xref: /linux/tools/testing/selftests/net/test_vxlan_mdb.sh (revision 4e73826089ce899357580bbf6e0afe4e6f9900b7)
1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0
3#
4# This test is for checking VXLAN MDB functionality. The topology consists of
5# two sets of namespaces: One for the testing of IPv4 underlay and another for
6# IPv6. In both cases, both IPv4 and IPv6 overlay traffic are tested.
7#
8# Data path functionality is tested by sending traffic from one of the upper
9# namespaces and checking using ingress tc filters that the expected traffic
10# was received by one of the lower namespaces.
11#
12# +------------------------------------+ +------------------------------------+
13# | ns1_v4                             | | ns1_v6                             |
14# |                                    | |                                    |
15# |    br0.10    br0.4000  br0.20      | |    br0.10    br0.4000  br0.20      |
16# |       +         +         +        | |       +         +         +        |
17# |       |         |         |        | |       |         |         |        |
18# |       |         |         |        | |       |         |         |        |
19# |       +---------+---------+        | |       +---------+---------+        |
20# |                 |                  | |                 |                  |
21# |                 |                  | |                 |                  |
22# |                 +                  | |                 +                  |
23# |                br0                 | |                br0                 |
24# |                 +                  | |                 +                  |
25# |                 |                  | |                 |                  |
26# |                 |                  | |                 |                  |
27# |                 +                  | |                 +                  |
28# |                vx0                 | |                vx0                 |
29# |                                    | |                                    |
30# |                                    | |                                    |
31# |               veth0                | |               veth0                |
32# |                 +                  | |                 +                  |
33# +-----------------|------------------+ +-----------------|------------------+
34#                   |                                      |
35# +-----------------|------------------+ +-----------------|------------------+
36# |                 +                  | |                 +                  |
37# |               veth0                | |               veth0                |
38# |                                    | |                                    |
39# |                                    | |                                    |
40# |                vx0                 | |                vx0                 |
41# |                 +                  | |                 +                  |
42# |                 |                  | |                 |                  |
43# |                 |                  | |                 |                  |
44# |                 +                  | |                 +                  |
45# |                br0                 | |                br0                 |
46# |                 +                  | |                 +                  |
47# |                 |                  | |                 |                  |
48# |                 |                  | |                 |                  |
49# |       +---------+---------+        | |       +---------+---------+        |
50# |       |         |         |        | |       |         |         |        |
51# |       |         |         |        | |       |         |         |        |
52# |       +         +         +        | |       +         +         +        |
53# |    br0.10    br0.4000  br0.10      | |    br0.10    br0.4000  br0.20      |
54# |                                    | |                                    |
55# | ns2_v4                             | | ns2_v6                             |
56# +------------------------------------+ +------------------------------------+
57
58source lib.sh
59ret=0
60
61CONTROL_PATH_TESTS="
62	basic_star_g_ipv4_ipv4
63	basic_star_g_ipv6_ipv4
64	basic_star_g_ipv4_ipv6
65	basic_star_g_ipv6_ipv6
66	basic_sg_ipv4_ipv4
67	basic_sg_ipv6_ipv4
68	basic_sg_ipv4_ipv6
69	basic_sg_ipv6_ipv6
70	star_g_ipv4_ipv4
71	star_g_ipv6_ipv4
72	star_g_ipv4_ipv6
73	star_g_ipv6_ipv6
74	sg_ipv4_ipv4
75	sg_ipv6_ipv4
76	sg_ipv4_ipv6
77	sg_ipv6_ipv6
78	dump_ipv4_ipv4
79	dump_ipv6_ipv4
80	dump_ipv4_ipv6
81	dump_ipv6_ipv6
82	flush
83"
84
85DATA_PATH_TESTS="
86	encap_params_ipv4_ipv4
87	encap_params_ipv6_ipv4
88	encap_params_ipv4_ipv6
89	encap_params_ipv6_ipv6
90	starg_exclude_ir_ipv4_ipv4
91	starg_exclude_ir_ipv6_ipv4
92	starg_exclude_ir_ipv4_ipv6
93	starg_exclude_ir_ipv6_ipv6
94	starg_include_ir_ipv4_ipv4
95	starg_include_ir_ipv6_ipv4
96	starg_include_ir_ipv4_ipv6
97	starg_include_ir_ipv6_ipv6
98	starg_exclude_p2mp_ipv4_ipv4
99	starg_exclude_p2mp_ipv6_ipv4
100	starg_exclude_p2mp_ipv4_ipv6
101	starg_exclude_p2mp_ipv6_ipv6
102	starg_include_p2mp_ipv4_ipv4
103	starg_include_p2mp_ipv6_ipv4
104	starg_include_p2mp_ipv4_ipv6
105	starg_include_p2mp_ipv6_ipv6
106	egress_vni_translation_ipv4_ipv4
107	egress_vni_translation_ipv6_ipv4
108	egress_vni_translation_ipv4_ipv6
109	egress_vni_translation_ipv6_ipv6
110	all_zeros_mdb_ipv4
111	all_zeros_mdb_ipv6
112	mdb_fdb_ipv4_ipv4
113	mdb_fdb_ipv6_ipv4
114	mdb_fdb_ipv4_ipv6
115	mdb_fdb_ipv6_ipv6
116	mdb_torture_ipv4_ipv4
117	mdb_torture_ipv6_ipv4
118	mdb_torture_ipv4_ipv6
119	mdb_torture_ipv6_ipv6
120"
121
122# All tests in this script. Can be overridden with -t option.
123TESTS="
124	$CONTROL_PATH_TESTS
125	$DATA_PATH_TESTS
126"
127VERBOSE=0
128PAUSE_ON_FAIL=no
129PAUSE=no
130
131################################################################################
132# Utilities
133
134log_test()
135{
136	local rc=$1
137	local expected=$2
138	local msg="$3"
139
140	if [ ${rc} -eq ${expected} ]; then
141		printf "TEST: %-60s  [ OK ]\n" "${msg}"
142		nsuccess=$((nsuccess+1))
143	else
144		ret=1
145		nfail=$((nfail+1))
146		printf "TEST: %-60s  [FAIL]\n" "${msg}"
147		if [ "$VERBOSE" = "1" ]; then
148			echo "    rc=$rc, expected $expected"
149		fi
150
151		if [ "${PAUSE_ON_FAIL}" = "yes" ]; then
152		echo
153			echo "hit enter to continue, 'q' to quit"
154			read a
155			[ "$a" = "q" ] && exit 1
156		fi
157	fi
158
159	if [ "${PAUSE}" = "yes" ]; then
160		echo
161		echo "hit enter to continue, 'q' to quit"
162		read a
163		[ "$a" = "q" ] && exit 1
164	fi
165
166	[ "$VERBOSE" = "1" ] && echo
167}
168
169run_cmd()
170{
171	local cmd="$1"
172	local out
173	local stderr="2>/dev/null"
174
175	if [ "$VERBOSE" = "1" ]; then
176		printf "COMMAND: $cmd\n"
177		stderr=
178	fi
179
180	out=$(eval $cmd $stderr)
181	rc=$?
182	if [ "$VERBOSE" = "1" -a -n "$out" ]; then
183		echo "    $out"
184	fi
185
186	return $rc
187}
188
189tc_check_packets()
190{
191	local ns=$1; shift
192	local id=$1; shift
193	local handle=$1; shift
194	local count=$1; shift
195	local pkts
196
197	sleep 0.1
198	pkts=$(tc -n $ns -j -s filter show $id \
199		| jq ".[] | select(.options.handle == $handle) | \
200		.options.actions[0].stats.packets")
201	[[ $pkts == $count ]]
202}
203
204################################################################################
205# Setup
206
207setup_common_ns()
208{
209	local ns=$1; shift
210	local local_addr=$1; shift
211
212	ip netns exec $ns sysctl -qw net.ipv4.ip_forward=1
213	ip netns exec $ns sysctl -qw net.ipv4.fib_multipath_use_neigh=1
214	ip netns exec $ns sysctl -qw net.ipv4.conf.default.ignore_routes_with_linkdown=1
215	ip netns exec $ns sysctl -qw net.ipv6.conf.all.keep_addr_on_down=1
216	ip netns exec $ns sysctl -qw net.ipv6.conf.all.forwarding=1
217	ip netns exec $ns sysctl -qw net.ipv6.conf.default.forwarding=1
218	ip netns exec $ns sysctl -qw net.ipv6.conf.default.ignore_routes_with_linkdown=1
219	ip netns exec $ns sysctl -qw net.ipv6.conf.all.accept_dad=0
220	ip netns exec $ns sysctl -qw net.ipv6.conf.default.accept_dad=0
221
222	ip -n $ns link set dev lo up
223	ip -n $ns address add $local_addr dev lo
224
225	ip -n $ns link set dev veth0 up
226
227	ip -n $ns link add name br0 up type bridge vlan_filtering 1 \
228		vlan_default_pvid 0 mcast_snooping 0
229
230	ip -n $ns link add link br0 name br0.10 up type vlan id 10
231	bridge -n $ns vlan add vid 10 dev br0 self
232
233	ip -n $ns link add link br0 name br0.20 up type vlan id 20
234	bridge -n $ns vlan add vid 20 dev br0 self
235
236	ip -n $ns link add link br0 name br0.4000 up type vlan id 4000
237	bridge -n $ns vlan add vid 4000 dev br0 self
238
239	ip -n $ns link add name vx0 up master br0 type vxlan \
240		local $local_addr dstport 4789 external vnifilter
241	bridge -n $ns link set dev vx0 vlan_tunnel on
242
243	bridge -n $ns vlan add vid 10 dev vx0
244	bridge -n $ns vlan add vid 10 dev vx0 tunnel_info id 10010
245	bridge -n $ns vni add vni 10010 dev vx0
246
247	bridge -n $ns vlan add vid 20 dev vx0
248	bridge -n $ns vlan add vid 20 dev vx0 tunnel_info id 10020
249	bridge -n $ns vni add vni 10020 dev vx0
250
251	bridge -n $ns vlan add vid 4000 dev vx0 pvid
252	bridge -n $ns vlan add vid 4000 dev vx0 tunnel_info id 14000
253	bridge -n $ns vni add vni 14000 dev vx0
254}
255
256setup_common()
257{
258	local ns1=$1; shift
259	local ns2=$1; shift
260	local local_addr1=$1; shift
261	local local_addr2=$1; shift
262
263	ip link add name veth0 type veth peer name veth1
264	ip link set dev veth0 netns $ns1 name veth0
265	ip link set dev veth1 netns $ns2 name veth0
266
267	setup_common_ns $ns1 $local_addr1
268	setup_common_ns $ns2 $local_addr2
269}
270
271setup_v4()
272{
273	setup_ns ns1_v4 ns2_v4
274	setup_common $ns1_v4 $ns2_v4 192.0.2.1 192.0.2.2
275
276	ip -n $ns1_v4 address add 192.0.2.17/28 dev veth0
277	ip -n $ns2_v4 address add 192.0.2.18/28 dev veth0
278
279	ip -n $ns1_v4 route add default via 192.0.2.18
280	ip -n $ns2_v4 route add default via 192.0.2.17
281}
282
283cleanup_v4()
284{
285	cleanup_ns $ns2_v4 $ns1_v4
286}
287
288setup_v6()
289{
290	setup_ns ns1_v6 ns2_v6
291	setup_common $ns1_v6 $ns2_v6 2001:db8:1::1 2001:db8:1::2
292
293	ip -n $ns1_v6 address add 2001:db8:2::1/64 dev veth0 nodad
294	ip -n $ns2_v6 address add 2001:db8:2::2/64 dev veth0 nodad
295
296	ip -n $ns1_v6 route add default via 2001:db8:2::2
297	ip -n $ns2_v6 route add default via 2001:db8:2::1
298}
299
300cleanup_v6()
301{
302	cleanup_ns $ns2_v6 $ns1_v6
303}
304
305setup()
306{
307	set -e
308
309	setup_v4
310	setup_v6
311
312	sleep 5
313
314	set +e
315}
316
317cleanup()
318{
319	cleanup_v6 &> /dev/null
320	cleanup_v4 &> /dev/null
321}
322
323################################################################################
324# Tests - Control path
325
326basic_common()
327{
328	local ns1=$1; shift
329	local grp_key=$1; shift
330	local vtep_ip=$1; shift
331
332	# Test basic control path operations common to all MDB entry types.
333
334	# Basic add, replace and delete behavior.
335	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
336	log_test $? 0 "MDB entry addition"
337	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010"
338	log_test $? 0 "MDB entry presence after addition"
339
340	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
341	log_test $? 0 "MDB entry replacement"
342	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010"
343	log_test $? 0 "MDB entry presence after replacement"
344
345	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
346	log_test $? 0 "MDB entry deletion"
347	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010"
348	log_test $? 254 "MDB entry presence after deletion"
349
350	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
351	log_test $? 255 "Non-existent MDB entry deletion"
352
353	# Default protocol and replacement.
354	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
355	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \"proto static\""
356	log_test $? 0 "MDB entry default protocol"
357
358	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 $grp_key permanent proto 123 dst $vtep_ip src_vni 10010"
359	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \"proto 123\""
360	log_test $? 0 "MDB entry protocol replacement"
361
362	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
363
364	# Default destination port and replacement.
365	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
366	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \" dst_port \""
367	log_test $? 1 "MDB entry default destination port"
368
369	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 $grp_key permanent dst $vtep_ip dst_port 1234 src_vni 10010"
370	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \"dst_port 1234\""
371	log_test $? 0 "MDB entry destination port replacement"
372
373	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
374
375	# Default destination VNI and replacement.
376	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
377	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \" vni \""
378	log_test $? 1 "MDB entry default destination VNI"
379
380	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 $grp_key permanent dst $vtep_ip vni 1234 src_vni 10010"
381	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \"vni 1234\""
382	log_test $? 0 "MDB entry destination VNI replacement"
383
384	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
385
386	# Default outgoing interface and replacement.
387	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
388	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \" via \""
389	log_test $? 1 "MDB entry default outgoing interface"
390
391	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010 via veth0"
392	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \"via veth0\""
393	log_test $? 0 "MDB entry outgoing interface replacement"
394
395	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
396
397	# Common error cases.
398	run_cmd "bridge -n $ns1 mdb add dev vx0 port veth0 $grp_key permanent dst $vtep_ip src_vni 10010"
399	log_test $? 255 "MDB entry with mismatch between device and port"
400
401	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key temp dst $vtep_ip src_vni 10010"
402	log_test $? 255 "MDB entry with temp state"
403
404	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent vid 10 dst $vtep_ip src_vni 10010"
405	log_test $? 255 "MDB entry with VLAN"
406
407	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp 01:02:03:04:05:06 permanent dst $vtep_ip src_vni 10010"
408	log_test $? 255 "MDB entry MAC address"
409
410	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent"
411	log_test $? 255 "MDB entry without extended parameters"
412
413	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent proto 3 dst $vtep_ip src_vni 10010"
414	log_test $? 255 "MDB entry with an invalid protocol"
415
416	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip vni $((2 ** 24)) src_vni 10010"
417	log_test $? 255 "MDB entry with an invalid destination VNI"
418
419	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni $((2 ** 24))"
420	log_test $? 255 "MDB entry with an invalid source VNI"
421
422	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent src_vni 10010"
423	log_test $? 255 "MDB entry without a remote destination IP"
424
425	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
426	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
427	log_test $? 255 "Duplicate MDB entries"
428	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
429}
430
431basic_star_g_ipv4_ipv4()
432{
433	local ns1=$ns1_v4
434	local grp_key="grp 239.1.1.1"
435	local vtep_ip=198.51.100.100
436
437	echo
438	echo "Control path: Basic (*, G) operations - IPv4 overlay / IPv4 underlay"
439	echo "--------------------------------------------------------------------"
440
441	basic_common $ns1 "$grp_key" $vtep_ip
442}
443
444basic_star_g_ipv6_ipv4()
445{
446	local ns1=$ns1_v4
447	local grp_key="grp ff0e::1"
448	local vtep_ip=198.51.100.100
449
450	echo
451	echo "Control path: Basic (*, G) operations - IPv6 overlay / IPv4 underlay"
452	echo "--------------------------------------------------------------------"
453
454	basic_common $ns1 "$grp_key" $vtep_ip
455}
456
457basic_star_g_ipv4_ipv6()
458{
459	local ns1=$ns1_v6
460	local grp_key="grp 239.1.1.1"
461	local vtep_ip=2001:db8:1000::1
462
463	echo
464	echo "Control path: Basic (*, G) operations - IPv4 overlay / IPv6 underlay"
465	echo "--------------------------------------------------------------------"
466
467	basic_common $ns1 "$grp_key" $vtep_ip
468}
469
470basic_star_g_ipv6_ipv6()
471{
472	local ns1=$ns1_v6
473	local grp_key="grp ff0e::1"
474	local vtep_ip=2001:db8:1000::1
475
476	echo
477	echo "Control path: Basic (*, G) operations - IPv6 overlay / IPv6 underlay"
478	echo "--------------------------------------------------------------------"
479
480	basic_common $ns1 "$grp_key" $vtep_ip
481}
482
483basic_sg_ipv4_ipv4()
484{
485	local ns1=$ns1_v4
486	local grp_key="grp 239.1.1.1 src 192.0.2.129"
487	local vtep_ip=198.51.100.100
488
489	echo
490	echo "Control path: Basic (S, G) operations - IPv4 overlay / IPv4 underlay"
491	echo "--------------------------------------------------------------------"
492
493	basic_common $ns1 "$grp_key" $vtep_ip
494}
495
496basic_sg_ipv6_ipv4()
497{
498	local ns1=$ns1_v4
499	local grp_key="grp ff0e::1 src 2001:db8:100::1"
500	local vtep_ip=198.51.100.100
501
502	echo
503	echo "Control path: Basic (S, G) operations - IPv6 overlay / IPv4 underlay"
504	echo "---------------------------------------------------------------------"
505
506	basic_common $ns1 "$grp_key" $vtep_ip
507}
508
509basic_sg_ipv4_ipv6()
510{
511	local ns1=$ns1_v6
512	local grp_key="grp 239.1.1.1 src 192.0.2.129"
513	local vtep_ip=2001:db8:1000::1
514
515	echo
516	echo "Control path: Basic (S, G) operations - IPv4 overlay / IPv6 underlay"
517	echo "--------------------------------------------------------------------"
518
519	basic_common $ns1 "$grp_key" $vtep_ip
520}
521
522basic_sg_ipv6_ipv6()
523{
524	local ns1=$ns1_v6
525	local grp_key="grp ff0e::1 src 2001:db8:100::1"
526	local vtep_ip=2001:db8:1000::1
527
528	echo
529	echo "Control path: Basic (S, G) operations - IPv6 overlay / IPv6 underlay"
530	echo "--------------------------------------------------------------------"
531
532	basic_common $ns1 "$grp_key" $vtep_ip
533}
534
535star_g_common()
536{
537	local ns1=$1; shift
538	local grp=$1; shift
539	local src1=$1; shift
540	local src2=$1; shift
541	local src3=$1; shift
542	local vtep_ip=$1; shift
543	local all_zeros_grp=$1; shift
544
545	# Test control path operations specific to (*, G) entries.
546
547	# Basic add, replace and delete behavior.
548	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
549	log_test $? 0 "(*, G) MDB entry addition with source list"
550	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010"
551	log_test $? 0 "(*, G) MDB entry presence after addition"
552	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010"
553	log_test $? 0 "(S, G) MDB entry presence after addition"
554
555	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
556	log_test $? 0 "(*, G) MDB entry replacement with source list"
557	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010"
558	log_test $? 0 "(*, G) MDB entry presence after replacement"
559	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010"
560	log_test $? 0 "(S, G) MDB entry presence after replacement"
561
562	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
563	log_test $? 0 "(*, G) MDB entry deletion"
564	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010"
565	log_test $? 254 "(*, G) MDB entry presence after deletion"
566	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010"
567	log_test $? 254 "(S, G) MDB entry presence after deletion"
568
569	# Default filter mode and replacement.
570	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent dst $vtep_ip src_vni 10010"
571	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep exclude"
572	log_test $? 0 "(*, G) MDB entry default filter mode"
573
574	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode include source_list $src1 dst $vtep_ip src_vni 10010"
575	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep include"
576	log_test $? 0 "(*, G) MDB entry after replacing filter mode to \"include\""
577	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010"
578	log_test $? 0 "(S, G) MDB entry after replacing filter mode to \"include\""
579	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep blocked"
580	log_test $? 1 "\"blocked\" flag after replacing filter mode to \"include\""
581
582	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
583	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep exclude"
584	log_test $? 0 "(*, G) MDB entry after replacing filter mode to \"exclude\""
585	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grep grp $grp src $src1 src_vni 10010"
586	log_test $? 0 "(S, G) MDB entry after replacing filter mode to \"exclude\""
587	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep blocked"
588	log_test $? 0 "\"blocked\" flag after replacing filter mode to \"exclude\""
589
590	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
591
592	# Default source list and replacement.
593	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent dst $vtep_ip src_vni 10010"
594	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep source_list"
595	log_test $? 1 "(*, G) MDB entry default source list"
596
597	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1,$src2,$src3 dst $vtep_ip src_vni 10010"
598	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010"
599	log_test $? 0 "(S, G) MDB entry of 1st source after replacing source list"
600	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src2 src_vni 10010"
601	log_test $? 0 "(S, G) MDB entry of 2nd source after replacing source list"
602	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src3 src_vni 10010"
603	log_test $? 0 "(S, G) MDB entry of 3rd source after replacing source list"
604
605	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1,$src3 dst $vtep_ip src_vni 10010"
606	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010"
607	log_test $? 0 "(S, G) MDB entry of 1st source after removing source"
608	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src2 src_vni 10010"
609	log_test $? 254 "(S, G) MDB entry of 2nd source after removing source"
610	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src3 src_vni 10010"
611	log_test $? 0 "(S, G) MDB entry of 3rd source after removing source"
612
613	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
614
615	# Default protocol and replacement.
616	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
617	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \"proto static\""
618	log_test $? 0 "(*, G) MDB entry default protocol"
619	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \"proto static\""
620	log_test $? 0 "(S, G) MDB entry default protocol"
621
622	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 proto bgp dst $vtep_ip src_vni 10010"
623	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \"proto bgp\""
624	log_test $? 0 "(*, G) MDB entry protocol after replacement"
625	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \"proto bgp\""
626	log_test $? 0 "(S, G) MDB entry protocol after replacement"
627
628	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
629
630	# Default destination port and replacement.
631	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
632	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \" dst_port \""
633	log_test $? 1 "(*, G) MDB entry default destination port"
634	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \" dst_port \""
635	log_test $? 1 "(S, G) MDB entry default destination port"
636
637	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip dst_port 1234 src_vni 10010"
638	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \" dst_port 1234 \""
639	log_test $? 0 "(*, G) MDB entry destination port after replacement"
640	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \" dst_port 1234 \""
641	log_test $? 0 "(S, G) MDB entry destination port after replacement"
642
643	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
644
645	# Default destination VNI and replacement.
646	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
647	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \" vni \""
648	log_test $? 1 "(*, G) MDB entry default destination VNI"
649	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \" vni \""
650	log_test $? 1 "(S, G) MDB entry default destination VNI"
651
652	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip vni 1234 src_vni 10010"
653	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \" vni 1234 \""
654	log_test $? 0 "(*, G) MDB entry destination VNI after replacement"
655	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \" vni 1234 \""
656	log_test $? 0 "(S, G) MDB entry destination VNI after replacement"
657
658	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
659
660	# Default outgoing interface and replacement.
661	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
662	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \" via \""
663	log_test $? 1 "(*, G) MDB entry default outgoing interface"
664	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \" via \""
665	log_test $? 1 "(S, G) MDB entry default outgoing interface"
666
667	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010 via veth0"
668	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \" via veth0 \""
669	log_test $? 0 "(*, G) MDB entry outgoing interface after replacement"
670	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \" via veth0 \""
671	log_test $? 0 "(S, G) MDB entry outgoing interface after replacement"
672
673	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
674
675	# Error cases.
676	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $all_zeros_grp permanent filter_mode exclude dst $vtep_ip src_vni 10010"
677	log_test $? 255 "All-zeros group with filter mode"
678
679	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $all_zeros_grp permanent source_list $src1 dst $vtep_ip src_vni 10010"
680	log_test $? 255 "All-zeros group with source list"
681
682	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode include dst $vtep_ip src_vni 10010"
683	log_test $? 255 "(*, G) INCLUDE with an empty source list"
684
685	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $grp dst $vtep_ip src_vni 10010"
686	log_test $? 255 "Invalid source in source list"
687
688	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent source_list $src1 dst $vtep_ip src_vni 10010"
689	log_test $? 255 "Source list without filter mode"
690}
691
692star_g_ipv4_ipv4()
693{
694	local ns1=$ns1_v4
695	local grp=239.1.1.1
696	local src1=192.0.2.129
697	local src2=192.0.2.130
698	local src3=192.0.2.131
699	local vtep_ip=198.51.100.100
700	local all_zeros_grp=0.0.0.0
701
702	echo
703	echo "Control path: (*, G) operations - IPv4 overlay / IPv4 underlay"
704	echo "--------------------------------------------------------------"
705
706	star_g_common $ns1 $grp $src1 $src2 $src3 $vtep_ip $all_zeros_grp
707}
708
709star_g_ipv6_ipv4()
710{
711	local ns1=$ns1_v4
712	local grp=ff0e::1
713	local src1=2001:db8:100::1
714	local src2=2001:db8:100::2
715	local src3=2001:db8:100::3
716	local vtep_ip=198.51.100.100
717	local all_zeros_grp=::
718
719	echo
720	echo "Control path: (*, G) operations - IPv6 overlay / IPv4 underlay"
721	echo "--------------------------------------------------------------"
722
723	star_g_common $ns1 $grp $src1 $src2 $src3 $vtep_ip $all_zeros_grp
724}
725
726star_g_ipv4_ipv6()
727{
728	local ns1=$ns1_v6
729	local grp=239.1.1.1
730	local src1=192.0.2.129
731	local src2=192.0.2.130
732	local src3=192.0.2.131
733	local vtep_ip=2001:db8:1000::1
734	local all_zeros_grp=0.0.0.0
735
736	echo
737	echo "Control path: (*, G) operations - IPv4 overlay / IPv6 underlay"
738	echo "--------------------------------------------------------------"
739
740	star_g_common $ns1 $grp $src1 $src2 $src3 $vtep_ip $all_zeros_grp
741}
742
743star_g_ipv6_ipv6()
744{
745	local ns1=$ns1_v6
746	local grp=ff0e::1
747	local src1=2001:db8:100::1
748	local src2=2001:db8:100::2
749	local src3=2001:db8:100::3
750	local vtep_ip=2001:db8:1000::1
751	local all_zeros_grp=::
752
753	echo
754	echo "Control path: (*, G) operations - IPv6 overlay / IPv6 underlay"
755	echo "--------------------------------------------------------------"
756
757	star_g_common $ns1 $grp $src1 $src2 $src3 $vtep_ip $all_zeros_grp
758}
759
760sg_common()
761{
762	local ns1=$1; shift
763	local grp=$1; shift
764	local src=$1; shift
765	local vtep_ip=$1; shift
766	local all_zeros_grp=$1; shift
767
768	# Test control path operations specific to (S, G) entries.
769
770	# Default filter mode.
771	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp src $src permanent dst $vtep_ip src_vni 10010"
772	run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src src_vni 10010 | grep include"
773	log_test $? 0 "(S, G) MDB entry default filter mode"
774
775	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp src $src permanent dst $vtep_ip src_vni 10010"
776
777	# Error cases.
778	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp src $src permanent filter_mode include dst $vtep_ip src_vni 10010"
779	log_test $? 255 "(S, G) with filter mode"
780
781	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp src $src permanent source_list $src dst $vtep_ip src_vni 10010"
782	log_test $? 255 "(S, G) with source list"
783
784	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp src $grp permanent dst $vtep_ip src_vni 10010"
785	log_test $? 255 "(S, G) with an invalid source list"
786
787	run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $all_zeros_grp src $src permanent dst $vtep_ip src_vni 10010"
788	log_test $? 255 "All-zeros group with source"
789}
790
791sg_ipv4_ipv4()
792{
793	local ns1=$ns1_v4
794	local grp=239.1.1.1
795	local src=192.0.2.129
796	local vtep_ip=198.51.100.100
797	local all_zeros_grp=0.0.0.0
798
799	echo
800	echo "Control path: (S, G) operations - IPv4 overlay / IPv4 underlay"
801	echo "--------------------------------------------------------------"
802
803	sg_common $ns1 $grp $src $vtep_ip $all_zeros_grp
804}
805
806sg_ipv6_ipv4()
807{
808	local ns1=$ns1_v4
809	local grp=ff0e::1
810	local src=2001:db8:100::1
811	local vtep_ip=198.51.100.100
812	local all_zeros_grp=::
813
814	echo
815	echo "Control path: (S, G) operations - IPv6 overlay / IPv4 underlay"
816	echo "--------------------------------------------------------------"
817
818	sg_common $ns1 $grp $src $vtep_ip $all_zeros_grp
819}
820
821sg_ipv4_ipv6()
822{
823	local ns1=$ns1_v6
824	local grp=239.1.1.1
825	local src=192.0.2.129
826	local vtep_ip=2001:db8:1000::1
827	local all_zeros_grp=0.0.0.0
828
829	echo
830	echo "Control path: (S, G) operations - IPv4 overlay / IPv6 underlay"
831	echo "--------------------------------------------------------------"
832
833	sg_common $ns1 $grp $src $vtep_ip $all_zeros_grp
834}
835
836sg_ipv6_ipv6()
837{
838	local ns1=$ns1_v6
839	local grp=ff0e::1
840	local src=2001:db8:100::1
841	local vtep_ip=2001:db8:1000::1
842	local all_zeros_grp=::
843
844	echo
845	echo "Control path: (S, G) operations - IPv6 overlay / IPv6 underlay"
846	echo "--------------------------------------------------------------"
847
848	sg_common $ns1 $grp $src $vtep_ip $all_zeros_grp
849}
850
851ipv4_grps_get()
852{
853	local max_grps=$1; shift
854	local i
855
856	for i in $(seq 0 $((max_grps - 1))); do
857		echo "239.1.1.$i"
858	done
859}
860
861ipv6_grps_get()
862{
863	local max_grps=$1; shift
864	local i
865
866	for i in $(seq 0 $((max_grps - 1))); do
867		echo "ff0e::$(printf %x $i)"
868	done
869}
870
871dump_common()
872{
873	local ns1=$1; shift
874	local local_addr=$1; shift
875	local remote_prefix=$1; shift
876	local fn=$1; shift
877	local max_vxlan_devs=2
878	local max_remotes=64
879	local max_grps=256
880	local num_entries
881	local batch_file
882	local grp
883	local i j
884
885	# The kernel maintains various markers for the MDB dump. Add a test for
886	# large scale MDB dump to make sure that all the configured entries are
887	# dumped and that the markers are used correctly.
888
889	# Create net devices.
890	for i in $(seq 1 $max_vxlan_devs); do
891		ip -n $ns1 link add name vx-test${i} up type vxlan \
892			local $local_addr dstport 4789 external vnifilter
893	done
894
895	# Create batch file with MDB entries.
896	batch_file=$(mktemp)
897	for i in $(seq 1 $max_vxlan_devs); do
898		for j in $(seq 1 $max_remotes); do
899			for grp in $($fn $max_grps); do
900				echo "mdb add dev vx-test${i} port vx-test${i} grp $grp permanent dst ${remote_prefix}${j}" >> $batch_file
901			done
902		done
903	done
904
905	# Program the batch file and check for expected number of entries.
906	bridge -n $ns1 -b $batch_file
907	for i in $(seq 1 $max_vxlan_devs); do
908		num_entries=$(bridge -n $ns1 mdb show dev vx-test${i} | grep "permanent" | wc -l)
909		[[ $num_entries -eq $((max_grps * max_remotes)) ]]
910		log_test $? 0 "Large scale dump - VXLAN device #$i"
911	done
912
913	rm -rf $batch_file
914}
915
916dump_ipv4_ipv4()
917{
918	local ns1=$ns1_v4
919	local local_addr=192.0.2.1
920	local remote_prefix=198.51.100.
921	local fn=ipv4_grps_get
922
923	echo
924	echo "Control path: Large scale MDB dump - IPv4 overlay / IPv4 underlay"
925	echo "-----------------------------------------------------------------"
926
927	dump_common $ns1 $local_addr $remote_prefix $fn
928}
929
930dump_ipv6_ipv4()
931{
932	local ns1=$ns1_v4
933	local local_addr=192.0.2.1
934	local remote_prefix=198.51.100.
935	local fn=ipv6_grps_get
936
937	echo
938	echo "Control path: Large scale MDB dump - IPv6 overlay / IPv4 underlay"
939	echo "-----------------------------------------------------------------"
940
941	dump_common $ns1 $local_addr $remote_prefix $fn
942}
943
944dump_ipv4_ipv6()
945{
946	local ns1=$ns1_v6
947	local local_addr=2001:db8:1::1
948	local remote_prefix=2001:db8:1000::
949	local fn=ipv4_grps_get
950
951	echo
952	echo "Control path: Large scale MDB dump - IPv4 overlay / IPv6 underlay"
953	echo "-----------------------------------------------------------------"
954
955	dump_common $ns1 $local_addr $remote_prefix $fn
956}
957
958dump_ipv6_ipv6()
959{
960	local ns1=$ns1_v6
961	local local_addr=2001:db8:1::1
962	local remote_prefix=2001:db8:1000::
963	local fn=ipv6_grps_get
964
965	echo
966	echo "Control path: Large scale MDB dump - IPv6 overlay / IPv6 underlay"
967	echo "-----------------------------------------------------------------"
968
969	dump_common $ns1 $local_addr $remote_prefix $fn
970}
971
972flush()
973{
974	local num_entries
975
976	echo
977	echo "Control path: Flush"
978	echo "-------------------"
979
980	# Add entries with different attributes and check that they are all
981	# flushed when the flush command is given with no parameters.
982
983	# Different source VNI.
984	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10010"
985	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.2 permanent dst 198.51.100.1 src_vni 10011"
986
987	# Different routing protocol.
988	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.3 permanent proto bgp dst 198.51.100.1 src_vni 10010"
989	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.4 permanent proto zebra dst 198.51.100.1 src_vni 10010"
990
991	# Different destination IP.
992	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.5 permanent dst 198.51.100.1 src_vni 10010"
993	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.6 permanent dst 198.51.100.2 src_vni 10010"
994
995	# Different destination port.
996	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.7 permanent dst 198.51.100.1 dst_port 11111 src_vni 10010"
997	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.8 permanent dst 198.51.100.1 dst_port 22222 src_vni 10010"
998
999	# Different VNI.
1000	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.9 permanent dst 198.51.100.1 vni 10010 src_vni 10010"
1001	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.10 permanent dst 198.51.100.1 vni 10020 src_vni 10010"
1002
1003	run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
1004	num_entries=$(bridge -n $ns1_v4 mdb show dev vx0 | wc -l)
1005	[[ $num_entries -eq 0 ]]
1006	log_test $? 0 "Flush all"
1007
1008	# Check that entries are flushed when port is specified as the VXLAN
1009	# device and that an error is returned when port is specified as a
1010	# different net device.
1011
1012	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10010"
1013	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.2 src_vni 10010"
1014
1015	run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 port vx0"
1016	run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010"
1017	log_test $? 254 "Flush by port"
1018
1019	run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 port veth0"
1020	log_test $? 255 "Flush by wrong port"
1021
1022	# Check that when flushing by source VNI only entries programmed with
1023	# the specified source VNI are flushed and the rest are not.
1024
1025	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10010"
1026	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.2 src_vni 10010"
1027	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10011"
1028	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.2 src_vni 10011"
1029
1030	run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 src_vni 10010"
1031
1032	run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010"
1033	log_test $? 254 "Flush by specified source VNI"
1034	run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10011"
1035	log_test $? 0 "Flush by unspecified source VNI"
1036
1037	run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
1038
1039	# Check that all entries are flushed when "permanent" is specified and
1040	# that an error is returned when "nopermanent" is specified.
1041
1042	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10010"
1043	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.2 src_vni 10010"
1044
1045	run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 permanent"
1046	run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010"
1047	log_test $? 254 "Flush by \"permanent\" state"
1048
1049	run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 nopermanent"
1050	log_test $? 255 "Flush by \"nopermanent\" state"
1051
1052	# Check that when flushing by routing protocol only entries programmed
1053	# with the specified routing protocol are flushed and the rest are not.
1054
1055	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent proto bgp dst 198.51.100.1 src_vni 10010"
1056	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent proto zebra dst 198.51.100.2 src_vni 10010"
1057
1058	run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 proto bgp"
1059
1060	run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep \"proto bgp\""
1061	log_test $? 1 "Flush by specified routing protocol"
1062	run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep \"proto zebra\""
1063	log_test $? 0 "Flush by unspecified routing protocol"
1064
1065	run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
1066
1067	# Check that when flushing by destination IP only entries programmed
1068	# with the specified destination IP are flushed and the rest are not.
1069
1070	# IPv4.
1071
1072	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10010"
1073	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.2 src_vni 10010"
1074
1075	run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 dst 198.51.100.2"
1076
1077	run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 198.51.100.2"
1078	log_test $? 1 "Flush by specified destination IP - IPv4"
1079	run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 198.51.100.1"
1080	log_test $? 0 "Flush by unspecified destination IP - IPv4"
1081
1082	run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
1083
1084	# IPv6.
1085
1086	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 2001:db8:1000::1 src_vni 10010"
1087	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 2001:db8:1000::2 src_vni 10010"
1088
1089	run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 dst 2001:db8:1000::2"
1090
1091	run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 2001:db8:1000::2"
1092	log_test $? 1 "Flush by specified destination IP - IPv6"
1093	run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 2001:db8:1000::1"
1094	log_test $? 0 "Flush by unspecified destination IP - IPv6"
1095
1096	run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
1097
1098	# Check that when flushing by UDP destination port only entries
1099	# programmed with the specified port are flushed and the rest are not.
1100
1101	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst_port 11111 dst 198.51.100.1 src_vni 10010"
1102	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst_port 22222 dst 198.51.100.2 src_vni 10010"
1103
1104	run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 dst_port 11111"
1105
1106	run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep \"dst_port 11111\""
1107	log_test $? 1 "Flush by specified UDP destination port"
1108	run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep \"dst_port 22222\""
1109	log_test $? 0 "Flush by unspecified UDP destination port"
1110
1111	run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
1112
1113	# When not specifying a UDP destination port for an entry, traffic is
1114	# encapsulated with the device's UDP destination port. Check that when
1115	# flushing by the device's UDP destination port only entries programmed
1116	# with this port are flushed and the rest are not.
1117
1118	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10010"
1119	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst_port 22222 dst 198.51.100.2 src_vni 10010"
1120
1121	run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 dst_port 4789"
1122
1123	run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 198.51.100.1"
1124	log_test $? 1 "Flush by device's UDP destination port"
1125	run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 198.51.100.2"
1126	log_test $? 0 "Flush by unspecified UDP destination port"
1127
1128	run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
1129
1130	# Check that when flushing by destination VNI only entries programmed
1131	# with the specified destination VNI are flushed and the rest are not.
1132
1133	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent vni 20010 dst 198.51.100.1 src_vni 10010"
1134	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent vni 20011 dst 198.51.100.2 src_vni 10010"
1135
1136	run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 vni 20010"
1137
1138	run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep \" vni 20010\""
1139	log_test $? 1 "Flush by specified destination VNI"
1140	run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep \" vni 20011\""
1141	log_test $? 0 "Flush by unspecified destination VNI"
1142
1143	run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
1144
1145	# When not specifying a destination VNI for an entry, traffic is
1146	# encapsulated with the source VNI. Check that when flushing by a
1147	# destination VNI that is equal to the source VNI only such entries are
1148	# flushed and the rest are not.
1149
1150	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10010"
1151	run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent vni 20010 dst 198.51.100.2 src_vni 10010"
1152
1153	run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 vni 10010"
1154
1155	run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 198.51.100.1"
1156	log_test $? 1 "Flush by destination VNI equal to source VNI"
1157	run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 198.51.100.2"
1158	log_test $? 0 "Flush by unspecified destination VNI"
1159
1160	run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
1161
1162	# Test that an error is returned when trying to flush using VLAN ID.
1163
1164	run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 vid 10"
1165	log_test $? 255 "Flush by VLAN ID"
1166}
1167
1168################################################################################
1169# Tests - Data path
1170
1171encap_params_common()
1172{
1173	local ns1=$1; shift
1174	local ns2=$1; shift
1175	local vtep1_ip=$1; shift
1176	local vtep2_ip=$1; shift
1177	local plen=$1; shift
1178	local enc_ethtype=$1; shift
1179	local grp=$1; shift
1180	local src=$1; shift
1181	local mz=$1; shift
1182
1183	# Test that packets forwarded by the VXLAN MDB are encapsulated with
1184	# the correct parameters. Transmit packets from the first namespace and
1185	# check that they hit the corresponding filters on the ingress of the
1186	# second namespace.
1187
1188	run_cmd "tc -n $ns2 qdisc replace dev veth0 clsact"
1189	run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
1190	run_cmd "ip -n $ns2 address replace $vtep1_ip/$plen dev lo"
1191	run_cmd "ip -n $ns2 address replace $vtep2_ip/$plen dev lo"
1192
1193	# Check destination IP.
1194	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip src_vni 10010"
1195	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep2_ip src_vni 10020"
1196
1197	run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $vtep1_ip action pass"
1198	run_cmd "ip netns exec $ns1 $mz br0.10 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1199	tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1200	log_test $? 0 "Destination IP - match"
1201
1202	run_cmd "ip netns exec $ns1 $mz br0.20 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1203	tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1204	log_test $? 0 "Destination IP - no match"
1205
1206	run_cmd "tc -n $ns2 filter del dev vx0 ingress pref 1 handle 101 flower"
1207	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep2_ip src_vni 10020"
1208	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10010"
1209
1210	# Check destination port.
1211	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip src_vni 10010"
1212	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip dst_port 1111 src_vni 10020"
1213
1214	run_cmd "tc -n $ns2 filter replace dev veth0 ingress pref 1 handle 101 proto $enc_ethtype flower ip_proto udp dst_port 4789 action pass"
1215	run_cmd "ip netns exec $ns1 $mz br0.10 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1216	tc_check_packets "$ns2" "dev veth0 ingress" 101 1
1217	log_test $? 0 "Default destination port - match"
1218
1219	run_cmd "ip netns exec $ns1 $mz br0.20 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1220	tc_check_packets "$ns2" "dev veth0 ingress" 101 1
1221	log_test $? 0 "Default destination port - no match"
1222
1223	run_cmd "tc -n $ns2 filter replace dev veth0 ingress pref 1 handle 101 proto $enc_ethtype flower ip_proto udp dst_port 1111 action pass"
1224	run_cmd "ip netns exec $ns1 $mz br0.20 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1225	tc_check_packets "$ns2" "dev veth0 ingress" 101 1
1226	log_test $? 0 "Non-default destination port - match"
1227
1228	run_cmd "ip netns exec $ns1 $mz br0.10 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1229	tc_check_packets "$ns2" "dev veth0 ingress" 101 1
1230	log_test $? 0 "Non-default destination port - no match"
1231
1232	run_cmd "tc -n $ns2 filter del dev veth0 ingress pref 1 handle 101 flower"
1233	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10020"
1234	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10010"
1235
1236	# Check default VNI.
1237	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip src_vni 10010"
1238	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip src_vni 10020"
1239
1240	run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_key_id 10010 action pass"
1241	run_cmd "ip netns exec $ns1 $mz br0.10 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1242	tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1243	log_test $? 0 "Default destination VNI - match"
1244
1245	run_cmd "ip netns exec $ns1 $mz br0.20 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1246	tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1247	log_test $? 0 "Default destination VNI - no match"
1248
1249	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip vni 10020 src_vni 10010"
1250	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip vni 10010 src_vni 10020"
1251
1252	run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_key_id 10020 action pass"
1253	run_cmd "ip netns exec $ns1 $mz br0.10 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1254	tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1255	log_test $? 0 "Non-default destination VNI - match"
1256
1257	run_cmd "ip netns exec $ns1 $mz br0.20 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1258	tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1259	log_test $? 0 "Non-default destination VNI - no match"
1260
1261	run_cmd "tc -n $ns2 filter del dev vx0 ingress pref 1 handle 101 flower"
1262	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10020"
1263	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10010"
1264}
1265
1266encap_params_ipv4_ipv4()
1267{
1268	local ns1=$ns1_v4
1269	local ns2=$ns2_v4
1270	local vtep1_ip=198.51.100.100
1271	local vtep2_ip=198.51.100.200
1272	local plen=32
1273	local enc_ethtype="ip"
1274	local grp=239.1.1.1
1275	local src=192.0.2.129
1276
1277	echo
1278	echo "Data path: Encapsulation parameters - IPv4 overlay / IPv4 underlay"
1279	echo "------------------------------------------------------------------"
1280
1281	encap_params_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $enc_ethtype \
1282		$grp $src "mausezahn"
1283}
1284
1285encap_params_ipv6_ipv4()
1286{
1287	local ns1=$ns1_v4
1288	local ns2=$ns2_v4
1289	local vtep1_ip=198.51.100.100
1290	local vtep2_ip=198.51.100.200
1291	local plen=32
1292	local enc_ethtype="ip"
1293	local grp=ff0e::1
1294	local src=2001:db8:100::1
1295
1296	echo
1297	echo "Data path: Encapsulation parameters - IPv6 overlay / IPv4 underlay"
1298	echo "------------------------------------------------------------------"
1299
1300	encap_params_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $enc_ethtype \
1301		$grp $src "mausezahn -6"
1302}
1303
1304encap_params_ipv4_ipv6()
1305{
1306	local ns1=$ns1_v6
1307	local ns2=$ns2_v6
1308	local vtep1_ip=2001:db8:1000::1
1309	local vtep2_ip=2001:db8:2000::1
1310	local plen=128
1311	local enc_ethtype="ipv6"
1312	local grp=239.1.1.1
1313	local src=192.0.2.129
1314
1315	echo
1316	echo "Data path: Encapsulation parameters - IPv4 overlay / IPv6 underlay"
1317	echo "------------------------------------------------------------------"
1318
1319	encap_params_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $enc_ethtype \
1320		$grp $src "mausezahn"
1321}
1322
1323encap_params_ipv6_ipv6()
1324{
1325	local ns1=$ns1_v6
1326	local ns2=$ns2_v6
1327	local vtep1_ip=2001:db8:1000::1
1328	local vtep2_ip=2001:db8:2000::1
1329	local plen=128
1330	local enc_ethtype="ipv6"
1331	local grp=ff0e::1
1332	local src=2001:db8:100::1
1333
1334	echo
1335	echo "Data path: Encapsulation parameters - IPv6 overlay / IPv6 underlay"
1336	echo "------------------------------------------------------------------"
1337
1338	encap_params_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $enc_ethtype \
1339		$grp $src "mausezahn -6"
1340}
1341
1342starg_exclude_ir_common()
1343{
1344	local ns1=$1; shift
1345	local ns2=$1; shift
1346	local vtep1_ip=$1; shift
1347	local vtep2_ip=$1; shift
1348	local plen=$1; shift
1349	local grp=$1; shift
1350	local valid_src=$1; shift
1351	local invalid_src=$1; shift
1352	local mz=$1; shift
1353
1354	# Install a (*, G) EXCLUDE MDB entry with one source and two remote
1355	# VTEPs. Make sure that the source in the source list is not forwarded
1356	# and that a source not in the list is forwarded. Remove one of the
1357	# VTEPs from the entry and make sure that packets are only forwarded to
1358	# the remaining VTEP.
1359
1360	run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
1361	run_cmd "ip -n $ns2 address replace $vtep1_ip/$plen dev lo"
1362	run_cmd "ip -n $ns2 address replace $vtep2_ip/$plen dev lo"
1363
1364	run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $vtep1_ip action pass"
1365	run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 102 proto all flower enc_dst_ip $vtep2_ip action pass"
1366
1367	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $invalid_src dst $vtep1_ip src_vni 10010"
1368	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $invalid_src dst $vtep2_ip src_vni 10010"
1369
1370	# Check that invalid source is not forwarded to any VTEP.
1371	run_cmd "ip netns exec $ns1 $mz br0.10 -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1372	tc_check_packets "$ns2" "dev vx0 ingress" 101 0
1373	log_test $? 0 "Block excluded source - first VTEP"
1374	tc_check_packets "$ns2" "dev vx0 ingress" 102 0
1375	log_test $? 0 "Block excluded source - second VTEP"
1376
1377	# Check that valid source is forwarded to both VTEPs.
1378	run_cmd "ip netns exec $ns1 $mz br0.10 -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1379	tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1380	log_test $? 0 "Forward valid source - first VTEP"
1381	tc_check_packets "$ns2" "dev vx0 ingress" 102 1
1382	log_test $? 0 "Forward valid source - second VTEP"
1383
1384	# Remove second VTEP.
1385	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep2_ip src_vni 10010"
1386
1387	# Check that invalid source is not forwarded to any VTEP.
1388	run_cmd "ip netns exec $ns1 $mz br0.10 -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1389	tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1390	log_test $? 0 "Block excluded source after removal - first VTEP"
1391	tc_check_packets "$ns2" "dev vx0 ingress" 102 1
1392	log_test $? 0 "Block excluded source after removal - second VTEP"
1393
1394	# Check that valid source is forwarded to the remaining VTEP.
1395	run_cmd "ip netns exec $ns1 $mz br0.10 -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1396	tc_check_packets "$ns2" "dev vx0 ingress" 101 2
1397	log_test $? 0 "Forward valid source after removal - first VTEP"
1398	tc_check_packets "$ns2" "dev vx0 ingress" 102 1
1399	log_test $? 0 "Forward valid source after removal - second VTEP"
1400}
1401
1402starg_exclude_ir_ipv4_ipv4()
1403{
1404	local ns1=$ns1_v4
1405	local ns2=$ns2_v4
1406	local vtep1_ip=198.51.100.100
1407	local vtep2_ip=198.51.100.200
1408	local plen=32
1409	local grp=239.1.1.1
1410	local valid_src=192.0.2.129
1411	local invalid_src=192.0.2.145
1412
1413	echo
1414	echo "Data path: (*, G) EXCLUDE - IR - IPv4 overlay / IPv4 underlay"
1415	echo "-------------------------------------------------------------"
1416
1417	starg_exclude_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1418		$valid_src $invalid_src "mausezahn"
1419}
1420
1421starg_exclude_ir_ipv6_ipv4()
1422{
1423	local ns1=$ns1_v4
1424	local ns2=$ns2_v4
1425	local vtep1_ip=198.51.100.100
1426	local vtep2_ip=198.51.100.200
1427	local plen=32
1428	local grp=ff0e::1
1429	local valid_src=2001:db8:100::1
1430	local invalid_src=2001:db8:200::1
1431
1432	echo
1433	echo "Data path: (*, G) EXCLUDE - IR - IPv6 overlay / IPv4 underlay"
1434	echo "-------------------------------------------------------------"
1435
1436	starg_exclude_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1437		$valid_src $invalid_src "mausezahn -6"
1438}
1439
1440starg_exclude_ir_ipv4_ipv6()
1441{
1442	local ns1=$ns1_v6
1443	local ns2=$ns2_v6
1444	local vtep1_ip=2001:db8:1000::1
1445	local vtep2_ip=2001:db8:2000::1
1446	local plen=128
1447	local grp=239.1.1.1
1448	local valid_src=192.0.2.129
1449	local invalid_src=192.0.2.145
1450
1451	echo
1452	echo "Data path: (*, G) EXCLUDE - IR - IPv4 overlay / IPv6 underlay"
1453	echo "-------------------------------------------------------------"
1454
1455	starg_exclude_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1456		$valid_src $invalid_src "mausezahn"
1457}
1458
1459starg_exclude_ir_ipv6_ipv6()
1460{
1461	local ns1=$ns1_v6
1462	local ns2=$ns2_v6
1463	local vtep1_ip=2001:db8:1000::1
1464	local vtep2_ip=2001:db8:2000::1
1465	local plen=128
1466	local grp=ff0e::1
1467	local valid_src=2001:db8:100::1
1468	local invalid_src=2001:db8:200::1
1469
1470	echo
1471	echo "Data path: (*, G) EXCLUDE - IR - IPv6 overlay / IPv6 underlay"
1472	echo "-------------------------------------------------------------"
1473
1474	starg_exclude_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1475		$valid_src $invalid_src "mausezahn -6"
1476}
1477
1478starg_include_ir_common()
1479{
1480	local ns1=$1; shift
1481	local ns2=$1; shift
1482	local vtep1_ip=$1; shift
1483	local vtep2_ip=$1; shift
1484	local plen=$1; shift
1485	local grp=$1; shift
1486	local valid_src=$1; shift
1487	local invalid_src=$1; shift
1488	local mz=$1; shift
1489
1490	# Install a (*, G) INCLUDE MDB entry with one source and two remote
1491	# VTEPs. Make sure that the source in the source list is forwarded and
1492	# that a source not in the list is not forwarded. Remove one of the
1493	# VTEPs from the entry and make sure that packets are only forwarded to
1494	# the remaining VTEP.
1495
1496	run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
1497	run_cmd "ip -n $ns2 address replace $vtep1_ip/$plen dev lo"
1498	run_cmd "ip -n $ns2 address replace $vtep2_ip/$plen dev lo"
1499
1500	run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $vtep1_ip action pass"
1501	run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 102 proto all flower enc_dst_ip $vtep2_ip action pass"
1502
1503	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode include source_list $valid_src dst $vtep1_ip src_vni 10010"
1504	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode include source_list $valid_src dst $vtep2_ip src_vni 10010"
1505
1506	# Check that invalid source is not forwarded to any VTEP.
1507	run_cmd "ip netns exec $ns1 $mz br0.10 -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1508	tc_check_packets "$ns2" "dev vx0 ingress" 101 0
1509	log_test $? 0 "Block excluded source - first VTEP"
1510	tc_check_packets "$ns2" "dev vx0 ingress" 102 0
1511	log_test $? 0 "Block excluded source - second VTEP"
1512
1513	# Check that valid source is forwarded to both VTEPs.
1514	run_cmd "ip netns exec $ns1 $mz br0.10 -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1515	tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1516	log_test $? 0 "Forward valid source - first VTEP"
1517	tc_check_packets "$ns2" "dev vx0 ingress" 102 1
1518	log_test $? 0 "Forward valid source - second VTEP"
1519
1520	# Remove second VTEP.
1521	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep2_ip src_vni 10010"
1522
1523	# Check that invalid source is not forwarded to any VTEP.
1524	run_cmd "ip netns exec $ns1 $mz br0.10 -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1525	tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1526	log_test $? 0 "Block excluded source after removal - first VTEP"
1527	tc_check_packets "$ns2" "dev vx0 ingress" 102 1
1528	log_test $? 0 "Block excluded source after removal - second VTEP"
1529
1530	# Check that valid source is forwarded to the remaining VTEP.
1531	run_cmd "ip netns exec $ns1 $mz br0.10 -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1532	tc_check_packets "$ns2" "dev vx0 ingress" 101 2
1533	log_test $? 0 "Forward valid source after removal - first VTEP"
1534	tc_check_packets "$ns2" "dev vx0 ingress" 102 1
1535	log_test $? 0 "Forward valid source after removal - second VTEP"
1536}
1537
1538starg_include_ir_ipv4_ipv4()
1539{
1540	local ns1=$ns1_v4
1541	local ns2=$ns2_v4
1542	local vtep1_ip=198.51.100.100
1543	local vtep2_ip=198.51.100.200
1544	local plen=32
1545	local grp=239.1.1.1
1546	local valid_src=192.0.2.129
1547	local invalid_src=192.0.2.145
1548
1549	echo
1550	echo "Data path: (*, G) INCLUDE - IR - IPv4 overlay / IPv4 underlay"
1551	echo "-------------------------------------------------------------"
1552
1553	starg_include_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1554		$valid_src $invalid_src "mausezahn"
1555}
1556
1557starg_include_ir_ipv6_ipv4()
1558{
1559	local ns1=$ns1_v4
1560	local ns2=$ns2_v4
1561	local vtep1_ip=198.51.100.100
1562	local vtep2_ip=198.51.100.200
1563	local plen=32
1564	local grp=ff0e::1
1565	local valid_src=2001:db8:100::1
1566	local invalid_src=2001:db8:200::1
1567
1568	echo
1569	echo "Data path: (*, G) INCLUDE - IR - IPv6 overlay / IPv4 underlay"
1570	echo "-------------------------------------------------------------"
1571
1572	starg_include_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1573		$valid_src $invalid_src "mausezahn -6"
1574}
1575
1576starg_include_ir_ipv4_ipv6()
1577{
1578	local ns1=$ns1_v6
1579	local ns2=$ns2_v6
1580	local vtep1_ip=2001:db8:1000::1
1581	local vtep2_ip=2001:db8:2000::1
1582	local plen=128
1583	local grp=239.1.1.1
1584	local valid_src=192.0.2.129
1585	local invalid_src=192.0.2.145
1586
1587	echo
1588	echo "Data path: (*, G) INCLUDE - IR - IPv4 overlay / IPv6 underlay"
1589	echo "-------------------------------------------------------------"
1590
1591	starg_include_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1592		$valid_src $invalid_src "mausezahn"
1593}
1594
1595starg_include_ir_ipv6_ipv6()
1596{
1597	local ns1=$ns1_v6
1598	local ns2=$ns2_v6
1599	local vtep1_ip=2001:db8:1000::1
1600	local vtep2_ip=2001:db8:2000::1
1601	local plen=128
1602	local grp=ff0e::1
1603	local valid_src=2001:db8:100::1
1604	local invalid_src=2001:db8:200::1
1605
1606	echo
1607	echo "Data path: (*, G) INCLUDE - IR - IPv6 overlay / IPv6 underlay"
1608	echo "-------------------------------------------------------------"
1609
1610	starg_include_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1611		$valid_src $invalid_src "mausezahn -6"
1612}
1613
1614starg_exclude_p2mp_common()
1615{
1616	local ns1=$1; shift
1617	local ns2=$1; shift
1618	local mcast_grp=$1; shift
1619	local plen=$1; shift
1620	local grp=$1; shift
1621	local valid_src=$1; shift
1622	local invalid_src=$1; shift
1623	local mz=$1; shift
1624
1625	# Install a (*, G) EXCLUDE MDB entry with one source and one multicast
1626	# group to which packets are sent. Make sure that the source in the
1627	# source list is not forwarded and that a source not in the list is
1628	# forwarded.
1629
1630	run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
1631	run_cmd "ip -n $ns2 address replace $mcast_grp/$plen dev veth0 autojoin"
1632
1633	run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $mcast_grp action pass"
1634
1635	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $invalid_src dst $mcast_grp src_vni 10010 via veth0"
1636
1637	# Check that invalid source is not forwarded.
1638	run_cmd "ip netns exec $ns1 $mz br0.10 -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1639	tc_check_packets "$ns2" "dev vx0 ingress" 101 0
1640	log_test $? 0 "Block excluded source"
1641
1642	# Check that valid source is forwarded.
1643	run_cmd "ip netns exec $ns1 $mz br0.10 -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1644	tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1645	log_test $? 0 "Forward valid source"
1646
1647	# Remove the VTEP from the multicast group.
1648	run_cmd "ip -n $ns2 address del $mcast_grp/$plen dev veth0"
1649
1650	# Check that valid source is not received anymore.
1651	run_cmd "ip netns exec $ns1 $mz br0.10 -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1652	tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1653	log_test $? 0 "Receive of valid source after removal from group"
1654}
1655
1656starg_exclude_p2mp_ipv4_ipv4()
1657{
1658	local ns1=$ns1_v4
1659	local ns2=$ns2_v4
1660	local mcast_grp=238.1.1.1
1661	local plen=32
1662	local grp=239.1.1.1
1663	local valid_src=192.0.2.129
1664	local invalid_src=192.0.2.145
1665
1666	echo
1667	echo "Data path: (*, G) EXCLUDE - P2MP - IPv4 overlay / IPv4 underlay"
1668	echo "---------------------------------------------------------------"
1669
1670	starg_exclude_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp \
1671		$valid_src $invalid_src "mausezahn"
1672}
1673
1674starg_exclude_p2mp_ipv6_ipv4()
1675{
1676	local ns1=$ns1_v4
1677	local ns2=$ns2_v4
1678	local mcast_grp=238.1.1.1
1679	local plen=32
1680	local grp=ff0e::1
1681	local valid_src=2001:db8:100::1
1682	local invalid_src=2001:db8:200::1
1683
1684	echo
1685	echo "Data path: (*, G) EXCLUDE - P2MP - IPv6 overlay / IPv4 underlay"
1686	echo "---------------------------------------------------------------"
1687
1688	starg_exclude_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp \
1689		$valid_src $invalid_src "mausezahn -6"
1690}
1691
1692starg_exclude_p2mp_ipv4_ipv6()
1693{
1694	local ns1=$ns1_v6
1695	local ns2=$ns2_v6
1696	local mcast_grp=ff0e::2
1697	local plen=128
1698	local grp=239.1.1.1
1699	local valid_src=192.0.2.129
1700	local invalid_src=192.0.2.145
1701
1702	echo
1703	echo "Data path: (*, G) EXCLUDE - P2MP - IPv4 overlay / IPv6 underlay"
1704	echo "---------------------------------------------------------------"
1705
1706	starg_exclude_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp \
1707		$valid_src $invalid_src "mausezahn"
1708}
1709
1710starg_exclude_p2mp_ipv6_ipv6()
1711{
1712	local ns1=$ns1_v6
1713	local ns2=$ns2_v6
1714	local mcast_grp=ff0e::2
1715	local plen=128
1716	local grp=ff0e::1
1717	local valid_src=2001:db8:100::1
1718	local invalid_src=2001:db8:200::1
1719
1720	echo
1721	echo "Data path: (*, G) EXCLUDE - P2MP - IPv6 overlay / IPv6 underlay"
1722	echo "---------------------------------------------------------------"
1723
1724	starg_exclude_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp \
1725		$valid_src $invalid_src "mausezahn -6"
1726}
1727
1728starg_include_p2mp_common()
1729{
1730	local ns1=$1; shift
1731	local ns2=$1; shift
1732	local mcast_grp=$1; shift
1733	local plen=$1; shift
1734	local grp=$1; shift
1735	local valid_src=$1; shift
1736	local invalid_src=$1; shift
1737	local mz=$1; shift
1738
1739	# Install a (*, G) INCLUDE MDB entry with one source and one multicast
1740	# group to which packets are sent. Make sure that the source in the
1741	# source list is forwarded and that a source not in the list is not
1742	# forwarded.
1743
1744	run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
1745	run_cmd "ip -n $ns2 address replace $mcast_grp/$plen dev veth0 autojoin"
1746
1747	run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $mcast_grp action pass"
1748
1749	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode include source_list $valid_src dst $mcast_grp src_vni 10010 via veth0"
1750
1751	# Check that invalid source is not forwarded.
1752	run_cmd "ip netns exec $ns1 $mz br0.10 -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1753	tc_check_packets "$ns2" "dev vx0 ingress" 101 0
1754	log_test $? 0 "Block excluded source"
1755
1756	# Check that valid source is forwarded.
1757	run_cmd "ip netns exec $ns1 $mz br0.10 -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1758	tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1759	log_test $? 0 "Forward valid source"
1760
1761	# Remove the VTEP from the multicast group.
1762	run_cmd "ip -n $ns2 address del $mcast_grp/$plen dev veth0"
1763
1764	# Check that valid source is not received anymore.
1765	run_cmd "ip netns exec $ns1 $mz br0.10 -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1766	tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1767	log_test $? 0 "Receive of valid source after removal from group"
1768}
1769
1770starg_include_p2mp_ipv4_ipv4()
1771{
1772	local ns1=$ns1_v4
1773	local ns2=$ns2_v4
1774	local mcast_grp=238.1.1.1
1775	local plen=32
1776	local grp=239.1.1.1
1777	local valid_src=192.0.2.129
1778	local invalid_src=192.0.2.145
1779
1780	echo
1781	echo "Data path: (*, G) INCLUDE - P2MP - IPv4 overlay / IPv4 underlay"
1782	echo "---------------------------------------------------------------"
1783
1784	starg_include_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp \
1785		$valid_src $invalid_src "mausezahn"
1786}
1787
1788starg_include_p2mp_ipv6_ipv4()
1789{
1790	local ns1=$ns1_v4
1791	local ns2=$ns2_v4
1792	local mcast_grp=238.1.1.1
1793	local plen=32
1794	local grp=ff0e::1
1795	local valid_src=2001:db8:100::1
1796	local invalid_src=2001:db8:200::1
1797
1798	echo
1799	echo "Data path: (*, G) INCLUDE - P2MP - IPv6 overlay / IPv4 underlay"
1800	echo "---------------------------------------------------------------"
1801
1802	starg_include_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp \
1803		$valid_src $invalid_src "mausezahn -6"
1804}
1805
1806starg_include_p2mp_ipv4_ipv6()
1807{
1808	local ns1=$ns1_v6
1809	local ns2=$ns2_v6
1810	local mcast_grp=ff0e::2
1811	local plen=128
1812	local grp=239.1.1.1
1813	local valid_src=192.0.2.129
1814	local invalid_src=192.0.2.145
1815
1816	echo
1817	echo "Data path: (*, G) INCLUDE - P2MP - IPv4 overlay / IPv6 underlay"
1818	echo "---------------------------------------------------------------"
1819
1820	starg_include_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp \
1821		$valid_src $invalid_src "mausezahn"
1822}
1823
1824starg_include_p2mp_ipv6_ipv6()
1825{
1826	local ns1=$ns1_v6
1827	local ns2=$ns2_v6
1828	local mcast_grp=ff0e::2
1829	local plen=128
1830	local grp=ff0e::1
1831	local valid_src=2001:db8:100::1
1832	local invalid_src=2001:db8:200::1
1833
1834	echo
1835	echo "Data path: (*, G) INCLUDE - P2MP - IPv6 overlay / IPv6 underlay"
1836	echo "---------------------------------------------------------------"
1837
1838	starg_include_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp \
1839		$valid_src $invalid_src "mausezahn -6"
1840}
1841
1842egress_vni_translation_common()
1843{
1844	local ns1=$1; shift
1845	local ns2=$1; shift
1846	local mcast_grp=$1; shift
1847	local plen=$1; shift
1848	local proto=$1; shift
1849	local grp=$1; shift
1850	local src=$1; shift
1851	local mz=$1; shift
1852
1853	# When P2MP tunnels are used with optimized inter-subnet multicast
1854	# (OISM) [1], the ingress VTEP does not perform VNI translation and
1855	# uses the VNI of the source broadcast domain (BD). If the egress VTEP
1856	# is a member in the source BD, then no VNI translation is needed.
1857	# Otherwise, the egress VTEP needs to translate the VNI to the
1858	# supplementary broadcast domain (SBD) VNI, which is usually the L3VNI.
1859	#
1860	# In this test, remove the VTEP in the second namespace from VLAN 10
1861	# (VNI 10010) and make sure that a packet sent from this VLAN on the
1862	# first VTEP is received by the SVI corresponding to the L3VNI (14000 /
1863	# VLAN 4000) on the second VTEP.
1864	#
1865	# The second VTEP will be able to decapsulate the packet with VNI 10010
1866	# because this VNI is configured on its shared VXLAN device. Later,
1867	# when ingressing the bridge, the VNI to VLAN lookup will fail because
1868	# the VTEP is not a member in VLAN 10, which will cause the packet to
1869	# be tagged with VLAN 4000 since it is configured as PVID.
1870	#
1871	# [1] https://datatracker.ietf.org/doc/html/draft-ietf-bess-evpn-irb-mcast
1872
1873	run_cmd "tc -n $ns2 qdisc replace dev br0.4000 clsact"
1874	run_cmd "ip -n $ns2 address replace $mcast_grp/$plen dev veth0 autojoin"
1875	run_cmd "tc -n $ns2 filter replace dev br0.4000 ingress pref 1 handle 101 proto $proto flower src_ip $src dst_ip $grp action pass"
1876
1877	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp src $src permanent dst $mcast_grp src_vni 10010 via veth0"
1878
1879	# Remove the second VTEP from VLAN 10.
1880	run_cmd "bridge -n $ns2 vlan del vid 10 dev vx0"
1881
1882	# Make sure that packets sent from the first VTEP over VLAN 10 are
1883	# received by the SVI corresponding to the L3VNI (14000 / VLAN 4000) on
1884	# the second VTEP, since it is configured as PVID.
1885	run_cmd "ip netns exec $ns1 $mz br0.10 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1886	tc_check_packets "$ns2" "dev br0.4000 ingress" 101 1
1887	log_test $? 0 "Egress VNI translation - PVID configured"
1888
1889	# Remove PVID flag from VLAN 4000 on the second VTEP and make sure
1890	# packets are no longer received by the SVI interface.
1891	run_cmd "bridge -n $ns2 vlan add vid 4000 dev vx0"
1892	run_cmd "ip netns exec $ns1 $mz br0.10 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1893	tc_check_packets "$ns2" "dev br0.4000 ingress" 101 1
1894	log_test $? 0 "Egress VNI translation - no PVID configured"
1895
1896	# Reconfigure the PVID and make sure packets are received again.
1897	run_cmd "bridge -n $ns2 vlan add vid 4000 dev vx0 pvid"
1898	run_cmd "ip netns exec $ns1 $mz br0.10 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1899	tc_check_packets "$ns2" "dev br0.4000 ingress" 101 2
1900	log_test $? 0 "Egress VNI translation - PVID reconfigured"
1901}
1902
1903egress_vni_translation_ipv4_ipv4()
1904{
1905	local ns1=$ns1_v4
1906	local ns2=$ns2_v4
1907	local mcast_grp=238.1.1.1
1908	local plen=32
1909	local proto="ipv4"
1910	local grp=239.1.1.1
1911	local src=192.0.2.129
1912
1913	echo
1914	echo "Data path: Egress VNI translation - IPv4 overlay / IPv4 underlay"
1915	echo "----------------------------------------------------------------"
1916
1917	egress_vni_translation_common $ns1 $ns2 $mcast_grp $plen $proto $grp \
1918		$src "mausezahn"
1919}
1920
1921egress_vni_translation_ipv6_ipv4()
1922{
1923	local ns1=$ns1_v4
1924	local ns2=$ns2_v4
1925	local mcast_grp=238.1.1.1
1926	local plen=32
1927	local proto="ipv6"
1928	local grp=ff0e::1
1929	local src=2001:db8:100::1
1930
1931	echo
1932	echo "Data path: Egress VNI translation - IPv6 overlay / IPv4 underlay"
1933	echo "----------------------------------------------------------------"
1934
1935	egress_vni_translation_common $ns1 $ns2 $mcast_grp $plen $proto $grp \
1936		$src "mausezahn -6"
1937}
1938
1939egress_vni_translation_ipv4_ipv6()
1940{
1941	local ns1=$ns1_v6
1942	local ns2=$ns2_v6
1943	local mcast_grp=ff0e::2
1944	local plen=128
1945	local proto="ipv4"
1946	local grp=239.1.1.1
1947	local src=192.0.2.129
1948
1949	echo
1950	echo "Data path: Egress VNI translation - IPv4 overlay / IPv6 underlay"
1951	echo "----------------------------------------------------------------"
1952
1953	egress_vni_translation_common $ns1 $ns2 $mcast_grp $plen $proto $grp \
1954		$src "mausezahn"
1955}
1956
1957egress_vni_translation_ipv6_ipv6()
1958{
1959	local ns1=$ns1_v6
1960	local ns2=$ns2_v6
1961	local mcast_grp=ff0e::2
1962	local plen=128
1963	local proto="ipv6"
1964	local grp=ff0e::1
1965	local src=2001:db8:100::1
1966
1967	echo
1968	echo "Data path: Egress VNI translation - IPv6 overlay / IPv6 underlay"
1969	echo "----------------------------------------------------------------"
1970
1971	egress_vni_translation_common $ns1 $ns2 $mcast_grp $plen $proto $grp \
1972		$src "mausezahn -6"
1973}
1974
1975all_zeros_mdb_common()
1976{
1977	local ns1=$1; shift
1978	local ns2=$1; shift
1979	local vtep1_ip=$1; shift
1980	local vtep2_ip=$1; shift
1981	local vtep3_ip=$1; shift
1982	local vtep4_ip=$1; shift
1983	local plen=$1; shift
1984	local ipv4_grp=239.1.1.1
1985	local ipv4_unreg_grp=239.2.2.2
1986	local ipv4_ll_grp=224.0.0.100
1987	local ipv4_src=192.0.2.129
1988	local ipv6_grp=ff0e::1
1989	local ipv6_unreg_grp=ff0e::2
1990	local ipv6_ll_grp=ff02::1
1991	local ipv6_src=2001:db8:100::1
1992
1993	# Install all-zeros (catchall) MDB entries for IPv4 and IPv6 traffic
1994	# and make sure they only forward unregistered IP multicast traffic
1995	# which is not link-local. Also make sure that each entry only forwards
1996	# traffic from the matching address family.
1997
1998	# Associate two different VTEPs with one all-zeros MDB entry: Two with
1999	# the IPv4 entry (0.0.0.0) and another two with the IPv6 one (::).
2000	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp 0.0.0.0 permanent dst $vtep1_ip src_vni 10010"
2001	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp 0.0.0.0 permanent dst $vtep2_ip src_vni 10010"
2002	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp :: permanent dst $vtep3_ip src_vni 10010"
2003	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp :: permanent dst $vtep4_ip src_vni 10010"
2004
2005	# Associate one VTEP from each set with a regular MDB entry: One with
2006	# an IPv4 entry and another with an IPv6 one.
2007	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $ipv4_grp permanent dst $vtep1_ip src_vni 10010"
2008	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $ipv6_grp permanent dst $vtep3_ip src_vni 10010"
2009
2010	# Add filters to match on decapsulated traffic in the second namespace.
2011	run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
2012	run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $vtep1_ip action pass"
2013	run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 102 proto all flower enc_dst_ip $vtep2_ip action pass"
2014	run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 103 proto all flower enc_dst_ip $vtep3_ip action pass"
2015	run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 104 proto all flower enc_dst_ip $vtep4_ip action pass"
2016
2017	# Configure the VTEP addresses in the second namespace to enable
2018	# decapsulation.
2019	run_cmd "ip -n $ns2 address replace $vtep1_ip/$plen dev lo"
2020	run_cmd "ip -n $ns2 address replace $vtep2_ip/$plen dev lo"
2021	run_cmd "ip -n $ns2 address replace $vtep3_ip/$plen dev lo"
2022	run_cmd "ip -n $ns2 address replace $vtep4_ip/$plen dev lo"
2023
2024	# Send registered IPv4 multicast and make sure it only arrives to the
2025	# first VTEP.
2026	run_cmd "ip netns exec $ns1 mausezahn br0.10 -A $ipv4_src -B $ipv4_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2027	tc_check_packets "$ns2" "dev vx0 ingress" 101 1
2028	log_test $? 0 "Registered IPv4 multicast - first VTEP"
2029	tc_check_packets "$ns2" "dev vx0 ingress" 102 0
2030	log_test $? 0 "Registered IPv4 multicast - second VTEP"
2031
2032	# Send unregistered IPv4 multicast that is not link-local and make sure
2033	# it arrives to the first and second VTEPs.
2034	run_cmd "ip netns exec $ns1 mausezahn br0.10 -A $ipv4_src -B $ipv4_unreg_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2035	tc_check_packets "$ns2" "dev vx0 ingress" 101 2
2036	log_test $? 0 "Unregistered IPv4 multicast - first VTEP"
2037	tc_check_packets "$ns2" "dev vx0 ingress" 102 1
2038	log_test $? 0 "Unregistered IPv4 multicast - second VTEP"
2039
2040	# Send IPv4 link-local multicast traffic and make sure it does not
2041	# arrive to any VTEP.
2042	run_cmd "ip netns exec $ns1 mausezahn br0.10 -A $ipv4_src -B $ipv4_ll_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2043	tc_check_packets "$ns2" "dev vx0 ingress" 101 2
2044	log_test $? 0 "Link-local IPv4 multicast - first VTEP"
2045	tc_check_packets "$ns2" "dev vx0 ingress" 102 1
2046	log_test $? 0 "Link-local IPv4 multicast - second VTEP"
2047
2048	# Send registered IPv4 multicast using a unicast MAC address and make
2049	# sure it does not arrive to any VTEP.
2050	run_cmd "ip netns exec $ns1 mausezahn br0.10 -a own -b 00:11:22:33:44:55 -A $ipv4_src -B $ipv4_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2051	tc_check_packets "$ns2" "dev vx0 ingress" 101 2
2052	log_test $? 0 "Registered IPv4 multicast with a unicast MAC - first VTEP"
2053	tc_check_packets "$ns2" "dev vx0 ingress" 102 1
2054	log_test $? 0 "Registered IPv4 multicast with a unicast MAC - second VTEP"
2055
2056	# Send registered IPv4 multicast using a broadcast MAC address and make
2057	# sure it does not arrive to any VTEP.
2058	run_cmd "ip netns exec $ns1 mausezahn br0.10 -a own -b bcast -A $ipv4_src -B $ipv4_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2059	tc_check_packets "$ns2" "dev vx0 ingress" 101 2
2060	log_test $? 0 "Registered IPv4 multicast with a broadcast MAC - first VTEP"
2061	tc_check_packets "$ns2" "dev vx0 ingress" 102 1
2062	log_test $? 0 "Registered IPv4 multicast with a broadcast MAC - second VTEP"
2063
2064	# Make sure IPv4 traffic did not reach the VTEPs associated with
2065	# IPv6 entries.
2066	tc_check_packets "$ns2" "dev vx0 ingress" 103 0
2067	log_test $? 0 "IPv4 traffic - third VTEP"
2068	tc_check_packets "$ns2" "dev vx0 ingress" 104 0
2069	log_test $? 0 "IPv4 traffic - fourth VTEP"
2070
2071	# Reset IPv4 filters before testing IPv6 traffic.
2072	run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $vtep1_ip action pass"
2073	run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 102 proto all flower enc_dst_ip $vtep2_ip action pass"
2074
2075	# Send registered IPv6 multicast and make sure it only arrives to the
2076	# third VTEP.
2077	run_cmd "ip netns exec $ns1 mausezahn -6 br0.10 -A $ipv6_src -B $ipv6_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2078	tc_check_packets "$ns2" "dev vx0 ingress" 103 1
2079	log_test $? 0 "Registered IPv6 multicast - third VTEP"
2080	tc_check_packets "$ns2" "dev vx0 ingress" 104 0
2081	log_test $? 0 "Registered IPv6 multicast - fourth VTEP"
2082
2083	# Send unregistered IPv6 multicast that is not link-local and make sure
2084	# it arrives to the third and fourth VTEPs.
2085	run_cmd "ip netns exec $ns1 mausezahn -6 br0.10 -A $ipv6_src -B $ipv6_unreg_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2086	tc_check_packets "$ns2" "dev vx0 ingress" 103 2
2087	log_test $? 0 "Unregistered IPv6 multicast - third VTEP"
2088	tc_check_packets "$ns2" "dev vx0 ingress" 104 1
2089	log_test $? 0 "Unregistered IPv6 multicast - fourth VTEP"
2090
2091	# Send IPv6 link-local multicast traffic and make sure it does not
2092	# arrive to any VTEP.
2093	run_cmd "ip netns exec $ns1 mausezahn -6 br0.10 -A $ipv6_src -B $ipv6_ll_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2094	tc_check_packets "$ns2" "dev vx0 ingress" 103 2
2095	log_test $? 0 "Link-local IPv6 multicast - third VTEP"
2096	tc_check_packets "$ns2" "dev vx0 ingress" 104 1
2097	log_test $? 0 "Link-local IPv6 multicast - fourth VTEP"
2098
2099	# Send registered IPv6 multicast using a unicast MAC address and make
2100	# sure it does not arrive to any VTEP.
2101	run_cmd "ip netns exec $ns1 mausezahn -6 br0.10 -a own -b 00:11:22:33:44:55 -A $ipv6_src -B $ipv6_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2102	tc_check_packets "$ns2" "dev vx0 ingress" 103 2
2103	log_test $? 0 "Registered IPv6 multicast with a unicast MAC - third VTEP"
2104	tc_check_packets "$ns2" "dev vx0 ingress" 104 1
2105	log_test $? 0 "Registered IPv6 multicast with a unicast MAC - fourth VTEP"
2106
2107	# Send registered IPv6 multicast using a broadcast MAC address and make
2108	# sure it does not arrive to any VTEP.
2109	run_cmd "ip netns exec $ns1 mausezahn -6 br0.10 -a own -b bcast -A $ipv6_src -B $ipv6_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2110	tc_check_packets "$ns2" "dev vx0 ingress" 103 2
2111	log_test $? 0 "Registered IPv6 multicast with a broadcast MAC - third VTEP"
2112	tc_check_packets "$ns2" "dev vx0 ingress" 104 1
2113	log_test $? 0 "Registered IPv6 multicast with a broadcast MAC - fourth VTEP"
2114
2115	# Make sure IPv6 traffic did not reach the VTEPs associated with
2116	# IPv4 entries.
2117	tc_check_packets "$ns2" "dev vx0 ingress" 101 0
2118	log_test $? 0 "IPv6 traffic - first VTEP"
2119	tc_check_packets "$ns2" "dev vx0 ingress" 102 0
2120	log_test $? 0 "IPv6 traffic - second VTEP"
2121}
2122
2123all_zeros_mdb_ipv4()
2124{
2125	local ns1=$ns1_v4
2126	local ns2=$ns2_v4
2127	local vtep1_ip=198.51.100.101
2128	local vtep2_ip=198.51.100.102
2129	local vtep3_ip=198.51.100.103
2130	local vtep4_ip=198.51.100.104
2131	local plen=32
2132
2133	echo
2134	echo "Data path: All-zeros MDB entry - IPv4 underlay"
2135	echo "----------------------------------------------"
2136
2137	all_zeros_mdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $vtep3_ip \
2138		$vtep4_ip $plen
2139}
2140
2141all_zeros_mdb_ipv6()
2142{
2143	local ns1=$ns1_v6
2144	local ns2=$ns2_v6
2145	local vtep1_ip=2001:db8:1000::1
2146	local vtep2_ip=2001:db8:2000::1
2147	local vtep3_ip=2001:db8:3000::1
2148	local vtep4_ip=2001:db8:4000::1
2149	local plen=128
2150
2151	echo
2152	echo "Data path: All-zeros MDB entry - IPv6 underlay"
2153	echo "----------------------------------------------"
2154
2155	all_zeros_mdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $vtep3_ip \
2156		$vtep4_ip $plen
2157}
2158
2159mdb_fdb_common()
2160{
2161	local ns1=$1; shift
2162	local ns2=$1; shift
2163	local vtep1_ip=$1; shift
2164	local vtep2_ip=$1; shift
2165	local plen=$1; shift
2166	local proto=$1; shift
2167	local grp=$1; shift
2168	local src=$1; shift
2169	local mz=$1; shift
2170
2171	# Install an MDB entry and an FDB entry and make sure that the FDB
2172	# entry only forwards traffic that was not forwarded by the MDB.
2173
2174	# Associate the MDB entry with one VTEP and the FDB entry with another
2175	# VTEP.
2176	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip src_vni 10010"
2177	run_cmd "bridge -n $ns1 fdb add 00:00:00:00:00:00 dev vx0 self static dst $vtep2_ip src_vni 10010"
2178
2179	# Add filters to match on decapsulated traffic in the second namespace.
2180	run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
2181	run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto $proto flower ip_proto udp dst_port 54321 enc_dst_ip $vtep1_ip action pass"
2182	run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 102 proto $proto flower ip_proto udp dst_port 54321 enc_dst_ip $vtep2_ip action pass"
2183
2184	# Configure the VTEP addresses in the second namespace to enable
2185	# decapsulation.
2186	run_cmd "ip -n $ns2 address replace $vtep1_ip/$plen dev lo"
2187	run_cmd "ip -n $ns2 address replace $vtep2_ip/$plen dev lo"
2188
2189	# Send IP multicast traffic and make sure it is forwarded by the MDB
2190	# and only arrives to the first VTEP.
2191	run_cmd "ip netns exec $ns1 $mz br0.10 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2192	tc_check_packets "$ns2" "dev vx0 ingress" 101 1
2193	log_test $? 0 "IP multicast - first VTEP"
2194	tc_check_packets "$ns2" "dev vx0 ingress" 102 0
2195	log_test $? 0 "IP multicast - second VTEP"
2196
2197	# Send broadcast traffic and make sure it is forwarded by the FDB and
2198	# only arrives to the second VTEP.
2199	run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b bcast -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2200	tc_check_packets "$ns2" "dev vx0 ingress" 101 1
2201	log_test $? 0 "Broadcast - first VTEP"
2202	tc_check_packets "$ns2" "dev vx0 ingress" 102 1
2203	log_test $? 0 "Broadcast - second VTEP"
2204
2205	# Remove the MDB entry and make sure that IP multicast is now forwarded
2206	# by the FDB to the second VTEP.
2207	run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10010"
2208	run_cmd "ip netns exec $ns1 $mz br0.10 -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2209	tc_check_packets "$ns2" "dev vx0 ingress" 101 1
2210	log_test $? 0 "IP multicast after removal - first VTEP"
2211	tc_check_packets "$ns2" "dev vx0 ingress" 102 2
2212	log_test $? 0 "IP multicast after removal - second VTEP"
2213}
2214
2215mdb_fdb_ipv4_ipv4()
2216{
2217	local ns1=$ns1_v4
2218	local ns2=$ns2_v4
2219	local vtep1_ip=198.51.100.100
2220	local vtep2_ip=198.51.100.200
2221	local plen=32
2222	local proto="ipv4"
2223	local grp=239.1.1.1
2224	local src=192.0.2.129
2225
2226	echo
2227	echo "Data path: MDB with FDB - IPv4 overlay / IPv4 underlay"
2228	echo "------------------------------------------------------"
2229
2230	mdb_fdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $proto $grp $src \
2231		"mausezahn"
2232}
2233
2234mdb_fdb_ipv6_ipv4()
2235{
2236	local ns1=$ns1_v4
2237	local ns2=$ns2_v4
2238	local vtep1_ip=198.51.100.100
2239	local vtep2_ip=198.51.100.200
2240	local plen=32
2241	local proto="ipv6"
2242	local grp=ff0e::1
2243	local src=2001:db8:100::1
2244
2245	echo
2246	echo "Data path: MDB with FDB - IPv6 overlay / IPv4 underlay"
2247	echo "------------------------------------------------------"
2248
2249	mdb_fdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $proto $grp $src \
2250		"mausezahn -6"
2251}
2252
2253mdb_fdb_ipv4_ipv6()
2254{
2255	local ns1=$ns1_v6
2256	local ns2=$ns2_v6
2257	local vtep1_ip=2001:db8:1000::1
2258	local vtep2_ip=2001:db8:2000::1
2259	local plen=128
2260	local proto="ipv4"
2261	local grp=239.1.1.1
2262	local src=192.0.2.129
2263
2264	echo
2265	echo "Data path: MDB with FDB - IPv4 overlay / IPv6 underlay"
2266	echo "------------------------------------------------------"
2267
2268	mdb_fdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $proto $grp $src \
2269		"mausezahn"
2270}
2271
2272mdb_fdb_ipv6_ipv6()
2273{
2274	local ns1=$ns1_v6
2275	local ns2=$ns2_v6
2276	local vtep1_ip=2001:db8:1000::1
2277	local vtep2_ip=2001:db8:2000::1
2278	local plen=128
2279	local proto="ipv6"
2280	local grp=ff0e::1
2281	local src=2001:db8:100::1
2282
2283	echo
2284	echo "Data path: MDB with FDB - IPv6 overlay / IPv6 underlay"
2285	echo "------------------------------------------------------"
2286
2287	mdb_fdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $proto $grp $src \
2288		"mausezahn -6"
2289}
2290
2291mdb_grp1_loop()
2292{
2293	local ns1=$1; shift
2294	local vtep1_ip=$1; shift
2295	local grp1=$1; shift
2296
2297	while true; do
2298		bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp1 dst $vtep1_ip src_vni 10010
2299		bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp1 permanent dst $vtep1_ip src_vni 10010
2300	done >/dev/null 2>&1
2301}
2302
2303mdb_grp2_loop()
2304{
2305	local ns1=$1; shift
2306	local vtep1_ip=$1; shift
2307	local vtep2_ip=$1; shift
2308	local grp2=$1; shift
2309
2310	while true; do
2311		bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp2 dst $vtep1_ip src_vni 10010
2312		bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp2 permanent dst $vtep1_ip src_vni 10010
2313		bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp2 permanent dst $vtep2_ip src_vni 10010
2314	done >/dev/null 2>&1
2315}
2316
2317mdb_torture_common()
2318{
2319	local ns1=$1; shift
2320	local vtep1_ip=$1; shift
2321	local vtep2_ip=$1; shift
2322	local grp1=$1; shift
2323	local grp2=$1; shift
2324	local src=$1; shift
2325	local mz=$1; shift
2326	local pid1
2327	local pid2
2328	local pid3
2329	local pid4
2330
2331	# Continuously send two streams that are forwarded by two different MDB
2332	# entries. The first entry will be added and deleted in a loop. This
2333	# allows us to test that the data path does not use freed MDB entry
2334	# memory. The second entry will have two remotes, one that is added and
2335	# deleted in a loop and another that is replaced in a loop. This allows
2336	# us to test that the data path does not use freed remote entry memory.
2337	# The test is considered successful if nothing crashed.
2338
2339	# Create the MDB entries that will be continuously deleted / replaced.
2340	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp1 permanent dst $vtep1_ip src_vni 10010"
2341	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp2 permanent dst $vtep1_ip src_vni 10010"
2342	run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp2 permanent dst $vtep2_ip src_vni 10010"
2343
2344	mdb_grp1_loop $ns1 $vtep1_ip $grp1 &
2345	pid1=$!
2346	mdb_grp2_loop $ns1 $vtep1_ip $vtep2_ip $grp2 &
2347	pid2=$!
2348	ip netns exec $ns1 $mz br0.10 -A $src -B $grp1 -t udp sp=12345,dp=54321 -p 100 -c 0 -q &
2349	pid3=$!
2350	ip netns exec $ns1 $mz br0.10 -A $src -B $grp2 -t udp sp=12345,dp=54321 -p 100 -c 0 -q &
2351	pid4=$!
2352
2353	sleep 30
2354	kill -9 $pid1 $pid2 $pid3 $pid4
2355	wait $pid1 $pid2 $pid3 $pid4 2>/dev/null
2356
2357	log_test 0 0 "Torture test"
2358}
2359
2360mdb_torture_ipv4_ipv4()
2361{
2362	local ns1=$ns1_v4
2363	local vtep1_ip=198.51.100.100
2364	local vtep2_ip=198.51.100.200
2365	local grp1=239.1.1.1
2366	local grp2=239.2.2.2
2367	local src=192.0.2.129
2368
2369	echo
2370	echo "Data path: MDB torture test - IPv4 overlay / IPv4 underlay"
2371	echo "----------------------------------------------------------"
2372
2373	mdb_torture_common $ns1 $vtep1_ip $vtep2_ip $grp1 $grp2 $src \
2374		"mausezahn"
2375}
2376
2377mdb_torture_ipv6_ipv4()
2378{
2379	local ns1=$ns1_v4
2380	local vtep1_ip=198.51.100.100
2381	local vtep2_ip=198.51.100.200
2382	local grp1=ff0e::1
2383	local grp2=ff0e::2
2384	local src=2001:db8:100::1
2385
2386	echo
2387	echo "Data path: MDB torture test - IPv6 overlay / IPv4 underlay"
2388	echo "----------------------------------------------------------"
2389
2390	mdb_torture_common $ns1 $vtep1_ip $vtep2_ip $grp1 $grp2 $src \
2391		"mausezahn -6"
2392}
2393
2394mdb_torture_ipv4_ipv6()
2395{
2396	local ns1=$ns1_v6
2397	local vtep1_ip=2001:db8:1000::1
2398	local vtep2_ip=2001:db8:2000::1
2399	local grp1=239.1.1.1
2400	local grp2=239.2.2.2
2401	local src=192.0.2.129
2402
2403	echo
2404	echo "Data path: MDB torture test - IPv4 overlay / IPv6 underlay"
2405	echo "----------------------------------------------------------"
2406
2407	mdb_torture_common $ns1 $vtep1_ip $vtep2_ip $grp1 $grp2 $src \
2408		"mausezahn"
2409}
2410
2411mdb_torture_ipv6_ipv6()
2412{
2413	local ns1=$ns1_v6
2414	local vtep1_ip=2001:db8:1000::1
2415	local vtep2_ip=2001:db8:2000::1
2416	local grp1=ff0e::1
2417	local grp2=ff0e::2
2418	local src=2001:db8:100::1
2419
2420	echo
2421	echo "Data path: MDB torture test - IPv6 overlay / IPv6 underlay"
2422	echo "----------------------------------------------------------"
2423
2424	mdb_torture_common $ns1 $vtep1_ip $vtep2_ip $grp1 $grp2 $src \
2425		"mausezahn -6"
2426}
2427
2428################################################################################
2429# Usage
2430
2431usage()
2432{
2433	cat <<EOF
2434usage: ${0##*/} OPTS
2435
2436        -t <test>   Test(s) to run (default: all)
2437                    (options: $TESTS)
2438        -c          Control path tests only
2439        -d          Data path tests only
2440        -p          Pause on fail
2441        -P          Pause after each test before cleanup
2442        -v          Verbose mode (show commands and output)
2443EOF
2444}
2445
2446################################################################################
2447# Main
2448
2449trap cleanup EXIT
2450
2451while getopts ":t:cdpPvh" opt; do
2452	case $opt in
2453		t) TESTS=$OPTARG;;
2454		c) TESTS=${CONTROL_PATH_TESTS};;
2455		d) TESTS=${DATA_PATH_TESTS};;
2456		p) PAUSE_ON_FAIL=yes;;
2457		P) PAUSE=yes;;
2458		v) VERBOSE=$(($VERBOSE + 1));;
2459		h) usage; exit 0;;
2460		*) usage; exit 1;;
2461	esac
2462done
2463
2464# Make sure we don't pause twice.
2465[ "${PAUSE}" = "yes" ] && PAUSE_ON_FAIL=no
2466
2467if [ "$(id -u)" -ne 0 ];then
2468	echo "SKIP: Need root privileges"
2469	exit $ksft_skip;
2470fi
2471
2472if [ ! -x "$(command -v ip)" ]; then
2473	echo "SKIP: Could not run test without ip tool"
2474	exit $ksft_skip
2475fi
2476
2477if [ ! -x "$(command -v bridge)" ]; then
2478	echo "SKIP: Could not run test without bridge tool"
2479	exit $ksft_skip
2480fi
2481
2482if [ ! -x "$(command -v mausezahn)" ]; then
2483	echo "SKIP: Could not run test without mausezahn tool"
2484	exit $ksft_skip
2485fi
2486
2487if [ ! -x "$(command -v jq)" ]; then
2488	echo "SKIP: Could not run test without jq tool"
2489	exit $ksft_skip
2490fi
2491
2492bridge mdb help 2>&1 | grep -q "flush"
2493if [ $? -ne 0 ]; then
2494   echo "SKIP: iproute2 bridge too old, missing VXLAN MDB flush support"
2495   exit $ksft_skip
2496fi
2497
2498# Start clean.
2499cleanup
2500
2501for t in $TESTS
2502do
2503	setup; $t; cleanup;
2504done
2505
2506if [ "$TESTS" != "none" ]; then
2507	printf "\nTests passed: %3d\n" ${nsuccess}
2508	printf "Tests failed: %3d\n"   ${nfail}
2509fi
2510
2511exit $ret
2512