Back to home page

OSCL-LXR
 
 

     

0001 #!/bin/bash
0002 # SPDX-License-Identifier: GPL-2.0
0003 #
0004 # Test that blackhole routes are marked as offloaded and that packets hitting
0005 # them are dropped by the ASIC and not by the kernel.
0006 #
0007 # +---------------------------------+
0008 # | H1 (vrf)                        |
0009 # |    + $h1                        |
0010 # |    | 192.0.2.1/24               |
0011 # |    | 2001:db8:1::1/64           |
0012 # |    |                            |
0013 # |    |  default via 192.0.2.2     |
0014 # |    |  default via 2001:db8:1::2 |
0015 # +----|----------------------------+
0016 #      |
0017 # +----|----------------------------------------------------------------------+
0018 # | SW |                                                                      |
0019 # |    + $rp1                                                                 |
0020 # |        192.0.2.2/24                                                       |
0021 # |        2001:db8:1::2/64                                                   |
0022 # |                                                                           |
0023 # |        2001:db8:2::2/64                                                   |
0024 # |        198.51.100.2/24                                                    |
0025 # |    + $rp2                                                                 |
0026 # |    |                                                                      |
0027 # +----|----------------------------------------------------------------------+
0028 #      |
0029 # +----|----------------------------+
0030 # |    |  default via 198.51.100.2  |
0031 # |    |  default via 2001:db8:2::2 |
0032 # |    |                            |
0033 # |    | 2001:db8:2::1/64           |
0034 # |    | 198.51.100.1/24            |
0035 # |    + $h2                        |
0036 # | H2 (vrf)                        |
0037 # +---------------------------------+
0038 
0039 lib_dir=$(dirname $0)/../../../net/forwarding
0040 
0041 ALL_TESTS="
0042         ping_ipv4
0043         ping_ipv6
0044         blackhole_ipv4
0045         blackhole_ipv6
0046 "
0047 NUM_NETIFS=4
0048 : ${TIMEOUT:=20000} # ms
0049 source $lib_dir/tc_common.sh
0050 source $lib_dir/lib.sh
0051 
0052 h1_create()
0053 {
0054         simple_if_init $h1 192.0.2.1/24 2001:db8:1::1/64
0055 
0056         ip -4 route add default vrf v$h1 nexthop via 192.0.2.2
0057         ip -6 route add default vrf v$h1 nexthop via 2001:db8:1::2
0058 }
0059 
0060 h1_destroy()
0061 {
0062         ip -6 route del default vrf v$h1 nexthop via 2001:db8:1::2
0063         ip -4 route del default vrf v$h1 nexthop via 192.0.2.2
0064 
0065         simple_if_fini $h1 192.0.2.1/24 2001:db8:1::1/64
0066 }
0067 
0068 h2_create()
0069 {
0070         simple_if_init $h2 198.51.100.1/24 2001:db8:2::1/64
0071 
0072         ip -4 route add default vrf v$h2 nexthop via 198.51.100.2
0073         ip -6 route add default vrf v$h2 nexthop via 2001:db8:2::2
0074 }
0075 
0076 h2_destroy()
0077 {
0078         ip -6 route del default vrf v$h2 nexthop via 2001:db8:2::2
0079         ip -4 route del default vrf v$h2 nexthop via 198.51.100.2
0080 
0081         simple_if_fini $h2 198.51.100.1/24 2001:db8:2::1/64
0082 }
0083 
0084 router_create()
0085 {
0086         ip link set dev $rp1 up
0087         ip link set dev $rp2 up
0088 
0089         tc qdisc add dev $rp1 clsact
0090 
0091         __addr_add_del $rp1 add 192.0.2.2/24 2001:db8:1::2/64
0092         __addr_add_del $rp2 add 198.51.100.2/24 2001:db8:2::2/64
0093 }
0094 
0095 router_destroy()
0096 {
0097         __addr_add_del $rp2 del 198.51.100.2/24 2001:db8:2::2/64
0098         __addr_add_del $rp1 del 192.0.2.2/24 2001:db8:1::2/64
0099 
0100         tc qdisc del dev $rp1 clsact
0101 
0102         ip link set dev $rp2 down
0103         ip link set dev $rp1 down
0104 }
0105 
0106 ping_ipv4()
0107 {
0108         ping_test $h1 198.51.100.1 ": h1->h2"
0109 }
0110 
0111 ping_ipv6()
0112 {
0113         ping6_test $h1 2001:db8:2::1 ": h1->h2"
0114 }
0115 
0116 blackhole_ipv4()
0117 {
0118         # Transmit packets from H1 to H2 and make sure they are dropped by the
0119         # ASIC and not by the kernel
0120         RET=0
0121 
0122         ip -4 route add blackhole 198.51.100.0/30
0123         tc filter add dev $rp1 ingress protocol ip pref 1 handle 101 flower \
0124                 skip_hw dst_ip 198.51.100.1 src_ip 192.0.2.1 ip_proto icmp \
0125                 action pass
0126 
0127         busywait "$TIMEOUT" wait_for_offload ip -4 route show 198.51.100.0/30
0128         check_err $? "route not marked as offloaded when should"
0129 
0130         ping_do $h1 198.51.100.1
0131         check_fail $? "ping passed when should not"
0132 
0133         tc_check_packets "dev $rp1 ingress" 101 0
0134         check_err $? "packets trapped and not dropped by ASIC"
0135 
0136         log_test "IPv4 blackhole route"
0137 
0138         tc filter del dev $rp1 ingress protocol ip pref 1 handle 101 flower
0139         ip -4 route del blackhole 198.51.100.0/30
0140 }
0141 
0142 blackhole_ipv6()
0143 {
0144         RET=0
0145 
0146         ip -6 route add blackhole 2001:db8:2::/120
0147         tc filter add dev $rp1 ingress protocol ipv6 pref 1 handle 101 flower \
0148                 skip_hw dst_ip 2001:db8:2::1 src_ip 2001:db8:1::1 \
0149                 ip_proto icmpv6 action pass
0150 
0151         busywait "$TIMEOUT" wait_for_offload ip -6 route show 2001:db8:2::/120
0152         check_err $? "route not marked as offloaded when should"
0153 
0154         ping6_do $h1 2001:db8:2::1
0155         check_fail $? "ping passed when should not"
0156 
0157         tc_check_packets "dev $rp1 ingress" 101 0
0158         check_err $? "packets trapped and not dropped by ASIC"
0159 
0160         log_test "IPv6 blackhole route"
0161 
0162         tc filter del dev $rp1 ingress protocol ipv6 pref 1 handle 101 flower
0163         ip -6 route del blackhole 2001:db8:2::/120
0164 }
0165 
0166 setup_prepare()
0167 {
0168         h1=${NETIFS[p1]}
0169         rp1=${NETIFS[p2]}
0170 
0171         rp2=${NETIFS[p3]}
0172         h2=${NETIFS[p4]}
0173 
0174         vrf_prepare
0175         forwarding_enable
0176 
0177         h1_create
0178         h2_create
0179         router_create
0180 }
0181 
0182 cleanup()
0183 {
0184         pre_cleanup
0185 
0186         router_destroy
0187         h2_destroy
0188         h1_destroy
0189 
0190         forwarding_restore
0191         vrf_cleanup
0192 }
0193 
0194 trap cleanup EXIT
0195 
0196 setup_prepare
0197 setup_wait
0198 
0199 tests_run
0200 
0201 exit $EXIT_STATUS
Source navigation ] Diff markup ] Identifier search ] general search ]

This page was automatically generated by the 2.1.0 LXR engine.

The LXR team
Valid CSS 2.1! Valid HTML 4.01!