cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

gre_multipath_nh_res.sh (9491B)

      1#!/bin/bash
      2# SPDX-License-Identifier: GPL-2.0
      3
      4# Test traffic distribution when a wECMP route forwards traffic to two GRE
      5# tunnels.
      6#
      7# +-------------------------+
      8# | H1                      |
      9# |               $h1 +     |
     10# |      192.0.2.1/28 |     |
     11# |  2001:db8:1::1/64 |     |
     12# +-------------------|-----+
     13#                     |
     14# +-------------------|------------------------+
     15# | SW1               |                        |
     16# |              $ol1 +                        |
     17# |      192.0.2.2/28                          |
     18# |  2001:db8:1::2/64                          |
     19# |                                            |
     20# |  + g1a (gre)          + g1b (gre)          |
     21# |    loc=192.0.2.65       loc=192.0.2.81     |
     22# |    rem=192.0.2.66 --.   rem=192.0.2.82 --. |
     23# |    tos=inherit      |   tos=inherit      | |
     24# |  .------------------'                    | |
     25# |  |                    .------------------' |
     26# |  v                    v                    |
     27# |  + $ul1.111 (vlan)    + $ul1.222 (vlan)    |
     28# |  | 192.0.2.129/28     | 192.0.2.145/28     |
     29# |   \                  /                     |
     30# |    \________________/                      |
     31# |            |                               |
     32# |            + $ul1                          |
     33# +------------|-------------------------------+
     34#              |
     35# +------------|-------------------------------+
     36# | SW2        + $ul2                          |
     37# |     _______|________                       |
     38# |    /                \                      |
     39# |   /                  \                     |
     40# |  + $ul2.111 (vlan)    + $ul2.222 (vlan)    |
     41# |  ^ 192.0.2.130/28     ^ 192.0.2.146/28     |
     42# |  |                    |                    |
     43# |  |                    '------------------. |
     44# |  '------------------.                    | |
     45# |  + g2a (gre)        | + g2b (gre)        | |
     46# |    loc=192.0.2.66   |   loc=192.0.2.82   | |
     47# |    rem=192.0.2.65 --'   rem=192.0.2.81 --' |
     48# |    tos=inherit          tos=inherit        |
     49# |                                            |
     50# |              $ol2 +                        |
     51# |     192.0.2.17/28 |                        |
     52# |  2001:db8:2::1/64 |                        |
     53# +-------------------|------------------------+
     54#                     |
     55# +-------------------|-----+
     56# | H2                |     |
     57# |               $h2 +     |
     58# |     192.0.2.18/28       |
     59# |  2001:db8:2::2/64       |
     60# +-------------------------+
     61
     62ALL_TESTS="
     63	ping_ipv4
     64	ping_ipv6
     65	multipath_ipv4
     66	multipath_ipv6
     67	multipath_ipv6_l4
     68"
     69
     70NUM_NETIFS=6
     71source lib.sh
     72
     73h1_create()
     74{
     75	simple_if_init $h1 192.0.2.1/28 2001:db8:1::1/64
     76	ip route add vrf v$h1 192.0.2.16/28 via 192.0.2.2
     77	ip route add vrf v$h1 2001:db8:2::/64 via 2001:db8:1::2
     78}
     79
     80h1_destroy()
     81{
     82	ip route del vrf v$h1 2001:db8:2::/64 via 2001:db8:1::2
     83	ip route del vrf v$h1 192.0.2.16/28 via 192.0.2.2
     84	simple_if_fini $h1 192.0.2.1/28
     85}
     86
     87sw1_create()
     88{
     89	simple_if_init $ol1 192.0.2.2/28 2001:db8:1::2/64
     90	__simple_if_init $ul1 v$ol1
     91	vlan_create $ul1 111 v$ol1 192.0.2.129/28
     92	vlan_create $ul1 222 v$ol1 192.0.2.145/28
     93
     94	tunnel_create g1a gre 192.0.2.65 192.0.2.66 tos inherit dev v$ol1
     95	__simple_if_init g1a v$ol1 192.0.2.65/32
     96	ip route add vrf v$ol1 192.0.2.66/32 via 192.0.2.130
     97
     98	tunnel_create g1b gre 192.0.2.81 192.0.2.82 tos inherit dev v$ol1
     99	__simple_if_init g1b v$ol1 192.0.2.81/32
    100	ip route add vrf v$ol1 192.0.2.82/32 via 192.0.2.146
    101
    102	ip -6 nexthop add id 101 dev g1a
    103	ip -6 nexthop add id 102 dev g1b
    104	ip nexthop add id 103 group 101/102 type resilient buckets 512 \
    105		idle_timer 0
    106
    107	ip route add vrf v$ol1 192.0.2.16/28 nhid 103
    108	ip route add vrf v$ol1 2001:db8:2::/64 nhid 103
    109}
    110
    111sw1_destroy()
    112{
    113	ip route del vrf v$ol1 2001:db8:2::/64
    114	ip route del vrf v$ol1 192.0.2.16/28
    115
    116	ip nexthop del id 103
    117	ip -6 nexthop del id 102
    118	ip -6 nexthop del id 101
    119
    120	ip route del vrf v$ol1 192.0.2.82/32 via 192.0.2.146
    121	__simple_if_fini g1b 192.0.2.81/32
    122	tunnel_destroy g1b
    123
    124	ip route del vrf v$ol1 192.0.2.66/32 via 192.0.2.130
    125	__simple_if_fini g1a 192.0.2.65/32
    126	tunnel_destroy g1a
    127
    128	vlan_destroy $ul1 222
    129	vlan_destroy $ul1 111
    130	__simple_if_fini $ul1
    131	simple_if_fini $ol1 192.0.2.2/28 2001:db8:1::2/64
    132}
    133
    134sw2_create()
    135{
    136	simple_if_init $ol2 192.0.2.17/28 2001:db8:2::1/64
    137	__simple_if_init $ul2 v$ol2
    138	vlan_create $ul2 111 v$ol2 192.0.2.130/28
    139	vlan_create $ul2 222 v$ol2 192.0.2.146/28
    140
    141	tunnel_create g2a gre 192.0.2.66 192.0.2.65 tos inherit dev v$ol2
    142	__simple_if_init g2a v$ol2 192.0.2.66/32
    143	ip route add vrf v$ol2 192.0.2.65/32 via 192.0.2.129
    144
    145	tunnel_create g2b gre 192.0.2.82 192.0.2.81 tos inherit dev v$ol2
    146	__simple_if_init g2b v$ol2 192.0.2.82/32
    147	ip route add vrf v$ol2 192.0.2.81/32 via 192.0.2.145
    148
    149	ip -6 nexthop add id 201 dev g2a
    150	ip -6 nexthop add id 202 dev g2b
    151	ip nexthop add id 203 group 201/202 type resilient buckets 512 \
    152		idle_timer 0
    153
    154	ip route add vrf v$ol2 192.0.2.0/28 nhid 203
    155	ip route add vrf v$ol2 2001:db8:1::/64 nhid 203
    156
    157	tc qdisc add dev $ul2 clsact
    158	tc filter add dev $ul2 ingress pref 111 prot 802.1Q \
    159	   flower vlan_id 111 action pass
    160	tc filter add dev $ul2 ingress pref 222 prot 802.1Q \
    161	   flower vlan_id 222 action pass
    162}
    163
    164sw2_destroy()
    165{
    166	tc qdisc del dev $ul2 clsact
    167
    168	ip route del vrf v$ol2 2001:db8:1::/64
    169	ip route del vrf v$ol2 192.0.2.0/28
    170
    171	ip nexthop del id 203
    172	ip -6 nexthop del id 202
    173	ip -6 nexthop del id 201
    174
    175	ip route del vrf v$ol2 192.0.2.81/32 via 192.0.2.145
    176	__simple_if_fini g2b 192.0.2.82/32
    177	tunnel_destroy g2b
    178
    179	ip route del vrf v$ol2 192.0.2.65/32 via 192.0.2.129
    180	__simple_if_fini g2a 192.0.2.66/32
    181	tunnel_destroy g2a
    182
    183	vlan_destroy $ul2 222
    184	vlan_destroy $ul2 111
    185	__simple_if_fini $ul2
    186	simple_if_fini $ol2 192.0.2.17/28 2001:db8:2::1/64
    187}
    188
    189h2_create()
    190{
    191	simple_if_init $h2 192.0.2.18/28 2001:db8:2::2/64
    192	ip route add vrf v$h2 192.0.2.0/28 via 192.0.2.17
    193	ip route add vrf v$h2 2001:db8:1::/64 via 2001:db8:2::1
    194}
    195
    196h2_destroy()
    197{
    198	ip route del vrf v$h2 2001:db8:1::/64 via 2001:db8:2::1
    199	ip route del vrf v$h2 192.0.2.0/28 via 192.0.2.17
    200	simple_if_fini $h2 192.0.2.18/28 2001:db8:2::2/64
    201}
    202
    203setup_prepare()
    204{
    205	h1=${NETIFS[p1]}
    206	ol1=${NETIFS[p2]}
    207
    208	ul1=${NETIFS[p3]}
    209	ul2=${NETIFS[p4]}
    210
    211	ol2=${NETIFS[p5]}
    212	h2=${NETIFS[p6]}
    213
    214	vrf_prepare
    215	h1_create
    216	sw1_create
    217	sw2_create
    218	h2_create
    219
    220	forwarding_enable
    221}
    222
    223cleanup()
    224{
    225	pre_cleanup
    226
    227	forwarding_restore
    228
    229	h2_destroy
    230	sw2_destroy
    231	sw1_destroy
    232	h1_destroy
    233	vrf_cleanup
    234}
    235
    236multipath4_test()
    237{
    238	local what=$1; shift
    239	local weight1=$1; shift
    240	local weight2=$1; shift
    241
    242	sysctl_set net.ipv4.fib_multipath_hash_policy 1
    243	ip nexthop replace id 103 group 101,$weight1/102,$weight2 \
    244		type resilient
    245
    246	local t0_111=$(tc_rule_stats_get $ul2 111 ingress)
    247	local t0_222=$(tc_rule_stats_get $ul2 222 ingress)
    248
    249	ip vrf exec v$h1 \
    250	   $MZ $h1 -q -p 64 -A 192.0.2.1 -B 192.0.2.18 \
    251	       -d 1msec -t udp "sp=1024,dp=0-32768"
    252
    253	local t1_111=$(tc_rule_stats_get $ul2 111 ingress)
    254	local t1_222=$(tc_rule_stats_get $ul2 222 ingress)
    255
    256	local d111=$((t1_111 - t0_111))
    257	local d222=$((t1_222 - t0_222))
    258	multipath_eval "$what" $weight1 $weight2 $d111 $d222
    259
    260	ip nexthop replace id 103 group 101/102 type resilient
    261	sysctl_restore net.ipv4.fib_multipath_hash_policy
    262}
    263
    264multipath6_test()
    265{
    266	local what=$1; shift
    267	local weight1=$1; shift
    268	local weight2=$1; shift
    269
    270	sysctl_set net.ipv6.fib_multipath_hash_policy 0
    271	ip nexthop replace id 103 group 101,$weight1/102,$weight2 \
    272		type resilient
    273
    274	local t0_111=$(tc_rule_stats_get $ul2 111 ingress)
    275	local t0_222=$(tc_rule_stats_get $ul2 222 ingress)
    276
    277	# Generate 16384 echo requests, each with a random flow label.
    278	for ((i=0; i < 16384; ++i)); do
    279		ip vrf exec v$h1 $PING6 2001:db8:2::2 -F 0 -c 1 -q &> /dev/null
    280	done
    281
    282	local t1_111=$(tc_rule_stats_get $ul2 111 ingress)
    283	local t1_222=$(tc_rule_stats_get $ul2 222 ingress)
    284
    285	local d111=$((t1_111 - t0_111))
    286	local d222=$((t1_222 - t0_222))
    287	multipath_eval "$what" $weight1 $weight2 $d111 $d222
    288
    289	ip nexthop replace id 103 group 101/102 type resilient
    290	sysctl_restore net.ipv6.fib_multipath_hash_policy
    291}
    292
    293multipath6_l4_test()
    294{
    295	local what=$1; shift
    296	local weight1=$1; shift
    297	local weight2=$1; shift
    298
    299	sysctl_set net.ipv6.fib_multipath_hash_policy 1
    300	ip nexthop replace id 103 group 101,$weight1/102,$weight2 \
    301		type resilient
    302
    303	local t0_111=$(tc_rule_stats_get $ul2 111 ingress)
    304	local t0_222=$(tc_rule_stats_get $ul2 222 ingress)
    305
    306	ip vrf exec v$h1 \
    307		$MZ $h1 -6 -q -p 64 -A 2001:db8:1::1 -B 2001:db8:2::2 \
    308		-d 1msec -t udp "sp=1024,dp=0-32768"
    309
    310	local t1_111=$(tc_rule_stats_get $ul2 111 ingress)
    311	local t1_222=$(tc_rule_stats_get $ul2 222 ingress)
    312
    313	local d111=$((t1_111 - t0_111))
    314	local d222=$((t1_222 - t0_222))
    315	multipath_eval "$what" $weight1 $weight2 $d111 $d222
    316
    317	ip nexthop replace id 103 group 101/102 type resilient
    318	sysctl_restore net.ipv6.fib_multipath_hash_policy
    319}
    320
    321ping_ipv4()
    322{
    323	ping_test $h1 192.0.2.18
    324}
    325
    326ping_ipv6()
    327{
    328	ping6_test $h1 2001:db8:2::2
    329}
    330
    331multipath_ipv4()
    332{
    333	log_info "Running IPv4 multipath tests"
    334	multipath4_test "ECMP" 1 1
    335	multipath4_test "Weighted MP 2:1" 2 1
    336	multipath4_test "Weighted MP 11:45" 11 45
    337}
    338
    339multipath_ipv6()
    340{
    341	log_info "Running IPv6 multipath tests"
    342	multipath6_test "ECMP" 1 1
    343	multipath6_test "Weighted MP 2:1" 2 1
    344	multipath6_test "Weighted MP 11:45" 11 45
    345}
    346
    347multipath_ipv6_l4()
    348{
    349	log_info "Running IPv6 L4 hash multipath tests"
    350	multipath6_l4_test "ECMP" 1 1
    351	multipath6_l4_test "Weighted MP 2:1" 2 1
    352	multipath6_l4_test "Weighted MP 11:45" 11 45
    353}
    354
    355trap cleanup EXIT
    356
    357setup_prepare
    358setup_wait
    359tests_run
    360
    361exit $EXIT_STATUS