1#!/bin/bash 2# SPDX-License-Identifier: GPL-2.0 3# Copyright (C) 2020-2025 OpenVPN, Inc. 4# 5# Author: Antonio Quartulli <antonio@openvpn.net> 6 7#set -x 8set -e 9 10source ./common.sh 11 12cleanup 13 14modprobe -q ovpn || true 15 16for p in $(seq 0 ${NUM_PEERS}); do 17 create_ns ${p} 18done 19 20for p in $(seq 0 ${NUM_PEERS}); do 21 setup_ns ${p} 5.5.5.$((${p} + 1))/24 ${MTU} 22done 23 24for p in $(seq 0 ${NUM_PEERS}); do 25 add_peer ${p} 26done 27 28for p in $(seq 1 ${NUM_PEERS}); do 29 ip netns exec peer0 ${OVPN_CLI} set_peer tun0 ${p} 60 120 30 ip netns exec peer${p} ${OVPN_CLI} set_peer tun${p} ${p} 60 120 31done 32 33sleep 1 34 35for p in $(seq 1 ${NUM_PEERS}); do 36 ip netns exec peer0 ping -qfc 500 -w 3 5.5.5.$((${p} + 1)) 37 ip netns exec peer0 ping -qfc 500 -s 3000 -w 3 5.5.5.$((${p} + 1)) 38done 39 40# ping LAN behind client 1 41ip netns exec peer0 ping -qfc 500 -w 3 ${LAN_IP} 42 43if [ "$FLOAT" == "1" ]; then 44 # make clients float.. 45 for p in $(seq 1 ${NUM_PEERS}); do 46 ip -n peer${p} addr del 10.10.${p}.2/24 dev veth${p} 47 ip -n peer${p} addr add 10.10.${p}.3/24 dev veth${p} 48 done 49 for p in $(seq 1 ${NUM_PEERS}); do 50 ip netns exec peer${p} ping -qfc 500 -w 3 5.5.5.1 51 done 52fi 53 54ip netns exec peer0 iperf3 -1 -s & 55sleep 1 56ip netns exec peer1 iperf3 -Z -t 3 -c 5.5.5.1 57 58echo "Adding secondary key and then swap:" 59for p in $(seq 1 ${NUM_PEERS}); do 60 ip netns exec peer0 ${OVPN_CLI} new_key tun0 ${p} 2 1 ${ALG} 0 data64.key 61 ip netns exec peer${p} ${OVPN_CLI} new_key tun${p} ${p} 2 1 ${ALG} 1 data64.key 62 ip netns exec peer${p} ${OVPN_CLI} swap_keys tun${p} ${p} 63done 64 65sleep 1 66 67echo "Querying all peers:" 68ip netns exec peer0 ${OVPN_CLI} get_peer tun0 69ip netns exec peer1 ${OVPN_CLI} get_peer tun1 70 71echo "Querying peer 1:" 72ip netns exec peer0 ${OVPN_CLI} get_peer tun0 1 73 74echo "Querying non-existent peer 10:" 75ip netns exec peer0 ${OVPN_CLI} get_peer tun0 10 || true 76 77echo "Deleting peer 1:" 78ip netns exec peer0 ${OVPN_CLI} del_peer tun0 1 79ip netns exec peer1 ${OVPN_CLI} del_peer tun1 1 80 81echo "Querying keys:" 82for p in $(seq 2 ${NUM_PEERS}); do 83 ip netns exec peer${p} ${OVPN_CLI} get_key tun${p} ${p} 1 84 ip netns exec peer${p} ${OVPN_CLI} get_key tun${p} ${p} 2 85done 86 87echo "Deleting peer while sending traffic:" 88(ip netns exec peer2 ping -qf -w 4 5.5.5.1)& 89sleep 2 90ip netns exec peer0 ${OVPN_CLI} del_peer tun0 2 91# following command fails in TCP mode 92# (both ends get conn reset when one peer disconnects) 93ip netns exec peer2 ${OVPN_CLI} del_peer tun2 2 || true 94 95echo "Deleting keys:" 96for p in $(seq 3 ${NUM_PEERS}); do 97 ip netns exec peer${p} ${OVPN_CLI} del_key tun${p} ${p} 1 98 ip netns exec peer${p} ${OVPN_CLI} del_key tun${p} ${p} 2 99done 100 101echo "Setting timeout to 3s MP:" 102for p in $(seq 3 ${NUM_PEERS}); do 103 ip netns exec peer0 ${OVPN_CLI} set_peer tun0 ${p} 3 3 || true 104 ip netns exec peer${p} ${OVPN_CLI} set_peer tun${p} ${p} 0 0 105done 106# wait for peers to timeout 107sleep 5 108 109echo "Setting timeout to 3s P2P:" 110for p in $(seq 3 ${NUM_PEERS}); do 111 ip netns exec peer${p} ${OVPN_CLI} set_peer tun${p} ${p} 3 3 112done 113sleep 5 114 115cleanup 116 117modprobe -r ovpn || true 118