1 #!/bin/bash 1 #!/bin/bash
2 # SPDX-License-Identifier: GPL-2.0 2 # SPDX-License-Identifier: GPL-2.0
3 3
4 # +--------------------+ + 4 # +--------------------+ +----------------------+
5 # | H1 | | 5 # | H1 | | H2 |
6 # | | | 6 # | | | |
7 # | $h1 + | | 7 # | $h1 + | | + $h2 |
8 # | 192.0.2.2/24 | | | 8 # | 192.0.2.2/24 | | | | 198.51.100.2/24 |
9 # | 2001:db8:1::2/64 | | | 9 # | 2001:db8:1::2/64 | | | | 2001:db8:2::2/64 |
10 # | | | | 10 # | | | | | |
11 # +------------------|-+ + 11 # +------------------|-+ +-|--------------------+
12 # | 12 # | |
13 # +------------------|------------------------ 13 # +------------------|-------------------------|--------------------+
14 # | SW | 14 # | SW | | |
15 # | | 15 # | | | |
16 # | $rp1 + 16 # | $rp1 + + $rp2 |
17 # | 192.0.2.1/24 17 # | 192.0.2.1/24 198.51.100.1/24 |
18 # | 2001:db8:1::1/64 18 # | 2001:db8:1::1/64 2001:db8:2::1/64 |
19 # | 19 # | |
20 # +------------------------------------------- 20 # +-----------------------------------------------------------------+
21 21
22 ALL_TESTS=" 22 ALL_TESTS="
23 ping_ipv4 23 ping_ipv4
24 ping_ipv6 24 ping_ipv6
25 sip_in_class_e 25 sip_in_class_e
26 mc_mac_mismatch 26 mc_mac_mismatch
27 ipv4_sip_equal_dip 27 ipv4_sip_equal_dip
28 ipv6_sip_equal_dip 28 ipv6_sip_equal_dip
29 ipv4_dip_link_local 29 ipv4_dip_link_local
30 " 30 "
31 31
32 NUM_NETIFS=4 32 NUM_NETIFS=4
33 source lib.sh 33 source lib.sh
34 source tc_common.sh 34 source tc_common.sh
35 35
36 require_command $MCD 36 require_command $MCD
37 require_command $MC_CLI 37 require_command $MC_CLI
38 table_name=selftests 38 table_name=selftests
39 39
40 h1_create() 40 h1_create()
41 { 41 {
42 vrf_create "vrf-h1" 42 vrf_create "vrf-h1"
43 ip link set dev $h1 master vrf-h1 43 ip link set dev $h1 master vrf-h1
44 44
45 ip link set dev vrf-h1 up 45 ip link set dev vrf-h1 up
46 ip link set dev $h1 up 46 ip link set dev $h1 up
47 47
48 ip address add 192.0.2.2/24 dev $h1 48 ip address add 192.0.2.2/24 dev $h1
49 ip address add 2001:db8:1::2/64 dev $h 49 ip address add 2001:db8:1::2/64 dev $h1
50 50
51 ip route add 198.51.100.0/24 vrf vrf-h 51 ip route add 198.51.100.0/24 vrf vrf-h1 nexthop via 192.0.2.1
52 ip route add 2001:db8:2::/64 vrf vrf-h 52 ip route add 2001:db8:2::/64 vrf vrf-h1 nexthop via 2001:db8:1::1
53 } 53 }
54 54
55 h1_destroy() 55 h1_destroy()
56 { 56 {
57 ip route del 2001:db8:2::/64 vrf vrf-h 57 ip route del 2001:db8:2::/64 vrf vrf-h1
58 ip route del 198.51.100.0/24 vrf vrf-h 58 ip route del 198.51.100.0/24 vrf vrf-h1
59 59
60 ip address del 2001:db8:1::2/64 dev $h 60 ip address del 2001:db8:1::2/64 dev $h1
61 ip address del 192.0.2.2/24 dev $h1 61 ip address del 192.0.2.2/24 dev $h1
62 62
63 ip link set dev $h1 down 63 ip link set dev $h1 down
64 vrf_destroy "vrf-h1" 64 vrf_destroy "vrf-h1"
65 } 65 }
66 66
67 h2_create() 67 h2_create()
68 { 68 {
69 vrf_create "vrf-h2" 69 vrf_create "vrf-h2"
70 ip link set dev $h2 master vrf-h2 70 ip link set dev $h2 master vrf-h2
71 71
72 ip link set dev vrf-h2 up 72 ip link set dev vrf-h2 up
73 ip link set dev $h2 up 73 ip link set dev $h2 up
74 74
75 ip address add 198.51.100.2/24 dev $h2 75 ip address add 198.51.100.2/24 dev $h2
76 ip address add 2001:db8:2::2/64 dev $h 76 ip address add 2001:db8:2::2/64 dev $h2
77 77
78 ip route add 192.0.2.0/24 vrf vrf-h2 n 78 ip route add 192.0.2.0/24 vrf vrf-h2 nexthop via 198.51.100.1
79 ip route add 2001:db8:1::/64 vrf vrf-h 79 ip route add 2001:db8:1::/64 vrf vrf-h2 nexthop via 2001:db8:2::1
80 } 80 }
81 81
82 h2_destroy() 82 h2_destroy()
83 { 83 {
84 ip route del 2001:db8:1::/64 vrf vrf-h 84 ip route del 2001:db8:1::/64 vrf vrf-h2
85 ip route del 192.0.2.0/24 vrf vrf-h2 85 ip route del 192.0.2.0/24 vrf vrf-h2
86 86
87 ip address del 2001:db8:2::2/64 dev $h 87 ip address del 2001:db8:2::2/64 dev $h2
88 ip address del 198.51.100.2/24 dev $h2 88 ip address del 198.51.100.2/24 dev $h2
89 89
90 ip link set dev $h2 down 90 ip link set dev $h2 down
91 vrf_destroy "vrf-h2" 91 vrf_destroy "vrf-h2"
92 } 92 }
93 93
94 router_create() 94 router_create()
95 { 95 {
96 ip link set dev $rp1 up 96 ip link set dev $rp1 up
97 ip link set dev $rp2 up 97 ip link set dev $rp2 up
98 98
99 tc qdisc add dev $rp2 clsact 99 tc qdisc add dev $rp2 clsact
100 100
101 ip address add 192.0.2.1/24 dev $rp1 101 ip address add 192.0.2.1/24 dev $rp1
102 ip address add 2001:db8:1::1/64 dev $r 102 ip address add 2001:db8:1::1/64 dev $rp1
103 103
104 ip address add 198.51.100.1/24 dev $rp 104 ip address add 198.51.100.1/24 dev $rp2
105 ip address add 2001:db8:2::1/64 dev $r 105 ip address add 2001:db8:2::1/64 dev $rp2
106 } 106 }
107 107
108 router_destroy() 108 router_destroy()
109 { 109 {
110 ip address del 2001:db8:2::1/64 dev $r 110 ip address del 2001:db8:2::1/64 dev $rp2
111 ip address del 198.51.100.1/24 dev $rp 111 ip address del 198.51.100.1/24 dev $rp2
112 112
113 ip address del 2001:db8:1::1/64 dev $r 113 ip address del 2001:db8:1::1/64 dev $rp1
114 ip address del 192.0.2.1/24 dev $rp1 114 ip address del 192.0.2.1/24 dev $rp1
115 115
116 tc qdisc del dev $rp2 clsact 116 tc qdisc del dev $rp2 clsact
117 117
118 ip link set dev $rp2 down 118 ip link set dev $rp2 down
119 ip link set dev $rp1 down 119 ip link set dev $rp1 down
120 } 120 }
121 121
122 start_mcd() 122 start_mcd()
123 { 123 {
124 SMCROUTEDIR="$(mktemp -d)" 124 SMCROUTEDIR="$(mktemp -d)"
125 125
126 for ((i = 1; i <= $NUM_NETIFS; ++i)); 126 for ((i = 1; i <= $NUM_NETIFS; ++i)); do
127 echo "phyint ${NETIFS[p$i]} en 127 echo "phyint ${NETIFS[p$i]} enable" >> \
128 $SMCROUTEDIR/$table_na 128 $SMCROUTEDIR/$table_name.conf
129 done 129 done
130 130
131 $MCD -N -I $table_name -f $SMCROUTEDIR 131 $MCD -N -I $table_name -f $SMCROUTEDIR/$table_name.conf \
132 -P $SMCROUTEDIR/$table_name.pi 132 -P $SMCROUTEDIR/$table_name.pid
133 } 133 }
134 134
135 kill_mcd() 135 kill_mcd()
136 { 136 {
137 pkill $MCD 137 pkill $MCD
138 rm -rf $SMCROUTEDIR 138 rm -rf $SMCROUTEDIR
139 } 139 }
140 140
141 setup_prepare() 141 setup_prepare()
142 { 142 {
143 h1=${NETIFS[p1]} 143 h1=${NETIFS[p1]}
144 rp1=${NETIFS[p2]} 144 rp1=${NETIFS[p2]}
145 145
146 rp2=${NETIFS[p3]} 146 rp2=${NETIFS[p3]}
147 h2=${NETIFS[p4]} 147 h2=${NETIFS[p4]}
148 148
149 rp1mac=$(mac_get $rp1) 149 rp1mac=$(mac_get $rp1)
150 150
151 start_mcd 151 start_mcd
152 152
153 vrf_prepare 153 vrf_prepare
154 154
155 h1_create 155 h1_create
156 h2_create 156 h2_create
157 157
158 router_create 158 router_create
159 159
160 forwarding_enable 160 forwarding_enable
161 } 161 }
162 162
163 cleanup() 163 cleanup()
164 { 164 {
165 pre_cleanup 165 pre_cleanup
166 166
167 forwarding_restore 167 forwarding_restore
168 168
169 router_destroy 169 router_destroy
170 170
171 h2_destroy 171 h2_destroy
172 h1_destroy 172 h1_destroy
173 173
174 vrf_cleanup 174 vrf_cleanup
175 175
176 kill_mcd 176 kill_mcd
177 } 177 }
178 178
179 ping_ipv4() 179 ping_ipv4()
180 { 180 {
181 ping_test $h1 198.51.100.2 181 ping_test $h1 198.51.100.2
182 } 182 }
183 183
184 ping_ipv6() 184 ping_ipv6()
185 { 185 {
186 ping6_test $h1 2001:db8:2::2 186 ping6_test $h1 2001:db8:2::2
187 } 187 }
188 188
189 sip_in_class_e() 189 sip_in_class_e()
190 { 190 {
191 RET=0 191 RET=0
192 192
193 # Disable rpfilter to prevent packets 193 # Disable rpfilter to prevent packets to be dropped because of it.
194 sysctl_set net.ipv4.conf.all.rp_filter 194 sysctl_set net.ipv4.conf.all.rp_filter 0
195 sysctl_set net.ipv4.conf.$rp1.rp_filte 195 sysctl_set net.ipv4.conf.$rp1.rp_filter 0
196 196
197 tc filter add dev $rp2 egress protocol 197 tc filter add dev $rp2 egress protocol ip pref 1 handle 101 \
198 flower src_ip 240.0.0.1 ip_pro 198 flower src_ip 240.0.0.1 ip_proto udp action pass
199 199
200 $MZ $h1 -t udp "sp=54321,dp=12345" -c 200 $MZ $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec \
201 -A 240.0.0.1 -b $rp1mac -B 198 201 -A 240.0.0.1 -b $rp1mac -B 198.51.100.2 -q
202 202
203 tc_check_packets "dev $rp2 egress" 101 203 tc_check_packets "dev $rp2 egress" 101 5
204 check_err $? "Packets were dropped" 204 check_err $? "Packets were dropped"
205 205
206 log_test "Source IP in class E" 206 log_test "Source IP in class E"
207 207
208 tc filter del dev $rp2 egress protocol 208 tc filter del dev $rp2 egress protocol ip pref 1 handle 101 flower
209 sysctl_restore net.ipv4.conf.$rp1.rp_f 209 sysctl_restore net.ipv4.conf.$rp1.rp_filter
210 sysctl_restore net.ipv4.conf.all.rp_fi 210 sysctl_restore net.ipv4.conf.all.rp_filter
211 } 211 }
212 212
213 create_mcast_sg() 213 create_mcast_sg()
214 { 214 {
215 local if_name=$1; shift 215 local if_name=$1; shift
216 local s_addr=$1; shift 216 local s_addr=$1; shift
217 local mcast=$1; shift 217 local mcast=$1; shift
218 local dest_ifs=${@} 218 local dest_ifs=${@}
219 219
220 $MC_CLI -I $table_name add $if_name $s 220 $MC_CLI -I $table_name add $if_name $s_addr $mcast $dest_ifs
221 } 221 }
222 222
223 delete_mcast_sg() 223 delete_mcast_sg()
224 { 224 {
225 local if_name=$1; shift 225 local if_name=$1; shift
226 local s_addr=$1; shift 226 local s_addr=$1; shift
227 local mcast=$1; shift 227 local mcast=$1; shift
228 local dest_ifs=${@} 228 local dest_ifs=${@}
229 229
230 $MC_CLI -I $table_name remove $if_name 230 $MC_CLI -I $table_name remove $if_name $s_addr $mcast $dest_ifs
231 } 231 }
232 232
233 __mc_mac_mismatch() 233 __mc_mac_mismatch()
234 { 234 {
235 local desc=$1; shift 235 local desc=$1; shift
236 local proto=$1; shift 236 local proto=$1; shift
237 local sip=$1; shift 237 local sip=$1; shift
238 local dip=$1; shift 238 local dip=$1; shift
239 local flags=${1:-""}; shift 239 local flags=${1:-""}; shift
240 local dmac=01:02:03:04:05:06 240 local dmac=01:02:03:04:05:06
241 241
242 RET=0 242 RET=0
243 243
244 tc filter add dev $rp2 egress protocol 244 tc filter add dev $rp2 egress protocol $proto pref 1 handle 101 \
245 flower dst_ip $dip action pass 245 flower dst_ip $dip action pass
246 246
247 create_mcast_sg $rp1 $sip $dip $rp2 247 create_mcast_sg $rp1 $sip $dip $rp2
248 248
249 $MZ $flags $h1 -t udp "sp=54321,dp=123 249 $MZ $flags $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec -b $dmac \
250 -B $dip -q 250 -B $dip -q
251 251
252 tc_check_packets "dev $rp2 egress" 101 252 tc_check_packets "dev $rp2 egress" 101 5
253 check_err $? "Packets were dropped" 253 check_err $? "Packets were dropped"
254 254
255 log_test "Multicast MAC mismatch: $des 255 log_test "Multicast MAC mismatch: $desc"
256 256
257 delete_mcast_sg $rp1 $sip $dip $rp2 257 delete_mcast_sg $rp1 $sip $dip $rp2
258 tc filter del dev $rp2 egress protocol 258 tc filter del dev $rp2 egress protocol $proto pref 1 handle 101 flower
259 } 259 }
260 260
261 mc_mac_mismatch() 261 mc_mac_mismatch()
262 { 262 {
263 __mc_mac_mismatch "IPv4" "ip" 192.0.2. 263 __mc_mac_mismatch "IPv4" "ip" 192.0.2.2 225.1.2.3
264 __mc_mac_mismatch "IPv6" "ipv6" 2001:d 264 __mc_mac_mismatch "IPv6" "ipv6" 2001:db8:1::2 ff0e::3 "-6"
265 } 265 }
266 266
267 ipv4_sip_equal_dip() 267 ipv4_sip_equal_dip()
268 { 268 {
269 RET=0 269 RET=0
270 270
271 # Disable rpfilter to prevent packets 271 # Disable rpfilter to prevent packets to be dropped because of it.
272 sysctl_set net.ipv4.conf.all.rp_filter 272 sysctl_set net.ipv4.conf.all.rp_filter 0
273 sysctl_set net.ipv4.conf.$rp1.rp_filte 273 sysctl_set net.ipv4.conf.$rp1.rp_filter 0
274 274
275 tc filter add dev $rp2 egress protocol 275 tc filter add dev $rp2 egress protocol ip pref 1 handle 101 \
276 flower src_ip 198.51.100.2 ac 276 flower src_ip 198.51.100.2 action pass
277 277
278 $MZ $h1 -t udp "sp=54321,dp=12345" -c 278 $MZ $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec \
279 -A 198.51.100.2 -b $rp1mac -B 279 -A 198.51.100.2 -b $rp1mac -B 198.51.100.2 -q
280 280
281 tc_check_packets "dev $rp2 egress" 101 281 tc_check_packets "dev $rp2 egress" 101 5
282 check_err $? "Packets were dropped" 282 check_err $? "Packets were dropped"
283 283
284 log_test "Source IP is equal to destin 284 log_test "Source IP is equal to destination IP: IPv4"
285 285
286 tc filter del dev $rp2 egress protocol 286 tc filter del dev $rp2 egress protocol ip pref 1 handle 101 flower
287 sysctl_restore net.ipv4.conf.$rp1.rp_f 287 sysctl_restore net.ipv4.conf.$rp1.rp_filter
288 sysctl_restore net.ipv4.conf.all.rp_fi 288 sysctl_restore net.ipv4.conf.all.rp_filter
289 } 289 }
290 290
291 ipv6_sip_equal_dip() 291 ipv6_sip_equal_dip()
292 { 292 {
293 RET=0 293 RET=0
294 294
295 tc filter add dev $rp2 egress protocol 295 tc filter add dev $rp2 egress protocol ipv6 pref 1 handle 101 \
296 flower src_ip 2001:db8:2::2 ac 296 flower src_ip 2001:db8:2::2 action pass
297 297
298 $MZ -6 $h1 -t udp "sp=54321,dp=12345" 298 $MZ -6 $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec \
299 -A 2001:db8:2::2 -b $rp1mac -B 299 -A 2001:db8:2::2 -b $rp1mac -B 2001:db8:2::2 -q
300 300
301 tc_check_packets "dev $rp2 egress" 101 301 tc_check_packets "dev $rp2 egress" 101 5
302 check_err $? "Packets were dropped" 302 check_err $? "Packets were dropped"
303 303
304 log_test "Source IP is equal to destin 304 log_test "Source IP is equal to destination IP: IPv6"
305 305
306 tc filter del dev $rp2 egress protocol 306 tc filter del dev $rp2 egress protocol ipv6 pref 1 handle 101 flower
307 } 307 }
308 308
309 ipv4_dip_link_local() 309 ipv4_dip_link_local()
310 { 310 {
311 local dip=169.254.1.1 311 local dip=169.254.1.1
312 312
313 RET=0 313 RET=0
314 314
315 tc filter add dev $rp2 egress protocol 315 tc filter add dev $rp2 egress protocol ip pref 1 handle 101 \
316 flower dst_ip $dip action pass 316 flower dst_ip $dip action pass
317 317
318 ip neigh add 169.254.1.1 lladdr 00:11: 318 ip neigh add 169.254.1.1 lladdr 00:11:22:33:44:55 dev $rp2
319 ip route add 169.254.1.0/24 dev $rp2 319 ip route add 169.254.1.0/24 dev $rp2
320 320
321 $MZ $h1 -t udp "sp=54321,dp=12345" -c 321 $MZ $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec -b $rp1mac -B $dip -q
322 322
323 tc_check_packets "dev $rp2 egress" 101 323 tc_check_packets "dev $rp2 egress" 101 5
324 check_err $? "Packets were dropped" 324 check_err $? "Packets were dropped"
325 325
326 log_test "IPv4 destination IP is link- 326 log_test "IPv4 destination IP is link-local"
327 327
328 ip route del 169.254.1.0/24 dev $rp2 328 ip route del 169.254.1.0/24 dev $rp2
329 ip neigh del 169.254.1.1 lladdr 00:11: 329 ip neigh del 169.254.1.1 lladdr 00:11:22:33:44:55 dev $rp2
330 tc filter del dev $rp2 egress protocol 330 tc filter del dev $rp2 egress protocol ip pref 1 handle 101 flower
331 } 331 }
332 332
333 trap cleanup EXIT 333 trap cleanup EXIT
334 334
335 setup_prepare 335 setup_prepare
336 setup_wait 336 setup_wait
337 337
338 tests_run 338 tests_run
339 339
340 exit $EXIT_STATUS 340 exit $EXIT_STATUS
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.