Back to home page

OSCL-LXR
 
 

     

0001 #!/bin/bash
0002 # SPDX-License-Identifier: GPL-2.0
0003 #
0004 # author: Andrea Mayer <andrea.mayer@uniroma2.it>
0005 # author: Paolo Lungaroni <paolo.lungaroni@uniroma2.it>
0006 
0007 # This test is designed for evaluating the new SRv6 End.DT46 Behavior used for
0008 # implementing IPv4/IPv6 L3 VPN use cases.
0009 #
0010 # The current SRv6 code in the Linux kernel only implements SRv6 End.DT4 and
0011 # End.DT6 Behaviors which can be used respectively to support IPv4-in-IPv6 and
0012 # IPv6-in-IPv6 VPNs. With End.DT4 and End.DT6 it is not possible to create a
0013 # single SRv6 VPN tunnel to carry both IPv4 and IPv6 traffic.
0014 # The SRv6 End.DT46 Behavior implementation is meant to support the
0015 # decapsulation of IPv4 and IPv6 traffic coming from a single SRv6 tunnel.
0016 # Therefore, the SRv6 End.DT46 Behavior in the Linux kernel greatly simplifies
0017 # the setup and operations of SRv6 VPNs.
0018 #
0019 # Hereafter a network diagram is shown, where two different tenants (named 100
0020 # and 200) offer IPv4/IPv6 L3 VPN services allowing hosts to communicate with
0021 # each other across an IPv6 network.
0022 #
0023 # Only hosts belonging to the same tenant (and to the same VPN) can communicate
0024 # with each other. Instead, the communication among hosts of different tenants
0025 # is forbidden.
0026 # In other words, hosts hs-t100-1 and hs-t100-2 are connected through the
0027 # IPv4/IPv6 L3 VPN of tenant 100 while hs-t200-3 and hs-t200-4 are connected
0028 # using the IPv4/IPv6 L3 VPN of tenant 200. Cross connection between tenant 100
0029 # and tenant 200 is forbidden and thus, for example, hs-t100-1 cannot reach
0030 # hs-t200-3 and vice versa.
0031 #
0032 # Routers rt-1 and rt-2 implement IPv4/IPv6 L3 VPN services leveraging the SRv6
0033 # architecture. The key components for such VPNs are: a) SRv6 Encap behavior,
0034 # b) SRv6 End.DT46 Behavior and c) VRF.
0035 #
0036 # To explain how an IPv4/IPv6 L3 VPN based on SRv6 works, let us briefly
0037 # consider an example where, within the same domain of tenant 100, the host
0038 # hs-t100-1 pings the host hs-t100-2.
0039 #
0040 # First of all, L2 reachability of the host hs-t100-2 is taken into account by
0041 # the router rt-1 which acts as a arp/ndp proxy.
0042 #
0043 # When the host hs-t100-1 sends an IPv6 or IPv4 packet destined to hs-t100-2,
0044 # the router rt-1 receives the packet on the internal veth-t100 interface. Such
0045 # interface is enslaved to the VRF vrf-100 whose associated table contains the
0046 # SRv6 Encap route for encapsulating any IPv6 or IPv4 packet in a IPv6 plus the
0047 # Segment Routing Header (SRH) packet. This packet is sent through the (IPv6)
0048 # core network up to the router rt-2 that receives it on veth0 interface.
0049 #
0050 # The rt-2 router uses the 'localsid' routing table to process incoming
0051 # IPv6+SRH packets which belong to the VPN of the tenant 100. For each of these
0052 # packets, the SRv6 End.DT46 Behavior removes the outer IPv6+SRH headers and
0053 # performs the lookup on the vrf-100 table using the destination address of
0054 # the decapsulated IPv6 or IPv4 packet. Afterwards, the packet is sent to the
0055 # host hs-t100-2 through the veth-t100 interface.
0056 #
0057 # The ping response follows the same processing but this time the roles of rt-1
0058 # and rt-2 are swapped.
0059 #
0060 # Of course, the IPv4/IPv6 L3 VPN for tenant 200 works exactly as the IPv4/IPv6
0061 # L3 VPN for tenant 100. In this case, only hosts hs-t200-3 and hs-t200-4 are
0062 # able to connect with each other.
0063 #
0064 #
0065 # +-------------------+                                   +-------------------+
0066 # |                   |                                   |                   |
0067 # |  hs-t100-1 netns  |                                   |  hs-t100-2 netns  |
0068 # |                   |                                   |                   |
0069 # |  +-------------+  |                                   |  +-------------+  |
0070 # |  |    veth0    |  |                                   |  |    veth0    |  |
0071 # |  |  cafe::1/64 |  |                                   |  |  cafe::2/64 |  |
0072 # |  | 10.0.0.1/24 |  |                                   |  | 10.0.0.2/24 |  |
0073 # |  +-------------+  |                                   |  +-------------+  |
0074 # |        .          |                                   |         .         |
0075 # +-------------------+                                   +-------------------+
0076 #          .                                                        .
0077 #          .                                                        .
0078 #          .                                                        .
0079 # +-----------------------------------+   +-----------------------------------+
0080 # |        .                          |   |                         .         |
0081 # | +---------------+                 |   |                 +---------------- |
0082 # | |   veth-t100   |                 |   |                 |   veth-t100   | |
0083 # | |  cafe::254/64 |                 |   |                 |  cafe::254/64 | |
0084 # | | 10.0.0.254/24 |    +----------+ |   | +----------+    | 10.0.0.254/24 | |
0085 # | +-------+-------+    | localsid | |   | | localsid |    +-------+-------- |
0086 # |         |            |   table  | |   | |   table  |            |         |
0087 # |    +----+----+       +----------+ |   | +----------+       +----+----+    |
0088 # |    | vrf-100 |                    |   |                    | vrf-100 |    |
0089 # |    +---------+     +------------+ |   | +------------+     +---------+    |
0090 # |                    |   veth0    | |   | |   veth0    |                    |
0091 # |                    | fd00::1/64 |.|...|.| fd00::2/64 |                    |
0092 # |    +---------+     +------------+ |   | +------------+     +---------+    |
0093 # |    | vrf-200 |                    |   |                    | vrf-200 |    |
0094 # |    +----+----+                    |   |                    +----+----+    |
0095 # |         |                         |   |                         |         |
0096 # | +-------+-------+                 |   |                 +-------+-------- |
0097 # | |   veth-t200   |                 |   |                 |   veth-t200   | |
0098 # | |  cafe::254/64 |                 |   |                 |  cafe::254/64 | |
0099 # | | 10.0.0.254/24 |                 |   |                 | 10.0.0.254/24 | |
0100 # | +---------------+      rt-1 netns |   | rt-2 netns      +---------------- |
0101 # |        .                          |   |                          .        |
0102 # +-----------------------------------+   +-----------------------------------+
0103 #          .                                                         .
0104 #          .                                                         .
0105 #          .                                                         .
0106 #          .                                                         .
0107 # +-------------------+                                   +-------------------+
0108 # |        .          |                                   |          .        |
0109 # |  +-------------+  |                                   |  +-------------+  |
0110 # |  |    veth0    |  |                                   |  |    veth0    |  |
0111 # |  |  cafe::3/64 |  |                                   |  |  cafe::4/64 |  |
0112 # |  | 10.0.0.3/24 |  |                                   |  | 10.0.0.4/24 |  |
0113 # |  +-------------+  |                                   |  +-------------+  |
0114 # |                   |                                   |                   |
0115 # |  hs-t200-3 netns  |                                   |  hs-t200-4 netns  |
0116 # |                   |                                   |                   |
0117 # +-------------------+                                   +-------------------+
0118 #
0119 #
0120 # ~~~~~~~~~~~~~~~~~~~~~~~~~
0121 # | Network configuration |
0122 # ~~~~~~~~~~~~~~~~~~~~~~~~~
0123 #
0124 # rt-1: localsid table (table 90)
0125 # +--------------------------------------------------+
0126 # |SID              |Action                          |
0127 # +--------------------------------------------------+
0128 # |fc00:21:100::6046|apply SRv6 End.DT46 vrftable 100|
0129 # +--------------------------------------------------+
0130 # |fc00:21:200::6046|apply SRv6 End.DT46 vrftable 200|
0131 # +--------------------------------------------------+
0132 #
0133 # rt-1: VRF tenant 100 (table 100)
0134 # +---------------------------------------------------+
0135 # |host       |Action                                 |
0136 # +---------------------------------------------------+
0137 # |cafe::2    |apply seg6 encap segs fc00:12:100::6046|
0138 # +---------------------------------------------------+
0139 # |cafe::/64  |forward to dev veth-t100               |
0140 # +---------------------------------------------------+
0141 # |10.0.0.2   |apply seg6 encap segs fc00:12:100::6046|
0142 # +---------------------------------------------------+
0143 # |10.0.0.0/24|forward to dev veth-t100               |
0144 # +---------------------------------------------------+
0145 #
0146 # rt-1: VRF tenant 200 (table 200)
0147 # +---------------------------------------------------+
0148 # |host       |Action                                 |
0149 # +---------------------------------------------------+
0150 # |cafe::4    |apply seg6 encap segs fc00:12:200::6046|
0151 # +---------------------------------------------------+
0152 # |cafe::/64  |forward to dev veth-t200               |
0153 # +---------------------------------------------------+
0154 # |10.0.0.4   |apply seg6 encap segs fc00:12:200::6046|
0155 # +---------------------------------------------------+
0156 # |10.0.0.0/24|forward to dev veth-t200               |
0157 # +---------------------------------------------------+
0158 #
0159 #
0160 # rt-2: localsid table (table 90)
0161 # +--------------------------------------------------+
0162 # |SID              |Action                          |
0163 # +--------------------------------------------------+
0164 # |fc00:12:100::6046|apply SRv6 End.DT46 vrftable 100|
0165 # +--------------------------------------------------+
0166 # |fc00:12:200::6046|apply SRv6 End.DT46 vrftable 200|
0167 # +--------------------------------------------------+
0168 #
0169 # rt-2: VRF tenant 100 (table 100)
0170 # +---------------------------------------------------+
0171 # |host       |Action                                 |
0172 # +---------------------------------------------------+
0173 # |cafe::1    |apply seg6 encap segs fc00:21:100::6046|
0174 # +---------------------------------------------------+
0175 # |cafe::/64  |forward to dev veth-t100               |
0176 # +---------------------------------------------------+
0177 # |10.0.0.1   |apply seg6 encap segs fc00:21:100::6046|
0178 # +---------------------------------------------------+
0179 # |10.0.0.0/24|forward to dev veth-t100               |
0180 # +---------------------------------------------------+
0181 #
0182 # rt-2: VRF tenant 200 (table 200)
0183 # +---------------------------------------------------+
0184 # |host       |Action                                 |
0185 # +---------------------------------------------------+
0186 # |cafe::3    |apply seg6 encap segs fc00:21:200::6046|
0187 # +---------------------------------------------------+
0188 # |cafe::/64  |forward to dev veth-t200               |
0189 # +---------------------------------------------------+
0190 # |10.0.0.3   |apply seg6 encap segs fc00:21:200::6046|
0191 # +---------------------------------------------------+
0192 # |10.0.0.0/24|forward to dev veth-t200               |
0193 # +---------------------------------------------------+
0194 #
0195 
0196 # Kselftest framework requirement - SKIP code is 4.
0197 ksft_skip=4
0198 
0199 readonly LOCALSID_TABLE_ID=90
0200 readonly IPv6_RT_NETWORK=fd00
0201 readonly IPv6_HS_NETWORK=cafe
0202 readonly IPv4_HS_NETWORK=10.0.0
0203 readonly VPN_LOCATOR_SERVICE=fc00
0204 PING_TIMEOUT_SEC=4
0205 
0206 ret=0
0207 
0208 PAUSE_ON_FAIL=${PAUSE_ON_FAIL:=no}
0209 
0210 log_test()
0211 {
0212         local rc=$1
0213         local expected=$2
0214         local msg="$3"
0215 
0216         if [ ${rc} -eq ${expected} ]; then
0217                 nsuccess=$((nsuccess+1))
0218                 printf "\n    TEST: %-60s  [ OK ]\n" "${msg}"
0219         else
0220                 ret=1
0221                 nfail=$((nfail+1))
0222                 printf "\n    TEST: %-60s  [FAIL]\n" "${msg}"
0223                 if [ "${PAUSE_ON_FAIL}" = "yes" ]; then
0224                         echo
0225                         echo "hit enter to continue, 'q' to quit"
0226                         read a
0227                         [ "$a" = "q" ] && exit 1
0228                 fi
0229         fi
0230 }
0231 
0232 print_log_test_results()
0233 {
0234         if [ "$TESTS" != "none" ]; then
0235                 printf "\nTests passed: %3d\n" ${nsuccess}
0236                 printf "Tests failed: %3d\n"   ${nfail}
0237         fi
0238 }
0239 
0240 log_section()
0241 {
0242         echo
0243         echo "################################################################################"
0244         echo "TEST SECTION: $*"
0245         echo "################################################################################"
0246 }
0247 
0248 cleanup()
0249 {
0250         ip link del veth-rt-1 2>/dev/null || true
0251         ip link del veth-rt-2 2>/dev/null || true
0252 
0253         # destroy routers rt-* and hosts hs-*
0254         for ns in $(ip netns show | grep -E 'rt-*|hs-*'); do
0255                 ip netns del ${ns} || true
0256         done
0257 }
0258 
0259 # Setup the basic networking for the routers
0260 setup_rt_networking()
0261 {
0262         local rt=$1
0263         local nsname=rt-${rt}
0264 
0265         ip netns add ${nsname}
0266         ip link set veth-rt-${rt} netns ${nsname}
0267         ip -netns ${nsname} link set veth-rt-${rt} name veth0
0268 
0269         ip netns exec ${nsname} sysctl -wq net.ipv6.conf.all.accept_dad=0
0270         ip netns exec ${nsname} sysctl -wq net.ipv6.conf.default.accept_dad=0
0271 
0272         ip -netns ${nsname} addr add ${IPv6_RT_NETWORK}::${rt}/64 dev veth0 nodad
0273         ip -netns ${nsname} link set veth0 up
0274         ip -netns ${nsname} link set lo up
0275 
0276         ip netns exec ${nsname} sysctl -wq net.ipv4.ip_forward=1
0277         ip netns exec ${nsname} sysctl -wq net.ipv6.conf.all.forwarding=1
0278 }
0279 
0280 setup_hs()
0281 {
0282         local hs=$1
0283         local rt=$2
0284         local tid=$3
0285         local hsname=hs-t${tid}-${hs}
0286         local rtname=rt-${rt}
0287         local rtveth=veth-t${tid}
0288 
0289         # set the networking for the host
0290         ip netns add ${hsname}
0291 
0292         ip netns exec ${hsname} sysctl -wq net.ipv6.conf.all.accept_dad=0
0293         ip netns exec ${hsname} sysctl -wq net.ipv6.conf.default.accept_dad=0
0294 
0295         ip -netns ${hsname} link add veth0 type veth peer name ${rtveth}
0296         ip -netns ${hsname} link set ${rtveth} netns ${rtname}
0297         ip -netns ${hsname} addr add ${IPv6_HS_NETWORK}::${hs}/64 dev veth0 nodad
0298         ip -netns ${hsname} addr add ${IPv4_HS_NETWORK}.${hs}/24 dev veth0
0299         ip -netns ${hsname} link set veth0 up
0300         ip -netns ${hsname} link set lo up
0301 
0302         # configure the VRF for the tenant X on the router which is directly
0303         # connected to the source host.
0304         ip -netns ${rtname} link add vrf-${tid} type vrf table ${tid}
0305         ip -netns ${rtname} link set vrf-${tid} up
0306 
0307         ip netns exec ${rtname} sysctl -wq net.ipv6.conf.all.accept_dad=0
0308         ip netns exec ${rtname} sysctl -wq net.ipv6.conf.default.accept_dad=0
0309 
0310         # enslave the veth-tX interface to the vrf-X in the access router
0311         ip -netns ${rtname} link set ${rtveth} master vrf-${tid}
0312         ip -netns ${rtname} addr add ${IPv6_HS_NETWORK}::254/64 dev ${rtveth} nodad
0313         ip -netns ${rtname} addr add ${IPv4_HS_NETWORK}.254/24 dev ${rtveth}
0314         ip -netns ${rtname} link set ${rtveth} up
0315 
0316         ip netns exec ${rtname} sysctl -wq net.ipv6.conf.${rtveth}.proxy_ndp=1
0317         ip netns exec ${rtname} sysctl -wq net.ipv4.conf.${rtveth}.proxy_arp=1
0318 
0319         # disable the rp_filter otherwise the kernel gets confused about how
0320         # to route decap ipv4 packets.
0321         ip netns exec ${rtname} sysctl -wq net.ipv4.conf.all.rp_filter=0
0322         ip netns exec ${rtname} sysctl -wq net.ipv4.conf.${rtveth}.rp_filter=0
0323 
0324         ip netns exec ${rtname} sh -c "echo 1 > /proc/sys/net/vrf/strict_mode"
0325 }
0326 
0327 setup_vpn_config()
0328 {
0329         local hssrc=$1
0330         local rtsrc=$2
0331         local hsdst=$3
0332         local rtdst=$4
0333         local tid=$5
0334 
0335         local hssrc_name=hs-t${tid}-${hssrc}
0336         local hsdst_name=hs-t${tid}-${hsdst}
0337         local rtsrc_name=rt-${rtsrc}
0338         local rtdst_name=rt-${rtdst}
0339         local rtveth=veth-t${tid}
0340         local vpn_sid=${VPN_LOCATOR_SERVICE}:${hssrc}${hsdst}:${tid}::6046
0341 
0342         ip -netns ${rtsrc_name} -6 neigh add proxy ${IPv6_HS_NETWORK}::${hsdst} dev ${rtveth}
0343 
0344         # set the encap route for encapsulating packets which arrive from the
0345         # host hssrc and destined to the access router rtsrc.
0346         ip -netns ${rtsrc_name} -6 route add ${IPv6_HS_NETWORK}::${hsdst}/128 vrf vrf-${tid} \
0347                 encap seg6 mode encap segs ${vpn_sid} dev veth0
0348         ip -netns ${rtsrc_name} -4 route add ${IPv4_HS_NETWORK}.${hsdst}/32 vrf vrf-${tid} \
0349                 encap seg6 mode encap segs ${vpn_sid} dev veth0
0350         ip -netns ${rtsrc_name} -6 route add ${vpn_sid}/128 vrf vrf-${tid} \
0351                 via fd00::${rtdst} dev veth0
0352 
0353         # set the decap route for decapsulating packets which arrive from
0354         # the rtdst router and destined to the hsdst host.
0355         ip -netns ${rtdst_name} -6 route add ${vpn_sid}/128 table ${LOCALSID_TABLE_ID} \
0356                 encap seg6local action End.DT46 vrftable ${tid} dev vrf-${tid}
0357 
0358         # all sids for VPNs start with a common locator which is fc00::/16.
0359         # Routes for handling the SRv6 End.DT46 behavior instances are grouped
0360         # together in the 'localsid' table.
0361         #
0362         # NOTE: added only once
0363         if [ -z "$(ip -netns ${rtdst_name} -6 rule show | \
0364             grep "to ${VPN_LOCATOR_SERVICE}::/16 lookup ${LOCALSID_TABLE_ID}")" ]; then
0365                 ip -netns ${rtdst_name} -6 rule add \
0366                         to ${VPN_LOCATOR_SERVICE}::/16 \
0367                         lookup ${LOCALSID_TABLE_ID} prio 999
0368         fi
0369 
0370         # set default routes to unreachable for both ipv4 and ipv6
0371         ip -netns ${rtsrc_name} -6 route add unreachable default metric 4278198272 \
0372                 vrf vrf-${tid}
0373 
0374         ip -netns ${rtsrc_name} -4 route add unreachable default metric 4278198272 \
0375                 vrf vrf-${tid}
0376 }
0377 
0378 setup()
0379 {
0380         ip link add veth-rt-1 type veth peer name veth-rt-2
0381         # setup the networking for router rt-1 and router rt-2
0382         setup_rt_networking 1
0383         setup_rt_networking 2
0384 
0385         # setup two hosts for the tenant 100.
0386         #  - host hs-1 is directly connected to the router rt-1;
0387         #  - host hs-2 is directly connected to the router rt-2.
0388         setup_hs 1 1 100  #args: host router tenant
0389         setup_hs 2 2 100
0390 
0391         # setup two hosts for the tenant 200
0392         #  - host hs-3 is directly connected to the router rt-1;
0393         #  - host hs-4 is directly connected to the router rt-2.
0394         setup_hs 3 1 200
0395         setup_hs 4 2 200
0396 
0397         # setup the IPv4/IPv6 L3 VPN which connects the host hs-t100-1 and host
0398         # hs-t100-2 within the same tenant 100.
0399         setup_vpn_config 1 1 2 2 100  #args: src_host src_router dst_host dst_router tenant
0400         setup_vpn_config 2 2 1 1 100
0401 
0402         # setup the IPv4/IPv6 L3 VPN which connects the host hs-t200-3 and host
0403         # hs-t200-4 within the same tenant 200.
0404         setup_vpn_config 3 1 4 2 200
0405         setup_vpn_config 4 2 3 1 200
0406 }
0407 
0408 check_rt_connectivity()
0409 {
0410         local rtsrc=$1
0411         local rtdst=$2
0412 
0413         ip netns exec rt-${rtsrc} ping -c 1 -W 1 ${IPv6_RT_NETWORK}::${rtdst} \
0414                 >/dev/null 2>&1
0415 }
0416 
0417 check_and_log_rt_connectivity()
0418 {
0419         local rtsrc=$1
0420         local rtdst=$2
0421 
0422         check_rt_connectivity ${rtsrc} ${rtdst}
0423         log_test $? 0 "Routers connectivity: rt-${rtsrc} -> rt-${rtdst}"
0424 }
0425 
0426 check_hs_ipv6_connectivity()
0427 {
0428         local hssrc=$1
0429         local hsdst=$2
0430         local tid=$3
0431 
0432         ip netns exec hs-t${tid}-${hssrc} ping -c 1 -W ${PING_TIMEOUT_SEC} \
0433                 ${IPv6_HS_NETWORK}::${hsdst} >/dev/null 2>&1
0434 }
0435 
0436 check_hs_ipv4_connectivity()
0437 {
0438         local hssrc=$1
0439         local hsdst=$2
0440         local tid=$3
0441 
0442         ip netns exec hs-t${tid}-${hssrc} ping -c 1 -W ${PING_TIMEOUT_SEC} \
0443                 ${IPv4_HS_NETWORK}.${hsdst} >/dev/null 2>&1
0444 }
0445 
0446 check_and_log_hs_connectivity()
0447 {
0448         local hssrc=$1
0449         local hsdst=$2
0450         local tid=$3
0451 
0452         check_hs_ipv6_connectivity ${hssrc} ${hsdst} ${tid}
0453         log_test $? 0 "IPv6 Hosts connectivity: hs-t${tid}-${hssrc} -> hs-t${tid}-${hsdst} (tenant ${tid})"
0454 
0455         check_hs_ipv4_connectivity ${hssrc} ${hsdst} ${tid}
0456         log_test $? 0 "IPv4 Hosts connectivity: hs-t${tid}-${hssrc} -> hs-t${tid}-${hsdst} (tenant ${tid})"
0457 
0458 }
0459 
0460 check_and_log_hs_isolation()
0461 {
0462         local hssrc=$1
0463         local tidsrc=$2
0464         local hsdst=$3
0465         local tiddst=$4
0466 
0467         check_hs_ipv6_connectivity ${hssrc} ${hsdst} ${tidsrc}
0468         # NOTE: ping should fail
0469         log_test $? 1 "IPv6 Hosts isolation: hs-t${tidsrc}-${hssrc} -X-> hs-t${tiddst}-${hsdst}"
0470 
0471         check_hs_ipv4_connectivity ${hssrc} ${hsdst} ${tidsrc}
0472         # NOTE: ping should fail
0473         log_test $? 1 "IPv4 Hosts isolation: hs-t${tidsrc}-${hssrc} -X-> hs-t${tiddst}-${hsdst}"
0474 
0475 }
0476 
0477 
0478 check_and_log_hs2gw_connectivity()
0479 {
0480         local hssrc=$1
0481         local tid=$2
0482 
0483         check_hs_ipv6_connectivity ${hssrc} 254 ${tid}
0484         log_test $? 0 "IPv6 Hosts connectivity: hs-t${tid}-${hssrc} -> gw (tenant ${tid})"
0485 
0486         check_hs_ipv4_connectivity ${hssrc} 254 ${tid}
0487         log_test $? 0 "IPv4 Hosts connectivity: hs-t${tid}-${hssrc} -> gw (tenant ${tid})"
0488 
0489 }
0490 
0491 router_tests()
0492 {
0493         log_section "IPv6 routers connectivity test"
0494 
0495         check_and_log_rt_connectivity 1 2
0496         check_and_log_rt_connectivity 2 1
0497 }
0498 
0499 host2gateway_tests()
0500 {
0501         log_section "IPv4/IPv6 connectivity test among hosts and gateway"
0502 
0503         check_and_log_hs2gw_connectivity 1 100
0504         check_and_log_hs2gw_connectivity 2 100
0505 
0506         check_and_log_hs2gw_connectivity 3 200
0507         check_and_log_hs2gw_connectivity 4 200
0508 }
0509 
0510 host_vpn_tests()
0511 {
0512         log_section "SRv6 VPN connectivity test among hosts in the same tenant"
0513 
0514         check_and_log_hs_connectivity 1 2 100
0515         check_and_log_hs_connectivity 2 1 100
0516 
0517         check_and_log_hs_connectivity 3 4 200
0518         check_and_log_hs_connectivity 4 3 200
0519 }
0520 
0521 host_vpn_isolation_tests()
0522 {
0523         local i
0524         local j
0525         local k
0526         local tmp
0527         local l1="1 2"
0528         local l2="3 4"
0529         local t1=100
0530         local t2=200
0531 
0532         log_section "SRv6 VPN isolation test among hosts in different tentants"
0533 
0534         for k in 0 1; do
0535                 for i in ${l1}; do
0536                         for j in ${l2}; do
0537                                 check_and_log_hs_isolation ${i} ${t1} ${j} ${t2}
0538                         done
0539                 done
0540 
0541                 # let us test the reverse path
0542                 tmp="${l1}"; l1="${l2}"; l2="${tmp}"
0543                 tmp=${t1}; t1=${t2}; t2=${tmp}
0544         done
0545 }
0546 
0547 if [ "$(id -u)" -ne 0 ];then
0548         echo "SKIP: Need root privileges"
0549         exit $ksft_skip
0550 fi
0551 
0552 if [ ! -x "$(command -v ip)" ]; then
0553         echo "SKIP: Could not run test without ip tool"
0554         exit $ksft_skip
0555 fi
0556 
0557 modprobe vrf &>/dev/null
0558 if [ ! -e /proc/sys/net/vrf/strict_mode ]; then
0559         echo "SKIP: vrf sysctl does not exist"
0560         exit $ksft_skip
0561 fi
0562 
0563 cleanup &>/dev/null
0564 
0565 setup
0566 
0567 router_tests
0568 host2gateway_tests
0569 host_vpn_tests
0570 host_vpn_isolation_tests
0571 
0572 print_log_test_results
0573 
0574 cleanup &>/dev/null
0575 
0576 exit ${ret}
Source navigation ] Diff markup ] Identifier search ] general search ]

This page was automatically generated by the 2.1.0 LXR engine.

The LXR team
Valid CSS 2.1! Valid HTML 4.01!