1#!/bin/bash 2# SPDX-License-Identifier: GPL-2.0 3 4# This test is for checking the VXLAN vni filtering api and 5# datapath. 6# It simulates two hypervisors running two VMs each using four network 7# six namespaces: two for the HVs, four for the VMs. Each VM is 8# connected to a separate bridge. The VM's use overlapping vlans and 9# hence the separate bridge domain. Each vxlan device is a collect 10# metadata device with vni filtering and hence has the ability to 11# terminate configured vni's only. 12 13# +--------------------------------+ +------------------------------------+ 14# | vm-11 netns | | vm-21 netns | 15# | | | | 16# |+------------+ +-------------+ | |+-------------+ +----------------+ | 17# ||veth-11.10 | |veth-11.20 | | ||veth-21.10 | | veth-21.20 | | 18# ||10.0.10.11/24 |10.0.20.11/24| | ||10.0.10.21/24| | 10.0.20.21/24 | | 19# |+------|-----+ +|------------+ | |+-----------|-+ +---|------------+ | 20# | | | | | | | | 21# | | | | | +------------+ | 22# | +------------+ | | | veth-21 | | 23# | | veth-11 | | | | | | 24# | | | | | +-----|------+ | 25# | +-----|------+ | | | | 26# | | | | | | 27# +------------|-------------------+ +---------------|--------------------+ 28# +------------|-----------------------------------------|-------------------+ 29# | +-----|------+ +-----|------+ | 30# | |vethhv-11 | |vethhv-21 | | 31# | +----|-------+ +-----|------+ | 32# | +---|---+ +---|--+ | 33# | | br1 | | br2 | | 34# | +---|---+ +---|--+ | 35# | +---|----+ +---|--+ | 36# | | vxlan1| |vxlan2| | 37# | +--|-----+ +--|---+ | 38# | | | | 39# | | +---------------------+ | | 40# | | |veth0 | | | 41# | +---------|172.16.0.1/24 -----------+ | 42# | |2002:fee1::1/64 | | 43# | hv-1 netns +--------|------------+ | 44# +-----------------------------|--------------------------------------------+ 45# | 46# +-----------------------------|--------------------------------------------+ 47# | hv-2 netns +--------|-------------+ | 48# | | veth0 | | 49# | +------| 172.16.0.2/24 |---+ | 50# | | | 2002:fee1::2/64 | | | 51# | | | | | | 52# | | +----------------------+ | - | 53# | | | | 54# | +-|-------+ +--------|-+ | 55# | | vxlan1 | | vxlan2 | | 56# | +----|----+ +---|------+ | 57# | +--|--+ +-|---+ | 58# | | br1 | | br2 | | 59# | +--|--+ +--|--+ | 60# | +-----|-------+ +----|-------+ | 61# | | vethhv-12 | |vethhv-22 | | 62# | +------|------+ +-------|----+ | 63# +-----------------|----------------------------|---------------------------+ 64# | | 65# +-----------------|-----------------+ +--------|---------------------------+ 66# | +-------|---+ | | +--|---------+ | 67# | | veth-12 | | | |veth-22 | | 68# | +-|--------|+ | | +--|--------|+ | 69# | | | | | | | | 70# |+----------|--+ +---|-----------+ | |+-------|-----+ +|---------------+ | 71# ||veth-12.10 | |veth-12.20 | | ||veth-22.10 | |veth-22.20 | | 72# ||10.0.10.12/24| |10.0.20.12/24 | | ||10.0.10.22/24| |10.0.20.22/24 | | 73# |+-------------+ +---------------+ | |+-------------+ +----------------+ | 74# | | | | 75# | | | | 76# | vm-12 netns | |vm-22 netns | 77# +-----------------------------------+ +------------------------------------+ 78# 79# 80# This test tests the new vxlan vnifiltering api 81source lib.sh 82ret=0 83 84# all tests in this script. Can be overridden with -t option 85TESTS=" 86 vxlan_vnifilter_api 87 vxlan_vnifilter_datapath 88 vxlan_vnifilter_datapath_pervni 89 vxlan_vnifilter_datapath_mgroup 90 vxlan_vnifilter_datapath_mgroup_pervni 91 vxlan_vnifilter_metadata_and_traditional_mix 92" 93VERBOSE=0 94PAUSE_ON_FAIL=no 95PAUSE=no 96 97which ping6 > /dev/null 2>&1 && ping6=$(which ping6) || ping6=$(which ping) 98 99log_test() 100{ 101 local rc=$1 102 local expected=$2 103 local msg="$3" 104 105 if [ ${rc} -eq ${expected} ]; then 106 printf " TEST: %-60s [ OK ]\n" "${msg}" 107 nsuccess=$((nsuccess+1)) 108 else 109 ret=1 110 nfail=$((nfail+1)) 111 printf " TEST: %-60s [FAIL]\n" "${msg}" 112 if [ "${PAUSE_ON_FAIL}" = "yes" ]; then 113 echo 114 echo "hit enter to continue, 'q' to quit" 115 read a 116 [ "$a" = "q" ] && exit 1 117 fi 118 fi 119 120 if [ "${PAUSE}" = "yes" ]; then 121 echo 122 echo "hit enter to continue, 'q' to quit" 123 read a 124 [ "$a" = "q" ] && exit 1 125 fi 126} 127 128run_cmd() 129{ 130 local cmd="$1" 131 local out 132 local stderr="2>/dev/null" 133 134 if [ "$VERBOSE" = "1" ]; then 135 printf "COMMAND: $cmd\n" 136 stderr= 137 fi 138 139 out=$(eval $cmd $stderr) 140 rc=$? 141 if [ "$VERBOSE" = "1" -a -n "$out" ]; then 142 echo " $out" 143 fi 144 145 return $rc 146} 147 148check_hv_connectivity() { 149 slowwait 5 ip netns exec $hv_1 ping -c 1 -W 1 $1 &>/dev/null 150 slowwait 5 ip netns exec $hv_1 ping -c 1 -W 1 $2 &>/dev/null 151 152 return $? 153} 154 155check_vm_connectivity() { 156 slowwait 5 run_cmd "ip netns exec $vm_11 ping -c 1 -W 1 10.0.10.12" 157 log_test $? 0 "VM connectivity over $1 (ipv4 default rdst)" 158 159 slowwait 5 run_cmd "ip netns exec $vm_21 ping -c 1 -W 1 10.0.10.22" 160 log_test $? 0 "VM connectivity over $1 (ipv6 default rdst)" 161} 162 163cleanup() { 164 ip link del veth-hv-1 2>/dev/null || true 165 ip link del vethhv-11 vethhv-12 vethhv-21 vethhv-22 2>/dev/null || true 166 167 cleanup_ns $hv_1 $hv_2 $vm_11 $vm_21 $vm_12 $vm_22 $vm_31 $vm_32 168} 169 170trap cleanup EXIT 171 172setup-hv-networking() { 173 id=$1 174 local1=$2 175 mask1=$3 176 local2=$4 177 mask2=$5 178 179 ip link set veth-hv-$id netns ${hv[$id]} 180 ip -netns ${hv[$id]} link set veth-hv-$id name veth0 181 ip -netns ${hv[$id]} addr add $local1/$mask1 dev veth0 182 ip -netns ${hv[$id]} addr add $local2/$mask2 dev veth0 183 ip -netns ${hv[$id]} link set veth0 up 184} 185 186# Setups a "VM" simulated by a netns an a veth pair 187# example: setup-vm <hvid> <vmid> <brid> <VATTRS> <mcast_for_bum> 188# VATTRS = comma separated "<vlan>-<v[46]>-<localip>-<remoteip>-<VTYPE>-<vxlandstport>" 189# VTYPE = vxlan device type. "default = traditional device, metadata = metadata device 190# vnifilter = vnifiltering device, 191# vnifilterg = vnifiltering device with per vni group/remote" 192# example: 193# setup-vm 1 11 1 \ 194# 10-v4-172.16.0.1-239.1.1.100-vnifilterg,20-v4-172.16.0.1-239.1.1.100-vnifilterg 1 195# 196setup-vm() { 197 hvid=$1 198 vmid=$2 199 brid=$3 200 vattrs=$4 201 mcast=$5 202 lastvxlandev="" 203 204 # create bridge 205 ip -netns ${hv[$hvid]} link add br$brid type bridge vlan_filtering 1 vlan_default_pvid 0 \ 206 mcast_snooping 0 207 ip -netns ${hv[$hvid]} link set br$brid up 208 209 # create vm namespace and interfaces and connect to hypervisor 210 # namespace 211 hvvethif="vethhv-$vmid" 212 vmvethif="veth-$vmid" 213 ip link add $hvvethif type veth peer name $vmvethif 214 ip link set $hvvethif netns ${hv[$hvid]} 215 ip link set $vmvethif netns ${vm[$vmid]} 216 ip -netns ${hv[$hvid]} link set $hvvethif up 217 ip -netns ${vm[$vmid]} link set $vmvethif up 218 ip -netns ${hv[$hvid]} link set $hvvethif master br$brid 219 220 # configure VM vlan/vni filtering on hypervisor 221 for vmap in $(echo $vattrs | cut -d "," -f1- --output-delimiter=' ') 222 do 223 local vid=$(echo $vmap | awk -F'-' '{print ($1)}') 224 local family=$(echo $vmap | awk -F'-' '{print ($2)}') 225 local localip=$(echo $vmap | awk -F'-' '{print ($3)}') 226 local group=$(echo $vmap | awk -F'-' '{print ($4)}') 227 local vtype=$(echo $vmap | awk -F'-' '{print ($5)}') 228 local port=$(echo $vmap | awk -F'-' '{print ($6)}') 229 230 ip -netns ${vm[$vmid]} link add name $vmvethif.$vid link $vmvethif type vlan id $vid 231 ip -netns ${vm[$vmid]} addr add 10.0.$vid.$vmid/24 dev $vmvethif.$vid 232 ip -netns ${vm[$vmid]} link set $vmvethif.$vid up 233 234 tid=$vid 235 vxlandev="vxlan$brid" 236 vxlandevflags="" 237 238 if [[ -n $vtype && $vtype == "metadata" ]]; then 239 vxlandevflags="$vxlandevflags external" 240 elif [[ -n $vtype && $vtype == "vnifilter" || $vtype == "vnifilterg" ]]; then 241 vxlandevflags="$vxlandevflags external vnifilter" 242 tid=$((vid+brid)) 243 else 244 vxlandevflags="$vxlandevflags id $tid" 245 vxlandev="vxlan$tid" 246 fi 247 248 if [[ -n $vtype && $vtype != "vnifilterg" ]]; then 249 if [[ -n "$group" && "$group" != "null" ]]; then 250 if [ $mcast -eq 1 ]; then 251 vxlandevflags="$vxlandevflags group $group" 252 else 253 vxlandevflags="$vxlandevflags remote $group" 254 fi 255 fi 256 fi 257 258 if [[ -n "$port" && "$port" != "default" ]]; then 259 vxlandevflags="$vxlandevflags dstport $port" 260 fi 261 262 # create vxlan device 263 if [ "$vxlandev" != "$lastvxlandev" ]; then 264 ip -netns ${hv[$hvid]} link add $vxlandev type vxlan local $localip $vxlandevflags dev veth0 2>/dev/null 265 ip -netns ${hv[$hvid]} link set $vxlandev master br$brid 266 ip -netns ${hv[$hvid]} link set $vxlandev up 267 lastvxlandev=$vxlandev 268 fi 269 270 # add vlan 271 bridge -netns ${hv[$hvid]} vlan add vid $vid dev $hvvethif 272 bridge -netns ${hv[$hvid]} vlan add vid $vid pvid dev $vxlandev 273 274 # Add bridge vni filter for tx 275 if [[ -n $vtype && $vtype == "metadata" || $vtype == "vnifilter" || $vtype == "vnifilterg" ]]; then 276 bridge -netns ${hv[$hvid]} link set dev $vxlandev vlan_tunnel on 277 bridge -netns ${hv[$hvid]} vlan add dev $vxlandev vid $vid tunnel_info id $tid 278 fi 279 280 if [[ -n $vtype && $vtype == "metadata" ]]; then 281 bridge -netns ${hv[$hvid]} fdb add 00:00:00:00:00:00 dev $vxlandev \ 282 src_vni $tid vni $tid dst $group self 283 elif [[ -n $vtype && $vtype == "vnifilter" ]]; then 284 # Add per vni rx filter with 'bridge vni' api 285 bridge -netns ${hv[$hvid]} vni add dev $vxlandev vni $tid 286 elif [[ -n $vtype && $vtype == "vnifilterg" ]]; then 287 # Add per vni group config with 'bridge vni' api 288 if [ -n "$group" ]; then 289 if [ $mcast -eq 1 ]; then 290 bridge -netns ${hv[$hvid]} vni add dev $vxlandev vni $tid group $group 291 else 292 bridge -netns ${hv[$hvid]} vni add dev $vxlandev vni $tid remote $group 293 fi 294 fi 295 fi 296 done 297} 298 299setup_vnifilter_api() 300{ 301 ip link add veth-host type veth peer name veth-testns 302 setup_ns testns 303 ip link set veth-testns netns $testns 304} 305 306cleanup_vnifilter_api() 307{ 308 ip link del veth-host 2>/dev/null || true 309 ip netns del $testns 2>/dev/null || true 310} 311 312# tests vxlan filtering api 313vxlan_vnifilter_api() 314{ 315 hv1addr1="172.16.0.1" 316 hv2addr1="172.16.0.2" 317 hv1addr2="2002:fee1::1" 318 hv2addr2="2002:fee1::2" 319 localip="172.16.0.1" 320 group="239.1.1.101" 321 322 cleanup_vnifilter_api &>/dev/null 323 setup_vnifilter_api 324 325 # Duplicate vni test 326 # create non-vnifiltering traditional vni device 327 run_cmd "ip -netns $testns link add vxlan100 type vxlan id 100 local $localip dev veth-testns dstport 4789" 328 log_test $? 0 "Create traditional vxlan device" 329 330 # create vni filtering device 331 run_cmd "ip -netns $testns link add vxlan-ext1 type vxlan vnifilter local $localip dev veth-testns dstport 4789" 332 log_test $? 1 "Cannot create vnifilter device without external flag" 333 334 run_cmd "ip -netns $testns link add vxlan-ext1 type vxlan external vnifilter local $localip dev veth-testns dstport 4789" 335 log_test $? 0 "Creating external vxlan device with vnifilter flag" 336 337 run_cmd "bridge -netns $testns vni add dev vxlan-ext1 vni 100" 338 log_test $? 0 "Cannot set in-use vni id on vnifiltering device" 339 340 run_cmd "bridge -netns $testns vni add dev vxlan-ext1 vni 200" 341 log_test $? 0 "Set new vni id on vnifiltering device" 342 343 run_cmd "ip -netns $testns link add vxlan-ext2 type vxlan external vnifilter local $localip dev veth-testns dstport 4789" 344 log_test $? 0 "Create second external vxlan device with vnifilter flag" 345 346 run_cmd "bridge -netns $testns vni add dev vxlan-ext2 vni 200" 347 log_test $? 255 "Cannot set in-use vni id on vnifiltering device" 348 349 run_cmd "bridge -netns $testns vni add dev vxlan-ext2 vni 300" 350 log_test $? 0 "Set new vni id on vnifiltering device" 351 352 # check in bridge vni show 353 run_cmd "bridge -netns $testns vni add dev vxlan-ext2 vni 300" 354 log_test $? 0 "Update vni id on vnifiltering device" 355 356 run_cmd "bridge -netns $testns vni add dev vxlan-ext2 vni 400" 357 log_test $? 0 "Add new vni id on vnifiltering device" 358 359 # add multicast group per vni 360 run_cmd "bridge -netns $testns vni add dev vxlan-ext1 vni 200 group $group" 361 log_test $? 0 "Set multicast group on existing vni" 362 363 # add multicast group per vni 364 run_cmd "bridge -netns $testns vni add dev vxlan-ext2 vni 300 group $group" 365 log_test $? 0 "Set multicast group on existing vni" 366 367 # set vnifilter on an existing external vxlan device 368 run_cmd "ip -netns $testns link set dev vxlan-ext1 type vxlan external vnifilter" 369 log_test $? 2 "Cannot set vnifilter flag on a device" 370 371 # change vxlan vnifilter flag 372 run_cmd "ip -netns $testns link set dev vxlan-ext1 type vxlan external novnifilter" 373 log_test $? 2 "Cannot unset vnifilter flag on a device" 374} 375 376# Sanity test vnifilter datapath 377# vnifilter vnis inherit BUM group from 378# vxlan device 379vxlan_vnifilter_datapath() 380{ 381 hv1addr1="172.16.0.1" 382 hv2addr1="172.16.0.2" 383 hv1addr2="2002:fee1::1" 384 hv2addr2="2002:fee1::2" 385 386 setup_ns hv_1 hv_2 387 hv[1]=$hv_1 388 hv[2]=$hv_2 389 ip link add veth-hv-1 type veth peer name veth-hv-2 390 setup-hv-networking 1 $hv1addr1 24 $hv1addr2 64 $hv2addr1 $hv2addr2 391 setup-hv-networking 2 $hv2addr1 24 $hv2addr2 64 $hv1addr1 $hv1addr2 392 393 check_hv_connectivity hv2addr1 hv2addr2 394 395 setup_ns vm_11 vm_21 vm_12 vm_22 396 vm[11]=$vm_11 397 vm[21]=$vm_21 398 vm[12]=$vm_12 399 vm[22]=$vm_22 400 setup-vm 1 11 1 10-v4-$hv1addr1-$hv2addr1-vnifilter,20-v4-$hv1addr1-$hv2addr1-vnifilter 0 401 setup-vm 1 21 2 10-v6-$hv1addr2-$hv2addr2-vnifilter,20-v6-$hv1addr2-$hv2addr2-vnifilter 0 402 403 setup-vm 2 12 1 10-v4-$hv2addr1-$hv1addr1-vnifilter,20-v4-$hv2addr1-$hv1addr1-vnifilter 0 404 setup-vm 2 22 2 10-v6-$hv2addr2-$hv1addr2-vnifilter,20-v6-$hv2addr2-$hv1addr2-vnifilter 0 405 406 check_vm_connectivity "vnifiltering vxlan" 407} 408 409# Sanity test vnifilter datapath 410# with vnifilter per vni configured BUM 411# group/remote 412vxlan_vnifilter_datapath_pervni() 413{ 414 hv1addr1="172.16.0.1" 415 hv2addr1="172.16.0.2" 416 hv1addr2="2002:fee1::1" 417 hv2addr2="2002:fee1::2" 418 419 setup_ns hv_1 hv_2 420 hv[1]=$hv_1 421 hv[2]=$hv_2 422 ip link add veth-hv-1 type veth peer name veth-hv-2 423 setup-hv-networking 1 $hv1addr1 24 $hv1addr2 64 424 setup-hv-networking 2 $hv2addr1 24 $hv2addr2 64 425 426 check_hv_connectivity hv2addr1 hv2addr2 427 428 setup_ns vm_11 vm_21 vm_12 vm_22 429 vm[11]=$vm_11 430 vm[21]=$vm_21 431 vm[12]=$vm_12 432 vm[22]=$vm_22 433 setup-vm 1 11 1 10-v4-$hv1addr1-$hv2addr1-vnifilterg,20-v4-$hv1addr1-$hv2addr1-vnifilterg 0 434 setup-vm 1 21 2 10-v6-$hv1addr2-$hv2addr2-vnifilterg,20-v6-$hv1addr2-$hv2addr2-vnifilterg 0 435 436 setup-vm 2 12 1 10-v4-$hv2addr1-$hv1addr1-vnifilterg,20-v4-$hv2addr1-$hv1addr1-vnifilterg 0 437 setup-vm 2 22 2 10-v6-$hv2addr2-$hv1addr2-vnifilterg,20-v6-$hv2addr2-$hv1addr2-vnifilterg 0 438 439 check_vm_connectivity "vnifiltering vxlan pervni remote" 440} 441 442 443vxlan_vnifilter_datapath_mgroup() 444{ 445 hv1addr1="172.16.0.1" 446 hv2addr1="172.16.0.2" 447 hv1addr2="2002:fee1::1" 448 hv2addr2="2002:fee1::2" 449 group="239.1.1.100" 450 group6="ff07::1" 451 452 setup_ns hv_1 hv_2 453 hv[1]=$hv_1 454 hv[2]=$hv_2 455 ip link add veth-hv-1 type veth peer name veth-hv-2 456 setup-hv-networking 1 $hv1addr1 24 $hv1addr2 64 457 setup-hv-networking 2 $hv2addr1 24 $hv2addr2 64 458 459 check_hv_connectivity hv2addr1 hv2addr2 460 461 setup_ns vm_11 vm_21 vm_12 vm_22 462 vm[11]=$vm_11 463 vm[21]=$vm_21 464 vm[12]=$vm_12 465 vm[22]=$vm_22 466 setup-vm 1 11 1 10-v4-$hv1addr1-$group-vnifilter,20-v4-$hv1addr1-$group-vnifilter 1 467 setup-vm 1 21 2 "10-v6-$hv1addr2-$group6-vnifilter,20-v6-$hv1addr2-$group6-vnifilter" 1 468 469 setup-vm 2 12 1 10-v4-$hv2addr1-$group-vnifilter,20-v4-$hv2addr1-$group-vnifilter 1 470 setup-vm 2 22 2 10-v6-$hv2addr2-$group6-vnifilter,20-v6-$hv2addr2-$group6-vnifilter 1 471 472 check_vm_connectivity "vnifiltering vxlan mgroup" 473} 474 475vxlan_vnifilter_datapath_mgroup_pervni() 476{ 477 hv1addr1="172.16.0.1" 478 hv2addr1="172.16.0.2" 479 hv1addr2="2002:fee1::1" 480 hv2addr2="2002:fee1::2" 481 group="239.1.1.100" 482 group6="ff07::1" 483 484 setup_ns hv_1 hv_2 485 hv[1]=$hv_1 486 hv[2]=$hv_2 487 ip link add veth-hv-1 type veth peer name veth-hv-2 488 setup-hv-networking 1 $hv1addr1 24 $hv1addr2 64 489 setup-hv-networking 2 $hv2addr1 24 $hv2addr2 64 490 491 check_hv_connectivity hv2addr1 hv2addr2 492 493 setup_ns vm_11 vm_21 vm_12 vm_22 494 vm[11]=$vm_11 495 vm[21]=$vm_21 496 vm[12]=$vm_12 497 vm[22]=$vm_22 498 setup-vm 1 11 1 10-v4-$hv1addr1-$group-vnifilterg,20-v4-$hv1addr1-$group-vnifilterg 1 499 setup-vm 1 21 2 10-v6-$hv1addr2-$group6-vnifilterg,20-v6-$hv1addr2-$group6-vnifilterg 1 500 501 setup-vm 2 12 1 10-v4-$hv2addr1-$group-vnifilterg,20-v4-$hv2addr1-$group-vnifilterg 1 502 setup-vm 2 22 2 10-v6-$hv2addr2-$group6-vnifilterg,20-v6-$hv2addr2-$group6-vnifilterg 1 503 504 check_vm_connectivity "vnifiltering vxlan pervni mgroup" 505} 506 507vxlan_vnifilter_metadata_and_traditional_mix() 508{ 509 hv1addr1="172.16.0.1" 510 hv2addr1="172.16.0.2" 511 hv1addr2="2002:fee1::1" 512 hv2addr2="2002:fee1::2" 513 514 setup_ns hv_1 hv_2 515 hv[1]=$hv_1 516 hv[2]=$hv_2 517 ip link add veth-hv-1 type veth peer name veth-hv-2 518 setup-hv-networking 1 $hv1addr1 24 $hv1addr2 64 519 setup-hv-networking 2 $hv2addr1 24 $hv2addr2 64 520 521 check_hv_connectivity hv2addr1 hv2addr2 522 523 setup_ns vm_11 vm_21 vm_31 vm_12 vm_22 vm_32 524 vm[11]=$vm_11 525 vm[21]=$vm_21 526 vm[31]=$vm_31 527 vm[12]=$vm_12 528 vm[22]=$vm_22 529 vm[32]=$vm_32 530 setup-vm 1 11 1 10-v4-$hv1addr1-$hv2addr1-vnifilter,20-v4-$hv1addr1-$hv2addr1-vnifilter 0 531 setup-vm 1 21 2 10-v6-$hv1addr2-$hv2addr2-vnifilter,20-v6-$hv1addr2-$hv2addr2-vnifilter 0 532 setup-vm 1 31 3 30-v4-$hv1addr1-$hv2addr1-default-4790,40-v6-$hv1addr2-$hv2addr2-default-4790,50-v4-$hv1addr1-$hv2addr1-metadata-4791 0 533 534 535 setup-vm 2 12 1 10-v4-$hv2addr1-$hv1addr1-vnifilter,20-v4-$hv2addr1-$hv1addr1-vnifilter 0 536 setup-vm 2 22 2 10-v6-$hv2addr2-$hv1addr2-vnifilter,20-v6-$hv2addr2-$hv1addr2-vnifilter 0 537 setup-vm 2 32 3 30-v4-$hv2addr1-$hv1addr1-default-4790,40-v6-$hv2addr2-$hv1addr2-default-4790,50-v4-$hv2addr1-$hv1addr1-metadata-4791 0 538 539 check_vm_connectivity "vnifiltering vxlan pervni remote mix" 540 541 # check VM connectivity over traditional/non-vxlan filtering vxlan devices 542 run_cmd "ip netns exec $vm_31 ping -c 1 -W 1 10.0.30.32" 543 log_test $? 0 "VM connectivity over traditional vxlan (ipv4 default rdst)" 544 545 run_cmd "ip netns exec $vm_31 ping -c 1 -W 1 10.0.40.32" 546 log_test $? 0 "VM connectivity over traditional vxlan (ipv6 default rdst)" 547 548 run_cmd "ip netns exec $vm_31 ping -c 1 -W 1 10.0.50.32" 549 log_test $? 0 "VM connectivity over metadata nonfiltering vxlan (ipv4 default rdst)" 550} 551 552while getopts :t:pP46hv o 553do 554 case $o in 555 t) TESTS=$OPTARG;; 556 p) PAUSE_ON_FAIL=yes;; 557 P) PAUSE=yes;; 558 v) VERBOSE=$(($VERBOSE + 1));; 559 h) usage; exit 0;; 560 *) usage; exit 1;; 561 esac 562done 563 564# make sure we don't pause twice 565[ "${PAUSE}" = "yes" ] && PAUSE_ON_FAIL=no 566 567if [ "$(id -u)" -ne 0 ];then 568 echo "SKIP: Need root privileges" 569 exit $ksft_skip; 570fi 571 572if [ ! -x "$(command -v ip)" ]; then 573 echo "SKIP: Could not run test without ip tool" 574 exit $ksft_skip 575fi 576 577ip link help vxlan 2>&1 | grep -q "vnifilter" 578if [ $? -ne 0 ]; then 579 echo "SKIP: iproute2 too old, missing vxlan dev vnifilter setting" 580 sync 581 exit $ksft_skip 582fi 583 584bridge vni help 2>&1 | grep -q "Usage: bridge vni" 585if [ $? -ne 0 ]; then 586 echo "SKIP: iproute2 bridge lacks vxlan vnifiltering support" 587 exit $ksft_skip 588fi 589 590# start clean 591cleanup &> /dev/null 592 593for t in $TESTS 594do 595 case $t in 596 none) setup; exit 0;; 597 *) $t; cleanup;; 598 esac 599done 600 601if [ "$TESTS" != "none" ]; then 602 printf "\nTests passed: %3d\n" ${nsuccess} 603 printf "Tests failed: %3d\n" ${nfail} 604fi 605 606exit $ret 607