16d4efadaSNir Dotan#!/bin/bash 26d4efadaSNir Dotan# SPDX-License-Identifier: GPL-2.0 36d4efadaSNir Dotan 46d4efadaSNir Dotan# +------------------+ 56d4efadaSNir Dotan# | H1 (v$h1) | 66d4efadaSNir Dotan# | 2001:db8:1::2/64 | 76d4efadaSNir Dotan# | 198.51.100.2/28 | 86d4efadaSNir Dotan# | $h1 + | 96d4efadaSNir Dotan# +-------------|----+ 106d4efadaSNir Dotan# | 116d4efadaSNir Dotan# +-------------|-------------------------------+ 126d4efadaSNir Dotan# | SW1 | | 136d4efadaSNir Dotan# | $rp1 + | 146d4efadaSNir Dotan# | 198.51.100.1/28 | 156d4efadaSNir Dotan# | 2001:db8:1::1/64 | 166d4efadaSNir Dotan# | | 176d4efadaSNir Dotan# | 2001:db8:2::1/64 2001:db8:3::1/64 | 186d4efadaSNir Dotan# | 198.51.100.17/28 198.51.100.33/28 | 196d4efadaSNir Dotan# | $rp2 + $rp3 + | 206d4efadaSNir Dotan# +--------------|--------------------------|---+ 216d4efadaSNir Dotan# | | 226d4efadaSNir Dotan# | | 236d4efadaSNir Dotan# +--------------|---+ +--------------|---+ 246d4efadaSNir Dotan# | H2 (v$h2) | | | H3 (v$h3) | | 256d4efadaSNir Dotan# | $h2 + | | $h3 + | 266d4efadaSNir Dotan# | 198.51.100.18/28 | | 198.51.100.34/28 | 276d4efadaSNir Dotan# | 2001:db8:2::2/64 | | 2001:db8:3::2/64 | 286d4efadaSNir Dotan# +------------------+ +------------------+ 296d4efadaSNir Dotan# 306d4efadaSNir Dotan 31*2b5a8c8fSIdo SchimmelALL_TESTS="mcast_v4 mcast_v6 rpf_v4 rpf_v6 unres_v4 unres_v6" 326d4efadaSNir DotanNUM_NETIFS=6 336d4efadaSNir Dotansource lib.sh 346d4efadaSNir Dotansource tc_common.sh 356d4efadaSNir Dotan 366d4efadaSNir Dotanrequire_command $MCD 376d4efadaSNir Dotanrequire_command $MC_CLI 386d4efadaSNir Dotantable_name=selftests 396d4efadaSNir Dotan 406d4efadaSNir Dotanh1_create() 416d4efadaSNir Dotan{ 426d4efadaSNir Dotan simple_if_init $h1 198.51.100.2/28 2001:db8:1::2/64 436d4efadaSNir Dotan 446d4efadaSNir Dotan ip route add 198.51.100.16/28 vrf v$h1 nexthop via 198.51.100.1 456d4efadaSNir Dotan ip route add 198.51.100.32/28 vrf v$h1 nexthop via 198.51.100.1 466d4efadaSNir Dotan 476d4efadaSNir Dotan ip route add 2001:db8:2::/64 vrf v$h1 nexthop via 2001:db8:1::1 486d4efadaSNir Dotan ip route add 2001:db8:3::/64 vrf v$h1 nexthop via 2001:db8:1::1 49ca059af8SIdo Schimmel 50ca059af8SIdo Schimmel tc qdisc add dev $h1 ingress 516d4efadaSNir Dotan} 526d4efadaSNir Dotan 536d4efadaSNir Dotanh1_destroy() 546d4efadaSNir Dotan{ 55ca059af8SIdo Schimmel tc qdisc del dev $h1 ingress 56ca059af8SIdo Schimmel 576d4efadaSNir Dotan ip route del 2001:db8:3::/64 vrf v$h1 586d4efadaSNir Dotan ip route del 2001:db8:2::/64 vrf v$h1 596d4efadaSNir Dotan 606d4efadaSNir Dotan ip route del 198.51.100.32/28 vrf v$h1 616d4efadaSNir Dotan ip route del 198.51.100.16/28 vrf v$h1 626d4efadaSNir Dotan 636d4efadaSNir Dotan simple_if_fini $h1 198.51.100.2/28 2001:db8:1::2/64 646d4efadaSNir Dotan} 656d4efadaSNir Dotan 666d4efadaSNir Dotanh2_create() 676d4efadaSNir Dotan{ 686d4efadaSNir Dotan simple_if_init $h2 198.51.100.18/28 2001:db8:2::2/64 696d4efadaSNir Dotan 706d4efadaSNir Dotan ip route add 198.51.100.0/28 vrf v$h2 nexthop via 198.51.100.17 716d4efadaSNir Dotan ip route add 198.51.100.32/28 vrf v$h2 nexthop via 198.51.100.17 726d4efadaSNir Dotan 736d4efadaSNir Dotan ip route add 2001:db8:1::/64 vrf v$h2 nexthop via 2001:db8:2::1 746d4efadaSNir Dotan ip route add 2001:db8:3::/64 vrf v$h2 nexthop via 2001:db8:2::1 756d4efadaSNir Dotan 766d4efadaSNir Dotan tc qdisc add dev $h2 ingress 776d4efadaSNir Dotan} 786d4efadaSNir Dotan 796d4efadaSNir Dotanh2_destroy() 806d4efadaSNir Dotan{ 816d4efadaSNir Dotan tc qdisc del dev $h2 ingress 826d4efadaSNir Dotan 836d4efadaSNir Dotan ip route del 2001:db8:3::/64 vrf v$h2 846d4efadaSNir Dotan ip route del 2001:db8:1::/64 vrf v$h2 856d4efadaSNir Dotan 866d4efadaSNir Dotan ip route del 198.51.100.32/28 vrf v$h2 876d4efadaSNir Dotan ip route del 198.51.100.0/28 vrf v$h2 886d4efadaSNir Dotan 896d4efadaSNir Dotan simple_if_fini $h2 198.51.100.18/28 2001:db8:2::2/64 906d4efadaSNir Dotan} 916d4efadaSNir Dotan 926d4efadaSNir Dotanh3_create() 936d4efadaSNir Dotan{ 946d4efadaSNir Dotan simple_if_init $h3 198.51.100.34/28 2001:db8:3::2/64 956d4efadaSNir Dotan 966d4efadaSNir Dotan ip route add 198.51.100.0/28 vrf v$h3 nexthop via 198.51.100.33 976d4efadaSNir Dotan ip route add 198.51.100.16/28 vrf v$h3 nexthop via 198.51.100.33 986d4efadaSNir Dotan 996d4efadaSNir Dotan ip route add 2001:db8:1::/64 vrf v$h3 nexthop via 2001:db8:3::1 1006d4efadaSNir Dotan ip route add 2001:db8:2::/64 vrf v$h3 nexthop via 2001:db8:3::1 1016d4efadaSNir Dotan 1026d4efadaSNir Dotan tc qdisc add dev $h3 ingress 1036d4efadaSNir Dotan} 1046d4efadaSNir Dotan 1056d4efadaSNir Dotanh3_destroy() 1066d4efadaSNir Dotan{ 1076d4efadaSNir Dotan tc qdisc del dev $h3 ingress 1086d4efadaSNir Dotan 1096d4efadaSNir Dotan ip route del 2001:db8:2::/64 vrf v$h3 1106d4efadaSNir Dotan ip route del 2001:db8:1::/64 vrf v$h3 1116d4efadaSNir Dotan 1126d4efadaSNir Dotan ip route del 198.51.100.16/28 vrf v$h3 1136d4efadaSNir Dotan ip route del 198.51.100.0/28 vrf v$h3 1146d4efadaSNir Dotan 1156d4efadaSNir Dotan simple_if_fini $h3 198.51.100.34/28 2001:db8:3::2/64 1166d4efadaSNir Dotan} 1176d4efadaSNir Dotan 1186d4efadaSNir Dotanrouter_create() 1196d4efadaSNir Dotan{ 1206d4efadaSNir Dotan ip link set dev $rp1 up 1216d4efadaSNir Dotan ip link set dev $rp2 up 1226d4efadaSNir Dotan ip link set dev $rp3 up 1236d4efadaSNir Dotan 1246d4efadaSNir Dotan ip address add 198.51.100.1/28 dev $rp1 1256d4efadaSNir Dotan ip address add 198.51.100.17/28 dev $rp2 1266d4efadaSNir Dotan ip address add 198.51.100.33/28 dev $rp3 1276d4efadaSNir Dotan 1286d4efadaSNir Dotan ip address add 2001:db8:1::1/64 dev $rp1 1296d4efadaSNir Dotan ip address add 2001:db8:2::1/64 dev $rp2 1306d4efadaSNir Dotan ip address add 2001:db8:3::1/64 dev $rp3 131ca059af8SIdo Schimmel 132ca059af8SIdo Schimmel tc qdisc add dev $rp3 ingress 1336d4efadaSNir Dotan} 1346d4efadaSNir Dotan 1356d4efadaSNir Dotanrouter_destroy() 1366d4efadaSNir Dotan{ 137ca059af8SIdo Schimmel tc qdisc del dev $rp3 ingress 138ca059af8SIdo Schimmel 1396d4efadaSNir Dotan ip address del 2001:db8:3::1/64 dev $rp3 1406d4efadaSNir Dotan ip address del 2001:db8:2::1/64 dev $rp2 1416d4efadaSNir Dotan ip address del 2001:db8:1::1/64 dev $rp1 1426d4efadaSNir Dotan 1436d4efadaSNir Dotan ip address del 198.51.100.33/28 dev $rp3 1446d4efadaSNir Dotan ip address del 198.51.100.17/28 dev $rp2 1456d4efadaSNir Dotan ip address del 198.51.100.1/28 dev $rp1 1466d4efadaSNir Dotan 1476d4efadaSNir Dotan ip link set dev $rp3 down 1486d4efadaSNir Dotan ip link set dev $rp2 down 1496d4efadaSNir Dotan ip link set dev $rp1 down 1506d4efadaSNir Dotan} 1516d4efadaSNir Dotan 1526d4efadaSNir Dotanstart_mcd() 1536d4efadaSNir Dotan{ 1546d4efadaSNir Dotan SMCROUTEDIR="$(mktemp -d)" 1556d4efadaSNir Dotan 1566d4efadaSNir Dotan for ((i = 1; i <= $NUM_NETIFS; ++i)); do 1576d4efadaSNir Dotan echo "phyint ${NETIFS[p$i]} enable" >> \ 1586d4efadaSNir Dotan $SMCROUTEDIR/$table_name.conf 1596d4efadaSNir Dotan done 1606d4efadaSNir Dotan 1616d4efadaSNir Dotan $MCD -N -I $table_name -f $SMCROUTEDIR/$table_name.conf \ 1626d4efadaSNir Dotan -P $SMCROUTEDIR/$table_name.pid 1636d4efadaSNir Dotan} 1646d4efadaSNir Dotan 1656d4efadaSNir Dotankill_mcd() 1666d4efadaSNir Dotan{ 1676d4efadaSNir Dotan pkill $MCD 1686d4efadaSNir Dotan rm -rf $SMCROUTEDIR 1696d4efadaSNir Dotan} 1706d4efadaSNir Dotan 1716d4efadaSNir Dotansetup_prepare() 1726d4efadaSNir Dotan{ 1736d4efadaSNir Dotan h1=${NETIFS[p1]} 1746d4efadaSNir Dotan rp1=${NETIFS[p2]} 1756d4efadaSNir Dotan 1766d4efadaSNir Dotan rp2=${NETIFS[p3]} 1776d4efadaSNir Dotan h2=${NETIFS[p4]} 1786d4efadaSNir Dotan 1796d4efadaSNir Dotan rp3=${NETIFS[p5]} 1806d4efadaSNir Dotan h3=${NETIFS[p6]} 1816d4efadaSNir Dotan 1826d4efadaSNir Dotan start_mcd 1836d4efadaSNir Dotan 1846d4efadaSNir Dotan vrf_prepare 1856d4efadaSNir Dotan 1866d4efadaSNir Dotan h1_create 1876d4efadaSNir Dotan h2_create 1886d4efadaSNir Dotan h3_create 1896d4efadaSNir Dotan 1906d4efadaSNir Dotan router_create 1916d4efadaSNir Dotan 1926d4efadaSNir Dotan forwarding_enable 1936d4efadaSNir Dotan} 1946d4efadaSNir Dotan 1956d4efadaSNir Dotancleanup() 1966d4efadaSNir Dotan{ 1976d4efadaSNir Dotan pre_cleanup 1986d4efadaSNir Dotan 1996d4efadaSNir Dotan forwarding_restore 2006d4efadaSNir Dotan 2016d4efadaSNir Dotan router_destroy 2026d4efadaSNir Dotan 2036d4efadaSNir Dotan h3_destroy 2046d4efadaSNir Dotan h2_destroy 2056d4efadaSNir Dotan h1_destroy 2066d4efadaSNir Dotan 2076d4efadaSNir Dotan vrf_cleanup 2086d4efadaSNir Dotan 2096d4efadaSNir Dotan kill_mcd 2106d4efadaSNir Dotan} 2116d4efadaSNir Dotan 2126d4efadaSNir Dotancreate_mcast_sg() 2136d4efadaSNir Dotan{ 2146d4efadaSNir Dotan local if_name=$1; shift 2156d4efadaSNir Dotan local s_addr=$1; shift 2166d4efadaSNir Dotan local mcast=$1; shift 2176d4efadaSNir Dotan local dest_ifs=${@} 2186d4efadaSNir Dotan 2196d4efadaSNir Dotan $MC_CLI -I $table_name add $if_name $s_addr $mcast $dest_ifs 2206d4efadaSNir Dotan} 2216d4efadaSNir Dotan 2226d4efadaSNir Dotandelete_mcast_sg() 2236d4efadaSNir Dotan{ 2246d4efadaSNir Dotan local if_name=$1; shift 2256d4efadaSNir Dotan local s_addr=$1; shift 2266d4efadaSNir Dotan local mcast=$1; shift 2276d4efadaSNir Dotan local dest_ifs=${@} 2286d4efadaSNir Dotan 2296d4efadaSNir Dotan $MC_CLI -I $table_name remove $if_name $s_addr $mcast $dest_ifs 2306d4efadaSNir Dotan} 2316d4efadaSNir Dotan 2326d4efadaSNir Dotanmcast_v4() 2336d4efadaSNir Dotan{ 2346d4efadaSNir Dotan # Add two interfaces to an MC group, send a packet to the MC group and 2356d4efadaSNir Dotan # verify packets are received on both. Then delete the route and verify 2366d4efadaSNir Dotan # packets are no longer received. 2376d4efadaSNir Dotan 2386d4efadaSNir Dotan RET=0 2396d4efadaSNir Dotan 2406d4efadaSNir Dotan tc filter add dev $h2 ingress protocol ip pref 1 handle 122 flower \ 2416d4efadaSNir Dotan dst_ip 225.1.2.3 action drop 2426d4efadaSNir Dotan tc filter add dev $h3 ingress protocol ip pref 1 handle 133 flower \ 2436d4efadaSNir Dotan dst_ip 225.1.2.3 action drop 2446d4efadaSNir Dotan 2456d4efadaSNir Dotan create_mcast_sg $rp1 198.51.100.2 225.1.2.3 $rp2 $rp3 2466d4efadaSNir Dotan 2476d4efadaSNir Dotan # Send frames with the corresponding L2 destination address. 2486d4efadaSNir Dotan $MZ $h1 -c 5 -p 128 -t udp -a 00:11:22:33:44:55 -b 01:00:5e:01:02:03 \ 2496d4efadaSNir Dotan -A 198.51.100.2 -B 225.1.2.3 -q 2506d4efadaSNir Dotan 2516d4efadaSNir Dotan tc_check_packets "dev $h2 ingress" 122 5 2526d4efadaSNir Dotan check_err $? "Multicast not received on first host" 2536d4efadaSNir Dotan tc_check_packets "dev $h3 ingress" 133 5 2546d4efadaSNir Dotan check_err $? "Multicast not received on second host" 2556d4efadaSNir Dotan 2566d4efadaSNir Dotan delete_mcast_sg $rp1 198.51.100.2 225.1.2.3 $rp2 $rp3 2576d4efadaSNir Dotan 2586d4efadaSNir Dotan $MZ $h1 -c 5 -p 128 -t udp -a 00:11:22:33:44:55 -b 01:00:5e:01:02:03 \ 2596d4efadaSNir Dotan -A 198.51.100.2 -B 225.1.2.3 -q 2606d4efadaSNir Dotan 2616d4efadaSNir Dotan tc_check_packets "dev $h2 ingress" 122 5 2626d4efadaSNir Dotan check_err $? "Multicast received on host although deleted" 2636d4efadaSNir Dotan tc_check_packets "dev $h3 ingress" 133 5 2646d4efadaSNir Dotan check_err $? "Multicast received on second host although deleted" 2656d4efadaSNir Dotan 2666d4efadaSNir Dotan tc filter del dev $h3 ingress protocol ip pref 1 handle 133 flower 2676d4efadaSNir Dotan tc filter del dev $h2 ingress protocol ip pref 1 handle 122 flower 2686d4efadaSNir Dotan 2696d4efadaSNir Dotan log_test "mcast IPv4" 2706d4efadaSNir Dotan} 2716d4efadaSNir Dotan 2726d4efadaSNir Dotanmcast_v6() 2736d4efadaSNir Dotan{ 2746d4efadaSNir Dotan # Add two interfaces to an MC group, send a packet to the MC group and 2756d4efadaSNir Dotan # verify packets are received on both. Then delete the route and verify 2766d4efadaSNir Dotan # packets are no longer received. 2776d4efadaSNir Dotan 2786d4efadaSNir Dotan RET=0 2796d4efadaSNir Dotan 2806d4efadaSNir Dotan tc filter add dev $h2 ingress protocol ipv6 pref 1 handle 122 flower \ 2816d4efadaSNir Dotan dst_ip ff0e::3 action drop 2826d4efadaSNir Dotan tc filter add dev $h3 ingress protocol ipv6 pref 1 handle 133 flower \ 2836d4efadaSNir Dotan dst_ip ff0e::3 action drop 2846d4efadaSNir Dotan 2856d4efadaSNir Dotan create_mcast_sg $rp1 2001:db8:1::2 ff0e::3 $rp2 $rp3 2866d4efadaSNir Dotan 2876d4efadaSNir Dotan # Send frames with the corresponding L2 destination address. 2886d4efadaSNir Dotan $MZ $h1 -6 -c 5 -p 128 -t udp -a 00:11:22:33:44:55 \ 2896d4efadaSNir Dotan -b 33:33:00:00:00:03 -A 2001:db8:1::2 -B ff0e::3 -q 2906d4efadaSNir Dotan 2916d4efadaSNir Dotan tc_check_packets "dev $h2 ingress" 122 5 2926d4efadaSNir Dotan check_err $? "Multicast not received on first host" 2936d4efadaSNir Dotan tc_check_packets "dev $h3 ingress" 133 5 2946d4efadaSNir Dotan check_err $? "Multicast not received on second host" 2956d4efadaSNir Dotan 2966d4efadaSNir Dotan delete_mcast_sg $rp1 2001:db8:1::2 ff0e::3 $rp2 $rp3 2976d4efadaSNir Dotan 2986d4efadaSNir Dotan $MZ $h1 -6 -c 5 -p 128 -t udp -a 00:11:22:33:44:55 \ 2996d4efadaSNir Dotan -b 33:33:00:00:00:03 -A 2001:db8:1::2 -B ff0e::3 -q 3006d4efadaSNir Dotan 3016d4efadaSNir Dotan tc_check_packets "dev $h2 ingress" 122 5 3026d4efadaSNir Dotan check_err $? "Multicast received on first host although deleted" 3036d4efadaSNir Dotan tc_check_packets "dev $h3 ingress" 133 5 3046d4efadaSNir Dotan check_err $? "Multicast received on second host although deleted" 3056d4efadaSNir Dotan 3066d4efadaSNir Dotan tc filter del dev $h3 ingress protocol ipv6 pref 1 handle 133 flower 3076d4efadaSNir Dotan tc filter del dev $h2 ingress protocol ipv6 pref 1 handle 122 flower 3086d4efadaSNir Dotan 3096d4efadaSNir Dotan log_test "mcast IPv6" 3106d4efadaSNir Dotan} 3116d4efadaSNir Dotan 312ca059af8SIdo Schimmelrpf_v4() 313ca059af8SIdo Schimmel{ 314ca059af8SIdo Schimmel # Add a multicast route from first router port to the other two. Send 315ca059af8SIdo Schimmel # matching packets and test that both hosts receive them. Then, send 316ca059af8SIdo Schimmel # the same packets via the third router port and test that they do not 317ca059af8SIdo Schimmel # reach any host due to RPF check. A filter with 'skip_hw' is added to 318ca059af8SIdo Schimmel # test that devices capable of multicast routing offload trap those 319ca059af8SIdo Schimmel # packets. The filter is essentialy a NOP in other scenarios. 320ca059af8SIdo Schimmel 321ca059af8SIdo Schimmel RET=0 322ca059af8SIdo Schimmel 323ca059af8SIdo Schimmel tc filter add dev $h1 ingress protocol ip pref 1 handle 1 flower \ 324ca059af8SIdo Schimmel dst_ip 225.1.2.3 ip_proto udp dst_port 12345 action drop 325ca059af8SIdo Schimmel tc filter add dev $h2 ingress protocol ip pref 1 handle 1 flower \ 326ca059af8SIdo Schimmel dst_ip 225.1.2.3 ip_proto udp dst_port 12345 action drop 327ca059af8SIdo Schimmel tc filter add dev $h3 ingress protocol ip pref 1 handle 1 flower \ 328ca059af8SIdo Schimmel dst_ip 225.1.2.3 ip_proto udp dst_port 12345 action drop 329ca059af8SIdo Schimmel tc filter add dev $rp3 ingress protocol ip pref 1 handle 1 flower \ 330ca059af8SIdo Schimmel skip_hw dst_ip 225.1.2.3 ip_proto udp dst_port 12345 action pass 331ca059af8SIdo Schimmel 332ca059af8SIdo Schimmel create_mcast_sg $rp1 198.51.100.2 225.1.2.3 $rp2 $rp3 333ca059af8SIdo Schimmel 334ca059af8SIdo Schimmel $MZ $h1 -c 5 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ 335ca059af8SIdo Schimmel -a 00:11:22:33:44:55 -b 01:00:5e:01:02:03 \ 336ca059af8SIdo Schimmel -A 198.51.100.2 -B 225.1.2.3 -q 337ca059af8SIdo Schimmel 338ca059af8SIdo Schimmel tc_check_packets "dev $h2 ingress" 1 5 339ca059af8SIdo Schimmel check_err $? "Multicast not received on first host" 340ca059af8SIdo Schimmel tc_check_packets "dev $h3 ingress" 1 5 341ca059af8SIdo Schimmel check_err $? "Multicast not received on second host" 342ca059af8SIdo Schimmel 343ca059af8SIdo Schimmel $MZ $h3 -c 5 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ 344ca059af8SIdo Schimmel -a 00:11:22:33:44:55 -b 01:00:5e:01:02:03 \ 345ca059af8SIdo Schimmel -A 198.51.100.2 -B 225.1.2.3 -q 346ca059af8SIdo Schimmel 347ca059af8SIdo Schimmel tc_check_packets "dev $h1 ingress" 1 0 348ca059af8SIdo Schimmel check_err $? "Multicast received on first host when should not" 349ca059af8SIdo Schimmel tc_check_packets "dev $h2 ingress" 1 5 350ca059af8SIdo Schimmel check_err $? "Multicast received on second host when should not" 351ca059af8SIdo Schimmel tc_check_packets "dev $rp3 ingress" 1 5 352ca059af8SIdo Schimmel check_err $? "Packets not trapped due to RPF check" 353ca059af8SIdo Schimmel 354ca059af8SIdo Schimmel delete_mcast_sg $rp1 198.51.100.2 225.1.2.3 $rp2 $rp3 355ca059af8SIdo Schimmel 356ca059af8SIdo Schimmel tc filter del dev $rp3 ingress protocol ip pref 1 handle 1 flower 357ca059af8SIdo Schimmel tc filter del dev $h3 ingress protocol ip pref 1 handle 1 flower 358ca059af8SIdo Schimmel tc filter del dev $h2 ingress protocol ip pref 1 handle 1 flower 359ca059af8SIdo Schimmel tc filter del dev $h1 ingress protocol ip pref 1 handle 1 flower 360ca059af8SIdo Schimmel 361ca059af8SIdo Schimmel log_test "RPF IPv4" 362ca059af8SIdo Schimmel} 363ca059af8SIdo Schimmel 364ca059af8SIdo Schimmelrpf_v6() 365ca059af8SIdo Schimmel{ 366ca059af8SIdo Schimmel RET=0 367ca059af8SIdo Schimmel 368ca059af8SIdo Schimmel tc filter add dev $h1 ingress protocol ipv6 pref 1 handle 1 flower \ 369ca059af8SIdo Schimmel dst_ip ff0e::3 ip_proto udp dst_port 12345 action drop 370ca059af8SIdo Schimmel tc filter add dev $h2 ingress protocol ipv6 pref 1 handle 1 flower \ 371ca059af8SIdo Schimmel dst_ip ff0e::3 ip_proto udp dst_port 12345 action drop 372ca059af8SIdo Schimmel tc filter add dev $h3 ingress protocol ipv6 pref 1 handle 1 flower \ 373ca059af8SIdo Schimmel dst_ip ff0e::3 ip_proto udp dst_port 12345 action drop 374ca059af8SIdo Schimmel tc filter add dev $rp3 ingress protocol ipv6 pref 1 handle 1 flower \ 375ca059af8SIdo Schimmel skip_hw dst_ip ff0e::3 ip_proto udp dst_port 12345 action pass 376ca059af8SIdo Schimmel 377ca059af8SIdo Schimmel create_mcast_sg $rp1 2001:db8:1::2 ff0e::3 $rp2 $rp3 378ca059af8SIdo Schimmel 379ca059af8SIdo Schimmel $MZ $h1 -6 -c 5 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ 380ca059af8SIdo Schimmel -a 00:11:22:33:44:55 -b 33:33:00:00:00:03 \ 381ca059af8SIdo Schimmel -A 2001:db8:1::2 -B ff0e::3 -q 382ca059af8SIdo Schimmel 383ca059af8SIdo Schimmel tc_check_packets "dev $h2 ingress" 1 5 384ca059af8SIdo Schimmel check_err $? "Multicast not received on first host" 385ca059af8SIdo Schimmel tc_check_packets "dev $h3 ingress" 1 5 386ca059af8SIdo Schimmel check_err $? "Multicast not received on second host" 387ca059af8SIdo Schimmel 388ca059af8SIdo Schimmel $MZ $h3 -6 -c 5 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ 389ca059af8SIdo Schimmel -a 00:11:22:33:44:55 -b 33:33:00:00:00:03 \ 390ca059af8SIdo Schimmel -A 2001:db8:1::2 -B ff0e::3 -q 391ca059af8SIdo Schimmel 392ca059af8SIdo Schimmel tc_check_packets "dev $h1 ingress" 1 0 393ca059af8SIdo Schimmel check_err $? "Multicast received on first host when should not" 394ca059af8SIdo Schimmel tc_check_packets "dev $h2 ingress" 1 5 395ca059af8SIdo Schimmel check_err $? "Multicast received on second host when should not" 396ca059af8SIdo Schimmel tc_check_packets "dev $rp3 ingress" 1 5 397ca059af8SIdo Schimmel check_err $? "Packets not trapped due to RPF check" 398ca059af8SIdo Schimmel 399ca059af8SIdo Schimmel delete_mcast_sg $rp1 2001:db8:1::2 ff0e::3 $rp2 $rp3 400ca059af8SIdo Schimmel 401ca059af8SIdo Schimmel tc filter del dev $rp3 ingress protocol ipv6 pref 1 handle 1 flower 402ca059af8SIdo Schimmel tc filter del dev $h3 ingress protocol ipv6 pref 1 handle 1 flower 403ca059af8SIdo Schimmel tc filter del dev $h2 ingress protocol ipv6 pref 1 handle 1 flower 404ca059af8SIdo Schimmel tc filter del dev $h1 ingress protocol ipv6 pref 1 handle 1 flower 405ca059af8SIdo Schimmel 406ca059af8SIdo Schimmel log_test "RPF IPv6" 407ca059af8SIdo Schimmel} 408ca059af8SIdo Schimmel 409*2b5a8c8fSIdo Schimmelunres_v4() 410*2b5a8c8fSIdo Schimmel{ 411*2b5a8c8fSIdo Schimmel # Send a multicast packet not corresponding to an installed route, 412*2b5a8c8fSIdo Schimmel # causing the kernel to queue the packet for resolution and emit an 413*2b5a8c8fSIdo Schimmel # IGMPMSG_NOCACHE notification. smcrouted will react to this 414*2b5a8c8fSIdo Schimmel # notification by consulting its (*, G) list and installing an (S, G) 415*2b5a8c8fSIdo Schimmel # route, which will be used to forward the queued packet. 416*2b5a8c8fSIdo Schimmel 417*2b5a8c8fSIdo Schimmel RET=0 418*2b5a8c8fSIdo Schimmel 419*2b5a8c8fSIdo Schimmel tc filter add dev $h2 ingress protocol ip pref 1 handle 1 flower \ 420*2b5a8c8fSIdo Schimmel dst_ip 225.1.2.3 ip_proto udp dst_port 12345 action drop 421*2b5a8c8fSIdo Schimmel tc filter add dev $h3 ingress protocol ip pref 1 handle 1 flower \ 422*2b5a8c8fSIdo Schimmel dst_ip 225.1.2.3 ip_proto udp dst_port 12345 action drop 423*2b5a8c8fSIdo Schimmel 424*2b5a8c8fSIdo Schimmel # Forwarding should fail before installing a matching (*, G). 425*2b5a8c8fSIdo Schimmel $MZ $h1 -c 1 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ 426*2b5a8c8fSIdo Schimmel -a 00:11:22:33:44:55 -b 01:00:5e:01:02:03 \ 427*2b5a8c8fSIdo Schimmel -A 198.51.100.2 -B 225.1.2.3 -q 428*2b5a8c8fSIdo Schimmel 429*2b5a8c8fSIdo Schimmel tc_check_packets "dev $h2 ingress" 1 0 430*2b5a8c8fSIdo Schimmel check_err $? "Multicast received on first host when should not" 431*2b5a8c8fSIdo Schimmel tc_check_packets "dev $h3 ingress" 1 0 432*2b5a8c8fSIdo Schimmel check_err $? "Multicast received on second host when should not" 433*2b5a8c8fSIdo Schimmel 434*2b5a8c8fSIdo Schimmel # Create (*, G). Will not be installed in the kernel. 435*2b5a8c8fSIdo Schimmel create_mcast_sg $rp1 0.0.0.0 225.1.2.3 $rp2 $rp3 436*2b5a8c8fSIdo Schimmel 437*2b5a8c8fSIdo Schimmel $MZ $h1 -c 1 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ 438*2b5a8c8fSIdo Schimmel -a 00:11:22:33:44:55 -b 01:00:5e:01:02:03 \ 439*2b5a8c8fSIdo Schimmel -A 198.51.100.2 -B 225.1.2.3 -q 440*2b5a8c8fSIdo Schimmel 441*2b5a8c8fSIdo Schimmel tc_check_packets "dev $h2 ingress" 1 1 442*2b5a8c8fSIdo Schimmel check_err $? "Multicast not received on first host" 443*2b5a8c8fSIdo Schimmel tc_check_packets "dev $h3 ingress" 1 1 444*2b5a8c8fSIdo Schimmel check_err $? "Multicast not received on second host" 445*2b5a8c8fSIdo Schimmel 446*2b5a8c8fSIdo Schimmel delete_mcast_sg $rp1 0.0.0.0 225.1.2.3 $rp2 $rp3 447*2b5a8c8fSIdo Schimmel 448*2b5a8c8fSIdo Schimmel tc filter del dev $h3 ingress protocol ip pref 1 handle 1 flower 449*2b5a8c8fSIdo Schimmel tc filter del dev $h2 ingress protocol ip pref 1 handle 1 flower 450*2b5a8c8fSIdo Schimmel 451*2b5a8c8fSIdo Schimmel log_test "Unresolved queue IPv4" 452*2b5a8c8fSIdo Schimmel} 453*2b5a8c8fSIdo Schimmel 454*2b5a8c8fSIdo Schimmelunres_v6() 455*2b5a8c8fSIdo Schimmel{ 456*2b5a8c8fSIdo Schimmel # Send a multicast packet not corresponding to an installed route, 457*2b5a8c8fSIdo Schimmel # causing the kernel to queue the packet for resolution and emit an 458*2b5a8c8fSIdo Schimmel # MRT6MSG_NOCACHE notification. smcrouted will react to this 459*2b5a8c8fSIdo Schimmel # notification by consulting its (*, G) list and installing an (S, G) 460*2b5a8c8fSIdo Schimmel # route, which will be used to forward the queued packet. 461*2b5a8c8fSIdo Schimmel 462*2b5a8c8fSIdo Schimmel RET=0 463*2b5a8c8fSIdo Schimmel 464*2b5a8c8fSIdo Schimmel tc filter add dev $h2 ingress protocol ipv6 pref 1 handle 1 flower \ 465*2b5a8c8fSIdo Schimmel dst_ip ff0e::3 ip_proto udp dst_port 12345 action drop 466*2b5a8c8fSIdo Schimmel tc filter add dev $h3 ingress protocol ipv6 pref 1 handle 1 flower \ 467*2b5a8c8fSIdo Schimmel dst_ip ff0e::3 ip_proto udp dst_port 12345 action drop 468*2b5a8c8fSIdo Schimmel 469*2b5a8c8fSIdo Schimmel # Forwarding should fail before installing a matching (*, G). 470*2b5a8c8fSIdo Schimmel $MZ $h1 -6 -c 1 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ 471*2b5a8c8fSIdo Schimmel -a 00:11:22:33:44:55 -b 33:33:00:00:00:03 \ 472*2b5a8c8fSIdo Schimmel -A 2001:db8:1::2 -B ff0e::3 -q 473*2b5a8c8fSIdo Schimmel 474*2b5a8c8fSIdo Schimmel tc_check_packets "dev $h2 ingress" 1 0 475*2b5a8c8fSIdo Schimmel check_err $? "Multicast received on first host when should not" 476*2b5a8c8fSIdo Schimmel tc_check_packets "dev $h3 ingress" 1 0 477*2b5a8c8fSIdo Schimmel check_err $? "Multicast received on second host when should not" 478*2b5a8c8fSIdo Schimmel 479*2b5a8c8fSIdo Schimmel # Create (*, G). Will not be installed in the kernel. 480*2b5a8c8fSIdo Schimmel create_mcast_sg $rp1 :: ff0e::3 $rp2 $rp3 481*2b5a8c8fSIdo Schimmel 482*2b5a8c8fSIdo Schimmel $MZ $h1 -6 -c 1 -p 128 -t udp "ttl=10,sp=54321,dp=12345" \ 483*2b5a8c8fSIdo Schimmel -a 00:11:22:33:44:55 -b 33:33:00:00:00:03 \ 484*2b5a8c8fSIdo Schimmel -A 2001:db8:1::2 -B ff0e::3 -q 485*2b5a8c8fSIdo Schimmel 486*2b5a8c8fSIdo Schimmel tc_check_packets "dev $h2 ingress" 1 1 487*2b5a8c8fSIdo Schimmel check_err $? "Multicast not received on first host" 488*2b5a8c8fSIdo Schimmel tc_check_packets "dev $h3 ingress" 1 1 489*2b5a8c8fSIdo Schimmel check_err $? "Multicast not received on second host" 490*2b5a8c8fSIdo Schimmel 491*2b5a8c8fSIdo Schimmel delete_mcast_sg $rp1 :: ff0e::3 $rp2 $rp3 492*2b5a8c8fSIdo Schimmel 493*2b5a8c8fSIdo Schimmel tc filter del dev $h3 ingress protocol ipv6 pref 1 handle 1 flower 494*2b5a8c8fSIdo Schimmel tc filter del dev $h2 ingress protocol ipv6 pref 1 handle 1 flower 495*2b5a8c8fSIdo Schimmel 496*2b5a8c8fSIdo Schimmel log_test "Unresolved queue IPv6" 497*2b5a8c8fSIdo Schimmel} 498*2b5a8c8fSIdo Schimmel 4996d4efadaSNir Dotantrap cleanup EXIT 5006d4efadaSNir Dotan 5016d4efadaSNir Dotansetup_prepare 5026d4efadaSNir Dotansetup_wait 5036d4efadaSNir Dotan 5046d4efadaSNir Dotantests_run 5056d4efadaSNir Dotan 5066d4efadaSNir Dotanexit $EXIT_STATUS 507