1#!/bin/bash 2# SPDX-License-Identifier: GPL-2.0 3# 4# Test various aspects of VxLAN offloading which are specific to mlxsw, such 5# as sanitization of invalid configurations and offload indication. 6 7lib_dir=$(dirname $0)/../../../net/forwarding 8 9ALL_TESTS="sanitization_test offload_indication_test \ 10 sanitization_vlan_aware_test offload_indication_vlan_aware_test" 11NUM_NETIFS=2 12source $lib_dir/lib.sh 13 14setup_prepare() 15{ 16 swp1=${NETIFS[p1]} 17 swp2=${NETIFS[p2]} 18 19 ip link set dev $swp1 up 20 ip link set dev $swp2 up 21} 22 23cleanup() 24{ 25 pre_cleanup 26 27 ip link set dev $swp2 down 28 ip link set dev $swp1 down 29} 30 31sanitization_single_dev_test_pass() 32{ 33 ip link set dev $swp1 master br0 34 check_err $? 35 ip link set dev vxlan0 master br0 36 check_err $? 37 38 ip link set dev $swp1 nomaster 39 40 ip link set dev $swp1 master br0 41 check_err $? 42} 43 44sanitization_single_dev_test_fail() 45{ 46 ip link set dev $swp1 master br0 47 check_err $? 48 ip link set dev vxlan0 master br0 &> /dev/null 49 check_fail $? 50 51 ip link set dev $swp1 nomaster 52 53 ip link set dev vxlan0 master br0 54 check_err $? 55 ip link set dev $swp1 master br0 &> /dev/null 56 check_fail $? 57} 58 59sanitization_single_dev_valid_test() 60{ 61 RET=0 62 63 ip link add dev br0 type bridge mcast_snooping 0 64 65 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 66 ttl 20 tos inherit local 198.51.100.1 dstport 4789 67 68 sanitization_single_dev_test_pass 69 70 ip link del dev vxlan0 71 ip link del dev br0 72 73 log_test "vxlan device - valid configuration" 74} 75 76sanitization_single_dev_vlan_aware_test() 77{ 78 RET=0 79 80 ip link add dev br0 type bridge mcast_snooping 0 vlan_filtering 1 81 82 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 83 ttl 20 tos inherit local 198.51.100.1 dstport 4789 84 85 sanitization_single_dev_test_pass 86 87 ip link del dev vxlan0 88 ip link del dev br0 89 90 log_test "vxlan device with a vlan-aware bridge" 91} 92 93sanitization_single_dev_mcast_enabled_test() 94{ 95 RET=0 96 97 ip link add dev br0 type bridge 98 99 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 100 ttl 20 tos inherit local 198.51.100.1 dstport 4789 101 102 sanitization_single_dev_test_fail 103 104 ip link del dev vxlan0 105 ip link del dev br0 106 107 log_test "vxlan device with a multicast enabled bridge" 108} 109 110sanitization_single_dev_mcast_group_test() 111{ 112 RET=0 113 114 ip link add dev br0 type bridge mcast_snooping 0 115 ip link add name dummy1 up type dummy 116 117 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 118 ttl 20 tos inherit local 198.51.100.1 dstport 4789 \ 119 dev dummy1 group 239.0.0.1 120 121 sanitization_single_dev_test_fail 122 123 ip link del dev vxlan0 124 ip link del dev dummy1 125 ip link del dev br0 126 127 log_test "vxlan device with a multicast group" 128} 129 130sanitization_single_dev_no_local_ip_test() 131{ 132 RET=0 133 134 ip link add dev br0 type bridge mcast_snooping 0 135 136 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 137 ttl 20 tos inherit dstport 4789 138 139 sanitization_single_dev_test_fail 140 141 ip link del dev vxlan0 142 ip link del dev br0 143 144 log_test "vxlan device with no local ip" 145} 146 147sanitization_single_dev_local_ipv6_test() 148{ 149 RET=0 150 151 ip link add dev br0 type bridge mcast_snooping 0 152 153 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 154 ttl 20 tos inherit local 2001:db8::1 dstport 4789 155 156 sanitization_single_dev_test_fail 157 158 ip link del dev vxlan0 159 ip link del dev br0 160 161 log_test "vxlan device with local ipv6 address" 162} 163 164sanitization_single_dev_learning_enabled_test() 165{ 166 RET=0 167 168 ip link add dev br0 type bridge mcast_snooping 0 169 170 ip link add name vxlan0 up type vxlan id 10 learning noudpcsum \ 171 ttl 20 tos inherit local 198.51.100.1 dstport 4789 172 173 sanitization_single_dev_test_pass 174 175 ip link del dev vxlan0 176 ip link del dev br0 177 178 log_test "vxlan device with learning enabled" 179} 180 181sanitization_single_dev_local_interface_test() 182{ 183 RET=0 184 185 ip link add dev br0 type bridge mcast_snooping 0 186 ip link add name dummy1 up type dummy 187 188 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 189 ttl 20 tos inherit local 198.51.100.1 dstport 4789 dev dummy1 190 191 sanitization_single_dev_test_fail 192 193 ip link del dev vxlan0 194 ip link del dev dummy1 195 ip link del dev br0 196 197 log_test "vxlan device with local interface" 198} 199 200sanitization_single_dev_port_range_test() 201{ 202 RET=0 203 204 ip link add dev br0 type bridge mcast_snooping 0 205 206 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 207 ttl 20 tos inherit local 198.51.100.1 dstport 4789 \ 208 srcport 4000 5000 209 210 sanitization_single_dev_test_fail 211 212 ip link del dev vxlan0 213 ip link del dev br0 214 215 log_test "vxlan device with udp source port range" 216} 217 218sanitization_single_dev_tos_static_test() 219{ 220 RET=0 221 222 ip link add dev br0 type bridge mcast_snooping 0 223 224 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 225 ttl 20 tos 20 local 198.51.100.1 dstport 4789 226 227 sanitization_single_dev_test_fail 228 229 ip link del dev vxlan0 230 ip link del dev br0 231 232 log_test "vxlan device with static tos" 233} 234 235sanitization_single_dev_ttl_inherit_test() 236{ 237 RET=0 238 239 ip link add dev br0 type bridge mcast_snooping 0 240 241 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 242 ttl inherit tos inherit local 198.51.100.1 dstport 4789 243 244 sanitization_single_dev_test_fail 245 246 ip link del dev vxlan0 247 ip link del dev br0 248 249 log_test "vxlan device with inherit ttl" 250} 251 252sanitization_single_dev_udp_checksum_test() 253{ 254 RET=0 255 256 ip link add dev br0 type bridge mcast_snooping 0 257 258 ip link add name vxlan0 up type vxlan id 10 nolearning udpcsum \ 259 ttl 20 tos inherit local 198.51.100.1 dstport 4789 260 261 sanitization_single_dev_test_fail 262 263 ip link del dev vxlan0 264 ip link del dev br0 265 266 log_test "vxlan device with udp checksum" 267} 268 269sanitization_single_dev_test() 270{ 271 # These tests make sure that we correctly sanitize VxLAN device 272 # configurations we do not support 273 sanitization_single_dev_valid_test 274 sanitization_single_dev_vlan_aware_test 275 sanitization_single_dev_mcast_enabled_test 276 sanitization_single_dev_mcast_group_test 277 sanitization_single_dev_no_local_ip_test 278 sanitization_single_dev_local_ipv6_test 279 sanitization_single_dev_learning_enabled_test 280 sanitization_single_dev_local_interface_test 281 sanitization_single_dev_port_range_test 282 sanitization_single_dev_tos_static_test 283 sanitization_single_dev_ttl_inherit_test 284 sanitization_single_dev_udp_checksum_test 285} 286 287sanitization_multi_devs_test_pass() 288{ 289 ip link set dev $swp1 master br0 290 check_err $? 291 ip link set dev vxlan0 master br0 292 check_err $? 293 ip link set dev $swp2 master br1 294 check_err $? 295 ip link set dev vxlan1 master br1 296 check_err $? 297 298 ip link set dev $swp2 nomaster 299 ip link set dev $swp1 nomaster 300 301 ip link set dev $swp1 master br0 302 check_err $? 303 ip link set dev $swp2 master br1 304 check_err $? 305} 306 307sanitization_multi_devs_test_fail() 308{ 309 ip link set dev $swp1 master br0 310 check_err $? 311 ip link set dev vxlan0 master br0 312 check_err $? 313 ip link set dev $swp2 master br1 314 check_err $? 315 ip link set dev vxlan1 master br1 &> /dev/null 316 check_fail $? 317 318 ip link set dev $swp2 nomaster 319 ip link set dev $swp1 nomaster 320 321 ip link set dev vxlan1 master br1 322 check_err $? 323 ip link set dev $swp1 master br0 324 check_err $? 325 ip link set dev $swp2 master br1 &> /dev/null 326 check_fail $? 327} 328 329sanitization_multi_devs_valid_test() 330{ 331 RET=0 332 333 ip link add dev br0 type bridge mcast_snooping 0 334 ip link add dev br1 type bridge mcast_snooping 0 335 336 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 337 ttl 20 tos inherit local 198.51.100.1 dstport 4789 338 ip link add name vxlan1 up type vxlan id 20 nolearning noudpcsum \ 339 ttl 20 tos inherit local 198.51.100.1 dstport 4789 340 341 sanitization_multi_devs_test_pass 342 343 ip link del dev vxlan1 344 ip link del dev vxlan0 345 ip link del dev br1 346 ip link del dev br0 347 348 log_test "multiple vxlan devices - valid configuration" 349} 350 351sanitization_multi_devs_ttl_test() 352{ 353 RET=0 354 355 ip link add dev br0 type bridge mcast_snooping 0 356 ip link add dev br1 type bridge mcast_snooping 0 357 358 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 359 ttl 20 tos inherit local 198.51.100.1 dstport 4789 360 ip link add name vxlan1 up type vxlan id 20 nolearning noudpcsum \ 361 ttl 40 tos inherit local 198.51.100.1 dstport 4789 362 363 sanitization_multi_devs_test_fail 364 365 ip link del dev vxlan1 366 ip link del dev vxlan0 367 ip link del dev br1 368 ip link del dev br0 369 370 log_test "multiple vxlan devices with different ttl" 371} 372 373sanitization_multi_devs_udp_dstport_test() 374{ 375 RET=0 376 377 ip link add dev br0 type bridge mcast_snooping 0 378 ip link add dev br1 type bridge mcast_snooping 0 379 380 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 381 ttl 20 tos inherit local 198.51.100.1 dstport 4789 382 ip link add name vxlan1 up type vxlan id 20 nolearning noudpcsum \ 383 ttl 20 tos inherit local 198.51.100.1 dstport 5789 384 385 sanitization_multi_devs_test_fail 386 387 ip link del dev vxlan1 388 ip link del dev vxlan0 389 ip link del dev br1 390 ip link del dev br0 391 392 log_test "multiple vxlan devices with different udp destination port" 393} 394 395sanitization_multi_devs_local_ip_test() 396{ 397 RET=0 398 399 ip link add dev br0 type bridge mcast_snooping 0 400 ip link add dev br1 type bridge mcast_snooping 0 401 402 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 403 ttl 20 tos inherit local 198.51.100.1 dstport 4789 404 ip link add name vxlan1 up type vxlan id 20 nolearning noudpcsum \ 405 ttl 20 tos inherit local 198.51.100.2 dstport 4789 406 407 sanitization_multi_devs_test_fail 408 409 ip link del dev vxlan1 410 ip link del dev vxlan0 411 ip link del dev br1 412 ip link del dev br0 413 414 log_test "multiple vxlan devices with different local ip" 415} 416 417sanitization_multi_devs_test() 418{ 419 # The device has a single VTEP, which means all the VxLAN devices 420 # we offload must share certain properties such as source IP and 421 # UDP destination port. These tests make sure that we forbid 422 # configurations that violate this limitation 423 sanitization_multi_devs_valid_test 424 sanitization_multi_devs_ttl_test 425 sanitization_multi_devs_udp_dstport_test 426 sanitization_multi_devs_local_ip_test 427} 428 429sanitization_test() 430{ 431 sanitization_single_dev_test 432 sanitization_multi_devs_test 433} 434 435offload_indication_setup_create() 436{ 437 # Create a simple setup with two bridges, each with a VxLAN device 438 # and one local port 439 ip link add name br0 up type bridge mcast_snooping 0 440 ip link add name br1 up type bridge mcast_snooping 0 441 442 ip link set dev $swp1 master br0 443 ip link set dev $swp2 master br1 444 445 ip address add 198.51.100.1/32 dev lo 446 447 ip link add name vxlan0 up master br0 type vxlan id 10 nolearning \ 448 noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789 449 ip link add name vxlan1 up master br1 type vxlan id 20 nolearning \ 450 noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789 451} 452 453offload_indication_setup_destroy() 454{ 455 ip link del dev vxlan1 456 ip link del dev vxlan0 457 458 ip address del 198.51.100.1/32 dev lo 459 460 ip link set dev $swp2 nomaster 461 ip link set dev $swp1 nomaster 462 463 ip link del dev br1 464 ip link del dev br0 465} 466 467offload_indication_fdb_flood_test() 468{ 469 RET=0 470 471 bridge fdb append 00:00:00:00:00:00 dev vxlan0 self dst 198.51.100.2 472 473 bridge fdb show brport vxlan0 | grep 00:00:00:00:00:00 \ 474 | grep -q offload 475 check_err $? 476 477 bridge fdb del 00:00:00:00:00:00 dev vxlan0 self 478 479 log_test "vxlan flood entry offload indication" 480} 481 482offload_indication_fdb_bridge_test() 483{ 484 RET=0 485 486 bridge fdb add de:ad:be:ef:13:37 dev vxlan0 self master static \ 487 dst 198.51.100.2 488 489 bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep self \ 490 | grep -q offload 491 check_err $? 492 bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep -v self \ 493 | grep -q offload 494 check_err $? 495 496 log_test "vxlan entry offload indication - initial state" 497 498 # Remove FDB entry from the bridge driver and check that corresponding 499 # entry in the VxLAN driver is not marked as offloaded 500 RET=0 501 502 bridge fdb del de:ad:be:ef:13:37 dev vxlan0 master 503 bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep self \ 504 | grep -q offload 505 check_fail $? 506 507 log_test "vxlan entry offload indication - after removal from bridge" 508 509 # Add the FDB entry back to the bridge driver and make sure it is 510 # marked as offloaded in both drivers 511 RET=0 512 513 bridge fdb add de:ad:be:ef:13:37 dev vxlan0 master static 514 bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep self \ 515 | grep -q offload 516 check_err $? 517 bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep -v self \ 518 | grep -q offload 519 check_err $? 520 521 log_test "vxlan entry offload indication - after re-add to bridge" 522 523 # Remove FDB entry from the VxLAN driver and check that corresponding 524 # entry in the bridge driver is not marked as offloaded 525 RET=0 526 527 bridge fdb del de:ad:be:ef:13:37 dev vxlan0 self 528 bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep -v self \ 529 | grep -q offload 530 check_fail $? 531 532 log_test "vxlan entry offload indication - after removal from vxlan" 533 534 # Add the FDB entry back to the VxLAN driver and make sure it is 535 # marked as offloaded in both drivers 536 RET=0 537 538 bridge fdb add de:ad:be:ef:13:37 dev vxlan0 self dst 198.51.100.2 539 bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep self \ 540 | grep -q offload 541 check_err $? 542 bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep -v self \ 543 | grep -q offload 544 check_err $? 545 546 log_test "vxlan entry offload indication - after re-add to vxlan" 547 548 bridge fdb del de:ad:be:ef:13:37 dev vxlan0 self master 549} 550 551offload_indication_fdb_test() 552{ 553 offload_indication_fdb_flood_test 554 offload_indication_fdb_bridge_test 555} 556 557offload_indication_decap_route_test() 558{ 559 RET=0 560 561 ip route show table local | grep 198.51.100.1 | grep -q offload 562 check_err $? 563 564 ip link set dev vxlan0 down 565 ip route show table local | grep 198.51.100.1 | grep -q offload 566 check_err $? 567 568 ip link set dev vxlan1 down 569 ip route show table local | grep 198.51.100.1 | grep -q offload 570 check_fail $? 571 572 log_test "vxlan decap route - vxlan device down" 573 574 RET=0 575 576 ip link set dev vxlan1 up 577 ip route show table local | grep 198.51.100.1 | grep -q offload 578 check_err $? 579 580 ip link set dev vxlan0 up 581 ip route show table local | grep 198.51.100.1 | grep -q offload 582 check_err $? 583 584 log_test "vxlan decap route - vxlan device up" 585 586 RET=0 587 588 ip address delete 198.51.100.1/32 dev lo 589 ip route show table local | grep 198.51.100.1 | grep -q offload 590 check_fail $? 591 592 ip address add 198.51.100.1/32 dev lo 593 ip route show table local | grep 198.51.100.1 | grep -q offload 594 check_err $? 595 596 log_test "vxlan decap route - add local route" 597 598 RET=0 599 600 ip link set dev $swp1 nomaster 601 ip route show table local | grep 198.51.100.1 | grep -q offload 602 check_err $? 603 604 ip link set dev $swp2 nomaster 605 ip route show table local | grep 198.51.100.1 | grep -q offload 606 check_fail $? 607 608 ip link set dev $swp1 master br0 609 ip link set dev $swp2 master br1 610 ip route show table local | grep 198.51.100.1 | grep -q offload 611 check_err $? 612 613 log_test "vxlan decap route - local ports enslavement" 614 615 RET=0 616 617 ip link del dev br0 618 ip route show table local | grep 198.51.100.1 | grep -q offload 619 check_err $? 620 621 ip link del dev br1 622 ip route show table local | grep 198.51.100.1 | grep -q offload 623 check_fail $? 624 625 log_test "vxlan decap route - bridge device deletion" 626 627 RET=0 628 629 ip link add name br0 up type bridge mcast_snooping 0 630 ip link add name br1 up type bridge mcast_snooping 0 631 ip link set dev $swp1 master br0 632 ip link set dev $swp2 master br1 633 ip link set dev vxlan0 master br0 634 ip link set dev vxlan1 master br1 635 ip route show table local | grep 198.51.100.1 | grep -q offload 636 check_err $? 637 638 ip link del dev vxlan0 639 ip route show table local | grep 198.51.100.1 | grep -q offload 640 check_err $? 641 642 ip link del dev vxlan1 643 ip route show table local | grep 198.51.100.1 | grep -q offload 644 check_fail $? 645 646 log_test "vxlan decap route - vxlan device deletion" 647 648 ip link add name vxlan0 up master br0 type vxlan id 10 nolearning \ 649 noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789 650 ip link add name vxlan1 up master br1 type vxlan id 20 nolearning \ 651 noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789 652} 653 654check_fdb_offloaded() 655{ 656 local mac=00:11:22:33:44:55 657 local zmac=00:00:00:00:00:00 658 659 bridge fdb show dev vxlan0 | grep $mac | grep self | grep -q offload 660 check_err $? 661 bridge fdb show dev vxlan0 | grep $mac | grep master | grep -q offload 662 check_err $? 663 664 bridge fdb show dev vxlan0 | grep $zmac | grep self | grep -q offload 665 check_err $? 666} 667 668check_vxlan_fdb_not_offloaded() 669{ 670 local mac=00:11:22:33:44:55 671 local zmac=00:00:00:00:00:00 672 673 bridge fdb show dev vxlan0 | grep $mac | grep -q self 674 check_err $? 675 bridge fdb show dev vxlan0 | grep $mac | grep self | grep -q offload 676 check_fail $? 677 678 bridge fdb show dev vxlan0 | grep $zmac | grep -q self 679 check_err $? 680 bridge fdb show dev vxlan0 | grep $zmac | grep self | grep -q offload 681 check_fail $? 682} 683 684check_bridge_fdb_not_offloaded() 685{ 686 local mac=00:11:22:33:44:55 687 local zmac=00:00:00:00:00:00 688 689 bridge fdb show dev vxlan0 | grep $mac | grep -q master 690 check_err $? 691 bridge fdb show dev vxlan0 | grep $mac | grep master | grep -q offload 692 check_fail $? 693} 694 695__offload_indication_join_vxlan_first() 696{ 697 local vid=$1; shift 698 699 local mac=00:11:22:33:44:55 700 local zmac=00:00:00:00:00:00 701 702 bridge fdb append $zmac dev vxlan0 self dst 198.51.100.2 703 704 ip link set dev vxlan0 master br0 705 bridge fdb add dev vxlan0 $mac self master static dst 198.51.100.2 706 707 RET=0 708 check_vxlan_fdb_not_offloaded 709 ip link set dev $swp1 master br0 710 sleep .1 711 check_fdb_offloaded 712 log_test "offload indication - attach vxlan first" 713 714 RET=0 715 ip link set dev vxlan0 down 716 check_vxlan_fdb_not_offloaded 717 check_bridge_fdb_not_offloaded 718 log_test "offload indication - set vxlan down" 719 720 RET=0 721 ip link set dev vxlan0 up 722 sleep .1 723 check_fdb_offloaded 724 log_test "offload indication - set vxlan up" 725 726 if [[ ! -z $vid ]]; then 727 RET=0 728 bridge vlan del dev vxlan0 vid $vid 729 check_vxlan_fdb_not_offloaded 730 check_bridge_fdb_not_offloaded 731 log_test "offload indication - delete VLAN" 732 733 RET=0 734 bridge vlan add dev vxlan0 vid $vid 735 check_vxlan_fdb_not_offloaded 736 check_bridge_fdb_not_offloaded 737 log_test "offload indication - add tagged VLAN" 738 739 RET=0 740 bridge vlan add dev vxlan0 vid $vid pvid untagged 741 sleep .1 742 check_fdb_offloaded 743 log_test "offload indication - add pvid/untagged VLAN" 744 fi 745 746 RET=0 747 ip link set dev $swp1 nomaster 748 check_vxlan_fdb_not_offloaded 749 log_test "offload indication - detach port" 750} 751 752offload_indication_join_vxlan_first() 753{ 754 ip link add dev br0 up type bridge mcast_snooping 0 755 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 756 ttl 20 tos inherit local 198.51.100.1 dstport 4789 757 758 __offload_indication_join_vxlan_first 759 760 ip link del dev vxlan0 761 ip link del dev br0 762} 763 764__offload_indication_join_vxlan_last() 765{ 766 local zmac=00:00:00:00:00:00 767 768 RET=0 769 770 bridge fdb append $zmac dev vxlan0 self dst 198.51.100.2 771 772 ip link set dev $swp1 master br0 773 774 bridge fdb show dev vxlan0 | grep $zmac | grep self | grep -q offload 775 check_fail $? 776 777 ip link set dev vxlan0 master br0 778 779 bridge fdb show dev vxlan0 | grep $zmac | grep self | grep -q offload 780 check_err $? 781 782 log_test "offload indication - attach vxlan last" 783} 784 785offload_indication_join_vxlan_last() 786{ 787 ip link add dev br0 up type bridge mcast_snooping 0 788 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 789 ttl 20 tos inherit local 198.51.100.1 dstport 4789 790 791 __offload_indication_join_vxlan_last 792 793 ip link del dev vxlan0 794 ip link del dev br0 795} 796 797offload_indication_test() 798{ 799 offload_indication_setup_create 800 offload_indication_fdb_test 801 offload_indication_decap_route_test 802 offload_indication_setup_destroy 803 804 log_info "offload indication - replay & cleanup" 805 offload_indication_join_vxlan_first 806 offload_indication_join_vxlan_last 807} 808 809sanitization_vlan_aware_test() 810{ 811 RET=0 812 813 ip link add dev br0 type bridge mcast_snooping 0 vlan_filtering 1 814 815 ip link add name vxlan10 up master br0 type vxlan id 10 nolearning \ 816 noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789 817 818 ip link add name vxlan20 up master br0 type vxlan id 20 nolearning \ 819 noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789 820 821 # Test that when each VNI is mapped to a different VLAN we can enslave 822 # a port to the bridge 823 bridge vlan add vid 10 dev vxlan10 pvid untagged 824 bridge vlan add vid 20 dev vxlan20 pvid untagged 825 826 ip link set dev $swp1 master br0 827 check_err $? 828 829 log_test "vlan-aware - enslavement to vlan-aware bridge" 830 831 # Try to map both VNIs to the same VLAN and make sure configuration 832 # fails 833 RET=0 834 835 bridge vlan add vid 10 dev vxlan20 pvid untagged &> /dev/null 836 check_fail $? 837 838 log_test "vlan-aware - two vnis mapped to the same vlan" 839 840 # Test that enslavement of a port to a bridge fails when two VNIs 841 # are mapped to the same VLAN 842 RET=0 843 844 ip link set dev $swp1 nomaster 845 846 bridge vlan del vid 20 dev vxlan20 pvid untagged 847 bridge vlan add vid 10 dev vxlan20 pvid untagged 848 849 ip link set dev $swp1 master br0 &> /dev/null 850 check_fail $? 851 852 log_test "vlan-aware - failed enslavement to vlan-aware bridge" 853 854 bridge vlan del vid 10 dev vxlan20 855 bridge vlan add vid 20 dev vxlan20 pvid untagged 856 857 # Test that offloading of an unsupported tunnel fails when it is 858 # triggered by addition of VLAN to a local port 859 RET=0 860 861 # TOS must be set to inherit 862 ip link set dev vxlan10 type vxlan tos 42 863 864 ip link set dev $swp1 master br0 865 bridge vlan add vid 10 dev $swp1 &> /dev/null 866 check_fail $? 867 868 log_test "vlan-aware - failed vlan addition to a local port" 869 870 ip link set dev vxlan10 type vxlan tos inherit 871 872 ip link del dev vxlan20 873 ip link del dev vxlan10 874 ip link del dev br0 875} 876 877offload_indication_vlan_aware_setup_create() 878{ 879 # Create a simple setup with two VxLAN devices and a single VLAN-aware 880 # bridge 881 ip link add name br0 up type bridge mcast_snooping 0 vlan_filtering 1 \ 882 vlan_default_pvid 0 883 884 ip link set dev $swp1 master br0 885 886 bridge vlan add vid 10 dev $swp1 887 bridge vlan add vid 20 dev $swp1 888 889 ip address add 198.51.100.1/32 dev lo 890 891 ip link add name vxlan10 up master br0 type vxlan id 10 nolearning \ 892 noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789 893 ip link add name vxlan20 up master br0 type vxlan id 20 nolearning \ 894 noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789 895 896 bridge vlan add vid 10 dev vxlan10 pvid untagged 897 bridge vlan add vid 20 dev vxlan20 pvid untagged 898} 899 900offload_indication_vlan_aware_setup_destroy() 901{ 902 bridge vlan del vid 20 dev vxlan20 903 bridge vlan del vid 10 dev vxlan10 904 905 ip link del dev vxlan20 906 ip link del dev vxlan10 907 908 ip address del 198.51.100.1/32 dev lo 909 910 bridge vlan del vid 20 dev $swp1 911 bridge vlan del vid 10 dev $swp1 912 913 ip link set dev $swp1 nomaster 914 915 ip link del dev br0 916} 917 918offload_indication_vlan_aware_fdb_test() 919{ 920 RET=0 921 922 log_info "vxlan entry offload indication - vlan-aware" 923 924 bridge fdb add de:ad:be:ef:13:37 dev vxlan10 self master static \ 925 dst 198.51.100.2 vlan 10 926 927 bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep self \ 928 | grep -q offload 929 check_err $? 930 bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep -v self \ 931 | grep -q offload 932 check_err $? 933 934 log_test "vxlan entry offload indication - initial state" 935 936 # Remove FDB entry from the bridge driver and check that corresponding 937 # entry in the VxLAN driver is not marked as offloaded 938 RET=0 939 940 bridge fdb del de:ad:be:ef:13:37 dev vxlan10 master vlan 10 941 bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep self \ 942 | grep -q offload 943 check_fail $? 944 945 log_test "vxlan entry offload indication - after removal from bridge" 946 947 # Add the FDB entry back to the bridge driver and make sure it is 948 # marked as offloaded in both drivers 949 RET=0 950 951 bridge fdb add de:ad:be:ef:13:37 dev vxlan10 master static vlan 10 952 bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep self \ 953 | grep -q offload 954 check_err $? 955 bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep -v self \ 956 | grep -q offload 957 check_err $? 958 959 log_test "vxlan entry offload indication - after re-add to bridge" 960 961 # Remove FDB entry from the VxLAN driver and check that corresponding 962 # entry in the bridge driver is not marked as offloaded 963 RET=0 964 965 bridge fdb del de:ad:be:ef:13:37 dev vxlan10 self 966 bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep -v self \ 967 | grep -q offload 968 check_fail $? 969 970 log_test "vxlan entry offload indication - after removal from vxlan" 971 972 # Add the FDB entry back to the VxLAN driver and make sure it is 973 # marked as offloaded in both drivers 974 RET=0 975 976 bridge fdb add de:ad:be:ef:13:37 dev vxlan10 self dst 198.51.100.2 977 bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep self \ 978 | grep -q offload 979 check_err $? 980 bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep -v self \ 981 | grep -q offload 982 check_err $? 983 984 log_test "vxlan entry offload indication - after re-add to vxlan" 985 986 bridge fdb del de:ad:be:ef:13:37 dev vxlan10 self master vlan 10 987} 988 989offload_indication_vlan_aware_decap_route_test() 990{ 991 RET=0 992 993 ip route show table local | grep 198.51.100.1 | grep -q offload 994 check_err $? 995 996 # Toggle PVID flag on one VxLAN device and make sure route is still 997 # marked as offloaded 998 bridge vlan add vid 10 dev vxlan10 untagged 999 1000 ip route show table local | grep 198.51.100.1 | grep -q offload 1001 check_err $? 1002 1003 # Toggle PVID flag on second VxLAN device and make sure route is no 1004 # longer marked as offloaded 1005 bridge vlan add vid 20 dev vxlan20 untagged 1006 1007 ip route show table local | grep 198.51.100.1 | grep -q offload 1008 check_fail $? 1009 1010 # Toggle PVID flag back and make sure route is marked as offloaded 1011 bridge vlan add vid 10 dev vxlan10 pvid untagged 1012 bridge vlan add vid 20 dev vxlan20 pvid untagged 1013 1014 ip route show table local | grep 198.51.100.1 | grep -q offload 1015 check_err $? 1016 1017 log_test "vxlan decap route - vni map/unmap" 1018} 1019 1020offload_indication_vlan_aware_join_vxlan_first() 1021{ 1022 ip link add dev br0 up type bridge mcast_snooping 0 \ 1023 vlan_filtering 1 vlan_default_pvid 1 1024 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 1025 ttl 20 tos inherit local 198.51.100.1 dstport 4789 1026 1027 __offload_indication_join_vxlan_first 1 1028 1029 ip link del dev vxlan0 1030 ip link del dev br0 1031} 1032 1033offload_indication_vlan_aware_join_vxlan_last() 1034{ 1035 ip link add dev br0 up type bridge mcast_snooping 0 \ 1036 vlan_filtering 1 vlan_default_pvid 1 1037 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 1038 ttl 20 tos inherit local 198.51.100.1 dstport 4789 1039 1040 __offload_indication_join_vxlan_last 1041 1042 ip link del dev vxlan0 1043 ip link del dev br0 1044} 1045 1046offload_indication_vlan_aware_l3vni_test() 1047{ 1048 local zmac=00:00:00:00:00:00 1049 1050 RET=0 1051 1052 sysctl_set net.ipv6.conf.default.disable_ipv6 1 1053 ip link add dev br0 up type bridge mcast_snooping 0 \ 1054 vlan_filtering 1 vlan_default_pvid 0 1055 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 1056 ttl 20 tos inherit local 198.51.100.1 dstport 4789 1057 1058 ip link set dev $swp1 master br0 1059 1060 # The test will use the offload indication on the FDB entry to 1061 # understand if the tunnel is offloaded or not 1062 bridge fdb append $zmac dev vxlan0 self dst 192.0.2.1 1063 1064 ip link set dev vxlan0 master br0 1065 bridge vlan add dev vxlan0 vid 10 pvid untagged 1066 1067 # No local port or router port is member in the VLAN, so tunnel should 1068 # not be offloaded 1069 bridge fdb show brport vxlan0 | grep $zmac | grep self \ 1070 | grep -q offload 1071 check_fail $? "vxlan tunnel offloaded when should not" 1072 1073 # Configure a VLAN interface and make sure tunnel is offloaded 1074 ip link add link br0 name br10 up type vlan id 10 1075 sysctl_set net.ipv6.conf.br10.disable_ipv6 0 1076 ip -6 address add 2001:db8:1::1/64 dev br10 1077 bridge fdb show brport vxlan0 | grep $zmac | grep self \ 1078 | grep -q offload 1079 check_err $? "vxlan tunnel not offloaded when should" 1080 1081 # Unlink the VXLAN device, make sure tunnel is no longer offloaded, 1082 # then add it back to the bridge and make sure it is offloaded 1083 ip link set dev vxlan0 nomaster 1084 bridge fdb show brport vxlan0 | grep $zmac | grep self \ 1085 | grep -q offload 1086 check_fail $? "vxlan tunnel offloaded after unlinked from bridge" 1087 1088 ip link set dev vxlan0 master br0 1089 bridge fdb show brport vxlan0 | grep $zmac | grep self \ 1090 | grep -q offload 1091 check_fail $? "vxlan tunnel offloaded despite no matching vid" 1092 1093 bridge vlan add dev vxlan0 vid 10 pvid untagged 1094 bridge fdb show brport vxlan0 | grep $zmac | grep self \ 1095 | grep -q offload 1096 check_err $? "vxlan tunnel not offloaded after adding vid" 1097 1098 log_test "vxlan - l3 vni" 1099 1100 ip link del dev vxlan0 1101 ip link del dev br0 1102 sysctl_restore net.ipv6.conf.default.disable_ipv6 1103} 1104 1105offload_indication_vlan_aware_test() 1106{ 1107 offload_indication_vlan_aware_setup_create 1108 offload_indication_vlan_aware_fdb_test 1109 offload_indication_vlan_aware_decap_route_test 1110 offload_indication_vlan_aware_setup_destroy 1111 1112 log_info "offload indication - replay & cleanup - vlan aware" 1113 offload_indication_vlan_aware_join_vxlan_first 1114 offload_indication_vlan_aware_join_vxlan_last 1115 offload_indication_vlan_aware_l3vni_test 1116} 1117 1118trap cleanup EXIT 1119 1120setup_prepare 1121setup_wait 1122 1123tests_run 1124 1125exit $EXIT_STATUS 1126