vxlan_fdb_veto.sh (3186B)
1#!/bin/bash 2# SPDX-License-Identifier: GPL-2.0 3# 4# Test vetoing of FDB entries that mlxsw can not offload. This exercises several 5# different veto vectors to test various rollback scenarios in the vxlan driver. 6 7: ${LOCAL_IP:=198.51.100.1} 8export LOCAL_IP 9 10: ${REMOTE_IP_1:=198.51.100.2} 11export REMOTE_IP_1 12 13: ${REMOTE_IP_2:=198.51.100.3} 14export REMOTE_IP_2 15 16: ${UDPCSUM_FLAFS:=noudpcsum} 17export UDPCSUM_FLAFS 18 19: ${MC_IP:=224.0.0.1} 20export MC_IP 21 22lib_dir=$(dirname $0)/../../../net/forwarding 23 24ALL_TESTS=" 25 fdb_create_veto_test 26 fdb_replace_veto_test 27 fdb_append_veto_test 28 fdb_changelink_veto_test 29" 30NUM_NETIFS=2 31source $lib_dir/lib.sh 32 33setup_prepare() 34{ 35 swp1=${NETIFS[p1]} 36 swp2=${NETIFS[p2]} 37 38 ip link add dev br0 type bridge mcast_snooping 0 39 40 ip link set dev $swp1 up 41 ip link set dev $swp1 master br0 42 ip link set dev $swp2 up 43 44 ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \ 45 ttl 20 tos inherit local $LOCAL_IP dstport 4789 46 ip link set dev vxlan0 master br0 47} 48 49cleanup() 50{ 51 pre_cleanup 52 53 ip link set dev vxlan0 nomaster 54 ip link del dev vxlan0 55 56 ip link set dev $swp2 down 57 ip link set dev $swp1 nomaster 58 ip link set dev $swp1 down 59 60 ip link del dev br0 61} 62 63fdb_create_veto_test() 64{ 65 RET=0 66 67 bridge fdb add 01:02:03:04:05:06 dev vxlan0 self static \ 68 dst $REMOTE_IP_1 2>/dev/null 69 check_fail $? "multicast MAC not rejected" 70 71 bridge fdb add 01:02:03:04:05:06 dev vxlan0 self static \ 72 dst $REMOTE_IP_1 2>&1 >/dev/null | grep -q mlxsw_spectrum 73 check_err $? "multicast MAC rejected without extack" 74 75 log_test "vxlan FDB veto - create" 76} 77 78fdb_replace_veto_test() 79{ 80 RET=0 81 82 bridge fdb add 00:01:02:03:04:05 dev vxlan0 self static \ 83 dst $REMOTE_IP_1 84 check_err $? "valid FDB rejected" 85 86 bridge fdb replace 00:01:02:03:04:05 dev vxlan0 self static \ 87 dst $REMOTE_IP_1 port 1234 2>/dev/null 88 check_fail $? "FDB with an explicit port not rejected" 89 90 bridge fdb replace 00:01:02:03:04:05 dev vxlan0 self static \ 91 dst $REMOTE_IP_1 port 1234 2>&1 >/dev/null \ 92 | grep -q mlxsw_spectrum 93 check_err $? "FDB with an explicit port rejected without extack" 94 95 log_test "vxlan FDB veto - replace" 96} 97 98fdb_append_veto_test() 99{ 100 RET=0 101 102 bridge fdb add 00:00:00:00:00:00 dev vxlan0 self static \ 103 dst $REMOTE_IP_1 104 check_err $? "valid FDB rejected" 105 106 bridge fdb append 00:00:00:00:00:00 dev vxlan0 self static \ 107 dst $REMOTE_IP_2 port 1234 2>/dev/null 108 check_fail $? "FDB with an explicit port not rejected" 109 110 bridge fdb append 00:00:00:00:00:00 dev vxlan0 self static \ 111 dst $REMOTE_IP_2 port 1234 2>&1 >/dev/null \ 112 | grep -q mlxsw_spectrum 113 check_err $? "FDB with an explicit port rejected without extack" 114 115 log_test "vxlan FDB veto - append" 116} 117 118fdb_changelink_veto_test() 119{ 120 RET=0 121 122 ip link set dev vxlan0 type vxlan \ 123 group $MC_IP dev lo 2>/dev/null 124 check_fail $? "FDB with a multicast IP not rejected" 125 126 ip link set dev vxlan0 type vxlan \ 127 group $MC_IP dev lo 2>&1 >/dev/null \ 128 | grep -q mlxsw_spectrum 129 check_err $? "FDB with a multicast IP rejected without extack" 130 131 log_test "vxlan FDB veto - changelink" 132} 133 134trap cleanup EXIT 135 136setup_prepare 137setup_wait 138 139tests_run 140 141exit $EXIT_STATUS