1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0
3#
4# Test various aspects of VxLAN offloading which are specific to mlxsw, such
5# as sanitization of invalid configurations and offload indication.
6
7: ${ADDR_FAMILY:=ipv4}
8export ADDR_FAMILY
9
10: ${LOCAL_IP_1:=198.51.100.1}
11export LOCAL_IP_1
12
13: ${LOCAL_IP_2:=198.51.100.2}
14export LOCAL_IP_2
15
16: ${PREFIX_LEN:=32}
17export PREFIX_LEN
18
19: ${UDPCSUM_FLAFS:=noudpcsum}
20export UDPCSUM_FLAFS
21
22: ${MC_IP:=239.0.0.1}
23export MC_IP
24
25: ${IP_FLAG:=""}
26export IP_FLAG
27
28: ${ALL_TESTS:="
29	sanitization_test
30	offload_indication_test
31	sanitization_vlan_aware_test
32	offload_indication_vlan_aware_test
33"}
34
35lib_dir=$(dirname $0)/../../../net/forwarding
36NUM_NETIFS=2
37: ${TIMEOUT:=20000} # ms
38source $lib_dir/lib.sh
39
40setup_prepare()
41{
42	swp1=${NETIFS[p1]}
43	swp2=${NETIFS[p2]}
44
45	ip link set dev $swp1 up
46	ip link set dev $swp2 up
47}
48
49cleanup()
50{
51	pre_cleanup
52
53	ip link set dev $swp2 down
54	ip link set dev $swp1 down
55}
56
57sanitization_single_dev_test_pass()
58{
59	ip link set dev $swp1 master br0
60	check_err $?
61	ip link set dev vxlan0 master br0
62	check_err $?
63
64	ip link set dev $swp1 nomaster
65
66	ip link set dev $swp1 master br0
67	check_err $?
68}
69
70sanitization_single_dev_test_fail()
71{
72	ip link set dev $swp1 master br0
73	check_err $?
74	ip link set dev vxlan0 master br0 &> /dev/null
75	check_fail $?
76
77	ip link set dev $swp1 nomaster
78
79	ip link set dev vxlan0 master br0
80	check_err $?
81	ip link set dev $swp1 master br0 &> /dev/null
82	check_fail $?
83}
84
85sanitization_single_dev_valid_test()
86{
87	RET=0
88
89	ip link add dev br0 type bridge mcast_snooping 0
90
91	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
92		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
93
94	sanitization_single_dev_test_pass
95
96	ip link del dev vxlan0
97	ip link del dev br0
98
99	log_test "vxlan device - valid configuration"
100}
101
102sanitization_single_dev_vlan_aware_test()
103{
104	RET=0
105
106	ip link add dev br0 type bridge mcast_snooping 0 vlan_filtering 1
107
108	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
109		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
110
111	sanitization_single_dev_test_pass
112
113	ip link del dev vxlan0
114	ip link del dev br0
115
116	log_test "vxlan device with a vlan-aware bridge"
117}
118
119sanitization_single_dev_mcast_enabled_test()
120{
121	RET=0
122
123	ip link add dev br0 type bridge
124
125	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
126		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
127
128	sanitization_single_dev_test_fail
129
130	ip link del dev vxlan0
131	ip link del dev br0
132
133	log_test "vxlan device with a multicast enabled bridge"
134}
135
136sanitization_single_dev_mcast_group_test()
137{
138	RET=0
139
140	ip link add dev br0 type bridge mcast_snooping 0
141	ip link add name dummy1 up type dummy
142
143	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
144		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 \
145		dev dummy1 group $MC_IP
146
147	sanitization_single_dev_test_fail
148
149	ip link del dev vxlan0
150	ip link del dev dummy1
151	ip link del dev br0
152
153	log_test "vxlan device with a multicast group"
154}
155
156sanitization_single_dev_no_local_ip_test()
157{
158	RET=0
159
160	ip link add dev br0 type bridge mcast_snooping 0
161
162	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
163		ttl 20 tos inherit dstport 4789
164
165	sanitization_single_dev_test_fail
166
167	ip link del dev vxlan0
168	ip link del dev br0
169
170	log_test "vxlan device with no local ip"
171}
172
173sanitization_single_dev_learning_enabled_ipv4_test()
174{
175	RET=0
176
177	ip link add dev br0 type bridge mcast_snooping 0
178
179	ip link add name vxlan0 up type vxlan id 10 learning $UDPCSUM_FLAFS \
180		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
181
182	sanitization_single_dev_test_pass
183
184	ip link del dev vxlan0
185	ip link del dev br0
186
187	log_test "vxlan device with learning enabled"
188}
189
190sanitization_single_dev_local_interface_test()
191{
192	RET=0
193
194	ip link add dev br0 type bridge mcast_snooping 0
195	ip link add name dummy1 up type dummy
196
197	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
198		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 dev dummy1
199
200	sanitization_single_dev_test_fail
201
202	ip link del dev vxlan0
203	ip link del dev dummy1
204	ip link del dev br0
205
206	log_test "vxlan device with local interface"
207}
208
209sanitization_single_dev_port_range_test()
210{
211	RET=0
212
213	ip link add dev br0 type bridge mcast_snooping 0
214
215	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
216		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 \
217		srcport 4000 5000
218
219	sanitization_single_dev_test_fail
220
221	ip link del dev vxlan0
222	ip link del dev br0
223
224	log_test "vxlan device with udp source port range"
225}
226
227sanitization_single_dev_tos_static_test()
228{
229	RET=0
230
231	ip link add dev br0 type bridge mcast_snooping 0
232
233	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
234		ttl 20 tos 20 local $LOCAL_IP_1 dstport 4789
235
236	sanitization_single_dev_test_fail
237
238	ip link del dev vxlan0
239	ip link del dev br0
240
241	log_test "vxlan device with static tos"
242}
243
244sanitization_single_dev_ttl_inherit_test()
245{
246	RET=0
247
248	ip link add dev br0 type bridge mcast_snooping 0
249
250	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
251		ttl inherit tos inherit local $LOCAL_IP_1 dstport 4789
252
253	sanitization_single_dev_test_fail
254
255	ip link del dev vxlan0
256	ip link del dev br0
257
258	log_test "vxlan device with inherit ttl"
259}
260
261sanitization_single_dev_udp_checksum_ipv4_test()
262{
263	RET=0
264
265	ip link add dev br0 type bridge mcast_snooping 0
266
267	ip link add name vxlan0 up type vxlan id 10 nolearning udpcsum \
268		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
269
270	sanitization_single_dev_test_fail
271
272	ip link del dev vxlan0
273	ip link del dev br0
274
275	log_test "vxlan device with udp checksum"
276}
277
278sanitization_single_dev_test()
279{
280	# These tests make sure that we correctly sanitize VxLAN device
281	# configurations we do not support
282	sanitization_single_dev_valid_test
283	sanitization_single_dev_vlan_aware_test
284	sanitization_single_dev_mcast_enabled_test
285	sanitization_single_dev_mcast_group_test
286	sanitization_single_dev_no_local_ip_test
287	sanitization_single_dev_learning_enabled_"$ADDR_FAMILY"_test
288	sanitization_single_dev_local_interface_test
289	sanitization_single_dev_port_range_test
290	sanitization_single_dev_tos_static_test
291	sanitization_single_dev_ttl_inherit_test
292	sanitization_single_dev_udp_checksum_"$ADDR_FAMILY"_test
293}
294
295sanitization_multi_devs_test_pass()
296{
297	ip link set dev $swp1 master br0
298	check_err $?
299	ip link set dev vxlan0 master br0
300	check_err $?
301	ip link set dev $swp2 master br1
302	check_err $?
303	ip link set dev vxlan1 master br1
304	check_err $?
305
306	ip link set dev $swp2 nomaster
307	ip link set dev $swp1 nomaster
308
309	ip link set dev $swp1 master br0
310	check_err $?
311	ip link set dev $swp2 master br1
312	check_err $?
313}
314
315sanitization_multi_devs_test_fail()
316{
317	ip link set dev $swp1 master br0
318	check_err $?
319	ip link set dev vxlan0 master br0
320	check_err $?
321	ip link set dev $swp2 master br1
322	check_err $?
323	ip link set dev vxlan1 master br1 &> /dev/null
324	check_fail $?
325
326	ip link set dev $swp2 nomaster
327	ip link set dev $swp1 nomaster
328
329	ip link set dev vxlan1 master br1
330	check_err $?
331	ip link set dev $swp1 master br0
332	check_err $?
333	ip link set dev $swp2 master br1 &> /dev/null
334	check_fail $?
335}
336
337sanitization_multi_devs_valid_test()
338{
339	RET=0
340
341	ip link add dev br0 type bridge mcast_snooping 0
342	ip link add dev br1 type bridge mcast_snooping 0
343
344	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
345		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
346	ip link add name vxlan1 up type vxlan id 20 nolearning $UDPCSUM_FLAFS \
347		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
348
349	sanitization_multi_devs_test_pass
350
351	ip link del dev vxlan1
352	ip link del dev vxlan0
353	ip link del dev br1
354	ip link del dev br0
355
356	log_test "multiple vxlan devices - valid configuration"
357}
358
359sanitization_multi_devs_ttl_test()
360{
361	RET=0
362
363	ip link add dev br0 type bridge mcast_snooping 0
364	ip link add dev br1 type bridge mcast_snooping 0
365
366	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
367		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
368	ip link add name vxlan1 up type vxlan id 20 nolearning $UDPCSUM_FLAFS \
369		ttl 40 tos inherit local $LOCAL_IP_1 dstport 4789
370
371	sanitization_multi_devs_test_fail
372
373	ip link del dev vxlan1
374	ip link del dev vxlan0
375	ip link del dev br1
376	ip link del dev br0
377
378	log_test "multiple vxlan devices with different ttl"
379}
380
381sanitization_multi_devs_udp_dstport_test()
382{
383	RET=0
384
385	ip link add dev br0 type bridge mcast_snooping 0
386	ip link add dev br1 type bridge mcast_snooping 0
387
388	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
389		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
390	ip link add name vxlan1 up type vxlan id 20 nolearning $UDPCSUM_FLAFS \
391		ttl 20 tos inherit local $LOCAL_IP_1 dstport 5789
392
393	sanitization_multi_devs_test_fail
394
395	ip link del dev vxlan1
396	ip link del dev vxlan0
397	ip link del dev br1
398	ip link del dev br0
399
400	log_test "multiple vxlan devices with different udp destination port"
401}
402
403sanitization_multi_devs_local_ip_test()
404{
405	RET=0
406
407	ip link add dev br0 type bridge mcast_snooping 0
408	ip link add dev br1 type bridge mcast_snooping 0
409
410	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
411		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
412	ip link add name vxlan1 up type vxlan id 20 nolearning $UDPCSUM_FLAFS \
413		ttl 20 tos inherit local $LOCAL_IP_2 dstport 4789
414
415	sanitization_multi_devs_test_fail
416
417	ip link del dev vxlan1
418	ip link del dev vxlan0
419	ip link del dev br1
420	ip link del dev br0
421
422	log_test "multiple vxlan devices with different local ip"
423}
424
425sanitization_multi_devs_test()
426{
427	# The device has a single VTEP, which means all the VxLAN devices
428	# we offload must share certain properties such as source IP and
429	# UDP destination port. These tests make sure that we forbid
430	# configurations that violate this limitation
431	sanitization_multi_devs_valid_test
432	sanitization_multi_devs_ttl_test
433	sanitization_multi_devs_udp_dstport_test
434	sanitization_multi_devs_local_ip_test
435}
436
437sanitization_test()
438{
439	sanitization_single_dev_test
440	sanitization_multi_devs_test
441}
442
443offload_indication_setup_create()
444{
445	# Create a simple setup with two bridges, each with a VxLAN device
446	# and one local port
447	ip link add name br0 type bridge mcast_snooping 0
448	ip link set dev br0 addrgenmode none
449	ip link set dev br0 up
450	ip link add name br1 type bridge mcast_snooping 0
451	ip link set dev br1 addrgenmode none
452	ip link set dev br1 up
453
454	ip link set dev $swp1 master br0
455	ip link set dev $swp2 master br1
456
457	ip address add $LOCAL_IP_1/$PREFIX_LEN dev lo
458
459	ip link add name vxlan0 up master br0 type vxlan id 10 nolearning \
460		$UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
461	ip link add name vxlan1 up master br1 type vxlan id 20 nolearning \
462		$UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
463}
464
465offload_indication_setup_destroy()
466{
467	ip link del dev vxlan1
468	ip link del dev vxlan0
469
470	ip address del $LOCAL_IP_1/$PREFIX_LEN dev lo
471
472	ip link set dev $swp2 nomaster
473	ip link set dev $swp1 nomaster
474
475	ip link del dev br1
476	ip link del dev br0
477}
478
479offload_indication_fdb_flood_test()
480{
481	RET=0
482
483	bridge fdb append 00:00:00:00:00:00 dev vxlan0 self dst $LOCAL_IP_2
484
485	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb 00:00:00:00:00:00 \
486		bridge fdb show brport vxlan0
487	check_err $?
488
489	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self
490
491	log_test "vxlan flood entry offload indication"
492}
493
494offload_indication_fdb_bridge_test()
495{
496	RET=0
497
498	bridge fdb add de:ad:be:ef:13:37 dev vxlan0 self master static \
499		dst $LOCAL_IP_2
500
501	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
502		de:ad:be:ef:13:37 self bridge fdb show brport vxlan0
503	check_err $?
504	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
505		de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan0
506	check_err $?
507
508	log_test "vxlan entry offload indication - initial state"
509
510	# Remove FDB entry from the bridge driver and check that corresponding
511	# entry in the VxLAN driver is not marked as offloaded
512	RET=0
513
514	bridge fdb del de:ad:be:ef:13:37 dev vxlan0 master
515	busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb \
516		de:ad:be:ef:13:37 self bridge fdb show brport vxlan0
517	check_err $?
518
519	log_test "vxlan entry offload indication - after removal from bridge"
520
521	# Add the FDB entry back to the bridge driver and make sure it is
522	# marked as offloaded in both drivers
523	RET=0
524
525	bridge fdb add de:ad:be:ef:13:37 dev vxlan0 master static
526	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
527		de:ad:be:ef:13:37 self bridge fdb show brport vxlan0
528	check_err $?
529	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
530		de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan0
531	check_err $?
532
533	log_test "vxlan entry offload indication - after re-add to bridge"
534
535	# Remove FDB entry from the VxLAN driver and check that corresponding
536	# entry in the bridge driver is not marked as offloaded
537	RET=0
538
539	bridge fdb del de:ad:be:ef:13:37 dev vxlan0 self
540	busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb \
541		de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan0
542	check_err $?
543
544	log_test "vxlan entry offload indication - after removal from vxlan"
545
546	# Add the FDB entry back to the VxLAN driver and make sure it is
547	# marked as offloaded in both drivers
548	RET=0
549
550	bridge fdb add de:ad:be:ef:13:37 dev vxlan0 self dst $LOCAL_IP_2
551	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
552		de:ad:be:ef:13:37 self bridge fdb show brport vxlan0
553	check_err $?
554	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
555		de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan0
556	check_err $?
557
558	log_test "vxlan entry offload indication - after re-add to vxlan"
559
560	bridge fdb del de:ad:be:ef:13:37 dev vxlan0 self master
561}
562
563offload_indication_fdb_test()
564{
565	offload_indication_fdb_flood_test
566	offload_indication_fdb_bridge_test
567}
568
569offload_indication_decap_route_test()
570{
571	RET=0
572
573	busywait "$TIMEOUT" wait_for_offload \
574		ip $IP_FLAG route show table local $LOCAL_IP_1
575	check_err $?
576
577	ip link set dev vxlan0 down
578	busywait "$TIMEOUT" wait_for_offload \
579		ip $IP_FLAG route show table local $LOCAL_IP_1
580	check_err $?
581
582	ip link set dev vxlan1 down
583	busywait "$TIMEOUT" not wait_for_offload \
584		ip $IP_FLAG route show table local $LOCAL_IP_1
585	check_err $?
586
587	log_test "vxlan decap route - vxlan device down"
588
589	RET=0
590
591	ip link set dev vxlan1 up
592	busywait "$TIMEOUT" wait_for_offload \
593		ip $IP_FLAG route show table local $LOCAL_IP_1
594	check_err $?
595
596	ip link set dev vxlan0 up
597	busywait "$TIMEOUT" wait_for_offload \
598		ip $IP_FLAG route show table local $LOCAL_IP_1
599	check_err $?
600
601	log_test "vxlan decap route - vxlan device up"
602
603	RET=0
604
605	ip address delete $LOCAL_IP_1/$PREFIX_LEN dev lo
606	busywait "$TIMEOUT" not wait_for_offload \
607		ip $IP_FLAG route show table local $LOCAL_IP_1
608	check_err $?
609
610	ip address add $LOCAL_IP_1/$PREFIX_LEN dev lo
611	busywait "$TIMEOUT" wait_for_offload \
612		ip $IP_FLAG route show table local $LOCAL_IP_1
613	check_err $?
614
615	log_test "vxlan decap route - add local route"
616
617	RET=0
618
619	ip link set dev $swp1 nomaster
620	busywait "$TIMEOUT" wait_for_offload \
621		ip $IP_FLAG route show table local $LOCAL_IP_1
622	check_err $?
623
624	ip link set dev $swp2 nomaster
625	busywait "$TIMEOUT" not wait_for_offload \
626		ip $IP_FLAG route show table local $LOCAL_IP_1
627	check_err $?
628
629	ip link set dev $swp1 master br0
630	ip link set dev $swp2 master br1
631	busywait "$TIMEOUT" wait_for_offload \
632		ip $IP_FLAG route show table local $LOCAL_IP_1
633	check_err $?
634
635	log_test "vxlan decap route - local ports enslavement"
636
637	RET=0
638
639	ip link del dev br0
640	busywait "$TIMEOUT" wait_for_offload \
641		ip $IP_FLAG route show table local $LOCAL_IP_1
642	check_err $?
643
644	ip link del dev br1
645	busywait "$TIMEOUT" not wait_for_offload \
646		ip $IP_FLAG route show table local $LOCAL_IP_1
647	check_err $?
648
649	log_test "vxlan decap route - bridge device deletion"
650
651	RET=0
652
653	ip link add name br0 type bridge mcast_snooping 0
654	ip link set dev br0 addrgenmode none
655	ip link set dev br0 up
656	ip link add name br1 type bridge mcast_snooping 0
657	ip link set dev br1 addrgenmode none
658	ip link set dev br1 up
659	ip link set dev $swp1 master br0
660	ip link set dev $swp2 master br1
661	ip link set dev vxlan0 master br0
662	ip link set dev vxlan1 master br1
663	busywait "$TIMEOUT" wait_for_offload \
664		ip $IP_FLAG route show table local $LOCAL_IP_1
665	check_err $?
666
667	ip link del dev vxlan0
668	busywait "$TIMEOUT" wait_for_offload \
669		ip $IP_FLAG route show table local $LOCAL_IP_1
670	check_err $?
671
672	ip link del dev vxlan1
673	busywait "$TIMEOUT" not wait_for_offload \
674		ip $IP_FLAG route show table local $LOCAL_IP_1
675	check_err $?
676
677	log_test "vxlan decap route - vxlan device deletion"
678
679	ip link add name vxlan0 up master br0 type vxlan id 10 nolearning \
680		$UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
681	ip link add name vxlan1 up master br1 type vxlan id 20 nolearning \
682		$UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
683}
684
685check_fdb_offloaded()
686{
687	local mac=00:11:22:33:44:55
688	local zmac=00:00:00:00:00:00
689
690	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $mac self \
691		bridge fdb show dev vxlan0
692	check_err $?
693	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $mac master \
694		bridge fdb show dev vxlan0
695	check_err $?
696
697	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $zmac self \
698		bridge fdb show dev vxlan0
699	check_err $?
700}
701
702check_vxlan_fdb_not_offloaded()
703{
704	local mac=00:11:22:33:44:55
705	local zmac=00:00:00:00:00:00
706
707	bridge fdb show dev vxlan0 | grep $mac | grep -q self
708	check_err $?
709	busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $mac self \
710		bridge fdb show dev vxlan0
711	check_err $?
712
713	bridge fdb show dev vxlan0 | grep $zmac | grep -q self
714	check_err $?
715	busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $zmac self \
716		bridge fdb show dev vxlan0
717	check_err $?
718}
719
720check_bridge_fdb_not_offloaded()
721{
722	local mac=00:11:22:33:44:55
723	local zmac=00:00:00:00:00:00
724
725	bridge fdb show dev vxlan0 | grep $mac | grep -q master
726	check_err $?
727	busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $mac master \
728		bridge fdb show dev vxlan0
729	check_err $?
730}
731
732__offload_indication_join_vxlan_first()
733{
734	local vid=$1; shift
735
736	local mac=00:11:22:33:44:55
737	local zmac=00:00:00:00:00:00
738
739	bridge fdb append $zmac dev vxlan0 self dst $LOCAL_IP_2
740
741	ip link set dev vxlan0 master br0
742	bridge fdb add dev vxlan0 $mac self master static dst $LOCAL_IP_2
743
744	RET=0
745	check_vxlan_fdb_not_offloaded
746	ip link set dev $swp1 master br0
747	sleep .1
748	check_fdb_offloaded
749	log_test "offload indication - attach vxlan first"
750
751	RET=0
752	ip link set dev vxlan0 down
753	check_vxlan_fdb_not_offloaded
754	check_bridge_fdb_not_offloaded
755	log_test "offload indication - set vxlan down"
756
757	RET=0
758	ip link set dev vxlan0 up
759	sleep .1
760	check_fdb_offloaded
761	log_test "offload indication - set vxlan up"
762
763	if [[ ! -z $vid ]]; then
764		RET=0
765		bridge vlan del dev vxlan0 vid $vid
766		check_vxlan_fdb_not_offloaded
767		check_bridge_fdb_not_offloaded
768		log_test "offload indication - delete VLAN"
769
770		RET=0
771		bridge vlan add dev vxlan0 vid $vid
772		check_vxlan_fdb_not_offloaded
773		check_bridge_fdb_not_offloaded
774		log_test "offload indication - add tagged VLAN"
775
776		RET=0
777		bridge vlan add dev vxlan0 vid $vid pvid untagged
778		sleep .1
779		check_fdb_offloaded
780		log_test "offload indication - add pvid/untagged VLAN"
781	fi
782
783	RET=0
784	ip link set dev $swp1 nomaster
785	check_vxlan_fdb_not_offloaded
786	log_test "offload indication - detach port"
787}
788
789offload_indication_join_vxlan_first()
790{
791	ip link add dev br0 type bridge mcast_snooping 0
792	ip link set dev br0 addrgenmode none
793	ip link set dev br0 up
794	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
795		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
796
797	__offload_indication_join_vxlan_first
798
799	ip link del dev vxlan0
800	ip link del dev br0
801}
802
803__offload_indication_join_vxlan_last()
804{
805	local zmac=00:00:00:00:00:00
806
807	RET=0
808
809	bridge fdb append $zmac dev vxlan0 self dst $LOCAL_IP_2
810
811	ip link set dev $swp1 master br0
812
813	busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $zmac self \
814		bridge fdb show dev vxlan0
815	check_err $?
816
817	ip link set dev vxlan0 master br0
818
819	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $zmac self \
820		bridge fdb show dev vxlan0
821	check_err $?
822
823	log_test "offload indication - attach vxlan last"
824}
825
826offload_indication_join_vxlan_last()
827{
828	ip link add dev br0 type bridge mcast_snooping 0
829	ip link set dev br0 addrgenmode none
830	ip link set dev br0 up
831	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
832		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
833
834	__offload_indication_join_vxlan_last
835
836	ip link del dev vxlan0
837	ip link del dev br0
838}
839
840offload_indication_test()
841{
842	offload_indication_setup_create
843	offload_indication_fdb_test
844	offload_indication_decap_route_test
845	offload_indication_setup_destroy
846
847	log_info "offload indication - replay & cleanup"
848	offload_indication_join_vxlan_first
849	offload_indication_join_vxlan_last
850}
851
852sanitization_vlan_aware_test()
853{
854	RET=0
855
856	ip link add dev br0 type bridge mcast_snooping 0 vlan_filtering 1
857	ip link set dev br0 addrgenmode none
858
859	ip link add name vxlan10 up master br0 type vxlan id 10 nolearning \
860		$UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
861
862	ip link add name vxlan20 up master br0 type vxlan id 20 nolearning \
863		$UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
864
865	# Test that when each VNI is mapped to a different VLAN we can enslave
866	# a port to the bridge
867	bridge vlan add vid 10 dev vxlan10 pvid untagged
868	bridge vlan add vid 20 dev vxlan20 pvid untagged
869
870	ip link set dev $swp1 master br0
871	check_err $?
872
873	log_test "vlan-aware - enslavement to vlan-aware bridge"
874
875	# Try to map both VNIs to the same VLAN and make sure configuration
876	# fails
877	RET=0
878
879	bridge vlan add vid 10 dev vxlan20 pvid untagged &> /dev/null
880	check_fail $?
881
882	log_test "vlan-aware - two vnis mapped to the same vlan"
883
884	# Test that enslavement of a port to a bridge fails when two VNIs
885	# are mapped to the same VLAN
886	RET=0
887
888	ip link set dev $swp1 nomaster
889
890	bridge vlan del vid 20 dev vxlan20 pvid untagged
891	bridge vlan add vid 10 dev vxlan20 pvid untagged
892
893	ip link set dev $swp1 master br0 &> /dev/null
894	check_fail $?
895
896	log_test "vlan-aware - failed enslavement to vlan-aware bridge"
897
898	bridge vlan del vid 10 dev vxlan20
899	bridge vlan add vid 20 dev vxlan20 pvid untagged
900
901	# Test that when two VXLAN tunnels with conflicting configurations
902	# (i.e., different TTL) are enslaved to the same VLAN-aware bridge,
903	# then the enslavement of a port to the bridge is denied.
904
905	# Use the offload indication of the local route to ensure the VXLAN
906	# configuration was correctly rollbacked.
907	ip address add $LOCAL_IP_1/$PREFIX_LEN dev lo
908
909	ip link set dev vxlan10 type vxlan ttl 10
910	ip link set dev $swp1 master br0 &> /dev/null
911	check_fail $?
912
913	busywait "$TIMEOUT" not wait_for_offload \
914		ip $IP_FLAG route show table local $LOCAL_IP_1
915	check_err $?
916
917	log_test "vlan-aware - failed enslavement to bridge due to conflict"
918
919	ip link set dev vxlan10 type vxlan ttl 20
920	ip address del $LOCAL_IP_1/$PREFIX_LEN dev lo
921
922	ip link del dev vxlan20
923	ip link del dev vxlan10
924	ip link del dev br0
925}
926
927offload_indication_vlan_aware_setup_create()
928{
929	# Create a simple setup with two VxLAN devices and a single VLAN-aware
930	# bridge
931	ip link add name br0 type bridge mcast_snooping 0 vlan_filtering 1 \
932		vlan_default_pvid 0
933	ip link set dev br0 addrgenmode none
934	ip link set dev br0 up
935
936	ip link set dev $swp1 master br0
937
938	bridge vlan add vid 10 dev $swp1
939	bridge vlan add vid 20 dev $swp1
940
941	ip address add $LOCAL_IP_1/$PREFIX_LEN dev lo
942
943	ip link add name vxlan10 up master br0 type vxlan id 10 nolearning \
944		$UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
945	ip link add name vxlan20 up master br0 type vxlan id 20 nolearning \
946		$UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
947
948	bridge vlan add vid 10 dev vxlan10 pvid untagged
949	bridge vlan add vid 20 dev vxlan20 pvid untagged
950}
951
952offload_indication_vlan_aware_setup_destroy()
953{
954	bridge vlan del vid 20 dev vxlan20
955	bridge vlan del vid 10 dev vxlan10
956
957	ip link del dev vxlan20
958	ip link del dev vxlan10
959
960	ip address del $LOCAL_IP_1/$PREFIX_LEN dev lo
961
962	bridge vlan del vid 20 dev $swp1
963	bridge vlan del vid 10 dev $swp1
964
965	ip link set dev $swp1 nomaster
966
967	ip link del dev br0
968}
969
970offload_indication_vlan_aware_fdb_test()
971{
972	RET=0
973
974	log_info "vxlan entry offload indication - vlan-aware"
975
976	bridge fdb add de:ad:be:ef:13:37 dev vxlan10 self master static \
977		dst $LOCAL_IP_2 vlan 10
978
979	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
980		de:ad:be:ef:13:37 self bridge fdb show brport vxlan10
981	check_err $?
982	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
983		de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan10
984	check_err $?
985
986	log_test "vxlan entry offload indication - initial state"
987
988	# Remove FDB entry from the bridge driver and check that corresponding
989	# entry in the VxLAN driver is not marked as offloaded
990	RET=0
991
992	bridge fdb del de:ad:be:ef:13:37 dev vxlan10 master vlan 10
993	busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb \
994		de:ad:be:ef:13:37 self bridge fdb show brport vxlan10
995	check_err $?
996
997	log_test "vxlan entry offload indication - after removal from bridge"
998
999	# Add the FDB entry back to the bridge driver and make sure it is
1000	# marked as offloaded in both drivers
1001	RET=0
1002
1003	bridge fdb add de:ad:be:ef:13:37 dev vxlan10 master static vlan 10
1004	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
1005		de:ad:be:ef:13:37 self bridge fdb show brport vxlan10
1006	check_err $?
1007	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
1008		de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan10
1009	check_err $?
1010
1011	log_test "vxlan entry offload indication - after re-add to bridge"
1012
1013	# Remove FDB entry from the VxLAN driver and check that corresponding
1014	# entry in the bridge driver is not marked as offloaded
1015	RET=0
1016
1017	bridge fdb del de:ad:be:ef:13:37 dev vxlan10 self
1018	busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb \
1019		de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan10
1020	check_err $?
1021
1022	log_test "vxlan entry offload indication - after removal from vxlan"
1023
1024	# Add the FDB entry back to the VxLAN driver and make sure it is
1025	# marked as offloaded in both drivers
1026	RET=0
1027
1028	bridge fdb add de:ad:be:ef:13:37 dev vxlan10 self dst $LOCAL_IP_2
1029	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
1030		de:ad:be:ef:13:37 self bridge fdb show brport vxlan10
1031	check_err $?
1032	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
1033		de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan10
1034	check_err $?
1035
1036	log_test "vxlan entry offload indication - after re-add to vxlan"
1037
1038	bridge fdb del de:ad:be:ef:13:37 dev vxlan10 self master vlan 10
1039}
1040
1041offload_indication_vlan_aware_decap_route_test()
1042{
1043	RET=0
1044
1045	busywait "$TIMEOUT" wait_for_offload \
1046		ip $IP_FLAG route show table local $LOCAL_IP_1
1047	check_err $?
1048
1049	# Toggle PVID flag on one VxLAN device and make sure route is still
1050	# marked as offloaded
1051	bridge vlan add vid 10 dev vxlan10 untagged
1052
1053	busywait "$TIMEOUT" wait_for_offload \
1054		ip $IP_FLAG route show table local $LOCAL_IP_1
1055	check_err $?
1056
1057	# Toggle PVID flag on second VxLAN device and make sure route is no
1058	# longer marked as offloaded
1059	bridge vlan add vid 20 dev vxlan20 untagged
1060
1061	busywait "$TIMEOUT" not wait_for_offload \
1062		ip $IP_FLAG route show table local $LOCAL_IP_1
1063	check_err $?
1064
1065	# Toggle PVID flag back and make sure route is marked as offloaded
1066	bridge vlan add vid 10 dev vxlan10 pvid untagged
1067	bridge vlan add vid 20 dev vxlan20 pvid untagged
1068
1069	busywait "$TIMEOUT" wait_for_offload ip $IP_FLAG route show table local \
1070		$LOCAL_IP_1
1071	check_err $?
1072
1073	log_test "vxlan decap route - vni map/unmap"
1074}
1075
1076offload_indication_vlan_aware_join_vxlan_first()
1077{
1078	ip link add dev br0 type bridge mcast_snooping 0 \
1079		vlan_filtering 1 vlan_default_pvid 1
1080	ip link set dev br0 addrgenmode none
1081	ip link set dev br0 up
1082	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
1083		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
1084
1085	__offload_indication_join_vxlan_first 1
1086
1087	ip link del dev vxlan0
1088	ip link del dev br0
1089}
1090
1091offload_indication_vlan_aware_join_vxlan_last()
1092{
1093	ip link add dev br0 type bridge mcast_snooping 0 \
1094		vlan_filtering 1 vlan_default_pvid 1
1095	ip link set dev br0 addrgenmode none
1096	ip link set dev br0 up
1097	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
1098		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
1099
1100	__offload_indication_join_vxlan_last
1101
1102	ip link del dev vxlan0
1103	ip link del dev br0
1104}
1105
1106offload_indication_vlan_aware_l3vni_test()
1107{
1108	local zmac=00:00:00:00:00:00
1109
1110	RET=0
1111
1112	sysctl_set net.ipv6.conf.default.disable_ipv6 1
1113	ip link add dev br0 type bridge mcast_snooping 0 \
1114		vlan_filtering 1 vlan_default_pvid 0
1115	ip link set dev br0 addrgenmode none
1116	ip link set dev br0 up
1117	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
1118		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
1119
1120	ip link set dev $swp1 master br0
1121
1122	# The test will use the offload indication on the FDB entry to
1123	# understand if the tunnel is offloaded or not
1124	bridge fdb append $zmac dev vxlan0 self dst $LOCAL_IP_2
1125
1126	ip link set dev vxlan0 master br0
1127	bridge vlan add dev vxlan0 vid 10 pvid untagged
1128
1129	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $zmac self \
1130		bridge fdb show brport vxlan0
1131	check_err $? "vxlan tunnel not offloaded when should"
1132
1133	# Configure a VLAN interface and make sure tunnel is offloaded
1134	ip link add link br0 name br10 up type vlan id 10
1135	sysctl_set net.ipv6.conf.br10.disable_ipv6 0
1136	ip -6 address add 2001:db8:1::1/64 dev br10
1137	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $zmac self \
1138		bridge fdb show brport vxlan0
1139	check_err $? "vxlan tunnel not offloaded when should"
1140
1141	# Unlink the VXLAN device, make sure tunnel is no longer offloaded,
1142	# then add it back to the bridge and make sure it is offloaded
1143	ip link set dev vxlan0 nomaster
1144	busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $zmac self \
1145		bridge fdb show brport vxlan0
1146	check_err $? "vxlan tunnel offloaded after unlinked from bridge"
1147
1148	ip link set dev vxlan0 master br0
1149	busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $zmac self \
1150		bridge fdb show brport vxlan0
1151	check_err $? "vxlan tunnel offloaded despite no matching vid"
1152
1153	bridge vlan add dev vxlan0 vid 10 pvid untagged
1154	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $zmac self \
1155		bridge fdb show brport vxlan0
1156	check_err $? "vxlan tunnel not offloaded after adding vid"
1157
1158	log_test "vxlan - l3 vni"
1159
1160	ip link del dev vxlan0
1161	ip link del dev br0
1162	sysctl_restore net.ipv6.conf.default.disable_ipv6
1163}
1164
1165offload_indication_vlan_aware_test()
1166{
1167	offload_indication_vlan_aware_setup_create
1168	offload_indication_vlan_aware_fdb_test
1169	offload_indication_vlan_aware_decap_route_test
1170	offload_indication_vlan_aware_setup_destroy
1171
1172	log_info "offload indication - replay & cleanup - vlan aware"
1173	offload_indication_vlan_aware_join_vxlan_first
1174	offload_indication_vlan_aware_join_vxlan_last
1175	offload_indication_vlan_aware_l3vni_test
1176}
1177
1178trap cleanup EXIT
1179
1180setup_prepare
1181setup_wait
1182
1183tests_run
1184
1185exit $EXIT_STATUS
1186