mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2026-05-14 21:38:46 +02:00
Ido Schimmel
d7bd61fa02
Test that after changing the remote address of an ip6gre net device traffic is forwarded as expected. Test with both flat and hierarchical topologies and with and without an input / output keys. Signed-off-by: Ido Schimmel <idosch@nvidia.com> Reviewed-by: Petr Machata <petrm@nvidia.com> Signed-off-by: Petr Machata <petrm@nvidia.com> Link: https://patch.msgid.link/02b05246d2cdada0cf2fccffc0faa8a424d0f51b.1729866134.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
519 lines
16 KiB
Bash
519 lines
16 KiB
Bash
# SPDX-License-Identifier: GPL-2.0
|
|
#!/bin/bash
|
|
|
|
# Handles creation and destruction of IP-in-IP or GRE tunnels over the given
|
|
# topology. Supports both flat and hierarchical models.
|
|
#
|
|
# Flat Model:
|
|
# Overlay and underlay share the same VRF.
|
|
# SW1 uses default VRF so tunnel has no bound dev.
|
|
# SW2 uses non-default VRF tunnel has a bound dev.
|
|
# +--------------------------------+
|
|
# | H1 |
|
|
# | $h1 + |
|
|
# | 198.51.100.1/24 | |
|
|
# | 2001:db8:1::1/64 | |
|
|
# +-------------------------|------+
|
|
# |
|
|
# +-------------------------|-------------------+
|
|
# | SW1 | |
|
|
# | $ol1 + |
|
|
# | 198.51.100.2/24 |
|
|
# | 2001:db8:1::2/64 |
|
|
# | |
|
|
# | + g1a (ip6gre) |
|
|
# | loc=2001:db8:3::1 |
|
|
# | rem=2001:db8:3::2 --. |
|
|
# | tos=inherit | |
|
|
# | . |
|
|
# | .--------------------- |
|
|
# | | |
|
|
# | v |
|
|
# | + $ul1.111 (vlan) |
|
|
# | | 2001:db8:10::1/64 |
|
|
# | \ |
|
|
# | \____________ |
|
|
# | | |
|
|
# | VRF default + $ul1 |
|
|
# +---------------------|-----------------------+
|
|
# |
|
|
# +---------------------|-----------------------+
|
|
# | SW2 | |
|
|
# | $ul2 + |
|
|
# | ___________| |
|
|
# | / |
|
|
# | / |
|
|
# | + $ul2.111 (vlan) |
|
|
# | ^ 2001:db8:10::2/64 |
|
|
# | | |
|
|
# | | |
|
|
# | '----------------------. |
|
|
# | + g2a (ip6gre) | |
|
|
# | loc=2001:db8:3::2 | |
|
|
# | rem=2001:db8:3::1 --' |
|
|
# | tos=inherit |
|
|
# | |
|
|
# | + $ol2 |
|
|
# | | 203.0.113.2/24 |
|
|
# | VRF v$ol2 | 2001:db8:2::2/64 |
|
|
# +---------------------|-----------------------+
|
|
# +---------------------|----------+
|
|
# | H2 | |
|
|
# | $h2 + |
|
|
# | 203.0.113.1/24 |
|
|
# | 2001:db8:2::1/64 |
|
|
# +--------------------------------+
|
|
#
|
|
# Hierarchical model:
|
|
# The tunnel is bound to a device in a different VRF
|
|
#
|
|
# +--------------------------------+
|
|
# | H1 |
|
|
# | $h1 + |
|
|
# | 198.51.100.1/24 | |
|
|
# | 2001:db8:1::1/64 | |
|
|
# +-------------------------|------+
|
|
# |
|
|
# +-------------------------|-------------------+
|
|
# | SW1 | |
|
|
# | +-----------------------|-----------------+ |
|
|
# | | $ol1 + | |
|
|
# | | 198.51.100.2/24 | |
|
|
# | | 2001:db8:1::2/64 | |
|
|
# | | | |
|
|
# | | + g1a (ip6gre) | |
|
|
# | | loc=2001:db8:3::1 | |
|
|
# | | rem=2001:db8:3::2 | |
|
|
# | | tos=inherit | |
|
|
# | | ^ | |
|
|
# | | VRF v$ol1 | | |
|
|
# | +--------------------|--------------------+ |
|
|
# | | |
|
|
# | +--------------------|--------------------+ |
|
|
# | | VRF v$ul1 | | |
|
|
# | | | | |
|
|
# | | v | |
|
|
# | | dummy1 + | |
|
|
# | | 2001:db8:3::1/64 | |
|
|
# | | .-----------' | |
|
|
# | | | | |
|
|
# | | v | |
|
|
# | | + $ul1.111 (vlan) | |
|
|
# | | | 2001:db8:10::1/64 | |
|
|
# | | \ | |
|
|
# | | \__________ | |
|
|
# | | | | |
|
|
# | | + $ul1 | |
|
|
# | +---------------------|-------------------+ |
|
|
# +-----------------------|---------------------+
|
|
# |
|
|
# +-----------------------|---------------------+
|
|
# | SW2 | |
|
|
# | +---------------------|-------------------+ |
|
|
# | | + $ul2 | |
|
|
# | | _____| | |
|
|
# | | / | |
|
|
# | | / | |
|
|
# | | | $ul2.111 (vlan) | |
|
|
# | | + 2001:db8:10::2/64 | |
|
|
# | | ^ | |
|
|
# | | | | |
|
|
# | | '------. | |
|
|
# | | dummy2 + | |
|
|
# | | 2001:db8:3::2/64 | |
|
|
# | | ^ | |
|
|
# | | | | |
|
|
# | | | | |
|
|
# | | VRF v$ul2 | | |
|
|
# | +---------------------|-------------------+ |
|
|
# | | |
|
|
# | +---------------------|-------------------+ |
|
|
# | | VRF v$ol2 | | |
|
|
# | | | | |
|
|
# | | v | |
|
|
# | | g2a (ip6gre) + | |
|
|
# | | loc=2001:db8:3::2 | |
|
|
# | | rem=2001:db8:3::1 | |
|
|
# | | tos=inherit | |
|
|
# | | | |
|
|
# | | $ol2 + | |
|
|
# | | 203.0.113.2/24 | | |
|
|
# | | 2001:db8:2::2/64 | | |
|
|
# | +---------------------|-------------------+ |
|
|
# +-----------------------|---------------------+
|
|
# |
|
|
# +-----------------------|--------+
|
|
# | H2 | |
|
|
# | $h2 + |
|
|
# | 203.0.113.1/24 |
|
|
# | 2001:db8:2::1/64 |
|
|
# +--------------------------------+
|
|
|
|
source lib.sh
|
|
source tc_common.sh
|
|
|
|
h1_create()
|
|
{
|
|
simple_if_init $h1 198.51.100.1/24 2001:db8:1::1/64
|
|
ip route add vrf v$h1 203.0.113.0/24 via 198.51.100.2
|
|
ip -6 route add vrf v$h1 2001:db8:2::/64 via 2001:db8:1::2
|
|
}
|
|
|
|
h1_destroy()
|
|
{
|
|
ip -6 route del vrf v$h1 2001:db8:2::/64 via 2001:db8:1::2
|
|
ip route del vrf v$h1 203.0.113.0/24 via 198.51.100.2
|
|
simple_if_fini $h1 198.51.100.1/24 2001:db8:1::1/64
|
|
}
|
|
|
|
h2_create()
|
|
{
|
|
simple_if_init $h2 203.0.113.1/24 2001:db8:2::1/64
|
|
ip route add vrf v$h2 198.51.100.0/24 via 203.0.113.2
|
|
ip -6 route add vrf v$h2 2001:db8:1::/64 via 2001:db8:2::2
|
|
}
|
|
|
|
h2_destroy()
|
|
{
|
|
ip -6 route del vrf v$h2 2001:db8:1::/64 via 2001:db8:2::2
|
|
ip route del vrf v$h2 198.51.100.0/24 via 203.0.113.2
|
|
simple_if_fini $h2 203.0.113.1/24 2001:db8:2::1/64
|
|
}
|
|
|
|
sw1_flat_create()
|
|
{
|
|
local ol1=$1; shift
|
|
local ul1=$1; shift
|
|
|
|
ip link set dev $ol1 up
|
|
__addr_add_del $ol1 add 198.51.100.2/24 2001:db8:1::2/64
|
|
|
|
ip link set dev $ul1 up
|
|
vlan_create $ul1 111 "" 2001:db8:10::1/64
|
|
|
|
tunnel_create g1a ip6gre 2001:db8:3::1 2001:db8:3::2 tos inherit \
|
|
ttl inherit "$@"
|
|
ip link set dev g1a up
|
|
__addr_add_del g1a add "2001:db8:3::1/128"
|
|
|
|
ip -6 route add 2001:db8:3::2/128 via 2001:db8:10::2
|
|
ip route add 203.0.113.0/24 dev g1a
|
|
ip -6 route add 2001:db8:2::/64 dev g1a
|
|
}
|
|
|
|
sw1_flat_destroy()
|
|
{
|
|
local ol1=$1; shift
|
|
local ul1=$1; shift
|
|
|
|
ip -6 route del 2001:db8:2::/64
|
|
ip route del 203.0.113.0/24
|
|
ip -6 route del 2001:db8:3::2/128 via 2001:db8:10::2
|
|
|
|
__simple_if_fini g1a 2001:db8:3::1/128
|
|
tunnel_destroy g1a
|
|
|
|
vlan_destroy $ul1 111
|
|
__simple_if_fini $ul1
|
|
__simple_if_fini $ol1 198.51.100.2/24 2001:db8:1::2/64
|
|
}
|
|
|
|
sw2_flat_create()
|
|
{
|
|
local ol2=$1; shift
|
|
local ul2=$1; shift
|
|
|
|
simple_if_init $ol2 203.0.113.2/24 2001:db8:2::2/64
|
|
__simple_if_init $ul2 v$ol2
|
|
vlan_create $ul2 111 v$ol2 2001:db8:10::2/64
|
|
|
|
tunnel_create g2a ip6gre 2001:db8:3::2 2001:db8:3::1 tos inherit \
|
|
ttl inherit dev v$ol2 "$@"
|
|
__simple_if_init g2a v$ol2 2001:db8:3::2/128
|
|
|
|
# Replace neighbor to avoid 1 dropped packet due to "unresolved neigh"
|
|
ip neigh replace dev $ol2 203.0.113.1 lladdr $(mac_get $h2)
|
|
ip -6 neigh replace dev $ol2 2001:db8:2::1 lladdr $(mac_get $h2)
|
|
|
|
ip -6 route add vrf v$ol2 2001:db8:3::1/128 via 2001:db8:10::1
|
|
ip route add vrf v$ol2 198.51.100.0/24 dev g2a
|
|
ip -6 route add vrf v$ol2 2001:db8:1::/64 dev g2a
|
|
}
|
|
|
|
sw2_flat_destroy()
|
|
{
|
|
local ol2=$1; shift
|
|
local ul2=$1; shift
|
|
|
|
ip -6 route del vrf v$ol2 2001:db8:2::/64
|
|
ip route del vrf v$ol2 198.51.100.0/24
|
|
ip -6 route del vrf v$ol2 2001:db8:3::1/128 via 2001:db8:10::1
|
|
|
|
__simple_if_fini g2a 2001:db8:3::2/128
|
|
tunnel_destroy g2a
|
|
|
|
vlan_destroy $ul2 111
|
|
__simple_if_fini $ul2
|
|
simple_if_fini $ol2 203.0.113.2/24 2001:db8:2::2/64
|
|
}
|
|
|
|
sw1_hierarchical_create()
|
|
{
|
|
local ol1=$1; shift
|
|
local ul1=$1; shift
|
|
|
|
simple_if_init $ol1 198.51.100.2/24 2001:db8:1::2/64
|
|
simple_if_init $ul1
|
|
ip link add name dummy1 type dummy
|
|
__simple_if_init dummy1 v$ul1 2001:db8:3::1/64
|
|
|
|
vlan_create $ul1 111 v$ul1 2001:db8:10::1/64
|
|
tunnel_create g1a ip6gre 2001:db8:3::1 2001:db8:3::2 tos inherit \
|
|
ttl inherit dev dummy1 "$@"
|
|
ip link set dev g1a master v$ol1
|
|
|
|
ip -6 route add vrf v$ul1 2001:db8:3::2/128 via 2001:db8:10::2
|
|
ip route add vrf v$ol1 203.0.113.0/24 dev g1a
|
|
ip -6 route add vrf v$ol1 2001:db8:2::/64 dev g1a
|
|
}
|
|
|
|
sw1_hierarchical_destroy()
|
|
{
|
|
local ol1=$1; shift
|
|
local ul1=$1; shift
|
|
|
|
ip -6 route del vrf v$ol1 2001:db8:2::/64
|
|
ip route del vrf v$ol1 203.0.113.0/24
|
|
ip -6 route del vrf v$ul1 2001:db8:3::2/128
|
|
|
|
tunnel_destroy g1a
|
|
vlan_destroy $ul1 111
|
|
|
|
__simple_if_fini dummy1 2001:db8:3::1/64
|
|
ip link del dev dummy1
|
|
|
|
simple_if_fini $ul1
|
|
simple_if_fini $ol1 198.51.100.2/24 2001:db8:1::2/64
|
|
}
|
|
|
|
sw2_hierarchical_create()
|
|
{
|
|
local ol2=$1; shift
|
|
local ul2=$1; shift
|
|
|
|
simple_if_init $ol2 203.0.113.2/24 2001:db8:2::2/64
|
|
simple_if_init $ul2
|
|
|
|
ip link add name dummy2 type dummy
|
|
__simple_if_init dummy2 v$ul2 2001:db8:3::2/64
|
|
|
|
vlan_create $ul2 111 v$ul2 2001:db8:10::2/64
|
|
tunnel_create g2a ip6gre 2001:db8:3::2 2001:db8:3::1 tos inherit \
|
|
ttl inherit dev dummy2 "$@"
|
|
ip link set dev g2a master v$ol2
|
|
|
|
# Replace neighbor to avoid 1 dropped packet due to "unresolved neigh"
|
|
ip neigh replace dev $ol2 203.0.113.1 lladdr $(mac_get $h2)
|
|
ip -6 neigh replace dev $ol2 2001:db8:2::1 lladdr $(mac_get $h2)
|
|
|
|
ip -6 route add vrf v$ul2 2001:db8:3::1/128 via 2001:db8:10::1
|
|
ip route add vrf v$ol2 198.51.100.0/24 dev g2a
|
|
ip -6 route add vrf v$ol2 2001:db8:1::/64 dev g2a
|
|
}
|
|
|
|
sw2_hierarchical_destroy()
|
|
{
|
|
local ol2=$1; shift
|
|
local ul2=$1; shift
|
|
|
|
ip -6 route del vrf v$ol2 2001:db8:2::/64
|
|
ip route del vrf v$ol2 198.51.100.0/24
|
|
ip -6 route del vrf v$ul2 2001:db8:3::1/128
|
|
|
|
tunnel_destroy g2a
|
|
vlan_destroy $ul2 111
|
|
|
|
__simple_if_fini dummy2 2001:db8:3::2/64
|
|
ip link del dev dummy2
|
|
|
|
simple_if_fini $ul2
|
|
simple_if_fini $ol2 203.0.113.2/24 2001:db8:2::2/64
|
|
}
|
|
|
|
test_traffic_ip4ip6()
|
|
{
|
|
RET=0
|
|
|
|
h1mac=$(mac_get $h1)
|
|
ol1mac=$(mac_get $ol1)
|
|
|
|
tc qdisc add dev $ul1 clsact
|
|
tc filter add dev $ul1 egress proto all pref 1 handle 101 \
|
|
flower $TC_FLAG action pass
|
|
|
|
tc qdisc add dev $ol2 clsact
|
|
tc filter add dev $ol2 egress protocol ipv4 pref 1 handle 101 \
|
|
flower $TC_FLAG dst_ip 203.0.113.1 action pass
|
|
|
|
$MZ $h1 -c 1000 -p 64 -a $h1mac -b $ol1mac -A 198.51.100.1 \
|
|
-B 203.0.113.1 -t ip -q -d $MZ_DELAY
|
|
|
|
# Check ports after encap and after decap.
|
|
tc_check_at_least_x_packets "dev $ul1 egress" 101 1000
|
|
check_err $? "Packets did not go through $ul1, tc_flag = $TC_FLAG"
|
|
|
|
tc_check_at_least_x_packets "dev $ol2 egress" 101 1000
|
|
check_err $? "Packets did not go through $ol2, tc_flag = $TC_FLAG"
|
|
|
|
log_test "$@"
|
|
|
|
tc filter del dev $ol2 egress protocol ipv4 pref 1 handle 101 flower
|
|
tc qdisc del dev $ol2 clsact
|
|
tc filter del dev $ul1 egress proto all pref 1 handle 101 flower
|
|
tc qdisc del dev $ul1 clsact
|
|
}
|
|
|
|
test_traffic_ip6ip6()
|
|
{
|
|
RET=0
|
|
|
|
h1mac=$(mac_get $h1)
|
|
ol1mac=$(mac_get $ol1)
|
|
|
|
tc qdisc add dev $ul1 clsact
|
|
tc filter add dev $ul1 egress proto all pref 1 handle 101 \
|
|
flower $TC_FLAG action pass
|
|
|
|
tc qdisc add dev $ol2 clsact
|
|
tc filter add dev $ol2 egress protocol ipv6 pref 1 handle 101 \
|
|
flower $TC_FLAG dst_ip 2001:db8:2::1 action pass
|
|
|
|
$MZ -6 $h1 -c 1000 -p 64 -a $h1mac -b $ol1mac -A 2001:db8:1::1 \
|
|
-B 2001:db8:2::1 -t ip -q -d $MZ_DELAY
|
|
|
|
# Check ports after encap and after decap.
|
|
tc_check_at_least_x_packets "dev $ul1 egress" 101 1000
|
|
check_err $? "Packets did not go through $ul1, tc_flag = $TC_FLAG"
|
|
|
|
tc_check_at_least_x_packets "dev $ol2 egress" 101 1000
|
|
check_err $? "Packets did not go through $ol2, tc_flag = $TC_FLAG"
|
|
|
|
log_test "$@"
|
|
|
|
tc filter del dev $ol2 egress protocol ipv6 pref 1 handle 101 flower
|
|
tc qdisc del dev $ol2 clsact
|
|
tc filter del dev $ul1 egress proto all pref 1 handle 101 flower
|
|
tc qdisc del dev $ul1 clsact
|
|
}
|
|
|
|
topo_mtu_change()
|
|
{
|
|
local mtu=$1
|
|
|
|
ip link set mtu $mtu dev $h1
|
|
ip link set mtu $mtu dev $ol1
|
|
ip link set mtu $mtu dev g1a
|
|
ip link set mtu $mtu dev $ul1
|
|
ip link set mtu $mtu dev $ul1.111
|
|
ip link set mtu $mtu dev $h2
|
|
ip link set mtu $mtu dev $ol2
|
|
ip link set mtu $mtu dev g2a
|
|
ip link set mtu $mtu dev $ul2
|
|
ip link set mtu $mtu dev $ul2.111
|
|
}
|
|
|
|
test_mtu_change()
|
|
{
|
|
RET=0
|
|
|
|
ping6_do $h1 2001:db8:2::1 "-s 1800 -w 3"
|
|
check_fail $? "ping GRE IPv6 should not pass with packet size 1800"
|
|
|
|
RET=0
|
|
|
|
topo_mtu_change 2000
|
|
ping6_do $h1 2001:db8:2::1 "-s 1800 -w 3"
|
|
check_err $?
|
|
log_test "ping GRE IPv6, packet size 1800 after MTU change"
|
|
}
|
|
|
|
topo_flat_remote_change()
|
|
{
|
|
local old1=$1; shift
|
|
local new1=$1; shift
|
|
local old2=$1; shift
|
|
local new2=$1; shift
|
|
|
|
ip link set dev g1a type ip6gre local $new1 remote $new2
|
|
__addr_add_del g1a add "$new1/128"
|
|
__addr_add_del g1a del "$old1/128"
|
|
ip -6 route add $new2/128 via 2001:db8:10::2
|
|
ip -6 route del $old2/128
|
|
|
|
ip link set dev g2a type ip6gre local $new2 remote $new1
|
|
__addr_add_del g2a add "$new2/128"
|
|
__addr_add_del g2a del "$old2/128"
|
|
ip -6 route add vrf v$ol2 $new1/128 via 2001:db8:10::1
|
|
ip -6 route del vrf v$ol2 $old1/128
|
|
}
|
|
|
|
flat_remote_change()
|
|
{
|
|
local old1=2001:db8:3::1
|
|
local new1=2001:db8:3::10
|
|
local old2=2001:db8:3::2
|
|
local new2=2001:db8:3::20
|
|
|
|
topo_flat_remote_change $old1 $new1 $old2 $new2
|
|
}
|
|
|
|
flat_remote_restore()
|
|
{
|
|
local old1=2001:db8:3::10
|
|
local new1=2001:db8:3::1
|
|
local old2=2001:db8:3::20
|
|
local new2=2001:db8:3::2
|
|
|
|
topo_flat_remote_change $old1 $new1 $old2 $new2
|
|
}
|
|
|
|
topo_hier_remote_change()
|
|
{
|
|
local old1=$1; shift
|
|
local new1=$1; shift
|
|
local old2=$1; shift
|
|
local new2=$1; shift
|
|
|
|
__addr_add_del dummy1 del "$old1/64"
|
|
__addr_add_del dummy1 add "$new1/64"
|
|
ip link set dev g1a type ip6gre local $new1 remote $new2
|
|
ip -6 route add vrf v$ul1 $new2/128 via 2001:db8:10::2
|
|
ip -6 route del vrf v$ul1 $old2/128
|
|
|
|
__addr_add_del dummy2 del "$old2/64"
|
|
__addr_add_del dummy2 add "$new2/64"
|
|
ip link set dev g2a type ip6gre local $new2 remote $new1
|
|
ip -6 route add vrf v$ul2 $new1/128 via 2001:db8:10::1
|
|
ip -6 route del vrf v$ul2 $old1/128
|
|
}
|
|
|
|
hier_remote_change()
|
|
{
|
|
local old1=2001:db8:3::1
|
|
local new1=2001:db8:3::10
|
|
local old2=2001:db8:3::2
|
|
local new2=2001:db8:3::20
|
|
|
|
topo_hier_remote_change $old1 $new1 $old2 $new2
|
|
}
|
|
|
|
hier_remote_restore()
|
|
{
|
|
local old1=2001:db8:3::10
|
|
local new1=2001:db8:3::1
|
|
local old2=2001:db8:3::20
|
|
local new2=2001:db8:3::2
|
|
|
|
topo_hier_remote_change $old1 $new1 $old2 $new2
|
|
}
|