xref: /openbmc/linux/tools/testing/selftests/net/forwarding/bridge_port_isolation.sh (revision 3eb66e91a25497065c5322b1268cbc3953642227)
1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0
3
4ALL_TESTS="ping_ipv4 ping_ipv6 flooding"
5NUM_NETIFS=6
6CHECK_TC="yes"
7source lib.sh
8
9h1_create()
10{
11	simple_if_init $h1 192.0.2.1/24 2001:db8:1::1/64
12}
13
14h1_destroy()
15{
16	simple_if_fini $h1 192.0.2.1/24 2001:db8:1::1/64
17}
18
19h2_create()
20{
21	simple_if_init $h2 192.0.2.2/24 2001:db8:1::2/64
22}
23
24h2_destroy()
25{
26	simple_if_fini $h2 192.0.2.2/24 2001:db8:1::2/64
27}
28
29h3_create()
30{
31	simple_if_init $h3 192.0.2.3/24 2001:db8:1::3/64
32}
33
34h3_destroy()
35{
36	simple_if_fini $h3 192.0.2.3/24 2001:db8:1::3/64
37}
38
39switch_create()
40{
41	ip link add dev br0 type bridge
42
43	ip link set dev $swp1 master br0
44	ip link set dev $swp2 master br0
45	ip link set dev $swp3 master br0
46
47	ip link set dev $swp1 type bridge_slave isolated on
48	check_err $? "Can't set isolation on port $swp1"
49	ip link set dev $swp2 type bridge_slave isolated on
50	check_err $? "Can't set isolation on port $swp2"
51	ip link set dev $swp3 type bridge_slave isolated off
52	check_err $? "Can't disable isolation on port $swp3"
53
54	ip link set dev br0 up
55	ip link set dev $swp1 up
56	ip link set dev $swp2 up
57	ip link set dev $swp3 up
58}
59
60switch_destroy()
61{
62	ip link set dev $swp3 down
63	ip link set dev $swp2 down
64	ip link set dev $swp1 down
65
66	ip link del dev br0
67}
68
69setup_prepare()
70{
71	h1=${NETIFS[p1]}
72	swp1=${NETIFS[p2]}
73
74	swp2=${NETIFS[p3]}
75	h2=${NETIFS[p4]}
76
77	swp3=${NETIFS[p5]}
78	h3=${NETIFS[p6]}
79
80	vrf_prepare
81
82	h1_create
83	h2_create
84	h3_create
85
86	switch_create
87}
88
89cleanup()
90{
91	pre_cleanup
92
93	switch_destroy
94
95	h3_destroy
96	h2_destroy
97	h1_destroy
98
99	vrf_cleanup
100}
101
102ping_ipv4()
103{
104	RET=0
105	ping_do $h1 192.0.2.2
106	check_fail $? "Ping worked when it should not have"
107
108	RET=0
109	ping_do $h3 192.0.2.2
110	check_err $? "Ping didn't work when it should have"
111
112	log_test "Isolated port ping"
113}
114
115ping_ipv6()
116{
117	RET=0
118	ping6_do $h1 2001:db8:1::2
119	check_fail $? "Ping6 worked when it should not have"
120
121	RET=0
122	ping6_do $h3 2001:db8:1::2
123	check_err $? "Ping6 didn't work when it should have"
124
125	log_test "Isolated port ping6"
126}
127
128flooding()
129{
130	local mac=de:ad:be:ef:13:37
131	local ip=192.0.2.100
132
133	RET=0
134	flood_test_do false $mac $ip $h1 $h2
135	check_err $? "Packet was flooded when it should not have been"
136
137	RET=0
138	flood_test_do true $mac $ip $h3 $h2
139	check_err $? "Packet was not flooded when it should have been"
140
141	log_test "Isolated port flooding"
142}
143
144trap cleanup EXIT
145
146setup_prepare
147setup_wait
148
149tests_run
150
151exit $EXIT_STATUS
152