1 # SPDX-License-Identifier: GPL-2.0
2
3 # Test offloading a number of mirrors-to-gretap. The test creates a number of
4 # tunnels. Then it adds one flower mirror for each of the tunnels, matching a
5 # given host IP. Then it generates traffic at each of the host IPs and checks
6 # that the traffic has been mirrored at the appropriate tunnel.
7 #
8 # +--------------------------+ +--------------------------+
9 # | H1 | | H2 |
10 # | + $h1 | | $h2 + |
11 # | | 2001:db8:1:X::1/64 | | 2001:db8:1:X::2/64 | |
12 # +-----|--------------------+ +--------------------|-----+
13 # | |
14 # +-----|-------------------------------------------------------------|-----+
15 # | SW o--> mirrors | |
16 # | +---|-------------------------------------------------------------|---+ |
17 # | | + $swp1 BR $swp2 + | |
18 # | +---------------------------------------------------------------------+ |
19 # | |
20 # | + $swp3 + gt6-<X> (ip6gretap) |
21 # | | 2001:db8:2:X::1/64 : loc=2001:db8:2:X::1 |
22 # | | : rem=2001:db8:2:X::2 |
23 # | | : ttl=100 |
24 # | | : tos=inherit |
25 # | | : |
26 # +-----|--------------------------------:----------------------------------+
27 # | :
28 # +-----|--------------------------------:----------------------------------+
29 # | H3 + $h3 + h3-gt6-<X> (ip6gretap) |
30 # | 2001:db8:2:X::2/64 loc=2001:db8:2:X::2 |
31 # | rem=2001:db8:2:X::1 |
32 # | ttl=100 |
33 # | tos=inherit |
34 # | |
35 # +-------------------------------------------------------------------------+
36
37 source ../../../../net/forwarding/mirror_lib.sh
38
39 MIRROR_NUM_NETIFS=6
40
41 mirror_gre_ipv6_addr()
42 {
43 local net=$1; shift
44 local num=$1; shift
45
46 printf "2001:db8:%x:%x" $net $num
47 }
48
49 mirror_gre_tunnels_create()
50 {
51 local count=$1; shift
52 local should_fail=$1; shift
53
54 MIRROR_GRE_BATCH_FILE="$(mktemp)"
55 for ((i=0; i < count; ++i)); do
56 local match_dip=$(mirror_gre_ipv6_addr 1 $i)::2
57 local htun=h3-gt6-$i
58 local tun=gt6-$i
59
60 ((mirror_gre_tunnels++))
61
62 ip address add dev $h1 $(mirror_gre_ipv6_addr 1 $i)::1/64
63 ip address add dev $h2 $(mirror_gre_ipv6_addr 1 $i)::2/64
64
65 ip address add dev $swp3 $(mirror_gre_ipv6_addr 2 $i)::1/64
66 ip address add dev $h3 $(mirror_gre_ipv6_addr 2 $i)::2/64
67
68 tunnel_create $tun ip6gretap \
69 $(mirror_gre_ipv6_addr 2 $i)::1 \
70 $(mirror_gre_ipv6_addr 2 $i)::2 \
71 ttl 100 tos inherit allow-localremote
72
73 tunnel_create $htun ip6gretap \
74 $(mirror_gre_ipv6_addr 2 $i)::2 \
75 $(mirror_gre_ipv6_addr 2 $i)::1
76 ip link set $htun vrf v$h3
77 matchall_sink_create $htun
78
79 cat >> $MIRROR_GRE_BATCH_FILE <<-EOF
80 filter add dev $swp1 ingress pref 1000 \
81 protocol ipv6 \
82 flower skip_sw dst_ip $match_dip \
83 action mirred egress mirror dev $tun
84 EOF
85 done
86
87 tc -b $MIRROR_GRE_BATCH_FILE
88 check_err_fail $should_fail $? "Mirror rule insertion"
89 }
90
91 mirror_gre_tunnels_destroy()
92 {
93 local count=$1; shift
94
95 for ((i=0; i < count; ++i)); do
96 local htun=h3-gt6-$i
97 local tun=gt6-$i
98
99 ip address del dev $h3 $(mirror_gre_ipv6_addr 2 $i)::2/64
100 ip address del dev $swp3 $(mirror_gre_ipv6_addr 2 $i)::1/64
101
102 ip address del dev $h2 $(mirror_gre_ipv6_addr 1 $i)::2/64
103 ip address del dev $h1 $(mirror_gre_ipv6_addr 1 $i)::1/64
104
105 tunnel_destroy $htun
106 tunnel_destroy $tun
107 done
108 }
109
110 mirror_gre_test()
111 {
112 local count=$1; shift
113 local should_fail=$1; shift
114
115 mirror_gre_tunnels_create $count $should_fail
116 if ((should_fail)); then
117 return
118 fi
119
120 sleep 5
121
122 for ((i = 0; i < count; ++i)); do
123 local sip=$(mirror_gre_ipv6_addr 1 $i)::1
124 local dip=$(mirror_gre_ipv6_addr 1 $i)::2
125 local htun=h3-gt6-$i
126 local message
127
128 icmp6_capture_install $htun
129 mirror_test v$h1 $sip $dip $htun 100 10
130 icmp6_capture_uninstall $htun
131 done
132 }
133
134 mirror_gre_setup_prepare()
135 {
136 h1=${NETIFS[p1]}
137 swp1=${NETIFS[p2]}
138
139 swp2=${NETIFS[p3]}
140 h2=${NETIFS[p4]}
141
142 swp3=${NETIFS[p5]}
143 h3=${NETIFS[p6]}
144
145 mirror_gre_tunnels=0
146
147 vrf_prepare
148
149 simple_if_init $h1
150 simple_if_init $h2
151 simple_if_init $h3
152
153 ip link add name br1 type bridge vlan_filtering 1
154 ip link set dev br1 addrgenmode none
155 ip link set dev br1 up
156
157 ip link set dev $swp1 master br1
158 ip link set dev $swp1 up
159 tc qdisc add dev $swp1 clsact
160
161 ip link set dev $swp2 master br1
162 ip link set dev $swp2 up
163
164 ip link set dev $swp3 up
165 }
166
167 mirror_gre_cleanup()
168 {
169 mirror_gre_tunnels_destroy $mirror_gre_tunnels
170
171 ip link set dev $swp3 down
172
173 ip link set dev $swp2 down
174
175 tc qdisc del dev $swp1 clsact
176 ip link set dev $swp1 down
177
178 ip link del dev br1
179
180 simple_if_fini $h3
181 simple_if_fini $h2
182 simple_if_fini $h1
183
184 vrf_cleanup
185 }
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.