1 #!/bin/bash
2 # SPDX-License-Identifier: GPL-2.0
3
4 ALL_TESTS="ping_ipv4"
5 NUM_NETIFS=6
6 source lib.sh
7
8 h1_create()
9 {
10 vrf_create "vrf-h1"
11 ip link set dev $h1 master vrf-h1
12
13 ip link set dev vrf-h1 up
14 ip link set dev $h1 up
15
16 ip address add 192.0.2.2/24 dev $h1
17
18 ip route add 198.51.100.0/24 vrf vrf-h1 nexthop via 192.0.2.1
19 ip route add 198.51.200.0/24 vrf vrf-h1 nexthop via 192.0.2.1
20 }
21
22 h1_destroy()
23 {
24 ip route del 198.51.200.0/24 vrf vrf-h1
25 ip route del 198.51.100.0/24 vrf vrf-h1
26
27 ip address del 192.0.2.2/24 dev $h1
28
29 ip link set dev $h1 down
30 vrf_destroy "vrf-h1"
31 }
32
33 h2_create()
34 {
35 vrf_create "vrf-h2"
36 ip link set dev $h2 master vrf-h2
37
38 ip link set dev vrf-h2 up
39 ip link set dev $h2 up
40
41 ip address add 198.51.100.2/24 dev $h2
42
43 ip route add 192.0.2.0/24 vrf vrf-h2 nexthop via 198.51.100.1
44 ip route add 198.51.200.0/24 vrf vrf-h2 nexthop via 198.51.100.1
45 }
46
47 h2_destroy()
48 {
49 ip route del 198.51.200.0/24 vrf vrf-h2
50 ip route del 192.0.2.0/24 vrf vrf-h2
51
52 ip address del 198.51.100.2/24 dev $h2
53
54 ip link set dev $h2 down
55 vrf_destroy "vrf-h2"
56 }
57
58 h3_create()
59 {
60 vrf_create "vrf-h3"
61 ip link set dev $h3 master vrf-h3
62
63 ip link set dev vrf-h3 up
64 ip link set dev $h3 up
65
66 ip address add 198.51.200.2/24 dev $h3
67
68 ip route add 192.0.2.0/24 vrf vrf-h3 nexthop via 198.51.200.1
69 ip route add 198.51.100.0/24 vrf vrf-h3 nexthop via 198.51.200.1
70 }
71
72 h3_destroy()
73 {
74 ip route del 198.51.100.0/24 vrf vrf-h3
75 ip route del 192.0.2.0/24 vrf vrf-h3
76
77 ip address del 198.51.200.2/24 dev $h3
78
79 ip link set dev $h3 down
80 vrf_destroy "vrf-h3"
81 }
82
83 router_create()
84 {
85 ip link set dev $rp1 up
86 ip link set dev $rp2 up
87 ip link set dev $rp3 up
88
89 ip address add 192.0.2.1/24 dev $rp1
90
91 ip address add 198.51.100.1/24 dev $rp2
92 ip address add 198.51.200.1/24 dev $rp3
93 }
94
95 router_destroy()
96 {
97 ip address del 198.51.200.1/24 dev $rp3
98 ip address del 198.51.100.1/24 dev $rp2
99
100 ip address del 192.0.2.1/24 dev $rp1
101
102 ip link set dev $rp3 down
103 ip link set dev $rp2 down
104 ip link set dev $rp1 down
105 }
106
107 setup_prepare()
108 {
109 h1=${NETIFS[p1]}
110 rp1=${NETIFS[p2]}
111
112 rp2=${NETIFS[p3]}
113 h2=${NETIFS[p4]}
114
115 rp3=${NETIFS[p5]}
116 h3=${NETIFS[p6]}
117
118 vrf_prepare
119
120 h1_create
121 h2_create
122 h3_create
123
124 router_create
125
126 forwarding_enable
127 }
128
129 cleanup()
130 {
131 pre_cleanup
132
133 forwarding_restore
134
135 router_destroy
136
137 h3_destroy
138 h2_destroy
139 h1_destroy
140
141 vrf_cleanup
142 }
143
144 bc_forwarding_disable()
145 {
146 sysctl_set net.ipv4.conf.all.bc_forwarding 0
147 sysctl_set net.ipv4.conf.$rp1.bc_forwarding 0
148 sysctl_set net.ipv4.conf.$rp2.bc_forwarding 0
149 }
150
151 bc_forwarding_enable()
152 {
153 sysctl_set net.ipv4.conf.all.bc_forwarding 1
154 sysctl_set net.ipv4.conf.$rp1.bc_forwarding 1
155 sysctl_set net.ipv4.conf.$rp2.bc_forwarding 1
156 }
157
158 bc_forwarding_restore()
159 {
160 sysctl_restore net.ipv4.conf.$rp2.bc_forwarding
161 sysctl_restore net.ipv4.conf.$rp1.bc_forwarding
162 sysctl_restore net.ipv4.conf.all.bc_forwarding
163 }
164
165 ping_test_from()
166 {
167 local oif=$1
168 local dip=$2
169 local from=$3
170 local fail=${4:-0}
171
172 RET=0
173
174 log_info "ping $dip, expected reply from $from"
175 ip vrf exec $(master_name_get $oif) \
176 $PING -I $oif $dip -c 10 -i 0.1 -w $PING_TIMEOUT -b 2>&1 \
177 | grep "bytes from $from" > /dev/null
178 check_err_fail $fail $?
179 }
180
181 ping_ipv4()
182 {
183 sysctl_set net.ipv4.icmp_echo_ignore_broadcasts 0
184
185 bc_forwarding_disable
186 log_info "bc_forwarding disabled on r1 =>"
187 ping_test_from $h1 198.51.100.255 192.0.2.1
188 log_test "h1 -> net2: reply from r1 (not forwarding)"
189 ping_test_from $h1 198.51.200.255 192.0.2.1
190 log_test "h1 -> net3: reply from r1 (not forwarding)"
191 ping_test_from $h1 192.0.2.255 192.0.2.1
192 log_test "h1 -> net1: reply from r1 (not dropping)"
193 ping_test_from $h1 255.255.255.255 192.0.2.1
194 log_test "h1 -> 255.255.255.255: reply from r1 (not forwarding)"
195
196 ping_test_from $h2 192.0.2.255 198.51.100.1
197 log_test "h2 -> net1: reply from r1 (not forwarding)"
198 ping_test_from $h2 198.51.200.255 198.51.100.1
199 log_test "h2 -> net3: reply from r1 (not forwarding)"
200 ping_test_from $h2 198.51.100.255 198.51.100.1
201 log_test "h2 -> net2: reply from r1 (not dropping)"
202 ping_test_from $h2 255.255.255.255 198.51.100.1
203 log_test "h2 -> 255.255.255.255: reply from r1 (not forwarding)"
204 bc_forwarding_restore
205
206 bc_forwarding_enable
207 log_info "bc_forwarding enabled on r1 =>"
208 ping_test_from $h1 198.51.100.255 198.51.100.2
209 log_test "h1 -> net2: reply from h2 (forwarding)"
210 ping_test_from $h1 198.51.200.255 198.51.200.2
211 log_test "h1 -> net3: reply from h3 (forwarding)"
212 ping_test_from $h1 192.0.2.255 192.0.2.1 1
213 log_test "h1 -> net1: no reply (dropping)"
214 ping_test_from $h1 255.255.255.255 192.0.2.1
215 log_test "h1 -> 255.255.255.255: reply from r1 (not forwarding)"
216
217 ping_test_from $h2 192.0.2.255 192.0.2.2
218 log_test "h2 -> net1: reply from h1 (forwarding)"
219 ping_test_from $h2 198.51.200.255 198.51.200.2
220 log_test "h2 -> net3: reply from h3 (forwarding)"
221 ping_test_from $h2 198.51.100.255 198.51.100.1 1
222 log_test "h2 -> net2: no reply (dropping)"
223 ping_test_from $h2 255.255.255.255 198.51.100.1
224 log_test "h2 -> 255.255.255.255: reply from r1 (not forwarding)"
225 bc_forwarding_restore
226
227 sysctl_restore net.ipv4.icmp_echo_ignore_broadcasts
228 }
229
230 trap cleanup EXIT
231
232 setup_prepare
233 setup_wait
234
235 tests_run
236
237 exit $EXIT_STATUS
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.