| #!/bin/bash |
| # SPDX-License-Identifier: GPL-2.0 |
| # |
| # Test devlink-trap tunnel exceptions functionality over mlxsw. |
| # Check all exception traps to make sure they are triggered under the right |
| # conditions. |
| |
| # +-------------------------+ |
| # | H1 | |
| # | $h1 + | |
| # | 192.0.2.1/28 | | |
| # +-------------------|-----+ |
| # | |
| # +-------------------|-----+ |
| # | SW1 | | |
| # | $swp1 + | |
| # | 192.0.2.2/28 | |
| # | | |
| # | + g1a (gre) | |
| # | loc=192.0.2.65 | |
| # | rem=192.0.2.66 | |
| # | tos=inherit | |
| # | | |
| # | + $rp1 | |
| # | | 198.51.100.1/28 | |
| # +--|----------------------+ |
| # | |
| # +--|----------------------+ |
| # | | VRF2 | |
| # | + $rp2 | |
| # | 198.51.100.2/28 | |
| # +-------------------------+ |
| |
| lib_dir=$(dirname $0)/../../../net/forwarding |
| |
| ALL_TESTS=" |
| decap_error_test |
| " |
| |
| NUM_NETIFS=4 |
| source $lib_dir/lib.sh |
| source $lib_dir/tc_common.sh |
| source $lib_dir/devlink_lib.sh |
| |
| h1_create() |
| { |
| simple_if_init $h1 192.0.2.1/28 |
| } |
| |
| h1_destroy() |
| { |
| simple_if_fini $h1 192.0.2.1/28 |
| } |
| |
| vrf2_create() |
| { |
| simple_if_init $rp2 198.51.100.2/28 |
| } |
| |
| vrf2_destroy() |
| { |
| simple_if_fini $rp2 198.51.100.2/28 |
| } |
| |
| switch_create() |
| { |
| __addr_add_del $swp1 add 192.0.2.2/28 |
| tc qdisc add dev $swp1 clsact |
| ip link set dev $swp1 up |
| |
| tunnel_create g1 gre 192.0.2.65 192.0.2.66 tos inherit |
| __addr_add_del g1 add 192.0.2.65/32 |
| ip link set dev g1 up |
| |
| __addr_add_del $rp1 add 198.51.100.1/28 |
| ip link set dev $rp1 up |
| } |
| |
| switch_destroy() |
| { |
| ip link set dev $rp1 down |
| __addr_add_del $rp1 del 198.51.100.1/28 |
| |
| ip link set dev g1 down |
| __addr_add_del g1 del 192.0.2.65/32 |
| tunnel_destroy g1 |
| |
| ip link set dev $swp1 down |
| tc qdisc del dev $swp1 clsact |
| __addr_add_del $swp1 del 192.0.2.2/28 |
| } |
| |
| setup_prepare() |
| { |
| h1=${NETIFS[p1]} |
| swp1=${NETIFS[p2]} |
| |
| rp1=${NETIFS[p3]} |
| rp2=${NETIFS[p4]} |
| |
| forwarding_enable |
| vrf_prepare |
| h1_create |
| switch_create |
| vrf2_create |
| } |
| |
| cleanup() |
| { |
| pre_cleanup |
| |
| vrf2_destroy |
| switch_destroy |
| h1_destroy |
| vrf_cleanup |
| forwarding_restore |
| } |
| |
| ecn_payload_get() |
| { |
| p=$(: |
| )"0"$( : GRE flags |
| )"0:00:"$( : Reserved + version |
| )"08:00:"$( : ETH protocol type |
| )"4"$( : IP version |
| )"5:"$( : IHL |
| )"00:"$( : IP TOS |
| )"00:14:"$( : IP total length |
| )"00:00:"$( : IP identification |
| )"20:00:"$( : IP flags + frag off |
| )"30:"$( : IP TTL |
| )"01:"$( : IP proto |
| )"E7:E6:"$( : IP header csum |
| )"C0:00:01:01:"$( : IP saddr : 192.0.1.1 |
| )"C0:00:02:01:"$( : IP daddr : 192.0.2.1 |
| ) |
| echo $p |
| } |
| |
| ecn_decap_test() |
| { |
| local trap_name="decap_error" |
| local group_name="tunnel_drops" |
| local desc=$1; shift |
| local ecn_desc=$1; shift |
| local outer_tos=$1; shift |
| local mz_pid |
| |
| RET=0 |
| |
| tc filter add dev $swp1 egress protocol ip pref 1 handle 101 \ |
| flower src_ip 192.0.1.1 dst_ip 192.0.2.1 action pass |
| |
| rp1_mac=$(mac_get $rp1) |
| rp2_mac=$(mac_get $rp2) |
| payload=$(ecn_payload_get) |
| |
| ip vrf exec v$rp2 $MZ $rp2 -c 0 -d 1msec -a $rp2_mac -b $rp1_mac \ |
| -A 192.0.2.66 -B 192.0.2.65 -t ip \ |
| len=48,tos=$outer_tos,proto=47,p=$payload -q & |
| |
| mz_pid=$! |
| |
| devlink_trap_exception_test $trap_name $group_name |
| |
| tc_check_packets "dev $swp1 egress" 101 0 |
| check_err $? "Packets were not dropped" |
| |
| log_test "$desc: Inner ECN is not ECT and outer is $ecn_desc" |
| |
| kill $mz_pid && wait $mz_pid &> /dev/null |
| tc filter del dev $swp1 egress protocol ip pref 1 handle 101 flower |
| } |
| |
| ipip_payload_get() |
| { |
| local flags=$1; shift |
| local key=$1; shift |
| |
| p=$(: |
| )"$flags"$( : GRE flags |
| )"0:00:"$( : Reserved + version |
| )"08:00:"$( : ETH protocol type |
| )"$key"$( : Key |
| )"4"$( : IP version |
| )"5:"$( : IHL |
| )"00:"$( : IP TOS |
| )"00:14:"$( : IP total length |
| )"00:00:"$( : IP identification |
| )"20:00:"$( : IP flags + frag off |
| )"30:"$( : IP TTL |
| )"01:"$( : IP proto |
| )"E7:E6:"$( : IP header csum |
| )"C0:00:01:01:"$( : IP saddr : 192.0.1.1 |
| )"C0:00:02:01:"$( : IP daddr : 192.0.2.1 |
| ) |
| echo $p |
| } |
| |
| no_matching_tunnel_test() |
| { |
| local trap_name="decap_error" |
| local group_name="tunnel_drops" |
| local desc=$1; shift |
| local sip=$1; shift |
| local mz_pid |
| |
| RET=0 |
| |
| tc filter add dev $swp1 egress protocol ip pref 1 handle 101 \ |
| flower src_ip 192.0.1.1 dst_ip 192.0.2.1 action pass |
| |
| rp1_mac=$(mac_get $rp1) |
| rp2_mac=$(mac_get $rp2) |
| payload=$(ipip_payload_get "$@") |
| |
| ip vrf exec v$rp2 $MZ $rp2 -c 0 -d 1msec -a $rp2_mac -b $rp1_mac \ |
| -A $sip -B 192.0.2.65 -t ip len=48,proto=47,p=$payload -q & |
| mz_pid=$! |
| |
| devlink_trap_exception_test $trap_name $group_name |
| |
| tc_check_packets "dev $swp1 egress" 101 0 |
| check_err $? "Packets were not dropped" |
| |
| log_test "$desc" |
| |
| kill $mz_pid && wait $mz_pid &> /dev/null |
| tc filter del dev $swp1 egress protocol ip pref 1 handle 101 flower |
| } |
| |
| decap_error_test() |
| { |
| # Correct source IP - the remote address |
| local sip=192.0.2.66 |
| |
| ecn_decap_test "Decap error" "ECT(1)" 01 |
| ecn_decap_test "Decap error" "ECT(0)" 02 |
| ecn_decap_test "Decap error" "CE" 03 |
| |
| no_matching_tunnel_test "Decap error: Source IP check failed" \ |
| 192.0.2.68 "0" |
| no_matching_tunnel_test \ |
| "Decap error: Key exists but was not expected" $sip "2" ":E9:" |
| |
| # Destroy the tunnel and create new one with key |
| __addr_add_del g1 del 192.0.2.65/32 |
| tunnel_destroy g1 |
| |
| tunnel_create g1 gre 192.0.2.65 192.0.2.66 tos inherit key 233 |
| __addr_add_del g1 add 192.0.2.65/32 |
| |
| no_matching_tunnel_test \ |
| "Decap error: Key does not exist but was expected" $sip "0" |
| no_matching_tunnel_test \ |
| "Decap error: Packet has a wrong key field" $sip "2" "E8:" |
| } |
| |
| trap cleanup EXIT |
| |
| setup_prepare |
| setup_wait |
| tests_run |
| |
| exit $EXIT_STATUS |