1#!/bin/bash 2# SPDX-License-Identifier: GPL-2.0 3 4# This test is for checking IPv4 and IPv6 FIB behavior in response to 5# different events. 6source lib.sh 7ret=0 8 9# all tests in this script. Can be overridden with -t option 10TESTS="unregister down carrier nexthop suppress ipv6_notify ipv4_notify \ 11 ipv6_rt ipv4_rt ipv6_addr_metric ipv4_addr_metric ipv6_route_metrics \ 12 ipv4_route_metrics ipv4_route_v6_gw rp_filter ipv4_del_addr \ 13 ipv6_del_addr ipv4_mangle ipv6_mangle ipv4_bcast_neigh fib6_gc_test \ 14 ipv4_mpath_list ipv6_mpath_list" 15 16VERBOSE=0 17PAUSE_ON_FAIL=no 18PAUSE=no 19 20which ping6 > /dev/null 2>&1 && ping6=$(which ping6) || ping6=$(which ping) 21 22log_test() 23{ 24 local rc=$1 25 local expected=$2 26 local msg="$3" 27 28 if [ ${rc} -eq ${expected} ]; then 29 printf " TEST: %-60s [ OK ]\n" "${msg}" 30 nsuccess=$((nsuccess+1)) 31 else 32 ret=1 33 nfail=$((nfail+1)) 34 printf " TEST: %-60s [FAIL]\n" "${msg}" 35 if [ "${PAUSE_ON_FAIL}" = "yes" ]; then 36 echo 37 echo "hit enter to continue, 'q' to quit" 38 read a 39 [ "$a" = "q" ] && exit 1 40 fi 41 fi 42 43 if [ "${PAUSE}" = "yes" ]; then 44 echo 45 echo "hit enter to continue, 'q' to quit" 46 read a 47 [ "$a" = "q" ] && exit 1 48 fi 49} 50 51setup() 52{ 53 set -e 54 setup_ns ns1 55 IP="$(which ip) -netns $ns1" 56 NS_EXEC="$(which ip) netns exec $ns1" 57 ip netns exec $ns1 sysctl -qw net.ipv4.ip_forward=1 58 ip netns exec $ns1 sysctl -qw net.ipv6.conf.all.forwarding=1 59 60 $IP link add dummy0 type dummy 61 $IP link set dev dummy0 up 62 $IP address add 198.51.100.1/24 dev dummy0 63 $IP -6 address add 2001:db8:1::1/64 dev dummy0 64 set +e 65 66} 67 68cleanup() 69{ 70 $IP link del dev dummy0 &> /dev/null 71 cleanup_ns $ns1 $ns2 72} 73 74get_linklocal() 75{ 76 local dev=$1 77 local addr 78 79 addr=$($IP -6 -br addr show dev ${dev} | \ 80 awk '{ 81 for (i = 3; i <= NF; ++i) { 82 if ($i ~ /^fe80/) 83 print $i 84 } 85 }' 86 ) 87 addr=${addr/\/*} 88 89 [ -z "$addr" ] && return 1 90 91 echo $addr 92 93 return 0 94} 95 96fib_unreg_unicast_test() 97{ 98 echo 99 echo "Single path route test" 100 101 setup 102 103 echo " Start point" 104 $IP route get fibmatch 198.51.100.2 &> /dev/null 105 log_test $? 0 "IPv4 fibmatch" 106 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null 107 log_test $? 0 "IPv6 fibmatch" 108 109 set -e 110 $IP link del dev dummy0 111 set +e 112 113 echo " Nexthop device deleted" 114 $IP route get fibmatch 198.51.100.2 &> /dev/null 115 log_test $? 2 "IPv4 fibmatch - no route" 116 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null 117 log_test $? 2 "IPv6 fibmatch - no route" 118 119 cleanup 120} 121 122fib_unreg_multipath_test() 123{ 124 125 echo 126 echo "Multipath route test" 127 128 setup 129 130 set -e 131 $IP link add dummy1 type dummy 132 $IP link set dev dummy1 up 133 $IP address add 192.0.2.1/24 dev dummy1 134 $IP -6 address add 2001:db8:2::1/64 dev dummy1 135 136 $IP route add 203.0.113.0/24 \ 137 nexthop via 198.51.100.2 dev dummy0 \ 138 nexthop via 192.0.2.2 dev dummy1 139 $IP -6 route add 2001:db8:3::/64 \ 140 nexthop via 2001:db8:1::2 dev dummy0 \ 141 nexthop via 2001:db8:2::2 dev dummy1 142 set +e 143 144 echo " Start point" 145 $IP route get fibmatch 203.0.113.1 &> /dev/null 146 log_test $? 0 "IPv4 fibmatch" 147 $IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null 148 log_test $? 0 "IPv6 fibmatch" 149 150 set -e 151 $IP link del dev dummy0 152 set +e 153 154 echo " One nexthop device deleted" 155 $IP route get fibmatch 203.0.113.1 &> /dev/null 156 log_test $? 2 "IPv4 - multipath route removed on delete" 157 158 $IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null 159 # In IPv6 we do not flush the entire multipath route. 160 log_test $? 0 "IPv6 - multipath down to single path" 161 162 set -e 163 $IP link del dev dummy1 164 set +e 165 166 echo " Second nexthop device deleted" 167 $IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null 168 log_test $? 2 "IPv6 - no route" 169 170 cleanup 171} 172 173fib_unreg_test() 174{ 175 fib_unreg_unicast_test 176 fib_unreg_multipath_test 177} 178 179fib_down_unicast_test() 180{ 181 echo 182 echo "Single path, admin down" 183 184 setup 185 186 echo " Start point" 187 $IP route get fibmatch 198.51.100.2 &> /dev/null 188 log_test $? 0 "IPv4 fibmatch" 189 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null 190 log_test $? 0 "IPv6 fibmatch" 191 192 set -e 193 $IP link set dev dummy0 down 194 set +e 195 196 echo " Route deleted on down" 197 $IP route get fibmatch 198.51.100.2 &> /dev/null 198 log_test $? 2 "IPv4 fibmatch" 199 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null 200 log_test $? 2 "IPv6 fibmatch" 201 202 cleanup 203} 204 205fib_down_multipath_test_do() 206{ 207 local down_dev=$1 208 local up_dev=$2 209 210 $IP route get fibmatch 203.0.113.1 \ 211 oif $down_dev &> /dev/null 212 log_test $? 2 "IPv4 fibmatch on down device" 213 $IP -6 route get fibmatch 2001:db8:3::1 \ 214 oif $down_dev &> /dev/null 215 log_test $? 2 "IPv6 fibmatch on down device" 216 217 $IP route get fibmatch 203.0.113.1 \ 218 oif $up_dev &> /dev/null 219 log_test $? 0 "IPv4 fibmatch on up device" 220 $IP -6 route get fibmatch 2001:db8:3::1 \ 221 oif $up_dev &> /dev/null 222 log_test $? 0 "IPv6 fibmatch on up device" 223 224 $IP route get fibmatch 203.0.113.1 | \ 225 grep $down_dev | grep -q "dead linkdown" 226 log_test $? 0 "IPv4 flags on down device" 227 $IP -6 route get fibmatch 2001:db8:3::1 | \ 228 grep $down_dev | grep -q "dead linkdown" 229 log_test $? 0 "IPv6 flags on down device" 230 231 $IP route get fibmatch 203.0.113.1 | \ 232 grep $up_dev | grep -q "dead linkdown" 233 log_test $? 1 "IPv4 flags on up device" 234 $IP -6 route get fibmatch 2001:db8:3::1 | \ 235 grep $up_dev | grep -q "dead linkdown" 236 log_test $? 1 "IPv6 flags on up device" 237} 238 239fib_down_multipath_test() 240{ 241 echo 242 echo "Admin down multipath" 243 244 setup 245 246 set -e 247 $IP link add dummy1 type dummy 248 $IP link set dev dummy1 up 249 250 $IP address add 192.0.2.1/24 dev dummy1 251 $IP -6 address add 2001:db8:2::1/64 dev dummy1 252 253 $IP route add 203.0.113.0/24 \ 254 nexthop via 198.51.100.2 dev dummy0 \ 255 nexthop via 192.0.2.2 dev dummy1 256 $IP -6 route add 2001:db8:3::/64 \ 257 nexthop via 2001:db8:1::2 dev dummy0 \ 258 nexthop via 2001:db8:2::2 dev dummy1 259 set +e 260 261 echo " Verify start point" 262 $IP route get fibmatch 203.0.113.1 &> /dev/null 263 log_test $? 0 "IPv4 fibmatch" 264 265 $IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null 266 log_test $? 0 "IPv6 fibmatch" 267 268 set -e 269 $IP link set dev dummy0 down 270 set +e 271 272 echo " One device down, one up" 273 fib_down_multipath_test_do "dummy0" "dummy1" 274 275 set -e 276 $IP link set dev dummy0 up 277 $IP link set dev dummy1 down 278 set +e 279 280 echo " Other device down and up" 281 fib_down_multipath_test_do "dummy1" "dummy0" 282 283 set -e 284 $IP link set dev dummy0 down 285 set +e 286 287 echo " Both devices down" 288 $IP route get fibmatch 203.0.113.1 &> /dev/null 289 log_test $? 2 "IPv4 fibmatch" 290 $IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null 291 log_test $? 2 "IPv6 fibmatch" 292 293 $IP link del dev dummy1 294 cleanup 295} 296 297fib_down_test() 298{ 299 fib_down_unicast_test 300 fib_down_multipath_test 301} 302 303# Local routes should not be affected when carrier changes. 304fib_carrier_local_test() 305{ 306 echo 307 echo "Local carrier tests - single path" 308 309 setup 310 311 set -e 312 $IP link set dev dummy0 carrier on 313 set +e 314 315 echo " Start point" 316 $IP route get fibmatch 198.51.100.1 &> /dev/null 317 log_test $? 0 "IPv4 fibmatch" 318 $IP -6 route get fibmatch 2001:db8:1::1 &> /dev/null 319 log_test $? 0 "IPv6 fibmatch" 320 321 $IP route get fibmatch 198.51.100.1 | \ 322 grep -q "linkdown" 323 log_test $? 1 "IPv4 - no linkdown flag" 324 $IP -6 route get fibmatch 2001:db8:1::1 | \ 325 grep -q "linkdown" 326 log_test $? 1 "IPv6 - no linkdown flag" 327 328 set -e 329 $IP link set dev dummy0 carrier off 330 sleep 1 331 set +e 332 333 echo " Carrier off on nexthop" 334 $IP route get fibmatch 198.51.100.1 &> /dev/null 335 log_test $? 0 "IPv4 fibmatch" 336 $IP -6 route get fibmatch 2001:db8:1::1 &> /dev/null 337 log_test $? 0 "IPv6 fibmatch" 338 339 $IP route get fibmatch 198.51.100.1 | \ 340 grep -q "linkdown" 341 log_test $? 1 "IPv4 - linkdown flag set" 342 $IP -6 route get fibmatch 2001:db8:1::1 | \ 343 grep -q "linkdown" 344 log_test $? 1 "IPv6 - linkdown flag set" 345 346 set -e 347 $IP address add 192.0.2.1/24 dev dummy0 348 $IP -6 address add 2001:db8:2::1/64 dev dummy0 349 set +e 350 351 echo " Route to local address with carrier down" 352 $IP route get fibmatch 192.0.2.1 &> /dev/null 353 log_test $? 0 "IPv4 fibmatch" 354 $IP -6 route get fibmatch 2001:db8:2::1 &> /dev/null 355 log_test $? 0 "IPv6 fibmatch" 356 357 $IP route get fibmatch 192.0.2.1 | \ 358 grep -q "linkdown" 359 log_test $? 1 "IPv4 linkdown flag set" 360 $IP -6 route get fibmatch 2001:db8:2::1 | \ 361 grep -q "linkdown" 362 log_test $? 1 "IPv6 linkdown flag set" 363 364 cleanup 365} 366 367fib_carrier_unicast_test() 368{ 369 ret=0 370 371 echo 372 echo "Single path route carrier test" 373 374 setup 375 376 set -e 377 $IP link set dev dummy0 carrier on 378 set +e 379 380 echo " Start point" 381 $IP route get fibmatch 198.51.100.2 &> /dev/null 382 log_test $? 0 "IPv4 fibmatch" 383 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null 384 log_test $? 0 "IPv6 fibmatch" 385 386 $IP route get fibmatch 198.51.100.2 | \ 387 grep -q "linkdown" 388 log_test $? 1 "IPv4 no linkdown flag" 389 $IP -6 route get fibmatch 2001:db8:1::2 | \ 390 grep -q "linkdown" 391 log_test $? 1 "IPv6 no linkdown flag" 392 393 set -e 394 $IP link set dev dummy0 carrier off 395 sleep 1 396 set +e 397 398 echo " Carrier down" 399 $IP route get fibmatch 198.51.100.2 &> /dev/null 400 log_test $? 0 "IPv4 fibmatch" 401 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null 402 log_test $? 0 "IPv6 fibmatch" 403 404 $IP route get fibmatch 198.51.100.2 | \ 405 grep -q "linkdown" 406 log_test $? 0 "IPv4 linkdown flag set" 407 $IP -6 route get fibmatch 2001:db8:1::2 | \ 408 grep -q "linkdown" 409 log_test $? 0 "IPv6 linkdown flag set" 410 411 set -e 412 $IP address add 192.0.2.1/24 dev dummy0 413 $IP -6 address add 2001:db8:2::1/64 dev dummy0 414 set +e 415 416 echo " Second address added with carrier down" 417 $IP route get fibmatch 192.0.2.2 &> /dev/null 418 log_test $? 0 "IPv4 fibmatch" 419 $IP -6 route get fibmatch 2001:db8:2::2 &> /dev/null 420 log_test $? 0 "IPv6 fibmatch" 421 422 $IP route get fibmatch 192.0.2.2 | \ 423 grep -q "linkdown" 424 log_test $? 0 "IPv4 linkdown flag set" 425 $IP -6 route get fibmatch 2001:db8:2::2 | \ 426 grep -q "linkdown" 427 log_test $? 0 "IPv6 linkdown flag set" 428 429 cleanup 430} 431 432fib_carrier_test() 433{ 434 fib_carrier_local_test 435 fib_carrier_unicast_test 436} 437 438fib_rp_filter_test() 439{ 440 echo 441 echo "IPv4 rp_filter tests" 442 443 setup 444 445 set -e 446 setup_ns ns2 447 448 $IP link add name veth1 type veth peer name veth2 449 $IP link set dev veth2 netns $ns2 450 $IP address add 192.0.2.1/24 dev veth1 451 ip -netns $ns2 address add 192.0.2.1/24 dev veth2 452 $IP link set dev veth1 up 453 ip -netns $ns2 link set dev veth2 up 454 455 $IP link set dev lo address 52:54:00:6a:c7:5e 456 $IP link set dev veth1 address 52:54:00:6a:c7:5e 457 ip -netns $ns2 link set dev lo address 52:54:00:6a:c7:5e 458 ip -netns $ns2 link set dev veth2 address 52:54:00:6a:c7:5e 459 460 # 1. (ns2) redirect lo's egress to veth2's egress 461 ip netns exec $ns2 tc qdisc add dev lo parent root handle 1: fq_codel 462 ip netns exec $ns2 tc filter add dev lo parent 1: protocol arp basic \ 463 action mirred egress redirect dev veth2 464 ip netns exec $ns2 tc filter add dev lo parent 1: protocol ip basic \ 465 action mirred egress redirect dev veth2 466 467 # 2. (ns1) redirect veth1's ingress to lo's ingress 468 $NS_EXEC tc qdisc add dev veth1 ingress 469 $NS_EXEC tc filter add dev veth1 ingress protocol arp basic \ 470 action mirred ingress redirect dev lo 471 $NS_EXEC tc filter add dev veth1 ingress protocol ip basic \ 472 action mirred ingress redirect dev lo 473 474 # 3. (ns1) redirect lo's egress to veth1's egress 475 $NS_EXEC tc qdisc add dev lo parent root handle 1: fq_codel 476 $NS_EXEC tc filter add dev lo parent 1: protocol arp basic \ 477 action mirred egress redirect dev veth1 478 $NS_EXEC tc filter add dev lo parent 1: protocol ip basic \ 479 action mirred egress redirect dev veth1 480 481 # 4. (ns2) redirect veth2's ingress to lo's ingress 482 ip netns exec $ns2 tc qdisc add dev veth2 ingress 483 ip netns exec $ns2 tc filter add dev veth2 ingress protocol arp basic \ 484 action mirred ingress redirect dev lo 485 ip netns exec $ns2 tc filter add dev veth2 ingress protocol ip basic \ 486 action mirred ingress redirect dev lo 487 488 $NS_EXEC sysctl -qw net.ipv4.conf.all.rp_filter=1 489 $NS_EXEC sysctl -qw net.ipv4.conf.all.accept_local=1 490 $NS_EXEC sysctl -qw net.ipv4.conf.all.route_localnet=1 491 ip netns exec $ns2 sysctl -qw net.ipv4.conf.all.rp_filter=1 492 ip netns exec $ns2 sysctl -qw net.ipv4.conf.all.accept_local=1 493 ip netns exec $ns2 sysctl -qw net.ipv4.conf.all.route_localnet=1 494 set +e 495 496 run_cmd "ip netns exec $ns2 ping -w1 -c1 192.0.2.1" 497 log_test $? 0 "rp_filter passes local packets" 498 499 run_cmd "ip netns exec $ns2 ping -w1 -c1 127.0.0.1" 500 log_test $? 0 "rp_filter passes loopback packets" 501 502 cleanup 503} 504 505################################################################################ 506# Tests on nexthop spec 507 508# run 'ip route add' with given spec 509add_rt() 510{ 511 local desc="$1" 512 local erc=$2 513 local vrf=$3 514 local pfx=$4 515 local gw=$5 516 local dev=$6 517 local cmd out rc 518 519 [ "$vrf" = "-" ] && vrf="default" 520 [ -n "$gw" ] && gw="via $gw" 521 [ -n "$dev" ] && dev="dev $dev" 522 523 cmd="$IP route add vrf $vrf $pfx $gw $dev" 524 if [ "$VERBOSE" = "1" ]; then 525 printf "\n COMMAND: $cmd\n" 526 fi 527 528 out=$(eval $cmd 2>&1) 529 rc=$? 530 if [ "$VERBOSE" = "1" -a -n "$out" ]; then 531 echo " $out" 532 fi 533 log_test $rc $erc "$desc" 534} 535 536fib4_nexthop() 537{ 538 echo 539 echo "IPv4 nexthop tests" 540 541 echo "<<< write me >>>" 542} 543 544fib6_nexthop() 545{ 546 local lldummy=$(get_linklocal dummy0) 547 local llv1=$(get_linklocal dummy0) 548 549 if [ -z "$lldummy" ]; then 550 echo "Failed to get linklocal address for dummy0" 551 return 1 552 fi 553 if [ -z "$llv1" ]; then 554 echo "Failed to get linklocal address for veth1" 555 return 1 556 fi 557 558 echo 559 echo "IPv6 nexthop tests" 560 561 add_rt "Directly connected nexthop, unicast address" 0 \ 562 - 2001:db8:101::/64 2001:db8:1::2 563 add_rt "Directly connected nexthop, unicast address with device" 0 \ 564 - 2001:db8:102::/64 2001:db8:1::2 "dummy0" 565 add_rt "Gateway is linklocal address" 0 \ 566 - 2001:db8:103::1/64 $llv1 "veth0" 567 568 # fails because LL address requires a device 569 add_rt "Gateway is linklocal address, no device" 2 \ 570 - 2001:db8:104::1/64 $llv1 571 572 # local address can not be a gateway 573 add_rt "Gateway can not be local unicast address" 2 \ 574 - 2001:db8:105::/64 2001:db8:1::1 575 add_rt "Gateway can not be local unicast address, with device" 2 \ 576 - 2001:db8:106::/64 2001:db8:1::1 "dummy0" 577 add_rt "Gateway can not be a local linklocal address" 2 \ 578 - 2001:db8:107::1/64 $lldummy "dummy0" 579 580 # VRF tests 581 add_rt "Gateway can be local address in a VRF" 0 \ 582 - 2001:db8:108::/64 2001:db8:51::2 583 add_rt "Gateway can be local address in a VRF, with device" 0 \ 584 - 2001:db8:109::/64 2001:db8:51::2 "veth0" 585 add_rt "Gateway can be local linklocal address in a VRF" 0 \ 586 - 2001:db8:110::1/64 $llv1 "veth0" 587 588 add_rt "Redirect to VRF lookup" 0 \ 589 - 2001:db8:111::/64 "" "red" 590 591 add_rt "VRF route, gateway can be local address in default VRF" 0 \ 592 red 2001:db8:112::/64 2001:db8:51::1 593 594 # local address in same VRF fails 595 add_rt "VRF route, gateway can not be a local address" 2 \ 596 red 2001:db8:113::1/64 2001:db8:2::1 597 add_rt "VRF route, gateway can not be a local addr with device" 2 \ 598 red 2001:db8:114::1/64 2001:db8:2::1 "dummy1" 599} 600 601# Default VRF: 602# dummy0 - 198.51.100.1/24 2001:db8:1::1/64 603# veth0 - 192.0.2.1/24 2001:db8:51::1/64 604# 605# VRF red: 606# dummy1 - 192.168.2.1/24 2001:db8:2::1/64 607# veth1 - 192.0.2.2/24 2001:db8:51::2/64 608# 609# [ dummy0 veth0 ]--[ veth1 dummy1 ] 610 611fib_nexthop_test() 612{ 613 setup 614 615 set -e 616 617 $IP -4 rule add pref 32765 table local 618 $IP -4 rule del pref 0 619 $IP -6 rule add pref 32765 table local 620 $IP -6 rule del pref 0 621 622 $IP link add red type vrf table 1 623 $IP link set red up 624 $IP -4 route add vrf red unreachable default metric 4278198272 625 $IP -6 route add vrf red unreachable default metric 4278198272 626 627 $IP link add veth0 type veth peer name veth1 628 $IP link set dev veth0 up 629 $IP address add 192.0.2.1/24 dev veth0 630 $IP -6 address add 2001:db8:51::1/64 dev veth0 631 632 $IP link set dev veth1 vrf red up 633 $IP address add 192.0.2.2/24 dev veth1 634 $IP -6 address add 2001:db8:51::2/64 dev veth1 635 636 $IP link add dummy1 type dummy 637 $IP link set dev dummy1 vrf red up 638 $IP address add 192.168.2.1/24 dev dummy1 639 $IP -6 address add 2001:db8:2::1/64 dev dummy1 640 set +e 641 642 sleep 1 643 fib4_nexthop 644 fib6_nexthop 645 646 ( 647 $IP link del dev dummy1 648 $IP link del veth0 649 $IP link del red 650 ) 2>/dev/null 651 cleanup 652} 653 654fib6_notify_test() 655{ 656 setup 657 658 echo 659 echo "Fib6 info length calculation in route notify test" 660 set -e 661 662 for i in 10 20 30 40 50 60 70; 663 do 664 $IP link add dummy_$i type dummy 665 $IP link set dev dummy_$i up 666 $IP -6 address add 2001:$i::1/64 dev dummy_$i 667 done 668 669 $NS_EXEC ip monitor route &> errors.txt & 670 sleep 2 671 672 $IP -6 route add 2001::/64 \ 673 nexthop via 2001:10::2 dev dummy_10 \ 674 nexthop encap ip6 dst 2002::20 via 2001:20::2 dev dummy_20 \ 675 nexthop encap ip6 dst 2002::30 via 2001:30::2 dev dummy_30 \ 676 nexthop encap ip6 dst 2002::40 via 2001:40::2 dev dummy_40 \ 677 nexthop encap ip6 dst 2002::50 via 2001:50::2 dev dummy_50 \ 678 nexthop encap ip6 dst 2002::60 via 2001:60::2 dev dummy_60 \ 679 nexthop encap ip6 dst 2002::70 via 2001:70::2 dev dummy_70 680 681 set +e 682 683 err=`cat errors.txt |grep "Message too long"` 684 if [ -z "$err" ];then 685 ret=0 686 else 687 ret=1 688 fi 689 690 log_test $ret 0 "ipv6 route add notify" 691 692 { kill %% && wait %%; } 2>/dev/null 693 694 #rm errors.txt 695 696 cleanup &> /dev/null 697} 698 699 700fib_notify_test() 701{ 702 setup 703 704 echo 705 echo "Fib4 info length calculation in route notify test" 706 707 set -e 708 709 for i in 10 20 30 40 50 60 70; 710 do 711 $IP link add dummy_$i type dummy 712 $IP link set dev dummy_$i up 713 $IP address add 20.20.$i.2/24 dev dummy_$i 714 done 715 716 $NS_EXEC ip monitor route &> errors.txt & 717 sleep 2 718 719 $IP route add 10.0.0.0/24 \ 720 nexthop via 20.20.10.1 dev dummy_10 \ 721 nexthop encap ip dst 192.168.10.20 via 20.20.20.1 dev dummy_20 \ 722 nexthop encap ip dst 192.168.10.30 via 20.20.30.1 dev dummy_30 \ 723 nexthop encap ip dst 192.168.10.40 via 20.20.40.1 dev dummy_40 \ 724 nexthop encap ip dst 192.168.10.50 via 20.20.50.1 dev dummy_50 \ 725 nexthop encap ip dst 192.168.10.60 via 20.20.60.1 dev dummy_60 \ 726 nexthop encap ip dst 192.168.10.70 via 20.20.70.1 dev dummy_70 727 728 set +e 729 730 err=`cat errors.txt |grep "Message too long"` 731 if [ -z "$err" ];then 732 ret=0 733 else 734 ret=1 735 fi 736 737 log_test $ret 0 "ipv4 route add notify" 738 739 { kill %% && wait %%; } 2>/dev/null 740 741 rm errors.txt 742 743 cleanup &> /dev/null 744} 745 746fib6_gc_test() 747{ 748 setup 749 750 echo 751 echo "Fib6 garbage collection test" 752 set -e 753 754 EXPIRE=3 755 756 # Check expiration of routes every $EXPIRE seconds (GC) 757 $NS_EXEC sysctl -wq net.ipv6.route.gc_interval=$EXPIRE 758 759 $IP link add dummy_10 type dummy 760 $IP link set dev dummy_10 up 761 $IP -6 address add 2001:10::1/64 dev dummy_10 762 763 $NS_EXEC sysctl -wq net.ipv6.route.flush=1 764 765 # Temporary routes 766 for i in $(seq 1 1000); do 767 # Expire route after $EXPIRE seconds 768 $IP -6 route add 2001:20::$i \ 769 via 2001:10::2 dev dummy_10 expires $EXPIRE 770 done 771 sleep $(($EXPIRE * 2)) 772 N_EXP_SLEEP=$($IP -6 route list |grep expires|wc -l) 773 if [ $N_EXP_SLEEP -ne 0 ]; then 774 echo "FAIL: expected 0 routes with expires, got $N_EXP_SLEEP" 775 ret=1 776 else 777 ret=0 778 fi 779 780 # Permanent routes 781 for i in $(seq 1 5000); do 782 $IP -6 route add 2001:30::$i \ 783 via 2001:10::2 dev dummy_10 784 done 785 # Temporary routes 786 for i in $(seq 1 1000); do 787 # Expire route after $EXPIRE seconds 788 $IP -6 route add 2001:20::$i \ 789 via 2001:10::2 dev dummy_10 expires $EXPIRE 790 done 791 sleep $(($EXPIRE * 2)) 792 N_EXP_SLEEP=$($IP -6 route list |grep expires|wc -l) 793 if [ $N_EXP_SLEEP -ne 0 ]; then 794 echo "FAIL: expected 0 routes with expires," \ 795 "got $N_EXP_SLEEP (5000 permanent routes)" 796 ret=1 797 else 798 ret=0 799 fi 800 801 set +e 802 803 log_test $ret 0 "ipv6 route garbage collection" 804 805 cleanup &> /dev/null 806} 807 808fib_suppress_test() 809{ 810 echo 811 echo "FIB rule with suppress_prefixlength" 812 setup 813 814 $IP link add dummy1 type dummy 815 $IP link set dummy1 up 816 $IP -6 route add default dev dummy1 817 $IP -6 rule add table main suppress_prefixlength 0 818 ping -f -c 1000 -W 1 1234::1 >/dev/null 2>&1 819 $IP -6 rule del table main suppress_prefixlength 0 820 $IP link del dummy1 821 822 # If we got here without crashing, we're good. 823 log_test 0 0 "FIB rule suppress test" 824 825 cleanup 826} 827 828################################################################################ 829# Tests on route add and replace 830 831run_cmd() 832{ 833 local cmd="$1" 834 local out 835 local stderr="2>/dev/null" 836 837 if [ "$VERBOSE" = "1" ]; then 838 printf " COMMAND: $cmd\n" 839 stderr= 840 fi 841 842 out=$(eval $cmd $stderr) 843 rc=$? 844 if [ "$VERBOSE" = "1" -a -n "$out" ]; then 845 echo " $out" 846 fi 847 848 [ "$VERBOSE" = "1" ] && echo 849 850 return $rc 851} 852 853check_expected() 854{ 855 local out="$1" 856 local expected="$2" 857 local rc=0 858 859 [ "${out}" = "${expected}" ] && return 0 860 861 if [ -z "${out}" ]; then 862 if [ "$VERBOSE" = "1" ]; then 863 printf "\nNo route entry found\n" 864 printf "Expected:\n" 865 printf " ${expected}\n" 866 fi 867 return 1 868 fi 869 870 # tricky way to convert output to 1-line without ip's 871 # messy '\'; this drops all extra white space 872 out=$(echo ${out}) 873 if [ "${out}" != "${expected}" ]; then 874 rc=1 875 if [ "${VERBOSE}" = "1" ]; then 876 printf " Unexpected route entry. Have:\n" 877 printf " ${out}\n" 878 printf " Expected:\n" 879 printf " ${expected}\n\n" 880 fi 881 fi 882 883 return $rc 884} 885 886# add route for a prefix, flushing any existing routes first 887# expected to be the first step of a test 888add_route6() 889{ 890 local pfx="$1" 891 local nh="$2" 892 local out 893 894 if [ "$VERBOSE" = "1" ]; then 895 echo 896 echo " ##################################################" 897 echo 898 fi 899 900 run_cmd "$IP -6 ro flush ${pfx}" 901 [ $? -ne 0 ] && exit 1 902 903 out=$($IP -6 ro ls match ${pfx}) 904 if [ -n "$out" ]; then 905 echo "Failed to flush routes for prefix used for tests." 906 exit 1 907 fi 908 909 run_cmd "$IP -6 ro add ${pfx} ${nh}" 910 if [ $? -ne 0 ]; then 911 echo "Failed to add initial route for test." 912 exit 1 913 fi 914} 915 916# add initial route - used in replace route tests 917add_initial_route6() 918{ 919 add_route6 "2001:db8:104::/64" "$1" 920} 921 922check_route6() 923{ 924 local pfx 925 local expected="$1" 926 local out 927 local rc=0 928 929 set -- $expected 930 pfx=$1 931 932 out=$($IP -6 ro ls match ${pfx} | sed -e 's/ pref medium//') 933 check_expected "${out}" "${expected}" 934} 935 936route_cleanup() 937{ 938 $IP li del red 2>/dev/null 939 $IP li del dummy1 2>/dev/null 940 $IP li del veth1 2>/dev/null 941 $IP li del veth3 2>/dev/null 942 943 cleanup &> /dev/null 944} 945 946route_setup() 947{ 948 route_cleanup 949 setup 950 951 [ "${VERBOSE}" = "1" ] && set -x 952 set -e 953 954 setup_ns ns2 955 ip netns exec $ns2 sysctl -qw net.ipv4.ip_forward=1 956 ip netns exec $ns2 sysctl -qw net.ipv6.conf.all.forwarding=1 957 958 $IP li add veth1 type veth peer name veth2 959 $IP li add veth3 type veth peer name veth4 960 961 $IP li set veth1 up 962 $IP li set veth3 up 963 $IP li set veth2 netns $ns2 up 964 $IP li set veth4 netns $ns2 up 965 ip -netns $ns2 li add dummy1 type dummy 966 ip -netns $ns2 li set dummy1 up 967 968 $IP -6 addr add 2001:db8:101::1/64 dev veth1 nodad 969 $IP -6 addr add 2001:db8:103::1/64 dev veth3 nodad 970 $IP addr add 172.16.101.1/24 dev veth1 971 $IP addr add 172.16.103.1/24 dev veth3 972 973 ip -netns $ns2 -6 addr add 2001:db8:101::2/64 dev veth2 nodad 974 ip -netns $ns2 -6 addr add 2001:db8:103::2/64 dev veth4 nodad 975 ip -netns $ns2 -6 addr add 2001:db8:104::1/64 dev dummy1 nodad 976 977 ip -netns $ns2 addr add 172.16.101.2/24 dev veth2 978 ip -netns $ns2 addr add 172.16.103.2/24 dev veth4 979 ip -netns $ns2 addr add 172.16.104.1/24 dev dummy1 980 981 set +e 982} 983 984# assumption is that basic add of a single path route works 985# otherwise just adding an address on an interface is broken 986ipv6_rt_add() 987{ 988 local rc 989 990 echo 991 echo "IPv6 route add / append tests" 992 993 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL 994 add_route6 "2001:db8:104::/64" "via 2001:db8:101::2" 995 run_cmd "$IP -6 ro add 2001:db8:104::/64 via 2001:db8:103::2" 996 log_test $? 2 "Attempt to add duplicate route - gw" 997 998 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL 999 add_route6 "2001:db8:104::/64" "via 2001:db8:101::2" 1000 run_cmd "$IP -6 ro add 2001:db8:104::/64 dev veth3" 1001 log_test $? 2 "Attempt to add duplicate route - dev only" 1002 1003 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL 1004 add_route6 "2001:db8:104::/64" "via 2001:db8:101::2" 1005 run_cmd "$IP -6 ro add unreachable 2001:db8:104::/64" 1006 log_test $? 2 "Attempt to add duplicate route - reject route" 1007 1008 # route append with same prefix adds a new route 1009 # - iproute2 sets NLM_F_CREATE | NLM_F_APPEND 1010 add_route6 "2001:db8:104::/64" "via 2001:db8:101::2" 1011 run_cmd "$IP -6 ro append 2001:db8:104::/64 via 2001:db8:103::2" 1012 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1" 1013 log_test $? 0 "Append nexthop to existing route - gw" 1014 1015 # insert mpath directly 1016 add_route6 "2001:db8:104::/64" "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2" 1017 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1" 1018 log_test $? 0 "Add multipath route" 1019 1020 add_route6 "2001:db8:104::/64" "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2" 1021 run_cmd "$IP -6 ro add 2001:db8:104::/64 nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2" 1022 log_test $? 2 "Attempt to add duplicate multipath route" 1023 1024 # insert of a second route without append but different metric 1025 add_route6 "2001:db8:104::/64" "via 2001:db8:101::2" 1026 run_cmd "$IP -6 ro add 2001:db8:104::/64 via 2001:db8:103::2 metric 512" 1027 rc=$? 1028 if [ $rc -eq 0 ]; then 1029 run_cmd "$IP -6 ro add 2001:db8:104::/64 via 2001:db8:103::3 metric 256" 1030 rc=$? 1031 fi 1032 log_test $rc 0 "Route add with different metrics" 1033 1034 run_cmd "$IP -6 ro del 2001:db8:104::/64 metric 512" 1035 rc=$? 1036 if [ $rc -eq 0 ]; then 1037 check_route6 "2001:db8:104::/64 via 2001:db8:103::3 dev veth3 metric 256 2001:db8:104::/64 via 2001:db8:101::2 dev veth1 metric 1024" 1038 rc=$? 1039 fi 1040 log_test $rc 0 "Route delete with metric" 1041} 1042 1043ipv6_rt_replace_single() 1044{ 1045 # single path with single path 1046 # 1047 add_initial_route6 "via 2001:db8:101::2" 1048 run_cmd "$IP -6 ro replace 2001:db8:104::/64 via 2001:db8:103::2" 1049 check_route6 "2001:db8:104::/64 via 2001:db8:103::2 dev veth3 metric 1024" 1050 log_test $? 0 "Single path with single path" 1051 1052 # single path with multipath 1053 # 1054 add_initial_route6 "nexthop via 2001:db8:101::2" 1055 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:103::2" 1056 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::3 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1" 1057 log_test $? 0 "Single path with multipath" 1058 1059 # single path with single path using MULTIPATH attribute 1060 # 1061 add_initial_route6 "via 2001:db8:101::2" 1062 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:103::2" 1063 check_route6 "2001:db8:104::/64 via 2001:db8:103::2 dev veth3 metric 1024" 1064 log_test $? 0 "Single path with single path via multipath attribute" 1065 1066 # route replace fails - invalid nexthop 1067 add_initial_route6 "via 2001:db8:101::2" 1068 run_cmd "$IP -6 ro replace 2001:db8:104::/64 via 2001:db8:104::2" 1069 if [ $? -eq 0 ]; then 1070 # previous command is expected to fail so if it returns 0 1071 # that means the test failed. 1072 log_test 0 1 "Invalid nexthop" 1073 else 1074 check_route6 "2001:db8:104::/64 via 2001:db8:101::2 dev veth1 metric 1024" 1075 log_test $? 0 "Invalid nexthop" 1076 fi 1077 1078 # replace non-existent route 1079 # - note use of change versus replace since ip adds NLM_F_CREATE 1080 # for replace 1081 add_initial_route6 "via 2001:db8:101::2" 1082 run_cmd "$IP -6 ro change 2001:db8:105::/64 via 2001:db8:101::2" 1083 log_test $? 2 "Single path - replace of non-existent route" 1084} 1085 1086ipv6_rt_replace_mpath() 1087{ 1088 # multipath with multipath 1089 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2" 1090 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:103::3" 1091 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::3 dev veth1 weight 1 nexthop via 2001:db8:103::3 dev veth3 weight 1" 1092 log_test $? 0 "Multipath with multipath" 1093 1094 # multipath with single 1095 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2" 1096 run_cmd "$IP -6 ro replace 2001:db8:104::/64 via 2001:db8:101::3" 1097 check_route6 "2001:db8:104::/64 via 2001:db8:101::3 dev veth1 metric 1024" 1098 log_test $? 0 "Multipath with single path" 1099 1100 # multipath with single 1101 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2" 1102 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3" 1103 check_route6 "2001:db8:104::/64 via 2001:db8:101::3 dev veth1 metric 1024" 1104 log_test $? 0 "Multipath with single path via multipath attribute" 1105 1106 # multipath with dev-only 1107 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2" 1108 run_cmd "$IP -6 ro replace 2001:db8:104::/64 dev veth1" 1109 check_route6 "2001:db8:104::/64 dev veth1 metric 1024" 1110 log_test $? 0 "Multipath with dev-only" 1111 1112 # route replace fails - invalid nexthop 1 1113 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2" 1114 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:111::3 nexthop via 2001:db8:103::3" 1115 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1" 1116 log_test $? 0 "Multipath - invalid first nexthop" 1117 1118 # route replace fails - invalid nexthop 2 1119 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2" 1120 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:113::3" 1121 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1" 1122 log_test $? 0 "Multipath - invalid second nexthop" 1123 1124 # multipath non-existent route 1125 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2" 1126 run_cmd "$IP -6 ro change 2001:db8:105::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:103::3" 1127 log_test $? 2 "Multipath - replace of non-existent route" 1128} 1129 1130ipv6_rt_replace() 1131{ 1132 echo 1133 echo "IPv6 route replace tests" 1134 1135 ipv6_rt_replace_single 1136 ipv6_rt_replace_mpath 1137} 1138 1139ipv6_rt_dsfield() 1140{ 1141 echo 1142 echo "IPv6 route with dsfield tests" 1143 1144 run_cmd "$IP -6 route flush 2001:db8:102::/64" 1145 1146 # IPv6 doesn't support routing based on dsfield 1147 run_cmd "$IP -6 route add 2001:db8:102::/64 dsfield 0x04 via 2001:db8:101::2" 1148 log_test $? 2 "Reject route with dsfield" 1149} 1150 1151ipv6_route_test() 1152{ 1153 route_setup 1154 1155 ipv6_rt_add 1156 ipv6_rt_replace 1157 ipv6_rt_dsfield 1158 1159 route_cleanup 1160} 1161 1162ip_addr_metric_check() 1163{ 1164 ip addr help 2>&1 | grep -q metric 1165 if [ $? -ne 0 ]; then 1166 echo "iproute2 command does not support metric for addresses. Skipping test" 1167 return 1 1168 fi 1169 1170 return 0 1171} 1172 1173ipv6_addr_metric_test() 1174{ 1175 local rc 1176 1177 echo 1178 echo "IPv6 prefix route tests" 1179 1180 ip_addr_metric_check || return 1 1181 1182 setup 1183 1184 set -e 1185 $IP li add dummy1 type dummy 1186 $IP li add dummy2 type dummy 1187 $IP li set dummy1 up 1188 $IP li set dummy2 up 1189 1190 # default entry is metric 256 1191 run_cmd "$IP -6 addr add dev dummy1 2001:db8:104::1/64" 1192 run_cmd "$IP -6 addr add dev dummy2 2001:db8:104::2/64" 1193 set +e 1194 1195 check_route6 "2001:db8:104::/64 dev dummy1 proto kernel metric 256 2001:db8:104::/64 dev dummy2 proto kernel metric 256" 1196 log_test $? 0 "Default metric" 1197 1198 set -e 1199 run_cmd "$IP -6 addr flush dev dummy1" 1200 run_cmd "$IP -6 addr add dev dummy1 2001:db8:104::1/64 metric 257" 1201 set +e 1202 1203 check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 256 2001:db8:104::/64 dev dummy1 proto kernel metric 257" 1204 log_test $? 0 "User specified metric on first device" 1205 1206 set -e 1207 run_cmd "$IP -6 addr flush dev dummy2" 1208 run_cmd "$IP -6 addr add dev dummy2 2001:db8:104::2/64 metric 258" 1209 set +e 1210 1211 check_route6 "2001:db8:104::/64 dev dummy1 proto kernel metric 257 2001:db8:104::/64 dev dummy2 proto kernel metric 258" 1212 log_test $? 0 "User specified metric on second device" 1213 1214 run_cmd "$IP -6 addr del dev dummy1 2001:db8:104::1/64 metric 257" 1215 rc=$? 1216 if [ $rc -eq 0 ]; then 1217 check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 258" 1218 rc=$? 1219 fi 1220 log_test $rc 0 "Delete of address on first device" 1221 1222 run_cmd "$IP -6 addr change dev dummy2 2001:db8:104::2/64 metric 259" 1223 rc=$? 1224 if [ $rc -eq 0 ]; then 1225 check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 259" 1226 rc=$? 1227 fi 1228 log_test $rc 0 "Modify metric of address" 1229 1230 # verify prefix route removed on down 1231 run_cmd "ip netns exec $ns1 sysctl -qw net.ipv6.conf.all.keep_addr_on_down=1" 1232 run_cmd "$IP li set dev dummy2 down" 1233 rc=$? 1234 if [ $rc -eq 0 ]; then 1235 out=$($IP -6 ro ls match 2001:db8:104::/64) 1236 check_expected "${out}" "" 1237 rc=$? 1238 fi 1239 log_test $rc 0 "Prefix route removed on link down" 1240 1241 # verify prefix route re-inserted with assigned metric 1242 run_cmd "$IP li set dev dummy2 up" 1243 rc=$? 1244 if [ $rc -eq 0 ]; then 1245 check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 259" 1246 rc=$? 1247 fi 1248 log_test $rc 0 "Prefix route with metric on link up" 1249 1250 # verify peer metric added correctly 1251 set -e 1252 run_cmd "$IP -6 addr flush dev dummy2" 1253 run_cmd "$IP -6 addr add dev dummy2 2001:db8:104::1 peer 2001:db8:104::2 metric 260" 1254 set +e 1255 1256 check_route6 "2001:db8:104::1 dev dummy2 proto kernel metric 260" 1257 log_test $? 0 "Set metric with peer route on local side" 1258 check_route6 "2001:db8:104::2 dev dummy2 proto kernel metric 260" 1259 log_test $? 0 "Set metric with peer route on peer side" 1260 1261 set -e 1262 run_cmd "$IP -6 addr change dev dummy2 2001:db8:104::1 peer 2001:db8:104::3 metric 261" 1263 set +e 1264 1265 check_route6 "2001:db8:104::1 dev dummy2 proto kernel metric 261" 1266 log_test $? 0 "Modify metric and peer address on local side" 1267 check_route6 "2001:db8:104::3 dev dummy2 proto kernel metric 261" 1268 log_test $? 0 "Modify metric and peer address on peer side" 1269 1270 $IP li del dummy1 1271 $IP li del dummy2 1272 cleanup 1273} 1274 1275ipv6_route_metrics_test() 1276{ 1277 local rc 1278 1279 echo 1280 echo "IPv6 routes with metrics" 1281 1282 route_setup 1283 1284 # 1285 # single path with metrics 1286 # 1287 run_cmd "$IP -6 ro add 2001:db8:111::/64 via 2001:db8:101::2 mtu 1400" 1288 rc=$? 1289 if [ $rc -eq 0 ]; then 1290 check_route6 "2001:db8:111::/64 via 2001:db8:101::2 dev veth1 metric 1024 mtu 1400" 1291 rc=$? 1292 fi 1293 log_test $rc 0 "Single path route with mtu metric" 1294 1295 1296 # 1297 # multipath via separate routes with metrics 1298 # 1299 run_cmd "$IP -6 ro add 2001:db8:112::/64 via 2001:db8:101::2 mtu 1400" 1300 run_cmd "$IP -6 ro append 2001:db8:112::/64 via 2001:db8:103::2" 1301 rc=$? 1302 if [ $rc -eq 0 ]; then 1303 check_route6 "2001:db8:112::/64 metric 1024 mtu 1400 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1" 1304 rc=$? 1305 fi 1306 log_test $rc 0 "Multipath route via 2 single routes with mtu metric on first" 1307 1308 # second route is coalesced to first to make a multipath route. 1309 # MTU of the second path is hidden from display! 1310 run_cmd "$IP -6 ro add 2001:db8:113::/64 via 2001:db8:101::2" 1311 run_cmd "$IP -6 ro append 2001:db8:113::/64 via 2001:db8:103::2 mtu 1400" 1312 rc=$? 1313 if [ $rc -eq 0 ]; then 1314 check_route6 "2001:db8:113::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1" 1315 rc=$? 1316 fi 1317 log_test $rc 0 "Multipath route via 2 single routes with mtu metric on 2nd" 1318 1319 run_cmd "$IP -6 ro del 2001:db8:113::/64 via 2001:db8:101::2" 1320 if [ $? -eq 0 ]; then 1321 check_route6 "2001:db8:113::/64 via 2001:db8:103::2 dev veth3 metric 1024 mtu 1400" 1322 log_test $? 0 " MTU of second leg" 1323 fi 1324 1325 # 1326 # multipath with metrics 1327 # 1328 run_cmd "$IP -6 ro add 2001:db8:115::/64 mtu 1400 nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2" 1329 rc=$? 1330 if [ $rc -eq 0 ]; then 1331 check_route6 "2001:db8:115::/64 metric 1024 mtu 1400 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1" 1332 rc=$? 1333 fi 1334 log_test $rc 0 "Multipath route with mtu metric" 1335 1336 $IP -6 ro add 2001:db8:104::/64 via 2001:db8:101::2 mtu 1300 1337 run_cmd "ip netns exec $ns1 ${ping6} -w1 -c1 -s 1500 2001:db8:104::1" 1338 log_test $? 0 "Using route with mtu metric" 1339 1340 run_cmd "$IP -6 ro add 2001:db8:114::/64 via 2001:db8:101::2 congctl lock foo" 1341 log_test $? 2 "Invalid metric (fails metric_convert)" 1342 1343 route_cleanup 1344} 1345 1346# add route for a prefix, flushing any existing routes first 1347# expected to be the first step of a test 1348add_route() 1349{ 1350 local pfx="$1" 1351 local nh="$2" 1352 local out 1353 1354 if [ "$VERBOSE" = "1" ]; then 1355 echo 1356 echo " ##################################################" 1357 echo 1358 fi 1359 1360 run_cmd "$IP ro flush ${pfx}" 1361 [ $? -ne 0 ] && exit 1 1362 1363 out=$($IP ro ls match ${pfx}) 1364 if [ -n "$out" ]; then 1365 echo "Failed to flush routes for prefix used for tests." 1366 exit 1 1367 fi 1368 1369 run_cmd "$IP ro add ${pfx} ${nh}" 1370 if [ $? -ne 0 ]; then 1371 echo "Failed to add initial route for test." 1372 exit 1 1373 fi 1374} 1375 1376# add initial route - used in replace route tests 1377add_initial_route() 1378{ 1379 add_route "172.16.104.0/24" "$1" 1380} 1381 1382check_route() 1383{ 1384 local pfx 1385 local expected="$1" 1386 local out 1387 1388 set -- $expected 1389 pfx=$1 1390 [ "${pfx}" = "unreachable" ] && pfx=$2 1391 1392 out=$($IP ro ls match ${pfx}) 1393 check_expected "${out}" "${expected}" 1394} 1395 1396# assumption is that basic add of a single path route works 1397# otherwise just adding an address on an interface is broken 1398ipv4_rt_add() 1399{ 1400 local rc 1401 1402 echo 1403 echo "IPv4 route add / append tests" 1404 1405 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL 1406 add_route "172.16.104.0/24" "via 172.16.101.2" 1407 run_cmd "$IP ro add 172.16.104.0/24 via 172.16.103.2" 1408 log_test $? 2 "Attempt to add duplicate route - gw" 1409 1410 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL 1411 add_route "172.16.104.0/24" "via 172.16.101.2" 1412 run_cmd "$IP ro add 172.16.104.0/24 dev veth3" 1413 log_test $? 2 "Attempt to add duplicate route - dev only" 1414 1415 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL 1416 add_route "172.16.104.0/24" "via 172.16.101.2" 1417 run_cmd "$IP ro add unreachable 172.16.104.0/24" 1418 log_test $? 2 "Attempt to add duplicate route - reject route" 1419 1420 # iproute2 prepend only sets NLM_F_CREATE 1421 # - adds a new route; does NOT convert existing route to ECMP 1422 add_route "172.16.104.0/24" "via 172.16.101.2" 1423 run_cmd "$IP ro prepend 172.16.104.0/24 via 172.16.103.2" 1424 check_route "172.16.104.0/24 via 172.16.103.2 dev veth3 172.16.104.0/24 via 172.16.101.2 dev veth1" 1425 log_test $? 0 "Add new nexthop for existing prefix" 1426 1427 # route append with same prefix adds a new route 1428 # - iproute2 sets NLM_F_CREATE | NLM_F_APPEND 1429 add_route "172.16.104.0/24" "via 172.16.101.2" 1430 run_cmd "$IP ro append 172.16.104.0/24 via 172.16.103.2" 1431 check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 172.16.104.0/24 via 172.16.103.2 dev veth3" 1432 log_test $? 0 "Append nexthop to existing route - gw" 1433 1434 add_route "172.16.104.0/24" "via 172.16.101.2" 1435 run_cmd "$IP ro append 172.16.104.0/24 dev veth3" 1436 check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 172.16.104.0/24 dev veth3 scope link" 1437 log_test $? 0 "Append nexthop to existing route - dev only" 1438 1439 add_route "172.16.104.0/24" "via 172.16.101.2" 1440 run_cmd "$IP ro append unreachable 172.16.104.0/24" 1441 check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 unreachable 172.16.104.0/24" 1442 log_test $? 0 "Append nexthop to existing route - reject route" 1443 1444 run_cmd "$IP ro flush 172.16.104.0/24" 1445 run_cmd "$IP ro add unreachable 172.16.104.0/24" 1446 run_cmd "$IP ro append 172.16.104.0/24 via 172.16.103.2" 1447 check_route "unreachable 172.16.104.0/24 172.16.104.0/24 via 172.16.103.2 dev veth3" 1448 log_test $? 0 "Append nexthop to existing reject route - gw" 1449 1450 run_cmd "$IP ro flush 172.16.104.0/24" 1451 run_cmd "$IP ro add unreachable 172.16.104.0/24" 1452 run_cmd "$IP ro append 172.16.104.0/24 dev veth3" 1453 check_route "unreachable 172.16.104.0/24 172.16.104.0/24 dev veth3 scope link" 1454 log_test $? 0 "Append nexthop to existing reject route - dev only" 1455 1456 # insert mpath directly 1457 add_route "172.16.104.0/24" "nexthop via 172.16.101.2 nexthop via 172.16.103.2" 1458 check_route "172.16.104.0/24 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1" 1459 log_test $? 0 "add multipath route" 1460 1461 add_route "172.16.104.0/24" "nexthop via 172.16.101.2 nexthop via 172.16.103.2" 1462 run_cmd "$IP ro add 172.16.104.0/24 nexthop via 172.16.101.2 nexthop via 172.16.103.2" 1463 log_test $? 2 "Attempt to add duplicate multipath route" 1464 1465 # insert of a second route without append but different metric 1466 add_route "172.16.104.0/24" "via 172.16.101.2" 1467 run_cmd "$IP ro add 172.16.104.0/24 via 172.16.103.2 metric 512" 1468 rc=$? 1469 if [ $rc -eq 0 ]; then 1470 run_cmd "$IP ro add 172.16.104.0/24 via 172.16.103.3 metric 256" 1471 rc=$? 1472 fi 1473 log_test $rc 0 "Route add with different metrics" 1474 1475 run_cmd "$IP ro del 172.16.104.0/24 metric 512" 1476 rc=$? 1477 if [ $rc -eq 0 ]; then 1478 check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 172.16.104.0/24 via 172.16.103.3 dev veth3 metric 256" 1479 rc=$? 1480 fi 1481 log_test $rc 0 "Route delete with metric" 1482} 1483 1484ipv4_rt_replace_single() 1485{ 1486 # single path with single path 1487 # 1488 add_initial_route "via 172.16.101.2" 1489 run_cmd "$IP ro replace 172.16.104.0/24 via 172.16.103.2" 1490 check_route "172.16.104.0/24 via 172.16.103.2 dev veth3" 1491 log_test $? 0 "Single path with single path" 1492 1493 # single path with multipath 1494 # 1495 add_initial_route "nexthop via 172.16.101.2" 1496 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3 nexthop via 172.16.103.2" 1497 check_route "172.16.104.0/24 nexthop via 172.16.101.3 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1" 1498 log_test $? 0 "Single path with multipath" 1499 1500 # single path with reject 1501 # 1502 add_initial_route "nexthop via 172.16.101.2" 1503 run_cmd "$IP ro replace unreachable 172.16.104.0/24" 1504 check_route "unreachable 172.16.104.0/24" 1505 log_test $? 0 "Single path with reject route" 1506 1507 # single path with single path using MULTIPATH attribute 1508 # 1509 add_initial_route "via 172.16.101.2" 1510 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.103.2" 1511 check_route "172.16.104.0/24 via 172.16.103.2 dev veth3" 1512 log_test $? 0 "Single path with single path via multipath attribute" 1513 1514 # route replace fails - invalid nexthop 1515 add_initial_route "via 172.16.101.2" 1516 run_cmd "$IP ro replace 172.16.104.0/24 via 2001:db8:104::2" 1517 if [ $? -eq 0 ]; then 1518 # previous command is expected to fail so if it returns 0 1519 # that means the test failed. 1520 log_test 0 1 "Invalid nexthop" 1521 else 1522 check_route "172.16.104.0/24 via 172.16.101.2 dev veth1" 1523 log_test $? 0 "Invalid nexthop" 1524 fi 1525 1526 # replace non-existent route 1527 # - note use of change versus replace since ip adds NLM_F_CREATE 1528 # for replace 1529 add_initial_route "via 172.16.101.2" 1530 run_cmd "$IP ro change 172.16.105.0/24 via 172.16.101.2" 1531 log_test $? 2 "Single path - replace of non-existent route" 1532} 1533 1534ipv4_rt_replace_mpath() 1535{ 1536 # multipath with multipath 1537 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2" 1538 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3 nexthop via 172.16.103.3" 1539 check_route "172.16.104.0/24 nexthop via 172.16.101.3 dev veth1 weight 1 nexthop via 172.16.103.3 dev veth3 weight 1" 1540 log_test $? 0 "Multipath with multipath" 1541 1542 # multipath with single 1543 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2" 1544 run_cmd "$IP ro replace 172.16.104.0/24 via 172.16.101.3" 1545 check_route "172.16.104.0/24 via 172.16.101.3 dev veth1" 1546 log_test $? 0 "Multipath with single path" 1547 1548 # multipath with single 1549 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2" 1550 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3" 1551 check_route "172.16.104.0/24 via 172.16.101.3 dev veth1" 1552 log_test $? 0 "Multipath with single path via multipath attribute" 1553 1554 # multipath with reject 1555 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2" 1556 run_cmd "$IP ro replace unreachable 172.16.104.0/24" 1557 check_route "unreachable 172.16.104.0/24" 1558 log_test $? 0 "Multipath with reject route" 1559 1560 # route replace fails - invalid nexthop 1 1561 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2" 1562 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.111.3 nexthop via 172.16.103.3" 1563 check_route "172.16.104.0/24 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1" 1564 log_test $? 0 "Multipath - invalid first nexthop" 1565 1566 # route replace fails - invalid nexthop 2 1567 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2" 1568 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3 nexthop via 172.16.113.3" 1569 check_route "172.16.104.0/24 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1" 1570 log_test $? 0 "Multipath - invalid second nexthop" 1571 1572 # multipath non-existent route 1573 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2" 1574 run_cmd "$IP ro change 172.16.105.0/24 nexthop via 172.16.101.3 nexthop via 172.16.103.3" 1575 log_test $? 2 "Multipath - replace of non-existent route" 1576} 1577 1578ipv4_rt_replace() 1579{ 1580 echo 1581 echo "IPv4 route replace tests" 1582 1583 ipv4_rt_replace_single 1584 ipv4_rt_replace_mpath 1585} 1586 1587# checks that cached input route on VRF port is deleted 1588# when VRF is deleted 1589ipv4_local_rt_cache() 1590{ 1591 run_cmd "ip addr add 10.0.0.1/32 dev lo" 1592 run_cmd "setup_ns test-ns" 1593 run_cmd "ip link add veth-outside type veth peer name veth-inside" 1594 run_cmd "ip link add vrf-100 type vrf table 1100" 1595 run_cmd "ip link set veth-outside master vrf-100" 1596 run_cmd "ip link set veth-inside netns $test-ns" 1597 run_cmd "ip link set veth-outside up" 1598 run_cmd "ip link set vrf-100 up" 1599 run_cmd "ip route add 10.1.1.1/32 dev veth-outside table 1100" 1600 run_cmd "ip netns exec $test-ns ip link set veth-inside up" 1601 run_cmd "ip netns exec $test-ns ip addr add 10.1.1.1/32 dev veth-inside" 1602 run_cmd "ip netns exec $test-ns ip route add 10.0.0.1/32 dev veth-inside" 1603 run_cmd "ip netns exec $test-ns ip route add default via 10.0.0.1" 1604 run_cmd "ip netns exec $test-ns ping 10.0.0.1 -c 1 -i 1" 1605 run_cmd "ip link delete vrf-100" 1606 1607 # if we do not hang test is a success 1608 log_test $? 0 "Cached route removed from VRF port device" 1609} 1610 1611ipv4_rt_dsfield() 1612{ 1613 echo 1614 echo "IPv4 route with dsfield tests" 1615 1616 run_cmd "$IP route flush 172.16.102.0/24" 1617 1618 # New routes should reject dsfield options that interfere with ECN 1619 run_cmd "$IP route add 172.16.102.0/24 dsfield 0x01 via 172.16.101.2" 1620 log_test $? 2 "Reject route with dsfield 0x01" 1621 1622 run_cmd "$IP route add 172.16.102.0/24 dsfield 0x02 via 172.16.101.2" 1623 log_test $? 2 "Reject route with dsfield 0x02" 1624 1625 run_cmd "$IP route add 172.16.102.0/24 dsfield 0x03 via 172.16.101.2" 1626 log_test $? 2 "Reject route with dsfield 0x03" 1627 1628 # A generic route that doesn't take DSCP into account 1629 run_cmd "$IP route add 172.16.102.0/24 via 172.16.101.2" 1630 1631 # A more specific route for DSCP 0x10 1632 run_cmd "$IP route add 172.16.102.0/24 dsfield 0x10 via 172.16.103.2" 1633 1634 # DSCP 0x10 should match the specific route, no matter the ECN bits 1635 $IP route get fibmatch 172.16.102.1 dsfield 0x10 | \ 1636 grep -q "via 172.16.103.2" 1637 log_test $? 0 "IPv4 route with DSCP and ECN:Not-ECT" 1638 1639 $IP route get fibmatch 172.16.102.1 dsfield 0x11 | \ 1640 grep -q "via 172.16.103.2" 1641 log_test $? 0 "IPv4 route with DSCP and ECN:ECT(1)" 1642 1643 $IP route get fibmatch 172.16.102.1 dsfield 0x12 | \ 1644 grep -q "via 172.16.103.2" 1645 log_test $? 0 "IPv4 route with DSCP and ECN:ECT(0)" 1646 1647 $IP route get fibmatch 172.16.102.1 dsfield 0x13 | \ 1648 grep -q "via 172.16.103.2" 1649 log_test $? 0 "IPv4 route with DSCP and ECN:CE" 1650 1651 # Unknown DSCP should match the generic route, no matter the ECN bits 1652 $IP route get fibmatch 172.16.102.1 dsfield 0x14 | \ 1653 grep -q "via 172.16.101.2" 1654 log_test $? 0 "IPv4 route with unknown DSCP and ECN:Not-ECT" 1655 1656 $IP route get fibmatch 172.16.102.1 dsfield 0x15 | \ 1657 grep -q "via 172.16.101.2" 1658 log_test $? 0 "IPv4 route with unknown DSCP and ECN:ECT(1)" 1659 1660 $IP route get fibmatch 172.16.102.1 dsfield 0x16 | \ 1661 grep -q "via 172.16.101.2" 1662 log_test $? 0 "IPv4 route with unknown DSCP and ECN:ECT(0)" 1663 1664 $IP route get fibmatch 172.16.102.1 dsfield 0x17 | \ 1665 grep -q "via 172.16.101.2" 1666 log_test $? 0 "IPv4 route with unknown DSCP and ECN:CE" 1667 1668 # Null DSCP should match the generic route, no matter the ECN bits 1669 $IP route get fibmatch 172.16.102.1 dsfield 0x00 | \ 1670 grep -q "via 172.16.101.2" 1671 log_test $? 0 "IPv4 route with no DSCP and ECN:Not-ECT" 1672 1673 $IP route get fibmatch 172.16.102.1 dsfield 0x01 | \ 1674 grep -q "via 172.16.101.2" 1675 log_test $? 0 "IPv4 route with no DSCP and ECN:ECT(1)" 1676 1677 $IP route get fibmatch 172.16.102.1 dsfield 0x02 | \ 1678 grep -q "via 172.16.101.2" 1679 log_test $? 0 "IPv4 route with no DSCP and ECN:ECT(0)" 1680 1681 $IP route get fibmatch 172.16.102.1 dsfield 0x03 | \ 1682 grep -q "via 172.16.101.2" 1683 log_test $? 0 "IPv4 route with no DSCP and ECN:CE" 1684} 1685 1686ipv4_route_test() 1687{ 1688 route_setup 1689 1690 ipv4_rt_add 1691 ipv4_rt_replace 1692 ipv4_local_rt_cache 1693 ipv4_rt_dsfield 1694 1695 route_cleanup 1696} 1697 1698ipv4_addr_metric_test() 1699{ 1700 local rc 1701 1702 echo 1703 echo "IPv4 prefix route tests" 1704 1705 ip_addr_metric_check || return 1 1706 1707 setup 1708 1709 set -e 1710 $IP li add dummy1 type dummy 1711 $IP li add dummy2 type dummy 1712 $IP li set dummy1 up 1713 $IP li set dummy2 up 1714 1715 # default entry is metric 256 1716 run_cmd "$IP addr add dev dummy1 172.16.104.1/24" 1717 run_cmd "$IP addr add dev dummy2 172.16.104.2/24" 1718 set +e 1719 1720 check_route "172.16.104.0/24 dev dummy1 proto kernel scope link src 172.16.104.1 172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2" 1721 log_test $? 0 "Default metric" 1722 1723 set -e 1724 run_cmd "$IP addr flush dev dummy1" 1725 run_cmd "$IP addr add dev dummy1 172.16.104.1/24 metric 257" 1726 set +e 1727 1728 check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 172.16.104.0/24 dev dummy1 proto kernel scope link src 172.16.104.1 metric 257" 1729 log_test $? 0 "User specified metric on first device" 1730 1731 set -e 1732 run_cmd "$IP addr flush dev dummy2" 1733 run_cmd "$IP addr add dev dummy2 172.16.104.2/24 metric 258" 1734 set +e 1735 1736 check_route "172.16.104.0/24 dev dummy1 proto kernel scope link src 172.16.104.1 metric 257 172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 258" 1737 log_test $? 0 "User specified metric on second device" 1738 1739 run_cmd "$IP addr del dev dummy1 172.16.104.1/24 metric 257" 1740 rc=$? 1741 if [ $rc -eq 0 ]; then 1742 check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 258" 1743 rc=$? 1744 fi 1745 log_test $rc 0 "Delete of address on first device" 1746 1747 run_cmd "$IP addr change dev dummy2 172.16.104.2/24 metric 259" 1748 rc=$? 1749 if [ $rc -eq 0 ]; then 1750 check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 259" 1751 rc=$? 1752 fi 1753 log_test $rc 0 "Modify metric of address" 1754 1755 # verify prefix route removed on down 1756 run_cmd "$IP li set dev dummy2 down" 1757 rc=$? 1758 if [ $rc -eq 0 ]; then 1759 out=$($IP ro ls match 172.16.104.0/24) 1760 check_expected "${out}" "" 1761 rc=$? 1762 fi 1763 log_test $rc 0 "Prefix route removed on link down" 1764 1765 # verify prefix route re-inserted with assigned metric 1766 run_cmd "$IP li set dev dummy2 up" 1767 rc=$? 1768 if [ $rc -eq 0 ]; then 1769 check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 259" 1770 rc=$? 1771 fi 1772 log_test $rc 0 "Prefix route with metric on link up" 1773 1774 # explicitly check for metric changes on edge scenarios 1775 run_cmd "$IP addr flush dev dummy2" 1776 run_cmd "$IP addr add dev dummy2 172.16.104.0/24 metric 259" 1777 run_cmd "$IP addr change dev dummy2 172.16.104.0/24 metric 260" 1778 rc=$? 1779 if [ $rc -eq 0 ]; then 1780 check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.0 metric 260" 1781 rc=$? 1782 fi 1783 log_test $rc 0 "Modify metric of .0/24 address" 1784 1785 run_cmd "$IP addr flush dev dummy2" 1786 run_cmd "$IP addr add dev dummy2 172.16.104.1/32 peer 172.16.104.2 metric 260" 1787 rc=$? 1788 if [ $rc -eq 0 ]; then 1789 check_route "172.16.104.2 dev dummy2 proto kernel scope link src 172.16.104.1 metric 260" 1790 rc=$? 1791 fi 1792 log_test $rc 0 "Set metric of address with peer route" 1793 1794 run_cmd "$IP addr change dev dummy2 172.16.104.1/32 peer 172.16.104.3 metric 261" 1795 rc=$? 1796 if [ $rc -eq 0 ]; then 1797 check_route "172.16.104.3 dev dummy2 proto kernel scope link src 172.16.104.1 metric 261" 1798 rc=$? 1799 fi 1800 log_test $rc 0 "Modify metric and peer address for peer route" 1801 1802 $IP li del dummy1 1803 $IP li del dummy2 1804 cleanup 1805} 1806 1807ipv4_route_metrics_test() 1808{ 1809 local rc 1810 1811 echo 1812 echo "IPv4 route add / append tests" 1813 1814 route_setup 1815 1816 run_cmd "$IP ro add 172.16.111.0/24 via 172.16.101.2 mtu 1400" 1817 rc=$? 1818 if [ $rc -eq 0 ]; then 1819 check_route "172.16.111.0/24 via 172.16.101.2 dev veth1 mtu 1400" 1820 rc=$? 1821 fi 1822 log_test $rc 0 "Single path route with mtu metric" 1823 1824 1825 run_cmd "$IP ro add 172.16.112.0/24 mtu 1400 nexthop via 172.16.101.2 nexthop via 172.16.103.2" 1826 rc=$? 1827 if [ $rc -eq 0 ]; then 1828 check_route "172.16.112.0/24 mtu 1400 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1" 1829 rc=$? 1830 fi 1831 log_test $rc 0 "Multipath route with mtu metric" 1832 1833 $IP ro add 172.16.104.0/24 via 172.16.101.2 mtu 1300 1834 run_cmd "ip netns exec $ns1 ping -w1 -c1 -s 1500 172.16.104.1" 1835 log_test $? 0 "Using route with mtu metric" 1836 1837 run_cmd "$IP ro add 172.16.111.0/24 via 172.16.101.2 congctl lock foo" 1838 log_test $? 2 "Invalid metric (fails metric_convert)" 1839 1840 route_cleanup 1841} 1842 1843ipv4_del_addr_test() 1844{ 1845 echo 1846 echo "IPv4 delete address route tests" 1847 1848 setup 1849 1850 set -e 1851 $IP li add dummy1 type dummy 1852 $IP li set dummy1 up 1853 $IP li add dummy2 type dummy 1854 $IP li set dummy2 up 1855 $IP li add red type vrf table 1111 1856 $IP li set red up 1857 $IP ro add vrf red unreachable default 1858 $IP li set dummy2 vrf red 1859 1860 $IP addr add dev dummy1 172.16.104.1/24 1861 $IP addr add dev dummy1 172.16.104.11/24 1862 $IP addr add dev dummy1 172.16.104.12/24 1863 $IP addr add dev dummy1 172.16.104.13/24 1864 $IP addr add dev dummy2 172.16.104.1/24 1865 $IP addr add dev dummy2 172.16.104.11/24 1866 $IP addr add dev dummy2 172.16.104.12/24 1867 $IP route add 172.16.105.0/24 via 172.16.104.2 src 172.16.104.11 1868 $IP route add 172.16.106.0/24 dev lo src 172.16.104.12 1869 $IP route add table 0 172.16.107.0/24 via 172.16.104.2 src 172.16.104.13 1870 $IP route add vrf red 172.16.105.0/24 via 172.16.104.2 src 172.16.104.11 1871 $IP route add vrf red 172.16.106.0/24 dev lo src 172.16.104.12 1872 set +e 1873 1874 # removing address from device in vrf should only remove route from vrf table 1875 echo " Regular FIB info" 1876 1877 $IP addr del dev dummy2 172.16.104.11/24 1878 $IP ro ls vrf red | grep -q 172.16.105.0/24 1879 log_test $? 1 "Route removed from VRF when source address deleted" 1880 1881 $IP ro ls | grep -q 172.16.105.0/24 1882 log_test $? 0 "Route in default VRF not removed" 1883 1884 $IP addr add dev dummy2 172.16.104.11/24 1885 $IP route add vrf red 172.16.105.0/24 via 172.16.104.2 src 172.16.104.11 1886 1887 $IP addr del dev dummy1 172.16.104.11/24 1888 $IP ro ls | grep -q 172.16.105.0/24 1889 log_test $? 1 "Route removed in default VRF when source address deleted" 1890 1891 $IP ro ls vrf red | grep -q 172.16.105.0/24 1892 log_test $? 0 "Route in VRF is not removed by address delete" 1893 1894 # removing address from device in vrf should only remove route from vrf 1895 # table even when the associated fib info only differs in table ID 1896 echo " Identical FIB info with different table ID" 1897 1898 $IP addr del dev dummy2 172.16.104.12/24 1899 $IP ro ls vrf red | grep -q 172.16.106.0/24 1900 log_test $? 1 "Route removed from VRF when source address deleted" 1901 1902 $IP ro ls | grep -q 172.16.106.0/24 1903 log_test $? 0 "Route in default VRF not removed" 1904 1905 $IP addr add dev dummy2 172.16.104.12/24 1906 $IP route add vrf red 172.16.106.0/24 dev lo src 172.16.104.12 1907 1908 $IP addr del dev dummy1 172.16.104.12/24 1909 $IP ro ls | grep -q 172.16.106.0/24 1910 log_test $? 1 "Route removed in default VRF when source address deleted" 1911 1912 $IP ro ls vrf red | grep -q 172.16.106.0/24 1913 log_test $? 0 "Route in VRF is not removed by address delete" 1914 1915 # removing address from device in default vrf should remove route from 1916 # the default vrf even when route was inserted with a table ID of 0. 1917 echo " Table ID 0" 1918 1919 $IP addr del dev dummy1 172.16.104.13/24 1920 $IP ro ls | grep -q 172.16.107.0/24 1921 log_test $? 1 "Route removed in default VRF when source address deleted" 1922 1923 $IP li del dummy1 1924 $IP li del dummy2 1925 cleanup 1926} 1927 1928ipv6_del_addr_test() 1929{ 1930 echo 1931 echo "IPv6 delete address route tests" 1932 1933 setup 1934 1935 set -e 1936 for i in $(seq 6); do 1937 $IP li add dummy${i} up type dummy 1938 done 1939 1940 $IP li add red up type vrf table 1111 1941 $IP ro add vrf red unreachable default 1942 for i in $(seq 4 6); do 1943 $IP li set dummy${i} vrf red 1944 done 1945 1946 $IP addr add dev dummy1 fe80::1/128 1947 $IP addr add dev dummy1 2001:db8:101::1/64 1948 $IP addr add dev dummy1 2001:db8:101::10/64 1949 $IP addr add dev dummy1 2001:db8:101::11/64 1950 $IP addr add dev dummy1 2001:db8:101::12/64 1951 $IP addr add dev dummy1 2001:db8:101::13/64 1952 $IP addr add dev dummy1 2001:db8:101::14/64 1953 $IP addr add dev dummy1 2001:db8:101::15/64 1954 $IP addr add dev dummy2 fe80::1/128 1955 $IP addr add dev dummy2 2001:db8:101::1/64 1956 $IP addr add dev dummy2 2001:db8:101::11/64 1957 $IP addr add dev dummy3 fe80::1/128 1958 1959 $IP addr add dev dummy4 2001:db8:101::1/64 1960 $IP addr add dev dummy4 2001:db8:101::10/64 1961 $IP addr add dev dummy4 2001:db8:101::11/64 1962 $IP addr add dev dummy4 2001:db8:101::12/64 1963 $IP addr add dev dummy4 2001:db8:101::13/64 1964 $IP addr add dev dummy4 2001:db8:101::14/64 1965 $IP addr add dev dummy5 2001:db8:101::1/64 1966 $IP addr add dev dummy5 2001:db8:101::11/64 1967 1968 # Single device using src address 1969 $IP route add 2001:db8:110::/64 dev dummy3 src 2001:db8:101::10 1970 # Two devices with the same source address 1971 $IP route add 2001:db8:111::/64 dev dummy3 src 2001:db8:101::11 1972 # VRF with single device using src address 1973 $IP route add vrf red 2001:db8:110::/64 dev dummy6 src 2001:db8:101::10 1974 # VRF with two devices using src address 1975 $IP route add vrf red 2001:db8:111::/64 dev dummy6 src 2001:db8:101::11 1976 # src address and nexthop dev in same VRF 1977 $IP route add 2001:db8:112::/64 dev dummy3 src 2001:db8:101::12 1978 $IP route add vrf red 2001:db8:112::/64 dev dummy6 src 2001:db8:101::12 1979 # src address and nexthop device in different VRF 1980 $IP route add 2001:db8:113::/64 dev lo src 2001:db8:101::13 1981 $IP route add vrf red 2001:db8:113::/64 dev lo src 2001:db8:101::13 1982 # table ID 0 1983 $IP route add table 0 2001:db8:115::/64 via 2001:db8:101::2 src 2001:db8:101::15 1984 # Link local source route 1985 $IP route add 2001:db8:116::/64 dev dummy2 src fe80::1 1986 $IP route add 2001:db8:117::/64 dev dummy3 src fe80::1 1987 set +e 1988 1989 echo " Single device using src address" 1990 1991 $IP addr del dev dummy1 2001:db8:101::10/64 1992 $IP -6 route show | grep -q "src 2001:db8:101::10 " 1993 log_test $? 1 "Prefsrc removed when src address removed on other device" 1994 1995 echo " Two devices with the same source address" 1996 1997 $IP addr del dev dummy1 2001:db8:101::11/64 1998 $IP -6 route show | grep -q "src 2001:db8:101::11 " 1999 log_test $? 0 "Prefsrc not removed when src address exist on other device" 2000 2001 $IP addr del dev dummy2 2001:db8:101::11/64 2002 $IP -6 route show | grep -q "src 2001:db8:101::11 " 2003 log_test $? 1 "Prefsrc removed when src address removed on all devices" 2004 2005 echo " VRF with single device using src address" 2006 2007 $IP addr del dev dummy4 2001:db8:101::10/64 2008 $IP -6 route show vrf red | grep -q "src 2001:db8:101::10 " 2009 log_test $? 1 "Prefsrc removed when src address removed on other device" 2010 2011 echo " VRF with two devices using src address" 2012 2013 $IP addr del dev dummy4 2001:db8:101::11/64 2014 $IP -6 route show vrf red | grep -q "src 2001:db8:101::11 " 2015 log_test $? 0 "Prefsrc not removed when src address exist on other device" 2016 2017 $IP addr del dev dummy5 2001:db8:101::11/64 2018 $IP -6 route show vrf red | grep -q "src 2001:db8:101::11 " 2019 log_test $? 1 "Prefsrc removed when src address removed on all devices" 2020 2021 echo " src address and nexthop dev in same VRF" 2022 2023 $IP addr del dev dummy4 2001:db8:101::12/64 2024 $IP -6 route show vrf red | grep -q "src 2001:db8:101::12 " 2025 log_test $? 1 "Prefsrc removed from VRF when source address deleted" 2026 $IP -6 route show | grep -q " src 2001:db8:101::12 " 2027 log_test $? 0 "Prefsrc in default VRF not removed" 2028 2029 $IP addr add dev dummy4 2001:db8:101::12/64 2030 $IP route replace vrf red 2001:db8:112::/64 dev dummy6 src 2001:db8:101::12 2031 $IP addr del dev dummy1 2001:db8:101::12/64 2032 $IP -6 route show vrf red | grep -q "src 2001:db8:101::12 " 2033 log_test $? 0 "Prefsrc not removed from VRF when source address exist" 2034 $IP -6 route show | grep -q " src 2001:db8:101::12 " 2035 log_test $? 1 "Prefsrc in default VRF removed" 2036 2037 echo " src address and nexthop device in different VRF" 2038 2039 $IP addr del dev dummy4 2001:db8:101::13/64 2040 $IP -6 route show vrf red | grep -q "src 2001:db8:101::13 " 2041 log_test $? 0 "Prefsrc not removed from VRF when nexthop dev in diff VRF" 2042 $IP -6 route show | grep -q "src 2001:db8:101::13 " 2043 log_test $? 0 "Prefsrc not removed in default VRF" 2044 2045 $IP addr add dev dummy4 2001:db8:101::13/64 2046 $IP addr del dev dummy1 2001:db8:101::13/64 2047 $IP -6 route show vrf red | grep -q "src 2001:db8:101::13 " 2048 log_test $? 1 "Prefsrc removed from VRF when nexthop dev in diff VRF" 2049 $IP -6 route show | grep -q "src 2001:db8:101::13 " 2050 log_test $? 1 "Prefsrc removed in default VRF" 2051 2052 echo " Table ID 0" 2053 2054 $IP addr del dev dummy1 2001:db8:101::15/64 2055 $IP -6 route show | grep -q "src 2001:db8:101::15" 2056 log_test $? 1 "Prefsrc removed from default VRF when source address deleted" 2057 2058 echo " Link local source route" 2059 $IP addr del dev dummy1 fe80::1/128 2060 $IP -6 route show | grep -q "2001:db8:116::/64 dev dummy2 src fe80::1" 2061 log_test $? 0 "Prefsrc not removed when delete ll addr from other dev" 2062 $IP addr del dev dummy2 fe80::1/128 2063 $IP -6 route show | grep -q "2001:db8:116::/64 dev dummy2 src fe80::1" 2064 log_test $? 1 "Prefsrc removed when delete ll addr" 2065 $IP -6 route show | grep -q "2001:db8:117::/64 dev dummy3 src fe80::1" 2066 log_test $? 0 "Prefsrc not removed when delete ll addr from other dev" 2067 $IP addr add dev dummy1 fe80::1/128 2068 $IP addr del dev dummy3 fe80::1/128 2069 $IP -6 route show | grep -q "2001:db8:117::/64 dev dummy3 src fe80::1" 2070 log_test $? 1 "Prefsrc removed even ll addr still exist on other dev" 2071 2072 for i in $(seq 6); do 2073 $IP li del dummy${i} 2074 done 2075 cleanup 2076} 2077 2078ipv4_route_v6_gw_test() 2079{ 2080 local rc 2081 2082 echo 2083 echo "IPv4 route with IPv6 gateway tests" 2084 2085 route_setup 2086 sleep 2 2087 2088 # 2089 # single path route 2090 # 2091 run_cmd "$IP ro add 172.16.104.0/24 via inet6 2001:db8:101::2" 2092 rc=$? 2093 log_test $rc 0 "Single path route with IPv6 gateway" 2094 if [ $rc -eq 0 ]; then 2095 check_route "172.16.104.0/24 via inet6 2001:db8:101::2 dev veth1" 2096 fi 2097 2098 run_cmd "ip netns exec $ns1 ping -w1 -c1 172.16.104.1" 2099 log_test $rc 0 "Single path route with IPv6 gateway - ping" 2100 2101 run_cmd "$IP ro del 172.16.104.0/24 via inet6 2001:db8:101::2" 2102 rc=$? 2103 log_test $rc 0 "Single path route delete" 2104 if [ $rc -eq 0 ]; then 2105 check_route "172.16.112.0/24" 2106 fi 2107 2108 # 2109 # multipath - v6 then v4 2110 # 2111 run_cmd "$IP ro add 172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 nexthop via 172.16.103.2 dev veth3" 2112 rc=$? 2113 log_test $rc 0 "Multipath route add - v6 nexthop then v4" 2114 if [ $rc -eq 0 ]; then 2115 check_route "172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1" 2116 fi 2117 2118 run_cmd "$IP ro del 172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 nexthop via inet6 2001:db8:101::2 dev veth1" 2119 log_test $? 2 " Multipath route delete - nexthops in wrong order" 2120 2121 run_cmd "$IP ro del 172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 nexthop via 172.16.103.2 dev veth3" 2122 log_test $? 0 " Multipath route delete exact match" 2123 2124 # 2125 # multipath - v4 then v6 2126 # 2127 run_cmd "$IP ro add 172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 nexthop via inet6 2001:db8:101::2 dev veth1" 2128 rc=$? 2129 log_test $rc 0 "Multipath route add - v4 nexthop then v6" 2130 if [ $rc -eq 0 ]; then 2131 check_route "172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 weight 1 nexthop via inet6 2001:db8:101::2 dev veth1 weight 1" 2132 fi 2133 2134 run_cmd "$IP ro del 172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 nexthop via 172.16.103.2 dev veth3" 2135 log_test $? 2 " Multipath route delete - nexthops in wrong order" 2136 2137 run_cmd "$IP ro del 172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 nexthop via inet6 2001:db8:101::2 dev veth1" 2138 log_test $? 0 " Multipath route delete exact match" 2139 2140 route_cleanup 2141} 2142 2143socat_check() 2144{ 2145 if [ ! -x "$(command -v socat)" ]; then 2146 echo "socat command not found. Skipping test" 2147 return 1 2148 fi 2149 2150 return 0 2151} 2152 2153iptables_check() 2154{ 2155 iptables -t mangle -L OUTPUT &> /dev/null 2156 if [ $? -ne 0 ]; then 2157 echo "iptables configuration not supported. Skipping test" 2158 return 1 2159 fi 2160 2161 return 0 2162} 2163 2164ip6tables_check() 2165{ 2166 ip6tables -t mangle -L OUTPUT &> /dev/null 2167 if [ $? -ne 0 ]; then 2168 echo "ip6tables configuration not supported. Skipping test" 2169 return 1 2170 fi 2171 2172 return 0 2173} 2174 2175ipv4_mangle_test() 2176{ 2177 local rc 2178 2179 echo 2180 echo "IPv4 mangling tests" 2181 2182 socat_check || return 1 2183 iptables_check || return 1 2184 2185 route_setup 2186 sleep 2 2187 2188 local tmp_file=$(mktemp) 2189 ip netns exec $ns2 socat UDP4-LISTEN:54321,fork $tmp_file & 2190 2191 # Add a FIB rule and a route that will direct our connection to the 2192 # listening server. 2193 $IP rule add pref 100 ipproto udp sport 12345 dport 54321 table 123 2194 $IP route add table 123 172.16.101.0/24 dev veth1 2195 2196 # Add an unreachable route to the main table that will block our 2197 # connection in case the FIB rule is not hit. 2198 $IP route add unreachable 172.16.101.2/32 2199 2200 run_cmd "echo a | $NS_EXEC socat STDIN UDP4:172.16.101.2:54321,sourceport=12345" 2201 log_test $? 0 " Connection with correct parameters" 2202 2203 run_cmd "echo a | $NS_EXEC socat STDIN UDP4:172.16.101.2:54321,sourceport=11111" 2204 log_test $? 1 " Connection with incorrect parameters" 2205 2206 # Add a mangling rule and make sure connection is still successful. 2207 $NS_EXEC iptables -t mangle -A OUTPUT -j MARK --set-mark 1 2208 2209 run_cmd "echo a | $NS_EXEC socat STDIN UDP4:172.16.101.2:54321,sourceport=12345" 2210 log_test $? 0 " Connection with correct parameters - mangling" 2211 2212 # Delete the mangling rule and make sure connection is still 2213 # successful. 2214 $NS_EXEC iptables -t mangle -D OUTPUT -j MARK --set-mark 1 2215 2216 run_cmd "echo a | $NS_EXEC socat STDIN UDP4:172.16.101.2:54321,sourceport=12345" 2217 log_test $? 0 " Connection with correct parameters - no mangling" 2218 2219 # Verify connections were indeed successful on server side. 2220 [[ $(cat $tmp_file | wc -l) -eq 3 ]] 2221 log_test $? 0 " Connection check - server side" 2222 2223 $IP route del unreachable 172.16.101.2/32 2224 $IP route del table 123 172.16.101.0/24 dev veth1 2225 $IP rule del pref 100 2226 2227 { kill %% && wait %%; } 2>/dev/null 2228 rm $tmp_file 2229 2230 route_cleanup 2231} 2232 2233ipv6_mangle_test() 2234{ 2235 local rc 2236 2237 echo 2238 echo "IPv6 mangling tests" 2239 2240 socat_check || return 1 2241 ip6tables_check || return 1 2242 2243 route_setup 2244 sleep 2 2245 2246 local tmp_file=$(mktemp) 2247 ip netns exec $ns2 socat UDP6-LISTEN:54321,fork $tmp_file & 2248 2249 # Add a FIB rule and a route that will direct our connection to the 2250 # listening server. 2251 $IP -6 rule add pref 100 ipproto udp sport 12345 dport 54321 table 123 2252 $IP -6 route add table 123 2001:db8:101::/64 dev veth1 2253 2254 # Add an unreachable route to the main table that will block our 2255 # connection in case the FIB rule is not hit. 2256 $IP -6 route add unreachable 2001:db8:101::2/128 2257 2258 run_cmd "echo a | $NS_EXEC socat STDIN UDP6:[2001:db8:101::2]:54321,sourceport=12345" 2259 log_test $? 0 " Connection with correct parameters" 2260 2261 run_cmd "echo a | $NS_EXEC socat STDIN UDP6:[2001:db8:101::2]:54321,sourceport=11111" 2262 log_test $? 1 " Connection with incorrect parameters" 2263 2264 # Add a mangling rule and make sure connection is still successful. 2265 $NS_EXEC ip6tables -t mangle -A OUTPUT -j MARK --set-mark 1 2266 2267 run_cmd "echo a | $NS_EXEC socat STDIN UDP6:[2001:db8:101::2]:54321,sourceport=12345" 2268 log_test $? 0 " Connection with correct parameters - mangling" 2269 2270 # Delete the mangling rule and make sure connection is still 2271 # successful. 2272 $NS_EXEC ip6tables -t mangle -D OUTPUT -j MARK --set-mark 1 2273 2274 run_cmd "echo a | $NS_EXEC socat STDIN UDP6:[2001:db8:101::2]:54321,sourceport=12345" 2275 log_test $? 0 " Connection with correct parameters - no mangling" 2276 2277 # Verify connections were indeed successful on server side. 2278 [[ $(cat $tmp_file | wc -l) -eq 3 ]] 2279 log_test $? 0 " Connection check - server side" 2280 2281 $IP -6 route del unreachable 2001:db8:101::2/128 2282 $IP -6 route del table 123 2001:db8:101::/64 dev veth1 2283 $IP -6 rule del pref 100 2284 2285 { kill %% && wait %%; } 2>/dev/null 2286 rm $tmp_file 2287 2288 route_cleanup 2289} 2290 2291ip_neigh_get_check() 2292{ 2293 ip neigh help 2>&1 | grep -q 'ip neigh get' 2294 if [ $? -ne 0 ]; then 2295 echo "iproute2 command does not support neigh get. Skipping test" 2296 return 1 2297 fi 2298 2299 return 0 2300} 2301 2302ipv4_bcast_neigh_test() 2303{ 2304 local rc 2305 2306 echo 2307 echo "IPv4 broadcast neighbour tests" 2308 2309 ip_neigh_get_check || return 1 2310 2311 setup 2312 2313 set -e 2314 run_cmd "$IP neigh add 192.0.2.111 lladdr 00:11:22:33:44:55 nud perm dev dummy0" 2315 run_cmd "$IP neigh add 192.0.2.255 lladdr 00:11:22:33:44:55 nud perm dev dummy0" 2316 2317 run_cmd "$IP neigh get 192.0.2.111 dev dummy0" 2318 run_cmd "$IP neigh get 192.0.2.255 dev dummy0" 2319 2320 run_cmd "$IP address add 192.0.2.1/24 broadcast 192.0.2.111 dev dummy0" 2321 2322 run_cmd "$IP neigh add 203.0.113.111 nud failed dev dummy0" 2323 run_cmd "$IP neigh add 203.0.113.255 nud failed dev dummy0" 2324 2325 run_cmd "$IP neigh get 203.0.113.111 dev dummy0" 2326 run_cmd "$IP neigh get 203.0.113.255 dev dummy0" 2327 2328 run_cmd "$IP address add 203.0.113.1/24 broadcast 203.0.113.111 dev dummy0" 2329 set +e 2330 2331 run_cmd "$IP neigh get 192.0.2.111 dev dummy0" 2332 log_test $? 0 "Resolved neighbour for broadcast address" 2333 2334 run_cmd "$IP neigh get 192.0.2.255 dev dummy0" 2335 log_test $? 0 "Resolved neighbour for network broadcast address" 2336 2337 run_cmd "$IP neigh get 203.0.113.111 dev dummy0" 2338 log_test $? 2 "Unresolved neighbour for broadcast address" 2339 2340 run_cmd "$IP neigh get 203.0.113.255 dev dummy0" 2341 log_test $? 2 "Unresolved neighbour for network broadcast address" 2342 2343 cleanup 2344} 2345 2346mpath_dep_check() 2347{ 2348 if [ ! -x "$(command -v mausezahn)" ]; then 2349 echo "mausezahn command not found. Skipping test" 2350 return 1 2351 fi 2352 2353 if [ ! -x "$(command -v jq)" ]; then 2354 echo "jq command not found. Skipping test" 2355 return 1 2356 fi 2357 2358 if [ ! -x "$(command -v bc)" ]; then 2359 echo "bc command not found. Skipping test" 2360 return 1 2361 fi 2362 2363 if [ ! -x "$(command -v perf)" ]; then 2364 echo "perf command not found. Skipping test" 2365 return 1 2366 fi 2367 2368 perf list fib:* | grep -q fib_table_lookup 2369 if [ $? -ne 0 ]; then 2370 echo "IPv4 FIB tracepoint not found. Skipping test" 2371 return 1 2372 fi 2373 2374 perf list fib6:* | grep -q fib6_table_lookup 2375 if [ $? -ne 0 ]; then 2376 echo "IPv6 FIB tracepoint not found. Skipping test" 2377 return 1 2378 fi 2379 2380 return 0 2381} 2382 2383link_stats_get() 2384{ 2385 local ns=$1; shift 2386 local dev=$1; shift 2387 local dir=$1; shift 2388 local stat=$1; shift 2389 2390 ip -n $ns -j -s link show dev $dev \ 2391 | jq '.[]["stats64"]["'$dir'"]["'$stat'"]' 2392} 2393 2394list_rcv_eval() 2395{ 2396 local file=$1; shift 2397 local expected=$1; shift 2398 2399 local count=$(tail -n 1 $file | jq '.["counter-value"] | tonumber | floor') 2400 local ratio=$(echo "scale=2; $count / $expected" | bc -l) 2401 local res=$(echo "$ratio >= 0.95" | bc) 2402 [[ $res -eq 1 ]] 2403 log_test $? 0 "Multipath route hit ratio ($ratio)" 2404} 2405 2406ipv4_mpath_list_test() 2407{ 2408 echo 2409 echo "IPv4 multipath list receive tests" 2410 2411 mpath_dep_check || return 1 2412 2413 route_setup 2414 2415 set -e 2416 run_cmd "ip netns exec $ns1 ethtool -K veth1 tcp-segmentation-offload off" 2417 2418 run_cmd "ip netns exec $ns2 bash -c \"echo 20000 > /sys/class/net/veth2/gro_flush_timeout\"" 2419 run_cmd "ip netns exec $ns2 bash -c \"echo 1 > /sys/class/net/veth2/napi_defer_hard_irqs\"" 2420 run_cmd "ip netns exec $ns2 ethtool -K veth2 generic-receive-offload on" 2421 run_cmd "ip -n $ns2 link add name nh1 up type dummy" 2422 run_cmd "ip -n $ns2 link add name nh2 up type dummy" 2423 run_cmd "ip -n $ns2 address add 172.16.201.1/24 dev nh1" 2424 run_cmd "ip -n $ns2 address add 172.16.202.1/24 dev nh2" 2425 run_cmd "ip -n $ns2 neigh add 172.16.201.2 lladdr 00:11:22:33:44:55 nud perm dev nh1" 2426 run_cmd "ip -n $ns2 neigh add 172.16.202.2 lladdr 00:aa:bb:cc:dd:ee nud perm dev nh2" 2427 run_cmd "ip -n $ns2 route add 203.0.113.0/24 2428 nexthop via 172.16.201.2 nexthop via 172.16.202.2" 2429 run_cmd "ip netns exec $ns2 sysctl -qw net.ipv4.fib_multipath_hash_policy=1" 2430 run_cmd "ip netns exec $ns2 sysctl -qw net.ipv4.conf.veth2.rp_filter=0" 2431 run_cmd "ip netns exec $ns2 sysctl -qw net.ipv4.conf.all.rp_filter=0" 2432 run_cmd "ip netns exec $ns2 sysctl -qw net.ipv4.conf.default.rp_filter=0" 2433 set +e 2434 2435 local dmac=$(ip -n $ns2 -j link show dev veth2 | jq -r '.[]["address"]') 2436 local tmp_file=$(mktemp) 2437 local cmd="ip netns exec $ns1 mausezahn veth1 -a own -b $dmac 2438 -A 172.16.101.1 -B 203.0.113.1 -t udp 'sp=12345,dp=0-65535' -q" 2439 2440 # Packets forwarded in a list using a multipath route must not reuse a 2441 # cached result so that a flow always hits the same nexthop. In other 2442 # words, the FIB lookup tracepoint needs to be triggered for every 2443 # packet. 2444 local t0_rx_pkts=$(link_stats_get $ns2 veth2 rx packets) 2445 run_cmd "perf stat -a -e fib:fib_table_lookup --filter 'err == 0' -j -o $tmp_file -- $cmd" 2446 local t1_rx_pkts=$(link_stats_get $ns2 veth2 rx packets) 2447 local diff=$(echo $t1_rx_pkts - $t0_rx_pkts | bc -l) 2448 list_rcv_eval $tmp_file $diff 2449 2450 rm $tmp_file 2451 route_cleanup 2452} 2453 2454ipv6_mpath_list_test() 2455{ 2456 echo 2457 echo "IPv6 multipath list receive tests" 2458 2459 mpath_dep_check || return 1 2460 2461 route_setup 2462 2463 set -e 2464 run_cmd "ip netns exec $ns1 ethtool -K veth1 tcp-segmentation-offload off" 2465 2466 run_cmd "ip netns exec $ns2 bash -c \"echo 20000 > /sys/class/net/veth2/gro_flush_timeout\"" 2467 run_cmd "ip netns exec $ns2 bash -c \"echo 1 > /sys/class/net/veth2/napi_defer_hard_irqs\"" 2468 run_cmd "ip netns exec $ns2 ethtool -K veth2 generic-receive-offload on" 2469 run_cmd "ip -n $ns2 link add name nh1 up type dummy" 2470 run_cmd "ip -n $ns2 link add name nh2 up type dummy" 2471 run_cmd "ip -n $ns2 -6 address add 2001:db8:201::1/64 dev nh1" 2472 run_cmd "ip -n $ns2 -6 address add 2001:db8:202::1/64 dev nh2" 2473 run_cmd "ip -n $ns2 -6 neigh add 2001:db8:201::2 lladdr 00:11:22:33:44:55 nud perm dev nh1" 2474 run_cmd "ip -n $ns2 -6 neigh add 2001:db8:202::2 lladdr 00:aa:bb:cc:dd:ee nud perm dev nh2" 2475 run_cmd "ip -n $ns2 -6 route add 2001:db8:301::/64 2476 nexthop via 2001:db8:201::2 nexthop via 2001:db8:202::2" 2477 run_cmd "ip netns exec $ns2 sysctl -qw net.ipv6.fib_multipath_hash_policy=1" 2478 set +e 2479 2480 local dmac=$(ip -n $ns2 -j link show dev veth2 | jq -r '.[]["address"]') 2481 local tmp_file=$(mktemp) 2482 local cmd="ip netns exec $ns1 mausezahn -6 veth1 -a own -b $dmac 2483 -A 2001:db8:101::1 -B 2001:db8:301::1 -t udp 'sp=12345,dp=0-65535' -q" 2484 2485 # Packets forwarded in a list using a multipath route must not reuse a 2486 # cached result so that a flow always hits the same nexthop. In other 2487 # words, the FIB lookup tracepoint needs to be triggered for every 2488 # packet. 2489 local t0_rx_pkts=$(link_stats_get $ns2 veth2 rx packets) 2490 run_cmd "perf stat -a -e fib6:fib6_table_lookup --filter 'err == 0' -j -o $tmp_file -- $cmd" 2491 local t1_rx_pkts=$(link_stats_get $ns2 veth2 rx packets) 2492 local diff=$(echo $t1_rx_pkts - $t0_rx_pkts | bc -l) 2493 list_rcv_eval $tmp_file $diff 2494 2495 rm $tmp_file 2496 route_cleanup 2497} 2498 2499################################################################################ 2500# usage 2501 2502usage() 2503{ 2504 cat <<EOF 2505usage: ${0##*/} OPTS 2506 2507 -t <test> Test(s) to run (default: all) 2508 (options: $TESTS) 2509 -p Pause on fail 2510 -P Pause after each test before cleanup 2511 -v verbose mode (show commands and output) 2512EOF 2513} 2514 2515################################################################################ 2516# main 2517 2518trap cleanup EXIT 2519 2520while getopts :t:pPhv o 2521do 2522 case $o in 2523 t) TESTS=$OPTARG;; 2524 p) PAUSE_ON_FAIL=yes;; 2525 P) PAUSE=yes;; 2526 v) VERBOSE=$(($VERBOSE + 1));; 2527 h) usage; exit 0;; 2528 *) usage; exit 1;; 2529 esac 2530done 2531 2532PEER_CMD="ip netns exec ${PEER_NS}" 2533 2534# make sure we don't pause twice 2535[ "${PAUSE}" = "yes" ] && PAUSE_ON_FAIL=no 2536 2537if [ "$(id -u)" -ne 0 ];then 2538 echo "SKIP: Need root privileges" 2539 exit $ksft_skip; 2540fi 2541 2542if [ ! -x "$(command -v ip)" ]; then 2543 echo "SKIP: Could not run test without ip tool" 2544 exit $ksft_skip 2545fi 2546 2547ip route help 2>&1 | grep -q fibmatch 2548if [ $? -ne 0 ]; then 2549 echo "SKIP: iproute2 too old, missing fibmatch" 2550 exit $ksft_skip 2551fi 2552 2553# start clean 2554cleanup &> /dev/null 2555 2556for t in $TESTS 2557do 2558 case $t in 2559 fib_unreg_test|unregister) fib_unreg_test;; 2560 fib_down_test|down) fib_down_test;; 2561 fib_carrier_test|carrier) fib_carrier_test;; 2562 fib_rp_filter_test|rp_filter) fib_rp_filter_test;; 2563 fib_nexthop_test|nexthop) fib_nexthop_test;; 2564 fib_notify_test|ipv4_notify) fib_notify_test;; 2565 fib6_notify_test|ipv6_notify) fib6_notify_test;; 2566 fib_suppress_test|suppress) fib_suppress_test;; 2567 ipv6_route_test|ipv6_rt) ipv6_route_test;; 2568 ipv4_route_test|ipv4_rt) ipv4_route_test;; 2569 ipv6_addr_metric) ipv6_addr_metric_test;; 2570 ipv4_addr_metric) ipv4_addr_metric_test;; 2571 ipv4_del_addr) ipv4_del_addr_test;; 2572 ipv6_del_addr) ipv6_del_addr_test;; 2573 ipv6_route_metrics) ipv6_route_metrics_test;; 2574 ipv4_route_metrics) ipv4_route_metrics_test;; 2575 ipv4_route_v6_gw) ipv4_route_v6_gw_test;; 2576 ipv4_mangle) ipv4_mangle_test;; 2577 ipv6_mangle) ipv6_mangle_test;; 2578 ipv4_bcast_neigh) ipv4_bcast_neigh_test;; 2579 fib6_gc_test|ipv6_gc) fib6_gc_test;; 2580 ipv4_mpath_list) ipv4_mpath_list_test;; 2581 ipv6_mpath_list) ipv6_mpath_list_test;; 2582 2583 help) echo "Test names: $TESTS"; exit 0;; 2584 esac 2585done 2586 2587if [ "$TESTS" != "none" ]; then 2588 printf "\nTests passed: %3d\n" ${nsuccess} 2589 printf "Tests failed: %3d\n" ${nfail} 2590fi 2591 2592exit $ret 2593