#!/bin/bash
|
# SPDX-License-Identifier: GPL-2.0
|
#
|
# Test devlink-trap tunnel exceptions functionality over mlxsw.
|
# Check all exception traps to make sure they are triggered under the right
|
# conditions.
|
|
# +-------------------------+
|
# | H1 |
|
# | $h1 + |
|
# | 192.0.2.1/28 | |
|
# +-------------------|-----+
|
# |
|
# +-------------------|-----+
|
# | SW1 | |
|
# | $swp1 + |
|
# | 192.0.2.2/28 |
|
# | |
|
# | + g1a (gre) |
|
# | loc=192.0.2.65 |
|
# | rem=192.0.2.66 |
|
# | tos=inherit |
|
# | |
|
# | + $rp1 |
|
# | | 198.51.100.1/28 |
|
# +--|----------------------+
|
# |
|
# +--|----------------------+
|
# | | VRF2 |
|
# | + $rp2 |
|
# | 198.51.100.2/28 |
|
# +-------------------------+
|
|
lib_dir=$(dirname $0)/../../../net/forwarding
|
|
ALL_TESTS="
|
decap_error_test
|
"
|
|
NUM_NETIFS=4
|
source $lib_dir/lib.sh
|
source $lib_dir/tc_common.sh
|
source $lib_dir/devlink_lib.sh
|
|
h1_create()
|
{
|
simple_if_init $h1 192.0.2.1/28
|
}
|
|
h1_destroy()
|
{
|
simple_if_fini $h1 192.0.2.1/28
|
}
|
|
vrf2_create()
|
{
|
simple_if_init $rp2 198.51.100.2/28
|
}
|
|
vrf2_destroy()
|
{
|
simple_if_fini $rp2 198.51.100.2/28
|
}
|
|
switch_create()
|
{
|
__addr_add_del $swp1 add 192.0.2.2/28
|
tc qdisc add dev $swp1 clsact
|
ip link set dev $swp1 up
|
|
tunnel_create g1 gre 192.0.2.65 192.0.2.66 tos inherit
|
__addr_add_del g1 add 192.0.2.65/32
|
ip link set dev g1 up
|
|
__addr_add_del $rp1 add 198.51.100.1/28
|
ip link set dev $rp1 up
|
}
|
|
switch_destroy()
|
{
|
ip link set dev $rp1 down
|
__addr_add_del $rp1 del 198.51.100.1/28
|
|
ip link set dev g1 down
|
__addr_add_del g1 del 192.0.2.65/32
|
tunnel_destroy g1
|
|
ip link set dev $swp1 down
|
tc qdisc del dev $swp1 clsact
|
__addr_add_del $swp1 del 192.0.2.2/28
|
}
|
|
setup_prepare()
|
{
|
h1=${NETIFS[p1]}
|
swp1=${NETIFS[p2]}
|
|
rp1=${NETIFS[p3]}
|
rp2=${NETIFS[p4]}
|
|
forwarding_enable
|
vrf_prepare
|
h1_create
|
switch_create
|
vrf2_create
|
}
|
|
cleanup()
|
{
|
pre_cleanup
|
|
vrf2_destroy
|
switch_destroy
|
h1_destroy
|
vrf_cleanup
|
forwarding_restore
|
}
|
|
ecn_payload_get()
|
{
|
p=$(:
|
)"0"$( : GRE flags
|
)"0:00:"$( : Reserved + version
|
)"08:00:"$( : ETH protocol type
|
)"4"$( : IP version
|
)"5:"$( : IHL
|
)"00:"$( : IP TOS
|
)"00:14:"$( : IP total length
|
)"00:00:"$( : IP identification
|
)"20:00:"$( : IP flags + frag off
|
)"30:"$( : IP TTL
|
)"01:"$( : IP proto
|
)"E7:E6:"$( : IP header csum
|
)"C0:00:01:01:"$( : IP saddr : 192.0.1.1
|
)"C0:00:02:01:"$( : IP daddr : 192.0.2.1
|
)
|
echo $p
|
}
|
|
ecn_decap_test()
|
{
|
local trap_name="decap_error"
|
local desc=$1; shift
|
local ecn_desc=$1; shift
|
local outer_tos=$1; shift
|
local mz_pid
|
|
RET=0
|
|
tc filter add dev $swp1 egress protocol ip pref 1 handle 101 \
|
flower src_ip 192.0.1.1 dst_ip 192.0.2.1 action pass
|
|
rp1_mac=$(mac_get $rp1)
|
rp2_mac=$(mac_get $rp2)
|
payload=$(ecn_payload_get)
|
|
ip vrf exec v$rp2 $MZ $rp2 -c 0 -d 1msec -a $rp2_mac -b $rp1_mac \
|
-A 192.0.2.66 -B 192.0.2.65 -t ip \
|
len=48,tos=$outer_tos,proto=47,p=$payload -q &
|
|
mz_pid=$!
|
|
devlink_trap_exception_test $trap_name
|
|
tc_check_packets "dev $swp1 egress" 101 0
|
check_err $? "Packets were not dropped"
|
|
log_test "$desc: Inner ECN is not ECT and outer is $ecn_desc"
|
|
kill $mz_pid && wait $mz_pid &> /dev/null
|
tc filter del dev $swp1 egress protocol ip pref 1 handle 101 flower
|
}
|
|
ipip_payload_get()
|
{
|
local flags=$1; shift
|
local key=$1; shift
|
|
p=$(:
|
)"$flags"$( : GRE flags
|
)"0:00:"$( : Reserved + version
|
)"08:00:"$( : ETH protocol type
|
)"$key"$( : Key
|
)"4"$( : IP version
|
)"5:"$( : IHL
|
)"00:"$( : IP TOS
|
)"00:14:"$( : IP total length
|
)"00:00:"$( : IP identification
|
)"20:00:"$( : IP flags + frag off
|
)"30:"$( : IP TTL
|
)"01:"$( : IP proto
|
)"E7:E6:"$( : IP header csum
|
)"C0:00:01:01:"$( : IP saddr : 192.0.1.1
|
)"C0:00:02:01:"$( : IP daddr : 192.0.2.1
|
)
|
echo $p
|
}
|
|
no_matching_tunnel_test()
|
{
|
local trap_name="decap_error"
|
local desc=$1; shift
|
local sip=$1; shift
|
local mz_pid
|
|
RET=0
|
|
tc filter add dev $swp1 egress protocol ip pref 1 handle 101 \
|
flower src_ip 192.0.1.1 dst_ip 192.0.2.1 action pass
|
|
rp1_mac=$(mac_get $rp1)
|
rp2_mac=$(mac_get $rp2)
|
payload=$(ipip_payload_get "$@")
|
|
ip vrf exec v$rp2 $MZ $rp2 -c 0 -d 1msec -a $rp2_mac -b $rp1_mac \
|
-A $sip -B 192.0.2.65 -t ip len=48,proto=47,p=$payload -q &
|
mz_pid=$!
|
|
devlink_trap_exception_test $trap_name
|
|
tc_check_packets "dev $swp1 egress" 101 0
|
check_err $? "Packets were not dropped"
|
|
log_test "$desc"
|
|
kill $mz_pid && wait $mz_pid &> /dev/null
|
tc filter del dev $swp1 egress protocol ip pref 1 handle 101 flower
|
}
|
|
decap_error_test()
|
{
|
# Correct source IP - the remote address
|
local sip=192.0.2.66
|
|
ecn_decap_test "Decap error" "ECT(1)" 01
|
ecn_decap_test "Decap error" "ECT(0)" 02
|
ecn_decap_test "Decap error" "CE" 03
|
|
no_matching_tunnel_test "Decap error: Source IP check failed" \
|
192.0.2.68 "0"
|
no_matching_tunnel_test \
|
"Decap error: Key exists but was not expected" $sip "2" ":E9:"
|
|
# Destroy the tunnel and create new one with key
|
__addr_add_del g1 del 192.0.2.65/32
|
tunnel_destroy g1
|
|
tunnel_create g1 gre 192.0.2.65 192.0.2.66 tos inherit key 233
|
__addr_add_del g1 add 192.0.2.65/32
|
|
no_matching_tunnel_test \
|
"Decap error: Key does not exist but was expected" $sip "0"
|
no_matching_tunnel_test \
|
"Decap error: Packet has a wrong key field" $sip "2" "E8:"
|
}
|
|
trap cleanup EXIT
|
|
setup_prepare
|
setup_wait
|
tests_run
|
|
exit $EXIT_STATUS
|
