selftests: forwarding: Add VxLAN test with a VLAN-aware bridge

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

The test is very similar to its VLAN-unaware counterpart
(vxlan_bridge_1d.sh), but instead of using multiple VLAN-unaware
bridges, a single VLAN-aware bridge is used with multiple VLANs.

Signed-off-by: Ido Schimmel <idosch@mellanox.com>
Reviewed-by: Petr Machata <petrm@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Ido Schimmel and committed by

David S. Miller 7 years ago b5166d7a f0723237

+800

2 changed files

expand all

tools

testing

selftests

net

forwarding

vxlan_bridge_1q.sh

vxlan_bridge_1q_port_8472.sh

+790

tools/testing/selftests/net/forwarding/vxlan_bridge_1q.sh

··· 1 + #!/bin/bash 2 + # SPDX-License-Identifier: GPL-2.0 3 + 4 + # +-----------------------+ +------------------------+ 5 + # | H1 (vrf) | | H2 (vrf) | 6 + # | + $h1.10 | | + $h2.10 | 7 + # | | 192.0.2.1/28 | | | 192.0.2.2/28 | 8 + # | | | | | | 9 + # | | + $h1.20 | | | + $h2.20 | 10 + # | \ | 198.51.100.1/24 | | \ | 198.51.100.2/24 | 11 + # | \| | | \| | 12 + # | + $h1 | | + $h2 | 13 + # +----|------------------+ +----|-------------------+ 14 + # | | 15 + # +----|--------------------------------------------------|-------------------+ 16 + # | SW | | | 17 + # | +--|--------------------------------------------------|-----------------+ | 18 + # | | + $swp1 BR1 (802.1q) + $swp2 | | 19 + # | | vid 10 vid 10 | | 20 + # | | vid 20 vid 20 | | 21 + # | | | | 22 + # | | + vx10 (vxlan) + vx20 (vxlan) | | 23 + # | | local 192.0.2.17 local 192.0.2.17 | | 24 + # | | remote 192.0.2.34 192.0.2.50 remote 192.0.2.34 192.0.2.50 | | 25 + # | | id 1000 dstport $VXPORT id 2000 dstport $VXPORT | | 26 + # | | vid 10 pvid untagged vid 20 pvid untagged | | 27 + # | +-----------------------------------------------------------------------+ | 28 + # | | 29 + # | 192.0.2.32/28 via 192.0.2.18 | 30 + # | 192.0.2.48/28 via 192.0.2.18 | 31 + # | | 32 + # | + $rp1 | 33 + # | | 192.0.2.17/28 | 34 + # +----|----------------------------------------------------------------------+ 35 + # | 36 + # +----|--------------------------------------------------------+ 37 + # | | VRP2 (vrf) | 38 + # | + $rp2 | 39 + # | 192.0.2.18/28 | 40 + # | | (maybe) HW 41 + # ============================================================================= 42 + # | | (likely) SW 43 + # | + v1 (veth) + v3 (veth) | 44 + # | | 192.0.2.33/28 | 192.0.2.49/28 | 45 + # +----|---------------------------------------|----------------+ 46 + # | | 47 + # +----|------------------------------+ +----|------------------------------+ 48 + # | + v2 (veth) NS1 (netns) | | + v4 (veth) NS2 (netns) | 49 + # | 192.0.2.34/28 | | 192.0.2.50/28 | 50 + # | | | | 51 + # | 192.0.2.16/28 via 192.0.2.33 | | 192.0.2.16/28 via 192.0.2.49 | 52 + # | 192.0.2.50/32 via 192.0.2.33 | | 192.0.2.34/32 via 192.0.2.49 | 53 + # | | | | 54 + # | +-------------------------------+ | | +-------------------------------+ | 55 + # | | BR2 (802.1q) | | | | BR2 (802.1q) | | 56 + # | | + vx10 (vxlan) | | | | + vx10 (vxlan) | | 57 + # | | local 192.0.2.34 | | | | local 192.0.2.50 | | 58 + # | | remote 192.0.2.17 | | | | remote 192.0.2.17 | | 59 + # | | remote 192.0.2.50 | | | | remote 192.0.2.34 | | 60 + # | | id 1000 dstport $VXPORT | | | | id 1000 dstport $VXPORT | | 61 + # | | vid 10 pvid untagged | | | | vid 10 pvid untagged | | 62 + # | | | | | | | | 63 + # | | + vx20 (vxlan) | | | | + vx20 (vxlan) | | 64 + # | | local 192.0.2.34 | | | | local 192.0.2.50 | | 65 + # | | remote 192.0.2.17 | | | | remote 192.0.2.17 | | 66 + # | | remote 192.0.2.50 | | | | remote 192.0.2.34 | | 67 + # | | id 2000 dstport $VXPORT | | | | id 2000 dstport $VXPORT | | 68 + # | | vid 20 pvid untagged | | | | vid 20 pvid untagged | | 69 + # | | | | | | | | 70 + # | | + w1 (veth) | | | | + w1 (veth) | | 71 + # | | | vid 10 | | | | | vid 10 | | 72 + # | | | vid 20 | | | | | vid 20 | | 73 + # | +--|----------------------------+ | | +--|----------------------------+ | 74 + # | | | | | | 75 + # | +--|----------------------------+ | | +--|----------------------------+ | 76 + # | | + w2 (veth) VW2 (vrf) | | | | + w2 (veth) VW2 (vrf) | | 77 + # | | |\ | | | | |\ | | 78 + # | | | + w2.10 | | | | | + w2.10 | | 79 + # | | | 192.0.2.3/28 | | | | | 192.0.2.4/28 | | 80 + # | | | | | | | | | | 81 + # | | + w2.20 | | | | + w2.20 | | 82 + # | | 198.51.100.3/24 | | | | 198.51.100.4/24 | | 83 + # | +-------------------------------+ | | +-------------------------------+ | 84 + # +-----------------------------------+ +-----------------------------------+ 85 + 86 + : ${VXPORT:=4789} 87 + export VXPORT 88 + 89 + : ${ALL_TESTS:=" 90 + ping_ipv4 91 + test_flood 92 + test_unicast 93 + reapply_config 94 + ping_ipv4 95 + test_flood 96 + test_unicast 97 + test_learning 98 + "} 99 + 100 + NUM_NETIFS=6 101 + source lib.sh 102 + 103 + h1_create() 104 + { 105 + simple_if_init $h1 106 + tc qdisc add dev $h1 clsact 107 + vlan_create $h1 10 v$h1 192.0.2.1/28 108 + vlan_create $h1 20 v$h1 198.51.100.1/24 109 + } 110 + 111 + h1_destroy() 112 + { 113 + vlan_destroy $h1 20 114 + vlan_destroy $h1 10 115 + tc qdisc del dev $h1 clsact 116 + simple_if_fini $h1 117 + } 118 + 119 + h2_create() 120 + { 121 + simple_if_init $h2 122 + tc qdisc add dev $h2 clsact 123 + vlan_create $h2 10 v$h2 192.0.2.2/28 124 + vlan_create $h2 20 v$h2 198.51.100.2/24 125 + } 126 + 127 + h2_destroy() 128 + { 129 + vlan_destroy $h2 20 130 + vlan_destroy $h2 10 131 + tc qdisc del dev $h2 clsact 132 + simple_if_fini $h2 133 + } 134 + 135 + rp1_set_addr() 136 + { 137 + ip address add dev $rp1 192.0.2.17/28 138 + 139 + ip route add 192.0.2.32/28 nexthop via 192.0.2.18 140 + ip route add 192.0.2.48/28 nexthop via 192.0.2.18 141 + } 142 + 143 + rp1_unset_addr() 144 + { 145 + ip route del 192.0.2.48/28 nexthop via 192.0.2.18 146 + ip route del 192.0.2.32/28 nexthop via 192.0.2.18 147 + 148 + ip address del dev $rp1 192.0.2.17/28 149 + } 150 + 151 + switch_create() 152 + { 153 + ip link add name br1 type bridge vlan_filtering 1 vlan_default_pvid 0 \ 154 + mcast_snooping 0 155 + # Make sure the bridge uses the MAC address of the local port and not 156 + # that of the VxLAN's device. 157 + ip link set dev br1 address $(mac_get $swp1) 158 + ip link set dev br1 up 159 + 160 + ip link set dev $rp1 up 161 + rp1_set_addr 162 + 163 + ip link add name vx10 type vxlan id 1000 \ 164 + local 192.0.2.17 dstport "$VXPORT" \ 165 + nolearning noudpcsum tos inherit ttl 100 166 + ip link set dev vx10 up 167 + 168 + ip link set dev vx10 master br1 169 + bridge vlan add vid 10 dev vx10 pvid untagged 170 + 171 + ip link add name vx20 type vxlan id 2000 \ 172 + local 192.0.2.17 dstport "$VXPORT" \ 173 + nolearning noudpcsum tos inherit ttl 100 174 + ip link set dev vx20 up 175 + 176 + ip link set dev vx20 master br1 177 + bridge vlan add vid 20 dev vx20 pvid untagged 178 + 179 + ip link set dev $swp1 master br1 180 + ip link set dev $swp1 up 181 + bridge vlan add vid 10 dev $swp1 182 + bridge vlan add vid 20 dev $swp1 183 + 184 + ip link set dev $swp2 master br1 185 + ip link set dev $swp2 up 186 + bridge vlan add vid 10 dev $swp2 187 + bridge vlan add vid 20 dev $swp2 188 + 189 + bridge fdb append dev vx10 00:00:00:00:00:00 dst 192.0.2.34 self 190 + bridge fdb append dev vx10 00:00:00:00:00:00 dst 192.0.2.50 self 191 + 192 + bridge fdb append dev vx20 00:00:00:00:00:00 dst 192.0.2.34 self 193 + bridge fdb append dev vx20 00:00:00:00:00:00 dst 192.0.2.50 self 194 + } 195 + 196 + switch_destroy() 197 + { 198 + bridge fdb del dev vx20 00:00:00:00:00:00 dst 192.0.2.50 self 199 + bridge fdb del dev vx20 00:00:00:00:00:00 dst 192.0.2.34 self 200 + 201 + bridge fdb del dev vx10 00:00:00:00:00:00 dst 192.0.2.50 self 202 + bridge fdb del dev vx10 00:00:00:00:00:00 dst 192.0.2.34 self 203 + 204 + bridge vlan del vid 20 dev $swp2 205 + bridge vlan del vid 10 dev $swp2 206 + ip link set dev $swp2 down 207 + ip link set dev $swp2 nomaster 208 + 209 + bridge vlan del vid 20 dev $swp1 210 + bridge vlan del vid 10 dev $swp1 211 + ip link set dev $swp1 down 212 + ip link set dev $swp1 nomaster 213 + 214 + bridge vlan del vid 20 dev vx20 215 + ip link set dev vx20 nomaster 216 + 217 + ip link set dev vx20 down 218 + ip link del dev vx20 219 + 220 + bridge vlan del vid 10 dev vx10 221 + ip link set dev vx10 nomaster 222 + 223 + ip link set dev vx10 down 224 + ip link del dev vx10 225 + 226 + rp1_unset_addr 227 + ip link set dev $rp1 down 228 + 229 + ip link set dev br1 down 230 + ip link del dev br1 231 + } 232 + 233 + vrp2_create() 234 + { 235 + simple_if_init $rp2 192.0.2.18/28 236 + __simple_if_init v1 v$rp2 192.0.2.33/28 237 + __simple_if_init v3 v$rp2 192.0.2.49/28 238 + tc qdisc add dev v1 clsact 239 + } 240 + 241 + vrp2_destroy() 242 + { 243 + tc qdisc del dev v1 clsact 244 + __simple_if_fini v3 192.0.2.49/28 245 + __simple_if_fini v1 192.0.2.33/28 246 + simple_if_fini $rp2 192.0.2.18/28 247 + } 248 + 249 + ns_init_common() 250 + { 251 + local in_if=$1; shift 252 + local in_addr=$1; shift 253 + local other_in_addr=$1; shift 254 + local nh_addr=$1; shift 255 + local host_addr1=$1; shift 256 + local host_addr2=$1; shift 257 + 258 + ip link set dev $in_if up 259 + ip address add dev $in_if $in_addr/28 260 + tc qdisc add dev $in_if clsact 261 + 262 + ip link add name br2 type bridge vlan_filtering 1 vlan_default_pvid 0 263 + ip link set dev br2 up 264 + 265 + ip link add name w1 type veth peer name w2 266 + 267 + ip link set dev w1 master br2 268 + ip link set dev w1 up 269 + 270 + bridge vlan add vid 10 dev w1 271 + bridge vlan add vid 20 dev w1 272 + 273 + ip link add name vx10 type vxlan id 1000 local $in_addr \ 274 + dstport "$VXPORT" 275 + ip link set dev vx10 up 276 + bridge fdb append dev vx10 00:00:00:00:00:00 dst 192.0.2.17 self 277 + bridge fdb append dev vx10 00:00:00:00:00:00 dst $other_in_addr self 278 + 279 + ip link set dev vx10 master br2 280 + tc qdisc add dev vx10 clsact 281 + 282 + bridge vlan add vid 10 dev vx10 pvid untagged 283 + 284 + ip link add name vx20 type vxlan id 2000 local $in_addr \ 285 + dstport "$VXPORT" 286 + ip link set dev vx20 up 287 + bridge fdb append dev vx20 00:00:00:00:00:00 dst 192.0.2.17 self 288 + bridge fdb append dev vx20 00:00:00:00:00:00 dst $other_in_addr self 289 + 290 + ip link set dev vx20 master br2 291 + tc qdisc add dev vx20 clsact 292 + 293 + bridge vlan add vid 20 dev vx20 pvid untagged 294 + 295 + simple_if_init w2 296 + vlan_create w2 10 vw2 $host_addr1/28 297 + vlan_create w2 20 vw2 $host_addr2/24 298 + 299 + ip route add 192.0.2.16/28 nexthop via $nh_addr 300 + ip route add $other_in_addr/32 nexthop via $nh_addr 301 + } 302 + export -f ns_init_common 303 + 304 + ns1_create() 305 + { 306 + ip netns add ns1 307 + ip link set dev v2 netns ns1 308 + in_ns ns1 \ 309 + ns_init_common v2 192.0.2.34 192.0.2.50 192.0.2.33 192.0.2.3 \ 310 + 198.51.100.3 311 + } 312 + 313 + ns1_destroy() 314 + { 315 + ip netns exec ns1 ip link set dev v2 netns 1 316 + ip netns del ns1 317 + } 318 + 319 + ns2_create() 320 + { 321 + ip netns add ns2 322 + ip link set dev v4 netns ns2 323 + in_ns ns2 \ 324 + ns_init_common v4 192.0.2.50 192.0.2.34 192.0.2.49 192.0.2.4 \ 325 + 198.51.100.4 326 + } 327 + 328 + ns2_destroy() 329 + { 330 + ip netns exec ns2 ip link set dev v4 netns 1 331 + ip netns del ns2 332 + } 333 + 334 + setup_prepare() 335 + { 336 + h1=${NETIFS[p1]} 337 + swp1=${NETIFS[p2]} 338 + 339 + swp2=${NETIFS[p3]} 340 + h2=${NETIFS[p4]} 341 + 342 + rp1=${NETIFS[p5]} 343 + rp2=${NETIFS[p6]} 344 + 345 + vrf_prepare 346 + forwarding_enable 347 + 348 + h1_create 349 + h2_create 350 + switch_create 351 + 352 + ip link add name v1 type veth peer name v2 353 + ip link add name v3 type veth peer name v4 354 + vrp2_create 355 + ns1_create 356 + ns2_create 357 + 358 + r1_mac=$(in_ns ns1 mac_get w2) 359 + r2_mac=$(in_ns ns2 mac_get w2) 360 + h2_mac=$(mac_get $h2) 361 + } 362 + 363 + cleanup() 364 + { 365 + pre_cleanup 366 + 367 + ns2_destroy 368 + ns1_destroy 369 + vrp2_destroy 370 + ip link del dev v3 371 + ip link del dev v1 372 + 373 + switch_destroy 374 + h2_destroy 375 + h1_destroy 376 + 377 + forwarding_restore 378 + vrf_cleanup 379 + } 380 + 381 + # For the first round of tests, vx10 and vx20 were the first devices to get 382 + # attached to the bridge, and that at the point that the local IP is already 383 + # configured. Try the other scenario of attaching these devices to a bridge 384 + # that already has local ports members, and only then assign the local IP. 385 + reapply_config() 386 + { 387 + log_info "Reapplying configuration" 388 + 389 + bridge fdb del dev vx20 00:00:00:00:00:00 dst 192.0.2.50 self 390 + bridge fdb del dev vx20 00:00:00:00:00:00 dst 192.0.2.34 self 391 + 392 + bridge fdb del dev vx10 00:00:00:00:00:00 dst 192.0.2.50 self 393 + bridge fdb del dev vx10 00:00:00:00:00:00 dst 192.0.2.34 self 394 + 395 + ip link set dev vx20 nomaster 396 + ip link set dev vx10 nomaster 397 + 398 + rp1_unset_addr 399 + sleep 5 400 + 401 + ip link set dev vx10 master br1 402 + bridge vlan add vid 10 dev vx10 pvid untagged 403 + 404 + ip link set dev vx20 master br1 405 + bridge vlan add vid 20 dev vx20 pvid untagged 406 + 407 + bridge fdb append dev vx10 00:00:00:00:00:00 dst 192.0.2.34 self 408 + bridge fdb append dev vx10 00:00:00:00:00:00 dst 192.0.2.50 self 409 + 410 + bridge fdb append dev vx20 00:00:00:00:00:00 dst 192.0.2.34 self 411 + bridge fdb append dev vx20 00:00:00:00:00:00 dst 192.0.2.50 self 412 + 413 + rp1_set_addr 414 + sleep 5 415 + } 416 + 417 + ping_ipv4() 418 + { 419 + ping_test $h1.10 192.0.2.2 ": local->local vid 10" 420 + ping_test $h1.20 198.51.100.2 ": local->local vid 20" 421 + ping_test $h1.10 192.0.2.3 ": local->remote 1 vid 10" 422 + ping_test $h1.10 192.0.2.4 ": local->remote 2 vid 10" 423 + ping_test $h1.20 198.51.100.3 ": local->remote 1 vid 20" 424 + ping_test $h1.20 198.51.100.4 ": local->remote 2 vid 20" 425 + } 426 + 427 + maybe_in_ns() 428 + { 429 + echo ${1:+in_ns} $1 430 + } 431 + 432 + __flood_counter_add_del() 433 + { 434 + local add_del=$1; shift 435 + local dev=$1; shift 436 + local ns=$1; shift 437 + 438 + # Putting the ICMP capture both to HW and to SW will end up 439 + # double-counting the packets that are trapped to slow path, such as for 440 + # the unicast test. Adding either skip_hw or skip_sw fixes this problem, 441 + # but with skip_hw, the flooded packets are not counted at all, because 442 + # those are dropped due to MAC address mismatch; and skip_sw is a no-go 443 + # for veth-based topologies. 444 + # 445 + # So try to install with skip_sw and fall back to skip_sw if that fails. 446 + 447 + $(maybe_in_ns $ns) __icmp_capture_add_del \ 448 + $add_del 100 "" $dev skip_sw 2>/dev/null || \ 449 + $(maybe_in_ns $ns) __icmp_capture_add_del \ 450 + $add_del 100 "" $dev skip_hw 451 + } 452 + 453 + flood_counter_install() 454 + { 455 + __flood_counter_add_del add "$@" 456 + } 457 + 458 + flood_counter_uninstall() 459 + { 460 + __flood_counter_add_del del "$@" 461 + } 462 + 463 + flood_fetch_stat() 464 + { 465 + local dev=$1; shift 466 + local ns=$1; shift 467 + 468 + $(maybe_in_ns $ns) tc_rule_stats_get $dev 100 ingress 469 + } 470 + 471 + flood_fetch_stats() 472 + { 473 + local counters=("${@}") 474 + local counter 475 + 476 + for counter in "${counters[@]}"; do 477 + flood_fetch_stat $counter 478 + done 479 + } 480 + 481 + vxlan_flood_test() 482 + { 483 + local mac=$1; shift 484 + local dst=$1; shift 485 + local vid=$1; shift 486 + local -a expects=("${@}") 487 + 488 + local -a counters=($h2 "vx10 ns1" "vx20 ns1" "vx10 ns2" "vx20 ns2") 489 + local counter 490 + local key 491 + 492 + # Packets reach the local host tagged whereas they reach the VxLAN 493 + # devices untagged. In order to be able to use the same filter for 494 + # all counters, make sure the packets also reach the local host 495 + # untagged 496 + bridge vlan add vid $vid dev $swp2 untagged 497 + for counter in "${counters[@]}"; do 498 + flood_counter_install $counter 499 + done 500 + 501 + local -a t0s=($(flood_fetch_stats "${counters[@]}")) 502 + $MZ $h1 -Q $vid -c 10 -d 100msec -p 64 -b $mac -B $dst -t icmp -q 503 + sleep 1 504 + local -a t1s=($(flood_fetch_stats "${counters[@]}")) 505 + 506 + for key in ${!t0s[@]}; do 507 + local delta=$((t1s[$key] - t0s[$key])) 508 + local expect=${expects[$key]} 509 + 510 + ((expect == delta)) 511 + check_err $? "${counters[$key]}: Expected to capture $expect packets, got $delta." 512 + done 513 + 514 + for counter in "${counters[@]}"; do 515 + flood_counter_uninstall $counter 516 + done 517 + bridge vlan add vid $vid dev $swp2 518 + } 519 + 520 + __test_flood() 521 + { 522 + local mac=$1; shift 523 + local dst=$1; shift 524 + local vid=$1; shift 525 + local what=$1; shift 526 + local -a expects=("${@}") 527 + 528 + RET=0 529 + 530 + vxlan_flood_test $mac $dst $vid "${expects[@]}" 531 + 532 + log_test "VXLAN: $what" 533 + } 534 + 535 + test_flood() 536 + { 537 + __test_flood de:ad:be:ef:13:37 192.0.2.100 10 "flood vlan 10" \ 538 + 10 10 0 10 0 539 + __test_flood ca:fe:be:ef:13:37 198.51.100.100 20 "flood vlan 20" \ 540 + 10 0 10 0 10 541 + } 542 + 543 + vxlan_fdb_add_del() 544 + { 545 + local add_del=$1; shift 546 + local vid=$1; shift 547 + local mac=$1; shift 548 + local dev=$1; shift 549 + local dst=$1; shift 550 + 551 + bridge fdb $add_del dev $dev $mac self static permanent \ 552 + ${dst:+dst} $dst 2>/dev/null 553 + bridge fdb $add_del dev $dev $mac master static vlan $vid 2>/dev/null 554 + } 555 + 556 + __test_unicast() 557 + { 558 + local mac=$1; shift 559 + local dst=$1; shift 560 + local hit_idx=$1; shift 561 + local vid=$1; shift 562 + local what=$1; shift 563 + 564 + RET=0 565 + 566 + local -a expects=(0 0 0 0 0) 567 + expects[$hit_idx]=10 568 + 569 + vxlan_flood_test $mac $dst $vid "${expects[@]}" 570 + 571 + log_test "VXLAN: $what" 572 + } 573 + 574 + test_unicast() 575 + { 576 + local -a targets=("$h2_mac $h2" 577 + "$r1_mac vx10 192.0.2.34" 578 + "$r2_mac vx10 192.0.2.50") 579 + local target 580 + 581 + log_info "unicast vlan 10" 582 + 583 + for target in "${targets[@]}"; do 584 + vxlan_fdb_add_del add 10 $target 585 + done 586 + 587 + __test_unicast $h2_mac 192.0.2.2 0 10 "local MAC unicast" 588 + __test_unicast $r1_mac 192.0.2.3 1 10 "remote MAC 1 unicast" 589 + __test_unicast $r2_mac 192.0.2.4 3 10 "remote MAC 2 unicast" 590 + 591 + for target in "${targets[@]}"; do 592 + vxlan_fdb_add_del del 10 $target 593 + done 594 + 595 + log_info "unicast vlan 20" 596 + 597 + targets=("$h2_mac $h2" "$r1_mac vx20 192.0.2.34" \ 598 + "$r2_mac vx20 192.0.2.50") 599 + 600 + for target in "${targets[@]}"; do 601 + vxlan_fdb_add_del add 20 $target 602 + done 603 + 604 + __test_unicast $h2_mac 198.51.100.2 0 20 "local MAC unicast" 605 + __test_unicast $r1_mac 198.51.100.3 2 20 "remote MAC 1 unicast" 606 + __test_unicast $r2_mac 198.51.100.4 4 20 "remote MAC 2 unicast" 607 + 608 + for target in "${targets[@]}"; do 609 + vxlan_fdb_add_del del 20 $target 610 + done 611 + } 612 + 613 + vxlan_ping_test() 614 + { 615 + local ping_dev=$1; shift 616 + local ping_dip=$1; shift 617 + local ping_args=$1; shift 618 + local capture_dev=$1; shift 619 + local capture_dir=$1; shift 620 + local capture_pref=$1; shift 621 + local expect=$1; shift 622 + 623 + local t0=$(tc_rule_stats_get $capture_dev $capture_pref $capture_dir) 624 + ping_do $ping_dev $ping_dip "$ping_args" 625 + local t1=$(tc_rule_stats_get $capture_dev $capture_pref $capture_dir) 626 + local delta=$((t1 - t0)) 627 + 628 + # Tolerate a couple stray extra packets. 629 + ((expect <= delta && delta <= expect + 2)) 630 + check_err $? "$capture_dev: Expected to capture $expect packets, got $delta." 631 + } 632 + 633 + __test_learning() 634 + { 635 + local -a expects=(0 0 0 0 0) 636 + local mac=$1; shift 637 + local dst=$1; shift 638 + local vid=$1; shift 639 + local idx1=$1; shift 640 + local idx2=$1; shift 641 + local vx=vx$vid 642 + 643 + # Check that flooding works 644 + RET=0 645 + 646 + expects[0]=10; expects[$idx1]=10; expects[$idx2]=10 647 + vxlan_flood_test $mac $dst $vid "${expects[@]}" 648 + 649 + log_test "VXLAN: flood before learning" 650 + 651 + # Send a packet with source mac set to $mac from host w2 and check that 652 + # a corresponding entry is created in the VxLAN device 653 + RET=0 654 + 655 + in_ns ns1 $MZ w2 -Q $vid -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff \ 656 + -B $dst -t icmp -q 657 + sleep 1 658 + 659 + bridge fdb show brport $vx | grep $mac | grep -q self 660 + check_err $? 661 + bridge fdb show brport $vx | grep $mac | grep "vlan $vid" \ 662 + | grep -q -v self 663 + check_err $? 664 + 665 + log_test "VXLAN: show learned FDB entry" 666 + 667 + # Repeat first test and check that packets only reach host w2 in ns1 668 + RET=0 669 + 670 + expects[0]=0; expects[$idx1]=10; expects[$idx2]=0 671 + vxlan_flood_test $mac $dst $vid "${expects[@]}" 672 + 673 + log_test "VXLAN: learned FDB entry" 674 + 675 + # Delete the learned FDB entry from the VxLAN and bridge devices and 676 + # check that packets are flooded 677 + RET=0 678 + 679 + bridge fdb del dev $vx $mac master self vlan $vid 680 + sleep 1 681 + 682 + expects[0]=10; expects[$idx1]=10; expects[$idx2]=10 683 + vxlan_flood_test $mac $dst $vid "${expects[@]}" 684 + 685 + log_test "VXLAN: deletion of learned FDB entry" 686 + 687 + # Re-learn the first FDB entry and check that it is correctly aged-out 688 + RET=0 689 + 690 + in_ns ns1 $MZ w2 -Q $vid -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff \ 691 + -B $dst -t icmp -q 692 + sleep 1 693 + 694 + bridge fdb show brport $vx | grep $mac | grep -q self 695 + check_err $? 696 + bridge fdb show brport $vx | grep $mac | grep "vlan $vid" \ 697 + | grep -q -v self 698 + check_err $? 699 + 700 + expects[0]=0; expects[$idx1]=10; expects[$idx2]=0 701 + vxlan_flood_test $mac $dst $vid "${expects[@]}" 702 + 703 + sleep 20 704 + 705 + bridge fdb show brport $vx | grep $mac | grep -q self 706 + check_fail $? 707 + bridge fdb show brport $vx | grep $mac | grep "vlan $vid" \ 708 + | grep -q -v self 709 + check_fail $? 710 + 711 + expects[0]=10; expects[$idx1]=10; expects[$idx2]=10 712 + vxlan_flood_test $mac $dst $vid "${expects[@]}" 713 + 714 + log_test "VXLAN: Ageing of learned FDB entry" 715 + 716 + # Toggle learning on the bridge port and check that the bridge's FDB 717 + # is populated only when it should 718 + RET=0 719 + 720 + ip link set dev $vx type bridge_slave learning off 721 + 722 + in_ns ns1 $MZ w2 -Q $vid -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff \ 723 + -B $dst -t icmp -q 724 + sleep 1 725 + 726 + bridge fdb show brport $vx | grep $mac | grep "vlan $vid" \ 727 + | grep -q -v self 728 + check_fail $? 729 + 730 + ip link set dev $vx type bridge_slave learning on 731 + 732 + in_ns ns1 $MZ w2 -Q $vid -c 1 -p 64 -a $mac -b ff:ff:ff:ff:ff:ff \ 733 + -B $dst -t icmp -q 734 + sleep 1 735 + 736 + bridge fdb show brport $vx | grep $mac | grep "vlan $vid" \ 737 + | grep -q -v self 738 + check_err $? 739 + 740 + log_test "VXLAN: learning toggling on bridge port" 741 + } 742 + 743 + test_learning() 744 + { 745 + local mac=de:ad:be:ef:13:37 746 + local dst=192.0.2.100 747 + local vid=10 748 + 749 + # Enable learning on the VxLAN devices and set ageing time to 10 seconds 750 + ip link set dev br1 type bridge ageing_time 1000 751 + ip link set dev vx10 type vxlan ageing 10 752 + ip link set dev vx10 type vxlan learning 753 + ip link set dev vx20 type vxlan ageing 10 754 + ip link set dev vx20 type vxlan learning 755 + reapply_config 756 + 757 + log_info "learning vlan 10" 758 + 759 + __test_learning $mac $dst $vid 1 3 760 + 761 + log_info "learning vlan 20" 762 + 763 + mac=ca:fe:be:ef:13:37 764 + dst=198.51.100.100 765 + vid=20 766 + 767 + __test_learning $mac $dst $vid 2 4 768 + 769 + # Restore previous settings 770 + ip link set dev vx20 type vxlan nolearning 771 + ip link set dev vx20 type vxlan ageing 300 772 + ip link set dev vx10 type vxlan nolearning 773 + ip link set dev vx10 type vxlan ageing 300 774 + ip link set dev br1 type bridge ageing_time 30000 775 + reapply_config 776 + } 777 + 778 + test_all() 779 + { 780 + log_info "Running tests with UDP port $VXPORT" 781 + tests_run 782 + } 783 + 784 + trap cleanup EXIT 785 + 786 + setup_prepare 787 + setup_wait 788 + test_all 789 + 790 + exit $EXIT_STATUS

+10

tools/testing/selftests/net/forwarding/vxlan_bridge_1q_port_8472.sh

··· 1 + #!/bin/bash 2 + # SPDX-License-Identifier: GPL-2.0 3 + 4 + # A wrapper to run VXLAN tests with an unusual port number. 5 + 6 + VXPORT=8472 7 + ALL_TESTS=" 8 + ping_ipv4 9 + " 10 + source vxlan_bridge_1q.sh