tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

selftests/net: convert icmp_redirect.sh to run it in unique namespace

Here is the test result after conversion.

# ./icmp_redirect.sh

###########################################################################
Legacy routing
###########################################################################

TEST: IPv4: redirect exception [ OK ]

...

TEST: IPv4: mtu exception plus redirect [ OK ]
TEST: IPv6: mtu exception plus redirect [ OK ]

Tests passed: 40
Tests failed: 0
Tests xfailed: 0

Acked-by: David Ahern <dsahern@kernel.org>
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
Signed-off-by: Paolo Abeni <pabeni@redhat.com>

authored by

Hangbin Liu and committed by
Paolo Abeni c1516b35 baf37f21

+87 -93
+87 -93
tools/testing/selftests/net/icmp_redirect.sh
··· 19 19 # Route on r1 changed to go to r2 via eth0. This causes a redirect to be sent 20 20 # from r1 to h1 telling h1 to use r2 when talking to h2. 21 21 22 + source lib.sh 22 23 VERBOSE=0 23 24 PAUSE_ON_FAIL=no 24 25 ··· 141 140 142 141 cleanup() 143 142 { 144 - local ns 145 - 146 - for ns in h1 h2 r1 r2; do 147 - ip netns del $ns 2>/dev/null 148 - done 143 + cleanup_ns $h1 $h2 $r1 $r2 149 144 } 150 145 151 146 create_vrf() ··· 168 171 169 172 # 170 173 # create nodes as namespaces 171 - # 172 - for ns in h1 h2 r1 r2; do 173 - ip netns add $ns 174 - ip -netns $ns li set lo up 174 + setup_ns h1 h2 r1 r2 175 + for ns in $h1 $h2 $r1 $r2; do 176 + if echo $ns | grep -q h[12]-; then 177 + ip netns exec $ns sysctl -q -w net.ipv4.conf.all.accept_redirects=1 178 + ip netns exec $ns sysctl -q -w net.ipv6.conf.all.forwarding=0 179 + ip netns exec $ns sysctl -q -w net.ipv6.conf.all.accept_redirects=1 180 + ip netns exec $ns sysctl -q -w net.ipv6.conf.all.keep_addr_on_down=1 181 + else 182 + ip netns exec $ns sysctl -q -w net.ipv4.ip_forward=1 183 + ip netns exec $ns sysctl -q -w net.ipv4.conf.all.send_redirects=1 184 + ip netns exec $ns sysctl -q -w net.ipv4.conf.default.rp_filter=0 185 + ip netns exec $ns sysctl -q -w net.ipv4.conf.all.rp_filter=0 175 186 176 - case "${ns}" in 177 - h[12]) ip netns exec $ns sysctl -q -w net.ipv4.conf.all.accept_redirects=1 178 - ip netns exec $ns sysctl -q -w net.ipv6.conf.all.forwarding=0 179 - ip netns exec $ns sysctl -q -w net.ipv6.conf.all.accept_redirects=1 180 - ip netns exec $ns sysctl -q -w net.ipv6.conf.all.keep_addr_on_down=1 181 - ;; 182 - r[12]) ip netns exec $ns sysctl -q -w net.ipv4.ip_forward=1 183 - ip netns exec $ns sysctl -q -w net.ipv4.conf.all.send_redirects=1 184 - ip netns exec $ns sysctl -q -w net.ipv4.conf.default.rp_filter=0 185 - ip netns exec $ns sysctl -q -w net.ipv4.conf.all.rp_filter=0 186 - 187 - ip netns exec $ns sysctl -q -w net.ipv6.conf.all.forwarding=1 188 - ip netns exec $ns sysctl -q -w net.ipv6.route.mtu_expires=10 189 - esac 187 + ip netns exec $ns sysctl -q -w net.ipv6.conf.all.forwarding=1 188 + ip netns exec $ns sysctl -q -w net.ipv6.route.mtu_expires=10 189 + fi 190 190 done 191 191 192 192 # 193 193 # create interconnects 194 194 # 195 - ip -netns h1 li add eth0 type veth peer name r1h1 196 - ip -netns h1 li set r1h1 netns r1 name eth0 up 195 + ip -netns $h1 li add eth0 type veth peer name r1h1 196 + ip -netns $h1 li set r1h1 netns $r1 name eth0 up 197 197 198 - ip -netns h1 li add eth1 type veth peer name r2h1 199 - ip -netns h1 li set r2h1 netns r2 name eth0 up 198 + ip -netns $h1 li add eth1 type veth peer name r2h1 199 + ip -netns $h1 li set r2h1 netns $r2 name eth0 up 200 200 201 - ip -netns h2 li add eth0 type veth peer name r2h2 202 - ip -netns h2 li set eth0 up 203 - ip -netns h2 li set r2h2 netns r2 name eth2 up 201 + ip -netns $h2 li add eth0 type veth peer name r2h2 202 + ip -netns $h2 li set eth0 up 203 + ip -netns $h2 li set r2h2 netns $r2 name eth2 up 204 204 205 - ip -netns r1 li add eth1 type veth peer name r2r1 206 - ip -netns r1 li set eth1 up 207 - ip -netns r1 li set r2r1 netns r2 name eth1 up 205 + ip -netns $r1 li add eth1 type veth peer name r2r1 206 + ip -netns $r1 li set eth1 up 207 + ip -netns $r1 li set r2r1 netns $r2 name eth1 up 208 208 209 209 # 210 210 # h1 211 211 # 212 212 if [ "${WITH_VRF}" = "yes" ]; then 213 - create_vrf "h1" 213 + create_vrf "$h1" 214 214 H1_VRF_ARG="vrf ${VRF}" 215 215 H1_PING_ARG="-I ${VRF}" 216 216 else 217 217 H1_VRF_ARG= 218 218 H1_PING_ARG= 219 219 fi 220 - ip -netns h1 li add br0 type bridge 220 + ip -netns $h1 li add br0 type bridge 221 221 if [ "${WITH_VRF}" = "yes" ]; then 222 - ip -netns h1 li set br0 vrf ${VRF} up 222 + ip -netns $h1 li set br0 vrf ${VRF} up 223 223 else 224 - ip -netns h1 li set br0 up 224 + ip -netns $h1 li set br0 up 225 225 fi 226 - ip -netns h1 addr add dev br0 ${H1_N1_IP}/24 227 - ip -netns h1 -6 addr add dev br0 ${H1_N1_IP6}/64 nodad 228 - ip -netns h1 li set eth0 master br0 up 229 - ip -netns h1 li set eth1 master br0 up 226 + ip -netns $h1 addr add dev br0 ${H1_N1_IP}/24 227 + ip -netns $h1 -6 addr add dev br0 ${H1_N1_IP6}/64 nodad 228 + ip -netns $h1 li set eth0 master br0 up 229 + ip -netns $h1 li set eth1 master br0 up 230 230 231 231 # 232 232 # h2 233 233 # 234 - ip -netns h2 addr add dev eth0 ${H2_N2_IP}/24 235 - ip -netns h2 ro add default via ${R2_N2_IP} dev eth0 236 - ip -netns h2 -6 addr add dev eth0 ${H2_N2_IP6}/64 nodad 237 - ip -netns h2 -6 ro add default via ${R2_N2_IP6} dev eth0 234 + ip -netns $h2 addr add dev eth0 ${H2_N2_IP}/24 235 + ip -netns $h2 ro add default via ${R2_N2_IP} dev eth0 236 + ip -netns $h2 -6 addr add dev eth0 ${H2_N2_IP6}/64 nodad 237 + ip -netns $h2 -6 ro add default via ${R2_N2_IP6} dev eth0 238 238 239 239 # 240 240 # r1 241 241 # 242 - ip -netns r1 addr add dev eth0 ${R1_N1_IP}/24 243 - ip -netns r1 -6 addr add dev eth0 ${R1_N1_IP6}/64 nodad 244 - ip -netns r1 addr add dev eth1 ${R1_R2_N1_IP}/30 245 - ip -netns r1 -6 addr add dev eth1 ${R1_R2_N1_IP6}/126 nodad 242 + ip -netns $r1 addr add dev eth0 ${R1_N1_IP}/24 243 + ip -netns $r1 -6 addr add dev eth0 ${R1_N1_IP6}/64 nodad 244 + ip -netns $r1 addr add dev eth1 ${R1_R2_N1_IP}/30 245 + ip -netns $r1 -6 addr add dev eth1 ${R1_R2_N1_IP6}/126 nodad 246 246 247 247 # 248 248 # r2 249 249 # 250 - ip -netns r2 addr add dev eth0 ${R2_N1_IP}/24 251 - ip -netns r2 -6 addr add dev eth0 ${R2_N1_IP6}/64 nodad 252 - ip -netns r2 addr add dev eth1 ${R2_R1_N1_IP}/30 253 - ip -netns r2 -6 addr add dev eth1 ${R2_R1_N1_IP6}/126 nodad 254 - ip -netns r2 addr add dev eth2 ${R2_N2_IP}/24 255 - ip -netns r2 -6 addr add dev eth2 ${R2_N2_IP6}/64 nodad 250 + ip -netns $r2 addr add dev eth0 ${R2_N1_IP}/24 251 + ip -netns $r2 -6 addr add dev eth0 ${R2_N1_IP6}/64 nodad 252 + ip -netns $r2 addr add dev eth1 ${R2_R1_N1_IP}/30 253 + ip -netns $r2 -6 addr add dev eth1 ${R2_R1_N1_IP6}/126 nodad 254 + ip -netns $r2 addr add dev eth2 ${R2_N2_IP}/24 255 + ip -netns $r2 -6 addr add dev eth2 ${R2_N2_IP6}/64 nodad 256 256 257 257 sleep 2 258 258 259 - R1_LLADDR=$(get_linklocal r1 eth0) 259 + R1_LLADDR=$(get_linklocal $r1 eth0) 260 260 if [ $? -ne 0 ]; then 261 261 echo "Error: Failed to get link-local address of r1's eth0" 262 262 exit 1 263 263 fi 264 264 log_debug "initial gateway is R1's lladdr = ${R1_LLADDR}" 265 265 266 - R2_LLADDR=$(get_linklocal r2 eth0) 266 + R2_LLADDR=$(get_linklocal $r2 eth0) 267 267 if [ $? -ne 0 ]; then 268 268 echo "Error: Failed to get link-local address of r2's eth0" 269 269 exit 1 ··· 272 278 { 273 279 local mtu=$1 274 280 275 - run_cmd ip -netns h2 li set eth0 mtu ${mtu} 276 - run_cmd ip -netns r2 li set eth2 mtu ${mtu} 281 + run_cmd ip -netns $h2 li set eth0 mtu ${mtu} 282 + run_cmd ip -netns $r2 li set eth2 mtu ${mtu} 277 283 } 278 284 279 285 check_exception() ··· 285 291 # From 172.16.1.101: icmp_seq=1 Redirect Host(New nexthop: 172.16.1.102) 286 292 if [ "$VERBOSE" = "1" ]; then 287 293 echo "Commands to check for exception:" 288 - run_cmd ip -netns h1 ro get ${H1_VRF_ARG} ${H2_N2_IP} 289 - run_cmd ip -netns h1 -6 ro get ${H1_VRF_ARG} ${H2_N2_IP6} 294 + run_cmd ip -netns $h1 ro get ${H1_VRF_ARG} ${H2_N2_IP} 295 + run_cmd ip -netns $h1 -6 ro get ${H1_VRF_ARG} ${H2_N2_IP6} 290 296 fi 291 297 292 298 if [ -n "${mtu}" ]; then 293 299 mtu=" mtu ${mtu}" 294 300 fi 295 301 if [ "$with_redirect" = "yes" ]; then 296 - ip -netns h1 ro get ${H1_VRF_ARG} ${H2_N2_IP} | \ 302 + ip -netns $h1 ro get ${H1_VRF_ARG} ${H2_N2_IP} | \ 297 303 grep -q "cache <redirected> expires [0-9]*sec${mtu}" 298 304 elif [ -n "${mtu}" ]; then 299 - ip -netns h1 ro get ${H1_VRF_ARG} ${H2_N2_IP} | \ 305 + ip -netns $h1 ro get ${H1_VRF_ARG} ${H2_N2_IP} | \ 300 306 grep -q "cache expires [0-9]*sec${mtu}" 301 307 else 302 308 # want to verify that neither mtu nor redirected appears in 303 309 # the route get output. The -v will wipe out the cache line 304 310 # if either are set so the last grep -q will not find a match 305 - ip -netns h1 ro get ${H1_VRF_ARG} ${H2_N2_IP} | \ 311 + ip -netns $h1 ro get ${H1_VRF_ARG} ${H2_N2_IP} | \ 306 312 grep -E -v 'mtu|redirected' | grep -q "cache" 307 313 fi 308 314 log_test $? 0 "IPv4: ${desc}" 0 309 315 310 316 # No PMTU info for test "redirect" and "mtu exception plus redirect" 311 317 if [ "$with_redirect" = "yes" ] && [ "$desc" != "redirect exception plus mtu" ]; then 312 - ip -netns h1 -6 ro get ${H1_VRF_ARG} ${H2_N2_IP6} | \ 318 + ip -netns $h1 -6 ro get ${H1_VRF_ARG} ${H2_N2_IP6} | \ 313 319 grep -v "mtu" | grep -q "${H2_N2_IP6} .*via ${R2_LLADDR} dev br0" 314 320 elif [ -n "${mtu}" ]; then 315 - ip -netns h1 -6 ro get ${H1_VRF_ARG} ${H2_N2_IP6} | \ 321 + ip -netns $h1 -6 ro get ${H1_VRF_ARG} ${H2_N2_IP6} | \ 316 322 grep -q "${mtu}" 317 323 else 318 324 # IPv6 is a bit harder. First strip out the match if it 319 325 # contains an mtu exception and then look for the first 320 326 # gateway - R1's lladdr 321 - ip -netns h1 -6 ro get ${H1_VRF_ARG} ${H2_N2_IP6} | \ 327 + ip -netns $h1 -6 ro get ${H1_VRF_ARG} ${H2_N2_IP6} | \ 322 328 grep -v "mtu" | grep -q "${R1_LLADDR}" 323 329 fi 324 330 log_test $? 0 "IPv6: ${desc}" 1 ··· 328 334 { 329 335 local sz=$1 330 336 331 - run_cmd ip netns exec h1 ping -q -M want -i 0.5 -c 10 -w 2 -s ${sz} ${H1_PING_ARG} ${H2_N2_IP} 332 - run_cmd ip netns exec h1 ${ping6} -q -M want -i 0.5 -c 10 -w 2 -s ${sz} ${H1_PING_ARG} ${H2_N2_IP6} 337 + run_cmd ip netns exec $h1 ping -q -M want -i 0.5 -c 10 -w 2 -s ${sz} ${H1_PING_ARG} ${H2_N2_IP} 338 + run_cmd ip netns exec $h1 ${ping6} -q -M want -i 0.5 -c 10 -w 2 -s ${sz} ${H1_PING_ARG} ${H2_N2_IP6} 333 339 } 334 340 335 341 replace_route_new() 336 342 { 337 343 # r1 to h2 via r2 and eth0 338 - run_cmd ip -netns r1 nexthop replace id 1 via ${R2_N1_IP} dev eth0 339 - run_cmd ip -netns r1 nexthop replace id 2 via ${R2_LLADDR} dev eth0 344 + run_cmd ip -netns $r1 nexthop replace id 1 via ${R2_N1_IP} dev eth0 345 + run_cmd ip -netns $r1 nexthop replace id 2 via ${R2_LLADDR} dev eth0 340 346 } 341 347 342 348 reset_route_new() 343 349 { 344 - run_cmd ip -netns r1 nexthop flush 345 - run_cmd ip -netns h1 nexthop flush 350 + run_cmd ip -netns $r1 nexthop flush 351 + run_cmd ip -netns $h1 nexthop flush 346 352 347 353 initial_route_new 348 354 } ··· 350 356 initial_route_new() 351 357 { 352 358 # r1 to h2 via r2 and eth1 353 - run_cmd ip -netns r1 nexthop add id 1 via ${R2_R1_N1_IP} dev eth1 354 - run_cmd ip -netns r1 ro add ${H2_N2} nhid 1 359 + run_cmd ip -netns $r1 nexthop add id 1 via ${R2_R1_N1_IP} dev eth1 360 + run_cmd ip -netns $r1 ro add ${H2_N2} nhid 1 355 361 356 - run_cmd ip -netns r1 nexthop add id 2 via ${R2_R1_N1_IP6} dev eth1 357 - run_cmd ip -netns r1 -6 ro add ${H2_N2_6} nhid 2 362 + run_cmd ip -netns $r1 nexthop add id 2 via ${R2_R1_N1_IP6} dev eth1 363 + run_cmd ip -netns $r1 -6 ro add ${H2_N2_6} nhid 2 358 364 359 365 # h1 to h2 via r1 360 - run_cmd ip -netns h1 nexthop add id 1 via ${R1_N1_IP} dev br0 361 - run_cmd ip -netns h1 ro add ${H1_VRF_ARG} ${H2_N2} nhid 1 366 + run_cmd ip -netns $h1 nexthop add id 1 via ${R1_N1_IP} dev br0 367 + run_cmd ip -netns $h1 ro add ${H1_VRF_ARG} ${H2_N2} nhid 1 362 368 363 - run_cmd ip -netns h1 nexthop add id 2 via ${R1_LLADDR} dev br0 364 - run_cmd ip -netns h1 -6 ro add ${H1_VRF_ARG} ${H2_N2_6} nhid 2 369 + run_cmd ip -netns $h1 nexthop add id 2 via ${R1_LLADDR} dev br0 370 + run_cmd ip -netns $h1 -6 ro add ${H1_VRF_ARG} ${H2_N2_6} nhid 2 365 371 } 366 372 367 373 replace_route_legacy() 368 374 { 369 375 # r1 to h2 via r2 and eth0 370 - run_cmd ip -netns r1 ro replace ${H2_N2} via ${R2_N1_IP} dev eth0 371 - run_cmd ip -netns r1 -6 ro replace ${H2_N2_6} via ${R2_LLADDR} dev eth0 376 + run_cmd ip -netns $r1 ro replace ${H2_N2} via ${R2_N1_IP} dev eth0 377 + run_cmd ip -netns $r1 -6 ro replace ${H2_N2_6} via ${R2_LLADDR} dev eth0 372 378 } 373 379 374 380 reset_route_legacy() 375 381 { 376 - run_cmd ip -netns r1 ro del ${H2_N2} 377 - run_cmd ip -netns r1 -6 ro del ${H2_N2_6} 382 + run_cmd ip -netns $r1 ro del ${H2_N2} 383 + run_cmd ip -netns $r1 -6 ro del ${H2_N2_6} 378 384 379 - run_cmd ip -netns h1 ro del ${H1_VRF_ARG} ${H2_N2} 380 - run_cmd ip -netns h1 -6 ro del ${H1_VRF_ARG} ${H2_N2_6} 385 + run_cmd ip -netns $h1 ro del ${H1_VRF_ARG} ${H2_N2} 386 + run_cmd ip -netns $h1 -6 ro del ${H1_VRF_ARG} ${H2_N2_6} 381 387 382 388 initial_route_legacy 383 389 } ··· 385 391 initial_route_legacy() 386 392 { 387 393 # r1 to h2 via r2 and eth1 388 - run_cmd ip -netns r1 ro add ${H2_N2} via ${R2_R1_N1_IP} dev eth1 389 - run_cmd ip -netns r1 -6 ro add ${H2_N2_6} via ${R2_R1_N1_IP6} dev eth1 394 + run_cmd ip -netns $r1 ro add ${H2_N2} via ${R2_R1_N1_IP} dev eth1 395 + run_cmd ip -netns $r1 -6 ro add ${H2_N2_6} via ${R2_R1_N1_IP6} dev eth1 390 396 391 397 # h1 to h2 via r1 392 398 # - IPv6 redirect only works if gateway is the LLA 393 - run_cmd ip -netns h1 ro add ${H1_VRF_ARG} ${H2_N2} via ${R1_N1_IP} dev br0 394 - run_cmd ip -netns h1 -6 ro add ${H1_VRF_ARG} ${H2_N2_6} via ${R1_LLADDR} dev br0 399 + run_cmd ip -netns $h1 ro add ${H1_VRF_ARG} ${H2_N2} via ${R1_N1_IP} dev br0 400 + run_cmd ip -netns $h1 -6 ro add ${H1_VRF_ARG} ${H2_N2_6} via ${R1_LLADDR} dev br0 395 401 } 396 402 397 403 check_connectivity() 398 404 { 399 405 local rc 400 406 401 - run_cmd ip netns exec h1 ping -c1 -w1 ${H1_PING_ARG} ${H2_N2_IP} 407 + run_cmd ip netns exec $h1 ping -c1 -w1 ${H1_PING_ARG} ${H2_N2_IP} 402 408 rc=$? 403 - run_cmd ip netns exec h1 ${ping6} -c1 -w1 ${H1_PING_ARG} ${H2_N2_IP6} 409 + run_cmd ip netns exec $h1 ${ping6} -c1 -w1 ${H1_PING_ARG} ${H2_N2_IP6} 404 410 [ $? -ne 0 ] && rc=$? 405 411 406 412 return $rc