xref: /linux/tools/testing/selftests/net/forwarding/router.sh (revision dd84cfff3cc3b79c9d616f85bd1178df135cbd1a) 
1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0
3
4# +--------------------+                     +----------------------+
5# | H1                 |                     |                   H2 |
6# |                    |                     |                      |
7# |              $h1 + |                     | + $h2                |
8# |     192.0.2.2/24 | |                     | | 198.51.100.2/24    |
9# | 2001:db8:1::2/64 | |                     | | 2001:db8:2::2/64   |
10# |                  | |                     | |                    |
11# +------------------|-+                     +-|--------------------+
12#                    |                         |
13# +------------------|-------------------------|--------------------+
14# | SW               |                         |                    |
15# |                  |                         |                    |
16# |             $rp1 +                         + $rp2               |
17# |     192.0.2.1/24                             198.51.100.1/24    |
18# | 2001:db8:1::1/64                             2001:db8:2::1/64   |
19# |                                                                 |
20# +-----------------------------------------------------------------+
21
22ALL_TESTS="
23	ping_ipv4
24	ping_ipv6
25	sip_in_class_e
26	mc_mac_mismatch
27	ipv4_sip_equal_dip
28	ipv6_sip_equal_dip
29	ipv4_dip_link_local
30"
31
32NUM_NETIFS=4
33source lib.sh
34source tc_common.sh
35
36require_command $MCD
37require_command $MC_CLI
38table_name=selftests
39
40h1_create()
41{
42	vrf_create "vrf-h1"
43	ip link set dev $h1 master vrf-h1
44
45	ip link set dev vrf-h1 up
46	ip link set dev $h1 up
47
48	ip address add 192.0.2.2/24 dev $h1
49	ip address add 2001:db8:1::2/64 dev $h1
50
51	ip route add 198.51.100.0/24 vrf vrf-h1 nexthop via 192.0.2.1
52	ip route add 2001:db8:2::/64 vrf vrf-h1 nexthop via 2001:db8:1::1
53}
54
55h1_destroy()
56{
57	ip route del 2001:db8:2::/64 vrf vrf-h1
58	ip route del 198.51.100.0/24 vrf vrf-h1
59
60	ip address del 2001:db8:1::2/64 dev $h1
61	ip address del 192.0.2.2/24 dev $h1
62
63	ip link set dev $h1 down
64	vrf_destroy "vrf-h1"
65}
66
67h2_create()
68{
69	vrf_create "vrf-h2"
70	ip link set dev $h2 master vrf-h2
71
72	ip link set dev vrf-h2 up
73	ip link set dev $h2 up
74
75	ip address add 198.51.100.2/24 dev $h2
76	ip address add 2001:db8:2::2/64 dev $h2
77
78	ip route add 192.0.2.0/24 vrf vrf-h2 nexthop via 198.51.100.1
79	ip route add 2001:db8:1::/64 vrf vrf-h2 nexthop via 2001:db8:2::1
80}
81
82h2_destroy()
83{
84	ip route del 2001:db8:1::/64 vrf vrf-h2
85	ip route del 192.0.2.0/24 vrf vrf-h2
86
87	ip address del 2001:db8:2::2/64 dev $h2
88	ip address del 198.51.100.2/24 dev $h2
89
90	ip link set dev $h2 down
91	vrf_destroy "vrf-h2"
92}
93
94router_create()
95{
96	ip link set dev $rp1 up
97	ip link set dev $rp2 up
98
99	tc qdisc add dev $rp2 clsact
100
101	ip address add 192.0.2.1/24 dev $rp1
102	ip address add 2001:db8:1::1/64 dev $rp1
103
104	ip address add 198.51.100.1/24 dev $rp2
105	ip address add 2001:db8:2::1/64 dev $rp2
106}
107
108router_destroy()
109{
110	ip address del 2001:db8:2::1/64 dev $rp2
111	ip address del 198.51.100.1/24 dev $rp2
112
113	ip address del 2001:db8:1::1/64 dev $rp1
114	ip address del 192.0.2.1/24 dev $rp1
115
116	tc qdisc del dev $rp2 clsact
117
118	ip link set dev $rp2 down
119	ip link set dev $rp1 down
120}
121
122start_mcd()
123{
124	SMCROUTEDIR="$(mktemp -d)"
125
126	for ((i = 1; i <= $NUM_NETIFS; ++i)); do
127		echo "phyint ${NETIFS[p$i]} enable" >> \
128			$SMCROUTEDIR/$table_name.conf
129	done
130
131	$MCD -N -I $table_name -f $SMCROUTEDIR/$table_name.conf \
132		-P $SMCROUTEDIR/$table_name.pid
133}
134
135kill_mcd()
136{
137	pkill $MCD
138	rm -rf $SMCROUTEDIR
139}
140
141setup_prepare()
142{
143	h1=${NETIFS[p1]}
144	rp1=${NETIFS[p2]}
145
146	rp2=${NETIFS[p3]}
147	h2=${NETIFS[p4]}
148
149	rp1mac=$(mac_get $rp1)
150
151	start_mcd
152
153	vrf_prepare
154
155	h1_create
156	h2_create
157
158	router_create
159
160	forwarding_enable
161}
162
163cleanup()
164{
165	pre_cleanup
166
167	forwarding_restore
168
169	router_destroy
170
171	h2_destroy
172	h1_destroy
173
174	vrf_cleanup
175
176	kill_mcd
177}
178
179ping_ipv4()
180{
181	ping_test $h1 198.51.100.2
182}
183
184ping_ipv6()
185{
186	ping6_test $h1 2001:db8:2::2
187}
188
189sip_in_class_e()
190{
191	RET=0
192
193	# Disable rpfilter to prevent packets to be dropped because of it.
194	sysctl_set net.ipv4.conf.all.rp_filter 0
195	sysctl_set net.ipv4.conf.$rp1.rp_filter 0
196
197	tc filter add dev $rp2 egress protocol ip pref 1 handle 101 \
198		flower src_ip 240.0.0.1 ip_proto udp action pass
199
200	$MZ $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec \
201		-A 240.0.0.1 -b $rp1mac -B 198.51.100.2 -q
202
203	tc_check_packets "dev $rp2 egress" 101 5
204	check_err $? "Packets were dropped"
205
206	log_test "Source IP in class E"
207
208	tc filter del dev $rp2 egress protocol ip pref 1 handle 101 flower
209	sysctl_restore net.ipv4.conf.$rp1.rp_filter
210	sysctl_restore net.ipv4.conf.all.rp_filter
211}
212
213create_mcast_sg()
214{
215	local if_name=$1; shift
216	local s_addr=$1; shift
217	local mcast=$1; shift
218	local dest_ifs=${@}
219
220	$MC_CLI -I $table_name add $if_name $s_addr $mcast $dest_ifs
221}
222
223delete_mcast_sg()
224{
225	local if_name=$1; shift
226	local s_addr=$1; shift
227	local mcast=$1; shift
228	local dest_ifs=${@}
229
230	$MC_CLI -I $table_name remove $if_name $s_addr $mcast $dest_ifs
231}
232
233__mc_mac_mismatch()
234{
235	local desc=$1; shift
236	local proto=$1; shift
237	local sip=$1; shift
238	local dip=$1; shift
239	local flags=${1:-""}; shift
240	local dmac=01:02:03:04:05:06
241
242	RET=0
243
244	tc filter add dev $rp2 egress protocol $proto pref 1 handle 101 \
245		flower dst_ip $dip action pass
246
247	create_mcast_sg $rp1 $sip $dip $rp2
248
249	$MZ $flags $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec -b $dmac \
250		-B $dip -q
251
252	tc_check_packets "dev $rp2 egress" 101 5
253	check_err $? "Packets were dropped"
254
255	log_test "Multicast MAC mismatch: $desc"
256
257	delete_mcast_sg $rp1 $sip $dip $rp2
258	tc filter del dev $rp2 egress protocol $proto pref 1 handle 101 flower
259}
260
261mc_mac_mismatch()
262{
263	__mc_mac_mismatch "IPv4" "ip" 192.0.2.2 225.1.2.3
264	__mc_mac_mismatch "IPv6" "ipv6" 2001:db8:1::2 ff0e::3 "-6"
265}
266
267ipv4_sip_equal_dip()
268{
269	RET=0
270
271	# Disable rpfilter to prevent packets to be dropped because of it.
272	sysctl_set net.ipv4.conf.all.rp_filter 0
273	sysctl_set net.ipv4.conf.$rp1.rp_filter 0
274
275	tc filter add dev $rp2 egress protocol ip pref 1 handle 101 \
276		flower src_ip 198.51.100.2  action pass
277
278	$MZ $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec \
279		-A 198.51.100.2 -b $rp1mac -B 198.51.100.2 -q
280
281	tc_check_packets "dev $rp2 egress" 101 5
282	check_err $? "Packets were dropped"
283
284	log_test "Source IP is equal to destination IP: IPv4"
285
286	tc filter del dev $rp2 egress protocol ip pref 1 handle 101 flower
287	sysctl_restore net.ipv4.conf.$rp1.rp_filter
288	sysctl_restore net.ipv4.conf.all.rp_filter
289}
290
291ipv6_sip_equal_dip()
292{
293	RET=0
294
295	tc filter add dev $rp2 egress protocol ipv6 pref 1 handle 101 \
296		flower src_ip 2001:db8:2::2 action pass
297
298	$MZ -6 $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec \
299		-A 2001:db8:2::2 -b $rp1mac -B 2001:db8:2::2 -q
300
301	tc_check_packets "dev $rp2 egress" 101 5
302	check_err $? "Packets were dropped"
303
304	log_test "Source IP is equal to destination IP: IPv6"
305
306	tc filter del dev $rp2 egress protocol ipv6 pref 1 handle 101 flower
307}
308
309ipv4_dip_link_local()
310{
311	local dip=169.254.1.1
312
313	RET=0
314
315	tc filter add dev $rp2 egress protocol ip pref 1 handle 101 \
316		flower dst_ip $dip action pass
317
318	ip neigh add 169.254.1.1 lladdr 00:11:22:33:44:55 dev $rp2
319	ip route add 169.254.1.0/24 dev $rp2
320
321	$MZ $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec -b $rp1mac -B $dip -q
322
323	tc_check_packets "dev $rp2 egress" 101 5
324	check_err $? "Packets were dropped"
325
326	log_test "IPv4 destination IP is link-local"
327
328	ip route del 169.254.1.0/24 dev $rp2
329	ip neigh del 169.254.1.1 lladdr 00:11:22:33:44:55 dev $rp2
330	tc filter del dev $rp2 egress protocol ip pref 1 handle 101 flower
331}
332
333trap cleanup EXIT
334
335setup_prepare
336setup_wait
337
338tests_run
339
340exit $EXIT_STATUS
341