1 #!/bin/bash 2 # SPDX-License-Identifier: GPL-2.0 3 # 4 # This test is for checking bridge backup port and backup nexthop ID 5 # functionality. The topology consists of two bridge (VTEPs) connected using 6 # VXLAN. The test checks that when the switch port (swp1) is down, traffic is 7 # redirected to the VXLAN port (vx0). When a backup nexthop ID is configured, 8 # the test checks that traffic is redirected with the correct nexthop 9 # information. 10 # 11 # +------------------------------------+ +------------------------------------+ 12 # | + swp1 + vx0 | | + swp1 + vx0 | 13 # | | | | | | | | 14 # | | br0 | | | | | | 15 # | +------------+-----------+ | | +------------+-----------+ | 16 # | | | | | | 17 # | | | | | | 18 # | + | | + | 19 # | br0 | | br0 | 20 # | + | | + | 21 # | | | | | | 22 # | | | | | | 23 # | + | | + | 24 # | br0.10 | | br0.10 | 25 # | 192.0.2.65/28 | | 192.0.2.66/28 | 26 # | | | | 27 # | | | | 28 # | 192.0.2.33 | | 192.0.2.34 | 29 # | + lo | | + lo | 30 # | | | | 31 # | | | | 32 # | 192.0.2.49/28 | | 192.0.2.50/28 | 33 # | veth0 +-------+ veth0 | 34 # | | | | 35 # | sw1 | | sw2 | 36 # +------------------------------------+ +------------------------------------+ 37 38 source lib.sh 39 ret=0 40 41 # All tests in this script. Can be overridden with -t option. 42 TESTS=" 43 backup_port 44 backup_nhid 45 backup_nhid_invalid 46 backup_nhid_ping 47 backup_nhid_torture 48 " 49 VERBOSE=0 50 PAUSE_ON_FAIL=no 51 PAUSE=no 52 PING_TIMEOUT=5 53 54 ################################################################################ 55 # Utilities 56 57 log_test() 58 { 59 local rc=$1 60 local expected=$2 61 local msg="$3" 62 63 if [ ${rc} -eq ${expected} ]; then 64 printf "TEST: %-60s [ OK ]\n" "${msg}" 65 nsuccess=$((nsuccess+1)) 66 else 67 ret=1 68 nfail=$((nfail+1)) 69 printf "TEST: %-60s [FAIL]\n" "${msg}" 70 if [ "$VERBOSE" = "1" ]; then 71 echo " rc=$rc, expected $expected" 72 fi 73 74 if [ "${PAUSE_ON_FAIL}" = "yes" ]; then 75 echo 76 echo "hit enter to continue, 'q' to quit" 77 read a 78 [ "$a" = "q" ] && exit 1 79 fi 80 fi 81 82 if [ "${PAUSE}" = "yes" ]; then 83 echo 84 echo "hit enter to continue, 'q' to quit" 85 read a 86 [ "$a" = "q" ] && exit 1 87 fi 88 89 [ "$VERBOSE" = "1" ] && echo 90 } 91 92 run_cmd() 93 { 94 local cmd="$1" 95 local out 96 local stderr="2>/dev/null" 97 98 if [ "$VERBOSE" = "1" ]; then 99 printf "COMMAND: $cmd\n" 100 stderr= 101 fi 102 103 out=$(eval $cmd $stderr) 104 rc=$? 105 if [ "$VERBOSE" = "1" -a -n "$out" ]; then 106 echo " $out" 107 fi 108 109 return $rc 110 } 111 112 tc_check_packets() 113 { 114 local ns=$1; shift 115 local id=$1; shift 116 local handle=$1; shift 117 local count=$1; shift 118 local pkts 119 120 sleep 0.1 121 pkts=$(tc -n $ns -j -s filter show $id \ 122 | jq ".[] | select(.options.handle == $handle) | \ 123 .options.actions[0].stats.packets") 124 [[ $pkts == $count ]] 125 } 126 127 bridge_link_check() 128 { 129 local ns=$1; shift 130 local dev=$1; shift 131 local state=$1; shift 132 133 bridge -n $ns -d -j link show dev $dev | \ 134 jq -e ".[][\"state\"] == \"$state\"" &> /dev/null 135 } 136 137 ################################################################################ 138 # Setup 139 140 setup_topo_ns() 141 { 142 local ns=$1; shift 143 144 ip netns exec $ns sysctl -qw net.ipv6.conf.all.keep_addr_on_down=1 145 ip netns exec $ns sysctl -qw net.ipv6.conf.default.ignore_routes_with_linkdown=1 146 ip netns exec $ns sysctl -qw net.ipv6.conf.all.accept_dad=0 147 ip netns exec $ns sysctl -qw net.ipv6.conf.default.accept_dad=0 148 } 149 150 setup_topo() 151 { 152 local ns 153 154 setup_ns sw1 sw2 155 for ns in $sw1 $sw2; do 156 setup_topo_ns $ns 157 done 158 159 ip link add name veth0 type veth peer name veth1 160 ip link set dev veth0 netns $sw1 name veth0 161 ip link set dev veth1 netns $sw2 name veth0 162 } 163 164 setup_sw_common() 165 { 166 local ns=$1; shift 167 local local_addr=$1; shift 168 local remote_addr=$1; shift 169 local veth_addr=$1; shift 170 local gw_addr=$1; shift 171 local br_addr=$1; shift 172 173 ip -n $ns address add $local_addr/32 dev lo 174 175 ip -n $ns link set dev veth0 up 176 ip -n $ns address add $veth_addr/28 dev veth0 177 ip -n $ns route add default via $gw_addr 178 179 ip -n $ns link add name br0 up type bridge vlan_filtering 1 \ 180 vlan_default_pvid 0 mcast_snooping 0 181 182 ip -n $ns link add link br0 name br0.10 up type vlan id 10 183 bridge -n $ns vlan add vid 10 dev br0 self 184 ip -n $ns address add $br_addr/28 dev br0.10 185 186 ip -n $ns link add name swp1 up type dummy 187 ip -n $ns link set dev swp1 master br0 188 bridge -n $ns vlan add vid 10 dev swp1 untagged 189 190 ip -n $ns link add name vx0 up master br0 type vxlan \ 191 local $local_addr dstport 4789 nolearning external 192 bridge -n $ns link set dev vx0 vlan_tunnel on learning off 193 194 bridge -n $ns vlan add vid 10 dev vx0 195 bridge -n $ns vlan add vid 10 dev vx0 tunnel_info id 10010 196 } 197 198 setup_sw1() 199 { 200 local ns=$sw1 201 local local_addr=192.0.2.33 202 local remote_addr=192.0.2.34 203 local veth_addr=192.0.2.49 204 local gw_addr=192.0.2.50 205 local br_addr=192.0.2.65 206 207 setup_sw_common $ns $local_addr $remote_addr $veth_addr $gw_addr \ 208 $br_addr 209 } 210 211 setup_sw2() 212 { 213 local ns=$sw2 214 local local_addr=192.0.2.34 215 local remote_addr=192.0.2.33 216 local veth_addr=192.0.2.50 217 local gw_addr=192.0.2.49 218 local br_addr=192.0.2.66 219 220 setup_sw_common $ns $local_addr $remote_addr $veth_addr $gw_addr \ 221 $br_addr 222 } 223 224 setup() 225 { 226 set -e 227 228 setup_topo 229 setup_sw1 230 setup_sw2 231 232 sleep 5 233 234 set +e 235 } 236 237 cleanup() 238 { 239 cleanup_ns $sw1 $sw2 240 } 241 242 ################################################################################ 243 # Tests 244 245 backup_port() 246 { 247 local dmac=00:11:22:33:44:55 248 local smac=00:aa:bb:cc:dd:ee 249 250 echo 251 echo "Backup port" 252 echo "-----------" 253 254 run_cmd "tc -n $sw1 qdisc replace dev swp1 clsact" 255 run_cmd "tc -n $sw1 filter replace dev swp1 egress pref 1 handle 101 proto ip flower src_mac $smac dst_mac $dmac action pass" 256 257 run_cmd "tc -n $sw1 qdisc replace dev vx0 clsact" 258 run_cmd "tc -n $sw1 filter replace dev vx0 egress pref 1 handle 101 proto ip flower src_mac $smac dst_mac $dmac action pass" 259 260 run_cmd "bridge -n $sw1 fdb replace $dmac dev swp1 master static vlan 10" 261 262 # Initial state - check that packets are forwarded out of swp1 when it 263 # has a carrier and not forwarded out of any port when it does not have 264 # a carrier. 265 run_cmd "ip netns exec $sw1 mausezahn br0.10 -a $smac -b $dmac -A 198.51.100.1 -B 198.51.100.2 -t ip -p 100 -q -c 1" 266 tc_check_packets $sw1 "dev swp1 egress" 101 1 267 log_test $? 0 "Forwarding out of swp1" 268 tc_check_packets $sw1 "dev vx0 egress" 101 0 269 log_test $? 0 "No forwarding out of vx0" 270 271 run_cmd "ip -n $sw1 link set dev swp1 carrier off" 272 busywait $BUSYWAIT_TIMEOUT bridge_link_check $sw1 swp1 disabled 273 log_test $? 0 "swp1 carrier off" 274 275 run_cmd "ip netns exec $sw1 mausezahn br0.10 -a $smac -b $dmac -A 198.51.100.1 -B 198.51.100.2 -t ip -p 100 -q -c 1" 276 tc_check_packets $sw1 "dev swp1 egress" 101 1 277 log_test $? 0 "No forwarding out of swp1" 278 tc_check_packets $sw1 "dev vx0 egress" 101 0 279 log_test $? 0 "No forwarding out of vx0" 280 281 run_cmd "ip -n $sw1 link set dev swp1 carrier on" 282 busywait $BUSYWAIT_TIMEOUT bridge_link_check $sw1 swp1 forwarding 283 log_test $? 0 "swp1 carrier on" 284 285 # Configure vx0 as the backup port of swp1 and check that packets are 286 # forwarded out of swp1 when it has a carrier and out of vx0 when swp1 287 # does not have a carrier. 288 run_cmd "bridge -n $sw1 link set dev swp1 backup_port vx0" 289 run_cmd "bridge -n $sw1 -d link show dev swp1 | grep \"backup_port vx0\"" 290 log_test $? 0 "vx0 configured as backup port of swp1" 291 292 run_cmd "ip netns exec $sw1 mausezahn br0.10 -a $smac -b $dmac -A 198.51.100.1 -B 198.51.100.2 -t ip -p 100 -q -c 1" 293 tc_check_packets $sw1 "dev swp1 egress" 101 2 294 log_test $? 0 "Forwarding out of swp1" 295 tc_check_packets $sw1 "dev vx0 egress" 101 0 296 log_test $? 0 "No forwarding out of vx0" 297 298 run_cmd "ip -n $sw1 link set dev swp1 carrier off" 299 busywait $BUSYWAIT_TIMEOUT bridge_link_check $sw1 swp1 disabled 300 log_test $? 0 "swp1 carrier off" 301 302 run_cmd "ip netns exec $sw1 mausezahn br0.10 -a $smac -b $dmac -A 198.51.100.1 -B 198.51.100.2 -t ip -p 100 -q -c 1" 303 tc_check_packets $sw1 "dev swp1 egress" 101 2 304 log_test $? 0 "No forwarding out of swp1" 305 tc_check_packets $sw1 "dev vx0 egress" 101 1 306 log_test $? 0 "Forwarding out of vx0" 307 308 run_cmd "ip -n $sw1 link set dev swp1 carrier on" 309 busywait $BUSYWAIT_TIMEOUT bridge_link_check $sw1 swp1 forwarding 310 log_test $? 0 "swp1 carrier on" 311 312 run_cmd "ip netns exec $sw1 mausezahn br0.10 -a $smac -b $dmac -A 198.51.100.1 -B 198.51.100.2 -t ip -p 100 -q -c 1" 313 tc_check_packets $sw1 "dev swp1 egress" 101 3 314 log_test $? 0 "Forwarding out of swp1" 315 tc_check_packets $sw1 "dev vx0 egress" 101 1 316 log_test $? 0 "No forwarding out of vx0" 317 318 # Remove vx0 as the backup port of swp1 and check that packets are no 319 # longer forwarded out of vx0 when swp1 does not have a carrier. 320 run_cmd "bridge -n $sw1 link set dev swp1 nobackup_port" 321 run_cmd "bridge -n $sw1 -d link show dev swp1 | grep \"backup_port vx0\"" 322 log_test $? 1 "vx0 not configured as backup port of swp1" 323 324 run_cmd "ip netns exec $sw1 mausezahn br0.10 -a $smac -b $dmac -A 198.51.100.1 -B 198.51.100.2 -t ip -p 100 -q -c 1" 325 tc_check_packets $sw1 "dev swp1 egress" 101 4 326 log_test $? 0 "Forwarding out of swp1" 327 tc_check_packets $sw1 "dev vx0 egress" 101 1 328 log_test $? 0 "No forwarding out of vx0" 329 330 run_cmd "ip -n $sw1 link set dev swp1 carrier off" 331 busywait $BUSYWAIT_TIMEOUT bridge_link_check $sw1 swp1 disabled 332 log_test $? 0 "swp1 carrier off" 333 334 run_cmd "ip netns exec $sw1 mausezahn br0.10 -a $smac -b $dmac -A 198.51.100.1 -B 198.51.100.2 -t ip -p 100 -q -c 1" 335 tc_check_packets $sw1 "dev swp1 egress" 101 4 336 log_test $? 0 "No forwarding out of swp1" 337 tc_check_packets $sw1 "dev vx0 egress" 101 1 338 log_test $? 0 "No forwarding out of vx0" 339 } 340 341 backup_nhid() 342 { 343 local dmac=00:11:22:33:44:55 344 local smac=00:aa:bb:cc:dd:ee 345 346 echo 347 echo "Backup nexthop ID" 348 echo "-----------------" 349 350 run_cmd "tc -n $sw1 qdisc replace dev swp1 clsact" 351 run_cmd "tc -n $sw1 filter replace dev swp1 egress pref 1 handle 101 proto ip flower src_mac $smac dst_mac $dmac action pass" 352 353 run_cmd "tc -n $sw1 qdisc replace dev vx0 clsact" 354 run_cmd "tc -n $sw1 filter replace dev vx0 egress pref 1 handle 101 proto ip flower src_mac $smac dst_mac $dmac action pass" 355 356 run_cmd "ip -n $sw1 nexthop replace id 1 via 192.0.2.34 fdb" 357 run_cmd "ip -n $sw1 nexthop replace id 2 via 192.0.2.34 fdb" 358 run_cmd "ip -n $sw1 nexthop replace id 10 group 1/2 fdb" 359 360 run_cmd "bridge -n $sw1 fdb replace $dmac dev swp1 master static vlan 10" 361 run_cmd "bridge -n $sw1 fdb replace $dmac dev vx0 self static dst 192.0.2.36 src_vni 10010" 362 363 run_cmd "ip -n $sw2 address replace 192.0.2.36/32 dev lo" 364 365 # The first filter matches on packets forwarded using the backup 366 # nexthop ID and the second filter matches on packets forwarded using a 367 # regular VXLAN FDB entry. 368 run_cmd "tc -n $sw2 qdisc replace dev vx0 clsact" 369 run_cmd "tc -n $sw2 filter replace dev vx0 ingress pref 1 handle 101 proto ip flower src_mac $smac dst_mac $dmac enc_key_id 10010 enc_dst_ip 192.0.2.34 action pass" 370 run_cmd "tc -n $sw2 filter replace dev vx0 ingress pref 1 handle 102 proto ip flower src_mac $smac dst_mac $dmac enc_key_id 10010 enc_dst_ip 192.0.2.36 action pass" 371 372 # Configure vx0 as the backup port of swp1 and check that packets are 373 # forwarded out of swp1 when it has a carrier and out of vx0 when swp1 374 # does not have a carrier. When packets are forwarded out of vx0, check 375 # that they are forwarded by the VXLAN FDB entry. 376 run_cmd "bridge -n $sw1 link set dev swp1 backup_port vx0" 377 run_cmd "bridge -n $sw1 -d link show dev swp1 | grep \"backup_port vx0\"" 378 log_test $? 0 "vx0 configured as backup port of swp1" 379 380 run_cmd "ip netns exec $sw1 mausezahn br0.10 -a $smac -b $dmac -A 198.51.100.1 -B 198.51.100.2 -t ip -p 100 -q -c 1" 381 tc_check_packets $sw1 "dev swp1 egress" 101 1 382 log_test $? 0 "Forwarding out of swp1" 383 tc_check_packets $sw1 "dev vx0 egress" 101 0 384 log_test $? 0 "No forwarding out of vx0" 385 386 run_cmd "ip -n $sw1 link set dev swp1 carrier off" 387 busywait $BUSYWAIT_TIMEOUT bridge_link_check $sw1 swp1 disabled 388 log_test $? 0 "swp1 carrier off" 389 390 run_cmd "ip netns exec $sw1 mausezahn br0.10 -a $smac -b $dmac -A 198.51.100.1 -B 198.51.100.2 -t ip -p 100 -q -c 1" 391 tc_check_packets $sw1 "dev swp1 egress" 101 1 392 log_test $? 0 "No forwarding out of swp1" 393 tc_check_packets $sw1 "dev vx0 egress" 101 1 394 log_test $? 0 "Forwarding out of vx0" 395 tc_check_packets $sw2 "dev vx0 ingress" 101 0 396 log_test $? 0 "No forwarding using backup nexthop ID" 397 tc_check_packets $sw2 "dev vx0 ingress" 102 1 398 log_test $? 0 "Forwarding using VXLAN FDB entry" 399 400 run_cmd "ip -n $sw1 link set dev swp1 carrier on" 401 busywait $BUSYWAIT_TIMEOUT bridge_link_check $sw1 swp1 forwarding 402 log_test $? 0 "swp1 carrier on" 403 404 # Configure nexthop ID 10 as the backup nexthop ID of swp1 and check 405 # that when packets are forwarded out of vx0, they are forwarded using 406 # the backup nexthop ID. 407 run_cmd "bridge -n $sw1 link set dev swp1 backup_nhid 10" 408 run_cmd "bridge -n $sw1 -d link show dev swp1 | grep \"backup_nhid 10\"" 409 log_test $? 0 "nexthop ID 10 configured as backup nexthop ID of swp1" 410 411 run_cmd "ip netns exec $sw1 mausezahn br0.10 -a $smac -b $dmac -A 198.51.100.1 -B 198.51.100.2 -t ip -p 100 -q -c 1" 412 tc_check_packets $sw1 "dev swp1 egress" 101 2 413 log_test $? 0 "Forwarding out of swp1" 414 tc_check_packets $sw1 "dev vx0 egress" 101 1 415 log_test $? 0 "No forwarding out of vx0" 416 417 run_cmd "ip -n $sw1 link set dev swp1 carrier off" 418 busywait $BUSYWAIT_TIMEOUT bridge_link_check $sw1 swp1 disabled 419 log_test $? 0 "swp1 carrier off" 420 421 run_cmd "ip netns exec $sw1 mausezahn br0.10 -a $smac -b $dmac -A 198.51.100.1 -B 198.51.100.2 -t ip -p 100 -q -c 1" 422 tc_check_packets $sw1 "dev swp1 egress" 101 2 423 log_test $? 0 "No forwarding out of swp1" 424 tc_check_packets $sw1 "dev vx0 egress" 101 2 425 log_test $? 0 "Forwarding out of vx0" 426 tc_check_packets $sw2 "dev vx0 ingress" 101 1 427 log_test $? 0 "Forwarding using backup nexthop ID" 428 tc_check_packets $sw2 "dev vx0 ingress" 102 1 429 log_test $? 0 "No forwarding using VXLAN FDB entry" 430 431 run_cmd "ip -n $sw1 link set dev swp1 carrier on" 432 busywait $BUSYWAIT_TIMEOUT bridge_link_check $sw1 swp1 forwarding 433 log_test $? 0 "swp1 carrier on" 434 435 run_cmd "ip netns exec $sw1 mausezahn br0.10 -a $smac -b $dmac -A 198.51.100.1 -B 198.51.100.2 -t ip -p 100 -q -c 1" 436 tc_check_packets $sw1 "dev swp1 egress" 101 3 437 log_test $? 0 "Forwarding out of swp1" 438 tc_check_packets $sw1 "dev vx0 egress" 101 2 439 log_test $? 0 "No forwarding out of vx0" 440 tc_check_packets $sw2 "dev vx0 ingress" 101 1 441 log_test $? 0 "No forwarding using backup nexthop ID" 442 tc_check_packets $sw2 "dev vx0 ingress" 102 1 443 log_test $? 0 "No forwarding using VXLAN FDB entry" 444 445 # Reset the backup nexthop ID to 0 and check that packets are no longer 446 # forwarded using the backup nexthop ID when swp1 does not have a 447 # carrier and are instead forwarded by the VXLAN FDB. 448 run_cmd "bridge -n $sw1 link set dev swp1 backup_nhid 0" 449 run_cmd "bridge -n $sw1 -d link show dev swp1 | grep \"backup_nhid\"" 450 log_test $? 1 "No backup nexthop ID configured for swp1" 451 452 run_cmd "ip netns exec $sw1 mausezahn br0.10 -a $smac -b $dmac -A 198.51.100.1 -B 198.51.100.2 -t ip -p 100 -q -c 1" 453 tc_check_packets $sw1 "dev swp1 egress" 101 4 454 log_test $? 0 "Forwarding out of swp1" 455 tc_check_packets $sw1 "dev vx0 egress" 101 2 456 log_test $? 0 "No forwarding out of vx0" 457 tc_check_packets $sw2 "dev vx0 ingress" 101 1 458 log_test $? 0 "No forwarding using backup nexthop ID" 459 tc_check_packets $sw2 "dev vx0 ingress" 102 1 460 log_test $? 0 "No forwarding using VXLAN FDB entry" 461 462 run_cmd "ip -n $sw1 link set dev swp1 carrier off" 463 busywait $BUSYWAIT_TIMEOUT bridge_link_check $sw1 swp1 disabled 464 log_test $? 0 "swp1 carrier off" 465 466 run_cmd "ip netns exec $sw1 mausezahn br0.10 -a $smac -b $dmac -A 198.51.100.1 -B 198.51.100.2 -t ip -p 100 -q -c 1" 467 tc_check_packets $sw1 "dev swp1 egress" 101 4 468 log_test $? 0 "No forwarding out of swp1" 469 tc_check_packets $sw1 "dev vx0 egress" 101 3 470 log_test $? 0 "Forwarding out of vx0" 471 tc_check_packets $sw2 "dev vx0 ingress" 101 1 472 log_test $? 0 "No forwarding using backup nexthop ID" 473 tc_check_packets $sw2 "dev vx0 ingress" 102 2 474 log_test $? 0 "Forwarding using VXLAN FDB entry" 475 } 476 477 backup_nhid_invalid() 478 { 479 local dmac=00:11:22:33:44:55 480 local smac=00:aa:bb:cc:dd:ee 481 local tx_drop 482 483 echo 484 echo "Backup nexthop ID - invalid IDs" 485 echo "-------------------------------" 486 487 # Check that when traffic is redirected with an invalid nexthop ID, it 488 # is forwarded out of the VXLAN port, but dropped by the VXLAN driver 489 # and does not crash the host. 490 491 run_cmd "tc -n $sw1 qdisc replace dev swp1 clsact" 492 run_cmd "tc -n $sw1 filter replace dev swp1 egress pref 1 handle 101 proto ip flower src_mac $smac dst_mac $dmac action pass" 493 494 run_cmd "tc -n $sw1 qdisc replace dev vx0 clsact" 495 run_cmd "tc -n $sw1 filter replace dev vx0 egress pref 1 handle 101 proto ip flower src_mac $smac dst_mac $dmac action pass" 496 # Drop all other Tx traffic to avoid changes to Tx drop counter. 497 run_cmd "tc -n $sw1 filter replace dev vx0 egress pref 2 handle 102 proto all matchall action drop" 498 499 tx_drop=$(ip -n $sw1 -s -j link show dev vx0 | jq '.[]["stats64"]["tx"]["dropped"]') 500 501 run_cmd "ip -n $sw1 nexthop replace id 1 via 192.0.2.34 fdb" 502 run_cmd "ip -n $sw1 nexthop replace id 2 via 192.0.2.34 fdb" 503 run_cmd "ip -n $sw1 nexthop replace id 10 group 1/2 fdb" 504 505 run_cmd "bridge -n $sw1 fdb replace $dmac dev swp1 master static vlan 10" 506 507 run_cmd "tc -n $sw2 qdisc replace dev vx0 clsact" 508 run_cmd "tc -n $sw2 filter replace dev vx0 ingress pref 1 handle 101 proto ip flower src_mac $smac dst_mac $dmac enc_key_id 10010 enc_dst_ip 192.0.2.34 action pass" 509 510 # First, check that redirection works. 511 run_cmd "bridge -n $sw1 link set dev swp1 backup_port vx0" 512 run_cmd "bridge -n $sw1 -d link show dev swp1 | grep \"backup_port vx0\"" 513 log_test $? 0 "vx0 configured as backup port of swp1" 514 515 run_cmd "bridge -n $sw1 link set dev swp1 backup_nhid 10" 516 run_cmd "bridge -n $sw1 -d link show dev swp1 | grep \"backup_nhid 10\"" 517 log_test $? 0 "Valid nexthop as backup nexthop" 518 519 run_cmd "ip -n $sw1 link set dev swp1 carrier off" 520 busywait $BUSYWAIT_TIMEOUT bridge_link_check $sw1 swp1 disabled 521 log_test $? 0 "swp1 carrier off" 522 523 run_cmd "ip netns exec $sw1 mausezahn br0.10 -a $smac -b $dmac -A 198.51.100.1 -B 198.51.100.2 -t ip -p 100 -q -c 1" 524 tc_check_packets $sw1 "dev swp1 egress" 101 0 525 log_test $? 0 "No forwarding out of swp1" 526 tc_check_packets $sw1 "dev vx0 egress" 101 1 527 log_test $? 0 "Forwarding out of vx0" 528 tc_check_packets $sw2 "dev vx0 ingress" 101 1 529 log_test $? 0 "Forwarding using backup nexthop ID" 530 run_cmd "ip -n $sw1 -s -j link show dev vx0 | jq -e '.[][\"stats64\"][\"tx\"][\"dropped\"] == $tx_drop'" 531 log_test $? 0 "No Tx drop increase" 532 533 # Use a non-existent nexthop ID. 534 run_cmd "bridge -n $sw1 link set dev swp1 backup_nhid 20" 535 run_cmd "bridge -n $sw1 -d link show dev swp1 | grep \"backup_nhid 20\"" 536 log_test $? 0 "Non-existent nexthop as backup nexthop" 537 538 run_cmd "ip netns exec $sw1 mausezahn br0.10 -a $smac -b $dmac -A 198.51.100.1 -B 198.51.100.2 -t ip -p 100 -q -c 1" 539 tc_check_packets $sw1 "dev swp1 egress" 101 0 540 log_test $? 0 "No forwarding out of swp1" 541 tc_check_packets $sw1 "dev vx0 egress" 101 2 542 log_test $? 0 "Forwarding out of vx0" 543 tc_check_packets $sw2 "dev vx0 ingress" 101 1 544 log_test $? 0 "No forwarding using backup nexthop ID" 545 run_cmd "ip -n $sw1 -s -j link show dev vx0 | jq -e '.[][\"stats64\"][\"tx\"][\"dropped\"] == $((tx_drop + 1))'" 546 log_test $? 0 "Tx drop increased" 547 548 # Use a blckhole nexthop. 549 run_cmd "ip -n $sw1 nexthop replace id 30 blackhole" 550 run_cmd "bridge -n $sw1 link set dev swp1 backup_nhid 30" 551 run_cmd "bridge -n $sw1 -d link show dev swp1 | grep \"backup_nhid 30\"" 552 log_test $? 0 "Blackhole nexthop as backup nexthop" 553 554 run_cmd "ip netns exec $sw1 mausezahn br0.10 -a $smac -b $dmac -A 198.51.100.1 -B 198.51.100.2 -t ip -p 100 -q -c 1" 555 tc_check_packets $sw1 "dev swp1 egress" 101 0 556 log_test $? 0 "No forwarding out of swp1" 557 tc_check_packets $sw1 "dev vx0 egress" 101 3 558 log_test $? 0 "Forwarding out of vx0" 559 tc_check_packets $sw2 "dev vx0 ingress" 101 1 560 log_test $? 0 "No forwarding using backup nexthop ID" 561 run_cmd "ip -n $sw1 -s -j link show dev vx0 | jq -e '.[][\"stats64\"][\"tx\"][\"dropped\"] == $((tx_drop + 2))'" 562 log_test $? 0 "Tx drop increased" 563 564 # Non-group FDB nexthop. 565 run_cmd "bridge -n $sw1 link set dev swp1 backup_nhid 1" 566 run_cmd "bridge -n $sw1 -d link show dev swp1 | grep \"backup_nhid 1\"" 567 log_test $? 0 "Non-group FDB nexthop as backup nexthop" 568 569 run_cmd "ip netns exec $sw1 mausezahn br0.10 -a $smac -b $dmac -A 198.51.100.1 -B 198.51.100.2 -t ip -p 100 -q -c 1" 570 tc_check_packets $sw1 "dev swp1 egress" 101 0 571 log_test $? 0 "No forwarding out of swp1" 572 tc_check_packets $sw1 "dev vx0 egress" 101 4 573 log_test $? 0 "Forwarding out of vx0" 574 tc_check_packets $sw2 "dev vx0 ingress" 101 1 575 log_test $? 0 "No forwarding using backup nexthop ID" 576 run_cmd "ip -n $sw1 -s -j link show dev vx0 | jq -e '.[][\"stats64\"][\"tx\"][\"dropped\"] == $((tx_drop + 3))'" 577 log_test $? 0 "Tx drop increased" 578 579 # IPv6 address family nexthop. 580 run_cmd "ip -n $sw1 nexthop replace id 100 via 2001:db8:100::1 fdb" 581 run_cmd "ip -n $sw1 nexthop replace id 200 via 2001:db8:100::1 fdb" 582 run_cmd "ip -n $sw1 nexthop replace id 300 group 100/200 fdb" 583 run_cmd "bridge -n $sw1 link set dev swp1 backup_nhid 300" 584 run_cmd "bridge -n $sw1 -d link show dev swp1 | grep \"backup_nhid 300\"" 585 log_test $? 0 "IPv6 address family nexthop as backup nexthop" 586 587 run_cmd "ip netns exec $sw1 mausezahn br0.10 -a $smac -b $dmac -A 198.51.100.1 -B 198.51.100.2 -t ip -p 100 -q -c 1" 588 tc_check_packets $sw1 "dev swp1 egress" 101 0 589 log_test $? 0 "No forwarding out of swp1" 590 tc_check_packets $sw1 "dev vx0 egress" 101 5 591 log_test $? 0 "Forwarding out of vx0" 592 tc_check_packets $sw2 "dev vx0 ingress" 101 1 593 log_test $? 0 "No forwarding using backup nexthop ID" 594 run_cmd "ip -n $sw1 -s -j link show dev vx0 | jq -e '.[][\"stats64\"][\"tx\"][\"dropped\"] == $((tx_drop + 4))'" 595 log_test $? 0 "Tx drop increased" 596 } 597 598 backup_nhid_ping() 599 { 600 local sw1_mac 601 local sw2_mac 602 603 echo 604 echo "Backup nexthop ID - ping" 605 echo "------------------------" 606 607 # Test bidirectional traffic when traffic is redirected in both VTEPs. 608 sw1_mac=$(ip -n $sw1 -j -p link show br0.10 | jq -r '.[]["address"]') 609 sw2_mac=$(ip -n $sw2 -j -p link show br0.10 | jq -r '.[]["address"]') 610 611 run_cmd "bridge -n $sw1 fdb replace $sw2_mac dev swp1 master static vlan 10" 612 run_cmd "bridge -n $sw2 fdb replace $sw1_mac dev swp1 master static vlan 10" 613 614 run_cmd "ip -n $sw1 neigh replace 192.0.2.66 lladdr $sw2_mac nud perm dev br0.10" 615 run_cmd "ip -n $sw2 neigh replace 192.0.2.65 lladdr $sw1_mac nud perm dev br0.10" 616 617 run_cmd "ip -n $sw1 nexthop replace id 1 via 192.0.2.34 fdb" 618 run_cmd "ip -n $sw2 nexthop replace id 1 via 192.0.2.33 fdb" 619 run_cmd "ip -n $sw1 nexthop replace id 10 group 1 fdb" 620 run_cmd "ip -n $sw2 nexthop replace id 10 group 1 fdb" 621 622 run_cmd "bridge -n $sw1 link set dev swp1 backup_port vx0" 623 run_cmd "bridge -n $sw2 link set dev swp1 backup_port vx0" 624 run_cmd "bridge -n $sw1 link set dev swp1 backup_nhid 10" 625 run_cmd "bridge -n $sw2 link set dev swp1 backup_nhid 10" 626 627 run_cmd "ip -n $sw1 link set dev swp1 carrier off" 628 busywait $BUSYWAIT_TIMEOUT bridge_link_check $sw1 swp1 disabled 629 run_cmd "ip -n $sw2 link set dev swp1 carrier off" 630 busywait $BUSYWAIT_TIMEOUT bridge_link_check $sw2 swp1 disabled 631 632 run_cmd "ip netns exec $sw1 ping -i 0.1 -c 10 -w $PING_TIMEOUT 192.0.2.66" 633 log_test $? 0 "Ping with backup nexthop ID" 634 635 # Reset the backup nexthop ID to 0 and check that ping fails. 636 run_cmd "bridge -n $sw1 link set dev swp1 backup_nhid 0" 637 run_cmd "bridge -n $sw2 link set dev swp1 backup_nhid 0" 638 639 run_cmd "ip netns exec $sw1 ping -i 0.1 -c 10 -w $PING_TIMEOUT 192.0.2.66" 640 log_test $? 1 "Ping after disabling backup nexthop ID" 641 } 642 643 backup_nhid_add_del_loop() 644 { 645 while true; do 646 ip -n $sw1 nexthop del id 10 647 ip -n $sw1 nexthop replace id 10 group 1/2 fdb 648 done >/dev/null 2>&1 649 } 650 651 backup_nhid_torture() 652 { 653 local dmac=00:11:22:33:44:55 654 local smac=00:aa:bb:cc:dd:ee 655 local pid1 656 local pid2 657 local pid3 658 659 echo 660 echo "Backup nexthop ID - torture test" 661 echo "--------------------------------" 662 663 # Continuously send traffic through the backup nexthop while adding and 664 # deleting the group. The test is considered successful if nothing 665 # crashed. 666 667 run_cmd "ip -n $sw1 nexthop replace id 1 via 192.0.2.34 fdb" 668 run_cmd "ip -n $sw1 nexthop replace id 2 via 192.0.2.34 fdb" 669 run_cmd "ip -n $sw1 nexthop replace id 10 group 1/2 fdb" 670 671 run_cmd "bridge -n $sw1 fdb replace $dmac dev swp1 master static vlan 10" 672 673 run_cmd "bridge -n $sw1 link set dev swp1 backup_port vx0" 674 run_cmd "bridge -n $sw1 link set dev swp1 backup_nhid 10" 675 run_cmd "ip -n $sw1 link set dev swp1 carrier off" 676 677 backup_nhid_add_del_loop & 678 pid1=$! 679 ip netns exec $sw1 mausezahn br0.10 -a $smac -b $dmac -A 198.51.100.1 -B 198.51.100.2 -t ip -p 100 -q -c 0 & 680 pid2=$! 681 682 sleep 30 683 kill -9 $pid1 $pid2 684 wait $pid1 $pid2 2>/dev/null 685 686 log_test 0 0 "Torture test" 687 } 688 689 ################################################################################ 690 # Usage 691 692 usage() 693 { 694 cat <<EOF 695 usage: ${0##*/} OPTS 696 697 -t <test> Test(s) to run (default: all) 698 (options: $TESTS) 699 -p Pause on fail 700 -P Pause after each test before cleanup 701 -v Verbose mode (show commands and output) 702 -w Timeout for ping 703 EOF 704 } 705 706 ################################################################################ 707 # Main 708 709 trap cleanup EXIT 710 711 while getopts ":t:pPvhw:" opt; do 712 case $opt in 713 t) TESTS=$OPTARG;; 714 p) PAUSE_ON_FAIL=yes;; 715 P) PAUSE=yes;; 716 v) VERBOSE=$(($VERBOSE + 1));; 717 w) PING_TIMEOUT=$OPTARG;; 718 h) usage; exit 0;; 719 *) usage; exit 1;; 720 esac 721 done 722 723 # Make sure we don't pause twice. 724 [ "${PAUSE}" = "yes" ] && PAUSE_ON_FAIL=no 725 726 if [ "$(id -u)" -ne 0 ];then 727 echo "SKIP: Need root privileges" 728 exit $ksft_skip; 729 fi 730 731 if [ ! -x "$(command -v ip)" ]; then 732 echo "SKIP: Could not run test without ip tool" 733 exit $ksft_skip 734 fi 735 736 if [ ! -x "$(command -v bridge)" ]; then 737 echo "SKIP: Could not run test without bridge tool" 738 exit $ksft_skip 739 fi 740 741 if [ ! -x "$(command -v tc)" ]; then 742 echo "SKIP: Could not run test without tc tool" 743 exit $ksft_skip 744 fi 745 746 if [ ! -x "$(command -v mausezahn)" ]; then 747 echo "SKIP: Could not run test without mausezahn tool" 748 exit $ksft_skip 749 fi 750 751 if [ ! -x "$(command -v jq)" ]; then 752 echo "SKIP: Could not run test without jq tool" 753 exit $ksft_skip 754 fi 755 756 bridge link help 2>&1 | grep -q "backup_nhid" 757 if [ $? -ne 0 ]; then 758 echo "SKIP: iproute2 bridge too old, missing backup nexthop ID support" 759 exit $ksft_skip 760 fi 761 762 # Start clean. 763 cleanup 764 765 for t in $TESTS 766 do 767 setup; $t; cleanup; 768 done 769 770 if [ "$TESTS" != "none" ]; then 771 printf "\nTests passed: %3d\n" ${nsuccess} 772 printf "Tests failed: %3d\n" ${nfail} 773 fi 774 775 exit $ret
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.