cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

gre_multipath_nh.sh (9301B)

      1#!/bin/bash
      2# SPDX-License-Identifier: GPL-2.0
      3
      4# Test traffic distribution when a wECMP route forwards traffic to two GRE
      5# tunnels.
      6#
      7# +-------------------------+
      8# | H1                      |
      9# |               $h1 +     |
     10# |      192.0.2.1/28 |     |
     11# |  2001:db8:1::1/64 |     |
     12# +-------------------|-----+
     13#                     |
     14# +-------------------|------------------------+
     15# | SW1               |                        |
     16# |              $ol1 +                        |
     17# |      192.0.2.2/28                          |
     18# |  2001:db8:1::2/64                          |
     19# |                                            |
     20# |  + g1a (gre)          + g1b (gre)          |
     21# |    loc=192.0.2.65       loc=192.0.2.81     |
     22# |    rem=192.0.2.66 --.   rem=192.0.2.82 --. |
     23# |    tos=inherit      |   tos=inherit      | |
     24# |  .------------------'                    | |
     25# |  |                    .------------------' |
     26# |  v                    v                    |
     27# |  + $ul1.111 (vlan)    + $ul1.222 (vlan)    |
     28# |  | 192.0.2.129/28     | 192.0.2.145/28     |
     29# |   \                  /                     |
     30# |    \________________/                      |
     31# |            |                               |
     32# |            + $ul1                          |
     33# +------------|-------------------------------+
     34#              |
     35# +------------|-------------------------------+
     36# | SW2        + $ul2                          |
     37# |     _______|________                       |
     38# |    /                \                      |
     39# |   /                  \                     |
     40# |  + $ul2.111 (vlan)    + $ul2.222 (vlan)    |
     41# |  ^ 192.0.2.130/28     ^ 192.0.2.146/28     |
     42# |  |                    |                    |
     43# |  |                    '------------------. |
     44# |  '------------------.                    | |
     45# |  + g2a (gre)        | + g2b (gre)        | |
     46# |    loc=192.0.2.66   |   loc=192.0.2.82   | |
     47# |    rem=192.0.2.65 --'   rem=192.0.2.81 --' |
     48# |    tos=inherit          tos=inherit        |
     49# |                                            |
     50# |              $ol2 +                        |
     51# |     192.0.2.17/28 |                        |
     52# |  2001:db8:2::1/64 |                        |
     53# +-------------------|------------------------+
     54#                     |
     55# +-------------------|-----+
     56# | H2                |     |
     57# |               $h2 +     |
     58# |     192.0.2.18/28       |
     59# |  2001:db8:2::2/64       |
     60# +-------------------------+
     61
     62ALL_TESTS="
     63	ping_ipv4
     64	ping_ipv6
     65	multipath_ipv4
     66	multipath_ipv6
     67	multipath_ipv6_l4
     68"
     69
     70NUM_NETIFS=6
     71source lib.sh
     72
     73h1_create()
     74{
     75	simple_if_init $h1 192.0.2.1/28 2001:db8:1::1/64
     76	ip route add vrf v$h1 192.0.2.16/28 via 192.0.2.2
     77	ip route add vrf v$h1 2001:db8:2::/64 via 2001:db8:1::2
     78}
     79
     80h1_destroy()
     81{
     82	ip route del vrf v$h1 2001:db8:2::/64 via 2001:db8:1::2
     83	ip route del vrf v$h1 192.0.2.16/28 via 192.0.2.2
     84	simple_if_fini $h1 192.0.2.1/28
     85}
     86
     87sw1_create()
     88{
     89	simple_if_init $ol1 192.0.2.2/28 2001:db8:1::2/64
     90	__simple_if_init $ul1 v$ol1
     91	vlan_create $ul1 111 v$ol1 192.0.2.129/28
     92	vlan_create $ul1 222 v$ol1 192.0.2.145/28
     93
     94	tunnel_create g1a gre 192.0.2.65 192.0.2.66 tos inherit dev v$ol1
     95	__simple_if_init g1a v$ol1 192.0.2.65/32
     96	ip route add vrf v$ol1 192.0.2.66/32 via 192.0.2.130
     97
     98	tunnel_create g1b gre 192.0.2.81 192.0.2.82 tos inherit dev v$ol1
     99	__simple_if_init g1b v$ol1 192.0.2.81/32
    100	ip route add vrf v$ol1 192.0.2.82/32 via 192.0.2.146
    101
    102	ip -6 nexthop add id 101 dev g1a
    103	ip -6 nexthop add id 102 dev g1b
    104	ip nexthop add id 103 group 101/102
    105
    106	ip route add vrf v$ol1 192.0.2.16/28 nhid 103
    107	ip route add vrf v$ol1 2001:db8:2::/64 nhid 103
    108}
    109
    110sw1_destroy()
    111{
    112	ip route del vrf v$ol1 2001:db8:2::/64
    113	ip route del vrf v$ol1 192.0.2.16/28
    114
    115	ip nexthop del id 103
    116	ip -6 nexthop del id 102
    117	ip -6 nexthop del id 101
    118
    119	ip route del vrf v$ol1 192.0.2.82/32 via 192.0.2.146
    120	__simple_if_fini g1b 192.0.2.81/32
    121	tunnel_destroy g1b
    122
    123	ip route del vrf v$ol1 192.0.2.66/32 via 192.0.2.130
    124	__simple_if_fini g1a 192.0.2.65/32
    125	tunnel_destroy g1a
    126
    127	vlan_destroy $ul1 222
    128	vlan_destroy $ul1 111
    129	__simple_if_fini $ul1
    130	simple_if_fini $ol1 192.0.2.2/28 2001:db8:1::2/64
    131}
    132
    133sw2_create()
    134{
    135	simple_if_init $ol2 192.0.2.17/28 2001:db8:2::1/64
    136	__simple_if_init $ul2 v$ol2
    137	vlan_create $ul2 111 v$ol2 192.0.2.130/28
    138	vlan_create $ul2 222 v$ol2 192.0.2.146/28
    139
    140	tunnel_create g2a gre 192.0.2.66 192.0.2.65 tos inherit dev v$ol2
    141	__simple_if_init g2a v$ol2 192.0.2.66/32
    142	ip route add vrf v$ol2 192.0.2.65/32 via 192.0.2.129
    143
    144	tunnel_create g2b gre 192.0.2.82 192.0.2.81 tos inherit dev v$ol2
    145	__simple_if_init g2b v$ol2 192.0.2.82/32
    146	ip route add vrf v$ol2 192.0.2.81/32 via 192.0.2.145
    147
    148	ip -6 nexthop add id 201 dev g2a
    149	ip -6 nexthop add id 202 dev g2b
    150	ip nexthop add id 203 group 201/202
    151
    152	ip route add vrf v$ol2 192.0.2.0/28 nhid 203
    153	ip route add vrf v$ol2 2001:db8:1::/64 nhid 203
    154
    155	tc qdisc add dev $ul2 clsact
    156	tc filter add dev $ul2 ingress pref 111 prot 802.1Q \
    157	   flower vlan_id 111 action pass
    158	tc filter add dev $ul2 ingress pref 222 prot 802.1Q \
    159	   flower vlan_id 222 action pass
    160}
    161
    162sw2_destroy()
    163{
    164	tc qdisc del dev $ul2 clsact
    165
    166	ip route del vrf v$ol2 2001:db8:1::/64
    167	ip route del vrf v$ol2 192.0.2.0/28
    168
    169	ip nexthop del id 203
    170	ip -6 nexthop del id 202
    171	ip -6 nexthop del id 201
    172
    173	ip route del vrf v$ol2 192.0.2.81/32 via 192.0.2.145
    174	__simple_if_fini g2b 192.0.2.82/32
    175	tunnel_destroy g2b
    176
    177	ip route del vrf v$ol2 192.0.2.65/32 via 192.0.2.129
    178	__simple_if_fini g2a 192.0.2.66/32
    179	tunnel_destroy g2a
    180
    181	vlan_destroy $ul2 222
    182	vlan_destroy $ul2 111
    183	__simple_if_fini $ul2
    184	simple_if_fini $ol2 192.0.2.17/28 2001:db8:2::1/64
    185}
    186
    187h2_create()
    188{
    189	simple_if_init $h2 192.0.2.18/28 2001:db8:2::2/64
    190	ip route add vrf v$h2 192.0.2.0/28 via 192.0.2.17
    191	ip route add vrf v$h2 2001:db8:1::/64 via 2001:db8:2::1
    192}
    193
    194h2_destroy()
    195{
    196	ip route del vrf v$h2 2001:db8:1::/64 via 2001:db8:2::1
    197	ip route del vrf v$h2 192.0.2.0/28 via 192.0.2.17
    198	simple_if_fini $h2 192.0.2.18/28 2001:db8:2::2/64
    199}
    200
    201setup_prepare()
    202{
    203	h1=${NETIFS[p1]}
    204	ol1=${NETIFS[p2]}
    205
    206	ul1=${NETIFS[p3]}
    207	ul2=${NETIFS[p4]}
    208
    209	ol2=${NETIFS[p5]}
    210	h2=${NETIFS[p6]}
    211
    212	vrf_prepare
    213	h1_create
    214	sw1_create
    215	sw2_create
    216	h2_create
    217
    218	forwarding_enable
    219}
    220
    221cleanup()
    222{
    223	pre_cleanup
    224
    225	forwarding_restore
    226
    227	h2_destroy
    228	sw2_destroy
    229	sw1_destroy
    230	h1_destroy
    231	vrf_cleanup
    232}
    233
    234multipath4_test()
    235{
    236	local what=$1; shift
    237	local weight1=$1; shift
    238	local weight2=$1; shift
    239
    240	sysctl_set net.ipv4.fib_multipath_hash_policy 1
    241	ip nexthop replace id 103 group 101,$weight1/102,$weight2
    242
    243	local t0_111=$(tc_rule_stats_get $ul2 111 ingress)
    244	local t0_222=$(tc_rule_stats_get $ul2 222 ingress)
    245
    246	ip vrf exec v$h1 \
    247	   $MZ $h1 -q -p 64 -A 192.0.2.1 -B 192.0.2.18 \
    248	       -d 1msec -t udp "sp=1024,dp=0-32768"
    249
    250	local t1_111=$(tc_rule_stats_get $ul2 111 ingress)
    251	local t1_222=$(tc_rule_stats_get $ul2 222 ingress)
    252
    253	local d111=$((t1_111 - t0_111))
    254	local d222=$((t1_222 - t0_222))
    255	multipath_eval "$what" $weight1 $weight2 $d111 $d222
    256
    257	ip nexthop replace id 103 group 101/102
    258	sysctl_restore net.ipv4.fib_multipath_hash_policy
    259}
    260
    261multipath6_test()
    262{
    263	local what=$1; shift
    264	local weight1=$1; shift
    265	local weight2=$1; shift
    266
    267	sysctl_set net.ipv6.fib_multipath_hash_policy 0
    268	ip nexthop replace id 103 group 101,$weight1/102,$weight2
    269
    270	local t0_111=$(tc_rule_stats_get $ul2 111 ingress)
    271	local t0_222=$(tc_rule_stats_get $ul2 222 ingress)
    272
    273	# Generate 16384 echo requests, each with a random flow label.
    274	for ((i=0; i < 16384; ++i)); do
    275		ip vrf exec v$h1 $PING6 2001:db8:2::2 -F 0 -c 1 -q &> /dev/null
    276	done
    277
    278	local t1_111=$(tc_rule_stats_get $ul2 111 ingress)
    279	local t1_222=$(tc_rule_stats_get $ul2 222 ingress)
    280
    281	local d111=$((t1_111 - t0_111))
    282	local d222=$((t1_222 - t0_222))
    283	multipath_eval "$what" $weight1 $weight2 $d111 $d222
    284
    285	ip nexthop replace id 103 group 101/102
    286	sysctl_restore net.ipv6.fib_multipath_hash_policy
    287}
    288
    289multipath6_l4_test()
    290{
    291	local what=$1; shift
    292	local weight1=$1; shift
    293	local weight2=$1; shift
    294
    295	sysctl_set net.ipv6.fib_multipath_hash_policy 1
    296	ip nexthop replace id 103 group 101,$weight1/102,$weight2
    297
    298	local t0_111=$(tc_rule_stats_get $ul2 111 ingress)
    299	local t0_222=$(tc_rule_stats_get $ul2 222 ingress)
    300
    301	ip vrf exec v$h1 \
    302		$MZ $h1 -6 -q -p 64 -A 2001:db8:1::1 -B 2001:db8:2::2 \
    303		-d 1msec -t udp "sp=1024,dp=0-32768"
    304
    305	local t1_111=$(tc_rule_stats_get $ul2 111 ingress)
    306	local t1_222=$(tc_rule_stats_get $ul2 222 ingress)
    307
    308	local d111=$((t1_111 - t0_111))
    309	local d222=$((t1_222 - t0_222))
    310	multipath_eval "$what" $weight1 $weight2 $d111 $d222
    311
    312	ip nexthop replace id 103 group 101/102
    313	sysctl_restore net.ipv6.fib_multipath_hash_policy
    314}
    315
    316ping_ipv4()
    317{
    318	ping_test $h1 192.0.2.18
    319}
    320
    321ping_ipv6()
    322{
    323	ping6_test $h1 2001:db8:2::2
    324}
    325
    326multipath_ipv4()
    327{
    328	log_info "Running IPv4 multipath tests"
    329	multipath4_test "ECMP" 1 1
    330	multipath4_test "Weighted MP 2:1" 2 1
    331	multipath4_test "Weighted MP 11:45" 11 45
    332}
    333
    334multipath_ipv6()
    335{
    336	log_info "Running IPv6 multipath tests"
    337	multipath6_test "ECMP" 1 1
    338	multipath6_test "Weighted MP 2:1" 2 1
    339	multipath6_test "Weighted MP 11:45" 11 45
    340}
    341
    342multipath_ipv6_l4()
    343{
    344	log_info "Running IPv6 L4 hash multipath tests"
    345	multipath6_l4_test "ECMP" 1 1
    346	multipath6_l4_test "Weighted MP 2:1" 2 1
    347	multipath6_l4_test "Weighted MP 11:45" 11 45
    348}
    349
    350trap cleanup EXIT
    351
    352setup_prepare
    353setup_wait
    354tests_run
    355
    356exit $EXIT_STATUS