| #!/bin/bash |
| # SPDX-License-Identifier: GPL-2.0 |
| # |
| source lib.sh |
| |
| timeout=4m |
| ret=0 |
| tmp=$(mktemp) |
| cleanup() { |
| cleanup_all_ns |
| rm -f "$tmp" |
| } |
| |
| trap cleanup EXIT |
| |
| maxpolicies=100000 |
| [ "$KSFT_MACHINE_SLOW" = "yes" ] && maxpolicies=10000 |
| |
| do_dummies4() { |
| local dir="$1" |
| local max="$2" |
| |
| local policies |
| local pfx |
| pfx=30 |
| policies=0 |
| |
| ip netns exec "$ns" ip xfrm policy flush |
| |
| for i in $(seq 1 100);do |
| local s |
| local d |
| for j in $(seq 1 255);do |
| s=$((i+0)) |
| d=$((i+100)) |
| |
| for a in $(seq 1 8 255); do |
| policies=$((policies+1)) |
| [ "$policies" -gt "$max" ] && return |
| echo xfrm policy add src 10.$s.$j.0/30 dst 10.$d.$j.$a/$pfx dir $dir action block |
| done |
| for a in $(seq 1 8 255); do |
| policies=$((policies+1)) |
| [ "$policies" -gt "$max" ] && return |
| echo xfrm policy add src 10.$s.$j.$a/30 dst 10.$d.$j.0/$pfx dir $dir action block |
| done |
| done |
| done |
| } |
| |
| setup_ns ns |
| |
| do_bench() |
| { |
| local max="$1" |
| |
| start=$(date +%s%3N) |
| do_dummies4 "out" "$max" > "$tmp" |
| if ! timeout "$timeout" ip netns exec "$ns" ip -batch "$tmp";then |
| echo "WARNING: policy insertion cancelled after $timeout" |
| ret=1 |
| fi |
| stop=$(date +%s%3N) |
| |
| result=$((stop-start)) |
| |
| policies=$(wc -l < "$tmp") |
| printf "Inserted %-06s policies in $result ms\n" $policies |
| |
| have=$(ip netns exec "$ns" ip xfrm policy show | grep "action block" | wc -l) |
| if [ "$have" -ne "$policies" ]; then |
| echo "WARNING: mismatch, have $have policies, expected $policies" |
| ret=1 |
| fi |
| } |
| |
| p=100 |
| while [ $p -le "$maxpolicies" ]; do |
| do_bench "$p" |
| p="${p}0" |
| done |
| |
| exit $ret |
