cachepc-linux

vxlan_flooding_ipv6.sh (9298B)

#!/bin/bash
# SPDX-License-Identifier: GPL-2.0
#
# Test VxLAN flooding. The device stores flood records in a singly linked list
# where each record stores up to five IPv6 addresses of remote VTEPs. The test
# verifies that packets are correctly flooded in various cases such as deletion
# of a record in the middle of the list.
#
# +-----------------------+
# | H1 (vrf)              |
# |    + $h1              |
# |    | 2001:db8:1::1/64 |
# +----|------------------+
#      |
# +----|----------------------------------------------------------------------+
# | SW |                                                                      |
# | +--|--------------------------------------------------------------------+ |
# | |  + $swp1                   BR0 (802.1d)                               | |
# | |                                                                       | |
# | |  + vxlan0 (vxlan)                                                     | |
# | |    local 2001:db8:2::1                                                | |
# | |    remote 2001:db8:2::{2..21}                                         | |
# | |    id 10 dstport 4789                                                 | |
# | +-----------------------------------------------------------------------+ |
# |                                                                           |
# |  2001:db8:2::0/64 via 2001:db8:3::2                                       |
# |                                                                           |
# |    + $rp1                                                                 |
# |    | 2001:db8:3::1/64                                                     |
# +----|----------------------------------------------------------------------+
#      |
# +----|--------------------------------------------------------+
# |    |                                               R2 (vrf) |
# |    + $rp2                                                   |
# |      2001:db8:3::2/64                                       |
# |                                                             |
# +-------------------------------------------------------------+

lib_dir=$(dirname $0)/../../../../net/forwarding

ALL_TESTS="flooding_test"
NUM_NETIFS=4
source $lib_dir/tc_common.sh
source $lib_dir/lib.sh

h1_create()
{
	simple_if_init $h1 2001:db8:1::1/64
}

h1_destroy()
{
	simple_if_fini $h1 2001:db8:1::1/64
}

switch_create()
{
	# Make sure the bridge uses the MAC address of the local port and
	# not that of the VxLAN's device
	ip link add dev br0 type bridge mcast_snooping 0
	ip link set dev br0 address $(mac_get $swp1)

	ip link add name vxlan0 type vxlan id 10 nolearning \
		udp6zerocsumrx udp6zerocsumtx ttl 20 tos inherit \
		local 2001:db8:2::1 dstport 4789

	ip address add 2001:db8:2::1/128 dev lo

	ip link set dev $swp1 master br0
	ip link set dev vxlan0 master br0

	ip link set dev br0 up
	ip link set dev $swp1 up
	ip link set dev vxlan0 up
}

switch_destroy()
{
	ip link set dev vxlan0 down
	ip link set dev $swp1 down
	ip link set dev br0 down

	ip link set dev vxlan0 nomaster
	ip link set dev $swp1 nomaster

	ip address del 2001:db8:2::1/128 dev lo

	ip link del dev vxlan0

	ip link del dev br0
}

router1_create()
{
	# This router is in the default VRF, where the VxLAN device is
	# performing the L3 lookup
	ip link set dev $rp1 up
	ip address add 2001:db8:3::1/64 dev $rp1
	ip route add 2001:db8:2::0/64 via 2001:db8:3::2
}

router1_destroy()
{
	ip route del 2001:db8:2::0/64 via 2001:db8:3::2
	ip address del 2001:db8:3::1/64 dev $rp1
	ip link set dev $rp1 down
}

router2_create()
{
	# This router is not in the default VRF, so use simple_if_init()
	simple_if_init $rp2 2001:db8:3::2/64
}

router2_destroy()
{
	simple_if_fini $rp2 2001:db8:3::2/64
}

setup_prepare()
{
	h1=${NETIFS[p1]}
	swp1=${NETIFS[p2]}

	rp1=${NETIFS[p3]}
	rp2=${NETIFS[p4]}

	vrf_prepare

	h1_create

	switch_create

	router1_create
	router2_create

	forwarding_enable
}

cleanup()
{
	pre_cleanup

	forwarding_restore

	router2_destroy
	router1_destroy

	switch_destroy

	h1_destroy

	vrf_cleanup
}

flooding_remotes_add()
{
	local num_remotes=$1
	local lsb
	local i

	for i in $(eval echo {1..$num_remotes}); do
		lsb=$((i + 1))

		bridge fdb append 00:00:00:00:00:00 dev vxlan0 self \
			dst 2001:db8:2::$lsb
	done
}

flooding_filters_add()
{
	local num_remotes=$1
	local lsb
	local i

	tc qdisc add dev $rp2 clsact

	for i in $(eval echo {1..$num_remotes}); do
		lsb=$((i + 1))

		tc filter add dev $rp2 ingress protocol ipv6 pref $i handle $i \
			flower ip_proto udp dst_ip 2001:db8:2::$lsb \
			dst_port 4789 skip_sw action drop
	done
}

flooding_filters_del()
{
	local num_remotes=$1
	local i

	for i in $(eval echo {1..$num_remotes}); do
		tc filter del dev $rp2 ingress protocol ipv6 pref $i \
			handle $i flower
	done

	tc qdisc del dev $rp2 clsact
}

flooding_check_packets()
{
	local packets=("$@")
	local num_remotes=${#packets[@]}
	local i

	for i in $(eval echo {1..$num_remotes}); do
		tc_check_packets "dev $rp2 ingress" $i ${packets[i - 1]}
		check_err $? "remote $i - did not get expected number of packets"
	done
}

flooding_test()
{
	# Use 20 remote VTEPs that will be stored in 4 records. The array
	# 'packets' will store how many packets are expected to be received
	# by each remote VTEP at each stage of the test
	declare -a packets=(1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1)
	local num_remotes=20

	RET=0

	# Add FDB entries for remote VTEPs and corresponding tc filters on the
	# ingress of the nexthop router. These filters will count how many
	# packets were flooded to each remote VTEP
	flooding_remotes_add $num_remotes
	flooding_filters_add $num_remotes

	# Send one packet and make sure it is flooded to all the remote VTEPs
	$MZ -6 $h1 -q -p 64 -b de:ad:be:ef:13:37 -t ip -c 1
	flooding_check_packets "${packets[@]}"
	log_test "flood after 1 packet"

	# Delete the third record which corresponds to VTEPs with LSB 12..16
	# and check that packet is flooded correctly when we remove a record
	# from the middle of the list
	RET=0

	packets=(2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 2 2 2 2 2)
	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::12
	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::13
	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::14
	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::15
	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::16

	$MZ -6 $h1 -q -p 64 -b de:ad:be:ef:13:37 -t ip -c 1
	flooding_check_packets "${packets[@]}"
	log_test "flood after 2 packets"

	# Delete the first record and make sure the packet is flooded correctly
	RET=0

	packets=(2 2 2 2 2 3 3 3 3 3 1 1 1 1 1 3 3 3 3 3)
	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::2
	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::3
	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::4
	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::5
	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::6

	$MZ -6 $h1 -q -p 64 -b de:ad:be:ef:13:37 -t ip -c 1
	flooding_check_packets "${packets[@]}"
	log_test "flood after 3 packets"

	# Delete the last record and make sure the packet is flooded correctly
	RET=0

	packets=(2 2 2 2 2 4 4 4 4 4 1 1 1 1 1 3 3 3 3 3)
	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::17
	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::18
	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::19
	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::20
	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::21

	$MZ -6 $h1 -q -p 64 -b de:ad:be:ef:13:37 -t ip -c 1
	flooding_check_packets "${packets[@]}"
	log_test "flood after 4 packets"

	# Delete the last record, one entry at a time and make sure single
	# entries are correctly removed
	RET=0

	packets=(2 2 2 2 2 4 5 5 5 5 1 1 1 1 1 3 3 3 3 3)
	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::7

	$MZ -6 $h1 -q -p 64 -b de:ad:be:ef:13:37 -t ip -c 1
	flooding_check_packets "${packets[@]}"
	log_test "flood after 5 packets"

	RET=0

	packets=(2 2 2 2 2 4 5 6 6 6 1 1 1 1 1 3 3 3 3 3)
	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::8

	$MZ -6 $h1 -q -p 64 -b de:ad:be:ef:13:37 -t ip -c 1
	flooding_check_packets "${packets[@]}"
	log_test "flood after 6 packets"

	RET=0

	packets=(2 2 2 2 2 4 5 6 7 7 1 1 1 1 1 3 3 3 3 3)
	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::9

	$MZ -6 $h1 -q -p 64 -b de:ad:be:ef:13:37 -t ip -c 1
	flooding_check_packets "${packets[@]}"
	log_test "flood after 7 packets"

	RET=0

	packets=(2 2 2 2 2 4 5 6 7 8 1 1 1 1 1 3 3 3 3 3)
	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::10

	$MZ -6 $h1 -q -p 64 -b de:ad:be:ef:13:37 -t ip -c 1
	flooding_check_packets "${packets[@]}"
	log_test "flood after 8 packets"

	RET=0

	packets=(2 2 2 2 2 4 5 6 7 8 1 1 1 1 1 3 3 3 3 3)
	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::11

	$MZ -6 $h1 -q -p 64 -b de:ad:be:ef:13:37 -t ip -c 1
	flooding_check_packets "${packets[@]}"
	log_test "flood after 9 packets"

	flooding_filters_del $num_remotes
}

trap cleanup EXIT

setup_prepare
setup_wait

tests_run

exit $EXIT_STATUS