0001
0002
0003
0004
0005
0006
0007 : ${LOCAL_IP:=198.51.100.1}
0008 export LOCAL_IP
0009
0010 : ${REMOTE_IP_1:=198.51.100.2}
0011 export REMOTE_IP_1
0012
0013 : ${REMOTE_IP_2:=198.51.100.3}
0014 export REMOTE_IP_2
0015
0016 : ${UDPCSUM_FLAFS:=noudpcsum}
0017 export UDPCSUM_FLAFS
0018
0019 : ${MC_IP:=224.0.0.1}
0020 export MC_IP
0021
0022 lib_dir=$(dirname $0)/../../../net/forwarding
0023
0024 ALL_TESTS="
0025 fdb_create_veto_test
0026 fdb_replace_veto_test
0027 fdb_append_veto_test
0028 fdb_changelink_veto_test
0029 "
0030 NUM_NETIFS=2
0031 source $lib_dir/lib.sh
0032
0033 setup_prepare()
0034 {
0035 swp1=${NETIFS[p1]}
0036 swp2=${NETIFS[p2]}
0037
0038 ip link add dev br0 type bridge mcast_snooping 0
0039
0040 ip link set dev $swp1 up
0041 ip link set dev $swp1 master br0
0042 ip link set dev $swp2 up
0043
0044 ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
0045 ttl 20 tos inherit local $LOCAL_IP dstport 4789
0046 ip link set dev vxlan0 master br0
0047 }
0048
0049 cleanup()
0050 {
0051 pre_cleanup
0052
0053 ip link set dev vxlan0 nomaster
0054 ip link del dev vxlan0
0055
0056 ip link set dev $swp2 down
0057 ip link set dev $swp1 nomaster
0058 ip link set dev $swp1 down
0059
0060 ip link del dev br0
0061 }
0062
0063 fdb_create_veto_test()
0064 {
0065 RET=0
0066
0067 bridge fdb add 01:02:03:04:05:06 dev vxlan0 self static \
0068 dst $REMOTE_IP_1 2>/dev/null
0069 check_fail $? "multicast MAC not rejected"
0070
0071 bridge fdb add 01:02:03:04:05:06 dev vxlan0 self static \
0072 dst $REMOTE_IP_1 2>&1 >/dev/null | grep -q mlxsw_spectrum
0073 check_err $? "multicast MAC rejected without extack"
0074
0075 log_test "vxlan FDB veto - create"
0076 }
0077
0078 fdb_replace_veto_test()
0079 {
0080 RET=0
0081
0082 bridge fdb add 00:01:02:03:04:05 dev vxlan0 self static \
0083 dst $REMOTE_IP_1
0084 check_err $? "valid FDB rejected"
0085
0086 bridge fdb replace 00:01:02:03:04:05 dev vxlan0 self static \
0087 dst $REMOTE_IP_1 port 1234 2>/dev/null
0088 check_fail $? "FDB with an explicit port not rejected"
0089
0090 bridge fdb replace 00:01:02:03:04:05 dev vxlan0 self static \
0091 dst $REMOTE_IP_1 port 1234 2>&1 >/dev/null \
0092 | grep -q mlxsw_spectrum
0093 check_err $? "FDB with an explicit port rejected without extack"
0094
0095 log_test "vxlan FDB veto - replace"
0096 }
0097
0098 fdb_append_veto_test()
0099 {
0100 RET=0
0101
0102 bridge fdb add 00:00:00:00:00:00 dev vxlan0 self static \
0103 dst $REMOTE_IP_1
0104 check_err $? "valid FDB rejected"
0105
0106 bridge fdb append 00:00:00:00:00:00 dev vxlan0 self static \
0107 dst $REMOTE_IP_2 port 1234 2>/dev/null
0108 check_fail $? "FDB with an explicit port not rejected"
0109
0110 bridge fdb append 00:00:00:00:00:00 dev vxlan0 self static \
0111 dst $REMOTE_IP_2 port 1234 2>&1 >/dev/null \
0112 | grep -q mlxsw_spectrum
0113 check_err $? "FDB with an explicit port rejected without extack"
0114
0115 log_test "vxlan FDB veto - append"
0116 }
0117
0118 fdb_changelink_veto_test()
0119 {
0120 RET=0
0121
0122 ip link set dev vxlan0 type vxlan \
0123 group $MC_IP dev lo 2>/dev/null
0124 check_fail $? "FDB with a multicast IP not rejected"
0125
0126 ip link set dev vxlan0 type vxlan \
0127 group $MC_IP dev lo 2>&1 >/dev/null \
0128 | grep -q mlxsw_spectrum
0129 check_err $? "FDB with a multicast IP rejected without extack"
0130
0131 log_test "vxlan FDB veto - changelink"
0132 }
0133
0134 trap cleanup EXIT
0135
0136 setup_prepare
0137 setup_wait
0138
0139 tests_run
0140
0141 exit $EXIT_STATUS
