vxlan.sh (30290B)
1#!/bin/bash 2# SPDX-License-Identifier: GPL-2.0 3# 4# Test various aspects of VxLAN offloading which are specific to mlxsw, such 5# as sanitization of invalid configurations and offload indication. 6 7: ${ADDR_FAMILY:=ipv4} 8export ADDR_FAMILY 9 10: ${LOCAL_IP_1:=198.51.100.1} 11export LOCAL_IP_1 12 13: ${LOCAL_IP_2:=198.51.100.2} 14export LOCAL_IP_2 15 16: ${PREFIX_LEN:=32} 17export PREFIX_LEN 18 19: ${UDPCSUM_FLAFS:=noudpcsum} 20export UDPCSUM_FLAFS 21 22: ${MC_IP:=239.0.0.1} 23export MC_IP 24 25: ${IP_FLAG:=""} 26export IP_FLAG 27 28: ${ALL_TESTS:=" 29 sanitization_test 30 offload_indication_test 31 sanitization_vlan_aware_test 32 offload_indication_vlan_aware_test 33"} 34 35lib_dir=$(dirname $0)/../../../net/forwarding 36NUM_NETIFS=2 37: ${TIMEOUT:=20000} # ms 38source $lib_dir/lib.sh 39 40setup_prepare() 41{ 42 swp1=${NETIFS[p1]} 43 swp2=${NETIFS[p2]} 44 45 ip link set dev $swp1 up 46 ip link set dev $swp2 up 47} 48 49cleanup() 50{ 51 pre_cleanup 52 53 ip link set dev $swp2 down 54 ip link set dev $swp1 down 55} 56 57sanitization_single_dev_test_pass() 58{ 59 ip link set dev $swp1 master br0 60 check_err $? 61 ip link set dev vxlan0 master br0 62 check_err $? 63 64 ip link set dev $swp1 nomaster 65 66 ip link set dev $swp1 master br0 67 check_err $? 68} 69 70sanitization_single_dev_test_fail() 71{ 72 ip link set dev $swp1 master br0 73 check_err $? 74 ip link set dev vxlan0 master br0 &> /dev/null 75 check_fail $? 76 77 ip link set dev $swp1 nomaster 78 79 ip link set dev vxlan0 master br0 80 check_err $? 81 ip link set dev $swp1 master br0 &> /dev/null 82 check_fail $? 83} 84 85sanitization_single_dev_valid_test() 86{ 87 RET=0 88 89 ip link add dev br0 type bridge mcast_snooping 0 90 91 ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \ 92 ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 93 94 sanitization_single_dev_test_pass 95 96 ip link del dev vxlan0 97 ip link del dev br0 98 99 log_test "vxlan device - valid configuration" 100} 101 102sanitization_single_dev_vlan_aware_test() 103{ 104 RET=0 105 106 ip link add dev br0 type bridge mcast_snooping 0 vlan_filtering 1 107 108 ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \ 109 ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 110 111 sanitization_single_dev_test_pass 112 113 ip link del dev vxlan0 114 ip link del dev br0 115 116 log_test "vxlan device with a vlan-aware bridge" 117} 118 119sanitization_single_dev_mcast_enabled_test() 120{ 121 RET=0 122 123 ip link add dev br0 type bridge 124 125 ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \ 126 ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 127 128 sanitization_single_dev_test_fail 129 130 ip link del dev vxlan0 131 ip link del dev br0 132 133 log_test "vxlan device with a multicast enabled bridge" 134} 135 136sanitization_single_dev_mcast_group_test() 137{ 138 RET=0 139 140 ip link add dev br0 type bridge mcast_snooping 0 141 ip link add name dummy1 up type dummy 142 143 ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \ 144 ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 \ 145 dev dummy1 group $MC_IP 146 147 sanitization_single_dev_test_fail 148 149 ip link del dev vxlan0 150 ip link del dev dummy1 151 ip link del dev br0 152 153 log_test "vxlan device with a multicast group" 154} 155 156sanitization_single_dev_no_local_ip_test() 157{ 158 RET=0 159 160 ip link add dev br0 type bridge mcast_snooping 0 161 162 ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \ 163 ttl 20 tos inherit dstport 4789 164 165 sanitization_single_dev_test_fail 166 167 ip link del dev vxlan0 168 ip link del dev br0 169 170 log_test "vxlan device with no local ip" 171} 172 173sanitization_single_dev_learning_enabled_ipv4_test() 174{ 175 RET=0 176 177 ip link add dev br0 type bridge mcast_snooping 0 178 179 ip link add name vxlan0 up type vxlan id 10 learning $UDPCSUM_FLAFS \ 180 ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 181 182 sanitization_single_dev_test_pass 183 184 ip link del dev vxlan0 185 ip link del dev br0 186 187 log_test "vxlan device with learning enabled" 188} 189 190sanitization_single_dev_local_interface_test() 191{ 192 RET=0 193 194 ip link add dev br0 type bridge mcast_snooping 0 195 ip link add name dummy1 up type dummy 196 197 ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \ 198 ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 dev dummy1 199 200 sanitization_single_dev_test_fail 201 202 ip link del dev vxlan0 203 ip link del dev dummy1 204 ip link del dev br0 205 206 log_test "vxlan device with local interface" 207} 208 209sanitization_single_dev_port_range_test() 210{ 211 RET=0 212 213 ip link add dev br0 type bridge mcast_snooping 0 214 215 ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \ 216 ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 \ 217 srcport 4000 5000 218 219 sanitization_single_dev_test_fail 220 221 ip link del dev vxlan0 222 ip link del dev br0 223 224 log_test "vxlan device with udp source port range" 225} 226 227sanitization_single_dev_tos_static_test() 228{ 229 RET=0 230 231 ip link add dev br0 type bridge mcast_snooping 0 232 233 ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \ 234 ttl 20 tos 20 local $LOCAL_IP_1 dstport 4789 235 236 sanitization_single_dev_test_fail 237 238 ip link del dev vxlan0 239 ip link del dev br0 240 241 log_test "vxlan device with static tos" 242} 243 244sanitization_single_dev_ttl_inherit_test() 245{ 246 RET=0 247 248 ip link add dev br0 type bridge mcast_snooping 0 249 250 ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \ 251 ttl inherit tos inherit local $LOCAL_IP_1 dstport 4789 252 253 sanitization_single_dev_test_fail 254 255 ip link del dev vxlan0 256 ip link del dev br0 257 258 log_test "vxlan device with inherit ttl" 259} 260 261sanitization_single_dev_udp_checksum_ipv4_test() 262{ 263 RET=0 264 265 ip link add dev br0 type bridge mcast_snooping 0 266 267 ip link add name vxlan0 up type vxlan id 10 nolearning udpcsum \ 268 ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 269 270 sanitization_single_dev_test_fail 271 272 ip link del dev vxlan0 273 ip link del dev br0 274 275 log_test "vxlan device with udp checksum" 276} 277 278sanitization_single_dev_test() 279{ 280 # These tests make sure that we correctly sanitize VxLAN device 281 # configurations we do not support 282 sanitization_single_dev_valid_test 283 sanitization_single_dev_vlan_aware_test 284 sanitization_single_dev_mcast_enabled_test 285 sanitization_single_dev_mcast_group_test 286 sanitization_single_dev_no_local_ip_test 287 sanitization_single_dev_learning_enabled_"$ADDR_FAMILY"_test 288 sanitization_single_dev_local_interface_test 289 sanitization_single_dev_port_range_test 290 sanitization_single_dev_tos_static_test 291 sanitization_single_dev_ttl_inherit_test 292 sanitization_single_dev_udp_checksum_"$ADDR_FAMILY"_test 293} 294 295sanitization_multi_devs_test_pass() 296{ 297 ip link set dev $swp1 master br0 298 check_err $? 299 ip link set dev vxlan0 master br0 300 check_err $? 301 ip link set dev $swp2 master br1 302 check_err $? 303 ip link set dev vxlan1 master br1 304 check_err $? 305 306 ip link set dev $swp2 nomaster 307 ip link set dev $swp1 nomaster 308 309 ip link set dev $swp1 master br0 310 check_err $? 311 ip link set dev $swp2 master br1 312 check_err $? 313} 314 315sanitization_multi_devs_test_fail() 316{ 317 ip link set dev $swp1 master br0 318 check_err $? 319 ip link set dev vxlan0 master br0 320 check_err $? 321 ip link set dev $swp2 master br1 322 check_err $? 323 ip link set dev vxlan1 master br1 &> /dev/null 324 check_fail $? 325 326 ip link set dev $swp2 nomaster 327 ip link set dev $swp1 nomaster 328 329 ip link set dev vxlan1 master br1 330 check_err $? 331 ip link set dev $swp1 master br0 332 check_err $? 333 ip link set dev $swp2 master br1 &> /dev/null 334 check_fail $? 335} 336 337sanitization_multi_devs_valid_test() 338{ 339 RET=0 340 341 ip link add dev br0 type bridge mcast_snooping 0 342 ip link add dev br1 type bridge mcast_snooping 0 343 344 ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \ 345 ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 346 ip link add name vxlan1 up type vxlan id 20 nolearning $UDPCSUM_FLAFS \ 347 ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 348 349 sanitization_multi_devs_test_pass 350 351 ip link del dev vxlan1 352 ip link del dev vxlan0 353 ip link del dev br1 354 ip link del dev br0 355 356 log_test "multiple vxlan devices - valid configuration" 357} 358 359sanitization_multi_devs_ttl_test() 360{ 361 RET=0 362 363 ip link add dev br0 type bridge mcast_snooping 0 364 ip link add dev br1 type bridge mcast_snooping 0 365 366 ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \ 367 ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 368 ip link add name vxlan1 up type vxlan id 20 nolearning $UDPCSUM_FLAFS \ 369 ttl 40 tos inherit local $LOCAL_IP_1 dstport 4789 370 371 sanitization_multi_devs_test_fail 372 373 ip link del dev vxlan1 374 ip link del dev vxlan0 375 ip link del dev br1 376 ip link del dev br0 377 378 log_test "multiple vxlan devices with different ttl" 379} 380 381sanitization_multi_devs_udp_dstport_test() 382{ 383 RET=0 384 385 ip link add dev br0 type bridge mcast_snooping 0 386 ip link add dev br1 type bridge mcast_snooping 0 387 388 ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \ 389 ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 390 ip link add name vxlan1 up type vxlan id 20 nolearning $UDPCSUM_FLAFS \ 391 ttl 20 tos inherit local $LOCAL_IP_1 dstport 5789 392 393 sanitization_multi_devs_test_fail 394 395 ip link del dev vxlan1 396 ip link del dev vxlan0 397 ip link del dev br1 398 ip link del dev br0 399 400 log_test "multiple vxlan devices with different udp destination port" 401} 402 403sanitization_multi_devs_local_ip_test() 404{ 405 RET=0 406 407 ip link add dev br0 type bridge mcast_snooping 0 408 ip link add dev br1 type bridge mcast_snooping 0 409 410 ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \ 411 ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 412 ip link add name vxlan1 up type vxlan id 20 nolearning $UDPCSUM_FLAFS \ 413 ttl 20 tos inherit local $LOCAL_IP_2 dstport 4789 414 415 sanitization_multi_devs_test_fail 416 417 ip link del dev vxlan1 418 ip link del dev vxlan0 419 ip link del dev br1 420 ip link del dev br0 421 422 log_test "multiple vxlan devices with different local ip" 423} 424 425sanitization_multi_devs_test() 426{ 427 # The device has a single VTEP, which means all the VxLAN devices 428 # we offload must share certain properties such as source IP and 429 # UDP destination port. These tests make sure that we forbid 430 # configurations that violate this limitation 431 sanitization_multi_devs_valid_test 432 sanitization_multi_devs_ttl_test 433 sanitization_multi_devs_udp_dstport_test 434 sanitization_multi_devs_local_ip_test 435} 436 437sanitization_test() 438{ 439 sanitization_single_dev_test 440 sanitization_multi_devs_test 441} 442 443offload_indication_setup_create() 444{ 445 # Create a simple setup with two bridges, each with a VxLAN device 446 # and one local port 447 ip link add name br0 up type bridge mcast_snooping 0 448 ip link add name br1 up type bridge mcast_snooping 0 449 450 ip link set dev $swp1 master br0 451 ip link set dev $swp2 master br1 452 453 ip address add $LOCAL_IP_1/$PREFIX_LEN dev lo 454 455 ip link add name vxlan0 up master br0 type vxlan id 10 nolearning \ 456 $UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 457 ip link add name vxlan1 up master br1 type vxlan id 20 nolearning \ 458 $UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 459} 460 461offload_indication_setup_destroy() 462{ 463 ip link del dev vxlan1 464 ip link del dev vxlan0 465 466 ip address del $LOCAL_IP_1/$PREFIX_LEN dev lo 467 468 ip link set dev $swp2 nomaster 469 ip link set dev $swp1 nomaster 470 471 ip link del dev br1 472 ip link del dev br0 473} 474 475offload_indication_fdb_flood_test() 476{ 477 RET=0 478 479 bridge fdb append 00:00:00:00:00:00 dev vxlan0 self dst $LOCAL_IP_2 480 481 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb 00:00:00:00:00:00 \ 482 bridge fdb show brport vxlan0 483 check_err $? 484 485 bridge fdb del 00:00:00:00:00:00 dev vxlan0 self 486 487 log_test "vxlan flood entry offload indication" 488} 489 490offload_indication_fdb_bridge_test() 491{ 492 RET=0 493 494 bridge fdb add de:ad:be:ef:13:37 dev vxlan0 self master static \ 495 dst $LOCAL_IP_2 496 497 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 498 de:ad:be:ef:13:37 self bridge fdb show brport vxlan0 499 check_err $? 500 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 501 de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan0 502 check_err $? 503 504 log_test "vxlan entry offload indication - initial state" 505 506 # Remove FDB entry from the bridge driver and check that corresponding 507 # entry in the VxLAN driver is not marked as offloaded 508 RET=0 509 510 bridge fdb del de:ad:be:ef:13:37 dev vxlan0 master 511 busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb \ 512 de:ad:be:ef:13:37 self bridge fdb show brport vxlan0 513 check_err $? 514 515 log_test "vxlan entry offload indication - after removal from bridge" 516 517 # Add the FDB entry back to the bridge driver and make sure it is 518 # marked as offloaded in both drivers 519 RET=0 520 521 bridge fdb add de:ad:be:ef:13:37 dev vxlan0 master static 522 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 523 de:ad:be:ef:13:37 self bridge fdb show brport vxlan0 524 check_err $? 525 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 526 de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan0 527 check_err $? 528 529 log_test "vxlan entry offload indication - after re-add to bridge" 530 531 # Remove FDB entry from the VxLAN driver and check that corresponding 532 # entry in the bridge driver is not marked as offloaded 533 RET=0 534 535 bridge fdb del de:ad:be:ef:13:37 dev vxlan0 self 536 busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb \ 537 de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan0 538 check_err $? 539 540 log_test "vxlan entry offload indication - after removal from vxlan" 541 542 # Add the FDB entry back to the VxLAN driver and make sure it is 543 # marked as offloaded in both drivers 544 RET=0 545 546 bridge fdb add de:ad:be:ef:13:37 dev vxlan0 self dst $LOCAL_IP_2 547 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 548 de:ad:be:ef:13:37 self bridge fdb show brport vxlan0 549 check_err $? 550 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 551 de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan0 552 check_err $? 553 554 log_test "vxlan entry offload indication - after re-add to vxlan" 555 556 bridge fdb del de:ad:be:ef:13:37 dev vxlan0 self master 557} 558 559offload_indication_fdb_test() 560{ 561 offload_indication_fdb_flood_test 562 offload_indication_fdb_bridge_test 563} 564 565offload_indication_decap_route_test() 566{ 567 RET=0 568 569 busywait "$TIMEOUT" wait_for_offload \ 570 ip $IP_FLAG route show table local $LOCAL_IP_1 571 check_err $? 572 573 ip link set dev vxlan0 down 574 busywait "$TIMEOUT" wait_for_offload \ 575 ip $IP_FLAG route show table local $LOCAL_IP_1 576 check_err $? 577 578 ip link set dev vxlan1 down 579 busywait "$TIMEOUT" not wait_for_offload \ 580 ip $IP_FLAG route show table local $LOCAL_IP_1 581 check_err $? 582 583 log_test "vxlan decap route - vxlan device down" 584 585 RET=0 586 587 ip link set dev vxlan1 up 588 busywait "$TIMEOUT" wait_for_offload \ 589 ip $IP_FLAG route show table local $LOCAL_IP_1 590 check_err $? 591 592 ip link set dev vxlan0 up 593 busywait "$TIMEOUT" wait_for_offload \ 594 ip $IP_FLAG route show table local $LOCAL_IP_1 595 check_err $? 596 597 log_test "vxlan decap route - vxlan device up" 598 599 RET=0 600 601 ip address delete $LOCAL_IP_1/$PREFIX_LEN dev lo 602 busywait "$TIMEOUT" not wait_for_offload \ 603 ip $IP_FLAG route show table local $LOCAL_IP_1 604 check_err $? 605 606 ip address add $LOCAL_IP_1/$PREFIX_LEN dev lo 607 busywait "$TIMEOUT" wait_for_offload \ 608 ip $IP_FLAG route show table local $LOCAL_IP_1 609 check_err $? 610 611 log_test "vxlan decap route - add local route" 612 613 RET=0 614 615 ip link set dev $swp1 nomaster 616 busywait "$TIMEOUT" wait_for_offload \ 617 ip $IP_FLAG route show table local $LOCAL_IP_1 618 check_err $? 619 620 ip link set dev $swp2 nomaster 621 busywait "$TIMEOUT" not wait_for_offload \ 622 ip $IP_FLAG route show table local $LOCAL_IP_1 623 check_err $? 624 625 ip link set dev $swp1 master br0 626 ip link set dev $swp2 master br1 627 busywait "$TIMEOUT" wait_for_offload \ 628 ip $IP_FLAG route show table local $LOCAL_IP_1 629 check_err $? 630 631 log_test "vxlan decap route - local ports enslavement" 632 633 RET=0 634 635 ip link del dev br0 636 busywait "$TIMEOUT" wait_for_offload \ 637 ip $IP_FLAG route show table local $LOCAL_IP_1 638 check_err $? 639 640 ip link del dev br1 641 busywait "$TIMEOUT" not wait_for_offload \ 642 ip $IP_FLAG route show table local $LOCAL_IP_1 643 check_err $? 644 645 log_test "vxlan decap route - bridge device deletion" 646 647 RET=0 648 649 ip link add name br0 up type bridge mcast_snooping 0 650 ip link add name br1 up type bridge mcast_snooping 0 651 ip link set dev $swp1 master br0 652 ip link set dev $swp2 master br1 653 ip link set dev vxlan0 master br0 654 ip link set dev vxlan1 master br1 655 busywait "$TIMEOUT" wait_for_offload \ 656 ip $IP_FLAG route show table local $LOCAL_IP_1 657 check_err $? 658 659 ip link del dev vxlan0 660 busywait "$TIMEOUT" wait_for_offload \ 661 ip $IP_FLAG route show table local $LOCAL_IP_1 662 check_err $? 663 664 ip link del dev vxlan1 665 busywait "$TIMEOUT" not wait_for_offload \ 666 ip $IP_FLAG route show table local $LOCAL_IP_1 667 check_err $? 668 669 log_test "vxlan decap route - vxlan device deletion" 670 671 ip link add name vxlan0 up master br0 type vxlan id 10 nolearning \ 672 $UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 673 ip link add name vxlan1 up master br1 type vxlan id 20 nolearning \ 674 $UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 675} 676 677check_fdb_offloaded() 678{ 679 local mac=00:11:22:33:44:55 680 local zmac=00:00:00:00:00:00 681 682 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $mac self \ 683 bridge fdb show dev vxlan0 684 check_err $? 685 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $mac master \ 686 bridge fdb show dev vxlan0 687 check_err $? 688 689 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $zmac self \ 690 bridge fdb show dev vxlan0 691 check_err $? 692} 693 694check_vxlan_fdb_not_offloaded() 695{ 696 local mac=00:11:22:33:44:55 697 local zmac=00:00:00:00:00:00 698 699 bridge fdb show dev vxlan0 | grep $mac | grep -q self 700 check_err $? 701 busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $mac self \ 702 bridge fdb show dev vxlan0 703 check_err $? 704 705 bridge fdb show dev vxlan0 | grep $zmac | grep -q self 706 check_err $? 707 busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $zmac self \ 708 bridge fdb show dev vxlan0 709 check_err $? 710} 711 712check_bridge_fdb_not_offloaded() 713{ 714 local mac=00:11:22:33:44:55 715 local zmac=00:00:00:00:00:00 716 717 bridge fdb show dev vxlan0 | grep $mac | grep -q master 718 check_err $? 719 busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $mac master \ 720 bridge fdb show dev vxlan0 721 check_err $? 722} 723 724__offload_indication_join_vxlan_first() 725{ 726 local vid=$1; shift 727 728 local mac=00:11:22:33:44:55 729 local zmac=00:00:00:00:00:00 730 731 bridge fdb append $zmac dev vxlan0 self dst $LOCAL_IP_2 732 733 ip link set dev vxlan0 master br0 734 bridge fdb add dev vxlan0 $mac self master static dst $LOCAL_IP_2 735 736 RET=0 737 check_vxlan_fdb_not_offloaded 738 ip link set dev $swp1 master br0 739 sleep .1 740 check_fdb_offloaded 741 log_test "offload indication - attach vxlan first" 742 743 RET=0 744 ip link set dev vxlan0 down 745 check_vxlan_fdb_not_offloaded 746 check_bridge_fdb_not_offloaded 747 log_test "offload indication - set vxlan down" 748 749 RET=0 750 ip link set dev vxlan0 up 751 sleep .1 752 check_fdb_offloaded 753 log_test "offload indication - set vxlan up" 754 755 if [[ ! -z $vid ]]; then 756 RET=0 757 bridge vlan del dev vxlan0 vid $vid 758 check_vxlan_fdb_not_offloaded 759 check_bridge_fdb_not_offloaded 760 log_test "offload indication - delete VLAN" 761 762 RET=0 763 bridge vlan add dev vxlan0 vid $vid 764 check_vxlan_fdb_not_offloaded 765 check_bridge_fdb_not_offloaded 766 log_test "offload indication - add tagged VLAN" 767 768 RET=0 769 bridge vlan add dev vxlan0 vid $vid pvid untagged 770 sleep .1 771 check_fdb_offloaded 772 log_test "offload indication - add pvid/untagged VLAN" 773 fi 774 775 RET=0 776 ip link set dev $swp1 nomaster 777 check_vxlan_fdb_not_offloaded 778 log_test "offload indication - detach port" 779} 780 781offload_indication_join_vxlan_first() 782{ 783 ip link add dev br0 up type bridge mcast_snooping 0 784 ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \ 785 ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 786 787 __offload_indication_join_vxlan_first 788 789 ip link del dev vxlan0 790 ip link del dev br0 791} 792 793__offload_indication_join_vxlan_last() 794{ 795 local zmac=00:00:00:00:00:00 796 797 RET=0 798 799 bridge fdb append $zmac dev vxlan0 self dst $LOCAL_IP_2 800 801 ip link set dev $swp1 master br0 802 803 busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $zmac self \ 804 bridge fdb show dev vxlan0 805 check_err $? 806 807 ip link set dev vxlan0 master br0 808 809 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $zmac self \ 810 bridge fdb show dev vxlan0 811 check_err $? 812 813 log_test "offload indication - attach vxlan last" 814} 815 816offload_indication_join_vxlan_last() 817{ 818 ip link add dev br0 up type bridge mcast_snooping 0 819 ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \ 820 ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 821 822 __offload_indication_join_vxlan_last 823 824 ip link del dev vxlan0 825 ip link del dev br0 826} 827 828offload_indication_test() 829{ 830 offload_indication_setup_create 831 offload_indication_fdb_test 832 offload_indication_decap_route_test 833 offload_indication_setup_destroy 834 835 log_info "offload indication - replay & cleanup" 836 offload_indication_join_vxlan_first 837 offload_indication_join_vxlan_last 838} 839 840sanitization_vlan_aware_test() 841{ 842 RET=0 843 844 ip link add dev br0 type bridge mcast_snooping 0 vlan_filtering 1 845 846 ip link add name vxlan10 up master br0 type vxlan id 10 nolearning \ 847 $UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 848 849 ip link add name vxlan20 up master br0 type vxlan id 20 nolearning \ 850 $UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 851 852 # Test that when each VNI is mapped to a different VLAN we can enslave 853 # a port to the bridge 854 bridge vlan add vid 10 dev vxlan10 pvid untagged 855 bridge vlan add vid 20 dev vxlan20 pvid untagged 856 857 ip link set dev $swp1 master br0 858 check_err $? 859 860 log_test "vlan-aware - enslavement to vlan-aware bridge" 861 862 # Try to map both VNIs to the same VLAN and make sure configuration 863 # fails 864 RET=0 865 866 bridge vlan add vid 10 dev vxlan20 pvid untagged &> /dev/null 867 check_fail $? 868 869 log_test "vlan-aware - two vnis mapped to the same vlan" 870 871 # Test that enslavement of a port to a bridge fails when two VNIs 872 # are mapped to the same VLAN 873 RET=0 874 875 ip link set dev $swp1 nomaster 876 877 bridge vlan del vid 20 dev vxlan20 pvid untagged 878 bridge vlan add vid 10 dev vxlan20 pvid untagged 879 880 ip link set dev $swp1 master br0 &> /dev/null 881 check_fail $? 882 883 log_test "vlan-aware - failed enslavement to vlan-aware bridge" 884 885 bridge vlan del vid 10 dev vxlan20 886 bridge vlan add vid 20 dev vxlan20 pvid untagged 887 888 # Test that when two VXLAN tunnels with conflicting configurations 889 # (i.e., different TTL) are enslaved to the same VLAN-aware bridge, 890 # then the enslavement of a port to the bridge is denied. 891 892 # Use the offload indication of the local route to ensure the VXLAN 893 # configuration was correctly rollbacked. 894 ip address add $LOCAL_IP_1/$PREFIX_LEN dev lo 895 896 ip link set dev vxlan10 type vxlan ttl 10 897 ip link set dev $swp1 master br0 &> /dev/null 898 check_fail $? 899 900 busywait "$TIMEOUT" not wait_for_offload \ 901 ip $IP_FLAG route show table local $LOCAL_IP_1 902 check_err $? 903 904 log_test "vlan-aware - failed enslavement to bridge due to conflict" 905 906 ip link set dev vxlan10 type vxlan ttl 20 907 ip address del $LOCAL_IP_1/$PREFIX_LEN dev lo 908 909 ip link del dev vxlan20 910 ip link del dev vxlan10 911 ip link del dev br0 912} 913 914offload_indication_vlan_aware_setup_create() 915{ 916 # Create a simple setup with two VxLAN devices and a single VLAN-aware 917 # bridge 918 ip link add name br0 up type bridge mcast_snooping 0 vlan_filtering 1 \ 919 vlan_default_pvid 0 920 921 ip link set dev $swp1 master br0 922 923 bridge vlan add vid 10 dev $swp1 924 bridge vlan add vid 20 dev $swp1 925 926 ip address add $LOCAL_IP_1/$PREFIX_LEN dev lo 927 928 ip link add name vxlan10 up master br0 type vxlan id 10 nolearning \ 929 $UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 930 ip link add name vxlan20 up master br0 type vxlan id 20 nolearning \ 931 $UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 932 933 bridge vlan add vid 10 dev vxlan10 pvid untagged 934 bridge vlan add vid 20 dev vxlan20 pvid untagged 935} 936 937offload_indication_vlan_aware_setup_destroy() 938{ 939 bridge vlan del vid 20 dev vxlan20 940 bridge vlan del vid 10 dev vxlan10 941 942 ip link del dev vxlan20 943 ip link del dev vxlan10 944 945 ip address del $LOCAL_IP_1/$PREFIX_LEN dev lo 946 947 bridge vlan del vid 20 dev $swp1 948 bridge vlan del vid 10 dev $swp1 949 950 ip link set dev $swp1 nomaster 951 952 ip link del dev br0 953} 954 955offload_indication_vlan_aware_fdb_test() 956{ 957 RET=0 958 959 log_info "vxlan entry offload indication - vlan-aware" 960 961 bridge fdb add de:ad:be:ef:13:37 dev vxlan10 self master static \ 962 dst $LOCAL_IP_2 vlan 10 963 964 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 965 de:ad:be:ef:13:37 self bridge fdb show brport vxlan10 966 check_err $? 967 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 968 de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan10 969 check_err $? 970 971 log_test "vxlan entry offload indication - initial state" 972 973 # Remove FDB entry from the bridge driver and check that corresponding 974 # entry in the VxLAN driver is not marked as offloaded 975 RET=0 976 977 bridge fdb del de:ad:be:ef:13:37 dev vxlan10 master vlan 10 978 busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb \ 979 de:ad:be:ef:13:37 self bridge fdb show brport vxlan10 980 check_err $? 981 982 log_test "vxlan entry offload indication - after removal from bridge" 983 984 # Add the FDB entry back to the bridge driver and make sure it is 985 # marked as offloaded in both drivers 986 RET=0 987 988 bridge fdb add de:ad:be:ef:13:37 dev vxlan10 master static vlan 10 989 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 990 de:ad:be:ef:13:37 self bridge fdb show brport vxlan10 991 check_err $? 992 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 993 de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan10 994 check_err $? 995 996 log_test "vxlan entry offload indication - after re-add to bridge" 997 998 # Remove FDB entry from the VxLAN driver and check that corresponding 999 # entry in the bridge driver is not marked as offloaded 1000 RET=0 1001 1002 bridge fdb del de:ad:be:ef:13:37 dev vxlan10 self 1003 busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb \ 1004 de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan10 1005 check_err $? 1006 1007 log_test "vxlan entry offload indication - after removal from vxlan" 1008 1009 # Add the FDB entry back to the VxLAN driver and make sure it is 1010 # marked as offloaded in both drivers 1011 RET=0 1012 1013 bridge fdb add de:ad:be:ef:13:37 dev vxlan10 self dst $LOCAL_IP_2 1014 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 1015 de:ad:be:ef:13:37 self bridge fdb show brport vxlan10 1016 check_err $? 1017 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 1018 de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan10 1019 check_err $? 1020 1021 log_test "vxlan entry offload indication - after re-add to vxlan" 1022 1023 bridge fdb del de:ad:be:ef:13:37 dev vxlan10 self master vlan 10 1024} 1025 1026offload_indication_vlan_aware_decap_route_test() 1027{ 1028 RET=0 1029 1030 busywait "$TIMEOUT" wait_for_offload \ 1031 ip $IP_FLAG route show table local $LOCAL_IP_1 1032 check_err $? 1033 1034 # Toggle PVID flag on one VxLAN device and make sure route is still 1035 # marked as offloaded 1036 bridge vlan add vid 10 dev vxlan10 untagged 1037 1038 busywait "$TIMEOUT" wait_for_offload \ 1039 ip $IP_FLAG route show table local $LOCAL_IP_1 1040 check_err $? 1041 1042 # Toggle PVID flag on second VxLAN device and make sure route is no 1043 # longer marked as offloaded 1044 bridge vlan add vid 20 dev vxlan20 untagged 1045 1046 busywait "$TIMEOUT" not wait_for_offload \ 1047 ip $IP_FLAG route show table local $LOCAL_IP_1 1048 check_err $? 1049 1050 # Toggle PVID flag back and make sure route is marked as offloaded 1051 bridge vlan add vid 10 dev vxlan10 pvid untagged 1052 bridge vlan add vid 20 dev vxlan20 pvid untagged 1053 1054 busywait "$TIMEOUT" wait_for_offload ip $IP_FLAG route show table local \ 1055 $LOCAL_IP_1 1056 check_err $? 1057 1058 log_test "vxlan decap route - vni map/unmap" 1059} 1060 1061offload_indication_vlan_aware_join_vxlan_first() 1062{ 1063 ip link add dev br0 up type bridge mcast_snooping 0 \ 1064 vlan_filtering 1 vlan_default_pvid 1 1065 ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \ 1066 ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 1067 1068 __offload_indication_join_vxlan_first 1 1069 1070 ip link del dev vxlan0 1071 ip link del dev br0 1072} 1073 1074offload_indication_vlan_aware_join_vxlan_last() 1075{ 1076 ip link add dev br0 up type bridge mcast_snooping 0 \ 1077 vlan_filtering 1 vlan_default_pvid 1 1078 ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \ 1079 ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 1080 1081 __offload_indication_join_vxlan_last 1082 1083 ip link del dev vxlan0 1084 ip link del dev br0 1085} 1086 1087offload_indication_vlan_aware_l3vni_test() 1088{ 1089 local zmac=00:00:00:00:00:00 1090 1091 RET=0 1092 1093 sysctl_set net.ipv6.conf.default.disable_ipv6 1 1094 ip link add dev br0 up type bridge mcast_snooping 0 \ 1095 vlan_filtering 1 vlan_default_pvid 0 1096 ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \ 1097 ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 1098 1099 ip link set dev $swp1 master br0 1100 1101 # The test will use the offload indication on the FDB entry to 1102 # understand if the tunnel is offloaded or not 1103 bridge fdb append $zmac dev vxlan0 self dst $LOCAL_IP_2 1104 1105 ip link set dev vxlan0 master br0 1106 bridge vlan add dev vxlan0 vid 10 pvid untagged 1107 1108 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $zmac self \ 1109 bridge fdb show brport vxlan0 1110 check_err $? "vxlan tunnel not offloaded when should" 1111 1112 # Configure a VLAN interface and make sure tunnel is offloaded 1113 ip link add link br0 name br10 up type vlan id 10 1114 sysctl_set net.ipv6.conf.br10.disable_ipv6 0 1115 ip -6 address add 2001:db8:1::1/64 dev br10 1116 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $zmac self \ 1117 bridge fdb show brport vxlan0 1118 check_err $? "vxlan tunnel not offloaded when should" 1119 1120 # Unlink the VXLAN device, make sure tunnel is no longer offloaded, 1121 # then add it back to the bridge and make sure it is offloaded 1122 ip link set dev vxlan0 nomaster 1123 busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $zmac self \ 1124 bridge fdb show brport vxlan0 1125 check_err $? "vxlan tunnel offloaded after unlinked from bridge" 1126 1127 ip link set dev vxlan0 master br0 1128 busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $zmac self \ 1129 bridge fdb show brport vxlan0 1130 check_err $? "vxlan tunnel offloaded despite no matching vid" 1131 1132 bridge vlan add dev vxlan0 vid 10 pvid untagged 1133 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $zmac self \ 1134 bridge fdb show brport vxlan0 1135 check_err $? "vxlan tunnel not offloaded after adding vid" 1136 1137 log_test "vxlan - l3 vni" 1138 1139 ip link del dev vxlan0 1140 ip link del dev br0 1141 sysctl_restore net.ipv6.conf.default.disable_ipv6 1142} 1143 1144offload_indication_vlan_aware_test() 1145{ 1146 offload_indication_vlan_aware_setup_create 1147 offload_indication_vlan_aware_fdb_test 1148 offload_indication_vlan_aware_decap_route_test 1149 offload_indication_vlan_aware_setup_destroy 1150 1151 log_info "offload indication - replay & cleanup - vlan aware" 1152 offload_indication_vlan_aware_join_vxlan_first 1153 offload_indication_vlan_aware_join_vxlan_last 1154 offload_indication_vlan_aware_l3vni_test 1155} 1156 1157trap cleanup EXIT 1158 1159setup_prepare 1160setup_wait 1161 1162tests_run 1163 1164exit $EXIT_STATUS