tools/testing/selftests/bpf/prog_tests/vrf_socket_lookup.c - linux - Git at Google

 // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause

 /*
  * Topology:
  * ---------
  *     NS0 namespace         |   NS1 namespace
  *			     |
  *     +--------------+      |   +--------------+
  *     |    veth01    |----------|    veth10    |
  *     | 172.16.1.100 |      |   | 172.16.1.200 |
  *     |     bpf      |      |   +--------------+
  *     +--------------+      |
  *      server(UDP/TCP)      |
  *  +-------------------+    |
  *  |        vrf1       |    |
  *  |  +--------------+ |    |   +--------------+
  *  |  |    veth02    |----------|    veth20    |
  *  |  | 172.16.2.100 | |    |   | 172.16.2.200 |
  *  |  |     bpf      | |    |   +--------------+
  *  |  +--------------+ |    |
  *  |   server(UDP/TCP) |    |
  *  +-------------------+    |
  *
  * Test flow
  * -----------
  *  The tests verifies that socket lookup via TC is VRF aware:
  *  1) Creates two veth pairs between NS0 and NS1:
  *     a) veth01 <-> veth10 outside the VRF
  *     b) veth02 <-> veth20 in the VRF
  *  2) Attaches to veth01 and veth02 a program that calls:
  *     a) bpf_skc_lookup_tcp() with TCP and tcp_skc is true
  *     b) bpf_sk_lookup_tcp() with TCP and tcp_skc is false
  *     c) bpf_sk_lookup_udp() with UDP
  *     The program stores the lookup result in bss->lookup_status.
  *  3) Creates a socket TCP/UDP server in/outside the VRF.
  *  4) The test expects lookup_status to be:
  *     a) 0 from device in VRF to server outside VRF
  *     b) 0 from device outside VRF to server in VRF
  *     c) 1 from device in VRF to server in VRF
  *     d) 1 from device outside VRF to server outside VRF
  */

 #include <net/if.h>

 #include "test_progs.h"
 #include "network_helpers.h"
 #include "vrf_socket_lookup.skel.h"

 #define NS0 "vrf_socket_lookup_0"
 #define NS1 "vrf_socket_lookup_1"

 #define IP4_ADDR_VETH01 "172.16.1.100"
 #define IP4_ADDR_VETH10 "172.16.1.200"
 #define IP4_ADDR_VETH02 "172.16.2.100"
 #define IP4_ADDR_VETH20 "172.16.2.200"

 #define NON_VRF_PORT 5000
 #define IN_VRF_PORT 5001

 #define TIMEOUT_MS 3000

 static int make_socket(int sotype, const char *ip, int port,
 		       struct sockaddr_storage *addr)
 {
 	int err, fd;

 	err = make_sockaddr(AF_INET, ip, port, addr, NULL);
 	if (!ASSERT_OK(err, "make_address"))
 		return -1;

 	fd = socket(AF_INET, sotype, 0);
 	if (!ASSERT_GE(fd, 0, "socket"))
 		return -1;

 	if (!ASSERT_OK(settimeo(fd, TIMEOUT_MS), "settimeo"))
 		goto fail;

 	return fd;
 fail:
 	close(fd);
 	return -1;
 }

 static int make_server(int sotype, const char *ip, int port, const char *ifname)
 {
 	int err, fd = -1;

 	fd = start_server(AF_INET, sotype, ip, port, TIMEOUT_MS);
 	if (!ASSERT_GE(fd, 0, "start_server"))
 		return -1;

 	if (ifname) {
 		err = setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE,
 				 ifname, strlen(ifname) + 1);
 		if (!ASSERT_OK(err, "setsockopt(SO_BINDTODEVICE)"))
 			goto fail;
 	}

 	return fd;
 fail:
 	close(fd);
 	return -1;
 }

 static int attach_progs(char *ifname, int tc_prog_fd, int xdp_prog_fd)
 {
 	LIBBPF_OPTS(bpf_tc_hook, hook, .attach_point = BPF_TC_INGRESS);
 	LIBBPF_OPTS(bpf_tc_opts, opts, .handle = 1, .priority = 1,
 		    .prog_fd = tc_prog_fd);
 	int ret, ifindex;

 	ifindex = if_nametoindex(ifname);
 	if (!ASSERT_NEQ(ifindex, 0, "if_nametoindex"))
 		return -1;
 	hook.ifindex = ifindex;

 	ret = bpf_tc_hook_create(&hook);
 	if (!ASSERT_OK(ret, "bpf_tc_hook_create"))
 		return ret;

 	ret = bpf_tc_attach(&hook, &opts);
 	if (!ASSERT_OK(ret, "bpf_tc_attach")) {
 		bpf_tc_hook_destroy(&hook);
 		return ret;
 	}
 	ret = bpf_xdp_attach(ifindex, xdp_prog_fd, 0, NULL);
 	if (!ASSERT_OK(ret, "bpf_xdp_attach")) {
 		bpf_tc_hook_destroy(&hook);
 		return ret;
 	}

 	return 0;
 }

 static void cleanup(void)
 {
 	SYS_NOFAIL("test -f /var/run/netns/" NS0 " && ip netns delete "
 		   NS0);
 	SYS_NOFAIL("test -f /var/run/netns/" NS1 " && ip netns delete "
 		   NS1);
 }

 static int setup(struct vrf_socket_lookup *skel)
 {
 	int tc_prog_fd, xdp_prog_fd, ret = 0;
 	struct nstoken *nstoken = NULL;

 	SYS(fail, "ip netns add " NS0);
 	SYS(fail, "ip netns add " NS1);

 	/* NS0 <-> NS1 [veth01 <-> veth10] */
 	SYS(fail, "ip link add veth01 netns " NS0 " type veth peer name veth10"
 	    " netns " NS1);
 	SYS(fail, "ip -net " NS0 " addr add " IP4_ADDR_VETH01 "/24 dev veth01");
 	SYS(fail, "ip -net " NS0 " link set dev veth01 up");
 	SYS(fail, "ip -net " NS1 " addr add " IP4_ADDR_VETH10 "/24 dev veth10");
 	SYS(fail, "ip -net " NS1 " link set dev veth10 up");

 	/* NS0 <-> NS1 [veth02 <-> veth20] */
 	SYS(fail, "ip link add veth02 netns " NS0 " type veth peer name veth20"
 	    " netns " NS1);
 	SYS(fail, "ip -net " NS0 " addr add " IP4_ADDR_VETH02 "/24 dev veth02");
 	SYS(fail, "ip -net " NS0 " link set dev veth02 up");
 	SYS(fail, "ip -net " NS1 " addr add " IP4_ADDR_VETH20 "/24 dev veth20");
 	SYS(fail, "ip -net " NS1 " link set dev veth20 up");

 	/* veth02 -> vrf1  */
 	SYS(fail, "ip -net " NS0 " link add vrf1 type vrf table 11");
 	SYS(fail, "ip -net " NS0 " route add vrf vrf1 unreachable default"
 	    " metric 4278198272");
 	SYS(fail, "ip -net " NS0 " link set vrf1 alias vrf");
 	SYS(fail, "ip -net " NS0 " link set vrf1 up");
 	SYS(fail, "ip -net " NS0 " link set veth02 master vrf1");

 	/* Attach TC and XDP progs to veth devices in NS0 */
 	nstoken = open_netns(NS0);
 	if (!ASSERT_OK_PTR(nstoken, "setns " NS0))
 		goto fail;
 	tc_prog_fd = bpf_program__fd(skel->progs.tc_socket_lookup);
 	if (!ASSERT_GE(tc_prog_fd, 0, "bpf_program__tc_fd"))
 		goto fail;
 	xdp_prog_fd = bpf_program__fd(skel->progs.xdp_socket_lookup);
 	if (!ASSERT_GE(xdp_prog_fd, 0, "bpf_program__xdp_fd"))
 		goto fail;

 	if (attach_progs("veth01", tc_prog_fd, xdp_prog_fd))
 		goto fail;

 	if (attach_progs("veth02", tc_prog_fd, xdp_prog_fd))
 		goto fail;

 	goto close;
 fail:
 	ret = -1;
 close:
 	if (nstoken)
 		close_netns(nstoken);
 	return ret;
 }

 static int test_lookup(struct vrf_socket_lookup *skel, int sotype,
 		       const char *ip, int port, bool test_xdp, bool tcp_skc,
 		       int lookup_status_exp)
 {
 	static const char msg[] = "Hello Server";
 	struct sockaddr_storage addr = {};
 	int fd, ret = 0;

 	fd = make_socket(sotype, ip, port, &addr);
 	if (fd < 0)
 		return -1;

 	skel->bss->test_xdp = test_xdp;
 	skel->bss->tcp_skc = tcp_skc;
 	skel->bss->lookup_status = -1;

 	if (sotype == SOCK_STREAM)
 		connect(fd, (void *)&addr, sizeof(struct sockaddr_in));
 	else
 		sendto(fd, msg, sizeof(msg), 0, (void *)&addr,
 		       sizeof(struct sockaddr_in));

 	if (!ASSERT_EQ(skel->bss->lookup_status, lookup_status_exp,
 		       "lookup_status"))
 		goto fail;

 	goto close;

 fail:
 	ret = -1;
 close:
 	close(fd);
 	return ret;
 }

 static void _test_vrf_socket_lookup(struct vrf_socket_lookup *skel, int sotype,
 				    bool test_xdp, bool tcp_skc)
 {
 	int in_vrf_server = -1, non_vrf_server = -1;
 	struct nstoken *nstoken = NULL;

 	nstoken = open_netns(NS0);
 	if (!ASSERT_OK_PTR(nstoken, "setns " NS0))
 		goto done;

 	/* Open sockets in and outside VRF */
 	non_vrf_server = make_server(sotype, "0.0.0.0", NON_VRF_PORT, NULL);
 	if (!ASSERT_GE(non_vrf_server, 0, "make_server__outside_vrf_fd"))
 		goto done;

 	in_vrf_server = make_server(sotype, "0.0.0.0", IN_VRF_PORT, "veth02");
 	if (!ASSERT_GE(in_vrf_server, 0, "make_server__in_vrf_fd"))
 		goto done;

 	/* Perform test from NS1 */
 	close_netns(nstoken);
 	nstoken = open_netns(NS1);
 	if (!ASSERT_OK_PTR(nstoken, "setns " NS1))
 		goto done;

 	if (!ASSERT_OK(test_lookup(skel, sotype, IP4_ADDR_VETH02, NON_VRF_PORT,
 				   test_xdp, tcp_skc, 0), "in_to_out"))
 		goto done;
 	if (!ASSERT_OK(test_lookup(skel, sotype, IP4_ADDR_VETH02, IN_VRF_PORT,
 				   test_xdp, tcp_skc, 1), "in_to_in"))
 		goto done;
 	if (!ASSERT_OK(test_lookup(skel, sotype, IP4_ADDR_VETH01, NON_VRF_PORT,
 				   test_xdp, tcp_skc, 1), "out_to_out"))
 		goto done;
 	if (!ASSERT_OK(test_lookup(skel, sotype, IP4_ADDR_VETH01, IN_VRF_PORT,
 				   test_xdp, tcp_skc, 0), "out_to_in"))
 		goto done;

 done:
 	if (non_vrf_server >= 0)
 		close(non_vrf_server);
 	if (in_vrf_server >= 0)
 		close(in_vrf_server);
 	if (nstoken)
 		close_netns(nstoken);
 }

 void test_vrf_socket_lookup(void)
 {
 	struct vrf_socket_lookup *skel;

 	cleanup();

 	skel = vrf_socket_lookup__open_and_load();
 	if (!ASSERT_OK_PTR(skel, "vrf_socket_lookup__open_and_load"))
 		return;

 	if (!ASSERT_OK(setup(skel), "setup"))
 		goto done;

 	if (test__start_subtest("tc_socket_lookup_tcp"))
 		_test_vrf_socket_lookup(skel, SOCK_STREAM, false, false);
 	if (test__start_subtest("tc_socket_lookup_tcp_skc"))
 		_test_vrf_socket_lookup(skel, SOCK_STREAM, false, false);
 	if (test__start_subtest("tc_socket_lookup_udp"))
 		_test_vrf_socket_lookup(skel, SOCK_STREAM, false, false);
 	if (test__start_subtest("xdp_socket_lookup_tcp"))
 		_test_vrf_socket_lookup(skel, SOCK_STREAM, true, false);
 	if (test__start_subtest("xdp_socket_lookup_tcp_skc"))
 		_test_vrf_socket_lookup(skel, SOCK_STREAM, true, false);
 	if (test__start_subtest("xdp_socket_lookup_udp"))
 		_test_vrf_socket_lookup(skel, SOCK_STREAM, true, false);

 done:
 	vrf_socket_lookup__destroy(skel);
 	cleanup();
 }
	// SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause

	/*
	* Topology:
	* ---------
	* NS0 namespace \| NS1 namespace
	* \|
	* +--------------+ \| +--------------+
	* \| veth01 \|----------\| veth10 \|
	* \| 172.16.1.100 \| \| \| 172.16.1.200 \|
	* \| bpf \| \| +--------------+
	* +--------------+ \|
	* server(UDP/TCP) \|
	* +-------------------+ \|
	* \| vrf1 \| \|
	* \| +--------------+ \| \| +--------------+
	* \| \| veth02 \|----------\| veth20 \|
	* \| \| 172.16.2.100 \| \| \| \| 172.16.2.200 \|
	* \| \| bpf \| \| \| +--------------+
	* \| +--------------+ \| \|
	* \| server(UDP/TCP) \| \|
	* +-------------------+ \|
	*
	* Test flow
	* -----------
	* The tests verifies that socket lookup via TC is VRF aware:
	* 1) Creates two veth pairs between NS0 and NS1:
	* a) veth01 <-> veth10 outside the VRF
	* b) veth02 <-> veth20 in the VRF
	* 2) Attaches to veth01 and veth02 a program that calls:
	* a) bpf_skc_lookup_tcp() with TCP and tcp_skc is true
	* b) bpf_sk_lookup_tcp() with TCP and tcp_skc is false
	* c) bpf_sk_lookup_udp() with UDP
	* The program stores the lookup result in bss->lookup_status.
	* 3) Creates a socket TCP/UDP server in/outside the VRF.
	* 4) The test expects lookup_status to be:
	* a) 0 from device in VRF to server outside VRF
	* b) 0 from device outside VRF to server in VRF
	* c) 1 from device in VRF to server in VRF
	* d) 1 from device outside VRF to server outside VRF
	*/

	#include <net/if.h>

	#include "test_progs.h"
	#include "network_helpers.h"
	#include "vrf_socket_lookup.skel.h"

	#define NS0 "vrf_socket_lookup_0"
	#define NS1 "vrf_socket_lookup_1"

	#define IP4_ADDR_VETH01 "172.16.1.100"
	#define IP4_ADDR_VETH10 "172.16.1.200"
	#define IP4_ADDR_VETH02 "172.16.2.100"
	#define IP4_ADDR_VETH20 "172.16.2.200"

	#define NON_VRF_PORT 5000
	#define IN_VRF_PORT 5001

	#define TIMEOUT_MS 3000

	static int make_socket(int sotype, const char *ip, int port,
	struct sockaddr_storage *addr)
	{
	int err, fd;

	err = make_sockaddr(AF_INET, ip, port, addr, NULL);
	if (!ASSERT_OK(err, "make_address"))
	return -1;

	fd = socket(AF_INET, sotype, 0);
	if (!ASSERT_GE(fd, 0, "socket"))
	return -1;

	if (!ASSERT_OK(settimeo(fd, TIMEOUT_MS), "settimeo"))
	goto fail;

	return fd;
	fail:
	close(fd);
	return -1;
	}

	static int make_server(int sotype, const char ip, int port, const char ifname)
	{
	int err, fd = -1;

	fd = start_server(AF_INET, sotype, ip, port, TIMEOUT_MS);
	if (!ASSERT_GE(fd, 0, "start_server"))
	return -1;

	if (ifname) {
	err = setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE,
	ifname, strlen(ifname) + 1);
	if (!ASSERT_OK(err, "setsockopt(SO_BINDTODEVICE)"))
	goto fail;
	}

	return fd;
	fail:
	close(fd);
	return -1;
	}

	static int attach_progs(char *ifname, int tc_prog_fd, int xdp_prog_fd)
	{
	LIBBPF_OPTS(bpf_tc_hook, hook, .attach_point = BPF_TC_INGRESS);
	LIBBPF_OPTS(bpf_tc_opts, opts, .handle = 1, .priority = 1,
	.prog_fd = tc_prog_fd);
	int ret, ifindex;

	ifindex = if_nametoindex(ifname);
	if (!ASSERT_NEQ(ifindex, 0, "if_nametoindex"))
	return -1;
	hook.ifindex = ifindex;

	ret = bpf_tc_hook_create(&hook);
	if (!ASSERT_OK(ret, "bpf_tc_hook_create"))
	return ret;

	ret = bpf_tc_attach(&hook, &opts);
	if (!ASSERT_OK(ret, "bpf_tc_attach")) {
	bpf_tc_hook_destroy(&hook);
	return ret;
	}
	ret = bpf_xdp_attach(ifindex, xdp_prog_fd, 0, NULL);
	if (!ASSERT_OK(ret, "bpf_xdp_attach")) {
	bpf_tc_hook_destroy(&hook);
	return ret;
	}

	return 0;
	}

	static void cleanup(void)
	{
	SYS_NOFAIL("test -f /var/run/netns/" NS0 " && ip netns delete "
	NS0);
	SYS_NOFAIL("test -f /var/run/netns/" NS1 " && ip netns delete "
	NS1);
	}

	static int setup(struct vrf_socket_lookup *skel)
	{
	int tc_prog_fd, xdp_prog_fd, ret = 0;
	struct nstoken *nstoken = NULL;

	SYS(fail, "ip netns add " NS0);
	SYS(fail, "ip netns add " NS1);

	/* NS0 <-> NS1 [veth01 <-> veth10] */
	SYS(fail, "ip link add veth01 netns " NS0 " type veth peer name veth10"
	" netns " NS1);
	SYS(fail, "ip -net " NS0 " addr add " IP4_ADDR_VETH01 "/24 dev veth01");
	SYS(fail, "ip -net " NS0 " link set dev veth01 up");
	SYS(fail, "ip -net " NS1 " addr add " IP4_ADDR_VETH10 "/24 dev veth10");
	SYS(fail, "ip -net " NS1 " link set dev veth10 up");

	/* NS0 <-> NS1 [veth02 <-> veth20] */
	SYS(fail, "ip link add veth02 netns " NS0 " type veth peer name veth20"
	" netns " NS1);
	SYS(fail, "ip -net " NS0 " addr add " IP4_ADDR_VETH02 "/24 dev veth02");
	SYS(fail, "ip -net " NS0 " link set dev veth02 up");
	SYS(fail, "ip -net " NS1 " addr add " IP4_ADDR_VETH20 "/24 dev veth20");
	SYS(fail, "ip -net " NS1 " link set dev veth20 up");

	/* veth02 -> vrf1 */
	SYS(fail, "ip -net " NS0 " link add vrf1 type vrf table 11");
	SYS(fail, "ip -net " NS0 " route add vrf vrf1 unreachable default"
	" metric 4278198272");
	SYS(fail, "ip -net " NS0 " link set vrf1 alias vrf");
	SYS(fail, "ip -net " NS0 " link set vrf1 up");
	SYS(fail, "ip -net " NS0 " link set veth02 master vrf1");

	/* Attach TC and XDP progs to veth devices in NS0 */
	nstoken = open_netns(NS0);
	if (!ASSERT_OK_PTR(nstoken, "setns " NS0))
	goto fail;
	tc_prog_fd = bpf_program__fd(skel->progs.tc_socket_lookup);
	if (!ASSERT_GE(tc_prog_fd, 0, "bpf_program__tc_fd"))
	goto fail;
	xdp_prog_fd = bpf_program__fd(skel->progs.xdp_socket_lookup);
	if (!ASSERT_GE(xdp_prog_fd, 0, "bpf_program__xdp_fd"))
	goto fail;

	if (attach_progs("veth01", tc_prog_fd, xdp_prog_fd))
	goto fail;

	if (attach_progs("veth02", tc_prog_fd, xdp_prog_fd))
	goto fail;

	goto close;
	fail:
	ret = -1;
	close:
	if (nstoken)
	close_netns(nstoken);
	return ret;
	}

	static int test_lookup(struct vrf_socket_lookup *skel, int sotype,
	const char *ip, int port, bool test_xdp, bool tcp_skc,
	int lookup_status_exp)
	{
	static const char msg[] = "Hello Server";
	struct sockaddr_storage addr = {};
	int fd, ret = 0;

	fd = make_socket(sotype, ip, port, &addr);
	if (fd < 0)
	return -1;

	skel->bss->test_xdp = test_xdp;
	skel->bss->tcp_skc = tcp_skc;
	skel->bss->lookup_status = -1;

	if (sotype == SOCK_STREAM)
	connect(fd, (void *)&addr, sizeof(struct sockaddr_in));
	else
	sendto(fd, msg, sizeof(msg), 0, (void *)&addr,
	sizeof(struct sockaddr_in));

	if (!ASSERT_EQ(skel->bss->lookup_status, lookup_status_exp,
	"lookup_status"))
	goto fail;

	goto close;

	fail:
	ret = -1;
	close:
	close(fd);
	return ret;
	}

	static void _test_vrf_socket_lookup(struct vrf_socket_lookup *skel, int sotype,
	bool test_xdp, bool tcp_skc)
	{
	int in_vrf_server = -1, non_vrf_server = -1;
	struct nstoken *nstoken = NULL;

	nstoken = open_netns(NS0);
	if (!ASSERT_OK_PTR(nstoken, "setns " NS0))
	goto done;

	/* Open sockets in and outside VRF */
	non_vrf_server = make_server(sotype, "0.0.0.0", NON_VRF_PORT, NULL);
	if (!ASSERT_GE(non_vrf_server, 0, "make_server__outside_vrf_fd"))
	goto done;

	in_vrf_server = make_server(sotype, "0.0.0.0", IN_VRF_PORT, "veth02");
	if (!ASSERT_GE(in_vrf_server, 0, "make_server__in_vrf_fd"))
	goto done;

	/* Perform test from NS1 */
	close_netns(nstoken);
	nstoken = open_netns(NS1);
	if (!ASSERT_OK_PTR(nstoken, "setns " NS1))
	goto done;

	if (!ASSERT_OK(test_lookup(skel, sotype, IP4_ADDR_VETH02, NON_VRF_PORT,
	test_xdp, tcp_skc, 0), "in_to_out"))
	goto done;
	if (!ASSERT_OK(test_lookup(skel, sotype, IP4_ADDR_VETH02, IN_VRF_PORT,
	test_xdp, tcp_skc, 1), "in_to_in"))
	goto done;
	if (!ASSERT_OK(test_lookup(skel, sotype, IP4_ADDR_VETH01, NON_VRF_PORT,
	test_xdp, tcp_skc, 1), "out_to_out"))
	goto done;
	if (!ASSERT_OK(test_lookup(skel, sotype, IP4_ADDR_VETH01, IN_VRF_PORT,
	test_xdp, tcp_skc, 0), "out_to_in"))
	goto done;

	done:
	if (non_vrf_server >= 0)
	close(non_vrf_server);
	if (in_vrf_server >= 0)
	close(in_vrf_server);
	if (nstoken)
	close_netns(nstoken);
	}

	void test_vrf_socket_lookup(void)
	{
	struct vrf_socket_lookup *skel;

	cleanup();

	skel = vrf_socket_lookup__open_and_load();
	if (!ASSERT_OK_PTR(skel, "vrf_socket_lookup__open_and_load"))
	return;

	if (!ASSERT_OK(setup(skel), "setup"))
	goto done;

	if (test__start_subtest("tc_socket_lookup_tcp"))
	_test_vrf_socket_lookup(skel, SOCK_STREAM, false, false);
	if (test__start_subtest("tc_socket_lookup_tcp_skc"))
	_test_vrf_socket_lookup(skel, SOCK_STREAM, false, false);
	if (test__start_subtest("tc_socket_lookup_udp"))
	_test_vrf_socket_lookup(skel, SOCK_STREAM, false, false);
	if (test__start_subtest("xdp_socket_lookup_tcp"))
	_test_vrf_socket_lookup(skel, SOCK_STREAM, true, false);
	if (test__start_subtest("xdp_socket_lookup_tcp_skc"))
	_test_vrf_socket_lookup(skel, SOCK_STREAM, true, false);
	if (test__start_subtest("xdp_socket_lookup_udp"))
	_test_vrf_socket_lookup(skel, SOCK_STREAM, true, false);

	done:
	vrf_socket_lookup__destroy(skel);
	cleanup();
	}