1#!/bin/bash 2# SPDX-License-Identifier: GPL-2.0 3# Copyright (C) 2020-2025 OpenVPN, Inc. 4# 5# Author: Antonio Quartulli <antonio@openvpn.net> 6 7#set -x 8set -e 9 10source ./common.sh 11 12cleanup 13 14modprobe -q ovpn || true 15 16for p in $(seq 0 ${NUM_PEERS}); do 17 create_ns ${p} 18done 19 20for p in $(seq 0 ${NUM_PEERS}); do 21 setup_ns ${p} 5.5.5.$((${p} + 1))/24 22done 23 24for p in $(seq 0 ${NUM_PEERS}); do 25 add_peer ${p} 26done 27 28for p in $(seq 1 ${NUM_PEERS}); do 29 ip netns exec peer0 ${OVPN_CLI} set_peer tun0 ${p} 60 120 30 ip netns exec peer${p} ${OVPN_CLI} set_peer tun${p} ${p} 60 120 31done 32 33sleep 1 34 35for p in $(seq 1 ${NUM_PEERS}); do 36 ip netns exec peer0 ping -qfc 500 -w 3 5.5.5.$((${p} + 1)) 37done 38 39if [ "$FLOAT" == "1" ]; then 40 # make clients float.. 41 for p in $(seq 1 ${NUM_PEERS}); do 42 ip -n peer${p} addr del 10.10.${p}.2/24 dev veth${p} 43 ip -n peer${p} addr add 10.10.${p}.3/24 dev veth${p} 44 done 45 for p in $(seq 1 ${NUM_PEERS}); do 46 ip netns exec peer${p} ping -qfc 500 -w 3 5.5.5.1 47 done 48fi 49 50ip netns exec peer0 iperf3 -1 -s & 51sleep 1 52ip netns exec peer1 iperf3 -Z -t 3 -c 5.5.5.1 53 54echo "Adding secondary key and then swap:" 55for p in $(seq 1 ${NUM_PEERS}); do 56 ip netns exec peer0 ${OVPN_CLI} new_key tun0 ${p} 2 1 ${ALG} 0 data64.key 57 ip netns exec peer${p} ${OVPN_CLI} new_key tun${p} ${p} 2 1 ${ALG} 1 data64.key 58 ip netns exec peer${p} ${OVPN_CLI} swap_keys tun${p} ${p} 59done 60 61sleep 1 62 63echo "Querying all peers:" 64ip netns exec peer0 ${OVPN_CLI} get_peer tun0 65ip netns exec peer1 ${OVPN_CLI} get_peer tun1 66 67echo "Querying peer 1:" 68ip netns exec peer0 ${OVPN_CLI} get_peer tun0 1 69 70echo "Querying non-existent peer 10:" 71ip netns exec peer0 ${OVPN_CLI} get_peer tun0 10 || true 72 73echo "Deleting peer 1:" 74ip netns exec peer0 ${OVPN_CLI} del_peer tun0 1 75ip netns exec peer1 ${OVPN_CLI} del_peer tun1 1 76 77echo "Querying keys:" 78for p in $(seq 2 ${NUM_PEERS}); do 79 ip netns exec peer${p} ${OVPN_CLI} get_key tun${p} ${p} 1 80 ip netns exec peer${p} ${OVPN_CLI} get_key tun${p} ${p} 2 81done 82 83echo "Deleting peer while sending traffic:" 84(ip netns exec peer2 ping -qf -w 4 5.5.5.1)& 85sleep 2 86ip netns exec peer0 ${OVPN_CLI} del_peer tun0 2 87# following command fails in TCP mode 88# (both ends get conn reset when one peer disconnects) 89ip netns exec peer2 ${OVPN_CLI} del_peer tun2 2 || true 90 91echo "Deleting keys:" 92for p in $(seq 3 ${NUM_PEERS}); do 93 ip netns exec peer${p} ${OVPN_CLI} del_key tun${p} ${p} 1 94 ip netns exec peer${p} ${OVPN_CLI} del_key tun${p} ${p} 2 95done 96 97echo "Setting timeout to 3s MP:" 98for p in $(seq 3 ${NUM_PEERS}); do 99 ip netns exec peer0 ${OVPN_CLI} set_peer tun0 ${p} 3 3 || true 100 ip netns exec peer${p} ${OVPN_CLI} set_peer tun${p} ${p} 0 0 101done 102# wait for peers to timeout 103sleep 5 104 105echo "Setting timeout to 3s P2P:" 106for p in $(seq 3 ${NUM_PEERS}); do 107 ip netns exec peer${p} ${OVPN_CLI} set_peer tun${p} ${p} 3 3 108done 109sleep 5 110 111cleanup 112 113modprobe -r ovpn || true 114