1c99a84eaSMathieu Xhonneux#!/bin/bash 2c99a84eaSMathieu Xhonneux# Connects 6 network namespaces through veths. 3c99a84eaSMathieu Xhonneux# Each NS may have different IPv6 global scope addresses : 4c99a84eaSMathieu Xhonneux# NS1 ---- NS2 ---- NS3 ---- NS4 ---- NS5 ---- NS6 5c99a84eaSMathieu Xhonneux# fb00::1 fd00::1 fd00::2 fd00::3 fb00::6 6c99a84eaSMathieu Xhonneux# fc42::1 fd00::4 7c99a84eaSMathieu Xhonneux# 8c99a84eaSMathieu Xhonneux# All IPv6 packets going to fb00::/16 through NS2 will be encapsulated in a 9c99a84eaSMathieu Xhonneux# IPv6 header with a Segment Routing Header, with segments : 10c99a84eaSMathieu Xhonneux# fd00::1 -> fd00::2 -> fd00::3 -> fd00::4 11c99a84eaSMathieu Xhonneux# 12c99a84eaSMathieu Xhonneux# 3 fd00::/16 IPv6 addresses are binded to seg6local End.BPF actions : 13c99a84eaSMathieu Xhonneux# - fd00::1 : add a TLV, change the flags and apply a End.X action to fc42::1 14c99a84eaSMathieu Xhonneux# - fd00::2 : remove the TLV, change the flags, add a tag 15c99a84eaSMathieu Xhonneux# - fd00::3 : apply an End.T action to fd00::4, through routing table 117 16c99a84eaSMathieu Xhonneux# 17c99a84eaSMathieu Xhonneux# fd00::4 is a simple Segment Routing node decapsulating the inner IPv6 packet. 18c99a84eaSMathieu Xhonneux# Each End.BPF action will validate the operations applied on the SRH by the 19c99a84eaSMathieu Xhonneux# previous BPF program in the chain, otherwise the packet is dropped. 20c99a84eaSMathieu Xhonneux# 21c99a84eaSMathieu Xhonneux# An UDP datagram is sent from fb00::1 to fb00::6. The test succeeds if this 22c99a84eaSMathieu Xhonneux# datagram can be read on NS6 when binding to fb00::6. 23c99a84eaSMathieu Xhonneux 24dd349c3fSJeffrin Jose T# Kselftest framework requirement - SKIP code is 4. 25dd349c3fSJeffrin Jose Tksft_skip=4 26*98af3746SWang YufenBPF_FILE="test_lwt_seg6local.bpf.o" 2707c58554SHangbin Liureadonly NS1="ns1-$(mktemp -u XXXXXX)" 2807c58554SHangbin Liureadonly NS2="ns2-$(mktemp -u XXXXXX)" 2907c58554SHangbin Liureadonly NS3="ns3-$(mktemp -u XXXXXX)" 3007c58554SHangbin Liureadonly NS4="ns4-$(mktemp -u XXXXXX)" 3107c58554SHangbin Liureadonly NS5="ns5-$(mktemp -u XXXXXX)" 3207c58554SHangbin Liureadonly NS6="ns6-$(mktemp -u XXXXXX)" 33dd349c3fSJeffrin Jose T 34dd349c3fSJeffrin Jose Tmsg="skip all tests:" 35dd349c3fSJeffrin Jose Tif [ $UID != 0 ]; then 36dd349c3fSJeffrin Jose T echo $msg please run this as root >&2 37dd349c3fSJeffrin Jose T exit $ksft_skip 38dd349c3fSJeffrin Jose Tfi 39dd349c3fSJeffrin Jose T 40c99a84eaSMathieu XhonneuxTMP_FILE="/tmp/selftest_lwt_seg6local.txt" 41c99a84eaSMathieu Xhonneux 42c99a84eaSMathieu Xhonneuxcleanup() 43c99a84eaSMathieu Xhonneux{ 44c99a84eaSMathieu Xhonneux if [ "$?" = "0" ]; then 45c99a84eaSMathieu Xhonneux echo "selftests: test_lwt_seg6local [PASS]"; 46c99a84eaSMathieu Xhonneux else 47c99a84eaSMathieu Xhonneux echo "selftests: test_lwt_seg6local [FAILED]"; 48c99a84eaSMathieu Xhonneux fi 49c99a84eaSMathieu Xhonneux 50c99a84eaSMathieu Xhonneux set +e 5107c58554SHangbin Liu ip netns del ${NS1} 2> /dev/null 5207c58554SHangbin Liu ip netns del ${NS2} 2> /dev/null 5307c58554SHangbin Liu ip netns del ${NS3} 2> /dev/null 5407c58554SHangbin Liu ip netns del ${NS4} 2> /dev/null 5507c58554SHangbin Liu ip netns del ${NS5} 2> /dev/null 5607c58554SHangbin Liu ip netns del ${NS6} 2> /dev/null 57c99a84eaSMathieu Xhonneux rm -f $TMP_FILE 58c99a84eaSMathieu Xhonneux} 59c99a84eaSMathieu Xhonneux 60c99a84eaSMathieu Xhonneuxset -e 61c99a84eaSMathieu Xhonneux 6207c58554SHangbin Liuip netns add ${NS1} 6307c58554SHangbin Liuip netns add ${NS2} 6407c58554SHangbin Liuip netns add ${NS3} 6507c58554SHangbin Liuip netns add ${NS4} 6607c58554SHangbin Liuip netns add ${NS5} 6707c58554SHangbin Liuip netns add ${NS6} 68c99a84eaSMathieu Xhonneux 69c99a84eaSMathieu Xhonneuxtrap cleanup 0 2 3 6 9 70c99a84eaSMathieu Xhonneux 71c99a84eaSMathieu Xhonneuxip link add veth1 type veth peer name veth2 72c99a84eaSMathieu Xhonneuxip link add veth3 type veth peer name veth4 73c99a84eaSMathieu Xhonneuxip link add veth5 type veth peer name veth6 74c99a84eaSMathieu Xhonneuxip link add veth7 type veth peer name veth8 75c99a84eaSMathieu Xhonneuxip link add veth9 type veth peer name veth10 76c99a84eaSMathieu Xhonneux 7707c58554SHangbin Liuip link set veth1 netns ${NS1} 7807c58554SHangbin Liuip link set veth2 netns ${NS2} 7907c58554SHangbin Liuip link set veth3 netns ${NS2} 8007c58554SHangbin Liuip link set veth4 netns ${NS3} 8107c58554SHangbin Liuip link set veth5 netns ${NS3} 8207c58554SHangbin Liuip link set veth6 netns ${NS4} 8307c58554SHangbin Liuip link set veth7 netns ${NS4} 8407c58554SHangbin Liuip link set veth8 netns ${NS5} 8507c58554SHangbin Liuip link set veth9 netns ${NS5} 8607c58554SHangbin Liuip link set veth10 netns ${NS6} 87c99a84eaSMathieu Xhonneux 8807c58554SHangbin Liuip netns exec ${NS1} ip link set dev veth1 up 8907c58554SHangbin Liuip netns exec ${NS2} ip link set dev veth2 up 9007c58554SHangbin Liuip netns exec ${NS2} ip link set dev veth3 up 9107c58554SHangbin Liuip netns exec ${NS3} ip link set dev veth4 up 9207c58554SHangbin Liuip netns exec ${NS3} ip link set dev veth5 up 9307c58554SHangbin Liuip netns exec ${NS4} ip link set dev veth6 up 9407c58554SHangbin Liuip netns exec ${NS4} ip link set dev veth7 up 9507c58554SHangbin Liuip netns exec ${NS5} ip link set dev veth8 up 9607c58554SHangbin Liuip netns exec ${NS5} ip link set dev veth9 up 9707c58554SHangbin Liuip netns exec ${NS6} ip link set dev veth10 up 9807c58554SHangbin Liuip netns exec ${NS6} ip link set dev lo up 99c99a84eaSMathieu Xhonneux 100c99a84eaSMathieu Xhonneux# All link scope addresses and routes required between veths 10107c58554SHangbin Liuip netns exec ${NS1} ip -6 addr add fb00::12/16 dev veth1 scope link 10207c58554SHangbin Liuip netns exec ${NS1} ip -6 route add fb00::21 dev veth1 scope link 10307c58554SHangbin Liuip netns exec ${NS2} ip -6 addr add fb00::21/16 dev veth2 scope link 10407c58554SHangbin Liuip netns exec ${NS2} ip -6 addr add fb00::34/16 dev veth3 scope link 10507c58554SHangbin Liuip netns exec ${NS2} ip -6 route add fb00::43 dev veth3 scope link 10607c58554SHangbin Liuip netns exec ${NS3} ip -6 route add fb00::65 dev veth5 scope link 10707c58554SHangbin Liuip netns exec ${NS3} ip -6 addr add fb00::43/16 dev veth4 scope link 10807c58554SHangbin Liuip netns exec ${NS3} ip -6 addr add fb00::56/16 dev veth5 scope link 10907c58554SHangbin Liuip netns exec ${NS4} ip -6 addr add fb00::65/16 dev veth6 scope link 11007c58554SHangbin Liuip netns exec ${NS4} ip -6 addr add fb00::78/16 dev veth7 scope link 11107c58554SHangbin Liuip netns exec ${NS4} ip -6 route add fb00::87 dev veth7 scope link 11207c58554SHangbin Liuip netns exec ${NS5} ip -6 addr add fb00::87/16 dev veth8 scope link 11307c58554SHangbin Liuip netns exec ${NS5} ip -6 addr add fb00::910/16 dev veth9 scope link 11407c58554SHangbin Liuip netns exec ${NS5} ip -6 route add fb00::109 dev veth9 scope link 11507c58554SHangbin Liuip netns exec ${NS5} ip -6 route add fb00::109 table 117 dev veth9 scope link 11607c58554SHangbin Liuip netns exec ${NS6} ip -6 addr add fb00::109/16 dev veth10 scope link 117c99a84eaSMathieu Xhonneux 11807c58554SHangbin Liuip netns exec ${NS1} ip -6 addr add fb00::1/16 dev lo 11907c58554SHangbin Liuip netns exec ${NS1} ip -6 route add fb00::6 dev veth1 via fb00::21 120c99a84eaSMathieu Xhonneux 121*98af3746SWang Yufenip netns exec ${NS2} ip -6 route add fb00::6 encap bpf in obj ${BPF_FILE} sec encap_srh dev veth2 12207c58554SHangbin Liuip netns exec ${NS2} ip -6 route add fd00::1 dev veth3 via fb00::43 scope link 123c99a84eaSMathieu Xhonneux 12407c58554SHangbin Liuip netns exec ${NS3} ip -6 route add fc42::1 dev veth5 via fb00::65 125*98af3746SWang Yufenip netns exec ${NS3} ip -6 route add fd00::1 encap seg6local action End.BPF endpoint obj ${BPF_FILE} sec add_egr_x dev veth4 126c99a84eaSMathieu Xhonneux 127*98af3746SWang Yufenip netns exec ${NS4} ip -6 route add fd00::2 encap seg6local action End.BPF endpoint obj ${BPF_FILE} sec pop_egr dev veth6 12807c58554SHangbin Liuip netns exec ${NS4} ip -6 addr add fc42::1 dev lo 12907c58554SHangbin Liuip netns exec ${NS4} ip -6 route add fd00::3 dev veth7 via fb00::87 130c99a84eaSMathieu Xhonneux 13107c58554SHangbin Liuip netns exec ${NS5} ip -6 route add fd00::4 table 117 dev veth9 via fb00::109 132*98af3746SWang Yufenip netns exec ${NS5} ip -6 route add fd00::3 encap seg6local action End.BPF endpoint obj ${BPF_FILE} sec inspect_t dev veth8 133c99a84eaSMathieu Xhonneux 13407c58554SHangbin Liuip netns exec ${NS6} ip -6 addr add fb00::6/16 dev lo 13507c58554SHangbin Liuip netns exec ${NS6} ip -6 addr add fd00::4/16 dev lo 136c99a84eaSMathieu Xhonneux 13707c58554SHangbin Liuip netns exec ${NS1} sysctl net.ipv6.conf.all.forwarding=1 > /dev/null 13807c58554SHangbin Liuip netns exec ${NS2} sysctl net.ipv6.conf.all.forwarding=1 > /dev/null 13907c58554SHangbin Liuip netns exec ${NS3} sysctl net.ipv6.conf.all.forwarding=1 > /dev/null 14007c58554SHangbin Liuip netns exec ${NS4} sysctl net.ipv6.conf.all.forwarding=1 > /dev/null 14107c58554SHangbin Liuip netns exec ${NS5} sysctl net.ipv6.conf.all.forwarding=1 > /dev/null 142c99a84eaSMathieu Xhonneux 14307c58554SHangbin Liuip netns exec ${NS6} sysctl net.ipv6.conf.all.seg6_enabled=1 > /dev/null 14407c58554SHangbin Liuip netns exec ${NS6} sysctl net.ipv6.conf.lo.seg6_enabled=1 > /dev/null 14507c58554SHangbin Liuip netns exec ${NS6} sysctl net.ipv6.conf.veth10.seg6_enabled=1 > /dev/null 146c99a84eaSMathieu Xhonneux 14707c58554SHangbin Liuip netns exec ${NS6} nc -l -6 -u -d 7330 > $TMP_FILE & 14807c58554SHangbin Liuip netns exec ${NS1} bash -c "echo 'foobar' | nc -w0 -6 -u -p 2121 -s fb00::1 fb00::6 7330" 149c99a84eaSMathieu Xhonneuxsleep 5 # wait enough time to ensure the UDP datagram arrived to the last segment 1506bd55727SIlya Leoshkevichkill -TERM $! 151c99a84eaSMathieu Xhonneux 152c99a84eaSMathieu Xhonneuxif [[ $(< $TMP_FILE) != "foobar" ]]; then 153c99a84eaSMathieu Xhonneux exit 1 154c99a84eaSMathieu Xhonneuxfi 155c99a84eaSMathieu Xhonneux 156c99a84eaSMathieu Xhonneuxexit 0 157