xref: /freebsd/tests/sys/netinet6/forward6.sh (revision 13ec1e3155c7e9bf037b12af186351b7fa9b9450)
1#!/usr/bin/env atf-sh
2#-
3# SPDX-License-Identifier: BSD-2-Clause
4#
5# Copyright (c) 2020 Alexander V. Chernikov
6#
7# Redistribution and use in source and binary forms, with or without
8# modification, are permitted provided that the following conditions
9# are met:
10# 1. Redistributions of source code must retain the above copyright
11#    notice, this list of conditions and the following disclaimer.
12# 2. Redistributions in binary form must reproduce the above copyright
13#    notice, this list of conditions and the following disclaimer in the
14#    documentation and/or other materials provided with the distribution.
15#
16# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26# SUCH DAMAGE.
27#
28# $FreeBSD$
29#
30
31. $(atf_get_srcdir)/../common/vnet.subr
32
33atf_test_case "fwd_ip6_gu_icmp_iface_fast_success" "cleanup"
34fwd_ip6_gu_icmp_iface_fast_success_head() {
35
36	atf_set descr 'Test valid IPv6 global unicast fast-forwarding to interface'
37	atf_set require.user root
38	atf_set require.progs scapy
39}
40
41fwd_ip6_gu_icmp_iface_fast_success_body() {
42
43	ids=65529
44	id=`printf "%x" ${ids}`
45	if [ $$ -gt 65535 ]; then
46		xl=`printf "%x" $(($$ - 65535))`
47		yl="1"
48	else
49		xl=`printf "%x" $$`
50		yl=""
51	fi
52
53	vnet_init
54
55	ip6a="2001:db8:6666:0000:${yl}:${id}:1:${xl}"
56	ip6b="2001:db8:6666:0000:${yl}:${id}:2:${xl}"
57	plen=96
58
59	src_ip="2001:db8:6666:0000:${yl}:${id}:3:${xl}"
60
61	script_name="../common/sender.py"
62
63	epair=$(vnet_mkepair)
64	ifconfig ${epair}a up
65	ifconfig ${epair}a inet6 ${ip6a}/${plen}
66
67	jname="v6t-${id}-${yl}-${xl}"
68	vnet_mkjail ${jname} ${epair}b
69	jexec ${jname} ifconfig ${epair}b up
70	jexec ${jname} ifconfig ${epair}b inet6 ${ip6b}/${plen}
71
72	jail_mac=`jexec ${jname} ifconfig ${epair}b ether | awk '$1~/ether/{print$2}'`
73
74	our_mac=`ifconfig ${epair}a ether | awk '$1~/ether/{print$2}'`
75
76	# wait for DAD to complete
77	while [ `jexec ${jname} ifconfig ${epair}b inet6 | grep -c tentative` != "0" ]; do
78		sleep 0.1
79	done
80	while [ `ifconfig ${epair}a inet6 | grep -c tentative` != "0" ]; do
81		sleep 0.1
82	done
83
84	jexec ${jname} sysctl net.inet6.ip6.forwarding=1
85	# As we're doing router-on-the-stick, turn sending IP redirects off:
86	jexec ${jname} sysctl net.inet6.ip6.redirect=0
87
88	atf_check -s exit:0 $(atf_get_srcdir)/${script_name} \
89		--test_name fwd_ip6_icmp \
90		--smac ${our_mac} --dmac ${jail_mac} \
91		--sip ${src_ip} --dip ${ip6a} \
92		--iface ${epair}a
93
94	# check counters are valid
95	atf_check -o match:'1 packet forwarded' jexec ${jname} netstat -sp ip6
96}
97
98fwd_ip6_gu_icmp_iface_fast_success_cleanup() {
99
100	vnet_cleanup
101}
102
103atf_test_case "fwd_ip6_gu_icmp_gw_gu_fast_success" "cleanup"
104fwd_ip6_gu_icmp_gw_gu_fast_success_head() {
105
106	atf_set descr 'Test valid IPv6 global unicast fast-forwarding to GU gw'
107	atf_set require.user root
108	atf_set require.progs scapy
109}
110
111fwd_ip6_gu_icmp_gw_gu_fast_success_body() {
112
113	ids=65528
114	id=`printf "%x" ${ids}`
115	if [ $$ -gt 65535 ]; then
116		xl=`printf "%x" $(($$ - 65535))`
117		yl="1"
118	else
119		xl=`printf "%x" $$`
120		yl=""
121	fi
122
123	vnet_init
124
125	ip6a="2001:db8:6666:0000:${yl}:${id}:1:${xl}"
126	ip6b="2001:db8:6666:0000:${yl}:${id}:2:${xl}"
127	plen=96
128
129	src_ip="2001:db8:6666:0000:${yl}:${id}:3:${xl}"
130	dst_ip="2001:db8:6666:0000:${yl}:${id}:4:${xl}"
131
132	script_name="../common/sender.py"
133
134	epair=$(vnet_mkepair)
135	ifconfig ${epair}a up
136	ifconfig ${epair}a inet6 ${ip6a}/${plen}
137
138	jname="v6t-${id}-${yl}-${xl}"
139	vnet_mkjail ${jname} ${epair}b
140	jexec ${jname} ifconfig ${epair}b up
141	jexec ${jname} ifconfig ${epair}b inet6 ${ip6b}/${plen}
142
143	jail_mac=`jexec ${jname} ifconfig ${epair}b ether | awk '$1~/ether/{print$2}'`
144
145	our_mac=`ifconfig ${epair}a ether | awk '$1~/ether/{print$2}'`
146
147	# wait for DAD to complete
148	while [ `jexec ${jname} ifconfig ${epair}b inet6 | grep -c tentative` != "0" ]; do
149		sleep 0.1
150	done
151	while [ `ifconfig ${epair}a inet6 | grep -c tentative` != "0" ]; do
152		sleep 0.1
153	done
154
155	# Add static route back to us
156	jexec ${jname} route add -6 -host ${dst_ip} ${ip6a}
157
158	jexec ${jname} sysctl net.inet6.ip6.forwarding=1
159	# As we're doing router-on-the-stick, turn sending IP redirects off:
160	jexec ${jname} sysctl net.inet6.ip6.redirect=0
161
162	atf_check -s exit:0 $(atf_get_srcdir)/${script_name} \
163		--test_name fwd_ip6_icmp \
164		--smac ${our_mac} --dmac ${jail_mac} \
165		--sip ${src_ip} --dip ${dst_ip} \
166		--iface ${epair}a
167
168	# check counters are valid
169	atf_check -o match:'1 packet forwarded' jexec ${jname} netstat -sp ip6
170}
171
172fwd_ip6_gu_icmp_gw_gu_fast_success_cleanup() {
173
174	vnet_cleanup
175}
176
177atf_test_case "fwd_ip6_gu_icmp_gw_ll_fast_success" "cleanup"
178fwd_ip6_gu_icmp_gw_ll_fast_success_head() {
179
180	atf_set descr 'Test valid IPv6 global unicast fast-forwarding to LL gw'
181	atf_set require.user root
182	atf_set require.progs scapy
183}
184
185fwd_ip6_gu_icmp_gw_ll_fast_success_body() {
186
187	ids=65527
188	id=`printf "%x" ${ids}`
189	if [ $$ -gt 65535 ]; then
190		xl=`printf "%x" $(($$ - 65535))`
191		yl="1"
192	else
193		xl=`printf "%x" $$`
194		yl=""
195	fi
196
197	vnet_init
198
199	ip6a="2001:db8:6666:0000:${yl}:${id}:1:${xl}"
200	ip6b="2001:db8:6666:0000:${yl}:${id}:2:${xl}"
201	plen=96
202
203	src_ip="2001:db8:6666:0000:${yl}:${id}:3:${xl}"
204	dst_ip="2001:db8:6666:0000:${yl}:${id}:4:${xl}"
205
206	script_name="../common/sender.py"
207
208	epair=$(vnet_mkepair)
209	ifconfig ${epair}a up
210	ifconfig ${epair}a inet6 ${ip6a}/${plen}
211
212	jname="v6t-${id}-${yl}-${xl}"
213	vnet_mkjail ${jname} ${epair}b
214	jexec ${jname} ifconfig ${epair}b up
215	jexec ${jname} ifconfig ${epair}b inet6 ${ip6b}/${plen}
216
217	jail_mac=`jexec ${jname} ifconfig ${epair}b ether | awk '$1~/ether/{print$2}'`
218
219	our_mac=`ifconfig ${epair}a ether | awk '$1~/ether/{print$2}'`
220	our_ll_ip=`ifconfig ${epair}a inet6 | awk '$1~/inet6/&& $2~/^fe80:/{print$2}' | awk -F% '{print$1}'`
221
222	# wait for DAD to complete
223	while [ `jexec ${jname} ifconfig ${epair}b inet6 | grep -c tentative` != "0" ]; do
224		sleep 0.1
225	done
226	while [ `ifconfig ${epair}a inet6 | grep -c tentative` != "0" ]; do
227		sleep 0.1
228	done
229
230	# Add static route back to us
231	atf_check -s exit:0 -o ignore jexec ${jname} route add -6 -host ${dst_ip} ${our_ll_ip}%${epair}b
232
233	jexec ${jname} sysctl net.inet6.ip6.forwarding=1
234	# As we're doing router-on-the-stick, turn sending IP redirects off:
235	jexec ${jname} sysctl net.inet6.ip6.redirect=0
236
237	atf_check -s exit:0 $(atf_get_srcdir)/${script_name} \
238		--test_name fwd_ip6_icmp \
239		--smac ${our_mac} --dmac ${jail_mac} \
240		--sip ${src_ip} --dip ${dst_ip} \
241		--iface ${epair}a
242
243	# check counters are valid
244	atf_check -o match:'1 packet forwarded' jexec ${jname} netstat -sp ip6
245}
246
247fwd_ip6_gu_icmp_gw_ll_fast_success_cleanup() {
248
249	vnet_cleanup
250}
251
252atf_test_case "fwd_ip6_gu_icmp_iface_slow_success" "cleanup"
253fwd_ip6_gu_icmp_iface_slow_success_head() {
254
255	atf_set descr 'Test valid IPv6 global unicast fast-forwarding to interface'
256	atf_set require.user root
257	atf_set require.progs scapy
258}
259
260fwd_ip6_gu_icmp_iface_slow_success_body() {
261
262	ids=65526
263	id=`printf "%x" ${ids}`
264	if [ $$ -gt 65535 ]; then
265		xl=`printf "%x" $(($$ - 65535))`
266		yl="1"
267	else
268		xl=`printf "%x" $$`
269		yl=""
270	fi
271
272	vnet_init
273
274	ip6a="2001:db8:6666:0000:${yl}:${id}:1:${xl}"
275	ip6b="2001:db8:6666:0000:${yl}:${id}:2:${xl}"
276	plen=96
277
278	src_ip="2001:db8:6666:0000:${yl}:${id}:3:${xl}"
279
280	script_name="../common/sender.py"
281
282	epair=$(vnet_mkepair)
283	ifconfig ${epair}a up
284	ifconfig ${epair}a inet6 ${ip6a}/${plen}
285
286	jname="v6t-${id}-${yl}-${xl}"
287	vnet_mkjail ${jname} ${epair}b
288	jexec ${jname} ifconfig ${epair}b up
289	jexec ${jname} ifconfig ${epair}b inet6 ${ip6b}/${plen}
290
291	jail_mac=`jexec ${jname} ifconfig ${epair}b ether | awk '$1~/ether/{print$2}'`
292
293	our_mac=`ifconfig ${epair}a ether | awk '$1~/ether/{print$2}'`
294
295	# wait for DAD to complete
296	while [ `jexec ${jname} ifconfig ${epair}b inet6 | grep -c tentative` != "0" ]; do
297		sleep 0.1
298	done
299	while [ `ifconfig ${epair}a inet6 | grep -c tentative` != "0" ]; do
300		sleep 0.1
301	done
302
303	jexec ${jname} sysctl net.inet6.ip6.forwarding=1
304	# Do not turn off route redirects to ensure slow path is on
305
306	atf_check -s exit:0 $(atf_get_srcdir)/${script_name} \
307		--test_name fwd_ip6_icmp \
308		--smac ${our_mac} --dmac ${jail_mac} \
309		--sip ${src_ip} --dip ${ip6a} \
310		--iface ${epair}a
311
312	# check counters are valid
313	atf_check -o match:'1 packet forwarded' jexec ${jname} netstat -sp ip6
314}
315
316fwd_ip6_gu_icmp_iface_slow_success_cleanup() {
317
318	vnet_cleanup
319}
320
321atf_test_case "fwd_ip6_gu_icmp_gw_gu_slow_success" "cleanup"
322fwd_ip6_gu_icmp_gw_gu_slow_success_head() {
323
324	atf_set descr 'Test valid IPv6 global unicast fast-forwarding to GU gw'
325	atf_set require.user root
326	atf_set require.progs scapy
327}
328
329fwd_ip6_gu_icmp_gw_gu_slow_success_body() {
330
331	ids=65525
332	id=`printf "%x" ${ids}`
333	if [ $$ -gt 65535 ]; then
334		xl=`printf "%x" $(($$ - 65535))`
335		yl="1"
336	else
337		xl=`printf "%x" $$`
338		yl=""
339	fi
340
341	vnet_init
342
343	ip6a="2001:db8:6666:0000:${yl}:${id}:1:${xl}"
344	ip6b="2001:db8:6666:0000:${yl}:${id}:2:${xl}"
345	plen=96
346
347	src_ip="2001:db8:6666:0000:${yl}:${id}:3:${xl}"
348	dst_ip="2001:db8:6666:0000:${yl}:${id}:4:${xl}"
349
350	script_name="../common/sender.py"
351
352	epair=$(vnet_mkepair)
353	ifconfig ${epair}a up
354	ifconfig ${epair}a inet6 ${ip6a}/${plen}
355
356	jname="v6t-${id}-${yl}-${xl}"
357	vnet_mkjail ${jname} ${epair}b
358	jexec ${jname} ifconfig ${epair}b up
359	jexec ${jname} ifconfig ${epair}b inet6 ${ip6b}/${plen}
360
361	jail_mac=`jexec ${jname} ifconfig ${epair}b ether | awk '$1~/ether/{print$2}'`
362
363	our_mac=`ifconfig ${epair}a ether | awk '$1~/ether/{print$2}'`
364
365	# wait for DAD to complete
366	while [ `jexec ${jname} ifconfig ${epair}b inet6 | grep -c tentative` != "0" ]; do
367		sleep 0.1
368	done
369	while [ `ifconfig ${epair}a inet6 | grep -c tentative` != "0" ]; do
370		sleep 0.1
371	done
372
373	# Add static route back to us
374	jexec ${jname} route add -6 -host ${dst_ip} ${ip6a}
375
376	jexec ${jname} sysctl net.inet6.ip6.forwarding=1
377	# Do not turn off route redirects to ensure slow path is on
378
379	# atf_check -s exit:0
380		$(atf_get_srcdir)/${script_name} \
381		--test_name fwd_ip6_icmp \
382		--smac ${our_mac} --dmac ${jail_mac} \
383		--sip ${src_ip} --dip ${dst_ip} \
384		--iface ${epair}a
385	jexec ${jname} netstat -sp ip6
386
387	# check counters are valid
388	atf_check -o match:'1 packet forwarded' jexec ${jname} netstat -sp ip6
389}
390
391fwd_ip6_gu_icmp_gw_gu_slow_success_cleanup() {
392
393	vnet_cleanup
394}
395
396atf_test_case "fwd_ip6_gu_icmp_gw_ll_slow_success" "cleanup"
397fwd_ip6_gu_icmp_gw_ll_slow_success_head() {
398
399	atf_set descr 'Test valid IPv6 global unicast fast-forwarding to LL gw'
400	atf_set require.user root
401	atf_set require.progs scapy
402}
403
404fwd_ip6_gu_icmp_gw_ll_slow_success_body() {
405
406	ids=65524
407	id=`printf "%x" ${ids}`
408	if [ $$ -gt 65535 ]; then
409		xl=`printf "%x" $(($$ - 65535))`
410		yl="1"
411	else
412		xl=`printf "%x" $$`
413		yl=""
414	fi
415
416	vnet_init
417
418	ip6a="2001:db8:6666:0000:${yl}:${id}:1:${xl}"
419	ip6b="2001:db8:6666:0000:${yl}:${id}:2:${xl}"
420	plen=96
421
422	src_ip="2001:db8:6666:0000:${yl}:${id}:3:${xl}"
423	dst_ip="2001:db8:6666:0000:${yl}:${id}:4:${xl}"
424
425	script_name="../common/sender.py"
426
427	epair=$(vnet_mkepair)
428	ifconfig ${epair}a up
429	ifconfig ${epair}a inet6 ${ip6a}/${plen}
430
431	jname="v6t-${id}-${yl}-${xl}"
432	vnet_mkjail ${jname} ${epair}b
433	jexec ${jname} ifconfig ${epair}b up
434	jexec ${jname} ifconfig ${epair}b inet6 ${ip6b}/${plen}
435
436	jail_mac=`jexec ${jname} ifconfig ${epair}b ether | awk '$1~/ether/{print$2}'`
437
438	our_mac=`ifconfig ${epair}a ether | awk '$1~/ether/{print$2}'`
439	our_ll_ip=`ifconfig ${epair}a inet6 | awk '$1~/inet6/&& $2~/^fe80:/{print$2}' | awk -F% '{print$1}'`
440
441	# wait for DAD to complete
442	while [ `jexec ${jname} ifconfig ${epair}b inet6 | grep -c tentative` != "0" ]; do
443		sleep 0.1
444	done
445	while [ `ifconfig ${epair}a inet6 | grep -c tentative` != "0" ]; do
446		sleep 0.1
447	done
448
449	# Add static route back to us
450	atf_check -s exit:0 -o ignore jexec ${jname} route add -6 -host ${dst_ip} ${our_ll_ip}%${epair}b
451
452	jexec ${jname} sysctl net.inet6.ip6.forwarding=1
453	# Do not turn off route redirects to ensure slow path is on
454
455	atf_check -s exit:0 $(atf_get_srcdir)/${script_name} \
456		--test_name fwd_ip6_icmp \
457		--smac ${our_mac} --dmac ${jail_mac} \
458		--sip ${src_ip} --dip ${dst_ip} \
459		--iface ${epair}a
460
461	# check counters are valid
462	atf_check -o match:'1 packet forwarded' jexec ${jname} netstat -sp ip6
463}
464
465fwd_ip6_gu_icmp_gw_ll_slow_success_cleanup() {
466
467	vnet_cleanup
468}
469
470atf_init_test_cases()
471{
472
473	atf_add_test_case "fwd_ip6_gu_icmp_iface_fast_success"
474	atf_add_test_case "fwd_ip6_gu_icmp_gw_gu_fast_success"
475	atf_add_test_case "fwd_ip6_gu_icmp_gw_ll_fast_success"
476	atf_add_test_case "fwd_ip6_gu_icmp_iface_slow_success"
477	atf_add_test_case "fwd_ip6_gu_icmp_gw_gu_slow_success"
478	atf_add_test_case "fwd_ip6_gu_icmp_gw_ll_slow_success"
479}
480
481# end
482
483