  160. require_command ndisc6
  161. require_command jq
  162. if ! ip nexthop help 2>&1 | grep -q "stats"; then
  163. echo "SKIP: iproute2 ip too old, missing nexthop stats support"
  164. exit "$ksft_skip"
  165. fi
  166. trap exit_cleanup_all EXIT
  167. for t in $TESTS
  168. do
  169. setup_ns ns1; $t; cleanup_all_ns;
  170. done