xref: /linux/tools/testing/selftests/drivers/net/mlxsw/vxlan.sh (revision 3494bec0f6ac8ac06e0ad7c35933db345b2c5a83) 
1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0
3#
4# Test various aspects of VxLAN offloading which are specific to mlxsw, such
5# as sanitization of invalid configurations and offload indication.
6
7lib_dir=$(dirname $0)/../../../net/forwarding
8
9ALL_TESTS="sanitization_test offload_indication_test \
10	sanitization_vlan_aware_test offload_indication_vlan_aware_test"
11NUM_NETIFS=2
12source $lib_dir/lib.sh
13
14setup_prepare()
15{
16	swp1=${NETIFS[p1]}
17	swp2=${NETIFS[p2]}
18
19	ip link set dev $swp1 up
20	ip link set dev $swp2 up
21}
22
23cleanup()
24{
25	pre_cleanup
26
27	ip link set dev $swp2 down
28	ip link set dev $swp1 down
29}
30
31sanitization_single_dev_test_pass()
32{
33	ip link set dev $swp1 master br0
34	check_err $?
35	ip link set dev vxlan0 master br0
36	check_err $?
37
38	ip link set dev $swp1 nomaster
39
40	ip link set dev $swp1 master br0
41	check_err $?
42}
43
44sanitization_single_dev_test_fail()
45{
46	ip link set dev $swp1 master br0
47	check_err $?
48	ip link set dev vxlan0 master br0 &> /dev/null
49	check_fail $?
50
51	ip link set dev $swp1 nomaster
52
53	ip link set dev vxlan0 master br0
54	check_err $?
55	ip link set dev $swp1 master br0 &> /dev/null
56	check_fail $?
57}
58
59sanitization_single_dev_valid_test()
60{
61	RET=0
62
63	ip link add dev br0 type bridge mcast_snooping 0
64
65	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
66		ttl 20 tos inherit local 198.51.100.1 dstport 4789
67
68	sanitization_single_dev_test_pass
69
70	ip link del dev vxlan0
71	ip link del dev br0
72
73	log_test "vxlan device - valid configuration"
74}
75
76sanitization_single_dev_vlan_aware_test()
77{
78	RET=0
79
80	ip link add dev br0 type bridge mcast_snooping 0 vlan_filtering 1
81
82	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
83		ttl 20 tos inherit local 198.51.100.1 dstport 4789
84
85	sanitization_single_dev_test_pass
86
87	ip link del dev vxlan0
88	ip link del dev br0
89
90	log_test "vxlan device with a vlan-aware bridge"
91}
92
93sanitization_single_dev_mcast_enabled_test()
94{
95	RET=0
96
97	ip link add dev br0 type bridge
98
99	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
100		ttl 20 tos inherit local 198.51.100.1 dstport 4789
101
102	sanitization_single_dev_test_fail
103
104	ip link del dev vxlan0
105	ip link del dev br0
106
107	log_test "vxlan device with a multicast enabled bridge"
108}
109
110sanitization_single_dev_mcast_group_test()
111{
112	RET=0
113
114	ip link add dev br0 type bridge mcast_snooping 0
115	ip link add name dummy1 up type dummy
116
117	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
118		ttl 20 tos inherit local 198.51.100.1 dstport 4789 \
119		dev dummy1 group 239.0.0.1
120
121	sanitization_single_dev_test_fail
122
123	ip link del dev vxlan0
124	ip link del dev dummy1
125	ip link del dev br0
126
127	log_test "vxlan device with a multicast group"
128}
129
130sanitization_single_dev_no_local_ip_test()
131{
132	RET=0
133
134	ip link add dev br0 type bridge mcast_snooping 0
135
136	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
137		ttl 20 tos inherit dstport 4789
138
139	sanitization_single_dev_test_fail
140
141	ip link del dev vxlan0
142	ip link del dev br0
143
144	log_test "vxlan device with no local ip"
145}
146
147sanitization_single_dev_local_ipv6_test()
148{
149	RET=0
150
151	ip link add dev br0 type bridge mcast_snooping 0
152
153	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
154		ttl 20 tos inherit local 2001:db8::1 dstport 4789
155
156	sanitization_single_dev_test_fail
157
158	ip link del dev vxlan0
159	ip link del dev br0
160
161	log_test "vxlan device with local ipv6 address"
162}
163
164sanitization_single_dev_learning_enabled_test()
165{
166	RET=0
167
168	ip link add dev br0 type bridge mcast_snooping 0
169
170	ip link add name vxlan0 up type vxlan id 10 learning noudpcsum \
171		ttl 20 tos inherit local 198.51.100.1 dstport 4789
172
173	sanitization_single_dev_test_pass
174
175	ip link del dev vxlan0
176	ip link del dev br0
177
178	log_test "vxlan device with learning enabled"
179}
180
181sanitization_single_dev_local_interface_test()
182{
183	RET=0
184
185	ip link add dev br0 type bridge mcast_snooping 0
186	ip link add name dummy1 up type dummy
187
188	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
189		ttl 20 tos inherit local 198.51.100.1 dstport 4789 dev dummy1
190
191	sanitization_single_dev_test_fail
192
193	ip link del dev vxlan0
194	ip link del dev dummy1
195	ip link del dev br0
196
197	log_test "vxlan device with local interface"
198}
199
200sanitization_single_dev_port_range_test()
201{
202	RET=0
203
204	ip link add dev br0 type bridge mcast_snooping 0
205
206	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
207		ttl 20 tos inherit local 198.51.100.1 dstport 4789 \
208		srcport 4000 5000
209
210	sanitization_single_dev_test_fail
211
212	ip link del dev vxlan0
213	ip link del dev br0
214
215	log_test "vxlan device with udp source port range"
216}
217
218sanitization_single_dev_tos_static_test()
219{
220	RET=0
221
222	ip link add dev br0 type bridge mcast_snooping 0
223
224	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
225		ttl 20 tos 20 local 198.51.100.1 dstport 4789
226
227	sanitization_single_dev_test_fail
228
229	ip link del dev vxlan0
230	ip link del dev br0
231
232	log_test "vxlan device with static tos"
233}
234
235sanitization_single_dev_ttl_inherit_test()
236{
237	RET=0
238
239	ip link add dev br0 type bridge mcast_snooping 0
240
241	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
242		ttl inherit tos inherit local 198.51.100.1 dstport 4789
243
244	sanitization_single_dev_test_fail
245
246	ip link del dev vxlan0
247	ip link del dev br0
248
249	log_test "vxlan device with inherit ttl"
250}
251
252sanitization_single_dev_udp_checksum_test()
253{
254	RET=0
255
256	ip link add dev br0 type bridge mcast_snooping 0
257
258	ip link add name vxlan0 up type vxlan id 10 nolearning udpcsum \
259		ttl 20 tos inherit local 198.51.100.1 dstport 4789
260
261	sanitization_single_dev_test_fail
262
263	ip link del dev vxlan0
264	ip link del dev br0
265
266	log_test "vxlan device with udp checksum"
267}
268
269sanitization_single_dev_test()
270{
271	# These tests make sure that we correctly sanitize VxLAN device
272	# configurations we do not support
273	sanitization_single_dev_valid_test
274	sanitization_single_dev_vlan_aware_test
275	sanitization_single_dev_mcast_enabled_test
276	sanitization_single_dev_mcast_group_test
277	sanitization_single_dev_no_local_ip_test
278	sanitization_single_dev_local_ipv6_test
279	sanitization_single_dev_learning_enabled_test
280	sanitization_single_dev_local_interface_test
281	sanitization_single_dev_port_range_test
282	sanitization_single_dev_tos_static_test
283	sanitization_single_dev_ttl_inherit_test
284	sanitization_single_dev_udp_checksum_test
285}
286
287sanitization_multi_devs_test_pass()
288{
289	ip link set dev $swp1 master br0
290	check_err $?
291	ip link set dev vxlan0 master br0
292	check_err $?
293	ip link set dev $swp2 master br1
294	check_err $?
295	ip link set dev vxlan1 master br1
296	check_err $?
297
298	ip link set dev $swp2 nomaster
299	ip link set dev $swp1 nomaster
300
301	ip link set dev $swp1 master br0
302	check_err $?
303	ip link set dev $swp2 master br1
304	check_err $?
305}
306
307sanitization_multi_devs_test_fail()
308{
309	ip link set dev $swp1 master br0
310	check_err $?
311	ip link set dev vxlan0 master br0
312	check_err $?
313	ip link set dev $swp2 master br1
314	check_err $?
315	ip link set dev vxlan1 master br1 &> /dev/null
316	check_fail $?
317
318	ip link set dev $swp2 nomaster
319	ip link set dev $swp1 nomaster
320
321	ip link set dev vxlan1 master br1
322	check_err $?
323	ip link set dev $swp1 master br0
324	check_err $?
325	ip link set dev $swp2 master br1 &> /dev/null
326	check_fail $?
327}
328
329sanitization_multi_devs_valid_test()
330{
331	RET=0
332
333	ip link add dev br0 type bridge mcast_snooping 0
334	ip link add dev br1 type bridge mcast_snooping 0
335
336	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
337		ttl 20 tos inherit local 198.51.100.1 dstport 4789
338	ip link add name vxlan1 up type vxlan id 20 nolearning noudpcsum \
339		ttl 20 tos inherit local 198.51.100.1 dstport 4789
340
341	sanitization_multi_devs_test_pass
342
343	ip link del dev vxlan1
344	ip link del dev vxlan0
345	ip link del dev br1
346	ip link del dev br0
347
348	log_test "multiple vxlan devices - valid configuration"
349}
350
351sanitization_multi_devs_ttl_test()
352{
353	RET=0
354
355	ip link add dev br0 type bridge mcast_snooping 0
356	ip link add dev br1 type bridge mcast_snooping 0
357
358	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
359		ttl 20 tos inherit local 198.51.100.1 dstport 4789
360	ip link add name vxlan1 up type vxlan id 20 nolearning noudpcsum \
361		ttl 40 tos inherit local 198.51.100.1 dstport 4789
362
363	sanitization_multi_devs_test_fail
364
365	ip link del dev vxlan1
366	ip link del dev vxlan0
367	ip link del dev br1
368	ip link del dev br0
369
370	log_test "multiple vxlan devices with different ttl"
371}
372
373sanitization_multi_devs_udp_dstport_test()
374{
375	RET=0
376
377	ip link add dev br0 type bridge mcast_snooping 0
378	ip link add dev br1 type bridge mcast_snooping 0
379
380	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
381		ttl 20 tos inherit local 198.51.100.1 dstport 4789
382	ip link add name vxlan1 up type vxlan id 20 nolearning noudpcsum \
383		ttl 20 tos inherit local 198.51.100.1 dstport 5789
384
385	sanitization_multi_devs_test_fail
386
387	ip link del dev vxlan1
388	ip link del dev vxlan0
389	ip link del dev br1
390	ip link del dev br0
391
392	log_test "multiple vxlan devices with different udp destination port"
393}
394
395sanitization_multi_devs_local_ip_test()
396{
397	RET=0
398
399	ip link add dev br0 type bridge mcast_snooping 0
400	ip link add dev br1 type bridge mcast_snooping 0
401
402	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
403		ttl 20 tos inherit local 198.51.100.1 dstport 4789
404	ip link add name vxlan1 up type vxlan id 20 nolearning noudpcsum \
405		ttl 20 tos inherit local 198.51.100.2 dstport 4789
406
407	sanitization_multi_devs_test_fail
408
409	ip link del dev vxlan1
410	ip link del dev vxlan0
411	ip link del dev br1
412	ip link del dev br0
413
414	log_test "multiple vxlan devices with different local ip"
415}
416
417sanitization_multi_devs_test()
418{
419	# The device has a single VTEP, which means all the VxLAN devices
420	# we offload must share certain properties such as source IP and
421	# UDP destination port. These tests make sure that we forbid
422	# configurations that violate this limitation
423	sanitization_multi_devs_valid_test
424	sanitization_multi_devs_ttl_test
425	sanitization_multi_devs_udp_dstport_test
426	sanitization_multi_devs_local_ip_test
427}
428
429sanitization_test()
430{
431	sanitization_single_dev_test
432	sanitization_multi_devs_test
433}
434
435offload_indication_setup_create()
436{
437	# Create a simple setup with two bridges, each with a VxLAN device
438	# and one local port
439	ip link add name br0 up type bridge mcast_snooping 0
440	ip link add name br1 up type bridge mcast_snooping 0
441
442	ip link set dev $swp1 master br0
443	ip link set dev $swp2 master br1
444
445	ip address add 198.51.100.1/32 dev lo
446
447	ip link add name vxlan0 up master br0 type vxlan id 10 nolearning \
448		noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789
449	ip link add name vxlan1 up master br1 type vxlan id 20 nolearning \
450		noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789
451}
452
453offload_indication_setup_destroy()
454{
455	ip link del dev vxlan1
456	ip link del dev vxlan0
457
458	ip address del 198.51.100.1/32 dev lo
459
460	ip link set dev $swp2 nomaster
461	ip link set dev $swp1 nomaster
462
463	ip link del dev br1
464	ip link del dev br0
465}
466
467offload_indication_fdb_flood_test()
468{
469	RET=0
470
471	bridge fdb append 00:00:00:00:00:00 dev vxlan0 self dst 198.51.100.2
472
473	bridge fdb show brport vxlan0 | grep 00:00:00:00:00:00 \
474		| grep -q offload
475	check_err $?
476
477	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self
478
479	log_test "vxlan flood entry offload indication"
480}
481
482offload_indication_fdb_bridge_test()
483{
484	RET=0
485
486	bridge fdb add de:ad:be:ef:13:37 dev vxlan0 self master static \
487		dst 198.51.100.2
488
489	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep self \
490		| grep -q offload
491	check_err $?
492	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep -v self \
493		| grep -q offload
494	check_err $?
495
496	log_test "vxlan entry offload indication - initial state"
497
498	# Remove FDB entry from the bridge driver and check that corresponding
499	# entry in the VxLAN driver is not marked as offloaded
500	RET=0
501
502	bridge fdb del de:ad:be:ef:13:37 dev vxlan0 master
503	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep self \
504		| grep -q offload
505	check_fail $?
506
507	log_test "vxlan entry offload indication - after removal from bridge"
508
509	# Add the FDB entry back to the bridge driver and make sure it is
510	# marked as offloaded in both drivers
511	RET=0
512
513	bridge fdb add de:ad:be:ef:13:37 dev vxlan0 master static
514	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep self \
515		| grep -q offload
516	check_err $?
517	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep -v self \
518		| grep -q offload
519	check_err $?
520
521	log_test "vxlan entry offload indication - after re-add to bridge"
522
523	# Remove FDB entry from the VxLAN driver and check that corresponding
524	# entry in the bridge driver is not marked as offloaded
525	RET=0
526
527	bridge fdb del de:ad:be:ef:13:37 dev vxlan0 self
528	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep -v self \
529		| grep -q offload
530	check_fail $?
531
532	log_test "vxlan entry offload indication - after removal from vxlan"
533
534	# Add the FDB entry back to the VxLAN driver and make sure it is
535	# marked as offloaded in both drivers
536	RET=0
537
538	bridge fdb add de:ad:be:ef:13:37 dev vxlan0 self dst 198.51.100.2
539	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep self \
540		| grep -q offload
541	check_err $?
542	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep -v self \
543		| grep -q offload
544	check_err $?
545
546	log_test "vxlan entry offload indication - after re-add to vxlan"
547
548	bridge fdb del de:ad:be:ef:13:37 dev vxlan0 self master
549}
550
551offload_indication_fdb_test()
552{
553	offload_indication_fdb_flood_test
554	offload_indication_fdb_bridge_test
555}
556
557offload_indication_decap_route_test()
558{
559	RET=0
560
561	ip route show table local | grep 198.51.100.1 | grep -q offload
562	check_err $?
563
564	ip link set dev vxlan0 down
565	ip route show table local | grep 198.51.100.1 | grep -q offload
566	check_err $?
567
568	ip link set dev vxlan1 down
569	ip route show table local | grep 198.51.100.1 | grep -q offload
570	check_fail $?
571
572	log_test "vxlan decap route - vxlan device down"
573
574	RET=0
575
576	ip link set dev vxlan1 up
577	ip route show table local | grep 198.51.100.1 | grep -q offload
578	check_err $?
579
580	ip link set dev vxlan0 up
581	ip route show table local | grep 198.51.100.1 | grep -q offload
582	check_err $?
583
584	log_test "vxlan decap route - vxlan device up"
585
586	RET=0
587
588	ip address delete 198.51.100.1/32 dev lo
589	ip route show table local | grep 198.51.100.1 | grep -q offload
590	check_fail $?
591
592	ip address add 198.51.100.1/32 dev lo
593	ip route show table local | grep 198.51.100.1 | grep -q offload
594	check_err $?
595
596	log_test "vxlan decap route - add local route"
597
598	RET=0
599
600	ip link set dev $swp1 nomaster
601	ip route show table local | grep 198.51.100.1 | grep -q offload
602	check_err $?
603
604	ip link set dev $swp2 nomaster
605	ip route show table local | grep 198.51.100.1 | grep -q offload
606	check_fail $?
607
608	ip link set dev $swp1 master br0
609	ip link set dev $swp2 master br1
610	ip route show table local | grep 198.51.100.1 | grep -q offload
611	check_err $?
612
613	log_test "vxlan decap route - local ports enslavement"
614
615	RET=0
616
617	ip link del dev br0
618	ip route show table local | grep 198.51.100.1 | grep -q offload
619	check_err $?
620
621	ip link del dev br1
622	ip route show table local | grep 198.51.100.1 | grep -q offload
623	check_fail $?
624
625	log_test "vxlan decap route - bridge device deletion"
626
627	RET=0
628
629	ip link add name br0 up type bridge mcast_snooping 0
630	ip link add name br1 up type bridge mcast_snooping 0
631	ip link set dev $swp1 master br0
632	ip link set dev $swp2 master br1
633	ip link set dev vxlan0 master br0
634	ip link set dev vxlan1 master br1
635	ip route show table local | grep 198.51.100.1 | grep -q offload
636	check_err $?
637
638	ip link del dev vxlan0
639	ip route show table local | grep 198.51.100.1 | grep -q offload
640	check_err $?
641
642	ip link del dev vxlan1
643	ip route show table local | grep 198.51.100.1 | grep -q offload
644	check_fail $?
645
646	log_test "vxlan decap route - vxlan device deletion"
647
648	ip link add name vxlan0 up master br0 type vxlan id 10 nolearning \
649		noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789
650	ip link add name vxlan1 up master br1 type vxlan id 20 nolearning \
651		noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789
652}
653
654check_fdb_offloaded()
655{
656	local mac=00:11:22:33:44:55
657	local zmac=00:00:00:00:00:00
658
659	bridge fdb show dev vxlan0 | grep $mac | grep self | grep -q offload
660	check_err $?
661	bridge fdb show dev vxlan0 | grep $mac | grep master | grep -q offload
662	check_err $?
663
664	bridge fdb show dev vxlan0 | grep $zmac | grep self | grep -q offload
665	check_err $?
666}
667
668check_vxlan_fdb_not_offloaded()
669{
670	local mac=00:11:22:33:44:55
671	local zmac=00:00:00:00:00:00
672
673	bridge fdb show dev vxlan0 | grep $mac | grep -q self
674	check_err $?
675	bridge fdb show dev vxlan0 | grep $mac | grep self | grep -q offload
676	check_fail $?
677
678	bridge fdb show dev vxlan0 | grep $zmac | grep -q self
679	check_err $?
680	bridge fdb show dev vxlan0 | grep $zmac | grep self | grep -q offload
681	check_fail $?
682}
683
684check_bridge_fdb_not_offloaded()
685{
686	local mac=00:11:22:33:44:55
687	local zmac=00:00:00:00:00:00
688
689	bridge fdb show dev vxlan0 | grep $mac | grep -q master
690	check_err $?
691	bridge fdb show dev vxlan0 | grep $mac | grep master | grep -q offload
692	check_fail $?
693}
694
695__offload_indication_join_vxlan_first()
696{
697	local vid=$1; shift
698
699	local mac=00:11:22:33:44:55
700	local zmac=00:00:00:00:00:00
701
702	bridge fdb append $zmac dev vxlan0 self dst 198.51.100.2
703
704	ip link set dev vxlan0 master br0
705	bridge fdb add dev vxlan0 $mac self master static dst 198.51.100.2
706
707	RET=0
708	check_vxlan_fdb_not_offloaded
709	ip link set dev $swp1 master br0
710	sleep .1
711	check_fdb_offloaded
712	log_test "offload indication - attach vxlan first"
713
714	RET=0
715	ip link set dev vxlan0 down
716	check_vxlan_fdb_not_offloaded
717	check_bridge_fdb_not_offloaded
718	log_test "offload indication - set vxlan down"
719
720	RET=0
721	ip link set dev vxlan0 up
722	sleep .1
723	check_fdb_offloaded
724	log_test "offload indication - set vxlan up"
725
726	if [[ ! -z $vid ]]; then
727		RET=0
728		bridge vlan del dev vxlan0 vid $vid
729		check_vxlan_fdb_not_offloaded
730		check_bridge_fdb_not_offloaded
731		log_test "offload indication - delete VLAN"
732
733		RET=0
734		bridge vlan add dev vxlan0 vid $vid
735		check_vxlan_fdb_not_offloaded
736		check_bridge_fdb_not_offloaded
737		log_test "offload indication - add tagged VLAN"
738
739		RET=0
740		bridge vlan add dev vxlan0 vid $vid pvid untagged
741		sleep .1
742		check_fdb_offloaded
743		log_test "offload indication - add pvid/untagged VLAN"
744	fi
745
746	RET=0
747	ip link set dev $swp1 nomaster
748	check_vxlan_fdb_not_offloaded
749	log_test "offload indication - detach port"
750}
751
752offload_indication_join_vxlan_first()
753{
754	ip link add dev br0 up type bridge mcast_snooping 0
755	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
756		ttl 20 tos inherit local 198.51.100.1 dstport 4789
757
758	__offload_indication_join_vxlan_first
759
760	ip link del dev vxlan0
761	ip link del dev br0
762}
763
764__offload_indication_join_vxlan_last()
765{
766	local zmac=00:00:00:00:00:00
767
768	RET=0
769
770	bridge fdb append $zmac dev vxlan0 self dst 198.51.100.2
771
772	ip link set dev $swp1 master br0
773
774	bridge fdb show dev vxlan0 | grep $zmac | grep self | grep -q offload
775	check_fail $?
776
777	ip link set dev vxlan0 master br0
778
779	bridge fdb show dev vxlan0 | grep $zmac | grep self | grep -q offload
780	check_err $?
781
782	log_test "offload indication - attach vxlan last"
783}
784
785offload_indication_join_vxlan_last()
786{
787	ip link add dev br0 up type bridge mcast_snooping 0
788	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
789		ttl 20 tos inherit local 198.51.100.1 dstport 4789
790
791	__offload_indication_join_vxlan_last
792
793	ip link del dev vxlan0
794	ip link del dev br0
795}
796
797offload_indication_test()
798{
799	offload_indication_setup_create
800	offload_indication_fdb_test
801	offload_indication_decap_route_test
802	offload_indication_setup_destroy
803
804	log_info "offload indication - replay & cleanup"
805	offload_indication_join_vxlan_first
806	offload_indication_join_vxlan_last
807}
808
809sanitization_vlan_aware_test()
810{
811	RET=0
812
813	ip link add dev br0 type bridge mcast_snooping 0 vlan_filtering 1
814
815	ip link add name vxlan10 up master br0 type vxlan id 10 nolearning \
816		noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789
817
818	ip link add name vxlan20 up master br0 type vxlan id 20 nolearning \
819		noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789
820
821	# Test that when each VNI is mapped to a different VLAN we can enslave
822	# a port to the bridge
823	bridge vlan add vid 10 dev vxlan10 pvid untagged
824	bridge vlan add vid 20 dev vxlan20 pvid untagged
825
826	ip link set dev $swp1 master br0
827	check_err $?
828
829	log_test "vlan-aware - enslavement to vlan-aware bridge"
830
831	# Try to map both VNIs to the same VLAN and make sure configuration
832	# fails
833	RET=0
834
835	bridge vlan add vid 10 dev vxlan20 pvid untagged &> /dev/null
836	check_fail $?
837
838	log_test "vlan-aware - two vnis mapped to the same vlan"
839
840	# Test that enslavement of a port to a bridge fails when two VNIs
841	# are mapped to the same VLAN
842	RET=0
843
844	ip link set dev $swp1 nomaster
845
846	bridge vlan del vid 20 dev vxlan20 pvid untagged
847	bridge vlan add vid 10 dev vxlan20 pvid untagged
848
849	ip link set dev $swp1 master br0 &> /dev/null
850	check_fail $?
851
852	log_test "vlan-aware - failed enslavement to vlan-aware bridge"
853
854	bridge vlan del vid 10 dev vxlan20
855	bridge vlan add vid 20 dev vxlan20 pvid untagged
856
857	# Test that when two VXLAN tunnels with conflicting configurations
858	# (i.e., different TTL) are enslaved to the same VLAN-aware bridge,
859	# then the enslavement of a port to the bridge is denied.
860
861	# Use the offload indication of the local route to ensure the VXLAN
862	# configuration was correctly rollbacked.
863	ip address add 198.51.100.1/32 dev lo
864
865	ip link set dev vxlan10 type vxlan ttl 10
866	ip link set dev $swp1 master br0 &> /dev/null
867	check_fail $?
868
869	ip route show table local | grep 198.51.100.1 | grep -q offload
870	check_fail $?
871
872	log_test "vlan-aware - failed enslavement to bridge due to conflict"
873
874	ip link set dev vxlan10 type vxlan ttl 20
875	ip address del 198.51.100.1/32 dev lo
876
877	ip link del dev vxlan20
878	ip link del dev vxlan10
879	ip link del dev br0
880}
881
882offload_indication_vlan_aware_setup_create()
883{
884	# Create a simple setup with two VxLAN devices and a single VLAN-aware
885	# bridge
886	ip link add name br0 up type bridge mcast_snooping 0 vlan_filtering 1 \
887		vlan_default_pvid 0
888
889	ip link set dev $swp1 master br0
890
891	bridge vlan add vid 10 dev $swp1
892	bridge vlan add vid 20 dev $swp1
893
894	ip address add 198.51.100.1/32 dev lo
895
896	ip link add name vxlan10 up master br0 type vxlan id 10 nolearning \
897		noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789
898	ip link add name vxlan20 up master br0 type vxlan id 20 nolearning \
899		noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789
900
901	bridge vlan add vid 10 dev vxlan10 pvid untagged
902	bridge vlan add vid 20 dev vxlan20 pvid untagged
903}
904
905offload_indication_vlan_aware_setup_destroy()
906{
907	bridge vlan del vid 20 dev vxlan20
908	bridge vlan del vid 10 dev vxlan10
909
910	ip link del dev vxlan20
911	ip link del dev vxlan10
912
913	ip address del 198.51.100.1/32 dev lo
914
915	bridge vlan del vid 20 dev $swp1
916	bridge vlan del vid 10 dev $swp1
917
918	ip link set dev $swp1 nomaster
919
920	ip link del dev br0
921}
922
923offload_indication_vlan_aware_fdb_test()
924{
925	RET=0
926
927	log_info "vxlan entry offload indication - vlan-aware"
928
929	bridge fdb add de:ad:be:ef:13:37 dev vxlan10 self master static \
930		dst 198.51.100.2 vlan 10
931
932	bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep self \
933		| grep -q offload
934	check_err $?
935	bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep -v self \
936		| grep -q offload
937	check_err $?
938
939	log_test "vxlan entry offload indication - initial state"
940
941	# Remove FDB entry from the bridge driver and check that corresponding
942	# entry in the VxLAN driver is not marked as offloaded
943	RET=0
944
945	bridge fdb del de:ad:be:ef:13:37 dev vxlan10 master vlan 10
946	bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep self \
947		| grep -q offload
948	check_fail $?
949
950	log_test "vxlan entry offload indication - after removal from bridge"
951
952	# Add the FDB entry back to the bridge driver and make sure it is
953	# marked as offloaded in both drivers
954	RET=0
955
956	bridge fdb add de:ad:be:ef:13:37 dev vxlan10 master static vlan 10
957	bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep self \
958		| grep -q offload
959	check_err $?
960	bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep -v self \
961		| grep -q offload
962	check_err $?
963
964	log_test "vxlan entry offload indication - after re-add to bridge"
965
966	# Remove FDB entry from the VxLAN driver and check that corresponding
967	# entry in the bridge driver is not marked as offloaded
968	RET=0
969
970	bridge fdb del de:ad:be:ef:13:37 dev vxlan10 self
971	bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep -v self \
972		| grep -q offload
973	check_fail $?
974
975	log_test "vxlan entry offload indication - after removal from vxlan"
976
977	# Add the FDB entry back to the VxLAN driver and make sure it is
978	# marked as offloaded in both drivers
979	RET=0
980
981	bridge fdb add de:ad:be:ef:13:37 dev vxlan10 self dst 198.51.100.2
982	bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep self \
983		| grep -q offload
984	check_err $?
985	bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep -v self \
986		| grep -q offload
987	check_err $?
988
989	log_test "vxlan entry offload indication - after re-add to vxlan"
990
991	bridge fdb del de:ad:be:ef:13:37 dev vxlan10 self master vlan 10
992}
993
994offload_indication_vlan_aware_decap_route_test()
995{
996	RET=0
997
998	ip route show table local | grep 198.51.100.1 | grep -q offload
999	check_err $?
1000
1001	# Toggle PVID flag on one VxLAN device and make sure route is still
1002	# marked as offloaded
1003	bridge vlan add vid 10 dev vxlan10 untagged
1004
1005	ip route show table local | grep 198.51.100.1 | grep -q offload
1006	check_err $?
1007
1008	# Toggle PVID flag on second VxLAN device and make sure route is no
1009	# longer marked as offloaded
1010	bridge vlan add vid 20 dev vxlan20 untagged
1011
1012	ip route show table local | grep 198.51.100.1 | grep -q offload
1013	check_fail $?
1014
1015	# Toggle PVID flag back and make sure route is marked as offloaded
1016	bridge vlan add vid 10 dev vxlan10 pvid untagged
1017	bridge vlan add vid 20 dev vxlan20 pvid untagged
1018
1019	ip route show table local | grep 198.51.100.1 | grep -q offload
1020	check_err $?
1021
1022	log_test "vxlan decap route - vni map/unmap"
1023}
1024
1025offload_indication_vlan_aware_join_vxlan_first()
1026{
1027	ip link add dev br0 up type bridge mcast_snooping 0 \
1028		vlan_filtering 1 vlan_default_pvid 1
1029	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
1030		ttl 20 tos inherit local 198.51.100.1 dstport 4789
1031
1032	__offload_indication_join_vxlan_first 1
1033
1034	ip link del dev vxlan0
1035	ip link del dev br0
1036}
1037
1038offload_indication_vlan_aware_join_vxlan_last()
1039{
1040	ip link add dev br0 up type bridge mcast_snooping 0 \
1041		vlan_filtering 1 vlan_default_pvid 1
1042	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
1043		ttl 20 tos inherit local 198.51.100.1 dstport 4789
1044
1045	__offload_indication_join_vxlan_last
1046
1047	ip link del dev vxlan0
1048	ip link del dev br0
1049}
1050
1051offload_indication_vlan_aware_l3vni_test()
1052{
1053	local zmac=00:00:00:00:00:00
1054
1055	RET=0
1056
1057	sysctl_set net.ipv6.conf.default.disable_ipv6 1
1058	ip link add dev br0 up type bridge mcast_snooping 0 \
1059		vlan_filtering 1 vlan_default_pvid 0
1060	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
1061		ttl 20 tos inherit local 198.51.100.1 dstport 4789
1062
1063	ip link set dev $swp1 master br0
1064
1065	# The test will use the offload indication on the FDB entry to
1066	# understand if the tunnel is offloaded or not
1067	bridge fdb append $zmac dev vxlan0 self dst 192.0.2.1
1068
1069	ip link set dev vxlan0 master br0
1070	bridge vlan add dev vxlan0 vid 10 pvid untagged
1071
1072	bridge fdb show brport vxlan0 | grep $zmac | grep self \
1073		| grep -q offload
1074	check_err $? "vxlan tunnel not offloaded when should"
1075
1076	# Configure a VLAN interface and make sure tunnel is offloaded
1077	ip link add link br0 name br10 up type vlan id 10
1078	sysctl_set net.ipv6.conf.br10.disable_ipv6 0
1079	ip -6 address add 2001:db8:1::1/64 dev br10
1080	bridge fdb show brport vxlan0 | grep $zmac | grep self \
1081		| grep -q offload
1082	check_err $? "vxlan tunnel not offloaded when should"
1083
1084	# Unlink the VXLAN device, make sure tunnel is no longer offloaded,
1085	# then add it back to the bridge and make sure it is offloaded
1086	ip link set dev vxlan0 nomaster
1087	bridge fdb show brport vxlan0 | grep $zmac | grep self \
1088		| grep -q offload
1089	check_fail $? "vxlan tunnel offloaded after unlinked from bridge"
1090
1091	ip link set dev vxlan0 master br0
1092	bridge fdb show brport vxlan0 | grep $zmac | grep self \
1093		| grep -q offload
1094	check_fail $? "vxlan tunnel offloaded despite no matching vid"
1095
1096	bridge vlan add dev vxlan0 vid 10 pvid untagged
1097	bridge fdb show brport vxlan0 | grep $zmac | grep self \
1098		| grep -q offload
1099	check_err $? "vxlan tunnel not offloaded after adding vid"
1100
1101	log_test "vxlan - l3 vni"
1102
1103	ip link del dev vxlan0
1104	ip link del dev br0
1105	sysctl_restore net.ipv6.conf.default.disable_ipv6
1106}
1107
1108offload_indication_vlan_aware_test()
1109{
1110	offload_indication_vlan_aware_setup_create
1111	offload_indication_vlan_aware_fdb_test
1112	offload_indication_vlan_aware_decap_route_test
1113	offload_indication_vlan_aware_setup_destroy
1114
1115	log_info "offload indication - replay & cleanup - vlan aware"
1116	offload_indication_vlan_aware_join_vxlan_first
1117	offload_indication_vlan_aware_join_vxlan_last
1118	offload_indication_vlan_aware_l3vni_test
1119}
1120
1121trap cleanup EXIT
1122
1123setup_prepare
1124setup_wait
1125
1126tests_run
1127
1128exit $EXIT_STATUS
1129