xref: /linux/tools/testing/selftests/net/ipv6_force_forwarding.sh (revision 8be4d31cb8aaeea27bde4b7ddb26e28a89062ebf) 
1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0
3#
4# Test IPv6 force_forwarding interface property
5#
6# This test verifies that the force_forwarding property works correctly:
7# - When global forwarding is disabled, packets are not forwarded normally
8# - When force_forwarding is enabled on an interface, packets are forwarded
9#   regardless of the global forwarding setting
10
11source lib.sh
12
13cleanup() {
14    cleanup_ns $ns1 $ns2 $ns3
15}
16
17trap cleanup EXIT
18
19setup_test() {
20    # Create three namespaces: sender, router, receiver
21    setup_ns ns1 ns2 ns3
22
23    # Create veth pairs: ns1 <-> ns2 <-> ns3
24    ip link add name veth12 type veth peer name veth21
25    ip link add name veth23 type veth peer name veth32
26
27    # Move interfaces to namespaces
28    ip link set veth12 netns $ns1
29    ip link set veth21 netns $ns2
30    ip link set veth23 netns $ns2
31    ip link set veth32 netns $ns3
32
33    # Configure interfaces
34    ip -n $ns1 addr add 2001:db8:1::1/64 dev veth12 nodad
35    ip -n $ns2 addr add 2001:db8:1::2/64 dev veth21 nodad
36    ip -n $ns2 addr add 2001:db8:2::1/64 dev veth23 nodad
37    ip -n $ns3 addr add 2001:db8:2::2/64 dev veth32 nodad
38
39    # Bring up interfaces
40    ip -n $ns1 link set veth12 up
41    ip -n $ns2 link set veth21 up
42    ip -n $ns2 link set veth23 up
43    ip -n $ns3 link set veth32 up
44
45    # Add routes
46    ip -n $ns1 route add 2001:db8:2::/64 via 2001:db8:1::2
47    ip -n $ns3 route add 2001:db8:1::/64 via 2001:db8:2::1
48
49    # Disable global forwarding
50    ip netns exec $ns2 sysctl -qw net.ipv6.conf.all.forwarding=0
51}
52
53test_force_forwarding() {
54    local ret=0
55
56    echo "TEST: force_forwarding functionality"
57
58    # Check if force_forwarding sysctl exists
59    if ! ip netns exec $ns2 test -f /proc/sys/net/ipv6/conf/veth21/force_forwarding; then
60        echo "SKIP: force_forwarding not available"
61        return $ksft_skip
62    fi
63
64    # Test 1: Without force_forwarding, ping should fail
65    ip netns exec $ns2 sysctl -qw net.ipv6.conf.veth21.force_forwarding=0
66    ip netns exec $ns2 sysctl -qw net.ipv6.conf.veth23.force_forwarding=0
67
68    if ip netns exec $ns1 ping -6 -c 1 -W 2 2001:db8:2::2 &>/dev/null; then
69        echo "FAIL: ping succeeded when forwarding disabled"
70        ret=1
71    else
72        echo "PASS: forwarding disabled correctly"
73    fi
74
75    # Test 2: With force_forwarding enabled, ping should succeed
76    ip netns exec $ns2 sysctl -qw net.ipv6.conf.veth21.force_forwarding=1
77    ip netns exec $ns2 sysctl -qw net.ipv6.conf.veth23.force_forwarding=1
78
79    if ip netns exec $ns1 ping -6 -c 1 -W 2 2001:db8:2::2 &>/dev/null; then
80        echo "PASS: force_forwarding enabled forwarding"
81    else
82        echo "FAIL: ping failed with force_forwarding enabled"
83        ret=1
84    fi
85
86    return $ret
87}
88
89echo "IPv6 force_forwarding test"
90echo "=========================="
91
92setup_test
93test_force_forwarding
94ret=$?
95
96if [ $ret -eq 0 ]; then
97    echo "OK"
98    exit 0
99elif [ $ret -eq $ksft_skip ]; then
100    echo "SKIP"
101    exit $ksft_skip
102else
103    echo "FAIL"
104    exit 1
105fi
106