xref: /openbmc/linux/tools/testing/selftests/net/fib_tests.sh (revision 7e24a55b2122746c2eef192296fc84624354f895)
1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0
3
4# This test is for checking IPv4 and IPv6 FIB behavior in response to
5# different events.
6
7ret=0
8# Kselftest framework requirement - SKIP code is 4.
9ksft_skip=4
10
11# all tests in this script. Can be overridden with -t option
12TESTS="unregister down carrier nexthop suppress ipv6_notify ipv4_notify \
13       ipv6_rt ipv4_rt ipv6_addr_metric ipv4_addr_metric ipv6_route_metrics \
14       ipv4_route_metrics ipv4_route_v6_gw rp_filter ipv4_del_addr \
15       ipv6_del_addr ipv4_mangle ipv6_mangle ipv4_bcast_neigh fib6_gc_test \
16       ipv4_mpath_list ipv6_mpath_list"
17
18VERBOSE=0
19PAUSE_ON_FAIL=no
20PAUSE=no
21IP="$(which ip) -netns ns1"
22NS_EXEC="$(which ip) netns exec ns1"
23
24which ping6 > /dev/null 2>&1 && ping6=$(which ping6) || ping6=$(which ping)
25
26log_test()
27{
28	local rc=$1
29	local expected=$2
30	local msg="$3"
31
32	if [ ${rc} -eq ${expected} ]; then
33		printf "    TEST: %-60s  [ OK ]\n" "${msg}"
34		nsuccess=$((nsuccess+1))
35	else
36		ret=1
37		nfail=$((nfail+1))
38		printf "    TEST: %-60s  [FAIL]\n" "${msg}"
39		if [ "${PAUSE_ON_FAIL}" = "yes" ]; then
40		echo
41			echo "hit enter to continue, 'q' to quit"
42			read a
43			[ "$a" = "q" ] && exit 1
44		fi
45	fi
46
47	if [ "${PAUSE}" = "yes" ]; then
48		echo
49		echo "hit enter to continue, 'q' to quit"
50		read a
51		[ "$a" = "q" ] && exit 1
52	fi
53}
54
55setup()
56{
57	set -e
58	ip netns add ns1
59	ip netns set ns1 auto
60	$IP link set dev lo up
61	ip netns exec ns1 sysctl -qw net.ipv4.ip_forward=1
62	ip netns exec ns1 sysctl -qw net.ipv6.conf.all.forwarding=1
63
64	$IP link add dummy0 type dummy
65	$IP link set dev dummy0 up
66	$IP address add 198.51.100.1/24 dev dummy0
67	$IP -6 address add 2001:db8:1::1/64 dev dummy0
68	set +e
69
70}
71
72cleanup()
73{
74	$IP link del dev dummy0 &> /dev/null
75	ip netns del ns1 &> /dev/null
76	ip netns del ns2 &> /dev/null
77}
78
79get_linklocal()
80{
81	local dev=$1
82	local addr
83
84	addr=$($IP -6 -br addr show dev ${dev} | \
85	awk '{
86		for (i = 3; i <= NF; ++i) {
87			if ($i ~ /^fe80/)
88				print $i
89		}
90	}'
91	)
92	addr=${addr/\/*}
93
94	[ -z "$addr" ] && return 1
95
96	echo $addr
97
98	return 0
99}
100
101fib_unreg_unicast_test()
102{
103	echo
104	echo "Single path route test"
105
106	setup
107
108	echo "    Start point"
109	$IP route get fibmatch 198.51.100.2 &> /dev/null
110	log_test $? 0 "IPv4 fibmatch"
111	$IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
112	log_test $? 0 "IPv6 fibmatch"
113
114	set -e
115	$IP link del dev dummy0
116	set +e
117
118	echo "    Nexthop device deleted"
119	$IP route get fibmatch 198.51.100.2 &> /dev/null
120	log_test $? 2 "IPv4 fibmatch - no route"
121	$IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
122	log_test $? 2 "IPv6 fibmatch - no route"
123
124	cleanup
125}
126
127fib_unreg_multipath_test()
128{
129
130	echo
131	echo "Multipath route test"
132
133	setup
134
135	set -e
136	$IP link add dummy1 type dummy
137	$IP link set dev dummy1 up
138	$IP address add 192.0.2.1/24 dev dummy1
139	$IP -6 address add 2001:db8:2::1/64 dev dummy1
140
141	$IP route add 203.0.113.0/24 \
142		nexthop via 198.51.100.2 dev dummy0 \
143		nexthop via 192.0.2.2 dev dummy1
144	$IP -6 route add 2001:db8:3::/64 \
145		nexthop via 2001:db8:1::2 dev dummy0 \
146		nexthop via 2001:db8:2::2 dev dummy1
147	set +e
148
149	echo "    Start point"
150	$IP route get fibmatch 203.0.113.1 &> /dev/null
151	log_test $? 0 "IPv4 fibmatch"
152	$IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null
153	log_test $? 0 "IPv6 fibmatch"
154
155	set -e
156	$IP link del dev dummy0
157	set +e
158
159	echo "    One nexthop device deleted"
160	$IP route get fibmatch 203.0.113.1 &> /dev/null
161	log_test $? 2 "IPv4 - multipath route removed on delete"
162
163	$IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null
164	# In IPv6 we do not flush the entire multipath route.
165	log_test $? 0 "IPv6 - multipath down to single path"
166
167	set -e
168	$IP link del dev dummy1
169	set +e
170
171	echo "    Second nexthop device deleted"
172	$IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null
173	log_test $? 2 "IPv6 - no route"
174
175	cleanup
176}
177
178fib_unreg_test()
179{
180	fib_unreg_unicast_test
181	fib_unreg_multipath_test
182}
183
184fib_down_unicast_test()
185{
186	echo
187	echo "Single path, admin down"
188
189	setup
190
191	echo "    Start point"
192	$IP route get fibmatch 198.51.100.2 &> /dev/null
193	log_test $? 0 "IPv4 fibmatch"
194	$IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
195	log_test $? 0 "IPv6 fibmatch"
196
197	set -e
198	$IP link set dev dummy0 down
199	set +e
200
201	echo "    Route deleted on down"
202	$IP route get fibmatch 198.51.100.2 &> /dev/null
203	log_test $? 2 "IPv4 fibmatch"
204	$IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
205	log_test $? 2 "IPv6 fibmatch"
206
207	cleanup
208}
209
210fib_down_multipath_test_do()
211{
212	local down_dev=$1
213	local up_dev=$2
214
215	$IP route get fibmatch 203.0.113.1 \
216		oif $down_dev &> /dev/null
217	log_test $? 2 "IPv4 fibmatch on down device"
218	$IP -6 route get fibmatch 2001:db8:3::1 \
219		oif $down_dev &> /dev/null
220	log_test $? 2 "IPv6 fibmatch on down device"
221
222	$IP route get fibmatch 203.0.113.1 \
223		oif $up_dev &> /dev/null
224	log_test $? 0 "IPv4 fibmatch on up device"
225	$IP -6 route get fibmatch 2001:db8:3::1 \
226		oif $up_dev &> /dev/null
227	log_test $? 0 "IPv6 fibmatch on up device"
228
229	$IP route get fibmatch 203.0.113.1 | \
230		grep $down_dev | grep -q "dead linkdown"
231	log_test $? 0 "IPv4 flags on down device"
232	$IP -6 route get fibmatch 2001:db8:3::1 | \
233		grep $down_dev | grep -q "dead linkdown"
234	log_test $? 0 "IPv6 flags on down device"
235
236	$IP route get fibmatch 203.0.113.1 | \
237		grep $up_dev | grep -q "dead linkdown"
238	log_test $? 1 "IPv4 flags on up device"
239	$IP -6 route get fibmatch 2001:db8:3::1 | \
240		grep $up_dev | grep -q "dead linkdown"
241	log_test $? 1 "IPv6 flags on up device"
242}
243
244fib_down_multipath_test()
245{
246	echo
247	echo "Admin down multipath"
248
249	setup
250
251	set -e
252	$IP link add dummy1 type dummy
253	$IP link set dev dummy1 up
254
255	$IP address add 192.0.2.1/24 dev dummy1
256	$IP -6 address add 2001:db8:2::1/64 dev dummy1
257
258	$IP route add 203.0.113.0/24 \
259		nexthop via 198.51.100.2 dev dummy0 \
260		nexthop via 192.0.2.2 dev dummy1
261	$IP -6 route add 2001:db8:3::/64 \
262		nexthop via 2001:db8:1::2 dev dummy0 \
263		nexthop via 2001:db8:2::2 dev dummy1
264	set +e
265
266	echo "    Verify start point"
267	$IP route get fibmatch 203.0.113.1 &> /dev/null
268	log_test $? 0 "IPv4 fibmatch"
269
270	$IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null
271	log_test $? 0 "IPv6 fibmatch"
272
273	set -e
274	$IP link set dev dummy0 down
275	set +e
276
277	echo "    One device down, one up"
278	fib_down_multipath_test_do "dummy0" "dummy1"
279
280	set -e
281	$IP link set dev dummy0 up
282	$IP link set dev dummy1 down
283	set +e
284
285	echo "    Other device down and up"
286	fib_down_multipath_test_do "dummy1" "dummy0"
287
288	set -e
289	$IP link set dev dummy0 down
290	set +e
291
292	echo "    Both devices down"
293	$IP route get fibmatch 203.0.113.1 &> /dev/null
294	log_test $? 2 "IPv4 fibmatch"
295	$IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null
296	log_test $? 2 "IPv6 fibmatch"
297
298	$IP link del dev dummy1
299	cleanup
300}
301
302fib_down_test()
303{
304	fib_down_unicast_test
305	fib_down_multipath_test
306}
307
308# Local routes should not be affected when carrier changes.
309fib_carrier_local_test()
310{
311	echo
312	echo "Local carrier tests - single path"
313
314	setup
315
316	set -e
317	$IP link set dev dummy0 carrier on
318	set +e
319
320	echo "    Start point"
321	$IP route get fibmatch 198.51.100.1 &> /dev/null
322	log_test $? 0 "IPv4 fibmatch"
323	$IP -6 route get fibmatch 2001:db8:1::1 &> /dev/null
324	log_test $? 0 "IPv6 fibmatch"
325
326	$IP route get fibmatch 198.51.100.1 | \
327		grep -q "linkdown"
328	log_test $? 1 "IPv4 - no linkdown flag"
329	$IP -6 route get fibmatch 2001:db8:1::1 | \
330		grep -q "linkdown"
331	log_test $? 1 "IPv6 - no linkdown flag"
332
333	set -e
334	$IP link set dev dummy0 carrier off
335	sleep 1
336	set +e
337
338	echo "    Carrier off on nexthop"
339	$IP route get fibmatch 198.51.100.1 &> /dev/null
340	log_test $? 0 "IPv4 fibmatch"
341	$IP -6 route get fibmatch 2001:db8:1::1 &> /dev/null
342	log_test $? 0 "IPv6 fibmatch"
343
344	$IP route get fibmatch 198.51.100.1 | \
345		grep -q "linkdown"
346	log_test $? 1 "IPv4 - linkdown flag set"
347	$IP -6 route get fibmatch 2001:db8:1::1 | \
348		grep -q "linkdown"
349	log_test $? 1 "IPv6 - linkdown flag set"
350
351	set -e
352	$IP address add 192.0.2.1/24 dev dummy0
353	$IP -6 address add 2001:db8:2::1/64 dev dummy0
354	set +e
355
356	echo "    Route to local address with carrier down"
357	$IP route get fibmatch 192.0.2.1 &> /dev/null
358	log_test $? 0 "IPv4 fibmatch"
359	$IP -6 route get fibmatch 2001:db8:2::1 &> /dev/null
360	log_test $? 0 "IPv6 fibmatch"
361
362	$IP route get fibmatch 192.0.2.1 | \
363		grep -q "linkdown"
364	log_test $? 1 "IPv4 linkdown flag set"
365	$IP -6 route get fibmatch 2001:db8:2::1 | \
366		grep -q "linkdown"
367	log_test $? 1 "IPv6 linkdown flag set"
368
369	cleanup
370}
371
372fib_carrier_unicast_test()
373{
374	ret=0
375
376	echo
377	echo "Single path route carrier test"
378
379	setup
380
381	set -e
382	$IP link set dev dummy0 carrier on
383	set +e
384
385	echo "    Start point"
386	$IP route get fibmatch 198.51.100.2 &> /dev/null
387	log_test $? 0 "IPv4 fibmatch"
388	$IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
389	log_test $? 0 "IPv6 fibmatch"
390
391	$IP route get fibmatch 198.51.100.2 | \
392		grep -q "linkdown"
393	log_test $? 1 "IPv4 no linkdown flag"
394	$IP -6 route get fibmatch 2001:db8:1::2 | \
395		grep -q "linkdown"
396	log_test $? 1 "IPv6 no linkdown flag"
397
398	set -e
399	$IP link set dev dummy0 carrier off
400	sleep 1
401	set +e
402
403	echo "    Carrier down"
404	$IP route get fibmatch 198.51.100.2 &> /dev/null
405	log_test $? 0 "IPv4 fibmatch"
406	$IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
407	log_test $? 0 "IPv6 fibmatch"
408
409	$IP route get fibmatch 198.51.100.2 | \
410		grep -q "linkdown"
411	log_test $? 0 "IPv4 linkdown flag set"
412	$IP -6 route get fibmatch 2001:db8:1::2 | \
413		grep -q "linkdown"
414	log_test $? 0 "IPv6 linkdown flag set"
415
416	set -e
417	$IP address add 192.0.2.1/24 dev dummy0
418	$IP -6 address add 2001:db8:2::1/64 dev dummy0
419	set +e
420
421	echo "    Second address added with carrier down"
422	$IP route get fibmatch 192.0.2.2 &> /dev/null
423	log_test $? 0 "IPv4 fibmatch"
424	$IP -6 route get fibmatch 2001:db8:2::2 &> /dev/null
425	log_test $? 0 "IPv6 fibmatch"
426
427	$IP route get fibmatch 192.0.2.2 | \
428		grep -q "linkdown"
429	log_test $? 0 "IPv4 linkdown flag set"
430	$IP -6 route get fibmatch 2001:db8:2::2 | \
431		grep -q "linkdown"
432	log_test $? 0 "IPv6 linkdown flag set"
433
434	cleanup
435}
436
437fib_carrier_test()
438{
439	fib_carrier_local_test
440	fib_carrier_unicast_test
441}
442
443fib_rp_filter_test()
444{
445	echo
446	echo "IPv4 rp_filter tests"
447
448	setup
449
450	set -e
451	ip netns add ns2
452	ip netns set ns2 auto
453
454	ip -netns ns2 link set dev lo up
455
456	$IP link add name veth1 type veth peer name veth2
457	$IP link set dev veth2 netns ns2
458	$IP address add 192.0.2.1/24 dev veth1
459	ip -netns ns2 address add 192.0.2.1/24 dev veth2
460	$IP link set dev veth1 up
461	ip -netns ns2 link set dev veth2 up
462
463	$IP link set dev lo address 52:54:00:6a:c7:5e
464	$IP link set dev veth1 address 52:54:00:6a:c7:5e
465	ip -netns ns2 link set dev lo address 52:54:00:6a:c7:5e
466	ip -netns ns2 link set dev veth2 address 52:54:00:6a:c7:5e
467
468	# 1. (ns2) redirect lo's egress to veth2's egress
469	ip netns exec ns2 tc qdisc add dev lo parent root handle 1: fq_codel
470	ip netns exec ns2 tc filter add dev lo parent 1: protocol arp basic \
471		action mirred egress redirect dev veth2
472	ip netns exec ns2 tc filter add dev lo parent 1: protocol ip basic \
473		action mirred egress redirect dev veth2
474
475	# 2. (ns1) redirect veth1's ingress to lo's ingress
476	$NS_EXEC tc qdisc add dev veth1 ingress
477	$NS_EXEC tc filter add dev veth1 ingress protocol arp basic \
478		action mirred ingress redirect dev lo
479	$NS_EXEC tc filter add dev veth1 ingress protocol ip basic \
480		action mirred ingress redirect dev lo
481
482	# 3. (ns1) redirect lo's egress to veth1's egress
483	$NS_EXEC tc qdisc add dev lo parent root handle 1: fq_codel
484	$NS_EXEC tc filter add dev lo parent 1: protocol arp basic \
485		action mirred egress redirect dev veth1
486	$NS_EXEC tc filter add dev lo parent 1: protocol ip basic \
487		action mirred egress redirect dev veth1
488
489	# 4. (ns2) redirect veth2's ingress to lo's ingress
490	ip netns exec ns2 tc qdisc add dev veth2 ingress
491	ip netns exec ns2 tc filter add dev veth2 ingress protocol arp basic \
492		action mirred ingress redirect dev lo
493	ip netns exec ns2 tc filter add dev veth2 ingress protocol ip basic \
494		action mirred ingress redirect dev lo
495
496	$NS_EXEC sysctl -qw net.ipv4.conf.all.rp_filter=1
497	$NS_EXEC sysctl -qw net.ipv4.conf.all.accept_local=1
498	$NS_EXEC sysctl -qw net.ipv4.conf.all.route_localnet=1
499	ip netns exec ns2 sysctl -qw net.ipv4.conf.all.rp_filter=1
500	ip netns exec ns2 sysctl -qw net.ipv4.conf.all.accept_local=1
501	ip netns exec ns2 sysctl -qw net.ipv4.conf.all.route_localnet=1
502	set +e
503
504	run_cmd "ip netns exec ns2 ping -w1 -c1 192.0.2.1"
505	log_test $? 0 "rp_filter passes local packets"
506
507	run_cmd "ip netns exec ns2 ping -w1 -c1 127.0.0.1"
508	log_test $? 0 "rp_filter passes loopback packets"
509
510	cleanup
511}
512
513################################################################################
514# Tests on nexthop spec
515
516# run 'ip route add' with given spec
517add_rt()
518{
519	local desc="$1"
520	local erc=$2
521	local vrf=$3
522	local pfx=$4
523	local gw=$5
524	local dev=$6
525	local cmd out rc
526
527	[ "$vrf" = "-" ] && vrf="default"
528	[ -n "$gw" ] && gw="via $gw"
529	[ -n "$dev" ] && dev="dev $dev"
530
531	cmd="$IP route add vrf $vrf $pfx $gw $dev"
532	if [ "$VERBOSE" = "1" ]; then
533		printf "\n    COMMAND: $cmd\n"
534	fi
535
536	out=$(eval $cmd 2>&1)
537	rc=$?
538	if [ "$VERBOSE" = "1" -a -n "$out" ]; then
539		echo "    $out"
540	fi
541	log_test $rc $erc "$desc"
542}
543
544fib4_nexthop()
545{
546	echo
547	echo "IPv4 nexthop tests"
548
549	echo "<<< write me >>>"
550}
551
552fib6_nexthop()
553{
554	local lldummy=$(get_linklocal dummy0)
555	local llv1=$(get_linklocal dummy0)
556
557	if [ -z "$lldummy" ]; then
558		echo "Failed to get linklocal address for dummy0"
559		return 1
560	fi
561	if [ -z "$llv1" ]; then
562		echo "Failed to get linklocal address for veth1"
563		return 1
564	fi
565
566	echo
567	echo "IPv6 nexthop tests"
568
569	add_rt "Directly connected nexthop, unicast address" 0 \
570		- 2001:db8:101::/64 2001:db8:1::2
571	add_rt "Directly connected nexthop, unicast address with device" 0 \
572		- 2001:db8:102::/64 2001:db8:1::2 "dummy0"
573	add_rt "Gateway is linklocal address" 0 \
574		- 2001:db8:103::1/64 $llv1 "veth0"
575
576	# fails because LL address requires a device
577	add_rt "Gateway is linklocal address, no device" 2 \
578		- 2001:db8:104::1/64 $llv1
579
580	# local address can not be a gateway
581	add_rt "Gateway can not be local unicast address" 2 \
582		- 2001:db8:105::/64 2001:db8:1::1
583	add_rt "Gateway can not be local unicast address, with device" 2 \
584		- 2001:db8:106::/64 2001:db8:1::1 "dummy0"
585	add_rt "Gateway can not be a local linklocal address" 2 \
586		- 2001:db8:107::1/64 $lldummy "dummy0"
587
588	# VRF tests
589	add_rt "Gateway can be local address in a VRF" 0 \
590		- 2001:db8:108::/64 2001:db8:51::2
591	add_rt "Gateway can be local address in a VRF, with device" 0 \
592		- 2001:db8:109::/64 2001:db8:51::2 "veth0"
593	add_rt "Gateway can be local linklocal address in a VRF" 0 \
594		- 2001:db8:110::1/64 $llv1 "veth0"
595
596	add_rt "Redirect to VRF lookup" 0 \
597		- 2001:db8:111::/64 "" "red"
598
599	add_rt "VRF route, gateway can be local address in default VRF" 0 \
600		red 2001:db8:112::/64 2001:db8:51::1
601
602	# local address in same VRF fails
603	add_rt "VRF route, gateway can not be a local address" 2 \
604		red 2001:db8:113::1/64 2001:db8:2::1
605	add_rt "VRF route, gateway can not be a local addr with device" 2 \
606		red 2001:db8:114::1/64 2001:db8:2::1 "dummy1"
607}
608
609# Default VRF:
610#   dummy0 - 198.51.100.1/24 2001:db8:1::1/64
611#   veth0  - 192.0.2.1/24    2001:db8:51::1/64
612#
613# VRF red:
614#   dummy1 - 192.168.2.1/24 2001:db8:2::1/64
615#   veth1  - 192.0.2.2/24   2001:db8:51::2/64
616#
617#  [ dummy0   veth0 ]--[ veth1   dummy1 ]
618
619fib_nexthop_test()
620{
621	setup
622
623	set -e
624
625	$IP -4 rule add pref 32765 table local
626	$IP -4 rule del pref 0
627	$IP -6 rule add pref 32765 table local
628	$IP -6 rule del pref 0
629
630	$IP link add red type vrf table 1
631	$IP link set red up
632	$IP -4 route add vrf red unreachable default metric 4278198272
633	$IP -6 route add vrf red unreachable default metric 4278198272
634
635	$IP link add veth0 type veth peer name veth1
636	$IP link set dev veth0 up
637	$IP address add 192.0.2.1/24 dev veth0
638	$IP -6 address add 2001:db8:51::1/64 dev veth0
639
640	$IP link set dev veth1 vrf red up
641	$IP address add 192.0.2.2/24 dev veth1
642	$IP -6 address add 2001:db8:51::2/64 dev veth1
643
644	$IP link add dummy1 type dummy
645	$IP link set dev dummy1 vrf red up
646	$IP address add 192.168.2.1/24 dev dummy1
647	$IP -6 address add 2001:db8:2::1/64 dev dummy1
648	set +e
649
650	sleep 1
651	fib4_nexthop
652	fib6_nexthop
653
654	(
655	$IP link del dev dummy1
656	$IP link del veth0
657	$IP link del red
658	) 2>/dev/null
659	cleanup
660}
661
662fib6_notify_test()
663{
664	setup
665
666	echo
667	echo "Fib6 info length calculation in route notify test"
668	set -e
669
670	for i in 10 20 30 40 50 60 70;
671	do
672		$IP link add dummy_$i type dummy
673		$IP link set dev dummy_$i up
674		$IP -6 address add 2001:$i::1/64 dev dummy_$i
675	done
676
677	$NS_EXEC ip monitor route &> errors.txt &
678	sleep 2
679
680	$IP -6 route add 2001::/64 \
681                nexthop via 2001:10::2 dev dummy_10 \
682                nexthop encap ip6 dst 2002::20 via 2001:20::2 dev dummy_20 \
683                nexthop encap ip6 dst 2002::30 via 2001:30::2 dev dummy_30 \
684                nexthop encap ip6 dst 2002::40 via 2001:40::2 dev dummy_40 \
685                nexthop encap ip6 dst 2002::50 via 2001:50::2 dev dummy_50 \
686                nexthop encap ip6 dst 2002::60 via 2001:60::2 dev dummy_60 \
687                nexthop encap ip6 dst 2002::70 via 2001:70::2 dev dummy_70
688
689	set +e
690
691	err=`cat errors.txt |grep "Message too long"`
692	if [ -z "$err" ];then
693		ret=0
694	else
695		ret=1
696	fi
697
698	log_test $ret 0 "ipv6 route add notify"
699
700	{ kill %% && wait %%; } 2>/dev/null
701
702	#rm errors.txt
703
704	cleanup &> /dev/null
705}
706
707
708fib_notify_test()
709{
710	setup
711
712	echo
713	echo "Fib4 info length calculation in route notify test"
714
715	set -e
716
717	for i in 10 20 30 40 50 60 70;
718	do
719		$IP link add dummy_$i type dummy
720		$IP link set dev dummy_$i up
721		$IP address add 20.20.$i.2/24 dev dummy_$i
722	done
723
724	$NS_EXEC ip monitor route &> errors.txt &
725	sleep 2
726
727        $IP route add 10.0.0.0/24 \
728                nexthop via 20.20.10.1 dev dummy_10 \
729                nexthop encap ip dst 192.168.10.20 via 20.20.20.1 dev dummy_20 \
730                nexthop encap ip dst 192.168.10.30 via 20.20.30.1 dev dummy_30 \
731                nexthop encap ip dst 192.168.10.40 via 20.20.40.1 dev dummy_40 \
732                nexthop encap ip dst 192.168.10.50 via 20.20.50.1 dev dummy_50 \
733                nexthop encap ip dst 192.168.10.60 via 20.20.60.1 dev dummy_60 \
734                nexthop encap ip dst 192.168.10.70 via 20.20.70.1 dev dummy_70
735
736	set +e
737
738	err=`cat errors.txt |grep "Message too long"`
739	if [ -z "$err" ];then
740		ret=0
741	else
742		ret=1
743	fi
744
745	log_test $ret 0 "ipv4 route add notify"
746
747	{ kill %% && wait %%; } 2>/dev/null
748
749	rm  errors.txt
750
751	cleanup &> /dev/null
752}
753
754fib6_gc_test()
755{
756	setup
757
758	echo
759	echo "Fib6 garbage collection test"
760	set -e
761
762	EXPIRE=3
763
764	# Check expiration of routes every $EXPIRE seconds (GC)
765	$NS_EXEC sysctl -wq net.ipv6.route.gc_interval=$EXPIRE
766
767	$IP link add dummy_10 type dummy
768	$IP link set dev dummy_10 up
769	$IP -6 address add 2001:10::1/64 dev dummy_10
770
771	$NS_EXEC sysctl -wq net.ipv6.route.flush=1
772
773	# Temporary routes
774	for i in $(seq 1 1000); do
775	    # Expire route after $EXPIRE seconds
776	    $IP -6 route add 2001:20::$i \
777		via 2001:10::2 dev dummy_10 expires $EXPIRE
778	done
779	sleep $(($EXPIRE * 2))
780	N_EXP_SLEEP=$($IP -6 route list |grep expires|wc -l)
781	if [ $N_EXP_SLEEP -ne 0 ]; then
782	    echo "FAIL: expected 0 routes with expires, got $N_EXP_SLEEP"
783	    ret=1
784	else
785	    ret=0
786	fi
787
788	# Permanent routes
789	for i in $(seq 1 5000); do
790	    $IP -6 route add 2001:30::$i \
791		via 2001:10::2 dev dummy_10
792	done
793	# Temporary routes
794	for i in $(seq 1 1000); do
795	    # Expire route after $EXPIRE seconds
796	    $IP -6 route add 2001:20::$i \
797		via 2001:10::2 dev dummy_10 expires $EXPIRE
798	done
799	sleep $(($EXPIRE * 2))
800	N_EXP_SLEEP=$($IP -6 route list |grep expires|wc -l)
801	if [ $N_EXP_SLEEP -ne 0 ]; then
802	    echo "FAIL: expected 0 routes with expires," \
803		 "got $N_EXP_SLEEP (5000 permanent routes)"
804	    ret=1
805	else
806	    ret=0
807	fi
808
809	set +e
810
811	log_test $ret 0 "ipv6 route garbage collection"
812
813	cleanup &> /dev/null
814}
815
816fib_suppress_test()
817{
818	echo
819	echo "FIB rule with suppress_prefixlength"
820	setup
821
822	$IP link add dummy1 type dummy
823	$IP link set dummy1 up
824	$IP -6 route add default dev dummy1
825	$IP -6 rule add table main suppress_prefixlength 0
826	ping -f -c 1000 -W 1 1234::1 >/dev/null 2>&1
827	$IP -6 rule del table main suppress_prefixlength 0
828	$IP link del dummy1
829
830	# If we got here without crashing, we're good.
831	log_test 0 0 "FIB rule suppress test"
832
833	cleanup
834}
835
836################################################################################
837# Tests on route add and replace
838
839run_cmd()
840{
841	local cmd="$1"
842	local out
843	local stderr="2>/dev/null"
844
845	if [ "$VERBOSE" = "1" ]; then
846		printf "    COMMAND: $cmd\n"
847		stderr=
848	fi
849
850	out=$(eval $cmd $stderr)
851	rc=$?
852	if [ "$VERBOSE" = "1" -a -n "$out" ]; then
853		echo "    $out"
854	fi
855
856	[ "$VERBOSE" = "1" ] && echo
857
858	return $rc
859}
860
861check_expected()
862{
863	local out="$1"
864	local expected="$2"
865	local rc=0
866
867	[ "${out}" = "${expected}" ] && return 0
868
869	if [ -z "${out}" ]; then
870		if [ "$VERBOSE" = "1" ]; then
871			printf "\nNo route entry found\n"
872			printf "Expected:\n"
873			printf "    ${expected}\n"
874		fi
875		return 1
876	fi
877
878	# tricky way to convert output to 1-line without ip's
879	# messy '\'; this drops all extra white space
880	out=$(echo ${out})
881	if [ "${out}" != "${expected}" ]; then
882		rc=1
883		if [ "${VERBOSE}" = "1" ]; then
884			printf "    Unexpected route entry. Have:\n"
885			printf "        ${out}\n"
886			printf "    Expected:\n"
887			printf "        ${expected}\n\n"
888		fi
889	fi
890
891	return $rc
892}
893
894# add route for a prefix, flushing any existing routes first
895# expected to be the first step of a test
896add_route6()
897{
898	local pfx="$1"
899	local nh="$2"
900	local out
901
902	if [ "$VERBOSE" = "1" ]; then
903		echo
904		echo "    ##################################################"
905		echo
906	fi
907
908	run_cmd "$IP -6 ro flush ${pfx}"
909	[ $? -ne 0 ] && exit 1
910
911	out=$($IP -6 ro ls match ${pfx})
912	if [ -n "$out" ]; then
913		echo "Failed to flush routes for prefix used for tests."
914		exit 1
915	fi
916
917	run_cmd "$IP -6 ro add ${pfx} ${nh}"
918	if [ $? -ne 0 ]; then
919		echo "Failed to add initial route for test."
920		exit 1
921	fi
922}
923
924# add initial route - used in replace route tests
925add_initial_route6()
926{
927	add_route6 "2001:db8:104::/64" "$1"
928}
929
930check_route6()
931{
932	local pfx
933	local expected="$1"
934	local out
935	local rc=0
936
937	set -- $expected
938	pfx=$1
939
940	out=$($IP -6 ro ls match ${pfx} | sed -e 's/ pref medium//')
941	check_expected "${out}" "${expected}"
942}
943
944route_cleanup()
945{
946	$IP li del red 2>/dev/null
947	$IP li del dummy1 2>/dev/null
948	$IP li del veth1 2>/dev/null
949	$IP li del veth3 2>/dev/null
950
951	cleanup &> /dev/null
952}
953
954route_setup()
955{
956	route_cleanup
957	setup
958
959	[ "${VERBOSE}" = "1" ] && set -x
960	set -e
961
962	ip netns add ns2
963	ip netns set ns2 auto
964	ip -netns ns2 link set dev lo up
965	ip netns exec ns2 sysctl -qw net.ipv4.ip_forward=1
966	ip netns exec ns2 sysctl -qw net.ipv6.conf.all.forwarding=1
967
968	$IP li add veth1 type veth peer name veth2
969	$IP li add veth3 type veth peer name veth4
970
971	$IP li set veth1 up
972	$IP li set veth3 up
973	$IP li set veth2 netns ns2 up
974	$IP li set veth4 netns ns2 up
975	ip -netns ns2 li add dummy1 type dummy
976	ip -netns ns2 li set dummy1 up
977
978	$IP -6 addr add 2001:db8:101::1/64 dev veth1 nodad
979	$IP -6 addr add 2001:db8:103::1/64 dev veth3 nodad
980	$IP addr add 172.16.101.1/24 dev veth1
981	$IP addr add 172.16.103.1/24 dev veth3
982
983	ip -netns ns2 -6 addr add 2001:db8:101::2/64 dev veth2 nodad
984	ip -netns ns2 -6 addr add 2001:db8:103::2/64 dev veth4 nodad
985	ip -netns ns2 -6 addr add 2001:db8:104::1/64 dev dummy1 nodad
986
987	ip -netns ns2 addr add 172.16.101.2/24 dev veth2
988	ip -netns ns2 addr add 172.16.103.2/24 dev veth4
989	ip -netns ns2 addr add 172.16.104.1/24 dev dummy1
990
991	set +e
992}
993
994# assumption is that basic add of a single path route works
995# otherwise just adding an address on an interface is broken
996ipv6_rt_add()
997{
998	local rc
999
1000	echo
1001	echo "IPv6 route add / append tests"
1002
1003	# route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
1004	add_route6 "2001:db8:104::/64" "via 2001:db8:101::2"
1005	run_cmd "$IP -6 ro add 2001:db8:104::/64 via 2001:db8:103::2"
1006	log_test $? 2 "Attempt to add duplicate route - gw"
1007
1008	# route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
1009	add_route6 "2001:db8:104::/64" "via 2001:db8:101::2"
1010	run_cmd "$IP -6 ro add 2001:db8:104::/64 dev veth3"
1011	log_test $? 2 "Attempt to add duplicate route - dev only"
1012
1013	# route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
1014	add_route6 "2001:db8:104::/64" "via 2001:db8:101::2"
1015	run_cmd "$IP -6 ro add unreachable 2001:db8:104::/64"
1016	log_test $? 2 "Attempt to add duplicate route - reject route"
1017
1018	# route append with same prefix adds a new route
1019	# - iproute2 sets NLM_F_CREATE | NLM_F_APPEND
1020	add_route6 "2001:db8:104::/64" "via 2001:db8:101::2"
1021	run_cmd "$IP -6 ro append 2001:db8:104::/64 via 2001:db8:103::2"
1022	check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
1023	log_test $? 0 "Append nexthop to existing route - gw"
1024
1025	# insert mpath directly
1026	add_route6 "2001:db8:104::/64" "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1027	check_route6  "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
1028	log_test $? 0 "Add multipath route"
1029
1030	add_route6 "2001:db8:104::/64" "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1031	run_cmd "$IP -6 ro add 2001:db8:104::/64 nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1032	log_test $? 2 "Attempt to add duplicate multipath route"
1033
1034	# insert of a second route without append but different metric
1035	add_route6 "2001:db8:104::/64" "via 2001:db8:101::2"
1036	run_cmd "$IP -6 ro add 2001:db8:104::/64 via 2001:db8:103::2 metric 512"
1037	rc=$?
1038	if [ $rc -eq 0 ]; then
1039		run_cmd "$IP -6 ro add 2001:db8:104::/64 via 2001:db8:103::3 metric 256"
1040		rc=$?
1041	fi
1042	log_test $rc 0 "Route add with different metrics"
1043
1044	run_cmd "$IP -6 ro del 2001:db8:104::/64 metric 512"
1045	rc=$?
1046	if [ $rc -eq 0 ]; then
1047		check_route6 "2001:db8:104::/64 via 2001:db8:103::3 dev veth3 metric 256 2001:db8:104::/64 via 2001:db8:101::2 dev veth1 metric 1024"
1048		rc=$?
1049	fi
1050	log_test $rc 0 "Route delete with metric"
1051}
1052
1053ipv6_rt_replace_single()
1054{
1055	# single path with single path
1056	#
1057	add_initial_route6 "via 2001:db8:101::2"
1058	run_cmd "$IP -6 ro replace 2001:db8:104::/64 via 2001:db8:103::2"
1059	check_route6 "2001:db8:104::/64 via 2001:db8:103::2 dev veth3 metric 1024"
1060	log_test $? 0 "Single path with single path"
1061
1062	# single path with multipath
1063	#
1064	add_initial_route6 "nexthop via 2001:db8:101::2"
1065	run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:103::2"
1066	check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::3 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
1067	log_test $? 0 "Single path with multipath"
1068
1069	# single path with single path using MULTIPATH attribute
1070	#
1071	add_initial_route6 "via 2001:db8:101::2"
1072	run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:103::2"
1073	check_route6 "2001:db8:104::/64 via 2001:db8:103::2 dev veth3 metric 1024"
1074	log_test $? 0 "Single path with single path via multipath attribute"
1075
1076	# route replace fails - invalid nexthop
1077	add_initial_route6 "via 2001:db8:101::2"
1078	run_cmd "$IP -6 ro replace 2001:db8:104::/64 via 2001:db8:104::2"
1079	if [ $? -eq 0 ]; then
1080		# previous command is expected to fail so if it returns 0
1081		# that means the test failed.
1082		log_test 0 1 "Invalid nexthop"
1083	else
1084		check_route6 "2001:db8:104::/64 via 2001:db8:101::2 dev veth1 metric 1024"
1085		log_test $? 0 "Invalid nexthop"
1086	fi
1087
1088	# replace non-existent route
1089	# - note use of change versus replace since ip adds NLM_F_CREATE
1090	#   for replace
1091	add_initial_route6 "via 2001:db8:101::2"
1092	run_cmd "$IP -6 ro change 2001:db8:105::/64 via 2001:db8:101::2"
1093	log_test $? 2 "Single path - replace of non-existent route"
1094}
1095
1096ipv6_rt_replace_mpath()
1097{
1098	# multipath with multipath
1099	add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1100	run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:103::3"
1101	check_route6  "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::3 dev veth1 weight 1 nexthop via 2001:db8:103::3 dev veth3 weight 1"
1102	log_test $? 0 "Multipath with multipath"
1103
1104	# multipath with single
1105	add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1106	run_cmd "$IP -6 ro replace 2001:db8:104::/64 via 2001:db8:101::3"
1107	check_route6  "2001:db8:104::/64 via 2001:db8:101::3 dev veth1 metric 1024"
1108	log_test $? 0 "Multipath with single path"
1109
1110	# multipath with single
1111	add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1112	run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3"
1113	check_route6 "2001:db8:104::/64 via 2001:db8:101::3 dev veth1 metric 1024"
1114	log_test $? 0 "Multipath with single path via multipath attribute"
1115
1116	# multipath with dev-only
1117	add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1118	run_cmd "$IP -6 ro replace 2001:db8:104::/64 dev veth1"
1119	check_route6 "2001:db8:104::/64 dev veth1 metric 1024"
1120	log_test $? 0 "Multipath with dev-only"
1121
1122	# route replace fails - invalid nexthop 1
1123	add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1124	run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:111::3 nexthop via 2001:db8:103::3"
1125	check_route6  "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
1126	log_test $? 0 "Multipath - invalid first nexthop"
1127
1128	# route replace fails - invalid nexthop 2
1129	add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1130	run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:113::3"
1131	check_route6  "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
1132	log_test $? 0 "Multipath - invalid second nexthop"
1133
1134	# multipath non-existent route
1135	add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1136	run_cmd "$IP -6 ro change 2001:db8:105::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:103::3"
1137	log_test $? 2 "Multipath - replace of non-existent route"
1138}
1139
1140ipv6_rt_replace()
1141{
1142	echo
1143	echo "IPv6 route replace tests"
1144
1145	ipv6_rt_replace_single
1146	ipv6_rt_replace_mpath
1147}
1148
1149ipv6_rt_dsfield()
1150{
1151	echo
1152	echo "IPv6 route with dsfield tests"
1153
1154	run_cmd "$IP -6 route flush 2001:db8:102::/64"
1155
1156	# IPv6 doesn't support routing based on dsfield
1157	run_cmd "$IP -6 route add 2001:db8:102::/64 dsfield 0x04 via 2001:db8:101::2"
1158	log_test $? 2 "Reject route with dsfield"
1159}
1160
1161ipv6_route_test()
1162{
1163	route_setup
1164
1165	ipv6_rt_add
1166	ipv6_rt_replace
1167	ipv6_rt_dsfield
1168
1169	route_cleanup
1170}
1171
1172ip_addr_metric_check()
1173{
1174	ip addr help 2>&1 | grep -q metric
1175	if [ $? -ne 0 ]; then
1176		echo "iproute2 command does not support metric for addresses. Skipping test"
1177		return 1
1178	fi
1179
1180	return 0
1181}
1182
1183ipv6_addr_metric_test()
1184{
1185	local rc
1186
1187	echo
1188	echo "IPv6 prefix route tests"
1189
1190	ip_addr_metric_check || return 1
1191
1192	setup
1193
1194	set -e
1195	$IP li add dummy1 type dummy
1196	$IP li add dummy2 type dummy
1197	$IP li set dummy1 up
1198	$IP li set dummy2 up
1199
1200	# default entry is metric 256
1201	run_cmd "$IP -6 addr add dev dummy1 2001:db8:104::1/64"
1202	run_cmd "$IP -6 addr add dev dummy2 2001:db8:104::2/64"
1203	set +e
1204
1205	check_route6 "2001:db8:104::/64 dev dummy1 proto kernel metric 256 2001:db8:104::/64 dev dummy2 proto kernel metric 256"
1206	log_test $? 0 "Default metric"
1207
1208	set -e
1209	run_cmd "$IP -6 addr flush dev dummy1"
1210	run_cmd "$IP -6 addr add dev dummy1 2001:db8:104::1/64 metric 257"
1211	set +e
1212
1213	check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 256 2001:db8:104::/64 dev dummy1 proto kernel metric 257"
1214	log_test $? 0 "User specified metric on first device"
1215
1216	set -e
1217	run_cmd "$IP -6 addr flush dev dummy2"
1218	run_cmd "$IP -6 addr add dev dummy2 2001:db8:104::2/64 metric 258"
1219	set +e
1220
1221	check_route6 "2001:db8:104::/64 dev dummy1 proto kernel metric 257 2001:db8:104::/64 dev dummy2 proto kernel metric 258"
1222	log_test $? 0 "User specified metric on second device"
1223
1224	run_cmd "$IP -6 addr del dev dummy1 2001:db8:104::1/64 metric 257"
1225	rc=$?
1226	if [ $rc -eq 0 ]; then
1227		check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 258"
1228		rc=$?
1229	fi
1230	log_test $rc 0 "Delete of address on first device"
1231
1232	run_cmd "$IP -6 addr change dev dummy2 2001:db8:104::2/64 metric 259"
1233	rc=$?
1234	if [ $rc -eq 0 ]; then
1235		check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 259"
1236		rc=$?
1237	fi
1238	log_test $rc 0 "Modify metric of address"
1239
1240	# verify prefix route removed on down
1241	run_cmd "ip netns exec ns1 sysctl -qw net.ipv6.conf.all.keep_addr_on_down=1"
1242	run_cmd "$IP li set dev dummy2 down"
1243	rc=$?
1244	if [ $rc -eq 0 ]; then
1245		out=$($IP -6 ro ls match 2001:db8:104::/64)
1246		check_expected "${out}" ""
1247		rc=$?
1248	fi
1249	log_test $rc 0 "Prefix route removed on link down"
1250
1251	# verify prefix route re-inserted with assigned metric
1252	run_cmd "$IP li set dev dummy2 up"
1253	rc=$?
1254	if [ $rc -eq 0 ]; then
1255		check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 259"
1256		rc=$?
1257	fi
1258	log_test $rc 0 "Prefix route with metric on link up"
1259
1260	# verify peer metric added correctly
1261	set -e
1262	run_cmd "$IP -6 addr flush dev dummy2"
1263	run_cmd "$IP -6 addr add dev dummy2 2001:db8:104::1 peer 2001:db8:104::2 metric 260"
1264	set +e
1265
1266	check_route6 "2001:db8:104::1 dev dummy2 proto kernel metric 260"
1267	log_test $? 0 "Set metric with peer route on local side"
1268	check_route6 "2001:db8:104::2 dev dummy2 proto kernel metric 260"
1269	log_test $? 0 "Set metric with peer route on peer side"
1270
1271	set -e
1272	run_cmd "$IP -6 addr change dev dummy2 2001:db8:104::1 peer 2001:db8:104::3 metric 261"
1273	set +e
1274
1275	check_route6 "2001:db8:104::1 dev dummy2 proto kernel metric 261"
1276	log_test $? 0 "Modify metric and peer address on local side"
1277	check_route6 "2001:db8:104::3 dev dummy2 proto kernel metric 261"
1278	log_test $? 0 "Modify metric and peer address on peer side"
1279
1280	$IP li del dummy1
1281	$IP li del dummy2
1282	cleanup
1283}
1284
1285ipv6_route_metrics_test()
1286{
1287	local rc
1288
1289	echo
1290	echo "IPv6 routes with metrics"
1291
1292	route_setup
1293
1294	#
1295	# single path with metrics
1296	#
1297	run_cmd "$IP -6 ro add 2001:db8:111::/64 via 2001:db8:101::2 mtu 1400"
1298	rc=$?
1299	if [ $rc -eq 0 ]; then
1300		check_route6  "2001:db8:111::/64 via 2001:db8:101::2 dev veth1 metric 1024 mtu 1400"
1301		rc=$?
1302	fi
1303	log_test $rc 0 "Single path route with mtu metric"
1304
1305
1306	#
1307	# multipath via separate routes with metrics
1308	#
1309	run_cmd "$IP -6 ro add 2001:db8:112::/64 via 2001:db8:101::2 mtu 1400"
1310	run_cmd "$IP -6 ro append 2001:db8:112::/64 via 2001:db8:103::2"
1311	rc=$?
1312	if [ $rc -eq 0 ]; then
1313		check_route6 "2001:db8:112::/64 metric 1024 mtu 1400 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
1314		rc=$?
1315	fi
1316	log_test $rc 0 "Multipath route via 2 single routes with mtu metric on first"
1317
1318	# second route is coalesced to first to make a multipath route.
1319	# MTU of the second path is hidden from display!
1320	run_cmd "$IP -6 ro add 2001:db8:113::/64 via 2001:db8:101::2"
1321	run_cmd "$IP -6 ro append 2001:db8:113::/64 via 2001:db8:103::2 mtu 1400"
1322	rc=$?
1323	if [ $rc -eq 0 ]; then
1324		check_route6 "2001:db8:113::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
1325		rc=$?
1326	fi
1327	log_test $rc 0 "Multipath route via 2 single routes with mtu metric on 2nd"
1328
1329	run_cmd "$IP -6 ro del 2001:db8:113::/64 via 2001:db8:101::2"
1330	if [ $? -eq 0 ]; then
1331		check_route6 "2001:db8:113::/64 via 2001:db8:103::2 dev veth3 metric 1024 mtu 1400"
1332		log_test $? 0 "    MTU of second leg"
1333	fi
1334
1335	#
1336	# multipath with metrics
1337	#
1338	run_cmd "$IP -6 ro add 2001:db8:115::/64 mtu 1400 nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1339	rc=$?
1340	if [ $rc -eq 0 ]; then
1341		check_route6  "2001:db8:115::/64 metric 1024 mtu 1400 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
1342		rc=$?
1343	fi
1344	log_test $rc 0 "Multipath route with mtu metric"
1345
1346	$IP -6 ro add 2001:db8:104::/64 via 2001:db8:101::2 mtu 1300
1347	run_cmd "ip netns exec ns1 ${ping6} -w1 -c1 -s 1500 2001:db8:104::1"
1348	log_test $? 0 "Using route with mtu metric"
1349
1350	run_cmd "$IP -6 ro add 2001:db8:114::/64 via  2001:db8:101::2  congctl lock foo"
1351	log_test $? 2 "Invalid metric (fails metric_convert)"
1352
1353	route_cleanup
1354}
1355
1356# add route for a prefix, flushing any existing routes first
1357# expected to be the first step of a test
1358add_route()
1359{
1360	local pfx="$1"
1361	local nh="$2"
1362	local out
1363
1364	if [ "$VERBOSE" = "1" ]; then
1365		echo
1366		echo "    ##################################################"
1367		echo
1368	fi
1369
1370	run_cmd "$IP ro flush ${pfx}"
1371	[ $? -ne 0 ] && exit 1
1372
1373	out=$($IP ro ls match ${pfx})
1374	if [ -n "$out" ]; then
1375		echo "Failed to flush routes for prefix used for tests."
1376		exit 1
1377	fi
1378
1379	run_cmd "$IP ro add ${pfx} ${nh}"
1380	if [ $? -ne 0 ]; then
1381		echo "Failed to add initial route for test."
1382		exit 1
1383	fi
1384}
1385
1386# add initial route - used in replace route tests
1387add_initial_route()
1388{
1389	add_route "172.16.104.0/24" "$1"
1390}
1391
1392check_route()
1393{
1394	local pfx
1395	local expected="$1"
1396	local out
1397
1398	set -- $expected
1399	pfx=$1
1400	[ "${pfx}" = "unreachable" ] && pfx=$2
1401
1402	out=$($IP ro ls match ${pfx})
1403	check_expected "${out}" "${expected}"
1404}
1405
1406# assumption is that basic add of a single path route works
1407# otherwise just adding an address on an interface is broken
1408ipv4_rt_add()
1409{
1410	local rc
1411
1412	echo
1413	echo "IPv4 route add / append tests"
1414
1415	# route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
1416	add_route "172.16.104.0/24" "via 172.16.101.2"
1417	run_cmd "$IP ro add 172.16.104.0/24 via 172.16.103.2"
1418	log_test $? 2 "Attempt to add duplicate route - gw"
1419
1420	# route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
1421	add_route "172.16.104.0/24" "via 172.16.101.2"
1422	run_cmd "$IP ro add 172.16.104.0/24 dev veth3"
1423	log_test $? 2 "Attempt to add duplicate route - dev only"
1424
1425	# route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
1426	add_route "172.16.104.0/24" "via 172.16.101.2"
1427	run_cmd "$IP ro add unreachable 172.16.104.0/24"
1428	log_test $? 2 "Attempt to add duplicate route - reject route"
1429
1430	# iproute2 prepend only sets NLM_F_CREATE
1431	# - adds a new route; does NOT convert existing route to ECMP
1432	add_route "172.16.104.0/24" "via 172.16.101.2"
1433	run_cmd "$IP ro prepend 172.16.104.0/24 via 172.16.103.2"
1434	check_route "172.16.104.0/24 via 172.16.103.2 dev veth3 172.16.104.0/24 via 172.16.101.2 dev veth1"
1435	log_test $? 0 "Add new nexthop for existing prefix"
1436
1437	# route append with same prefix adds a new route
1438	# - iproute2 sets NLM_F_CREATE | NLM_F_APPEND
1439	add_route "172.16.104.0/24" "via 172.16.101.2"
1440	run_cmd "$IP ro append 172.16.104.0/24 via 172.16.103.2"
1441	check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 172.16.104.0/24 via 172.16.103.2 dev veth3"
1442	log_test $? 0 "Append nexthop to existing route - gw"
1443
1444	add_route "172.16.104.0/24" "via 172.16.101.2"
1445	run_cmd "$IP ro append 172.16.104.0/24 dev veth3"
1446	check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 172.16.104.0/24 dev veth3 scope link"
1447	log_test $? 0 "Append nexthop to existing route - dev only"
1448
1449	add_route "172.16.104.0/24" "via 172.16.101.2"
1450	run_cmd "$IP ro append unreachable 172.16.104.0/24"
1451	check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 unreachable 172.16.104.0/24"
1452	log_test $? 0 "Append nexthop to existing route - reject route"
1453
1454	run_cmd "$IP ro flush 172.16.104.0/24"
1455	run_cmd "$IP ro add unreachable 172.16.104.0/24"
1456	run_cmd "$IP ro append 172.16.104.0/24 via 172.16.103.2"
1457	check_route "unreachable 172.16.104.0/24 172.16.104.0/24 via 172.16.103.2 dev veth3"
1458	log_test $? 0 "Append nexthop to existing reject route - gw"
1459
1460	run_cmd "$IP ro flush 172.16.104.0/24"
1461	run_cmd "$IP ro add unreachable 172.16.104.0/24"
1462	run_cmd "$IP ro append 172.16.104.0/24 dev veth3"
1463	check_route "unreachable 172.16.104.0/24 172.16.104.0/24 dev veth3 scope link"
1464	log_test $? 0 "Append nexthop to existing reject route - dev only"
1465
1466	# insert mpath directly
1467	add_route "172.16.104.0/24" "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1468	check_route  "172.16.104.0/24 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
1469	log_test $? 0 "add multipath route"
1470
1471	add_route "172.16.104.0/24" "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1472	run_cmd "$IP ro add 172.16.104.0/24 nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1473	log_test $? 2 "Attempt to add duplicate multipath route"
1474
1475	# insert of a second route without append but different metric
1476	add_route "172.16.104.0/24" "via 172.16.101.2"
1477	run_cmd "$IP ro add 172.16.104.0/24 via 172.16.103.2 metric 512"
1478	rc=$?
1479	if [ $rc -eq 0 ]; then
1480		run_cmd "$IP ro add 172.16.104.0/24 via 172.16.103.3 metric 256"
1481		rc=$?
1482	fi
1483	log_test $rc 0 "Route add with different metrics"
1484
1485	run_cmd "$IP ro del 172.16.104.0/24 metric 512"
1486	rc=$?
1487	if [ $rc -eq 0 ]; then
1488		check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 172.16.104.0/24 via 172.16.103.3 dev veth3 metric 256"
1489		rc=$?
1490	fi
1491	log_test $rc 0 "Route delete with metric"
1492}
1493
1494ipv4_rt_replace_single()
1495{
1496	# single path with single path
1497	#
1498	add_initial_route "via 172.16.101.2"
1499	run_cmd "$IP ro replace 172.16.104.0/24 via 172.16.103.2"
1500	check_route "172.16.104.0/24 via 172.16.103.2 dev veth3"
1501	log_test $? 0 "Single path with single path"
1502
1503	# single path with multipath
1504	#
1505	add_initial_route "nexthop via 172.16.101.2"
1506	run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3 nexthop via 172.16.103.2"
1507	check_route "172.16.104.0/24 nexthop via 172.16.101.3 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
1508	log_test $? 0 "Single path with multipath"
1509
1510	# single path with reject
1511	#
1512	add_initial_route "nexthop via 172.16.101.2"
1513	run_cmd "$IP ro replace unreachable 172.16.104.0/24"
1514	check_route "unreachable 172.16.104.0/24"
1515	log_test $? 0 "Single path with reject route"
1516
1517	# single path with single path using MULTIPATH attribute
1518	#
1519	add_initial_route "via 172.16.101.2"
1520	run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.103.2"
1521	check_route "172.16.104.0/24 via 172.16.103.2 dev veth3"
1522	log_test $? 0 "Single path with single path via multipath attribute"
1523
1524	# route replace fails - invalid nexthop
1525	add_initial_route "via 172.16.101.2"
1526	run_cmd "$IP ro replace 172.16.104.0/24 via 2001:db8:104::2"
1527	if [ $? -eq 0 ]; then
1528		# previous command is expected to fail so if it returns 0
1529		# that means the test failed.
1530		log_test 0 1 "Invalid nexthop"
1531	else
1532		check_route "172.16.104.0/24 via 172.16.101.2 dev veth1"
1533		log_test $? 0 "Invalid nexthop"
1534	fi
1535
1536	# replace non-existent route
1537	# - note use of change versus replace since ip adds NLM_F_CREATE
1538	#   for replace
1539	add_initial_route "via 172.16.101.2"
1540	run_cmd "$IP ro change 172.16.105.0/24 via 172.16.101.2"
1541	log_test $? 2 "Single path - replace of non-existent route"
1542}
1543
1544ipv4_rt_replace_mpath()
1545{
1546	# multipath with multipath
1547	add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1548	run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3 nexthop via 172.16.103.3"
1549	check_route  "172.16.104.0/24 nexthop via 172.16.101.3 dev veth1 weight 1 nexthop via 172.16.103.3 dev veth3 weight 1"
1550	log_test $? 0 "Multipath with multipath"
1551
1552	# multipath with single
1553	add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1554	run_cmd "$IP ro replace 172.16.104.0/24 via 172.16.101.3"
1555	check_route  "172.16.104.0/24 via 172.16.101.3 dev veth1"
1556	log_test $? 0 "Multipath with single path"
1557
1558	# multipath with single
1559	add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1560	run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3"
1561	check_route "172.16.104.0/24 via 172.16.101.3 dev veth1"
1562	log_test $? 0 "Multipath with single path via multipath attribute"
1563
1564	# multipath with reject
1565	add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1566	run_cmd "$IP ro replace unreachable 172.16.104.0/24"
1567	check_route "unreachable 172.16.104.0/24"
1568	log_test $? 0 "Multipath with reject route"
1569
1570	# route replace fails - invalid nexthop 1
1571	add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1572	run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.111.3 nexthop via 172.16.103.3"
1573	check_route  "172.16.104.0/24 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
1574	log_test $? 0 "Multipath - invalid first nexthop"
1575
1576	# route replace fails - invalid nexthop 2
1577	add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1578	run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3 nexthop via 172.16.113.3"
1579	check_route  "172.16.104.0/24 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
1580	log_test $? 0 "Multipath - invalid second nexthop"
1581
1582	# multipath non-existent route
1583	add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1584	run_cmd "$IP ro change 172.16.105.0/24 nexthop via 172.16.101.3 nexthop via 172.16.103.3"
1585	log_test $? 2 "Multipath - replace of non-existent route"
1586}
1587
1588ipv4_rt_replace()
1589{
1590	echo
1591	echo "IPv4 route replace tests"
1592
1593	ipv4_rt_replace_single
1594	ipv4_rt_replace_mpath
1595}
1596
1597# checks that cached input route on VRF port is deleted
1598# when VRF is deleted
1599ipv4_local_rt_cache()
1600{
1601	run_cmd "ip addr add 10.0.0.1/32 dev lo"
1602	run_cmd "ip netns add test-ns"
1603	run_cmd "ip link add veth-outside type veth peer name veth-inside"
1604	run_cmd "ip link add vrf-100 type vrf table 1100"
1605	run_cmd "ip link set veth-outside master vrf-100"
1606	run_cmd "ip link set veth-inside netns test-ns"
1607	run_cmd "ip link set veth-outside up"
1608	run_cmd "ip link set vrf-100 up"
1609	run_cmd "ip route add 10.1.1.1/32 dev veth-outside table 1100"
1610	run_cmd "ip netns exec test-ns ip link set veth-inside up"
1611	run_cmd "ip netns exec test-ns ip addr add 10.1.1.1/32 dev veth-inside"
1612	run_cmd "ip netns exec test-ns ip route add 10.0.0.1/32 dev veth-inside"
1613	run_cmd "ip netns exec test-ns ip route add default via 10.0.0.1"
1614	run_cmd "ip netns exec test-ns ping 10.0.0.1 -c 1 -i 1"
1615	run_cmd "ip link delete vrf-100"
1616
1617	# if we do not hang test is a success
1618	log_test $? 0 "Cached route removed from VRF port device"
1619}
1620
1621ipv4_rt_dsfield()
1622{
1623	echo
1624	echo "IPv4 route with dsfield tests"
1625
1626	run_cmd "$IP route flush 172.16.102.0/24"
1627
1628	# New routes should reject dsfield options that interfere with ECN
1629	run_cmd "$IP route add 172.16.102.0/24 dsfield 0x01 via 172.16.101.2"
1630	log_test $? 2 "Reject route with dsfield 0x01"
1631
1632	run_cmd "$IP route add 172.16.102.0/24 dsfield 0x02 via 172.16.101.2"
1633	log_test $? 2 "Reject route with dsfield 0x02"
1634
1635	run_cmd "$IP route add 172.16.102.0/24 dsfield 0x03 via 172.16.101.2"
1636	log_test $? 2 "Reject route with dsfield 0x03"
1637
1638	# A generic route that doesn't take DSCP into account
1639	run_cmd "$IP route add 172.16.102.0/24 via 172.16.101.2"
1640
1641	# A more specific route for DSCP 0x10
1642	run_cmd "$IP route add 172.16.102.0/24 dsfield 0x10 via 172.16.103.2"
1643
1644	# DSCP 0x10 should match the specific route, no matter the ECN bits
1645	$IP route get fibmatch 172.16.102.1 dsfield 0x10 | \
1646		grep -q "172.16.102.0/24 tos 0x10 via 172.16.103.2"
1647	log_test $? 0 "IPv4 route with DSCP and ECN:Not-ECT"
1648
1649	$IP route get fibmatch 172.16.102.1 dsfield 0x11 | \
1650		grep -q "172.16.102.0/24 tos 0x10 via 172.16.103.2"
1651	log_test $? 0 "IPv4 route with DSCP and ECN:ECT(1)"
1652
1653	$IP route get fibmatch 172.16.102.1 dsfield 0x12 | \
1654		grep -q "172.16.102.0/24 tos 0x10 via 172.16.103.2"
1655	log_test $? 0 "IPv4 route with DSCP and ECN:ECT(0)"
1656
1657	$IP route get fibmatch 172.16.102.1 dsfield 0x13 | \
1658		grep -q "172.16.102.0/24 tos 0x10 via 172.16.103.2"
1659	log_test $? 0 "IPv4 route with DSCP and ECN:CE"
1660
1661	# Unknown DSCP should match the generic route, no matter the ECN bits
1662	$IP route get fibmatch 172.16.102.1 dsfield 0x14 | \
1663		grep -q "172.16.102.0/24 via 172.16.101.2"
1664	log_test $? 0 "IPv4 route with unknown DSCP and ECN:Not-ECT"
1665
1666	$IP route get fibmatch 172.16.102.1 dsfield 0x15 | \
1667		grep -q "172.16.102.0/24 via 172.16.101.2"
1668	log_test $? 0 "IPv4 route with unknown DSCP and ECN:ECT(1)"
1669
1670	$IP route get fibmatch 172.16.102.1 dsfield 0x16 | \
1671		grep -q "172.16.102.0/24 via 172.16.101.2"
1672	log_test $? 0 "IPv4 route with unknown DSCP and ECN:ECT(0)"
1673
1674	$IP route get fibmatch 172.16.102.1 dsfield 0x17 | \
1675		grep -q "172.16.102.0/24 via 172.16.101.2"
1676	log_test $? 0 "IPv4 route with unknown DSCP and ECN:CE"
1677
1678	# Null DSCP should match the generic route, no matter the ECN bits
1679	$IP route get fibmatch 172.16.102.1 dsfield 0x00 | \
1680		grep -q "172.16.102.0/24 via 172.16.101.2"
1681	log_test $? 0 "IPv4 route with no DSCP and ECN:Not-ECT"
1682
1683	$IP route get fibmatch 172.16.102.1 dsfield 0x01 | \
1684		grep -q "172.16.102.0/24 via 172.16.101.2"
1685	log_test $? 0 "IPv4 route with no DSCP and ECN:ECT(1)"
1686
1687	$IP route get fibmatch 172.16.102.1 dsfield 0x02 | \
1688		grep -q "172.16.102.0/24 via 172.16.101.2"
1689	log_test $? 0 "IPv4 route with no DSCP and ECN:ECT(0)"
1690
1691	$IP route get fibmatch 172.16.102.1 dsfield 0x03 | \
1692		grep -q "172.16.102.0/24 via 172.16.101.2"
1693	log_test $? 0 "IPv4 route with no DSCP and ECN:CE"
1694}
1695
1696ipv4_route_test()
1697{
1698	route_setup
1699
1700	ipv4_rt_add
1701	ipv4_rt_replace
1702	ipv4_local_rt_cache
1703	ipv4_rt_dsfield
1704
1705	route_cleanup
1706}
1707
1708ipv4_addr_metric_test()
1709{
1710	local rc
1711
1712	echo
1713	echo "IPv4 prefix route tests"
1714
1715	ip_addr_metric_check || return 1
1716
1717	setup
1718
1719	set -e
1720	$IP li add dummy1 type dummy
1721	$IP li add dummy2 type dummy
1722	$IP li set dummy1 up
1723	$IP li set dummy2 up
1724
1725	# default entry is metric 256
1726	run_cmd "$IP addr add dev dummy1 172.16.104.1/24"
1727	run_cmd "$IP addr add dev dummy2 172.16.104.2/24"
1728	set +e
1729
1730	check_route "172.16.104.0/24 dev dummy1 proto kernel scope link src 172.16.104.1 172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2"
1731	log_test $? 0 "Default metric"
1732
1733	set -e
1734	run_cmd "$IP addr flush dev dummy1"
1735	run_cmd "$IP addr add dev dummy1 172.16.104.1/24 metric 257"
1736	set +e
1737
1738	check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 172.16.104.0/24 dev dummy1 proto kernel scope link src 172.16.104.1 metric 257"
1739	log_test $? 0 "User specified metric on first device"
1740
1741	set -e
1742	run_cmd "$IP addr flush dev dummy2"
1743	run_cmd "$IP addr add dev dummy2 172.16.104.2/24 metric 258"
1744	set +e
1745
1746	check_route "172.16.104.0/24 dev dummy1 proto kernel scope link src 172.16.104.1 metric 257 172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 258"
1747	log_test $? 0 "User specified metric on second device"
1748
1749	run_cmd "$IP addr del dev dummy1 172.16.104.1/24 metric 257"
1750	rc=$?
1751	if [ $rc -eq 0 ]; then
1752		check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 258"
1753		rc=$?
1754	fi
1755	log_test $rc 0 "Delete of address on first device"
1756
1757	run_cmd "$IP addr change dev dummy2 172.16.104.2/24 metric 259"
1758	rc=$?
1759	if [ $rc -eq 0 ]; then
1760		check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 259"
1761		rc=$?
1762	fi
1763	log_test $rc 0 "Modify metric of address"
1764
1765	# verify prefix route removed on down
1766	run_cmd "$IP li set dev dummy2 down"
1767	rc=$?
1768	if [ $rc -eq 0 ]; then
1769		out=$($IP ro ls match 172.16.104.0/24)
1770		check_expected "${out}" ""
1771		rc=$?
1772	fi
1773	log_test $rc 0 "Prefix route removed on link down"
1774
1775	# verify prefix route re-inserted with assigned metric
1776	run_cmd "$IP li set dev dummy2 up"
1777	rc=$?
1778	if [ $rc -eq 0 ]; then
1779		check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 259"
1780		rc=$?
1781	fi
1782	log_test $rc 0 "Prefix route with metric on link up"
1783
1784	# explicitly check for metric changes on edge scenarios
1785	run_cmd "$IP addr flush dev dummy2"
1786	run_cmd "$IP addr add dev dummy2 172.16.104.0/24 metric 259"
1787	run_cmd "$IP addr change dev dummy2 172.16.104.0/24 metric 260"
1788	rc=$?
1789	if [ $rc -eq 0 ]; then
1790		check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.0 metric 260"
1791		rc=$?
1792	fi
1793	log_test $rc 0 "Modify metric of .0/24 address"
1794
1795	run_cmd "$IP addr flush dev dummy2"
1796	run_cmd "$IP addr add dev dummy2 172.16.104.1/32 peer 172.16.104.2 metric 260"
1797	rc=$?
1798	if [ $rc -eq 0 ]; then
1799		check_route "172.16.104.2 dev dummy2 proto kernel scope link src 172.16.104.1 metric 260"
1800		rc=$?
1801	fi
1802	log_test $rc 0 "Set metric of address with peer route"
1803
1804	run_cmd "$IP addr change dev dummy2 172.16.104.1/32 peer 172.16.104.3 metric 261"
1805	rc=$?
1806	if [ $rc -eq 0 ]; then
1807		check_route "172.16.104.3 dev dummy2 proto kernel scope link src 172.16.104.1 metric 261"
1808		rc=$?
1809	fi
1810	log_test $rc 0 "Modify metric and peer address for peer route"
1811
1812	$IP li del dummy1
1813	$IP li del dummy2
1814	cleanup
1815}
1816
1817ipv4_route_metrics_test()
1818{
1819	local rc
1820
1821	echo
1822	echo "IPv4 route add / append tests"
1823
1824	route_setup
1825
1826	run_cmd "$IP ro add 172.16.111.0/24 via 172.16.101.2 mtu 1400"
1827	rc=$?
1828	if [ $rc -eq 0 ]; then
1829		check_route "172.16.111.0/24 via 172.16.101.2 dev veth1 mtu 1400"
1830		rc=$?
1831	fi
1832	log_test $rc 0 "Single path route with mtu metric"
1833
1834
1835	run_cmd "$IP ro add 172.16.112.0/24 mtu 1400 nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1836	rc=$?
1837	if [ $rc -eq 0 ]; then
1838		check_route "172.16.112.0/24 mtu 1400 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
1839		rc=$?
1840	fi
1841	log_test $rc 0 "Multipath route with mtu metric"
1842
1843	$IP ro add 172.16.104.0/24 via 172.16.101.2 mtu 1300
1844	run_cmd "ip netns exec ns1 ping -w1 -c1 -s 1500 172.16.104.1"
1845	log_test $? 0 "Using route with mtu metric"
1846
1847	run_cmd "$IP ro add 172.16.111.0/24 via 172.16.101.2 congctl lock foo"
1848	log_test $? 2 "Invalid metric (fails metric_convert)"
1849
1850	route_cleanup
1851}
1852
1853ipv4_del_addr_test()
1854{
1855	echo
1856	echo "IPv4 delete address route tests"
1857
1858	setup
1859
1860	set -e
1861	$IP li add dummy1 type dummy
1862	$IP li set dummy1 up
1863	$IP li add dummy2 type dummy
1864	$IP li set dummy2 up
1865	$IP li add red type vrf table 1111
1866	$IP li set red up
1867	$IP ro add vrf red unreachable default
1868	$IP li set dummy2 vrf red
1869
1870	$IP addr add dev dummy1 172.16.104.1/24
1871	$IP addr add dev dummy1 172.16.104.11/24
1872	$IP addr add dev dummy1 172.16.104.12/24
1873	$IP addr add dev dummy1 172.16.104.13/24
1874	$IP addr add dev dummy2 172.16.104.1/24
1875	$IP addr add dev dummy2 172.16.104.11/24
1876	$IP addr add dev dummy2 172.16.104.12/24
1877	$IP route add 172.16.105.0/24 via 172.16.104.2 src 172.16.104.11
1878	$IP route add 172.16.106.0/24 dev lo src 172.16.104.12
1879	$IP route add table 0 172.16.107.0/24 via 172.16.104.2 src 172.16.104.13
1880	$IP route add vrf red 172.16.105.0/24 via 172.16.104.2 src 172.16.104.11
1881	$IP route add vrf red 172.16.106.0/24 dev lo src 172.16.104.12
1882	set +e
1883
1884	# removing address from device in vrf should only remove route from vrf table
1885	echo "    Regular FIB info"
1886
1887	$IP addr del dev dummy2 172.16.104.11/24
1888	$IP ro ls vrf red | grep -q 172.16.105.0/24
1889	log_test $? 1 "Route removed from VRF when source address deleted"
1890
1891	$IP ro ls | grep -q 172.16.105.0/24
1892	log_test $? 0 "Route in default VRF not removed"
1893
1894	$IP addr add dev dummy2 172.16.104.11/24
1895	$IP route add vrf red 172.16.105.0/24 via 172.16.104.2 src 172.16.104.11
1896
1897	$IP addr del dev dummy1 172.16.104.11/24
1898	$IP ro ls | grep -q 172.16.105.0/24
1899	log_test $? 1 "Route removed in default VRF when source address deleted"
1900
1901	$IP ro ls vrf red | grep -q 172.16.105.0/24
1902	log_test $? 0 "Route in VRF is not removed by address delete"
1903
1904	# removing address from device in vrf should only remove route from vrf
1905	# table even when the associated fib info only differs in table ID
1906	echo "    Identical FIB info with different table ID"
1907
1908	$IP addr del dev dummy2 172.16.104.12/24
1909	$IP ro ls vrf red | grep -q 172.16.106.0/24
1910	log_test $? 1 "Route removed from VRF when source address deleted"
1911
1912	$IP ro ls | grep -q 172.16.106.0/24
1913	log_test $? 0 "Route in default VRF not removed"
1914
1915	$IP addr add dev dummy2 172.16.104.12/24
1916	$IP route add vrf red 172.16.106.0/24 dev lo src 172.16.104.12
1917
1918	$IP addr del dev dummy1 172.16.104.12/24
1919	$IP ro ls | grep -q 172.16.106.0/24
1920	log_test $? 1 "Route removed in default VRF when source address deleted"
1921
1922	$IP ro ls vrf red | grep -q 172.16.106.0/24
1923	log_test $? 0 "Route in VRF is not removed by address delete"
1924
1925	# removing address from device in default vrf should remove route from
1926	# the default vrf even when route was inserted with a table ID of 0.
1927	echo "    Table ID 0"
1928
1929	$IP addr del dev dummy1 172.16.104.13/24
1930	$IP ro ls | grep -q 172.16.107.0/24
1931	log_test $? 1 "Route removed in default VRF when source address deleted"
1932
1933	$IP li del dummy1
1934	$IP li del dummy2
1935	cleanup
1936}
1937
1938ipv6_del_addr_test()
1939{
1940	echo
1941	echo "IPv6 delete address route tests"
1942
1943	setup
1944
1945	set -e
1946	for i in $(seq 6); do
1947		$IP li add dummy${i} up type dummy
1948	done
1949
1950	$IP li add red up type vrf table 1111
1951	$IP ro add vrf red unreachable default
1952	for i in $(seq 4 6); do
1953		$IP li set dummy${i} vrf red
1954	done
1955
1956	$IP addr add dev dummy1 fe80::1/128
1957	$IP addr add dev dummy1 2001:db8:101::1/64
1958	$IP addr add dev dummy1 2001:db8:101::10/64
1959	$IP addr add dev dummy1 2001:db8:101::11/64
1960	$IP addr add dev dummy1 2001:db8:101::12/64
1961	$IP addr add dev dummy1 2001:db8:101::13/64
1962	$IP addr add dev dummy1 2001:db8:101::14/64
1963	$IP addr add dev dummy1 2001:db8:101::15/64
1964	$IP addr add dev dummy2 fe80::1/128
1965	$IP addr add dev dummy2 2001:db8:101::1/64
1966	$IP addr add dev dummy2 2001:db8:101::11/64
1967	$IP addr add dev dummy3 fe80::1/128
1968
1969	$IP addr add dev dummy4 2001:db8:101::1/64
1970	$IP addr add dev dummy4 2001:db8:101::10/64
1971	$IP addr add dev dummy4 2001:db8:101::11/64
1972	$IP addr add dev dummy4 2001:db8:101::12/64
1973	$IP addr add dev dummy4 2001:db8:101::13/64
1974	$IP addr add dev dummy4 2001:db8:101::14/64
1975	$IP addr add dev dummy5 2001:db8:101::1/64
1976	$IP addr add dev dummy5 2001:db8:101::11/64
1977
1978	# Single device using src address
1979	$IP route add 2001:db8:110::/64 dev dummy3 src 2001:db8:101::10
1980	# Two devices with the same source address
1981	$IP route add 2001:db8:111::/64 dev dummy3 src 2001:db8:101::11
1982	# VRF with single device using src address
1983	$IP route add vrf red 2001:db8:110::/64 dev dummy6 src 2001:db8:101::10
1984	# VRF with two devices using src address
1985	$IP route add vrf red 2001:db8:111::/64 dev dummy6 src 2001:db8:101::11
1986	# src address and nexthop dev in same VRF
1987	$IP route add 2001:db8:112::/64 dev dummy3 src 2001:db8:101::12
1988	$IP route add vrf red 2001:db8:112::/64 dev dummy6 src 2001:db8:101::12
1989	# src address and nexthop device in different VRF
1990	$IP route add 2001:db8:113::/64 dev lo src 2001:db8:101::13
1991	$IP route add vrf red 2001:db8:113::/64 dev lo src 2001:db8:101::13
1992	# table ID 0
1993	$IP route add table 0 2001:db8:115::/64 via 2001:db8:101::2 src 2001:db8:101::15
1994	# Link local source route
1995	$IP route add 2001:db8:116::/64 dev dummy2 src fe80::1
1996	$IP route add 2001:db8:117::/64 dev dummy3 src fe80::1
1997	set +e
1998
1999	echo "    Single device using src address"
2000
2001	$IP addr del dev dummy1 2001:db8:101::10/64
2002	$IP -6 route show | grep -q "src 2001:db8:101::10 "
2003	log_test $? 1 "Prefsrc removed when src address removed on other device"
2004
2005	echo "    Two devices with the same source address"
2006
2007	$IP addr del dev dummy1 2001:db8:101::11/64
2008	$IP -6 route show | grep -q "src 2001:db8:101::11 "
2009	log_test $? 0 "Prefsrc not removed when src address exist on other device"
2010
2011	$IP addr del dev dummy2 2001:db8:101::11/64
2012	$IP -6 route show | grep -q "src 2001:db8:101::11 "
2013	log_test $? 1 "Prefsrc removed when src address removed on all devices"
2014
2015	echo "    VRF with single device using src address"
2016
2017	$IP addr del dev dummy4 2001:db8:101::10/64
2018	$IP -6 route show vrf red | grep -q "src 2001:db8:101::10 "
2019	log_test $? 1 "Prefsrc removed when src address removed on other device"
2020
2021	echo "    VRF with two devices using src address"
2022
2023	$IP addr del dev dummy4 2001:db8:101::11/64
2024	$IP -6 route show vrf red | grep -q "src 2001:db8:101::11 "
2025	log_test $? 0 "Prefsrc not removed when src address exist on other device"
2026
2027	$IP addr del dev dummy5 2001:db8:101::11/64
2028	$IP -6 route show vrf red | grep -q "src 2001:db8:101::11 "
2029	log_test $? 1 "Prefsrc removed when src address removed on all devices"
2030
2031	echo "    src address and nexthop dev in same VRF"
2032
2033	$IP addr del dev dummy4 2001:db8:101::12/64
2034	$IP -6 route show vrf red | grep -q "src 2001:db8:101::12 "
2035	log_test $? 1 "Prefsrc removed from VRF when source address deleted"
2036	$IP -6 route show | grep -q " src 2001:db8:101::12 "
2037	log_test $? 0 "Prefsrc in default VRF not removed"
2038
2039	$IP addr add dev dummy4 2001:db8:101::12/64
2040	$IP route replace vrf red 2001:db8:112::/64 dev dummy6 src 2001:db8:101::12
2041	$IP addr del dev dummy1 2001:db8:101::12/64
2042	$IP -6 route show vrf red | grep -q "src 2001:db8:101::12 "
2043	log_test $? 0 "Prefsrc not removed from VRF when source address exist"
2044	$IP -6 route show | grep -q " src 2001:db8:101::12 "
2045	log_test $? 1 "Prefsrc in default VRF removed"
2046
2047	echo "    src address and nexthop device in different VRF"
2048
2049	$IP addr del dev dummy4 2001:db8:101::13/64
2050	$IP -6 route show vrf red | grep -q "src 2001:db8:101::13 "
2051	log_test $? 0 "Prefsrc not removed from VRF when nexthop dev in diff VRF"
2052	$IP -6 route show | grep -q "src 2001:db8:101::13 "
2053	log_test $? 0 "Prefsrc not removed in default VRF"
2054
2055	$IP addr add dev dummy4 2001:db8:101::13/64
2056	$IP addr del dev dummy1 2001:db8:101::13/64
2057	$IP -6 route show vrf red | grep -q "src 2001:db8:101::13 "
2058	log_test $? 1 "Prefsrc removed from VRF when nexthop dev in diff VRF"
2059	$IP -6 route show | grep -q "src 2001:db8:101::13 "
2060	log_test $? 1 "Prefsrc removed in default VRF"
2061
2062	echo "    Table ID 0"
2063
2064	$IP addr del dev dummy1 2001:db8:101::15/64
2065	$IP -6 route show | grep -q "src 2001:db8:101::15"
2066	log_test $? 1 "Prefsrc removed from default VRF when source address deleted"
2067
2068	echo "    Link local source route"
2069	$IP addr del dev dummy1 fe80::1/128
2070	$IP -6 route show | grep -q "2001:db8:116::/64 dev dummy2 src fe80::1"
2071	log_test $? 0 "Prefsrc not removed when delete ll addr from other dev"
2072	$IP addr del dev dummy2 fe80::1/128
2073	$IP -6 route show | grep -q "2001:db8:116::/64 dev dummy2 src fe80::1"
2074	log_test $? 1 "Prefsrc removed when delete ll addr"
2075	$IP -6 route show | grep -q "2001:db8:117::/64 dev dummy3 src fe80::1"
2076	log_test $? 0 "Prefsrc not removed when delete ll addr from other dev"
2077	$IP addr add dev dummy1 fe80::1/128
2078	$IP addr del dev dummy3 fe80::1/128
2079	$IP -6 route show | grep -q "2001:db8:117::/64 dev dummy3 src fe80::1"
2080	log_test $? 1 "Prefsrc removed even ll addr still exist on other dev"
2081
2082	for i in $(seq 6); do
2083		$IP li del dummy${i}
2084	done
2085	cleanup
2086}
2087
2088ipv4_route_v6_gw_test()
2089{
2090	local rc
2091
2092	echo
2093	echo "IPv4 route with IPv6 gateway tests"
2094
2095	route_setup
2096	sleep 2
2097
2098	#
2099	# single path route
2100	#
2101	run_cmd "$IP ro add 172.16.104.0/24 via inet6 2001:db8:101::2"
2102	rc=$?
2103	log_test $rc 0 "Single path route with IPv6 gateway"
2104	if [ $rc -eq 0 ]; then
2105		check_route "172.16.104.0/24 via inet6 2001:db8:101::2 dev veth1"
2106	fi
2107
2108	run_cmd "ip netns exec ns1 ping -w1 -c1 172.16.104.1"
2109	log_test $rc 0 "Single path route with IPv6 gateway - ping"
2110
2111	run_cmd "$IP ro del 172.16.104.0/24 via inet6 2001:db8:101::2"
2112	rc=$?
2113	log_test $rc 0 "Single path route delete"
2114	if [ $rc -eq 0 ]; then
2115		check_route "172.16.112.0/24"
2116	fi
2117
2118	#
2119	# multipath - v6 then v4
2120	#
2121	run_cmd "$IP ro add 172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 nexthop via 172.16.103.2 dev veth3"
2122	rc=$?
2123	log_test $rc 0 "Multipath route add - v6 nexthop then v4"
2124	if [ $rc -eq 0 ]; then
2125		check_route "172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
2126	fi
2127
2128	run_cmd "$IP ro del 172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 nexthop via inet6 2001:db8:101::2 dev veth1"
2129	log_test $? 2 "    Multipath route delete - nexthops in wrong order"
2130
2131	run_cmd "$IP ro del 172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 nexthop via 172.16.103.2 dev veth3"
2132	log_test $? 0 "    Multipath route delete exact match"
2133
2134	#
2135	# multipath - v4 then v6
2136	#
2137	run_cmd "$IP ro add 172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 nexthop via inet6 2001:db8:101::2 dev veth1"
2138	rc=$?
2139	log_test $rc 0 "Multipath route add - v4 nexthop then v6"
2140	if [ $rc -eq 0 ]; then
2141		check_route "172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 weight 1 nexthop via inet6 2001:db8:101::2 dev veth1 weight 1"
2142	fi
2143
2144	run_cmd "$IP ro del 172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 nexthop via 172.16.103.2 dev veth3"
2145	log_test $? 2 "    Multipath route delete - nexthops in wrong order"
2146
2147	run_cmd "$IP ro del 172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 nexthop via inet6 2001:db8:101::2 dev veth1"
2148	log_test $? 0 "    Multipath route delete exact match"
2149
2150	route_cleanup
2151}
2152
2153socat_check()
2154{
2155	if [ ! -x "$(command -v socat)" ]; then
2156		echo "socat command not found. Skipping test"
2157		return 1
2158	fi
2159
2160	return 0
2161}
2162
2163iptables_check()
2164{
2165	iptables -t mangle -L OUTPUT &> /dev/null
2166	if [ $? -ne 0 ]; then
2167		echo "iptables configuration not supported. Skipping test"
2168		return 1
2169	fi
2170
2171	return 0
2172}
2173
2174ip6tables_check()
2175{
2176	ip6tables -t mangle -L OUTPUT &> /dev/null
2177	if [ $? -ne 0 ]; then
2178		echo "ip6tables configuration not supported. Skipping test"
2179		return 1
2180	fi
2181
2182	return 0
2183}
2184
2185ipv4_mangle_test()
2186{
2187	local rc
2188
2189	echo
2190	echo "IPv4 mangling tests"
2191
2192	socat_check || return 1
2193	iptables_check || return 1
2194
2195	route_setup
2196	sleep 2
2197
2198	local tmp_file=$(mktemp)
2199	ip netns exec ns2 socat UDP4-LISTEN:54321,fork $tmp_file &
2200
2201	# Add a FIB rule and a route that will direct our connection to the
2202	# listening server.
2203	$IP rule add pref 100 ipproto udp sport 12345 dport 54321 table 123
2204	$IP route add table 123 172.16.101.0/24 dev veth1
2205
2206	# Add an unreachable route to the main table that will block our
2207	# connection in case the FIB rule is not hit.
2208	$IP route add unreachable 172.16.101.2/32
2209
2210	run_cmd "echo a | $NS_EXEC socat STDIN UDP4:172.16.101.2:54321,sourceport=12345"
2211	log_test $? 0 "    Connection with correct parameters"
2212
2213	run_cmd "echo a | $NS_EXEC socat STDIN UDP4:172.16.101.2:54321,sourceport=11111"
2214	log_test $? 1 "    Connection with incorrect parameters"
2215
2216	# Add a mangling rule and make sure connection is still successful.
2217	$NS_EXEC iptables -t mangle -A OUTPUT -j MARK --set-mark 1
2218
2219	run_cmd "echo a | $NS_EXEC socat STDIN UDP4:172.16.101.2:54321,sourceport=12345"
2220	log_test $? 0 "    Connection with correct parameters - mangling"
2221
2222	# Delete the mangling rule and make sure connection is still
2223	# successful.
2224	$NS_EXEC iptables -t mangle -D OUTPUT -j MARK --set-mark 1
2225
2226	run_cmd "echo a | $NS_EXEC socat STDIN UDP4:172.16.101.2:54321,sourceport=12345"
2227	log_test $? 0 "    Connection with correct parameters - no mangling"
2228
2229	# Verify connections were indeed successful on server side.
2230	[[ $(cat $tmp_file | wc -l) -eq 3 ]]
2231	log_test $? 0 "    Connection check - server side"
2232
2233	$IP route del unreachable 172.16.101.2/32
2234	$IP route del table 123 172.16.101.0/24 dev veth1
2235	$IP rule del pref 100
2236
2237	{ kill %% && wait %%; } 2>/dev/null
2238	rm $tmp_file
2239
2240	route_cleanup
2241}
2242
2243ipv6_mangle_test()
2244{
2245	local rc
2246
2247	echo
2248	echo "IPv6 mangling tests"
2249
2250	socat_check || return 1
2251	ip6tables_check || return 1
2252
2253	route_setup
2254	sleep 2
2255
2256	local tmp_file=$(mktemp)
2257	ip netns exec ns2 socat UDP6-LISTEN:54321,fork $tmp_file &
2258
2259	# Add a FIB rule and a route that will direct our connection to the
2260	# listening server.
2261	$IP -6 rule add pref 100 ipproto udp sport 12345 dport 54321 table 123
2262	$IP -6 route add table 123 2001:db8:101::/64 dev veth1
2263
2264	# Add an unreachable route to the main table that will block our
2265	# connection in case the FIB rule is not hit.
2266	$IP -6 route add unreachable 2001:db8:101::2/128
2267
2268	run_cmd "echo a | $NS_EXEC socat STDIN UDP6:[2001:db8:101::2]:54321,sourceport=12345"
2269	log_test $? 0 "    Connection with correct parameters"
2270
2271	run_cmd "echo a | $NS_EXEC socat STDIN UDP6:[2001:db8:101::2]:54321,sourceport=11111"
2272	log_test $? 1 "    Connection with incorrect parameters"
2273
2274	# Add a mangling rule and make sure connection is still successful.
2275	$NS_EXEC ip6tables -t mangle -A OUTPUT -j MARK --set-mark 1
2276
2277	run_cmd "echo a | $NS_EXEC socat STDIN UDP6:[2001:db8:101::2]:54321,sourceport=12345"
2278	log_test $? 0 "    Connection with correct parameters - mangling"
2279
2280	# Delete the mangling rule and make sure connection is still
2281	# successful.
2282	$NS_EXEC ip6tables -t mangle -D OUTPUT -j MARK --set-mark 1
2283
2284	run_cmd "echo a | $NS_EXEC socat STDIN UDP6:[2001:db8:101::2]:54321,sourceport=12345"
2285	log_test $? 0 "    Connection with correct parameters - no mangling"
2286
2287	# Verify connections were indeed successful on server side.
2288	[[ $(cat $tmp_file | wc -l) -eq 3 ]]
2289	log_test $? 0 "    Connection check - server side"
2290
2291	$IP -6 route del unreachable 2001:db8:101::2/128
2292	$IP -6 route del table 123 2001:db8:101::/64 dev veth1
2293	$IP -6 rule del pref 100
2294
2295	{ kill %% && wait %%; } 2>/dev/null
2296	rm $tmp_file
2297
2298	route_cleanup
2299}
2300
2301ip_neigh_get_check()
2302{
2303	ip neigh help 2>&1 | grep -q 'ip neigh get'
2304	if [ $? -ne 0 ]; then
2305		echo "iproute2 command does not support neigh get. Skipping test"
2306		return 1
2307	fi
2308
2309	return 0
2310}
2311
2312ipv4_bcast_neigh_test()
2313{
2314	local rc
2315
2316	echo
2317	echo "IPv4 broadcast neighbour tests"
2318
2319	ip_neigh_get_check || return 1
2320
2321	setup
2322
2323	set -e
2324	run_cmd "$IP neigh add 192.0.2.111 lladdr 00:11:22:33:44:55 nud perm dev dummy0"
2325	run_cmd "$IP neigh add 192.0.2.255 lladdr 00:11:22:33:44:55 nud perm dev dummy0"
2326
2327	run_cmd "$IP neigh get 192.0.2.111 dev dummy0"
2328	run_cmd "$IP neigh get 192.0.2.255 dev dummy0"
2329
2330	run_cmd "$IP address add 192.0.2.1/24 broadcast 192.0.2.111 dev dummy0"
2331
2332	run_cmd "$IP neigh add 203.0.113.111 nud failed dev dummy0"
2333	run_cmd "$IP neigh add 203.0.113.255 nud failed dev dummy0"
2334
2335	run_cmd "$IP neigh get 203.0.113.111 dev dummy0"
2336	run_cmd "$IP neigh get 203.0.113.255 dev dummy0"
2337
2338	run_cmd "$IP address add 203.0.113.1/24 broadcast 203.0.113.111 dev dummy0"
2339	set +e
2340
2341	run_cmd "$IP neigh get 192.0.2.111 dev dummy0"
2342	log_test $? 0 "Resolved neighbour for broadcast address"
2343
2344	run_cmd "$IP neigh get 192.0.2.255 dev dummy0"
2345	log_test $? 0 "Resolved neighbour for network broadcast address"
2346
2347	run_cmd "$IP neigh get 203.0.113.111 dev dummy0"
2348	log_test $? 2 "Unresolved neighbour for broadcast address"
2349
2350	run_cmd "$IP neigh get 203.0.113.255 dev dummy0"
2351	log_test $? 2 "Unresolved neighbour for network broadcast address"
2352
2353	cleanup
2354}
2355
2356mpath_dep_check()
2357{
2358	if [ ! -x "$(command -v mausezahn)" ]; then
2359		echo "mausezahn command not found. Skipping test"
2360		return 1
2361	fi
2362
2363	if [ ! -x "$(command -v jq)" ]; then
2364		echo "jq command not found. Skipping test"
2365		return 1
2366	fi
2367
2368	if [ ! -x "$(command -v bc)" ]; then
2369		echo "bc command not found. Skipping test"
2370		return 1
2371	fi
2372
2373	if [ ! -x "$(command -v perf)" ]; then
2374		echo "perf command not found. Skipping test"
2375		return 1
2376	fi
2377
2378	perf list fib:* | grep -q fib_table_lookup
2379	if [ $? -ne 0 ]; then
2380		echo "IPv4 FIB tracepoint not found. Skipping test"
2381		return 1
2382	fi
2383
2384	perf list fib6:* | grep -q fib6_table_lookup
2385	if [ $? -ne 0 ]; then
2386		echo "IPv6 FIB tracepoint not found. Skipping test"
2387		return 1
2388	fi
2389
2390	return 0
2391}
2392
2393link_stats_get()
2394{
2395	local ns=$1; shift
2396	local dev=$1; shift
2397	local dir=$1; shift
2398	local stat=$1; shift
2399
2400	ip -n $ns -j -s link show dev $dev \
2401		| jq '.[]["stats64"]["'$dir'"]["'$stat'"]'
2402}
2403
2404list_rcv_eval()
2405{
2406	local file=$1; shift
2407	local expected=$1; shift
2408
2409	local count=$(tail -n 1 $file | jq '.["counter-value"] | tonumber | floor')
2410	local ratio=$(echo "scale=2; $count / $expected" | bc -l)
2411	local res=$(echo "$ratio >= 0.95" | bc)
2412	[[ $res -eq 1 ]]
2413	log_test $? 0 "Multipath route hit ratio ($ratio)"
2414}
2415
2416ipv4_mpath_list_test()
2417{
2418	echo
2419	echo "IPv4 multipath list receive tests"
2420
2421	mpath_dep_check || return 1
2422
2423	route_setup
2424
2425	set -e
2426	run_cmd "ip netns exec ns1 ethtool -K veth1 tcp-segmentation-offload off"
2427
2428	run_cmd "ip netns exec ns2 bash -c \"echo 20000 > /sys/class/net/veth2/gro_flush_timeout\""
2429	run_cmd "ip netns exec ns2 bash -c \"echo 1 > /sys/class/net/veth2/napi_defer_hard_irqs\""
2430	run_cmd "ip netns exec ns2 ethtool -K veth2 generic-receive-offload on"
2431	run_cmd "ip -n ns2 link add name nh1 up type dummy"
2432	run_cmd "ip -n ns2 link add name nh2 up type dummy"
2433	run_cmd "ip -n ns2 address add 172.16.201.1/24 dev nh1"
2434	run_cmd "ip -n ns2 address add 172.16.202.1/24 dev nh2"
2435	run_cmd "ip -n ns2 neigh add 172.16.201.2 lladdr 00:11:22:33:44:55 nud perm dev nh1"
2436	run_cmd "ip -n ns2 neigh add 172.16.202.2 lladdr 00:aa:bb:cc:dd:ee nud perm dev nh2"
2437	run_cmd "ip -n ns2 route add 203.0.113.0/24
2438		nexthop via 172.16.201.2 nexthop via 172.16.202.2"
2439	run_cmd "ip netns exec ns2 sysctl -qw net.ipv4.fib_multipath_hash_policy=1"
2440	run_cmd "ip netns exec ns2 sysctl -qw net.ipv4.conf.veth2.rp_filter=0"
2441	run_cmd "ip netns exec ns2 sysctl -qw net.ipv4.conf.all.rp_filter=0"
2442	run_cmd "ip netns exec ns2 sysctl -qw net.ipv4.conf.default.rp_filter=0"
2443	set +e
2444
2445	local dmac=$(ip -n ns2 -j link show dev veth2 | jq -r '.[]["address"]')
2446	local tmp_file=$(mktemp)
2447	local cmd="ip netns exec ns1 mausezahn veth1 -a own -b $dmac
2448		-A 172.16.101.1 -B 203.0.113.1 -t udp 'sp=12345,dp=0-65535' -q"
2449
2450	# Packets forwarded in a list using a multipath route must not reuse a
2451	# cached result so that a flow always hits the same nexthop. In other
2452	# words, the FIB lookup tracepoint needs to be triggered for every
2453	# packet.
2454	local t0_rx_pkts=$(link_stats_get ns2 veth2 rx packets)
2455	run_cmd "perf stat -a -e fib:fib_table_lookup --filter 'err == 0' -j -o $tmp_file -- $cmd"
2456	local t1_rx_pkts=$(link_stats_get ns2 veth2 rx packets)
2457	local diff=$(echo $t1_rx_pkts - $t0_rx_pkts | bc -l)
2458	list_rcv_eval $tmp_file $diff
2459
2460	rm $tmp_file
2461	route_cleanup
2462}
2463
2464ipv6_mpath_list_test()
2465{
2466	echo
2467	echo "IPv6 multipath list receive tests"
2468
2469	mpath_dep_check || return 1
2470
2471	route_setup
2472
2473	set -e
2474	run_cmd "ip netns exec ns1 ethtool -K veth1 tcp-segmentation-offload off"
2475
2476	run_cmd "ip netns exec ns2 bash -c \"echo 20000 > /sys/class/net/veth2/gro_flush_timeout\""
2477	run_cmd "ip netns exec ns2 bash -c \"echo 1 > /sys/class/net/veth2/napi_defer_hard_irqs\""
2478	run_cmd "ip netns exec ns2 ethtool -K veth2 generic-receive-offload on"
2479	run_cmd "ip -n ns2 link add name nh1 up type dummy"
2480	run_cmd "ip -n ns2 link add name nh2 up type dummy"
2481	run_cmd "ip -n ns2 -6 address add 2001:db8:201::1/64 dev nh1"
2482	run_cmd "ip -n ns2 -6 address add 2001:db8:202::1/64 dev nh2"
2483	run_cmd "ip -n ns2 -6 neigh add 2001:db8:201::2 lladdr 00:11:22:33:44:55 nud perm dev nh1"
2484	run_cmd "ip -n ns2 -6 neigh add 2001:db8:202::2 lladdr 00:aa:bb:cc:dd:ee nud perm dev nh2"
2485	run_cmd "ip -n ns2 -6 route add 2001:db8:301::/64
2486		nexthop via 2001:db8:201::2 nexthop via 2001:db8:202::2"
2487	run_cmd "ip netns exec ns2 sysctl -qw net.ipv6.fib_multipath_hash_policy=1"
2488	set +e
2489
2490	local dmac=$(ip -n ns2 -j link show dev veth2 | jq -r '.[]["address"]')
2491	local tmp_file=$(mktemp)
2492	local cmd="ip netns exec ns1 mausezahn -6 veth1 -a own -b $dmac
2493		-A 2001:db8:101::1 -B 2001:db8:301::1 -t udp 'sp=12345,dp=0-65535' -q"
2494
2495	# Packets forwarded in a list using a multipath route must not reuse a
2496	# cached result so that a flow always hits the same nexthop. In other
2497	# words, the FIB lookup tracepoint needs to be triggered for every
2498	# packet.
2499	local t0_rx_pkts=$(link_stats_get ns2 veth2 rx packets)
2500	run_cmd "perf stat -a -e fib6:fib6_table_lookup --filter 'err == 0' -j -o $tmp_file -- $cmd"
2501	local t1_rx_pkts=$(link_stats_get ns2 veth2 rx packets)
2502	local diff=$(echo $t1_rx_pkts - $t0_rx_pkts | bc -l)
2503	list_rcv_eval $tmp_file $diff
2504
2505	rm $tmp_file
2506	route_cleanup
2507}
2508
2509################################################################################
2510# usage
2511
2512usage()
2513{
2514	cat <<EOF
2515usage: ${0##*/} OPTS
2516
2517        -t <test>   Test(s) to run (default: all)
2518                    (options: $TESTS)
2519        -p          Pause on fail
2520        -P          Pause after each test before cleanup
2521        -v          verbose mode (show commands and output)
2522EOF
2523}
2524
2525################################################################################
2526# main
2527
2528trap cleanup EXIT
2529
2530while getopts :t:pPhv o
2531do
2532	case $o in
2533		t) TESTS=$OPTARG;;
2534		p) PAUSE_ON_FAIL=yes;;
2535		P) PAUSE=yes;;
2536		v) VERBOSE=$(($VERBOSE + 1));;
2537		h) usage; exit 0;;
2538		*) usage; exit 1;;
2539	esac
2540done
2541
2542PEER_CMD="ip netns exec ${PEER_NS}"
2543
2544# make sure we don't pause twice
2545[ "${PAUSE}" = "yes" ] && PAUSE_ON_FAIL=no
2546
2547if [ "$(id -u)" -ne 0 ];then
2548	echo "SKIP: Need root privileges"
2549	exit $ksft_skip;
2550fi
2551
2552if [ ! -x "$(command -v ip)" ]; then
2553	echo "SKIP: Could not run test without ip tool"
2554	exit $ksft_skip
2555fi
2556
2557ip route help 2>&1 | grep -q fibmatch
2558if [ $? -ne 0 ]; then
2559	echo "SKIP: iproute2 too old, missing fibmatch"
2560	exit $ksft_skip
2561fi
2562
2563# start clean
2564cleanup &> /dev/null
2565
2566for t in $TESTS
2567do
2568	case $t in
2569	fib_unreg_test|unregister)	fib_unreg_test;;
2570	fib_down_test|down)		fib_down_test;;
2571	fib_carrier_test|carrier)	fib_carrier_test;;
2572	fib_rp_filter_test|rp_filter)	fib_rp_filter_test;;
2573	fib_nexthop_test|nexthop)	fib_nexthop_test;;
2574	fib_notify_test|ipv4_notify)	fib_notify_test;;
2575	fib6_notify_test|ipv6_notify)	fib6_notify_test;;
2576	fib_suppress_test|suppress)	fib_suppress_test;;
2577	ipv6_route_test|ipv6_rt)	ipv6_route_test;;
2578	ipv4_route_test|ipv4_rt)	ipv4_route_test;;
2579	ipv6_addr_metric)		ipv6_addr_metric_test;;
2580	ipv4_addr_metric)		ipv4_addr_metric_test;;
2581	ipv4_del_addr)			ipv4_del_addr_test;;
2582	ipv6_del_addr)			ipv6_del_addr_test;;
2583	ipv6_route_metrics)		ipv6_route_metrics_test;;
2584	ipv4_route_metrics)		ipv4_route_metrics_test;;
2585	ipv4_route_v6_gw)		ipv4_route_v6_gw_test;;
2586	ipv4_mangle)			ipv4_mangle_test;;
2587	ipv6_mangle)			ipv6_mangle_test;;
2588	ipv4_bcast_neigh)		ipv4_bcast_neigh_test;;
2589	fib6_gc_test|ipv6_gc)		fib6_gc_test;;
2590	ipv4_mpath_list)		ipv4_mpath_list_test;;
2591	ipv6_mpath_list)		ipv6_mpath_list_test;;
2592
2593	help) echo "Test names: $TESTS"; exit 0;;
2594	esac
2595done
2596
2597if [ "$TESTS" != "none" ]; then
2598	printf "\nTests passed: %3d\n" ${nsuccess}
2599	printf "Tests failed: %3d\n"   ${nfail}
2600fi
2601
2602exit $ret
2603