0001
0002
0003
0004
0005
0006
0007
0008
0009
0010
0011
0012
0013
0014
0015
0016
0017
0018
0019
0020
0021
0022
0023
0024
0025
0026
0027
0028
0029
0030
0031
0032
0033
0034
0035 lib_dir=$(dirname $0)/../../../net/forwarding
0036
0037 ALL_TESTS="
0038 decap_error_test
0039 overlay_smac_is_mc_test
0040 "
0041
0042 NUM_NETIFS=4
0043 source $lib_dir/lib.sh
0044 source $lib_dir/tc_common.sh
0045 source $lib_dir/devlink_lib.sh
0046
0047 : ${VXPORT:=4789}
0048 export VXPORT
0049
0050 h1_create()
0051 {
0052 simple_if_init $h1 2001:db8:1::1/64
0053 }
0054
0055 h1_destroy()
0056 {
0057 simple_if_fini $h1 2001:db8:1::1/64
0058 }
0059
0060 switch_create()
0061 {
0062 ip link add name br1 type bridge vlan_filtering 0 mcast_snooping 0
0063
0064
0065 ip link set dev br1 address $(mac_get $swp1)
0066 ip link set dev br1 up
0067
0068 tc qdisc add dev $swp1 clsact
0069 ip link set dev $swp1 master br1
0070 ip link set dev $swp1 up
0071
0072 ip link add name vx1 type vxlan id 1000 local 2001:db8:3::1 \
0073 dstport "$VXPORT" nolearning udp6zerocsumrx udp6zerocsumtx \
0074 tos inherit ttl 100
0075 ip link set dev vx1 master br1
0076 ip link set dev vx1 up
0077
0078 ip link set dev $rp1 up
0079 ip address add dev $rp1 2001:db8:3::1/64
0080 }
0081
0082 switch_destroy()
0083 {
0084 ip address del dev $rp1 2001:db8:3::1/64
0085 ip link set dev $rp1 down
0086
0087 ip link set dev vx1 down
0088 ip link set dev vx1 nomaster
0089 ip link del dev vx1
0090
0091 ip link set dev $swp1 down
0092 ip link set dev $swp1 nomaster
0093 tc qdisc del dev $swp1 clsact
0094
0095 ip link set dev br1 down
0096 ip link del dev br1
0097 }
0098
0099 vrf2_create()
0100 {
0101 simple_if_init $rp2 2001:db8:3::2/64
0102 }
0103
0104 vrf2_destroy()
0105 {
0106 simple_if_fini $rp2 2001:db8:3::2/64
0107 }
0108
0109 setup_prepare()
0110 {
0111 h1=${NETIFS[p1]}
0112 swp1=${NETIFS[p2]}
0113
0114 rp1=${NETIFS[p3]}
0115 rp2=${NETIFS[p4]}
0116
0117 vrf_prepare
0118 forwarding_enable
0119 h1_create
0120 switch_create
0121 vrf2_create
0122 }
0123
0124 cleanup()
0125 {
0126 pre_cleanup
0127
0128 vrf2_destroy
0129 switch_destroy
0130 h1_destroy
0131 forwarding_restore
0132 vrf_cleanup
0133 }
0134
0135 ecn_payload_get()
0136 {
0137 local dest_mac=$(mac_get $h1)
0138 local saddr="20:01:0d:b8:00:01:00:00:00:00:00:00:00:00:00:03"
0139 local daddr="20:01:0d:b8:00:01:00:00:00:00:00:00:00:00:00:01"
0140 p=$(:
0141 )"08:"$( : VXLAN flags
0142 )"00:00:00:"$( : VXLAN reserved
0143 )"00:03:e8:"$( : VXLAN VNI : 1000
0144 )"00:"$( : VXLAN reserved
0145 )"$dest_mac:"$( : ETH daddr
0146 )"00:00:00:00:00:00:"$( : ETH saddr
0147 )"86:dd:"$( : ETH type
0148 )"6"$( : IP version
0149 )"0:0"$( : Traffic class
0150 )"0:00:00:"$( : Flow label
0151 )"00:08:"$( : Payload length
0152 )"3a:"$( : Next header
0153 )"04:"$( : Hop limit
0154 )"$saddr:"$( : IP saddr
0155 )"$daddr:"$( : IP daddr
0156 )"80:"$( : ICMPv6.type
0157 )"00:"$( : ICMPv6.code
0158 )"00:"$( : ICMPv6.checksum
0159 )
0160 echo $p
0161 }
0162
0163 ecn_decap_test()
0164 {
0165 local trap_name="decap_error"
0166 local desc=$1; shift
0167 local ecn_desc=$1; shift
0168 local outer_tos=$1; shift
0169 local mz_pid
0170
0171 RET=0
0172
0173 tc filter add dev $swp1 egress protocol ipv6 pref 1 handle 101 \
0174 flower src_ip 2001:db8:1::3 dst_ip 2001:db8:1::1 action pass
0175
0176 rp1_mac=$(mac_get $rp1)
0177 payload=$(ecn_payload_get)
0178
0179 ip vrf exec v$rp2 $MZ -6 $rp2 -c 0 -d 1msec -b $rp1_mac \
0180 -B 2001:db8:3::1 -t udp \
0181 sp=12345,dp=$VXPORT,tos=$outer_tos,p=$payload -q &
0182 mz_pid=$!
0183
0184 devlink_trap_exception_test $trap_name
0185
0186 tc_check_packets "dev $swp1 egress" 101 0
0187 check_err $? "Packets were not dropped"
0188
0189 log_test "$desc: Inner ECN is not ECT and outer is $ecn_desc"
0190
0191 kill $mz_pid && wait $mz_pid &> /dev/null
0192 tc filter del dev $swp1 egress protocol ipv6 pref 1 handle 101 flower
0193 }
0194
0195 reserved_bits_payload_get()
0196 {
0197 local dest_mac=$(mac_get $h1)
0198 local saddr="20:01:0d:b8:00:01:00:00:00:00:00:00:00:00:00:03"
0199 local daddr="20:01:0d:b8:00:01:00:00:00:00:00:00:00:00:00:01"
0200 p=$(:
0201 )"08:"$( : VXLAN flags
0202 )"01:00:00:"$( : VXLAN reserved
0203 )"00:03:e8:"$( : VXLAN VNI : 1000
0204 )"00:"$( : VXLAN reserved
0205 )"$dest_mac:"$( : ETH daddr
0206 )"00:00:00:00:00:00:"$( : ETH saddr
0207 )"86:dd:"$( : ETH type
0208 )"6"$( : IP version
0209 )"0:0"$( : Traffic class
0210 )"0:00:00:"$( : Flow label
0211 )"00:08:"$( : Payload length
0212 )"3a:"$( : Next header
0213 )"04:"$( : Hop limit
0214 )"$saddr:"$( : IP saddr
0215 )"$daddr:"$( : IP daddr
0216 )"80:"$( : ICMPv6.type
0217 )"00:"$( : ICMPv6.code
0218 )"00:"$( : ICMPv6.checksum
0219 )
0220 echo $p
0221 }
0222
0223 short_payload_get()
0224 {
0225 dest_mac=$(mac_get $h1)
0226 p=$(:
0227 )"08:"$( : VXLAN flags
0228 )"00:00:00:"$( : VXLAN reserved
0229 )"00:03:e8:"$( : VXLAN VNI : 1000
0230 )"00:"$( : VXLAN reserved
0231 )"$dest_mac:"$( : ETH daddr
0232 )"00:00:00:00:00:00:"$( : ETH saddr
0233 )
0234 echo $p
0235 }
0236
0237 corrupted_packet_test()
0238 {
0239 local trap_name="decap_error"
0240 local desc=$1; shift
0241 local payload_get=$1; shift
0242 local mz_pid
0243
0244 RET=0
0245
0246
0247
0248 tc filter add dev $swp1 egress protocol ipv6 pref 1 handle 101 \
0249 flower skip_hw src_ip 2001:db8:3::1 dst_ip 2001:db8:1::1 \
0250 action pass
0251
0252 rp1_mac=$(mac_get $rp1)
0253 payload=$($payload_get)
0254 ip vrf exec v$rp2 $MZ -6 $rp2 -c 0 -d 1msec -b $rp1_mac \
0255 -B 2001:db8:3::1 -t udp sp=12345,dp=$VXPORT,p=$payload -q &
0256 mz_pid=$!
0257
0258 devlink_trap_exception_test $trap_name
0259
0260 tc_check_packets "dev $swp1 egress" 101 0
0261 check_err $? "Packets were not dropped"
0262
0263 log_test "$desc"
0264
0265 kill $mz_pid && wait $mz_pid &> /dev/null
0266 tc filter del dev $swp1 egress protocol ipv6 pref 1 handle 101 flower
0267 }
0268
0269 decap_error_test()
0270 {
0271 ecn_decap_test "Decap error" "ECT(1)" 01
0272 ecn_decap_test "Decap error" "ECT(0)" 02
0273 ecn_decap_test "Decap error" "CE" 03
0274
0275 corrupted_packet_test "Decap error: Reserved bits in use" \
0276 "reserved_bits_payload_get"
0277 corrupted_packet_test "Decap error: Too short inner packet" \
0278 "short_payload_get"
0279 }
0280
0281 mc_smac_payload_get()
0282 {
0283 local dest_mac=$(mac_get $h1)
0284 local source_mac="01:02:03:04:05:06"
0285 local saddr="20:01:0d:b8:00:01:00:00:00:00:00:00:00:00:00:03"
0286 local daddr="20:01:0d:b8:00:01:00:00:00:00:00:00:00:00:00:01"
0287 p=$(:
0288 )"08:"$( : VXLAN flags
0289 )"00:00:00:"$( : VXLAN reserved
0290 )"00:03:e8:"$( : VXLAN VNI : 1000
0291 )"00:"$( : VXLAN reserved
0292 )"$dest_mac:"$( : ETH daddr
0293 )"$source_mac:"$( : ETH saddr
0294 )"86:dd:"$( : ETH type
0295 )"6"$( : IP version
0296 )"0:0"$( : Traffic class
0297 )"0:00:00:"$( : Flow label
0298 )"00:08:"$( : Payload length
0299 )"3a:"$( : Next header
0300 )"04:"$( : Hop limit
0301 )"$saddr:"$( : IP saddr
0302 )"$daddr:"$( : IP daddr
0303 )"80:"$( : ICMPv6.type
0304 )"00:"$( : ICMPv6.code
0305 )"00:"$( : ICMPv6.checksum
0306 )
0307 echo $p
0308 }
0309
0310 overlay_smac_is_mc_test()
0311 {
0312 local trap_name="overlay_smac_is_mc"
0313 local mz_pid
0314
0315 RET=0
0316
0317
0318
0319 tc filter add dev $swp1 egress protocol ipv6 pref 1 handle 101 \
0320 flower src_mac 01:02:03:04:05:06 action pass
0321
0322 rp1_mac=$(mac_get $rp1)
0323 payload=$(mc_smac_payload_get)
0324
0325 ip vrf exec v$rp2 $MZ -6 $rp2 -c 0 -d 1msec -b $rp1_mac \
0326 -B 2001:db8:3::1 -t udp sp=12345,dp=$VXPORT,p=$payload -q &
0327 mz_pid=$!
0328
0329 devlink_trap_drop_test $trap_name $swp1 101
0330
0331 log_test "Overlay source MAC is multicast"
0332
0333 devlink_trap_drop_cleanup $mz_pid $swp1 "ipv6" 1 101
0334 }
0335
0336 trap cleanup EXIT
0337
0338 setup_prepare
0339 setup_wait
0340 tests_run
0341
0342 exit $EXIT_STATUS
