2 # SPDX-License-Identifier: GPL-2.0
4 # This test is for checking VXLAN MDB functionality. The topology consists of
5 # two sets of namespaces: One for the testing of IPv4 underlay and another for
6 # IPv6. In both cases, both IPv4 and IPv6 overlay traffic are tested.
8 # Data path functionality is tested by sending traffic from one of the upper
9 # namespaces and checking using ingress tc filters that the expected traffic
10 # was received by one of the lower namespaces.
12 # +------------------------------------+ +------------------------------------+
13 # | ns1_v4 | | ns1_v6 |
15 # | br0.10 br0.4000 br0.20 | | br0.10 br0.4000 br0.20 |
19 # | +---------+---------+ | | +---------+---------+ |
33 # +-----------------|------------------+ +-----------------|------------------+
35 # +-----------------|------------------+ +-----------------|------------------+
49 # | +---------+---------+ | | +---------+---------+ |
53 # | br0.10 br0.4000 br0.10 | | br0.10 br0.4000 br0.20 |
55 # | ns2_v4 | | ns2_v6 |
56 # +------------------------------------+ +------------------------------------+
62 basic_star_g_ipv4_ipv4
63 basic_star_g_ipv6_ipv4
64 basic_star_g_ipv4_ipv6
65 basic_star_g_ipv6_ipv6
86 encap_params_ipv4_ipv4
87 encap_params_ipv6_ipv4
88 encap_params_ipv4_ipv6
89 encap_params_ipv6_ipv6
90 starg_exclude_ir_ipv4_ipv4
91 starg_exclude_ir_ipv6_ipv4
92 starg_exclude_ir_ipv4_ipv6
93 starg_exclude_ir_ipv6_ipv6
94 starg_include_ir_ipv4_ipv4
95 starg_include_ir_ipv6_ipv4
96 starg_include_ir_ipv4_ipv6
97 starg_include_ir_ipv6_ipv6
98 starg_exclude_p2mp_ipv4_ipv4
99 starg_exclude_p2mp_ipv6_ipv4
100 starg_exclude_p2mp_ipv4_ipv6
101 starg_exclude_p2mp_ipv6_ipv6
102 starg_include_p2mp_ipv4_ipv4
103 starg_include_p2mp_ipv6_ipv4
104 starg_include_p2mp_ipv4_ipv6
105 starg_include_p2mp_ipv6_ipv6
106 egress_vni_translation_ipv4_ipv4
107 egress_vni_translation_ipv6_ipv4
108 egress_vni_translation_ipv4_ipv6
109 egress_vni_translation_ipv6_ipv6
116 mdb_torture_ipv4_ipv4
117 mdb_torture_ipv6_ipv4
118 mdb_torture_ipv4_ipv6
119 mdb_torture_ipv6_ipv6
122 # All tests in this script. Can be overridden with -t option.
131 ################################################################################
140 if [ ${rc} -eq ${expected} ]; then
141 printf "TEST: %-60s [ OK ]\n" "${msg}"
142 nsuccess=$((nsuccess+1))
146 printf "TEST: %-60s [FAIL]\n" "${msg}"
147 if [ "$VERBOSE" = "1" ]; then
148 echo " rc=$rc, expected $expected"
151 if [ "${PAUSE_ON_FAIL}" = "yes" ]; then
153 echo "hit enter to continue, 'q' to quit"
155 [ "$a" = "q" ] && exit 1
159 if [ "${PAUSE}" = "yes" ]; then
161 echo "hit enter to continue, 'q' to quit"
163 [ "$a" = "q" ] && exit 1
166 [ "$VERBOSE" = "1" ] && echo
173 local stderr="2>/dev/null"
175 if [ "$VERBOSE" = "1" ]; then
176 printf "COMMAND: $cmd\n"
180 out=$(eval $cmd $stderr)
182 if [ "$VERBOSE" = "1" -a -n "$out" ]; then
193 local handle=$1; shift
194 local count=$1; shift
198 pkts=$(tc -n $ns -j -s filter show $id \
199 | jq ".[] | select(.options.handle == $handle) | \
200 .options.actions[0].stats.packets")
201 [[ $pkts == $count ]]
204 ################################################################################
210 local local_addr=$1; shift
212 ip netns exec $ns sysctl -qw net.ipv4.ip_forward=1
213 ip netns exec $ns sysctl -qw net.ipv4.fib_multipath_use_neigh=1
214 ip netns exec $ns sysctl -qw net.ipv4.conf.default.ignore_routes_with_linkdown=1
215 ip netns exec $ns sysctl -qw net.ipv6.conf.all.keep_addr_on_down=1
216 ip netns exec $ns sysctl -qw net.ipv6.conf.all.forwarding=1
217 ip netns exec $ns sysctl -qw net.ipv6.conf.default.forwarding=1
218 ip netns exec $ns sysctl -qw net.ipv6.conf.default.ignore_routes_with_linkdown=1
219 ip netns exec $ns sysctl -qw net.ipv6.conf.all.accept_dad=0
220 ip netns exec $ns sysctl -qw net.ipv6.conf.default.accept_dad=0
222 ip -n $ns link set dev lo up
223 ip -n $ns address add $local_addr dev lo
225 ip -n $ns link set dev veth0 up
227 ip -n $ns link add name br0 up type bridge vlan_filtering 1 \
228 vlan_default_pvid 0 mcast_snooping 0
230 ip -n $ns link add link br0 name br0.10 up type vlan id 10
231 bridge -n $ns vlan add vid 10 dev br0 self
233 ip -n $ns link add link br0 name br0.20 up type vlan id 20
234 bridge -n $ns vlan add vid 20 dev br0 self
236 ip -n $ns link add link br0 name br0.4000 up type vlan id 4000
237 bridge -n $ns vlan add vid 4000 dev br0 self
239 ip -n $ns link add name vx0 up master br0 type vxlan \
240 local $local_addr dstport 4789 external vnifilter
241 bridge -n $ns link set dev vx0 vlan_tunnel on
243 bridge -n $ns vlan add vid 10 dev vx0
244 bridge -n $ns vlan add vid 10 dev vx0 tunnel_info id 10010
245 bridge -n $ns vni add vni 10010 dev vx0
247 bridge -n $ns vlan add vid 20 dev vx0
248 bridge -n $ns vlan add vid 20 dev vx0 tunnel_info id 10020
249 bridge -n $ns vni add vni 10020 dev vx0
251 bridge -n $ns vlan add vid 4000 dev vx0 pvid
252 bridge -n $ns vlan add vid 4000 dev vx0 tunnel_info id 14000
253 bridge -n $ns vni add vni 14000 dev vx0
260 local local_addr1=$1; shift
261 local local_addr2=$1; shift
263 ip link add name veth0 type veth peer name veth1
264 ip link set dev veth0 netns $ns1 name veth0
265 ip link set dev veth1 netns $ns2 name veth0
267 setup_common_ns $ns1 $local_addr1
268 setup_common_ns $ns2 $local_addr2
273 setup_ns ns1_v4 ns2_v4
274 setup_common $ns1_v4 $ns2_v4 192.0.2.1 192.0.2.2
276 ip -n $ns1_v4 address add 192.0.2.17/28 dev veth0
277 ip -n $ns2_v4 address add 192.0.2.18/28 dev veth0
279 ip -n $ns1_v4 route add default via 192.0.2.18
280 ip -n $ns2_v4 route add default via 192.0.2.17
285 cleanup_ns $ns2_v4 $ns1_v4
290 setup_ns ns1_v6 ns2_v6
291 setup_common $ns1_v6 $ns2_v6 2001:db8:1::1 2001:db8:1::2
293 ip -n $ns1_v6 address add 2001:db8:2::1/64 dev veth0 nodad
294 ip -n $ns2_v6 address add 2001:db8:2::2/64 dev veth0 nodad
296 ip -n $ns1_v6 route add default via 2001:db8:2::2
297 ip -n $ns2_v6 route add default via 2001:db8:2::1
302 cleanup_ns $ns2_v6 $ns1_v6
319 cleanup_v6 &> /dev/null
320 cleanup_v4 &> /dev/null
323 ################################################################################
324 # Tests - Control path
329 local grp_key=$1; shift
330 local vtep_ip=$1; shift
332 # Test basic control path operations common to all MDB entry types.
334 # Basic add, replace and delete behavior.
335 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
336 log_test $? 0 "MDB entry addition"
337 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010"
338 log_test $? 0 "MDB entry presence after addition"
340 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
341 log_test $? 0 "MDB entry replacement"
342 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010"
343 log_test $? 0 "MDB entry presence after replacement"
345 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
346 log_test $? 0 "MDB entry deletion"
347 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010"
348 log_test $? 254 "MDB entry presence after deletion"
350 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
351 log_test $? 255 "Non-existent MDB entry deletion"
353 # Default protocol and replacement.
354 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
355 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \"proto static\""
356 log_test $? 0 "MDB entry default protocol"
358 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 $grp_key permanent proto 123 dst $vtep_ip src_vni 10010"
359 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \"proto 123\""
360 log_test $? 0 "MDB entry protocol replacement"
362 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
364 # Default destination port and replacement.
365 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
366 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \" dst_port \""
367 log_test $? 1 "MDB entry default destination port"
369 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 $grp_key permanent dst $vtep_ip dst_port 1234 src_vni 10010"
370 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \"dst_port 1234\""
371 log_test $? 0 "MDB entry destination port replacement"
373 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
375 # Default destination VNI and replacement.
376 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
377 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \" vni \""
378 log_test $? 1 "MDB entry default destination VNI"
380 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 $grp_key permanent dst $vtep_ip vni 1234 src_vni 10010"
381 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \"vni 1234\""
382 log_test $? 0 "MDB entry destination VNI replacement"
384 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
386 # Default outgoing interface and replacement.
387 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
388 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \" via \""
389 log_test $? 1 "MDB entry default outgoing interface"
391 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010 via veth0"
392 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 $grp_key src_vni 10010 | grep \"via veth0\""
393 log_test $? 0 "MDB entry outgoing interface replacement"
395 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
397 # Common error cases.
398 run_cmd "bridge -n $ns1 mdb add dev vx0 port veth0 $grp_key permanent dst $vtep_ip src_vni 10010"
399 log_test $? 255 "MDB entry with mismatch between device and port"
401 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key temp dst $vtep_ip src_vni 10010"
402 log_test $? 255 "MDB entry with temp state"
404 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent vid 10 dst $vtep_ip src_vni 10010"
405 log_test $? 255 "MDB entry with VLAN"
407 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp 01:02:03:04:05:06 permanent dst $vtep_ip src_vni 10010"
408 log_test $? 255 "MDB entry MAC address"
410 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent"
411 log_test $? 255 "MDB entry without extended parameters"
413 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent proto 3 dst $vtep_ip src_vni 10010"
414 log_test $? 255 "MDB entry with an invalid protocol"
416 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip vni $((2 ** 24)) src_vni 10010"
417 log_test $? 255 "MDB entry with an invalid destination VNI"
419 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni $((2 ** 24))"
420 log_test $? 255 "MDB entry with an invalid source VNI"
422 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent src_vni 10010"
423 log_test $? 255 "MDB entry without a remote destination IP"
425 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
426 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 $grp_key permanent dst $vtep_ip src_vni 10010"
427 log_test $? 255 "Duplicate MDB entries"
428 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 $grp_key dst $vtep_ip src_vni 10010"
431 basic_star_g_ipv4_ipv4()
434 local grp_key="grp 239.1.1.1"
435 local vtep_ip=198.51.100.100
438 echo "Control path: Basic (*, G) operations - IPv4 overlay / IPv4 underlay"
439 echo "--------------------------------------------------------------------"
441 basic_common $ns1 "$grp_key" $vtep_ip
444 basic_star_g_ipv6_ipv4()
447 local grp_key="grp ff0e::1"
448 local vtep_ip=198.51.100.100
451 echo "Control path: Basic (*, G) operations - IPv6 overlay / IPv4 underlay"
452 echo "--------------------------------------------------------------------"
454 basic_common $ns1 "$grp_key" $vtep_ip
457 basic_star_g_ipv4_ipv6()
460 local grp_key="grp 239.1.1.1"
461 local vtep_ip=2001:db8:1000::1
464 echo "Control path: Basic (*, G) operations - IPv4 overlay / IPv6 underlay"
465 echo "--------------------------------------------------------------------"
467 basic_common $ns1 "$grp_key" $vtep_ip
470 basic_star_g_ipv6_ipv6()
473 local grp_key="grp ff0e::1"
474 local vtep_ip=2001:db8:1000::1
477 echo "Control path: Basic (*, G) operations - IPv6 overlay / IPv6 underlay"
478 echo "--------------------------------------------------------------------"
480 basic_common $ns1 "$grp_key" $vtep_ip
486 local grp_key="grp 239.1.1.1 src 192.0.2.129"
487 local vtep_ip=198.51.100.100
490 echo "Control path: Basic (S, G) operations - IPv4 overlay / IPv4 underlay"
491 echo "--------------------------------------------------------------------"
493 basic_common $ns1 "$grp_key" $vtep_ip
499 local grp_key="grp ff0e::1 src 2001:db8:100::1"
500 local vtep_ip=198.51.100.100
503 echo "Control path: Basic (S, G) operations - IPv6 overlay / IPv4 underlay"
504 echo "---------------------------------------------------------------------"
506 basic_common $ns1 "$grp_key" $vtep_ip
512 local grp_key="grp 239.1.1.1 src 192.0.2.129"
513 local vtep_ip=2001:db8:1000::1
516 echo "Control path: Basic (S, G) operations - IPv4 overlay / IPv6 underlay"
517 echo "--------------------------------------------------------------------"
519 basic_common $ns1 "$grp_key" $vtep_ip
525 local grp_key="grp ff0e::1 src 2001:db8:100::1"
526 local vtep_ip=2001:db8:1000::1
529 echo "Control path: Basic (S, G) operations - IPv6 overlay / IPv6 underlay"
530 echo "--------------------------------------------------------------------"
532 basic_common $ns1 "$grp_key" $vtep_ip
542 local vtep_ip=$1; shift
543 local all_zeros_grp=$1; shift
545 # Test control path operations specific to (*, G) entries.
547 # Basic add, replace and delete behavior.
548 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
549 log_test $? 0 "(*, G) MDB entry addition with source list"
550 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010"
551 log_test $? 0 "(*, G) MDB entry presence after addition"
552 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010"
553 log_test $? 0 "(S, G) MDB entry presence after addition"
555 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
556 log_test $? 0 "(*, G) MDB entry replacement with source list"
557 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010"
558 log_test $? 0 "(*, G) MDB entry presence after replacement"
559 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010"
560 log_test $? 0 "(S, G) MDB entry presence after replacement"
562 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
563 log_test $? 0 "(*, G) MDB entry deletion"
564 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010"
565 log_test $? 254 "(*, G) MDB entry presence after deletion"
566 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010"
567 log_test $? 254 "(S, G) MDB entry presence after deletion"
569 # Default filter mode and replacement.
570 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent dst $vtep_ip src_vni 10010"
571 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep exclude"
572 log_test $? 0 "(*, G) MDB entry default filter mode"
574 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode include source_list $src1 dst $vtep_ip src_vni 10010"
575 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep include"
576 log_test $? 0 "(*, G) MDB entry after replacing filter mode to \"include\""
577 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010"
578 log_test $? 0 "(S, G) MDB entry after replacing filter mode to \"include\""
579 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep blocked"
580 log_test $? 1 "\"blocked\" flag after replacing filter mode to \"include\""
582 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
583 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep exclude"
584 log_test $? 0 "(*, G) MDB entry after replacing filter mode to \"exclude\""
585 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grep grp $grp src $src1 src_vni 10010"
586 log_test $? 0 "(S, G) MDB entry after replacing filter mode to \"exclude\""
587 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep blocked"
588 log_test $? 0 "\"blocked\" flag after replacing filter mode to \"exclude\""
590 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
592 # Default source list and replacement.
593 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent dst $vtep_ip src_vni 10010"
594 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep source_list"
595 log_test $? 1 "(*, G) MDB entry default source list"
597 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1,$src2,$src3 dst $vtep_ip src_vni 10010"
598 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010"
599 log_test $? 0 "(S, G) MDB entry of 1st source after replacing source list"
600 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src2 src_vni 10010"
601 log_test $? 0 "(S, G) MDB entry of 2nd source after replacing source list"
602 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src3 src_vni 10010"
603 log_test $? 0 "(S, G) MDB entry of 3rd source after replacing source list"
605 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1,$src3 dst $vtep_ip src_vni 10010"
606 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010"
607 log_test $? 0 "(S, G) MDB entry of 1st source after removing source"
608 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src2 src_vni 10010"
609 log_test $? 254 "(S, G) MDB entry of 2nd source after removing source"
610 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src3 src_vni 10010"
611 log_test $? 0 "(S, G) MDB entry of 3rd source after removing source"
613 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
615 # Default protocol and replacement.
616 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
617 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \"proto static\""
618 log_test $? 0 "(*, G) MDB entry default protocol"
619 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \"proto static\""
620 log_test $? 0 "(S, G) MDB entry default protocol"
622 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 proto bgp dst $vtep_ip src_vni 10010"
623 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \"proto bgp\""
624 log_test $? 0 "(*, G) MDB entry protocol after replacement"
625 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \"proto bgp\""
626 log_test $? 0 "(S, G) MDB entry protocol after replacement"
628 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
630 # Default destination port and replacement.
631 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
632 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \" dst_port \""
633 log_test $? 1 "(*, G) MDB entry default destination port"
634 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \" dst_port \""
635 log_test $? 1 "(S, G) MDB entry default destination port"
637 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip dst_port 1234 src_vni 10010"
638 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \" dst_port 1234 \""
639 log_test $? 0 "(*, G) MDB entry destination port after replacement"
640 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \" dst_port 1234 \""
641 log_test $? 0 "(S, G) MDB entry destination port after replacement"
643 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
645 # Default destination VNI and replacement.
646 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
647 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \" vni \""
648 log_test $? 1 "(*, G) MDB entry default destination VNI"
649 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \" vni \""
650 log_test $? 1 "(S, G) MDB entry default destination VNI"
652 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip vni 1234 src_vni 10010"
653 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \" vni 1234 \""
654 log_test $? 0 "(*, G) MDB entry destination VNI after replacement"
655 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \" vni 1234 \""
656 log_test $? 0 "(S, G) MDB entry destination VNI after replacement"
658 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
660 # Default outgoing interface and replacement.
661 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010"
662 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \" via \""
663 log_test $? 1 "(*, G) MDB entry default outgoing interface"
664 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \" via \""
665 log_test $? 1 "(S, G) MDB entry default outgoing interface"
667 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $src1 dst $vtep_ip src_vni 10010 via veth0"
668 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src_vni 10010 | grep \" via veth0 \""
669 log_test $? 0 "(*, G) MDB entry outgoing interface after replacement"
670 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src1 src_vni 10010 | grep \" via veth0 \""
671 log_test $? 0 "(S, G) MDB entry outgoing interface after replacement"
673 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep_ip src_vni 10010"
676 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $all_zeros_grp permanent filter_mode exclude dst $vtep_ip src_vni 10010"
677 log_test $? 255 "All-zeros group with filter mode"
679 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $all_zeros_grp permanent source_list $src1 dst $vtep_ip src_vni 10010"
680 log_test $? 255 "All-zeros group with source list"
682 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode include dst $vtep_ip src_vni 10010"
683 log_test $? 255 "(*, G) INCLUDE with an empty source list"
685 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $grp dst $vtep_ip src_vni 10010"
686 log_test $? 255 "Invalid source in source list"
688 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp permanent source_list $src1 dst $vtep_ip src_vni 10010"
689 log_test $? 255 "Source list without filter mode"
696 local src1=192.0.2.129
697 local src2=192.0.2.130
698 local src3=192.0.2.131
699 local vtep_ip=198.51.100.100
700 local all_zeros_grp=0.0.0.0
703 echo "Control path: (*, G) operations - IPv4 overlay / IPv4 underlay"
704 echo "--------------------------------------------------------------"
706 star_g_common $ns1 $grp $src1 $src2 $src3 $vtep_ip $all_zeros_grp
713 local src1=2001:db8:100::1
714 local src2=2001:db8:100::2
715 local src3=2001:db8:100::3
716 local vtep_ip=198.51.100.100
717 local all_zeros_grp=::
720 echo "Control path: (*, G) operations - IPv6 overlay / IPv4 underlay"
721 echo "--------------------------------------------------------------"
723 star_g_common $ns1 $grp $src1 $src2 $src3 $vtep_ip $all_zeros_grp
730 local src1=192.0.2.129
731 local src2=192.0.2.130
732 local src3=192.0.2.131
733 local vtep_ip=2001:db8:1000::1
734 local all_zeros_grp=0.0.0.0
737 echo "Control path: (*, G) operations - IPv4 overlay / IPv6 underlay"
738 echo "--------------------------------------------------------------"
740 star_g_common $ns1 $grp $src1 $src2 $src3 $vtep_ip $all_zeros_grp
747 local src1=2001:db8:100::1
748 local src2=2001:db8:100::2
749 local src3=2001:db8:100::3
750 local vtep_ip=2001:db8:1000::1
751 local all_zeros_grp=::
754 echo "Control path: (*, G) operations - IPv6 overlay / IPv6 underlay"
755 echo "--------------------------------------------------------------"
757 star_g_common $ns1 $grp $src1 $src2 $src3 $vtep_ip $all_zeros_grp
765 local vtep_ip=$1; shift
766 local all_zeros_grp=$1; shift
768 # Test control path operations specific to (S, G) entries.
770 # Default filter mode.
771 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp src $src permanent dst $vtep_ip src_vni 10010"
772 run_cmd "bridge -n $ns1 -d -s mdb get dev vx0 grp $grp src $src src_vni 10010 | grep include"
773 log_test $? 0 "(S, G) MDB entry default filter mode"
775 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp src $src permanent dst $vtep_ip src_vni 10010"
778 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp src $src permanent filter_mode include dst $vtep_ip src_vni 10010"
779 log_test $? 255 "(S, G) with filter mode"
781 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp src $src permanent source_list $src dst $vtep_ip src_vni 10010"
782 log_test $? 255 "(S, G) with source list"
784 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp src $grp permanent dst $vtep_ip src_vni 10010"
785 log_test $? 255 "(S, G) with an invalid source list"
787 run_cmd "bridge -n $ns1 mdb add dev vx0 port vx0 grp $all_zeros_grp src $src permanent dst $vtep_ip src_vni 10010"
788 log_test $? 255 "All-zeros group with source"
795 local src=192.0.2.129
796 local vtep_ip=198.51.100.100
797 local all_zeros_grp=0.0.0.0
800 echo "Control path: (S, G) operations - IPv4 overlay / IPv4 underlay"
801 echo "--------------------------------------------------------------"
803 sg_common $ns1 $grp $src $vtep_ip $all_zeros_grp
810 local src=2001:db8:100::1
811 local vtep_ip=198.51.100.100
812 local all_zeros_grp=::
815 echo "Control path: (S, G) operations - IPv6 overlay / IPv4 underlay"
816 echo "--------------------------------------------------------------"
818 sg_common $ns1 $grp $src $vtep_ip $all_zeros_grp
825 local src=192.0.2.129
826 local vtep_ip=2001:db8:1000::1
827 local all_zeros_grp=0.0.0.0
830 echo "Control path: (S, G) operations - IPv4 overlay / IPv6 underlay"
831 echo "--------------------------------------------------------------"
833 sg_common $ns1 $grp $src $vtep_ip $all_zeros_grp
840 local src=2001:db8:100::1
841 local vtep_ip=2001:db8:1000::1
842 local all_zeros_grp=::
845 echo "Control path: (S, G) operations - IPv6 overlay / IPv6 underlay"
846 echo "--------------------------------------------------------------"
848 sg_common $ns1 $grp $src $vtep_ip $all_zeros_grp
853 local max_grps=$1; shift
856 for i in $(seq 0 $((max_grps - 1))); do
863 local max_grps=$1; shift
866 for i in $(seq 0 $((max_grps - 1))); do
867 echo "ff0e::$(printf %x $i)"
874 local local_addr=$1; shift
875 local remote_prefix=$1; shift
877 local max_vxlan_devs=2
885 # The kernel maintains various markers for the MDB dump. Add a test for
886 # large scale MDB dump to make sure that all the configured entries are
887 # dumped and that the markers are used correctly.
889 # Create net devices.
890 for i in $(seq 1 $max_vxlan_devs); do
891 ip -n $ns1 link add name vx-test${i} up type vxlan \
892 local $local_addr dstport 4789 external vnifilter
895 # Create batch file with MDB entries.
897 for i in $(seq 1 $max_vxlan_devs); do
898 for j in $(seq 1 $max_remotes); do
899 for grp in $($fn $max_grps); do
900 echo "mdb add dev vx-test${i} port vx-test${i} grp $grp permanent dst ${remote_prefix}${j}" >> $batch_file
905 # Program the batch file and check for expected number of entries.
906 bridge -n $ns1 -b $batch_file
907 for i in $(seq 1 $max_vxlan_devs); do
908 num_entries=$(bridge -n $ns1 mdb show dev vx-test${i} | grep "permanent" | wc -l)
909 [[ $num_entries -eq $((max_grps * max_remotes)) ]]
910 log_test $? 0 "Large scale dump - VXLAN device #$i"
919 local local_addr=192.0.2.1
920 local remote_prefix=198.51.100.
921 local fn=ipv4_grps_get
924 echo "Control path: Large scale MDB dump - IPv4 overlay / IPv4 underlay"
925 echo "-----------------------------------------------------------------"
927 dump_common $ns1 $local_addr $remote_prefix $fn
933 local local_addr=192.0.2.1
934 local remote_prefix=198.51.100.
935 local fn=ipv6_grps_get
938 echo "Control path: Large scale MDB dump - IPv6 overlay / IPv4 underlay"
939 echo "-----------------------------------------------------------------"
941 dump_common $ns1 $local_addr $remote_prefix $fn
947 local local_addr=2001:db8:1::1
948 local remote_prefix=2001:db8:1000::
949 local fn=ipv4_grps_get
952 echo "Control path: Large scale MDB dump - IPv4 overlay / IPv6 underlay"
953 echo "-----------------------------------------------------------------"
955 dump_common $ns1 $local_addr $remote_prefix $fn
961 local local_addr=2001:db8:1::1
962 local remote_prefix=2001:db8:1000::
963 local fn=ipv6_grps_get
966 echo "Control path: Large scale MDB dump - IPv6 overlay / IPv6 underlay"
967 echo "-----------------------------------------------------------------"
969 dump_common $ns1 $local_addr $remote_prefix $fn
977 echo "Control path: Flush"
978 echo "-------------------"
980 # Add entries with different attributes and check that they are all
981 # flushed when the flush command is given with no parameters.
983 # Different source VNI.
984 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10010"
985 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.2 permanent dst 198.51.100.1 src_vni 10011"
987 # Different routing protocol.
988 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.3 permanent proto bgp dst 198.51.100.1 src_vni 10010"
989 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.4 permanent proto zebra dst 198.51.100.1 src_vni 10010"
991 # Different destination IP.
992 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.5 permanent dst 198.51.100.1 src_vni 10010"
993 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.6 permanent dst 198.51.100.2 src_vni 10010"
995 # Different destination port.
996 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.7 permanent dst 198.51.100.1 dst_port 11111 src_vni 10010"
997 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.8 permanent dst 198.51.100.1 dst_port 22222 src_vni 10010"
1000 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.9 permanent dst 198.51.100.1 vni 10010 src_vni 10010"
1001 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.10 permanent dst 198.51.100.1 vni 10020 src_vni 10010"
1003 run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
1004 num_entries=$(bridge -n $ns1_v4 mdb show dev vx0 | wc -l)
1005 [[ $num_entries -eq 0 ]]
1006 log_test $? 0 "Flush all"
1008 # Check that entries are flushed when port is specified as the VXLAN
1009 # device and that an error is returned when port is specified as a
1010 # different net device.
1012 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10010"
1013 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.2 src_vni 10010"
1015 run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 port vx0"
1016 run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010"
1017 log_test $? 254 "Flush by port - matching"
1019 run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 port veth0"
1020 log_test $? 255 "Flush by port - non-matching"
1022 # Check that when flushing by source VNI only entries programmed with
1023 # the specified source VNI are flushed and the rest are not.
1025 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10010"
1026 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.2 src_vni 10010"
1027 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10011"
1028 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.2 src_vni 10011"
1030 run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 src_vni 10010"
1032 run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010"
1033 log_test $? 254 "Flush by source VNI - matching"
1034 run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10011"
1035 log_test $? 0 "Flush by source VNI - non-matching"
1037 run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
1039 # Check that all entries are flushed when "permanent" is specified and
1040 # that an error is returned when "nopermanent" is specified.
1042 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10010"
1043 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.2 src_vni 10010"
1045 run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 permanent"
1046 run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010"
1047 log_test $? 254 "Flush by \"permanent\" state"
1049 run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 nopermanent"
1050 log_test $? 255 "Flush by \"nopermanent\" state"
1052 # Check that when flushing by routing protocol only entries programmed
1053 # with the specified routing protocol are flushed and the rest are not.
1055 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent proto bgp dst 198.51.100.1 src_vni 10010"
1056 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent proto zebra dst 198.51.100.2 src_vni 10010"
1058 run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 proto bgp"
1060 run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep \"proto bgp\""
1061 log_test $? 1 "Flush by routing protocol - matching"
1062 run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep \"proto zebra\""
1063 log_test $? 0 "Flush by routing protocol - non-matching"
1065 run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
1067 # Check that when flushing by destination IP only entries programmed
1068 # with the specified destination IP are flushed and the rest are not.
1072 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10010"
1073 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.2 src_vni 10010"
1075 run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 dst 198.51.100.2"
1077 run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 198.51.100.2"
1078 log_test $? 1 "Flush by IPv4 destination IP - matching"
1079 run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 198.51.100.1"
1080 log_test $? 0 "Flush by IPv4 destination IP - non-matching"
1082 run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
1086 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 2001:db8:1000::1 src_vni 10010"
1087 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 2001:db8:1000::2 src_vni 10010"
1089 run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 dst 2001:db8:1000::2"
1091 run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 2001:db8:1000::2"
1092 log_test $? 1 "Flush by IPv6 destination IP - matching"
1093 run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 2001:db8:1000::1"
1094 log_test $? 0 "Flush by IPv6 destination IP - non-matching"
1096 run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
1098 # Check that when flushing by UDP destination port only entries
1099 # programmed with the specified port are flushed and the rest are not.
1101 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst_port 11111 dst 198.51.100.1 src_vni 10010"
1102 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst_port 22222 dst 198.51.100.2 src_vni 10010"
1104 run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 dst_port 11111"
1106 run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep \"dst_port 11111\""
1107 log_test $? 1 "Flush by UDP destination port - matching"
1108 run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep \"dst_port 22222\""
1109 log_test $? 0 "Flush by UDP destination port - non-matching"
1111 run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
1113 # When not specifying a UDP destination port for an entry, traffic is
1114 # encapsulated with the device's UDP destination port. Check that when
1115 # flushing by the device's UDP destination port only entries programmed
1116 # with this port are flushed and the rest are not.
1118 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10010"
1119 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst_port 22222 dst 198.51.100.2 src_vni 10010"
1121 run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 dst_port 4789"
1123 run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 198.51.100.1"
1124 log_test $? 1 "Flush by device's UDP destination port - matching"
1125 run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 198.51.100.2"
1126 log_test $? 0 "Flush by device's UDP destination port - non-matching"
1128 run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
1130 # Check that when flushing by destination VNI only entries programmed
1131 # with the specified destination VNI are flushed and the rest are not.
1133 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent vni 20010 dst 198.51.100.1 src_vni 10010"
1134 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent vni 20011 dst 198.51.100.2 src_vni 10010"
1136 run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 vni 20010"
1138 run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep \" vni 20010\""
1139 log_test $? 1 "Flush by destination VNI - matching"
1140 run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep \" vni 20011\""
1141 log_test $? 0 "Flush by destination VNI - non-matching"
1143 run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
1145 # When not specifying a destination VNI for an entry, traffic is
1146 # encapsulated with the source VNI. Check that when flushing by a
1147 # destination VNI that is equal to the source VNI only such entries are
1148 # flushed and the rest are not.
1150 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent dst 198.51.100.1 src_vni 10010"
1151 run_cmd "bridge -n $ns1_v4 mdb add dev vx0 port vx0 grp 239.1.1.1 permanent vni 20010 dst 198.51.100.2 src_vni 10010"
1153 run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 vni 10010"
1155 run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 198.51.100.1"
1156 log_test $? 1 "Flush by destination VNI equal to source VNI - matching"
1157 run_cmd "bridge -n $ns1_v4 -d -s mdb get dev vx0 grp 239.1.1.1 src_vni 10010 | grep 198.51.100.2"
1158 log_test $? 0 "Flush by destination VNI equal to source VNI - non-matching"
1160 run_cmd "bridge -n $ns1_v4 mdb flush dev vx0"
1162 # Test that an error is returned when trying to flush using VLAN ID.
1164 run_cmd "bridge -n $ns1_v4 mdb flush dev vx0 vid 10"
1165 log_test $? 255 "Flush by VLAN ID"
1168 ################################################################################
1171 encap_params_common()
1175 local vtep1_ip=$1; shift
1176 local vtep2_ip=$1; shift
1177 local plen=$1; shift
1178 local enc_ethtype=$1; shift
1180 local grp_dmac=$1; shift
1184 # Test that packets forwarded by the VXLAN MDB are encapsulated with
1185 # the correct parameters. Transmit packets from the first namespace and
1186 # check that they hit the corresponding filters on the ingress of the
1189 run_cmd "tc -n $ns2 qdisc replace dev veth0 clsact"
1190 run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
1191 run_cmd "ip -n $ns2 address replace $vtep1_ip/$plen dev lo"
1192 run_cmd "ip -n $ns2 address replace $vtep2_ip/$plen dev lo"
1194 # Check destination IP.
1195 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip src_vni 10010"
1196 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep2_ip src_vni 10020"
1198 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $vtep1_ip action pass"
1199 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1200 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1201 log_test $? 0 "Destination IP - match"
1203 run_cmd "ip netns exec $ns1 $mz br0.20 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1204 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1205 log_test $? 0 "Destination IP - no match"
1207 run_cmd "tc -n $ns2 filter del dev vx0 ingress pref 1 handle 101 flower"
1208 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep2_ip src_vni 10020"
1209 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10010"
1211 # Check destination port.
1212 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip src_vni 10010"
1213 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip dst_port 1111 src_vni 10020"
1215 run_cmd "tc -n $ns2 filter replace dev veth0 ingress pref 1 handle 101 proto $enc_ethtype flower ip_proto udp dst_port 4789 action pass"
1216 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1217 tc_check_packets "$ns2" "dev veth0 ingress" 101 1
1218 log_test $? 0 "Default destination port - match"
1220 run_cmd "ip netns exec $ns1 $mz br0.20 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1221 tc_check_packets "$ns2" "dev veth0 ingress" 101 1
1222 log_test $? 0 "Default destination port - no match"
1224 run_cmd "tc -n $ns2 filter replace dev veth0 ingress pref 1 handle 101 proto $enc_ethtype flower ip_proto udp dst_port 1111 action pass"
1225 run_cmd "ip netns exec $ns1 $mz br0.20 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1226 tc_check_packets "$ns2" "dev veth0 ingress" 101 1
1227 log_test $? 0 "Non-default destination port - match"
1229 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1230 tc_check_packets "$ns2" "dev veth0 ingress" 101 1
1231 log_test $? 0 "Non-default destination port - no match"
1233 run_cmd "tc -n $ns2 filter del dev veth0 ingress pref 1 handle 101 flower"
1234 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10020"
1235 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10010"
1237 # Check default VNI.
1238 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip src_vni 10010"
1239 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip src_vni 10020"
1241 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_key_id 10010 action pass"
1242 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1243 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1244 log_test $? 0 "Default destination VNI - match"
1246 run_cmd "ip netns exec $ns1 $mz br0.20 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1247 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1248 log_test $? 0 "Default destination VNI - no match"
1250 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip vni 10020 src_vni 10010"
1251 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip vni 10010 src_vni 10020"
1253 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_key_id 10020 action pass"
1254 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1255 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1256 log_test $? 0 "Non-default destination VNI - match"
1258 run_cmd "ip netns exec $ns1 $mz br0.20 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1259 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1260 log_test $? 0 "Non-default destination VNI - no match"
1262 run_cmd "tc -n $ns2 filter del dev vx0 ingress pref 1 handle 101 flower"
1263 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10020"
1264 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10010"
1267 encap_params_ipv4_ipv4()
1271 local vtep1_ip=198.51.100.100
1272 local vtep2_ip=198.51.100.200
1274 local enc_ethtype="ip"
1276 local grp_dmac=01:00:5e:01:01:01
1277 local src=192.0.2.129
1280 echo "Data path: Encapsulation parameters - IPv4 overlay / IPv4 underlay"
1281 echo "------------------------------------------------------------------"
1283 encap_params_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $enc_ethtype \
1284 $grp $grp_dmac $src "mausezahn"
1287 encap_params_ipv6_ipv4()
1291 local vtep1_ip=198.51.100.100
1292 local vtep2_ip=198.51.100.200
1294 local enc_ethtype="ip"
1296 local grp_dmac=33:33:00:00:00:01
1297 local src=2001:db8:100::1
1300 echo "Data path: Encapsulation parameters - IPv6 overlay / IPv4 underlay"
1301 echo "------------------------------------------------------------------"
1303 encap_params_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $enc_ethtype \
1304 $grp $grp_dmac $src "mausezahn -6"
1307 encap_params_ipv4_ipv6()
1311 local vtep1_ip=2001:db8:1000::1
1312 local vtep2_ip=2001:db8:2000::1
1314 local enc_ethtype="ipv6"
1316 local grp_dmac=01:00:5e:01:01:01
1317 local src=192.0.2.129
1320 echo "Data path: Encapsulation parameters - IPv4 overlay / IPv6 underlay"
1321 echo "------------------------------------------------------------------"
1323 encap_params_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $enc_ethtype \
1324 $grp $grp_dmac $src "mausezahn"
1327 encap_params_ipv6_ipv6()
1331 local vtep1_ip=2001:db8:1000::1
1332 local vtep2_ip=2001:db8:2000::1
1334 local enc_ethtype="ipv6"
1336 local grp_dmac=33:33:00:00:00:01
1337 local src=2001:db8:100::1
1340 echo "Data path: Encapsulation parameters - IPv6 overlay / IPv6 underlay"
1341 echo "------------------------------------------------------------------"
1343 encap_params_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $enc_ethtype \
1344 $grp $grp_dmac $src "mausezahn -6"
1347 starg_exclude_ir_common()
1351 local vtep1_ip=$1; shift
1352 local vtep2_ip=$1; shift
1353 local plen=$1; shift
1355 local grp_dmac=$1; shift
1356 local valid_src=$1; shift
1357 local invalid_src=$1; shift
1360 # Install a (*, G) EXCLUDE MDB entry with one source and two remote
1361 # VTEPs. Make sure that the source in the source list is not forwarded
1362 # and that a source not in the list is forwarded. Remove one of the
1363 # VTEPs from the entry and make sure that packets are only forwarded to
1364 # the remaining VTEP.
1366 run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
1367 run_cmd "ip -n $ns2 address replace $vtep1_ip/$plen dev lo"
1368 run_cmd "ip -n $ns2 address replace $vtep2_ip/$plen dev lo"
1370 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $vtep1_ip action pass"
1371 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 102 proto all flower enc_dst_ip $vtep2_ip action pass"
1373 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $invalid_src dst $vtep1_ip src_vni 10010"
1374 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $invalid_src dst $vtep2_ip src_vni 10010"
1376 # Check that invalid source is not forwarded to any VTEP.
1377 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1378 tc_check_packets "$ns2" "dev vx0 ingress" 101 0
1379 log_test $? 0 "Block excluded source - first VTEP"
1380 tc_check_packets "$ns2" "dev vx0 ingress" 102 0
1381 log_test $? 0 "Block excluded source - second VTEP"
1383 # Check that valid source is forwarded to both VTEPs.
1384 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1385 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1386 log_test $? 0 "Forward valid source - first VTEP"
1387 tc_check_packets "$ns2" "dev vx0 ingress" 102 1
1388 log_test $? 0 "Forward valid source - second VTEP"
1390 # Remove second VTEP.
1391 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep2_ip src_vni 10010"
1393 # Check that invalid source is not forwarded to any VTEP.
1394 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1395 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1396 log_test $? 0 "Block excluded source after removal - first VTEP"
1397 tc_check_packets "$ns2" "dev vx0 ingress" 102 1
1398 log_test $? 0 "Block excluded source after removal - second VTEP"
1400 # Check that valid source is forwarded to the remaining VTEP.
1401 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1402 tc_check_packets "$ns2" "dev vx0 ingress" 101 2
1403 log_test $? 0 "Forward valid source after removal - first VTEP"
1404 tc_check_packets "$ns2" "dev vx0 ingress" 102 1
1405 log_test $? 0 "Forward valid source after removal - second VTEP"
1408 starg_exclude_ir_ipv4_ipv4()
1412 local vtep1_ip=198.51.100.100
1413 local vtep2_ip=198.51.100.200
1416 local grp_dmac=01:00:5e:01:01:01
1417 local valid_src=192.0.2.129
1418 local invalid_src=192.0.2.145
1421 echo "Data path: (*, G) EXCLUDE - IR - IPv4 overlay / IPv4 underlay"
1422 echo "-------------------------------------------------------------"
1424 starg_exclude_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1425 $grp_dmac $valid_src $invalid_src "mausezahn"
1428 starg_exclude_ir_ipv6_ipv4()
1432 local vtep1_ip=198.51.100.100
1433 local vtep2_ip=198.51.100.200
1436 local grp_dmac=33:33:00:00:00:01
1437 local valid_src=2001:db8:100::1
1438 local invalid_src=2001:db8:200::1
1441 echo "Data path: (*, G) EXCLUDE - IR - IPv6 overlay / IPv4 underlay"
1442 echo "-------------------------------------------------------------"
1444 starg_exclude_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1445 $grp_dmac $valid_src $invalid_src "mausezahn -6"
1448 starg_exclude_ir_ipv4_ipv6()
1452 local vtep1_ip=2001:db8:1000::1
1453 local vtep2_ip=2001:db8:2000::1
1456 local grp_dmac=01:00:5e:01:01:01
1457 local valid_src=192.0.2.129
1458 local invalid_src=192.0.2.145
1461 echo "Data path: (*, G) EXCLUDE - IR - IPv4 overlay / IPv6 underlay"
1462 echo "-------------------------------------------------------------"
1464 starg_exclude_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1465 $grp_dmac $valid_src $invalid_src "mausezahn"
1468 starg_exclude_ir_ipv6_ipv6()
1472 local vtep1_ip=2001:db8:1000::1
1473 local vtep2_ip=2001:db8:2000::1
1476 local grp_dmac=33:33:00:00:00:01
1477 local valid_src=2001:db8:100::1
1478 local invalid_src=2001:db8:200::1
1481 echo "Data path: (*, G) EXCLUDE - IR - IPv6 overlay / IPv6 underlay"
1482 echo "-------------------------------------------------------------"
1484 starg_exclude_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1485 $grp_dmac $valid_src $invalid_src "mausezahn -6"
1488 starg_include_ir_common()
1492 local vtep1_ip=$1; shift
1493 local vtep2_ip=$1; shift
1494 local plen=$1; shift
1496 local grp_dmac=$1; shift
1497 local valid_src=$1; shift
1498 local invalid_src=$1; shift
1501 # Install a (*, G) INCLUDE MDB entry with one source and two remote
1502 # VTEPs. Make sure that the source in the source list is forwarded and
1503 # that a source not in the list is not forwarded. Remove one of the
1504 # VTEPs from the entry and make sure that packets are only forwarded to
1505 # the remaining VTEP.
1507 run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
1508 run_cmd "ip -n $ns2 address replace $vtep1_ip/$plen dev lo"
1509 run_cmd "ip -n $ns2 address replace $vtep2_ip/$plen dev lo"
1511 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $vtep1_ip action pass"
1512 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 102 proto all flower enc_dst_ip $vtep2_ip action pass"
1514 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode include source_list $valid_src dst $vtep1_ip src_vni 10010"
1515 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode include source_list $valid_src dst $vtep2_ip src_vni 10010"
1517 # Check that invalid source is not forwarded to any VTEP.
1518 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1519 tc_check_packets "$ns2" "dev vx0 ingress" 101 0
1520 log_test $? 0 "Block excluded source - first VTEP"
1521 tc_check_packets "$ns2" "dev vx0 ingress" 102 0
1522 log_test $? 0 "Block excluded source - second VTEP"
1524 # Check that valid source is forwarded to both VTEPs.
1525 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1526 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1527 log_test $? 0 "Forward valid source - first VTEP"
1528 tc_check_packets "$ns2" "dev vx0 ingress" 102 1
1529 log_test $? 0 "Forward valid source - second VTEP"
1531 # Remove second VTEP.
1532 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep2_ip src_vni 10010"
1534 # Check that invalid source is not forwarded to any VTEP.
1535 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1536 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1537 log_test $? 0 "Block excluded source after removal - first VTEP"
1538 tc_check_packets "$ns2" "dev vx0 ingress" 102 1
1539 log_test $? 0 "Block excluded source after removal - second VTEP"
1541 # Check that valid source is forwarded to the remaining VTEP.
1542 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1543 tc_check_packets "$ns2" "dev vx0 ingress" 101 2
1544 log_test $? 0 "Forward valid source after removal - first VTEP"
1545 tc_check_packets "$ns2" "dev vx0 ingress" 102 1
1546 log_test $? 0 "Forward valid source after removal - second VTEP"
1549 starg_include_ir_ipv4_ipv4()
1553 local vtep1_ip=198.51.100.100
1554 local vtep2_ip=198.51.100.200
1557 local grp_dmac=01:00:5e:01:01:01
1558 local valid_src=192.0.2.129
1559 local invalid_src=192.0.2.145
1562 echo "Data path: (*, G) INCLUDE - IR - IPv4 overlay / IPv4 underlay"
1563 echo "-------------------------------------------------------------"
1565 starg_include_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1566 $grp_dmac $valid_src $invalid_src "mausezahn"
1569 starg_include_ir_ipv6_ipv4()
1573 local vtep1_ip=198.51.100.100
1574 local vtep2_ip=198.51.100.200
1577 local grp_dmac=33:33:00:00:00:01
1578 local valid_src=2001:db8:100::1
1579 local invalid_src=2001:db8:200::1
1582 echo "Data path: (*, G) INCLUDE - IR - IPv6 overlay / IPv4 underlay"
1583 echo "-------------------------------------------------------------"
1585 starg_include_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1586 $grp_dmac $valid_src $invalid_src "mausezahn -6"
1589 starg_include_ir_ipv4_ipv6()
1593 local vtep1_ip=2001:db8:1000::1
1594 local vtep2_ip=2001:db8:2000::1
1597 local grp_dmac=01:00:5e:01:01:01
1598 local valid_src=192.0.2.129
1599 local invalid_src=192.0.2.145
1602 echo "Data path: (*, G) INCLUDE - IR - IPv4 overlay / IPv6 underlay"
1603 echo "-------------------------------------------------------------"
1605 starg_include_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1606 $grp_dmac $valid_src $invalid_src "mausezahn"
1609 starg_include_ir_ipv6_ipv6()
1613 local vtep1_ip=2001:db8:1000::1
1614 local vtep2_ip=2001:db8:2000::1
1617 local grp_dmac=33:33:00:00:00:01
1618 local valid_src=2001:db8:100::1
1619 local invalid_src=2001:db8:200::1
1622 echo "Data path: (*, G) INCLUDE - IR - IPv6 overlay / IPv6 underlay"
1623 echo "-------------------------------------------------------------"
1625 starg_include_ir_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $grp \
1626 $grp_dmac $valid_src $invalid_src "mausezahn -6"
1629 starg_exclude_p2mp_common()
1633 local mcast_grp=$1; shift
1634 local plen=$1; shift
1636 local grp_dmac=$1; shift
1637 local valid_src=$1; shift
1638 local invalid_src=$1; shift
1641 # Install a (*, G) EXCLUDE MDB entry with one source and one multicast
1642 # group to which packets are sent. Make sure that the source in the
1643 # source list is not forwarded and that a source not in the list is
1646 run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
1647 run_cmd "ip -n $ns2 address replace $mcast_grp/$plen dev veth0 autojoin"
1649 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $mcast_grp action pass"
1651 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode exclude source_list $invalid_src dst $mcast_grp src_vni 10010 via veth0"
1653 # Check that invalid source is not forwarded.
1654 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1655 tc_check_packets "$ns2" "dev vx0 ingress" 101 0
1656 log_test $? 0 "Block excluded source"
1658 # Check that valid source is forwarded.
1659 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1660 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1661 log_test $? 0 "Forward valid source"
1663 # Remove the VTEP from the multicast group.
1664 run_cmd "ip -n $ns2 address del $mcast_grp/$plen dev veth0"
1666 # Check that valid source is not received anymore.
1667 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1668 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1669 log_test $? 0 "Receive of valid source after removal from group"
1672 starg_exclude_p2mp_ipv4_ipv4()
1676 local mcast_grp=238.1.1.1
1679 local grp_dmac=01:00:5e:01:01:01
1680 local valid_src=192.0.2.129
1681 local invalid_src=192.0.2.145
1684 echo "Data path: (*, G) EXCLUDE - P2MP - IPv4 overlay / IPv4 underlay"
1685 echo "---------------------------------------------------------------"
1687 starg_exclude_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp $grp_dmac \
1688 $valid_src $invalid_src "mausezahn"
1691 starg_exclude_p2mp_ipv6_ipv4()
1695 local mcast_grp=238.1.1.1
1698 local grp_dmac=33:33:00:00:00:01
1699 local valid_src=2001:db8:100::1
1700 local invalid_src=2001:db8:200::1
1703 echo "Data path: (*, G) EXCLUDE - P2MP - IPv6 overlay / IPv4 underlay"
1704 echo "---------------------------------------------------------------"
1706 starg_exclude_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp $grp_dmac \
1707 $valid_src $invalid_src "mausezahn -6"
1710 starg_exclude_p2mp_ipv4_ipv6()
1714 local mcast_grp=ff0e::2
1717 local grp_dmac=01:00:5e:01:01:01
1718 local valid_src=192.0.2.129
1719 local invalid_src=192.0.2.145
1722 echo "Data path: (*, G) EXCLUDE - P2MP - IPv4 overlay / IPv6 underlay"
1723 echo "---------------------------------------------------------------"
1725 starg_exclude_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp $grp_dmac \
1726 $valid_src $invalid_src "mausezahn"
1729 starg_exclude_p2mp_ipv6_ipv6()
1733 local mcast_grp=ff0e::2
1736 local grp_dmac=33:33:00:00:00:01
1737 local valid_src=2001:db8:100::1
1738 local invalid_src=2001:db8:200::1
1741 echo "Data path: (*, G) EXCLUDE - P2MP - IPv6 overlay / IPv6 underlay"
1742 echo "---------------------------------------------------------------"
1744 starg_exclude_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp $grp_dmac \
1745 $valid_src $invalid_src "mausezahn -6"
1748 starg_include_p2mp_common()
1752 local mcast_grp=$1; shift
1753 local plen=$1; shift
1755 local grp_dmac=$1; shift
1756 local valid_src=$1; shift
1757 local invalid_src=$1; shift
1760 # Install a (*, G) INCLUDE MDB entry with one source and one multicast
1761 # group to which packets are sent. Make sure that the source in the
1762 # source list is forwarded and that a source not in the list is not
1765 run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
1766 run_cmd "ip -n $ns2 address replace $mcast_grp/$plen dev veth0 autojoin"
1768 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $mcast_grp action pass"
1770 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent filter_mode include source_list $valid_src dst $mcast_grp src_vni 10010 via veth0"
1772 # Check that invalid source is not forwarded.
1773 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $invalid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1774 tc_check_packets "$ns2" "dev vx0 ingress" 101 0
1775 log_test $? 0 "Block excluded source"
1777 # Check that valid source is forwarded.
1778 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1779 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1780 log_test $? 0 "Forward valid source"
1782 # Remove the VTEP from the multicast group.
1783 run_cmd "ip -n $ns2 address del $mcast_grp/$plen dev veth0"
1785 # Check that valid source is not received anymore.
1786 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $valid_src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1787 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
1788 log_test $? 0 "Receive of valid source after removal from group"
1791 starg_include_p2mp_ipv4_ipv4()
1795 local mcast_grp=238.1.1.1
1798 local grp_dmac=01:00:5e:01:01:01
1799 local valid_src=192.0.2.129
1800 local invalid_src=192.0.2.145
1803 echo "Data path: (*, G) INCLUDE - P2MP - IPv4 overlay / IPv4 underlay"
1804 echo "---------------------------------------------------------------"
1806 starg_include_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp $grp_dmac \
1807 $valid_src $invalid_src "mausezahn"
1810 starg_include_p2mp_ipv6_ipv4()
1814 local mcast_grp=238.1.1.1
1817 local grp_dmac=33:33:00:00:00:01
1818 local valid_src=2001:db8:100::1
1819 local invalid_src=2001:db8:200::1
1822 echo "Data path: (*, G) INCLUDE - P2MP - IPv6 overlay / IPv4 underlay"
1823 echo "---------------------------------------------------------------"
1825 starg_include_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp $grp_dmac \
1826 $valid_src $invalid_src "mausezahn -6"
1829 starg_include_p2mp_ipv4_ipv6()
1833 local mcast_grp=ff0e::2
1836 local grp_dmac=01:00:5e:01:01:01
1837 local valid_src=192.0.2.129
1838 local invalid_src=192.0.2.145
1841 echo "Data path: (*, G) INCLUDE - P2MP - IPv4 overlay / IPv6 underlay"
1842 echo "---------------------------------------------------------------"
1844 starg_include_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp $grp_dmac \
1845 $valid_src $invalid_src "mausezahn"
1848 starg_include_p2mp_ipv6_ipv6()
1852 local mcast_grp=ff0e::2
1855 local grp_dmac=33:33:00:00:00:01
1856 local valid_src=2001:db8:100::1
1857 local invalid_src=2001:db8:200::1
1860 echo "Data path: (*, G) INCLUDE - P2MP - IPv6 overlay / IPv6 underlay"
1861 echo "---------------------------------------------------------------"
1863 starg_include_p2mp_common $ns1 $ns2 $mcast_grp $plen $grp $grp_dmac \
1864 $valid_src $invalid_src "mausezahn -6"
1867 egress_vni_translation_common()
1871 local mcast_grp=$1; shift
1872 local plen=$1; shift
1873 local proto=$1; shift
1875 local grp_dmac=$1; shift
1879 # When P2MP tunnels are used with optimized inter-subnet multicast
1880 # (OISM) [1], the ingress VTEP does not perform VNI translation and
1881 # uses the VNI of the source broadcast domain (BD). If the egress VTEP
1882 # is a member in the source BD, then no VNI translation is needed.
1883 # Otherwise, the egress VTEP needs to translate the VNI to the
1884 # supplementary broadcast domain (SBD) VNI, which is usually the L3VNI.
1886 # In this test, remove the VTEP in the second namespace from VLAN 10
1887 # (VNI 10010) and make sure that a packet sent from this VLAN on the
1888 # first VTEP is received by the SVI corresponding to the L3VNI (14000 /
1889 # VLAN 4000) on the second VTEP.
1891 # The second VTEP will be able to decapsulate the packet with VNI 10010
1892 # because this VNI is configured on its shared VXLAN device. Later,
1893 # when ingressing the bridge, the VNI to VLAN lookup will fail because
1894 # the VTEP is not a member in VLAN 10, which will cause the packet to
1895 # be tagged with VLAN 4000 since it is configured as PVID.
1897 # [1] https://datatracker.ietf.org/doc/html/draft-ietf-bess-evpn-irb-mcast
1899 run_cmd "tc -n $ns2 qdisc replace dev br0.4000 clsact"
1900 run_cmd "ip -n $ns2 address replace $mcast_grp/$plen dev veth0 autojoin"
1901 run_cmd "tc -n $ns2 filter replace dev br0.4000 ingress pref 1 handle 101 proto $proto flower src_ip $src dst_ip $grp action pass"
1903 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp src $src permanent dst $mcast_grp src_vni 10010 via veth0"
1905 # Remove the second VTEP from VLAN 10.
1906 run_cmd "bridge -n $ns2 vlan del vid 10 dev vx0"
1908 # Make sure that packets sent from the first VTEP over VLAN 10 are
1909 # received by the SVI corresponding to the L3VNI (14000 / VLAN 4000) on
1910 # the second VTEP, since it is configured as PVID.
1911 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1912 tc_check_packets "$ns2" "dev br0.4000 ingress" 101 1
1913 log_test $? 0 "Egress VNI translation - PVID configured"
1915 # Remove PVID flag from VLAN 4000 on the second VTEP and make sure
1916 # packets are no longer received by the SVI interface.
1917 run_cmd "bridge -n $ns2 vlan add vid 4000 dev vx0"
1918 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1919 tc_check_packets "$ns2" "dev br0.4000 ingress" 101 1
1920 log_test $? 0 "Egress VNI translation - no PVID configured"
1922 # Reconfigure the PVID and make sure packets are received again.
1923 run_cmd "bridge -n $ns2 vlan add vid 4000 dev vx0 pvid"
1924 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
1925 tc_check_packets "$ns2" "dev br0.4000 ingress" 101 2
1926 log_test $? 0 "Egress VNI translation - PVID reconfigured"
1929 egress_vni_translation_ipv4_ipv4()
1933 local mcast_grp=238.1.1.1
1937 local grp_dmac=01:00:5e:01:01:01
1938 local src=192.0.2.129
1941 echo "Data path: Egress VNI translation - IPv4 overlay / IPv4 underlay"
1942 echo "----------------------------------------------------------------"
1944 egress_vni_translation_common $ns1 $ns2 $mcast_grp $plen $proto $grp \
1945 $grp_dmac $src "mausezahn"
1948 egress_vni_translation_ipv6_ipv4()
1952 local mcast_grp=238.1.1.1
1956 local grp_dmac=33:33:00:00:00:01
1957 local src=2001:db8:100::1
1960 echo "Data path: Egress VNI translation - IPv6 overlay / IPv4 underlay"
1961 echo "----------------------------------------------------------------"
1963 egress_vni_translation_common $ns1 $ns2 $mcast_grp $plen $proto $grp \
1964 $grp_dmac $src "mausezahn -6"
1967 egress_vni_translation_ipv4_ipv6()
1971 local mcast_grp=ff0e::2
1975 local grp_dmac=01:00:5e:01:01:01
1976 local src=192.0.2.129
1979 echo "Data path: Egress VNI translation - IPv4 overlay / IPv6 underlay"
1980 echo "----------------------------------------------------------------"
1982 egress_vni_translation_common $ns1 $ns2 $mcast_grp $plen $proto $grp \
1983 $grp_dmac $src "mausezahn"
1986 egress_vni_translation_ipv6_ipv6()
1990 local mcast_grp=ff0e::2
1994 local grp_dmac=33:33:00:00:00:01
1995 local src=2001:db8:100::1
1998 echo "Data path: Egress VNI translation - IPv6 overlay / IPv6 underlay"
1999 echo "----------------------------------------------------------------"
2001 egress_vni_translation_common $ns1 $ns2 $mcast_grp $plen $proto $grp \
2002 $grp_dmac $src "mausezahn -6"
2005 all_zeros_mdb_common()
2009 local vtep1_ip=$1; shift
2010 local vtep2_ip=$1; shift
2011 local vtep3_ip=$1; shift
2012 local vtep4_ip=$1; shift
2013 local plen=$1; shift
2014 local ipv4_grp=239.1.1.1
2015 local ipv4_grp_dmac=01:00:5e:01:01:01
2016 local ipv4_unreg_grp=239.2.2.2
2017 local ipv4_unreg_grp_dmac=01:00:5e:02:02:02
2018 local ipv4_ll_grp=224.0.0.100
2019 local ipv4_ll_grp_dmac=01:00:5e:00:00:64
2020 local ipv4_src=192.0.2.129
2021 local ipv6_grp=ff0e::1
2022 local ipv6_grp_dmac=33:33:00:00:00:01
2023 local ipv6_unreg_grp=ff0e::2
2024 local ipv6_unreg_grp_dmac=33:33:00:00:00:02
2025 local ipv6_ll_grp=ff02::1
2026 local ipv6_ll_grp_dmac=33:33:00:00:00:01
2027 local ipv6_src=2001:db8:100::1
2029 # Install all-zeros (catchall) MDB entries for IPv4 and IPv6 traffic
2030 # and make sure they only forward unregistered IP multicast traffic
2031 # which is not link-local. Also make sure that each entry only forwards
2032 # traffic from the matching address family.
2034 # Associate two different VTEPs with one all-zeros MDB entry: Two with
2035 # the IPv4 entry (0.0.0.0) and another two with the IPv6 one (::).
2036 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp 0.0.0.0 permanent dst $vtep1_ip src_vni 10010"
2037 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp 0.0.0.0 permanent dst $vtep2_ip src_vni 10010"
2038 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp :: permanent dst $vtep3_ip src_vni 10010"
2039 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp :: permanent dst $vtep4_ip src_vni 10010"
2041 # Associate one VTEP from each set with a regular MDB entry: One with
2042 # an IPv4 entry and another with an IPv6 one.
2043 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $ipv4_grp permanent dst $vtep1_ip src_vni 10010"
2044 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $ipv6_grp permanent dst $vtep3_ip src_vni 10010"
2046 # Add filters to match on decapsulated traffic in the second namespace.
2047 run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
2048 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $vtep1_ip action pass"
2049 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 102 proto all flower enc_dst_ip $vtep2_ip action pass"
2050 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 103 proto all flower enc_dst_ip $vtep3_ip action pass"
2051 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 104 proto all flower enc_dst_ip $vtep4_ip action pass"
2053 # Configure the VTEP addresses in the second namespace to enable
2055 run_cmd "ip -n $ns2 address replace $vtep1_ip/$plen dev lo"
2056 run_cmd "ip -n $ns2 address replace $vtep2_ip/$plen dev lo"
2057 run_cmd "ip -n $ns2 address replace $vtep3_ip/$plen dev lo"
2058 run_cmd "ip -n $ns2 address replace $vtep4_ip/$plen dev lo"
2060 # Send registered IPv4 multicast and make sure it only arrives to the
2062 run_cmd "ip netns exec $ns1 mausezahn br0.10 -a own -b $ipv4_grp_dmac -A $ipv4_src -B $ipv4_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2063 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
2064 log_test $? 0 "Registered IPv4 multicast - first VTEP"
2065 tc_check_packets "$ns2" "dev vx0 ingress" 102 0
2066 log_test $? 0 "Registered IPv4 multicast - second VTEP"
2068 # Send unregistered IPv4 multicast that is not link-local and make sure
2069 # it arrives to the first and second VTEPs.
2070 run_cmd "ip netns exec $ns1 mausezahn br0.10 -a own -b $ipv4_unreg_grp_dmac -A $ipv4_src -B $ipv4_unreg_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2071 tc_check_packets "$ns2" "dev vx0 ingress" 101 2
2072 log_test $? 0 "Unregistered IPv4 multicast - first VTEP"
2073 tc_check_packets "$ns2" "dev vx0 ingress" 102 1
2074 log_test $? 0 "Unregistered IPv4 multicast - second VTEP"
2076 # Send IPv4 link-local multicast traffic and make sure it does not
2077 # arrive to any VTEP.
2078 run_cmd "ip netns exec $ns1 mausezahn br0.10 -a own -b $ipv4_ll_grp_dmac -A $ipv4_src -B $ipv4_ll_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2079 tc_check_packets "$ns2" "dev vx0 ingress" 101 2
2080 log_test $? 0 "Link-local IPv4 multicast - first VTEP"
2081 tc_check_packets "$ns2" "dev vx0 ingress" 102 1
2082 log_test $? 0 "Link-local IPv4 multicast - second VTEP"
2084 # Send registered IPv4 multicast using a unicast MAC address and make
2085 # sure it does not arrive to any VTEP.
2086 run_cmd "ip netns exec $ns1 mausezahn br0.10 -a own -b 00:11:22:33:44:55 -A $ipv4_src -B $ipv4_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2087 tc_check_packets "$ns2" "dev vx0 ingress" 101 2
2088 log_test $? 0 "Registered IPv4 multicast with a unicast MAC - first VTEP"
2089 tc_check_packets "$ns2" "dev vx0 ingress" 102 1
2090 log_test $? 0 "Registered IPv4 multicast with a unicast MAC - second VTEP"
2092 # Send registered IPv4 multicast using a broadcast MAC address and make
2093 # sure it does not arrive to any VTEP.
2094 run_cmd "ip netns exec $ns1 mausezahn br0.10 -a own -b bcast -A $ipv4_src -B $ipv4_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2095 tc_check_packets "$ns2" "dev vx0 ingress" 101 2
2096 log_test $? 0 "Registered IPv4 multicast with a broadcast MAC - first VTEP"
2097 tc_check_packets "$ns2" "dev vx0 ingress" 102 1
2098 log_test $? 0 "Registered IPv4 multicast with a broadcast MAC - second VTEP"
2100 # Make sure IPv4 traffic did not reach the VTEPs associated with
2102 tc_check_packets "$ns2" "dev vx0 ingress" 103 0
2103 log_test $? 0 "IPv4 traffic - third VTEP"
2104 tc_check_packets "$ns2" "dev vx0 ingress" 104 0
2105 log_test $? 0 "IPv4 traffic - fourth VTEP"
2107 # Reset IPv4 filters before testing IPv6 traffic.
2108 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto all flower enc_dst_ip $vtep1_ip action pass"
2109 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 102 proto all flower enc_dst_ip $vtep2_ip action pass"
2111 # Send registered IPv6 multicast and make sure it only arrives to the
2113 run_cmd "ip netns exec $ns1 mausezahn -6 br0.10 -a own -b $ipv6_grp_dmac -A $ipv6_src -B $ipv6_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2114 tc_check_packets "$ns2" "dev vx0 ingress" 103 1
2115 log_test $? 0 "Registered IPv6 multicast - third VTEP"
2116 tc_check_packets "$ns2" "dev vx0 ingress" 104 0
2117 log_test $? 0 "Registered IPv6 multicast - fourth VTEP"
2119 # Send unregistered IPv6 multicast that is not link-local and make sure
2120 # it arrives to the third and fourth VTEPs.
2121 run_cmd "ip netns exec $ns1 mausezahn -6 br0.10 -a own -b $ipv6_unreg_grp_dmac -A $ipv6_src -B $ipv6_unreg_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2122 tc_check_packets "$ns2" "dev vx0 ingress" 103 2
2123 log_test $? 0 "Unregistered IPv6 multicast - third VTEP"
2124 tc_check_packets "$ns2" "dev vx0 ingress" 104 1
2125 log_test $? 0 "Unregistered IPv6 multicast - fourth VTEP"
2127 # Send IPv6 link-local multicast traffic and make sure it does not
2128 # arrive to any VTEP.
2129 run_cmd "ip netns exec $ns1 mausezahn -6 br0.10 -a own -b $ipv6_ll_grp_dmac -A $ipv6_src -B $ipv6_ll_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2130 tc_check_packets "$ns2" "dev vx0 ingress" 103 2
2131 log_test $? 0 "Link-local IPv6 multicast - third VTEP"
2132 tc_check_packets "$ns2" "dev vx0 ingress" 104 1
2133 log_test $? 0 "Link-local IPv6 multicast - fourth VTEP"
2135 # Send registered IPv6 multicast using a unicast MAC address and make
2136 # sure it does not arrive to any VTEP.
2137 run_cmd "ip netns exec $ns1 mausezahn -6 br0.10 -a own -b 00:11:22:33:44:55 -A $ipv6_src -B $ipv6_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2138 tc_check_packets "$ns2" "dev vx0 ingress" 103 2
2139 log_test $? 0 "Registered IPv6 multicast with a unicast MAC - third VTEP"
2140 tc_check_packets "$ns2" "dev vx0 ingress" 104 1
2141 log_test $? 0 "Registered IPv6 multicast with a unicast MAC - fourth VTEP"
2143 # Send registered IPv6 multicast using a broadcast MAC address and make
2144 # sure it does not arrive to any VTEP.
2145 run_cmd "ip netns exec $ns1 mausezahn -6 br0.10 -a own -b bcast -A $ipv6_src -B $ipv6_grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2146 tc_check_packets "$ns2" "dev vx0 ingress" 103 2
2147 log_test $? 0 "Registered IPv6 multicast with a broadcast MAC - third VTEP"
2148 tc_check_packets "$ns2" "dev vx0 ingress" 104 1
2149 log_test $? 0 "Registered IPv6 multicast with a broadcast MAC - fourth VTEP"
2151 # Make sure IPv6 traffic did not reach the VTEPs associated with
2153 tc_check_packets "$ns2" "dev vx0 ingress" 101 0
2154 log_test $? 0 "IPv6 traffic - first VTEP"
2155 tc_check_packets "$ns2" "dev vx0 ingress" 102 0
2156 log_test $? 0 "IPv6 traffic - second VTEP"
2159 all_zeros_mdb_ipv4()
2163 local vtep1_ip=198.51.100.101
2164 local vtep2_ip=198.51.100.102
2165 local vtep3_ip=198.51.100.103
2166 local vtep4_ip=198.51.100.104
2170 echo "Data path: All-zeros MDB entry - IPv4 underlay"
2171 echo "----------------------------------------------"
2173 all_zeros_mdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $vtep3_ip \
2177 all_zeros_mdb_ipv6()
2181 local vtep1_ip=2001:db8:1000::1
2182 local vtep2_ip=2001:db8:2000::1
2183 local vtep3_ip=2001:db8:3000::1
2184 local vtep4_ip=2001:db8:4000::1
2188 echo "Data path: All-zeros MDB entry - IPv6 underlay"
2189 echo "----------------------------------------------"
2191 all_zeros_mdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $vtep3_ip \
2199 local vtep1_ip=$1; shift
2200 local vtep2_ip=$1; shift
2201 local plen=$1; shift
2202 local proto=$1; shift
2204 local grp_dmac=$1; shift
2208 # Install an MDB entry and an FDB entry and make sure that the FDB
2209 # entry only forwards traffic that was not forwarded by the MDB.
2211 # Associate the MDB entry with one VTEP and the FDB entry with another
2213 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp permanent dst $vtep1_ip src_vni 10010"
2214 run_cmd "bridge -n $ns1 fdb add 00:00:00:00:00:00 dev vx0 self static dst $vtep2_ip src_vni 10010"
2216 # Add filters to match on decapsulated traffic in the second namespace.
2217 run_cmd "tc -n $ns2 qdisc replace dev vx0 clsact"
2218 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 101 proto $proto flower ip_proto udp dst_port 54321 enc_dst_ip $vtep1_ip action pass"
2219 run_cmd "tc -n $ns2 filter replace dev vx0 ingress pref 1 handle 102 proto $proto flower ip_proto udp dst_port 54321 enc_dst_ip $vtep2_ip action pass"
2221 # Configure the VTEP addresses in the second namespace to enable
2223 run_cmd "ip -n $ns2 address replace $vtep1_ip/$plen dev lo"
2224 run_cmd "ip -n $ns2 address replace $vtep2_ip/$plen dev lo"
2226 # Send IP multicast traffic and make sure it is forwarded by the MDB
2227 # and only arrives to the first VTEP.
2228 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2229 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
2230 log_test $? 0 "IP multicast - first VTEP"
2231 tc_check_packets "$ns2" "dev vx0 ingress" 102 0
2232 log_test $? 0 "IP multicast - second VTEP"
2234 # Send broadcast traffic and make sure it is forwarded by the FDB and
2235 # only arrives to the second VTEP.
2236 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b bcast -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2237 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
2238 log_test $? 0 "Broadcast - first VTEP"
2239 tc_check_packets "$ns2" "dev vx0 ingress" 102 1
2240 log_test $? 0 "Broadcast - second VTEP"
2242 # Remove the MDB entry and make sure that IP multicast is now forwarded
2243 # by the FDB to the second VTEP.
2244 run_cmd "bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp dst $vtep1_ip src_vni 10010"
2245 run_cmd "ip netns exec $ns1 $mz br0.10 -a own -b $grp_dmac -A $src -B $grp -t udp sp=12345,dp=54321 -p 100 -c 1 -q"
2246 tc_check_packets "$ns2" "dev vx0 ingress" 101 1
2247 log_test $? 0 "IP multicast after removal - first VTEP"
2248 tc_check_packets "$ns2" "dev vx0 ingress" 102 2
2249 log_test $? 0 "IP multicast after removal - second VTEP"
2256 local vtep1_ip=198.51.100.100
2257 local vtep2_ip=198.51.100.200
2261 local grp_dmac=01:00:5e:01:01:01
2262 local src=192.0.2.129
2265 echo "Data path: MDB with FDB - IPv4 overlay / IPv4 underlay"
2266 echo "------------------------------------------------------"
2268 mdb_fdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $proto $grp \
2269 $grp_dmac $src "mausezahn"
2276 local vtep1_ip=198.51.100.100
2277 local vtep2_ip=198.51.100.200
2281 local grp_dmac=33:33:00:00:00:01
2282 local src=2001:db8:100::1
2285 echo "Data path: MDB with FDB - IPv6 overlay / IPv4 underlay"
2286 echo "------------------------------------------------------"
2288 mdb_fdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $proto $grp \
2289 $grp_dmac $src "mausezahn -6"
2296 local vtep1_ip=2001:db8:1000::1
2297 local vtep2_ip=2001:db8:2000::1
2301 local grp_dmac=01:00:5e:01:01:01
2302 local src=192.0.2.129
2305 echo "Data path: MDB with FDB - IPv4 overlay / IPv6 underlay"
2306 echo "------------------------------------------------------"
2308 mdb_fdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $proto $grp \
2309 $grp_dmac $src "mausezahn"
2316 local vtep1_ip=2001:db8:1000::1
2317 local vtep2_ip=2001:db8:2000::1
2321 local grp_dmac=33:33:00:00:00:01
2322 local src=2001:db8:100::1
2325 echo "Data path: MDB with FDB - IPv6 overlay / IPv6 underlay"
2326 echo "------------------------------------------------------"
2328 mdb_fdb_common $ns1 $ns2 $vtep1_ip $vtep2_ip $plen $proto $grp \
2329 $grp_dmac $src "mausezahn -6"
2335 local vtep1_ip=$1; shift
2336 local grp1=$1; shift
2339 bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp1 dst $vtep1_ip src_vni 10010
2340 bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp1 permanent dst $vtep1_ip src_vni 10010
2341 done >/dev/null 2>&1
2347 local vtep1_ip=$1; shift
2348 local vtep2_ip=$1; shift
2349 local grp2=$1; shift
2352 bridge -n $ns1 mdb del dev vx0 port vx0 grp $grp2 dst $vtep1_ip src_vni 10010
2353 bridge -n $ns1 mdb add dev vx0 port vx0 grp $grp2 permanent dst $vtep1_ip src_vni 10010
2354 bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp2 permanent dst $vtep2_ip src_vni 10010
2355 done >/dev/null 2>&1
2358 mdb_torture_common()
2361 local vtep1_ip=$1; shift
2362 local vtep2_ip=$1; shift
2363 local grp1=$1; shift
2364 local grp1_dmac=$1; shift
2365 local grp2=$1; shift
2366 local grp2_dmac=$1; shift
2374 # Continuously send two streams that are forwarded by two different MDB
2375 # entries. The first entry will be added and deleted in a loop. This
2376 # allows us to test that the data path does not use freed MDB entry
2377 # memory. The second entry will have two remotes, one that is added and
2378 # deleted in a loop and another that is replaced in a loop. This allows
2379 # us to test that the data path does not use freed remote entry memory.
2380 # The test is considered successful if nothing crashed.
2382 # Create the MDB entries that will be continuously deleted / replaced.
2383 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp1 permanent dst $vtep1_ip src_vni 10010"
2384 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp2 permanent dst $vtep1_ip src_vni 10010"
2385 run_cmd "bridge -n $ns1 mdb replace dev vx0 port vx0 grp $grp2 permanent dst $vtep2_ip src_vni 10010"
2387 mdb_grp1_loop $ns1 $vtep1_ip $grp1 &
2389 mdb_grp2_loop $ns1 $vtep1_ip $vtep2_ip $grp2 &
2391 ip netns exec $ns1 $mz br0.10 -a own -b $grp1_dmac -A $src -B $grp1 -t udp sp=12345,dp=54321 -p 100 -c 0 -q &
2393 ip netns exec $ns1 $mz br0.10 -a own -b $grp2_dmac -A $src -B $grp2 -t udp sp=12345,dp=54321 -p 100 -c 0 -q &
2397 kill -9 $pid1 $pid2 $pid3 $pid4
2398 wait $pid1 $pid2 $pid3 $pid4 2>/dev/null
2400 log_test 0 0 "Torture test"
2403 mdb_torture_ipv4_ipv4()
2406 local vtep1_ip=198.51.100.100
2407 local vtep2_ip=198.51.100.200
2408 local grp1=239.1.1.1
2409 local grp1_dmac=01:00:5e:01:01:01
2410 local grp2=239.2.2.2
2411 local grp2_dmac=01:00:5e:02:02:02
2412 local src=192.0.2.129
2415 echo "Data path: MDB torture test - IPv4 overlay / IPv4 underlay"
2416 echo "----------------------------------------------------------"
2418 mdb_torture_common $ns1 $vtep1_ip $vtep2_ip $grp1 $grp1_dmac $grp2 \
2419 $grp2_dmac $src "mausezahn"
2422 mdb_torture_ipv6_ipv4()
2425 local vtep1_ip=198.51.100.100
2426 local vtep2_ip=198.51.100.200
2428 local grp1_dmac=33:33:00:00:00:01
2430 local grp2_dmac=33:33:00:00:00:02
2431 local src=2001:db8:100::1
2434 echo "Data path: MDB torture test - IPv6 overlay / IPv4 underlay"
2435 echo "----------------------------------------------------------"
2437 mdb_torture_common $ns1 $vtep1_ip $vtep2_ip $grp1 $grp1_dmac $grp2 \
2438 $grp2_dmac $src "mausezahn -6"
2441 mdb_torture_ipv4_ipv6()
2444 local vtep1_ip=2001:db8:1000::1
2445 local vtep2_ip=2001:db8:2000::1
2446 local grp1=239.1.1.1
2447 local grp1_dmac=01:00:5e:01:01:01
2448 local grp2=239.2.2.2
2449 local grp2_dmac=01:00:5e:02:02:02
2450 local src=192.0.2.129
2453 echo "Data path: MDB torture test - IPv4 overlay / IPv6 underlay"
2454 echo "----------------------------------------------------------"
2456 mdb_torture_common $ns1 $vtep1_ip $vtep2_ip $grp1 $grp1_dmac $grp2 \
2457 $grp2_dmac $src "mausezahn"
2460 mdb_torture_ipv6_ipv6()
2463 local vtep1_ip=2001:db8:1000::1
2464 local vtep2_ip=2001:db8:2000::1
2466 local grp1_dmac=33:33:00:00:00:01
2468 local grp2_dmac=33:33:00:00:00:02
2469 local src=2001:db8:100::1
2472 echo "Data path: MDB torture test - IPv6 overlay / IPv6 underlay"
2473 echo "----------------------------------------------------------"
2475 mdb_torture_common $ns1 $vtep1_ip $vtep2_ip $grp1 $grp1_dmac $grp2 \
2476 $grp2_dmac $src "mausezahn -6"
2479 ################################################################################
2485 usage: ${0##*/} OPTS
2487 -t <test> Test(s) to run (default: all)
2489 -c Control path tests only
2490 -d Data path tests only
2492 -P Pause after each test before cleanup
2493 -v Verbose mode (show commands and output)
2497 ################################################################################
2502 while getopts ":t:cdpPvh" opt; do
2505 c) TESTS=${CONTROL_PATH_TESTS};;
2506 d) TESTS=${DATA_PATH_TESTS};;
2507 p) PAUSE_ON_FAIL=yes;;
2509 v) VERBOSE=$(($VERBOSE + 1));;
2515 # Make sure we don't pause twice.
2516 [ "${PAUSE}" = "yes" ] && PAUSE_ON_FAIL=no
2518 if [ "$(id -u)" -ne 0 ];then
2519 echo "SKIP: Need root privileges"
2523 if [ ! -x "$(command -v ip)" ]; then
2524 echo "SKIP: Could not run test without ip tool"
2528 if [ ! -x "$(command -v bridge)" ]; then
2529 echo "SKIP: Could not run test without bridge tool"
2533 if [ ! -x "$(command -v mausezahn)" ]; then
2534 echo "SKIP: Could not run test without mausezahn tool"
2538 if [ ! -x "$(command -v jq)" ]; then
2539 echo "SKIP: Could not run test without jq tool"
2543 bridge mdb help 2>&1 | grep -q "flush"
2544 if [ $? -ne 0 ]; then
2545 echo "SKIP: iproute2 bridge too old, missing VXLAN MDB flush support"
2557 if [ "$TESTS" != "none" ]; then
2558 printf "\nTests passed: %3d\n" ${nsuccess}
2559 printf "Tests failed: %3d\n" ${nfail}
projects / linux.git / blob