tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0
3#
4# This test is for checking VXLAN MDB functionality. The topology consists of
5# two sets of namespaces: One for the testing of IPv4 underlay and another for
6# IPv6. In both cases, both IPv4 and IPv6 overlay traffic are tested.
7#
8# Data path functionality is tested by sending traffic from one of the upper
9# namespaces and checking using ingress tc filters that the expected traffic
10# was received by one of the lower namespaces.
11#
12# +------------------------------------+ +------------------------------------+
13# | ns1_v4 | | ns1_v6 |
14# | | | |
15# | br0.10 br0.4000 br0.20 | | br0.10 br0.4000 br0.20 |
16# | + + + | | + + + |
17# | | | | | | | | | |
18# | | | | | | | | | |
19# | +---------+---------+ | | +---------+---------+ |
20# | | | | | |
21# | | | | | |
22# | + | | + |
23# | br0 | | br0 |
24# | + | | + |
25# | | | | | |
26# | | | | | |
27# | + | | + |
28# | vx0 | | vx0 |
29# | | | |
30# | | | |
31# | veth0 | | veth0 |
32# | + | | + |
33# +-----------------|------------------+ +-----------------|------------------+
34# | |
35# +-----------------|------------------+ +-----------------|------------------+
36# | + | | + |
37# | veth0 | | veth0 |
38# | | | |
39# | | | |
40# | vx0 | | vx0 |
41# | + | | + |
42# | | | | | |
43# | | | | | |
44# | + | | + |
45# | br0 | | br0 |
46# | + | | + |
47# | | | | | |
48# | | | | | |
49# | +---------+---------+ | | +---------+---------+ |
50# | | | | | | | | | |
51# | | | | | | | | | |
52# | + + + | | + + + |
53# | br0.10 br0.4000 br0.10 | | br0.10 br0.4000 br0.20 |
54# | | | |
55# | ns2_v4 | | ns2_v6 |
56# +------------------------------------+ +------------------------------------+
57
58ret=0
59# Kselftest framework requirement - SKIP code is 4.
60ksft_skip=4
61
62CONTROL_PATH_TESTS="
63 basic_star_g_ipv4_ipv4
64 basic_star_g_ipv6_ipv4
65 basic_star_g_ipv4_ipv6
66 basic_star_g_ipv6_ipv6
67 basic_sg_ipv4_ipv4
68 basic_sg_ipv6_ipv4
69 basic_sg_ipv4_ipv6
70 basic_sg_ipv6_ipv6
71 star_g_ipv4_ipv4
72 star_g_ipv6_ipv4
73 star_g_ipv4_ipv6
74 star_g_ipv6_ipv6
75 sg_ipv4_ipv4
76 sg_ipv6_ipv4
77 sg_ipv4_ipv6
78 sg_ipv6_ipv6
79 dump_ipv4_ipv4
80 dump_ipv6_ipv4
81 dump_ipv4_ipv6
82 dump_ipv6_ipv6
83"
84
85DATA_PATH_TESTS="
86 encap_params_ipv4_ipv4
87 encap_params_ipv6_ipv4
88 encap_params_ipv4_ipv6
89 encap_params_ipv6_ipv6
90 starg_exclude_ir_ipv4_ipv4
91 starg_exclude_ir_ipv6_ipv4
92 starg_exclude_ir_ipv4_ipv6
93 starg_exclude_ir_ipv6_ipv6
94 starg_include_ir_ipv4_ipv4
95 starg_include_ir_ipv6_ipv4
96 starg_include_ir_ipv4_ipv6
97 starg_include_ir_ipv6_ipv6
98 starg_exclude_p2mp_ipv4_ipv4
99 starg_exclude_p2mp_ipv6_ipv4
100 starg_exclude_p2mp_ipv4_ipv6
101 starg_exclude_p2mp_ipv6_ipv6
102 starg_include_p2mp_ipv4_ipv4
103 starg_include_p2mp_ipv6_ipv4
104 starg_include_p2mp_ipv4_ipv6
105 starg_include_p2mp_ipv6_ipv6
106 egress_vni_translation_ipv4_ipv4
107 egress_vni_translation_ipv6_ipv4
108 egress_vni_translation_ipv4_ipv6
109 egress_vni_translation_ipv6_ipv6
110 all_zeros_mdb_ipv4
111 all_zeros_mdb_ipv6
112 mdb_fdb_ipv4_ipv4
113 mdb_fdb_ipv6_ipv4
114 mdb_fdb_ipv4_ipv6
115 mdb_fdb_ipv6_ipv6
116 mdb_torture_ipv4_ipv4
117 mdb_torture_ipv6_ipv4
118 mdb_torture_ipv4_ipv6
119 mdb_torture_ipv6_ipv6
120"
121
122# All tests in this script. Can be overridden with -t option.
123TESTS="
124 $CONTROL_PATH_TESTS
125 $DATA_PATH_TESTS
126"
127VERBOSE=0
128PAUSE_ON_FAIL=no
129PAUSE=no
130
131################################################################################
132# Utilities
133
134log_test()
135{
136 local rc=$1
137 local expected=$2
138 local msg="$3"
139
140 if [ ${rc} -eq ${expected} ]; then
141 printf "TEST: %-60s [ OK ]\n" "${msg}"
142 nsuccess=$((nsuccess+1))
143 else
144 ret=1
145 nfail=$((nfail+1))
146 printf "TEST: %-60s [FAIL]\n" "${msg}"
147 if [ "$VERBOSE" = "1" ]; then
148 echo " rc=$rc, expected $expected"
149 fi
150
151 if [ "${PAUSE_ON_FAIL}" = "yes" ]; then
152 echo
153 echo "hit enter to continue, 'q' to quit"
154 read a
155 [ "$a" = "q" ] && exit 1
156 fi
157 fi
158
159 if [ "${PAUSE}" = "yes" ]; then
160 echo
161 echo "hit enter to continue, 'q' to quit"
162 read a
163 [ "$a" = "q" ] && exit 1
164 fi
165
166 [ "$VERBOSE" = "1" ] && echo
167}
168
169run_cmd()
170{
171 local cmd="$1"
172 local out
173 local stderr="2>/dev/null"
174
175 if [ "$VERBOSE" = "1" ]; then
176 printf "COMMAND: $cmd\n"
177 stderr=
178 fi
179
180 out=$(eval $cmd $stderr)
181 rc=$?
182 if [ "$VERBOSE" = "1" -a -n "$out" ]; then
183 echo " $out"
184 fi
185
186 return $rc
187}
188
189tc_check_packets()
190{
191 local ns=$1; shift
192 local id=$1; shift
193 local handle=$1; shift
194 local count=$1; shift
195 local pkts
196
197 sleep 0.1
198 pkts=$(tc -n $ns -j -s filter show $id \
199 | jq ".[] | select(.options.handle == $handle) | \
200 .options.actions[0].stats.packets")
201 [[ $pkts == $count ]]
202}
203
204################################################################################
205# Setup
206
207setup_common_ns()
208{
209 local ns=$1; shift
210 local local_addr=$1; shift
211
212 ip netns exec $ns sysctl -qw net.ipv4.ip_forward=1
213 ip netns exec $ns sysctl -qw net.ipv4.fib_multipath_use_neigh=1
214 ip netns exec $ns sysctl -qw net.ipv4.conf.default.ignore_routes_with_linkdown=1
215 ip netns exec $ns sysctl -qw net.ipv6.conf.all.keep_addr_on_down=1
216 ip netns exec $ns sysctl -qw net.ipv6.conf.all.forwarding=1
217 ip netns exec $ns sysctl -qw net.ipv6.conf.default.forwarding=1
218 ip netns exec $ns sysctl -qw net.ipv6.conf.default.ignore_routes_with_linkdown=1
219 ip netns exec $ns sysctl -qw net.ipv6.conf.all.accept_dad=0
220 ip netns exec $ns sysctl -qw net.ipv6.conf.default.accept_dad=0
221
222 ip -n $ns link set dev lo up
223 ip -n $ns address add $local_addr dev lo
224
225 ip -n $ns link set dev veth0 up
226
227 ip -n $ns link add name br0 up type bridge vlan_filtering 1 \
228 vlan_default_pvid 0 mcast_snooping 0
229
230 ip -n $ns link add link br0 name br0.10 up type vlan id 10
231 bridge -n $ns vlan add vid 10 dev br0 self
232
233 ip -n $ns link add link br0 name br0.20 up type vlan id 20
234 bridge -n $ns vlan add vid 20 dev br0 self
235
236 ip -n $ns link add link br0 name br0.4000 up type vlan id 4000
237 bridge -n $ns vlan add vid 4000 dev br0 self
238
239 ip -n $ns link add name vx0 up master br0 type vxlan \
240 local $local_addr dstport 4789 external vnifilter
241 bridge -n $ns link set dev vx0 vlan_tunnel on
242
243 bridge -n $ns vlan add vid 10 dev vx0
244 bridge -n $ns vlan add vid 10 dev vx0 tunnel_info id 10010
245 bridge -n $ns vni add vni 10010 dev vx0
246
247 bridge -n $ns vlan add vid 20 dev vx0
248 bridge -n $ns vlan add vid 20 dev vx0 tunnel_info id 10020
249 bridge -n $ns vni add vni 10020 dev vx0
250
251 bridge -n $ns vlan add vid 4000 dev vx0 pvid
252 bridge -n $ns vlan add vid 4000 dev vx0 tunnel_info id 14000
253 bridge -n $ns vni add vni 14000 dev vx0
254}
255
256setup_common()
257{
258 local ns1=$1; shift
259 local ns2=$1; shift
260 local local_addr1=$1; shift
261 local local_addr2=$1; shift
262
263 ip netns add $ns1
264 ip netns add $ns2
265
266 ip link add name veth0 type veth peer name veth1
267 ip link set dev veth0 netns $ns1 name veth0
268 ip link set dev veth1 netns $ns2 name veth0
269
270 setup_common_ns $ns1 $local_addr1
271 setup_common_ns $ns2 $local_addr2
272}
273
274setup_v4()
275{
276 setup_common ns1_v4 ns2_v4 192.0.2.1 192.0.2.2
277
278 ip -n ns1_v4 address add 192.0.2.17/28 dev veth0
279 ip -n ns2_v4 address add 192.0.2.18/28 dev veth0
280
281 ip -n ns1_v4 route add default via 192.0.2.18
282 ip -n ns2_v4 route add default via 192.0.2.17
283}
284
285cleanup_v4()
286{
287 ip netns del ns2_v4
288 ip netns del ns1_v4
289}
290
291setup_v6()
292{
293 setup_common ns1_v6 ns2_v6 2001:db8:1::1 2001:db8:1::2
294
295 ip -n ns1_v6 address add 2001:db8:2::1/64 dev veth0 nodad
296 ip -n ns2_v6 address add 2001:db8:2::2/64 dev veth0 nodad
297
298 ip -n ns1_v6 route add default via 2001:db8:2::2
299 ip -n ns2_v6 route add default via 2001:db8:2::1
300}
301
302cleanup_v6()
303{
304 ip netns del ns2_v6
305 ip netns del ns1_v6
306}
307
308setup()
309{
310 set -e
311
312 setup_v4
313 setup_v6
314
315 sleep 5
316
317 set +e
318}
319
320cleanup()
321{
322 cleanup_v6 &> /dev/null
323 cleanup_v4 &> /dev/null
324}
325
326################################################################################
327# Tests - Control path
328
329basic_common()
330{
331 local ns1=$1; shift
332 local grp_key=$1; shift
333 local vtep_ip=$1; shift
334
335 # Test basic control path operations common to all MDB entry types.
336
337 # Basic add, replace and delete behavior.
338 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
339 log_test $? 0 "MDB entry addition"
340 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep \"$grp_key\""
341 log_test $? 0 "MDB entry presence after addition"
342
343 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
344 log_test $? 0 "MDB entry replacement"
345 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep \"$grp_key\""
346 log_test $? 0 "MDB entry presence after replacement"
347
348 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
349 log_test $? 0 "MDB entry deletion"
350 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep \"$grp_key\""
351 log_test $? 1 "MDB entry presence after deletion"
352
353 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
354 log_test $? 255 "Non-existent MDB entry deletion"
355
356 # Default protocol and replacement.
357 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
358 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep \"$grp_key\" | grep \"proto static\""
359 log_test $? 0 "MDB entry default protocol"
360
361 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 $grp_key permanent proto 123 dst $vtep_ip src_vni 10010"
362 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep \"$grp_key\" | grep \"proto 123\""
363 log_test $? 0 "MDB entry protocol replacement"
364
365 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
366
367 # Default destination port and replacement.
368 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
369 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep \"$grp_key\" | grep \" dst_port \""
370 log_test $? 1 "MDB entry default destination port"
371
372 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 $grp_key permanent dst $vtep_ip dst_port 1234 src_vni 10010"
373 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep \"$grp_key\" | grep \"dst_port 1234\""
374 log_test $? 0 "MDB entry destination port replacement"
375
376 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
377
378 # Default destination VNI and replacement.
379 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
380 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep \"$grp_key\" | grep \" vni \""
381 log_test $? 1 "MDB entry default destination VNI"
382
383 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 $grp_key permanent dst $vtep_ip vni 1234 src_vni 10010"
384 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep \"$grp_key\" | grep \"vni 1234\""
385 log_test $? 0 "MDB entry destination VNI replacement"
386
387 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
388
389 # Default outgoing interface and replacement.
390 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
391 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep \"$grp_key\" | grep \" via \""
392 log_test $? 1 "MDB entry default outgoing interface"
393
394 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010 via veth0"
395 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep \"$grp_key\" | grep \"via veth0\""
396 log_test $? 0 "MDB entry outgoing interface replacement"
397
398 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
399
400 # Common error cases.
401 run_cmd "bridge -n $ns1 mdb add dev vx0 port veth0 $grp_key permanent dst $vtep_ip src_vni 10010"
402 log_test $? 255 "MDB entry with mismatch between device and port"
403
404 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key temp dst $vtep_ip src_vni 10010"
405 log_test $? 255 "MDB entry with temp state"
406
407 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent vid 10 dst $vtep_ip src_vni 10010"
408 log_test $? 255 "MDB entry with VLAN"
409
410 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp 01:02:03:04:05:06 permanent dst $vtep_ip src_vni 10010"
411 log_test $? 255 "MDB entry MAC address"
412
413 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent"
414 log_test $? 255 "MDB entry without extended parameters"
415
416 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent proto 3 dst $vtep_ip src_vni 10010"
417 log_test $? 255 "MDB entry with an invalid protocol"
418
419 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip vni $((2 ** 24)) src_vni 10010"
420 log_test $? 255 "MDB entry with an invalid destination VNI"
421
422 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni $((2 ** 24))"
423 log_test $? 255 "MDB entry with an invalid source VNI"
424
425 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent src_vni 10010"
426 log_test $? 255 "MDB entry without a remote destination IP"
427
428 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
429 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
430 log_test $? 255 "Duplicate MDB entries"
431 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
432}
433
434basic_star_g_ipv4_ipv4()
435{
436 local ns1=ns1_v4
437 local grp_key="grp 239.1.1.1"
438 local vtep_ip=198.51.100.100
439
440 echo
441 echo "Control path: Basic (*, G) operations - IPv4 overlay / IPv4 underlay"
442 echo "--------------------------------------------------------------------"
443
444 basic_common $ns1 "$grp_key" $vtep_ip
445}
446
447basic_star_g_ipv6_ipv4()
448{
449 local ns1=ns1_v4
450 local grp_key="grp ff0e::1"
451 local vtep_ip=198.51.100.100
452
453 echo
454 echo "Control path: Basic (*, G) operations - IPv6 overlay / IPv4 underlay"
455 echo "--------------------------------------------------------------------"
456
457 basic_common $ns1 "$grp_key" $vtep_ip
458}
459
460basic_star_g_ipv4_ipv6()
461{
462 local ns1=ns1_v6
463 local grp_key="grp 239.1.1.1"
464 local vtep_ip=2001:db8:1000::1
465
466 echo
467 echo "Control path: Basic (*, G) operations - IPv4 overlay / IPv6 underlay"
468 echo "--------------------------------------------------------------------"
469
470 basic_common $ns1 "$grp_key" $vtep_ip
471}
472
473basic_star_g_ipv6_ipv6()
474{
475 local ns1=ns1_v6
476 local grp_key="grp ff0e::1"
477 local vtep_ip=2001:db8:1000::1
478
479 echo
480 echo "Control path: Basic (*, G) operations - IPv6 overlay / IPv6 underlay"
481 echo "--------------------------------------------------------------------"
482
483 basic_common $ns1 "$grp_key" $vtep_ip
484}
485
486basic_sg_ipv4_ipv4()
487{
488 local ns1=ns1_v4
489 local grp_key="grp 239.1.1.1 src 192.0.2.129"
490 local vtep_ip=198.51.100.100
491
492 echo
493 echo "Control path: Basic (S, G) operations - IPv4 overlay / IPv4 underlay"
494 echo "--------------------------------------------------------------------"
495
496 basic_common $ns1 "$grp_key" $vtep_ip
497}
498
499basic_sg_ipv6_ipv4()
500{
501 local ns1=ns1_v4
502 local grp_key="grp ff0e::1 src 2001:db8:100::1"
503 local vtep_ip=198.51.100.100
504
505 echo
506 echo "Control path: Basic (S, G) operations - IPv6 overlay / IPv4 underlay"
507 echo "---------------------------------------------------------------------"
508
509 basic_common $ns1 "$grp_key" $vtep_ip
510}
511
512basic_sg_ipv4_ipv6()
513{
514 local ns1=ns1_v6
515 local grp_key="grp 239.1.1.1 src 192.0.2.129"
516 local vtep_ip=2001:db8:1000::1
517
518 echo
519 echo "Control path: Basic (S, G) operations - IPv4 overlay / IPv6 underlay"
520 echo "--------------------------------------------------------------------"
521
522 basic_common $ns1 "$grp_key" $vtep_ip
523}
524
525basic_sg_ipv6_ipv6()
526{
527 local ns1=ns1_v6
528 local grp_key="grp ff0e::1 src 2001:db8:100::1"
529 local vtep_ip=2001:db8:1000::1
530
531 echo
532 echo "Control path: Basic (S, G) operations - IPv6 overlay / IPv6 underlay"
533 echo "--------------------------------------------------------------------"
534
535 basic_common $ns1 "$grp_key" $vtep_ip
536}
537
538star_g_common()
539{
540 local ns1=$1; shift
541 local grp=$1; shift
542 local src1=$1; shift
543 local src2=$1; shift
544 local src3=$1; shift
545 local vtep_ip=$1; shift
546 local all_zeros_grp=$1; shift
547
548 # Test control path operations specific to (*, G) entries.
549
550 # Basic add, replace and delete behavior.
551 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
552 log_test $? 0 "(*, G) MDB entry addition with source list"
553 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep -v \" src \""
554 log_test $? 0 "(*, G) MDB entry presence after addition"
555 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep \"src $src1\""
556 log_test $? 0 "(S, G) MDB entry presence after addition"
557
558 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
559 log_test $? 0 "(*, G) MDB entry replacement with source list"
560 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep -v \" src \""
561 log_test $? 0 "(*, G) MDB entry presence after replacement"
562 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep \"src $src1\""
563 log_test $? 0 "(S, G) MDB entry presence after replacement"
564
565 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
566 log_test $? 0 "(*, G) MDB entry deletion"
567 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep -v \" src \""
568 log_test $? 1 "(*, G) MDB entry presence after deletion"
569 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep \"src $src1\""
570 log_test $? 1 "(S, G) MDB entry presence after deletion"
571
572 # Default filter mode and replacement.
573 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent dst $vtep_ip src_vni 10010"
574 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep exclude"
575 log_test $? 0 "(*, G) MDB entry default filter mode"
576
577 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode include source_list $src1 dst $vtep_ip src_vni 10010"
578 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep include"
579 log_test $? 0 "(*, G) MDB entry after replacing filter mode to \"include\""
580 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep \"src $src1\""
581 log_test $? 0 "(S, G) MDB entry after replacing filter mode to \"include\""
582 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep \"src $src1\" | grep blocked"
583 log_test $? 1 "\"blocked\" flag after replacing filter mode to \"include\""
584
585 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
586 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep exclude"
587 log_test $? 0 "(*, G) MDB entry after replacing filter mode to \"exclude\""
588 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep \"src $src1\""
589 log_test $? 0 "(S, G) MDB entry after replacing filter mode to \"exclude\""
590 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep \"src $src1\" | grep blocked"
591 log_test $? 0 "\"blocked\" flag after replacing filter mode to \"exclude\""
592
593 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
594
595 # Default source list and replacement.
596 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent dst $vtep_ip src_vni 10010"
597 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep source_list"
598 log_test $? 1 "(*, G) MDB entry default source list"
599
600 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1,$src2,$src3 dst $vtep_ip src_vni 10010"
601 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep \"src $src1\""
602 log_test $? 0 "(S, G) MDB entry of 1st source after replacing source list"
603 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep \"src $src2\""
604 log_test $? 0 "(S, G) MDB entry of 2nd source after replacing source list"
605 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep \"src $src3\""
606 log_test $? 0 "(S, G) MDB entry of 3rd source after replacing source list"
607
608 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1,$src3 dst $vtep_ip src_vni 10010"
609 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep \"src $src1\""
610 log_test $? 0 "(S, G) MDB entry of 1st source after removing source"
611 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep \"src $src2\""
612 log_test $? 1 "(S, G) MDB entry of 2nd source after removing source"
613 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep \"src $src3\""
614 log_test $? 0 "(S, G) MDB entry of 3rd source after removing source"
615
616 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
617
618 # Default protocol and replacement.
619 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
620 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep -v \" src \" | grep \"proto static\""
621 log_test $? 0 "(*, G) MDB entry default protocol"
622 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep \" src \" | grep \"proto static\""
623 log_test $? 0 "(S, G) MDB entry default protocol"
624
625 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 proto bgp dst $vtep_ip src_vni 10010"
626 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep -v \" src \" | grep \"proto bgp\""
627 log_test $? 0 "(*, G) MDB entry protocol after replacement"
628 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep \" src \" | grep \"proto bgp\""
629 log_test $? 0 "(S, G) MDB entry protocol after replacement"
630
631 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
632
633 # Default destination port and replacement.
634 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
635 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep -v \" src \" | grep \" dst_port \""
636 log_test $? 1 "(*, G) MDB entry default destination port"
637 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep \" src \" | grep \" dst_port \""
638 log_test $? 1 "(S, G) MDB entry default destination port"
639
640 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip dst_port 1234 src_vni 10010"
641 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep -v \" src \" | grep \" dst_port 1234 \""
642 log_test $? 0 "(*, G) MDB entry destination port after replacement"
643 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep \" src \" | grep \" dst_port 1234 \""
644 log_test $? 0 "(S, G) MDB entry destination port after replacement"
645
646 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
647
648 # Default destination VNI and replacement.
649 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
650 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep -v \" src \" | grep \" vni \""
651 log_test $? 1 "(*, G) MDB entry default destination VNI"
652 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep \" src \" | grep \" vni \""
653 log_test $? 1 "(S, G) MDB entry default destination VNI"
654
655 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip vni 1234 src_vni 10010"
656 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep -v \" src \" | grep \" vni 1234 \""
657 log_test $? 0 "(*, G) MDB entry destination VNI after replacement"
658 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep \" src \" | grep \" vni 1234 \""
659 log_test $? 0 "(S, G) MDB entry destination VNI after replacement"
660
661 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
662
663 # Default outgoing interface and replacement.
664 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
665 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep -v \" src \" | grep \" via \""
666 log_test $? 1 "(*, G) MDB entry default outgoing interface"
667 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep \" src \" | grep \" via \""
668 log_test $? 1 "(S, G) MDB entry default outgoing interface"
669
670 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010 via veth0"
671 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep -v \" src \" | grep \" via veth0 \""
672 log_test $? 0 "(*, G) MDB entry outgoing interface after replacement"
673 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep \" src \" | grep \" via veth0 \""
674 log_test $? 0 "(S, G) MDB entry outgoing interface after replacement"
675
676 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
677
678 # Error cases.
679 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $all_zeros_grp permanent filter_mode exclude dst $vtep_ip src_vni 10010"
680 log_test $? 255 "All-zeros group with filter mode"
681
682 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $all_zeros_grp permanent source_list $src1 dst $vtep_ip src_vni 10010"
683 log_test $? 255 "All-zeros group with source list"
684
685 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode include dst $vtep_ip src_vni 10010"
686 log_test $? 255 "(*, G) INCLUDE with an empty source list"
687
688 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $grp dst $vtep_ip src_vni 10010"
689 log_test $? 255 "Invalid source in source list"
690
691 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent source_list $src1 dst $vtep_ip src_vni 10010"
692 log_test $? 255 "Source list without filter mode"
693}
694
695star_g_ipv4_ipv4()
696{
697 local ns1=ns1_v4
698 local grp=239.1.1.1
699 local src1=192.0.2.129
700 local src2=192.0.2.130
701 local src3=192.0.2.131
702 local vtep_ip=198.51.100.100
703 local all_zeros_grp=0.0.0.0
704
705 echo
706 echo "Control path: (*, G) operations - IPv4 overlay / IPv4 underlay"
707 echo "--------------------------------------------------------------"
708
709 star_g_common $ns1 $grp $src1 $src2 $src3 $vtep_ip $all_zeros_grp
710}
711
712star_g_ipv6_ipv4()
713{
714 local ns1=ns1_v4
715 local grp=ff0e::1
716 local src1=2001:db8:100::1
717 local src2=2001:db8:100::2
718 local src3=2001:db8:100::3
719 local vtep_ip=198.51.100.100
720 local all_zeros_grp=::
721
722 echo
723 echo "Control path: (*, G) operations - IPv6 overlay / IPv4 underlay"
724 echo "--------------------------------------------------------------"
725
726 star_g_common $ns1 $grp $src1 $src2 $src3 $vtep_ip $all_zeros_grp
727}
728
729star_g_ipv4_ipv6()
730{
731 local ns1=ns1_v6
732 local grp=239.1.1.1
733 local src1=192.0.2.129
734 local src2=192.0.2.130
735 local src3=192.0.2.131
736 local vtep_ip=2001:db8:1000::1
737 local all_zeros_grp=0.0.0.0
738
739 echo
740 echo "Control path: (*, G) operations - IPv4 overlay / IPv6 underlay"
741 echo "--------------------------------------------------------------"
742
743 star_g_common $ns1 $grp $src1 $src2 $src3 $vtep_ip $all_zeros_grp
744}
745
746star_g_ipv6_ipv6()
747{
748 local ns1=ns1_v6
749 local grp=ff0e::1
750 local src1=2001:db8:100::1
751 local src2=2001:db8:100::2
752 local src3=2001:db8:100::3
753 local vtep_ip=2001:db8:1000::1
754 local all_zeros_grp=::
755
756 echo
757 echo "Control path: (*, G) operations - IPv6 overlay / IPv6 underlay"
758 echo "--------------------------------------------------------------"
759
760 star_g_common $ns1 $grp $src1 $src2 $src3 $vtep_ip $all_zeros_grp
761}
762
763sg_common()
764{
765 local ns1=$1; shift
766 local grp=$1; shift
767 local src=$1; shift
768 local vtep_ip=$1; shift
769 local all_zeros_grp=$1; shift
770
771 # Test control path operations specific to (S, G) entries.
772
773 # Default filter mode.
774 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp src $src permanent dst $vtep_ip src_vni 10010"
775 run_cmd "bridge -n $ns1 -d -s mdb show dev vx0 | grep $grp | grep include"
776 log_test $? 0 "(S, G) MDB entry default filter mode"
777
778 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp src $src permanent dst $vtep_ip src_vni 10010"
779
780 # Error cases.
781 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp src $src permanent filter_mode include dst $vtep_ip src_vni 10010"
782 log_test $? 255 "(S, G) with filter mode"
783
784 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp src $src permanent source_list $src dst $vtep_ip src_vni 10010"
785 log_test $? 255 "(S, G) with source list"
786
787 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp src $grp permanent dst $vtep_ip src_vni 10010"
788 log_test $? 255 "(S, G) with an invalid source list"
789
790 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $all_zeros_grp src $src permanent dst $vtep_ip src_vni 10010"
791 log_test $? 255 "All-zeros group with source"
792}
793
794sg_ipv4_ipv4()
795{
796 local ns1=ns1_v4
797 local grp=239.1.1.1
798 local src=192.0.2.129
799 local vtep_ip=198.51.100.100
800 local all_zeros_grp=0.0.0.0
801
802 echo
803 echo "Control path: (S, G) operations - IPv4 overlay / IPv4 underlay"
804 echo "--------------------------------------------------------------"
805
806 sg_common $ns1 $grp $src $vtep_ip $all_zeros_grp
807}
808
809sg_ipv6_ipv4()
810{
811 local ns1=ns1_v4
812 local grp=ff0e::1
813 local src=2001:db8:100::1
814 local vtep_ip=198.51.100.100
815 local all_zeros_grp=::
816
817 echo
818 echo "Control path: (S, G) operations - IPv6 overlay / IPv4 underlay"
819 echo "--------------------------------------------------------------"
820
821 sg_common $ns1 $grp $src $vtep_ip $all_zeros_grp
822}
823
824sg_ipv4_ipv6()
825{
826 local ns1=ns1_v6
827 local grp=239.1.1.1
828 local src=192.0.2.129
829 local vtep_ip=2001:db8:1000::1
830 local all_zeros_grp=0.0.0.0
831
832 echo
833 echo "Control path: (S, G) operations - IPv4 overlay / IPv6 underlay"
834 echo "--------------------------------------------------------------"
835
836 sg_common $ns1 $grp $src $vtep_ip $all_zeros_grp
837}
838
839sg_ipv6_ipv6()
840{
841 local ns1=ns1_v6
842 local grp=ff0e::1
843 local src=2001:db8:100::1
844 local vtep_ip=2001:db8:1000::1
845 local all_zeros_grp=::
846
847 echo
848 echo "Control path: (S, G) operations - IPv6 overlay / IPv6 underlay"
849 echo "--------------------------------------------------------------"
850
851 sg_common $ns1 $grp $src $vtep_ip $all_zeros_grp
852}
853
854ipv4_grps_get()
855{
856 local max_grps=$1; shift
857 local i
858
859 for i in $(seq 0 $((max_grps - 1))); do
860 echo "239.1.1.$i"
861 done
862}
863
864ipv6_grps_get()
865{
866 local max_grps=$1; shift
867 local i
868
869 for i in $(seq 0 $((max_grps - 1))); do
870 echo "ff0e::$(printf %x $i)"
871 done
872}
873
874dump_common()
875{
876 local ns1=$1; shift
877 local local_addr=$1; shift
878 local remote_prefix=$1; shift
879 local fn=$1; shift
880 local max_vxlan_devs=2
881 local max_remotes=64
882 local max_grps=256
883 local num_entries
884 local batch_file
885 local grp
886 local i j
887
888 # The kernel maintains various markers for the MDB dump. Add a test for
889 # large scale MDB dump to make sure that all the configured entries are
890 # dumped and that the markers are used correctly.
891
892 # Create net devices.
893 for i in $(seq 1 $max_vxlan_devs); do
894 ip -n $ns1 link add name vx-test${i} up type vxlan \
895 local $local_addr dstport 4789 external vnifilter
896 done
897
898 # Create batch file with MDB entries.
899 batch_file=$(mktemp)
900 for i in $(seq 1 $max_vxlan_devs); do
901 for j in $(seq 1 $max_remotes); do
902 for grp in $($fn $max_grps); do
903 echo "mdb add dev vx-test${i} port vx-test${i} grp $grp permanent dst ${remote_prefix}${j}" >> $batch_file
904 done
905 done
906 done
907
908 # Program the batch file and check for expected number of entries.
909 bridge -n $ns1 -b $batch_file
910 for i in $(seq 1 $max_vxlan_devs); do
911 num_entries=$(bridge -n $ns1 mdb show dev vx-test${i} | grep "permanent" | wc -l)
912 [[ $num_entries -eq $((max_grps * max_remotes)) ]]
913 log_test $? 0 "Large scale dump - VXLAN device #$i"
914 done
915
916 rm -rf $batch_file
917}
918
919dump_ipv4_ipv4()
920{
921 local ns1=ns1_v4
922 local local_addr=192.0.2.1
923 local remote_prefix=198.51.100.
924 local fn=ipv4_grps_get
925
926 echo
927 echo "Control path: Large scale MDB dump - IPv4 overlay / IPv4 underlay"
928 echo "-----------------------------------------------------------------"
929
930 dump_common $ns1 $local_addr $remote_prefix $fn
931}
932
933dump_ipv6_ipv4()
934{
935 local ns1=ns1_v4
936 local local_addr=192.0.2.1
937 local remote_prefix=198.51.100.
938 local fn=ipv6_grps_get
939
940 echo
941 echo "Control path: Large scale MDB dump - IPv6 overlay / IPv4 underlay"
942 echo "-----------------------------------------------------------------"
943
944 dump_common $ns1 $local_addr $remote_prefix $fn
945}
946
947dump_ipv4_ipv6()
948{
949 local ns1=ns1_v6
950 local local_addr=2001:db8:1::1
951 local remote_prefix=2001:db8:1000::
952 local fn=ipv4_grps_get
953
954 echo
955 echo "Control path: Large scale MDB dump - IPv4 overlay / IPv6 underlay"
956 echo "-----------------------------------------------------------------"
957
958 dump_common $ns1 $local_addr $remote_prefix $fn
959}
960
961dump_ipv6_ipv6()
962{
963 local ns1=ns1_v6
964 local local_addr=2001:db8:1::1
965 local remote_prefix=2001:db8:1000::
966 local fn=ipv6_grps_get
967
968 echo
969 echo "Control path: Large scale MDB dump - IPv6 overlay / IPv6 underlay"
970 echo "-----------------------------------------------------------------"
971
972 dump_common $ns1 $local_addr $remote_prefix $fn
973}
974
975################################################################################
976# Tests - Data path
977
978encap_params_common()
979{
980 local ns1=$1; shift
981 local ns2=$1; shift
982 local vtep1_ip=$1; shift
983 local vtep2_ip=$1; shift
984 local plen=$1; shift
985 local enc_ethtype=$1; shift
986 local grp=$1; shift
987 local src=$1; shift
988 local mz=$1; shift
989
990 # Test that packets forwarded by the VXLAN MDB are encapsulated with
991 # the correct parameters. Transmit packets from the first namespace and
992 # check that they hit the corresponding filters on the ingress of the
993 # second namespace.
994
995 run_cmd "tc -n $ns2 qdisc replace dev veth0 clsact"
996 run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
997 run_cmd "ip -n $ns2 address replace $vtep1_ip/$plen dev lo"
998 run_cmd "ip -n $ns2 address replace $vtep2_ip/$plen dev lo"
999
1000 # Check destination IP.
1001 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip src_vni 10010"
1002 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep2_ip src_vni 10020"
1003
1004 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $vtep1_ip action pass"
1005 run_cmd "ip netns exec $ns1 $mz br0.10 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1006 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1007 log_test $? 0 "Destination IP - match"
1008
1009 run_cmd "ip netns exec $ns1 $mz br0.20 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1010 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1011 log_test $? 0 "Destination IP - no match"
1012
1013 run_cmd "tc -n $ns2 filter del dev vx0 ingress pref 1 handle 101 flower"
1014 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep2_ip src_vni 10020"
1015 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10010"
1016
1017 # Check destination port.
1018 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip src_vni 10010"
1019 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip dst_port 1111 src_vni 10020"
1020
1021 run_cmd "tc -n $ns2 filter replace dev veth0 ingress pref 1 handle 101 proto $enc_ethtype flower ip_proto udp dst_port 4789 action pass"
1022 run_cmd "ip netns exec $ns1 $mz br0.10 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1023 tc_check_packets "$ns2" "dev veth0 ingress" 101 1
1024 log_test $? 0 "Default destination port - match"
1025
1026 run_cmd "ip netns exec $ns1 $mz br0.20 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1027 tc_check_packets "$ns2" "dev veth0 ingress" 101 1
1028 log_test $? 0 "Default destination port - no match"
1029
1030 run_cmd "tc -n $ns2 filter replace dev veth0 ingress pref 1 handle 101 proto $enc_ethtype flower ip_proto udp dst_port 1111 action pass"
1031 run_cmd "ip netns exec $ns1 $mz br0.20 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1032 tc_check_packets "$ns2" "dev veth0 ingress" 101 1
1033 log_test $? 0 "Non-default destination port - match"
1034
1035 run_cmd "ip netns exec $ns1 $mz br0.10 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1036 tc_check_packets "$ns2" "dev veth0 ingress" 101 1
1037 log_test $? 0 "Non-default destination port - no match"
1038
1039 run_cmd "tc -n $ns2 filter del dev veth0 ingress pref 1 handle 101 flower"
1040 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10020"
1041 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10010"
1042
1043 # Check default VNI.
1044 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip src_vni 10010"
1045 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip src_vni 10020"
1046
1047 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_key_id 10010 action pass"
1048 run_cmd "ip netns exec $ns1 $mz br0.10 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1049 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1050 log_test $? 0 "Default destination VNI - match"
1051
1052 run_cmd "ip netns exec $ns1 $mz br0.20 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1053 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1054 log_test $? 0 "Default destination VNI - no match"
1055
1056 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip vni 10020 src_vni 10010"
1057 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip vni 10010 src_vni 10020"
1058
1059 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_key_id 10020 action pass"
1060 run_cmd "ip netns exec $ns1 $mz br0.10 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1061 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1062 log_test $? 0 "Non-default destination VNI - match"
1063
1064 run_cmd "ip netns exec $ns1 $mz br0.20 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1065 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1066 log_test $? 0 "Non-default destination VNI - no match"
1067
1068 run_cmd "tc -n $ns2 filter del dev vx0 ingress pref 1 handle 101 flower"
1069 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10020"
1070 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10010"
1071}
1072
1073encap_params_ipv4_ipv4()
1074{
1075 local ns1=ns1_v4
1076 local ns2=ns2_v4
1077 local vtep1_ip=198.51.100.100
1078 local vtep2_ip=198.51.100.200
1079 local plen=32
1080 local enc_ethtype="ip"
1081 local grp=239.1.1.1
1082 local src=192.0.2.129
1083
1084 echo
1085 echo "Data path: Encapsulation parameters - IPv4 overlay / IPv4 underlay"
1086 echo "------------------------------------------------------------------"
1087
1088 encap_params_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $enc_ethtype \
1089 $grp $src "mausezahn"
1090}
1091
1092encap_params_ipv6_ipv4()
1093{
1094 local ns1=ns1_v4
1095 local ns2=ns2_v4
1096 local vtep1_ip=198.51.100.100
1097 local vtep2_ip=198.51.100.200
1098 local plen=32
1099 local enc_ethtype="ip"
1100 local grp=ff0e::1
1101 local src=2001:db8:100::1
1102
1103 echo
1104 echo "Data path: Encapsulation parameters - IPv6 overlay / IPv4 underlay"
1105 echo "------------------------------------------------------------------"
1106
1107 encap_params_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $enc_ethtype \
1108 $grp $src "mausezahn -6"
1109}
1110
1111encap_params_ipv4_ipv6()
1112{
1113 local ns1=ns1_v6
1114 local ns2=ns2_v6
1115 local vtep1_ip=2001:db8:1000::1
1116 local vtep2_ip=2001:db8:2000::1
1117 local plen=128
1118 local enc_ethtype="ipv6"
1119 local grp=239.1.1.1
1120 local src=192.0.2.129
1121
1122 echo
1123 echo "Data path: Encapsulation parameters - IPv4 overlay / IPv6 underlay"
1124 echo "------------------------------------------------------------------"
1125
1126 encap_params_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $enc_ethtype \
1127 $grp $src "mausezahn"
1128}
1129
1130encap_params_ipv6_ipv6()
1131{
1132 local ns1=ns1_v6
1133 local ns2=ns2_v6
1134 local vtep1_ip=2001:db8:1000::1
1135 local vtep2_ip=2001:db8:2000::1
1136 local plen=128
1137 local enc_ethtype="ipv6"
1138 local grp=ff0e::1
1139 local src=2001:db8:100::1
1140
1141 echo
1142 echo "Data path: Encapsulation parameters - IPv6 overlay / IPv6 underlay"
1143 echo "------------------------------------------------------------------"
1144
1145 encap_params_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $enc_ethtype \
1146 $grp $src "mausezahn -6"
1147}
1148
1149starg_exclude_ir_common()
1150{
1151 local ns1=$1; shift
1152 local ns2=$1; shift
1153 local vtep1_ip=$1; shift
1154 local vtep2_ip=$1; shift
1155 local plen=$1; shift
1156 local grp=$1; shift
1157 local valid_src=$1; shift
1158 local invalid_src=$1; shift
1159 local mz=$1; shift
1160
1161 # Install a (*, G) EXCLUDE MDB entry with one source and two remote
1162 # VTEPs. Make sure that the source in the source list is not forwarded
1163 # and that a source not in the list is forwarded. Remove one of the
1164 # VTEPs from the entry and make sure that packets are only forwarded to
1165 # the remaining VTEP.
1166
1167 run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
1168 run_cmd "ip -n $ns2 address replace $vtep1_ip/$plen dev lo"
1169 run_cmd "ip -n $ns2 address replace $vtep2_ip/$plen dev lo"
1170
1171 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $vtep1_ip action pass"
1172 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 102 proto all flower enc_dst_ip $vtep2_ip action pass"
1173
1174 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $invalid_src dst $vtep1_ip src_vni 10010"
1175 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $invalid_src dst $vtep2_ip src_vni 10010"
1176
1177 # Check that invalid source is not forwarded to any VTEP.
1178 run_cmd "ip netns exec $ns1 $mz br0.10 -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1179 tc_check_packets "$ns2" "dev vx0 ingress" 101 0
1180 log_test $? 0 "Block excluded source - first VTEP"
1181 tc_check_packets "$ns2" "dev vx0 ingress" 102 0
1182 log_test $? 0 "Block excluded source - second VTEP"
1183
1184 # Check that valid source is forwarded to both VTEPs.
1185 run_cmd "ip netns exec $ns1 $mz br0.10 -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1186 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1187 log_test $? 0 "Forward valid source - first VTEP"
1188 tc_check_packets "$ns2" "dev vx0 ingress" 102 1
1189 log_test $? 0 "Forward valid source - second VTEP"
1190
1191 # Remove second VTEP.
1192 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep2_ip src_vni 10010"
1193
1194 # Check that invalid source is not forwarded to any VTEP.
1195 run_cmd "ip netns exec $ns1 $mz br0.10 -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1196 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1197 log_test $? 0 "Block excluded source after removal - first VTEP"
1198 tc_check_packets "$ns2" "dev vx0 ingress" 102 1
1199 log_test $? 0 "Block excluded source after removal - second VTEP"
1200
1201 # Check that valid source is forwarded to the remaining VTEP.
1202 run_cmd "ip netns exec $ns1 $mz br0.10 -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1203 tc_check_packets "$ns2" "dev vx0 ingress" 101 2
1204 log_test $? 0 "Forward valid source after removal - first VTEP"
1205 tc_check_packets "$ns2" "dev vx0 ingress" 102 1
1206 log_test $? 0 "Forward valid source after removal - second VTEP"
1207}
1208
1209starg_exclude_ir_ipv4_ipv4()
1210{
1211 local ns1=ns1_v4
1212 local ns2=ns2_v4
1213 local vtep1_ip=198.51.100.100
1214 local vtep2_ip=198.51.100.200
1215 local plen=32
1216 local grp=239.1.1.1
1217 local valid_src=192.0.2.129
1218 local invalid_src=192.0.2.145
1219
1220 echo
1221 echo "Data path: (*, G) EXCLUDE - IR - IPv4 overlay / IPv4 underlay"
1222 echo "-------------------------------------------------------------"
1223
1224 starg_exclude_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1225 $valid_src $invalid_src "mausezahn"
1226}
1227
1228starg_exclude_ir_ipv6_ipv4()
1229{
1230 local ns1=ns1_v4
1231 local ns2=ns2_v4
1232 local vtep1_ip=198.51.100.100
1233 local vtep2_ip=198.51.100.200
1234 local plen=32
1235 local grp=ff0e::1
1236 local valid_src=2001:db8:100::1
1237 local invalid_src=2001:db8:200::1
1238
1239 echo
1240 echo "Data path: (*, G) EXCLUDE - IR - IPv6 overlay / IPv4 underlay"
1241 echo "-------------------------------------------------------------"
1242
1243 starg_exclude_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1244 $valid_src $invalid_src "mausezahn -6"
1245}
1246
1247starg_exclude_ir_ipv4_ipv6()
1248{
1249 local ns1=ns1_v6
1250 local ns2=ns2_v6
1251 local vtep1_ip=2001:db8:1000::1
1252 local vtep2_ip=2001:db8:2000::1
1253 local plen=128
1254 local grp=239.1.1.1
1255 local valid_src=192.0.2.129
1256 local invalid_src=192.0.2.145
1257
1258 echo
1259 echo "Data path: (*, G) EXCLUDE - IR - IPv4 overlay / IPv6 underlay"
1260 echo "-------------------------------------------------------------"
1261
1262 starg_exclude_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1263 $valid_src $invalid_src "mausezahn"
1264}
1265
1266starg_exclude_ir_ipv6_ipv6()
1267{
1268 local ns1=ns1_v6
1269 local ns2=ns2_v6
1270 local vtep1_ip=2001:db8:1000::1
1271 local vtep2_ip=2001:db8:2000::1
1272 local plen=128
1273 local grp=ff0e::1
1274 local valid_src=2001:db8:100::1
1275 local invalid_src=2001:db8:200::1
1276
1277 echo
1278 echo "Data path: (*, G) EXCLUDE - IR - IPv6 overlay / IPv6 underlay"
1279 echo "-------------------------------------------------------------"
1280
1281 starg_exclude_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1282 $valid_src $invalid_src "mausezahn -6"
1283}
1284
1285starg_include_ir_common()
1286{
1287 local ns1=$1; shift
1288 local ns2=$1; shift
1289 local vtep1_ip=$1; shift
1290 local vtep2_ip=$1; shift
1291 local plen=$1; shift
1292 local grp=$1; shift
1293 local valid_src=$1; shift
1294 local invalid_src=$1; shift
1295 local mz=$1; shift
1296
1297 # Install a (*, G) INCLUDE MDB entry with one source and two remote
1298 # VTEPs. Make sure that the source in the source list is forwarded and
1299 # that a source not in the list is not forwarded. Remove one of the
1300 # VTEPs from the entry and make sure that packets are only forwarded to
1301 # the remaining VTEP.
1302
1303 run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
1304 run_cmd "ip -n $ns2 address replace $vtep1_ip/$plen dev lo"
1305 run_cmd "ip -n $ns2 address replace $vtep2_ip/$plen dev lo"
1306
1307 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $vtep1_ip action pass"
1308 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 102 proto all flower enc_dst_ip $vtep2_ip action pass"
1309
1310 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode include source_list $valid_src dst $vtep1_ip src_vni 10010"
1311 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode include source_list $valid_src dst $vtep2_ip src_vni 10010"
1312
1313 # Check that invalid source is not forwarded to any VTEP.
1314 run_cmd "ip netns exec $ns1 $mz br0.10 -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1315 tc_check_packets "$ns2" "dev vx0 ingress" 101 0
1316 log_test $? 0 "Block excluded source - first VTEP"
1317 tc_check_packets "$ns2" "dev vx0 ingress" 102 0
1318 log_test $? 0 "Block excluded source - second VTEP"
1319
1320 # Check that valid source is forwarded to both VTEPs.
1321 run_cmd "ip netns exec $ns1 $mz br0.10 -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1322 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1323 log_test $? 0 "Forward valid source - first VTEP"
1324 tc_check_packets "$ns2" "dev vx0 ingress" 102 1
1325 log_test $? 0 "Forward valid source - second VTEP"
1326
1327 # Remove second VTEP.
1328 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep2_ip src_vni 10010"
1329
1330 # Check that invalid source is not forwarded to any VTEP.
1331 run_cmd "ip netns exec $ns1 $mz br0.10 -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1332 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1333 log_test $? 0 "Block excluded source after removal - first VTEP"
1334 tc_check_packets "$ns2" "dev vx0 ingress" 102 1
1335 log_test $? 0 "Block excluded source after removal - second VTEP"
1336
1337 # Check that valid source is forwarded to the remaining VTEP.
1338 run_cmd "ip netns exec $ns1 $mz br0.10 -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1339 tc_check_packets "$ns2" "dev vx0 ingress" 101 2
1340 log_test $? 0 "Forward valid source after removal - first VTEP"
1341 tc_check_packets "$ns2" "dev vx0 ingress" 102 1
1342 log_test $? 0 "Forward valid source after removal - second VTEP"
1343}
1344
1345starg_include_ir_ipv4_ipv4()
1346{
1347 local ns1=ns1_v4
1348 local ns2=ns2_v4
1349 local vtep1_ip=198.51.100.100
1350 local vtep2_ip=198.51.100.200
1351 local plen=32
1352 local grp=239.1.1.1
1353 local valid_src=192.0.2.129
1354 local invalid_src=192.0.2.145
1355
1356 echo
1357 echo "Data path: (*, G) INCLUDE - IR - IPv4 overlay / IPv4 underlay"
1358 echo "-------------------------------------------------------------"
1359
1360 starg_include_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1361 $valid_src $invalid_src "mausezahn"
1362}
1363
1364starg_include_ir_ipv6_ipv4()
1365{
1366 local ns1=ns1_v4
1367 local ns2=ns2_v4
1368 local vtep1_ip=198.51.100.100
1369 local vtep2_ip=198.51.100.200
1370 local plen=32
1371 local grp=ff0e::1
1372 local valid_src=2001:db8:100::1
1373 local invalid_src=2001:db8:200::1
1374
1375 echo
1376 echo "Data path: (*, G) INCLUDE - IR - IPv6 overlay / IPv4 underlay"
1377 echo "-------------------------------------------------------------"
1378
1379 starg_include_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1380 $valid_src $invalid_src "mausezahn -6"
1381}
1382
1383starg_include_ir_ipv4_ipv6()
1384{
1385 local ns1=ns1_v6
1386 local ns2=ns2_v6
1387 local vtep1_ip=2001:db8:1000::1
1388 local vtep2_ip=2001:db8:2000::1
1389 local plen=128
1390 local grp=239.1.1.1
1391 local valid_src=192.0.2.129
1392 local invalid_src=192.0.2.145
1393
1394 echo
1395 echo "Data path: (*, G) INCLUDE - IR - IPv4 overlay / IPv6 underlay"
1396 echo "-------------------------------------------------------------"
1397
1398 starg_include_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1399 $valid_src $invalid_src "mausezahn"
1400}
1401
1402starg_include_ir_ipv6_ipv6()
1403{
1404 local ns1=ns1_v6
1405 local ns2=ns2_v6
1406 local vtep1_ip=2001:db8:1000::1
1407 local vtep2_ip=2001:db8:2000::1
1408 local plen=128
1409 local grp=ff0e::1
1410 local valid_src=2001:db8:100::1
1411 local invalid_src=2001:db8:200::1
1412
1413 echo
1414 echo "Data path: (*, G) INCLUDE - IR - IPv6 overlay / IPv6 underlay"
1415 echo "-------------------------------------------------------------"
1416
1417 starg_include_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1418 $valid_src $invalid_src "mausezahn -6"
1419}
1420
1421starg_exclude_p2mp_common()
1422{
1423 local ns1=$1; shift
1424 local ns2=$1; shift
1425 local mcast_grp=$1; shift
1426 local plen=$1; shift
1427 local grp=$1; shift
1428 local valid_src=$1; shift
1429 local invalid_src=$1; shift
1430 local mz=$1; shift
1431
1432 # Install a (*, G) EXCLUDE MDB entry with one source and one multicast
1433 # group to which packets are sent. Make sure that the source in the
1434 # source list is not forwarded and that a source not in the list is
1435 # forwarded.
1436
1437 run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
1438 run_cmd "ip -n $ns2 address replace $mcast_grp/$plen dev veth0 autojoin"
1439
1440 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $mcast_grp action pass"
1441
1442 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $invalid_src dst $mcast_grp src_vni 10010 via veth0"
1443
1444 # Check that invalid source is not forwarded.
1445 run_cmd "ip netns exec $ns1 $mz br0.10 -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1446 tc_check_packets "$ns2" "dev vx0 ingress" 101 0
1447 log_test $? 0 "Block excluded source"
1448
1449 # Check that valid source is forwarded.
1450 run_cmd "ip netns exec $ns1 $mz br0.10 -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1451 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1452 log_test $? 0 "Forward valid source"
1453
1454 # Remove the VTEP from the multicast group.
1455 run_cmd "ip -n $ns2 address del $mcast_grp/$plen dev veth0"
1456
1457 # Check that valid source is not received anymore.
1458 run_cmd "ip netns exec $ns1 $mz br0.10 -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1459 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1460 log_test $? 0 "Receive of valid source after removal from group"
1461}
1462
1463starg_exclude_p2mp_ipv4_ipv4()
1464{
1465 local ns1=ns1_v4
1466 local ns2=ns2_v4
1467 local mcast_grp=238.1.1.1
1468 local plen=32
1469 local grp=239.1.1.1
1470 local valid_src=192.0.2.129
1471 local invalid_src=192.0.2.145
1472
1473 echo
1474 echo "Data path: (*, G) EXCLUDE - P2MP - IPv4 overlay / IPv4 underlay"
1475 echo "---------------------------------------------------------------"
1476
1477 starg_exclude_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp \
1478 $valid_src $invalid_src "mausezahn"
1479}
1480
1481starg_exclude_p2mp_ipv6_ipv4()
1482{
1483 local ns1=ns1_v4
1484 local ns2=ns2_v4
1485 local mcast_grp=238.1.1.1
1486 local plen=32
1487 local grp=ff0e::1
1488 local valid_src=2001:db8:100::1
1489 local invalid_src=2001:db8:200::1
1490
1491 echo
1492 echo "Data path: (*, G) EXCLUDE - P2MP - IPv6 overlay / IPv4 underlay"
1493 echo "---------------------------------------------------------------"
1494
1495 starg_exclude_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp \
1496 $valid_src $invalid_src "mausezahn -6"
1497}
1498
1499starg_exclude_p2mp_ipv4_ipv6()
1500{
1501 local ns1=ns1_v6
1502 local ns2=ns2_v6
1503 local mcast_grp=ff0e::2
1504 local plen=128
1505 local grp=239.1.1.1
1506 local valid_src=192.0.2.129
1507 local invalid_src=192.0.2.145
1508
1509 echo
1510 echo "Data path: (*, G) EXCLUDE - P2MP - IPv4 overlay / IPv6 underlay"
1511 echo "---------------------------------------------------------------"
1512
1513 starg_exclude_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp \
1514 $valid_src $invalid_src "mausezahn"
1515}
1516
1517starg_exclude_p2mp_ipv6_ipv6()
1518{
1519 local ns1=ns1_v6
1520 local ns2=ns2_v6
1521 local mcast_grp=ff0e::2
1522 local plen=128
1523 local grp=ff0e::1
1524 local valid_src=2001:db8:100::1
1525 local invalid_src=2001:db8:200::1
1526
1527 echo
1528 echo "Data path: (*, G) EXCLUDE - P2MP - IPv6 overlay / IPv6 underlay"
1529 echo "---------------------------------------------------------------"
1530
1531 starg_exclude_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp \
1532 $valid_src $invalid_src "mausezahn -6"
1533}
1534
1535starg_include_p2mp_common()
1536{
1537 local ns1=$1; shift
1538 local ns2=$1; shift
1539 local mcast_grp=$1; shift
1540 local plen=$1; shift
1541 local grp=$1; shift
1542 local valid_src=$1; shift
1543 local invalid_src=$1; shift
1544 local mz=$1; shift
1545
1546 # Install a (*, G) INCLUDE MDB entry with one source and one multicast
1547 # group to which packets are sent. Make sure that the source in the
1548 # source list is forwarded and that a source not in the list is not
1549 # forwarded.
1550
1551 run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
1552 run_cmd "ip -n $ns2 address replace $mcast_grp/$plen dev veth0 autojoin"
1553
1554 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $mcast_grp action pass"
1555
1556 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode include source_list $valid_src dst $mcast_grp src_vni 10010 via veth0"
1557
1558 # Check that invalid source is not forwarded.
1559 run_cmd "ip netns exec $ns1 $mz br0.10 -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1560 tc_check_packets "$ns2" "dev vx0 ingress" 101 0
1561 log_test $? 0 "Block excluded source"
1562
1563 # Check that valid source is forwarded.
1564 run_cmd "ip netns exec $ns1 $mz br0.10 -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1565 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1566 log_test $? 0 "Forward valid source"
1567
1568 # Remove the VTEP from the multicast group.
1569 run_cmd "ip -n $ns2 address del $mcast_grp/$plen dev veth0"
1570
1571 # Check that valid source is not received anymore.
1572 run_cmd "ip netns exec $ns1 $mz br0.10 -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1573 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1574 log_test $? 0 "Receive of valid source after removal from group"
1575}
1576
1577starg_include_p2mp_ipv4_ipv4()
1578{
1579 local ns1=ns1_v4
1580 local ns2=ns2_v4
1581 local mcast_grp=238.1.1.1
1582 local plen=32
1583 local grp=239.1.1.1
1584 local valid_src=192.0.2.129
1585 local invalid_src=192.0.2.145
1586
1587 echo
1588 echo "Data path: (*, G) INCLUDE - P2MP - IPv4 overlay / IPv4 underlay"
1589 echo "---------------------------------------------------------------"
1590
1591 starg_include_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp \
1592 $valid_src $invalid_src "mausezahn"
1593}
1594
1595starg_include_p2mp_ipv6_ipv4()
1596{
1597 local ns1=ns1_v4
1598 local ns2=ns2_v4
1599 local mcast_grp=238.1.1.1
1600 local plen=32
1601 local grp=ff0e::1
1602 local valid_src=2001:db8:100::1
1603 local invalid_src=2001:db8:200::1
1604
1605 echo
1606 echo "Data path: (*, G) INCLUDE - P2MP - IPv6 overlay / IPv4 underlay"
1607 echo "---------------------------------------------------------------"
1608
1609 starg_include_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp \
1610 $valid_src $invalid_src "mausezahn -6"
1611}
1612
1613starg_include_p2mp_ipv4_ipv6()
1614{
1615 local ns1=ns1_v6
1616 local ns2=ns2_v6
1617 local mcast_grp=ff0e::2
1618 local plen=128
1619 local grp=239.1.1.1
1620 local valid_src=192.0.2.129
1621 local invalid_src=192.0.2.145
1622
1623 echo
1624 echo "Data path: (*, G) INCLUDE - P2MP - IPv4 overlay / IPv6 underlay"
1625 echo "---------------------------------------------------------------"
1626
1627 starg_include_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp \
1628 $valid_src $invalid_src "mausezahn"
1629}
1630
1631starg_include_p2mp_ipv6_ipv6()
1632{
1633 local ns1=ns1_v6
1634 local ns2=ns2_v6
1635 local mcast_grp=ff0e::2
1636 local plen=128
1637 local grp=ff0e::1
1638 local valid_src=2001:db8:100::1
1639 local invalid_src=2001:db8:200::1
1640
1641 echo
1642 echo "Data path: (*, G) INCLUDE - P2MP - IPv6 overlay / IPv6 underlay"
1643 echo "---------------------------------------------------------------"
1644
1645 starg_include_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp \
1646 $valid_src $invalid_src "mausezahn -6"
1647}
1648
1649egress_vni_translation_common()
1650{
1651 local ns1=$1; shift
1652 local ns2=$1; shift
1653 local mcast_grp=$1; shift
1654 local plen=$1; shift
1655 local proto=$1; shift
1656 local grp=$1; shift
1657 local src=$1; shift
1658 local mz=$1; shift
1659
1660 # When P2MP tunnels are used with optimized inter-subnet multicast
1661 # (OISM) [1], the ingress VTEP does not perform VNI translation and
1662 # uses the VNI of the source broadcast domain (BD). If the egress VTEP
1663 # is a member in the source BD, then no VNI translation is needed.
1664 # Otherwise, the egress VTEP needs to translate the VNI to the
1665 # supplementary broadcast domain (SBD) VNI, which is usually the L3VNI.
1666 #
1667 # In this test, remove the VTEP in the second namespace from VLAN 10
1668 # (VNI 10010) and make sure that a packet sent from this VLAN on the
1669 # first VTEP is received by the SVI corresponding to the L3VNI (14000 /
1670 # VLAN 4000) on the second VTEP.
1671 #
1672 # The second VTEP will be able to decapsulate the packet with VNI 10010
1673 # because this VNI is configured on its shared VXLAN device. Later,
1674 # when ingressing the bridge, the VNI to VLAN lookup will fail because
1675 # the VTEP is not a member in VLAN 10, which will cause the packet to
1676 # be tagged with VLAN 4000 since it is configured as PVID.
1677 #
1678 # [1] https://datatracker.ietf.org/doc/html/draft-ietf-bess-evpn-irb-mcast
1679
1680 run_cmd "tc -n $ns2 qdisc replace dev br0.4000 clsact"
1681 run_cmd "ip -n $ns2 address replace $mcast_grp/$plen dev veth0 autojoin"
1682 run_cmd "tc -n $ns2 filter replace dev br0.4000 ingress pref 1 handle 101 proto $proto flower src_ip $src dst_ip $grp action pass"
1683
1684 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp src $src permanent dst $mcast_grp src_vni 10010 via veth0"
1685
1686 # Remove the second VTEP from VLAN 10.
1687 run_cmd "bridge -n $ns2 vlan del vid 10 dev vx0"
1688
1689 # Make sure that packets sent from the first VTEP over VLAN 10 are
1690 # received by the SVI corresponding to the L3VNI (14000 / VLAN 4000) on
1691 # the second VTEP, since it is configured as PVID.
1692 run_cmd "ip netns exec $ns1 $mz br0.10 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1693 tc_check_packets "$ns2" "dev br0.4000 ingress" 101 1
1694 log_test $? 0 "Egress VNI translation - PVID configured"
1695
1696 # Remove PVID flag from VLAN 4000 on the second VTEP and make sure
1697 # packets are no longer received by the SVI interface.
1698 run_cmd "bridge -n $ns2 vlan add vid 4000 dev vx0"
1699 run_cmd "ip netns exec $ns1 $mz br0.10 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1700 tc_check_packets "$ns2" "dev br0.4000 ingress" 101 1
1701 log_test $? 0 "Egress VNI translation - no PVID configured"
1702
1703 # Reconfigure the PVID and make sure packets are received again.
1704 run_cmd "bridge -n $ns2 vlan add vid 4000 dev vx0 pvid"
1705 run_cmd "ip netns exec $ns1 $mz br0.10 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1706 tc_check_packets "$ns2" "dev br0.4000 ingress" 101 2
1707 log_test $? 0 "Egress VNI translation - PVID reconfigured"
1708}
1709
1710egress_vni_translation_ipv4_ipv4()
1711{
1712 local ns1=ns1_v4
1713 local ns2=ns2_v4
1714 local mcast_grp=238.1.1.1
1715 local plen=32
1716 local proto="ipv4"
1717 local grp=239.1.1.1
1718 local src=192.0.2.129
1719
1720 echo
1721 echo "Data path: Egress VNI translation - IPv4 overlay / IPv4 underlay"
1722 echo "----------------------------------------------------------------"
1723
1724 egress_vni_translation_common $ns1 $ns2 $mcast_grp $plen $proto $grp \
1725 $src "mausezahn"
1726}
1727
1728egress_vni_translation_ipv6_ipv4()
1729{
1730 local ns1=ns1_v4
1731 local ns2=ns2_v4
1732 local mcast_grp=238.1.1.1
1733 local plen=32
1734 local proto="ipv6"
1735 local grp=ff0e::1
1736 local src=2001:db8:100::1
1737
1738 echo
1739 echo "Data path: Egress VNI translation - IPv6 overlay / IPv4 underlay"
1740 echo "----------------------------------------------------------------"
1741
1742 egress_vni_translation_common $ns1 $ns2 $mcast_grp $plen $proto $grp \
1743 $src "mausezahn -6"
1744}
1745
1746egress_vni_translation_ipv4_ipv6()
1747{
1748 local ns1=ns1_v6
1749 local ns2=ns2_v6
1750 local mcast_grp=ff0e::2
1751 local plen=128
1752 local proto="ipv4"
1753 local grp=239.1.1.1
1754 local src=192.0.2.129
1755
1756 echo
1757 echo "Data path: Egress VNI translation - IPv4 overlay / IPv6 underlay"
1758 echo "----------------------------------------------------------------"
1759
1760 egress_vni_translation_common $ns1 $ns2 $mcast_grp $plen $proto $grp \
1761 $src "mausezahn"
1762}
1763
1764egress_vni_translation_ipv6_ipv6()
1765{
1766 local ns1=ns1_v6
1767 local ns2=ns2_v6
1768 local mcast_grp=ff0e::2
1769 local plen=128
1770 local proto="ipv6"
1771 local grp=ff0e::1
1772 local src=2001:db8:100::1
1773
1774 echo
1775 echo "Data path: Egress VNI translation - IPv6 overlay / IPv6 underlay"
1776 echo "----------------------------------------------------------------"
1777
1778 egress_vni_translation_common $ns1 $ns2 $mcast_grp $plen $proto $grp \
1779 $src "mausezahn -6"
1780}
1781
1782all_zeros_mdb_common()
1783{
1784 local ns1=$1; shift
1785 local ns2=$1; shift
1786 local vtep1_ip=$1; shift
1787 local vtep2_ip=$1; shift
1788 local vtep3_ip=$1; shift
1789 local vtep4_ip=$1; shift
1790 local plen=$1; shift
1791 local ipv4_grp=239.1.1.1
1792 local ipv4_unreg_grp=239.2.2.2
1793 local ipv4_ll_grp=224.0.0.100
1794 local ipv4_src=192.0.2.129
1795 local ipv6_grp=ff0e::1
1796 local ipv6_unreg_grp=ff0e::2
1797 local ipv6_ll_grp=ff02::1
1798 local ipv6_src=2001:db8:100::1
1799
1800 # Install all-zeros (catchall) MDB entries for IPv4 and IPv6 traffic
1801 # and make sure they only forward unregistered IP multicast traffic
1802 # which is not link-local. Also make sure that each entry only forwards
1803 # traffic from the matching address family.
1804
1805 # Associate two different VTEPs with one all-zeros MDB entry: Two with
1806 # the IPv4 entry (0.0.0.0) and another two with the IPv6 one (::).
1807 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp 0.0.0.0 permanent dst $vtep1_ip src_vni 10010"
1808 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp 0.0.0.0 permanent dst $vtep2_ip src_vni 10010"
1809 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp :: permanent dst $vtep3_ip src_vni 10010"
1810 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp :: permanent dst $vtep4_ip src_vni 10010"
1811
1812 # Associate one VTEP from each set with a regular MDB entry: One with
1813 # an IPv4 entry and another with an IPv6 one.
1814 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $ipv4_grp permanent dst $vtep1_ip src_vni 10010"
1815 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $ipv6_grp permanent dst $vtep3_ip src_vni 10010"
1816
1817 # Add filters to match on decapsulated traffic in the second namespace.
1818 run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
1819 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $vtep1_ip action pass"
1820 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 102 proto all flower enc_dst_ip $vtep2_ip action pass"
1821 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 103 proto all flower enc_dst_ip $vtep3_ip action pass"
1822 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 104 proto all flower enc_dst_ip $vtep4_ip action pass"
1823
1824 # Configure the VTEP addresses in the second namespace to enable
1825 # decapsulation.
1826 run_cmd "ip -n $ns2 address replace $vtep1_ip/$plen dev lo"
1827 run_cmd "ip -n $ns2 address replace $vtep2_ip/$plen dev lo"
1828 run_cmd "ip -n $ns2 address replace $vtep3_ip/$plen dev lo"
1829 run_cmd "ip -n $ns2 address replace $vtep4_ip/$plen dev lo"
1830
1831 # Send registered IPv4 multicast and make sure it only arrives to the
1832 # first VTEP.
1833 run_cmd "ip netns exec $ns1 mausezahn br0.10 -A $ipv4_src -B $ipv4_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1834 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1835 log_test $? 0 "Registered IPv4 multicast - first VTEP"
1836 tc_check_packets "$ns2" "dev vx0 ingress" 102 0
1837 log_test $? 0 "Registered IPv4 multicast - second VTEP"
1838
1839 # Send unregistered IPv4 multicast that is not link-local and make sure
1840 # it arrives to the first and second VTEPs.
1841 run_cmd "ip netns exec $ns1 mausezahn br0.10 -A $ipv4_src -B $ipv4_unreg_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1842 tc_check_packets "$ns2" "dev vx0 ingress" 101 2
1843 log_test $? 0 "Unregistered IPv4 multicast - first VTEP"
1844 tc_check_packets "$ns2" "dev vx0 ingress" 102 1
1845 log_test $? 0 "Unregistered IPv4 multicast - second VTEP"
1846
1847 # Send IPv4 link-local multicast traffic and make sure it does not
1848 # arrive to any VTEP.
1849 run_cmd "ip netns exec $ns1 mausezahn br0.10 -A $ipv4_src -B $ipv4_ll_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1850 tc_check_packets "$ns2" "dev vx0 ingress" 101 2
1851 log_test $? 0 "Link-local IPv4 multicast - first VTEP"
1852 tc_check_packets "$ns2" "dev vx0 ingress" 102 1
1853 log_test $? 0 "Link-local IPv4 multicast - second VTEP"
1854
1855 # Send registered IPv4 multicast using a unicast MAC address and make
1856 # sure it does not arrive to any VTEP.
1857 run_cmd "ip netns exec $ns1 mausezahn br0.10 -a own -b 00:11:22:33:44:55 -A $ipv4_src -B $ipv4_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1858 tc_check_packets "$ns2" "dev vx0 ingress" 101 2
1859 log_test $? 0 "Registered IPv4 multicast with a unicast MAC - first VTEP"
1860 tc_check_packets "$ns2" "dev vx0 ingress" 102 1
1861 log_test $? 0 "Registered IPv4 multicast with a unicast MAC - second VTEP"
1862
1863 # Send registered IPv4 multicast using a broadcast MAC address and make
1864 # sure it does not arrive to any VTEP.
1865 run_cmd "ip netns exec $ns1 mausezahn br0.10 -a own -b bcast -A $ipv4_src -B $ipv4_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1866 tc_check_packets "$ns2" "dev vx0 ingress" 101 2
1867 log_test $? 0 "Registered IPv4 multicast with a broadcast MAC - first VTEP"
1868 tc_check_packets "$ns2" "dev vx0 ingress" 102 1
1869 log_test $? 0 "Registered IPv4 multicast with a broadcast MAC - second VTEP"
1870
1871 # Make sure IPv4 traffic did not reach the VTEPs associated with
1872 # IPv6 entries.
1873 tc_check_packets "$ns2" "dev vx0 ingress" 103 0
1874 log_test $? 0 "IPv4 traffic - third VTEP"
1875 tc_check_packets "$ns2" "dev vx0 ingress" 104 0
1876 log_test $? 0 "IPv4 traffic - fourth VTEP"
1877
1878 # Reset IPv4 filters before testing IPv6 traffic.
1879 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $vtep1_ip action pass"
1880 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 102 proto all flower enc_dst_ip $vtep2_ip action pass"
1881
1882 # Send registered IPv6 multicast and make sure it only arrives to the
1883 # third VTEP.
1884 run_cmd "ip netns exec $ns1 mausezahn -6 br0.10 -A $ipv6_src -B $ipv6_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1885 tc_check_packets "$ns2" "dev vx0 ingress" 103 1
1886 log_test $? 0 "Registered IPv6 multicast - third VTEP"
1887 tc_check_packets "$ns2" "dev vx0 ingress" 104 0
1888 log_test $? 0 "Registered IPv6 multicast - fourth VTEP"
1889
1890 # Send unregistered IPv6 multicast that is not link-local and make sure
1891 # it arrives to the third and fourth VTEPs.
1892 run_cmd "ip netns exec $ns1 mausezahn -6 br0.10 -A $ipv6_src -B $ipv6_unreg_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1893 tc_check_packets "$ns2" "dev vx0 ingress" 103 2
1894 log_test $? 0 "Unregistered IPv6 multicast - third VTEP"
1895 tc_check_packets "$ns2" "dev vx0 ingress" 104 1
1896 log_test $? 0 "Unregistered IPv6 multicast - fourth VTEP"
1897
1898 # Send IPv6 link-local multicast traffic and make sure it does not
1899 # arrive to any VTEP.
1900 run_cmd "ip netns exec $ns1 mausezahn -6 br0.10 -A $ipv6_src -B $ipv6_ll_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1901 tc_check_packets "$ns2" "dev vx0 ingress" 103 2
1902 log_test $? 0 "Link-local IPv6 multicast - third VTEP"
1903 tc_check_packets "$ns2" "dev vx0 ingress" 104 1
1904 log_test $? 0 "Link-local IPv6 multicast - fourth VTEP"
1905
1906 # Send registered IPv6 multicast using a unicast MAC address and make
1907 # sure it does not arrive to any VTEP.
1908 run_cmd "ip netns exec $ns1 mausezahn -6 br0.10 -a own -b 00:11:22:33:44:55 -A $ipv6_src -B $ipv6_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1909 tc_check_packets "$ns2" "dev vx0 ingress" 103 2
1910 log_test $? 0 "Registered IPv6 multicast with a unicast MAC - third VTEP"
1911 tc_check_packets "$ns2" "dev vx0 ingress" 104 1
1912 log_test $? 0 "Registered IPv6 multicast with a unicast MAC - fourth VTEP"
1913
1914 # Send registered IPv6 multicast using a broadcast MAC address and make
1915 # sure it does not arrive to any VTEP.
1916 run_cmd "ip netns exec $ns1 mausezahn -6 br0.10 -a own -b bcast -A $ipv6_src -B $ipv6_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1917 tc_check_packets "$ns2" "dev vx0 ingress" 103 2
1918 log_test $? 0 "Registered IPv6 multicast with a broadcast MAC - third VTEP"
1919 tc_check_packets "$ns2" "dev vx0 ingress" 104 1
1920 log_test $? 0 "Registered IPv6 multicast with a broadcast MAC - fourth VTEP"
1921
1922 # Make sure IPv6 traffic did not reach the VTEPs associated with
1923 # IPv4 entries.
1924 tc_check_packets "$ns2" "dev vx0 ingress" 101 0
1925 log_test $? 0 "IPv6 traffic - first VTEP"
1926 tc_check_packets "$ns2" "dev vx0 ingress" 102 0
1927 log_test $? 0 "IPv6 traffic - second VTEP"
1928}
1929
1930all_zeros_mdb_ipv4()
1931{
1932 local ns1=ns1_v4
1933 local ns2=ns2_v4
1934 local vtep1_ip=198.51.100.101
1935 local vtep2_ip=198.51.100.102
1936 local vtep3_ip=198.51.100.103
1937 local vtep4_ip=198.51.100.104
1938 local plen=32
1939
1940 echo
1941 echo "Data path: All-zeros MDB entry - IPv4 underlay"
1942 echo "----------------------------------------------"
1943
1944 all_zeros_mdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $vtep3_ip \
1945 $vtep4_ip $plen
1946}
1947
1948all_zeros_mdb_ipv6()
1949{
1950 local ns1=ns1_v6
1951 local ns2=ns2_v6
1952 local vtep1_ip=2001:db8:1000::1
1953 local vtep2_ip=2001:db8:2000::1
1954 local vtep3_ip=2001:db8:3000::1
1955 local vtep4_ip=2001:db8:4000::1
1956 local plen=128
1957
1958 echo
1959 echo "Data path: All-zeros MDB entry - IPv6 underlay"
1960 echo "----------------------------------------------"
1961
1962 all_zeros_mdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $vtep3_ip \
1963 $vtep4_ip $plen
1964}
1965
1966mdb_fdb_common()
1967{
1968 local ns1=$1; shift
1969 local ns2=$1; shift
1970 local vtep1_ip=$1; shift
1971 local vtep2_ip=$1; shift
1972 local plen=$1; shift
1973 local proto=$1; shift
1974 local grp=$1; shift
1975 local src=$1; shift
1976 local mz=$1; shift
1977
1978 # Install an MDB entry and an FDB entry and make sure that the FDB
1979 # entry only forwards traffic that was not forwarded by the MDB.
1980
1981 # Associate the MDB entry with one VTEP and the FDB entry with another
1982 # VTEP.
1983 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip src_vni 10010"
1984 run_cmd "bridge -n $ns1 fdb add 00:00:00:00:00:00 dev vx0 self static dst $vtep2_ip src_vni 10010"
1985
1986 # Add filters to match on decapsulated traffic in the second namespace.
1987 run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
1988 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto $proto flower ip_proto udp dst_port 54321 enc_dst_ip $vtep1_ip action pass"
1989 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 102 proto $proto flower ip_proto udp dst_port 54321 enc_dst_ip $vtep2_ip action pass"
1990
1991 # Configure the VTEP addresses in the second namespace to enable
1992 # decapsulation.
1993 run_cmd "ip -n $ns2 address replace $vtep1_ip/$plen dev lo"
1994 run_cmd "ip -n $ns2 address replace $vtep2_ip/$plen dev lo"
1995
1996 # Send IP multicast traffic and make sure it is forwarded by the MDB
1997 # and only arrives to the first VTEP.
1998 run_cmd "ip netns exec $ns1 $mz br0.10 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1999 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
2000 log_test $? 0 "IP multicast - first VTEP"
2001 tc_check_packets "$ns2" "dev vx0 ingress" 102 0
2002 log_test $? 0 "IP multicast - second VTEP"
2003
2004 # Send broadcast traffic and make sure it is forwarded by the FDB and
2005 # only arrives to the second VTEP.
2006 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b bcast -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2007 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
2008 log_test $? 0 "Broadcast - first VTEP"
2009 tc_check_packets "$ns2" "dev vx0 ingress" 102 1
2010 log_test $? 0 "Broadcast - second VTEP"
2011
2012 # Remove the MDB entry and make sure that IP multicast is now forwarded
2013 # by the FDB to the second VTEP.
2014 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10010"
2015 run_cmd "ip netns exec $ns1 $mz br0.10 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2016 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
2017 log_test $? 0 "IP multicast after removal - first VTEP"
2018 tc_check_packets "$ns2" "dev vx0 ingress" 102 2
2019 log_test $? 0 "IP multicast after removal - second VTEP"
2020}
2021
2022mdb_fdb_ipv4_ipv4()
2023{
2024 local ns1=ns1_v4
2025 local ns2=ns2_v4
2026 local vtep1_ip=198.51.100.100
2027 local vtep2_ip=198.51.100.200
2028 local plen=32
2029 local proto="ipv4"
2030 local grp=239.1.1.1
2031 local src=192.0.2.129
2032
2033 echo
2034 echo "Data path: MDB with FDB - IPv4 overlay / IPv4 underlay"
2035 echo "------------------------------------------------------"
2036
2037 mdb_fdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $proto $grp $src \
2038 "mausezahn"
2039}
2040
2041mdb_fdb_ipv6_ipv4()
2042{
2043 local ns1=ns1_v4
2044 local ns2=ns2_v4
2045 local vtep1_ip=198.51.100.100
2046 local vtep2_ip=198.51.100.200
2047 local plen=32
2048 local proto="ipv6"
2049 local grp=ff0e::1
2050 local src=2001:db8:100::1
2051
2052 echo
2053 echo "Data path: MDB with FDB - IPv6 overlay / IPv4 underlay"
2054 echo "------------------------------------------------------"
2055
2056 mdb_fdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $proto $grp $src \
2057 "mausezahn -6"
2058}
2059
2060mdb_fdb_ipv4_ipv6()
2061{
2062 local ns1=ns1_v6
2063 local ns2=ns2_v6
2064 local vtep1_ip=2001:db8:1000::1
2065 local vtep2_ip=2001:db8:2000::1
2066 local plen=128
2067 local proto="ipv4"
2068 local grp=239.1.1.1
2069 local src=192.0.2.129
2070
2071 echo
2072 echo "Data path: MDB with FDB - IPv4 overlay / IPv6 underlay"
2073 echo "------------------------------------------------------"
2074
2075 mdb_fdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $proto $grp $src \
2076 "mausezahn"
2077}
2078
2079mdb_fdb_ipv6_ipv6()
2080{
2081 local ns1=ns1_v6
2082 local ns2=ns2_v6
2083 local vtep1_ip=2001:db8:1000::1
2084 local vtep2_ip=2001:db8:2000::1
2085 local plen=128
2086 local proto="ipv6"
2087 local grp=ff0e::1
2088 local src=2001:db8:100::1
2089
2090 echo
2091 echo "Data path: MDB with FDB - IPv6 overlay / IPv6 underlay"
2092 echo "------------------------------------------------------"
2093
2094 mdb_fdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $proto $grp $src \
2095 "mausezahn -6"
2096}
2097
2098mdb_grp1_loop()
2099{
2100 local ns1=$1; shift
2101 local vtep1_ip=$1; shift
2102 local grp1=$1; shift
2103
2104 while true; do
2105 bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp1 dst $vtep1_ip src_vni 10010
2106 bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp1 permanent dst $vtep1_ip src_vni 10010
2107 done >/dev/null 2>&1
2108}
2109
2110mdb_grp2_loop()
2111{
2112 local ns1=$1; shift
2113 local vtep1_ip=$1; shift
2114 local vtep2_ip=$1; shift
2115 local grp2=$1; shift
2116
2117 while true; do
2118 bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp2 dst $vtep1_ip src_vni 10010
2119 bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp2 permanent dst $vtep1_ip src_vni 10010
2120 bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp2 permanent dst $vtep2_ip src_vni 10010
2121 done >/dev/null 2>&1
2122}
2123
2124mdb_torture_common()
2125{
2126 local ns1=$1; shift
2127 local vtep1_ip=$1; shift
2128 local vtep2_ip=$1; shift
2129 local grp1=$1; shift
2130 local grp2=$1; shift
2131 local src=$1; shift
2132 local mz=$1; shift
2133 local pid1
2134 local pid2
2135 local pid3
2136 local pid4
2137
2138 # Continuously send two streams that are forwarded by two different MDB
2139 # entries. The first entry will be added and deleted in a loop. This
2140 # allows us to test that the data path does not use freed MDB entry
2141 # memory. The second entry will have two remotes, one that is added and
2142 # deleted in a loop and another that is replaced in a loop. This allows
2143 # us to test that the data path does not use freed remote entry memory.
2144 # The test is considered successful if nothing crashed.
2145
2146 # Create the MDB entries that will be continuously deleted / replaced.
2147 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp1 permanent dst $vtep1_ip src_vni 10010"
2148 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp2 permanent dst $vtep1_ip src_vni 10010"
2149 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp2 permanent dst $vtep2_ip src_vni 10010"
2150
2151 mdb_grp1_loop $ns1 $vtep1_ip $grp1 &
2152 pid1=$!
2153 mdb_grp2_loop $ns1 $vtep1_ip $vtep2_ip $grp2 &
2154 pid2=$!
2155 ip netns exec $ns1 $mz br0.10 -A $src -B $grp1 -t udp sp=12345,dp=54321 -p 100 -c 0 -q &
2156 pid3=$!
2157 ip netns exec $ns1 $mz br0.10 -A $src -B $grp2 -t udp sp=12345,dp=54321 -p 100 -c 0 -q &
2158 pid4=$!
2159
2160 sleep 30
2161 kill -9 $pid1 $pid2 $pid3 $pid4
2162 wait $pid1 $pid2 $pid3 $pid4 2>/dev/null
2163
2164 log_test 0 0 "Torture test"
2165}
2166
2167mdb_torture_ipv4_ipv4()
2168{
2169 local ns1=ns1_v4
2170 local vtep1_ip=198.51.100.100
2171 local vtep2_ip=198.51.100.200
2172 local grp1=239.1.1.1
2173 local grp2=239.2.2.2
2174 local src=192.0.2.129
2175
2176 echo
2177 echo "Data path: MDB torture test - IPv4 overlay / IPv4 underlay"
2178 echo "----------------------------------------------------------"
2179
2180 mdb_torture_common $ns1 $vtep1_ip $vtep2_ip $grp1 $grp2 $src \
2181 "mausezahn"
2182}
2183
2184mdb_torture_ipv6_ipv4()
2185{
2186 local ns1=ns1_v4
2187 local vtep1_ip=198.51.100.100
2188 local vtep2_ip=198.51.100.200
2189 local grp1=ff0e::1
2190 local grp2=ff0e::2
2191 local src=2001:db8:100::1
2192
2193 echo
2194 echo "Data path: MDB torture test - IPv6 overlay / IPv4 underlay"
2195 echo "----------------------------------------------------------"
2196
2197 mdb_torture_common $ns1 $vtep1_ip $vtep2_ip $grp1 $grp2 $src \
2198 "mausezahn -6"
2199}
2200
2201mdb_torture_ipv4_ipv6()
2202{
2203 local ns1=ns1_v6
2204 local vtep1_ip=2001:db8:1000::1
2205 local vtep2_ip=2001:db8:2000::1
2206 local grp1=239.1.1.1
2207 local grp2=239.2.2.2
2208 local src=192.0.2.129
2209
2210 echo
2211 echo "Data path: MDB torture test - IPv4 overlay / IPv6 underlay"
2212 echo "----------------------------------------------------------"
2213
2214 mdb_torture_common $ns1 $vtep1_ip $vtep2_ip $grp1 $grp2 $src \
2215 "mausezahn"
2216}
2217
2218mdb_torture_ipv6_ipv6()
2219{
2220 local ns1=ns1_v6
2221 local vtep1_ip=2001:db8:1000::1
2222 local vtep2_ip=2001:db8:2000::1
2223 local grp1=ff0e::1
2224 local grp2=ff0e::2
2225 local src=2001:db8:100::1
2226
2227 echo
2228 echo "Data path: MDB torture test - IPv6 overlay / IPv6 underlay"
2229 echo "----------------------------------------------------------"
2230
2231 mdb_torture_common $ns1 $vtep1_ip $vtep2_ip $grp1 $grp2 $src \
2232 "mausezahn -6"
2233}
2234
2235################################################################################
2236# Usage
2237
2238usage()
2239{
2240 cat <<EOF
2241usage: ${0##*/} OPTS
2242
2243 -t <test> Test(s) to run (default: all)
2244 (options: $TESTS)
2245 -c Control path tests only
2246 -d Data path tests only
2247 -p Pause on fail
2248 -P Pause after each test before cleanup
2249 -v Verbose mode (show commands and output)
2250EOF
2251}
2252
2253################################################################################
2254# Main
2255
2256trap cleanup EXIT
2257
2258while getopts ":t:cdpPvh" opt; do
2259 case $opt in
2260 t) TESTS=$OPTARG;;
2261 c) TESTS=${CONTROL_PATH_TESTS};;
2262 d) TESTS=${DATA_PATH_TESTS};;
2263 p) PAUSE_ON_FAIL=yes;;
2264 P) PAUSE=yes;;
2265 v) VERBOSE=$(($VERBOSE + 1));;
2266 h) usage; exit 0;;
2267 *) usage; exit 1;;
2268 esac
2269done
2270
2271# Make sure we don't pause twice.
2272[ "${PAUSE}" = "yes" ] && PAUSE_ON_FAIL=no
2273
2274if [ "$(id -u)" -ne 0 ];then
2275 echo "SKIP: Need root privileges"
2276 exit $ksft_skip;
2277fi
2278
2279if [ ! -x "$(command -v ip)" ]; then
2280 echo "SKIP: Could not run test without ip tool"
2281 exit $ksft_skip
2282fi
2283
2284if [ ! -x "$(command -v bridge)" ]; then
2285 echo "SKIP: Could not run test without bridge tool"
2286 exit $ksft_skip
2287fi
2288
2289if [ ! -x "$(command -v mausezahn)" ]; then
2290 echo "SKIP: Could not run test without mausezahn tool"
2291 exit $ksft_skip
2292fi
2293
2294if [ ! -x "$(command -v jq)" ]; then
2295 echo "SKIP: Could not run test without jq tool"
2296 exit $ksft_skip
2297fi
2298
2299bridge mdb help 2>&1 | grep -q "src_vni"
2300if [ $? -ne 0 ]; then
2301 echo "SKIP: iproute2 bridge too old, missing VXLAN MDB support"
2302 exit $ksft_skip
2303fi
2304
2305# Start clean.
2306cleanup
2307
2308for t in $TESTS
2309do
2310 setup; $t; cleanup;
2311done
2312
2313if [ "$TESTS" != "none" ]; then
2314 printf "\nTests passed: %3d\n" ${nsuccess}
2315 printf "Tests failed: %3d\n" ${nfail}
2316fi
2317
2318exit $ret