1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0
3#
4# Test various aspects of VxLAN offloading which are specific to mlxsw, such
5# as sanitization of invalid configurations and offload indication.
6
7lib_dir=$(dirname $0)/../../../net/forwarding
8
9ALL_TESTS="sanitization_test offload_indication_test"
10NUM_NETIFS=2
11source $lib_dir/lib.sh
12
13setup_prepare()
14{
15	swp1=${NETIFS[p1]}
16	swp2=${NETIFS[p2]}
17
18	ip link set dev $swp1 up
19	ip link set dev $swp2 up
20}
21
22cleanup()
23{
24	pre_cleanup
25
26	ip link set dev $swp2 down
27	ip link set dev $swp1 down
28}
29
30sanitization_single_dev_test_pass()
31{
32	ip link set dev $swp1 master br0
33	check_err $?
34	ip link set dev vxlan0 master br0
35	check_err $?
36
37	ip link set dev $swp1 nomaster
38
39	ip link set dev $swp1 master br0
40	check_err $?
41}
42
43sanitization_single_dev_test_fail()
44{
45	ip link set dev $swp1 master br0
46	check_err $?
47	ip link set dev vxlan0 master br0 &> /dev/null
48	check_fail $?
49
50	ip link set dev $swp1 nomaster
51
52	ip link set dev vxlan0 master br0
53	check_err $?
54	ip link set dev $swp1 master br0 &> /dev/null
55	check_fail $?
56}
57
58sanitization_single_dev_valid_test()
59{
60	RET=0
61
62	ip link add dev br0 type bridge mcast_snooping 0
63
64	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
65		ttl 20 tos inherit local 198.51.100.1 dstport 4789
66
67	sanitization_single_dev_test_pass
68
69	ip link del dev vxlan0
70	ip link del dev br0
71
72	log_test "vxlan device - valid configuration"
73}
74
75sanitization_single_dev_vlan_aware_test()
76{
77	RET=0
78
79	ip link add dev br0 type bridge mcast_snooping 0 vlan_filtering 1
80
81	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
82		ttl 20 tos inherit local 198.51.100.1 dstport 4789
83
84	sanitization_single_dev_test_fail
85
86	ip link del dev vxlan0
87	ip link del dev br0
88
89	log_test "vxlan device with a vlan-aware bridge"
90}
91
92sanitization_single_dev_mcast_enabled_test()
93{
94	RET=0
95
96	ip link add dev br0 type bridge
97
98	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
99		ttl 20 tos inherit local 198.51.100.1 dstport 4789
100
101	sanitization_single_dev_test_fail
102
103	ip link del dev vxlan0
104	ip link del dev br0
105
106	log_test "vxlan device with a multicast enabled bridge"
107}
108
109sanitization_single_dev_mcast_group_test()
110{
111	RET=0
112
113	ip link add dev br0 type bridge mcast_snooping 0
114
115	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
116		ttl 20 tos inherit local 198.51.100.1 dstport 4789 \
117		dev $swp2 group 239.0.0.1
118
119	sanitization_single_dev_test_fail
120
121	ip link del dev vxlan0
122	ip link del dev br0
123
124	log_test "vxlan device with a multicast group"
125}
126
127sanitization_single_dev_no_local_ip_test()
128{
129	RET=0
130
131	ip link add dev br0 type bridge mcast_snooping 0
132
133	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
134		ttl 20 tos inherit dstport 4789
135
136	sanitization_single_dev_test_fail
137
138	ip link del dev vxlan0
139	ip link del dev br0
140
141	log_test "vxlan device with no local ip"
142}
143
144sanitization_single_dev_local_ipv6_test()
145{
146	RET=0
147
148	ip link add dev br0 type bridge mcast_snooping 0
149
150	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
151		ttl 20 tos inherit local 2001:db8::1 dstport 4789
152
153	sanitization_single_dev_test_fail
154
155	ip link del dev vxlan0
156	ip link del dev br0
157
158	log_test "vxlan device with local ipv6 address"
159}
160
161sanitization_single_dev_learning_enabled_test()
162{
163	RET=0
164
165	ip link add dev br0 type bridge mcast_snooping 0
166
167	ip link add name vxlan0 up type vxlan id 10 learning noudpcsum \
168		ttl 20 tos inherit local 198.51.100.1 dstport 4789
169
170	sanitization_single_dev_test_pass
171
172	ip link del dev vxlan0
173	ip link del dev br0
174
175	log_test "vxlan device with learning enabled"
176}
177
178sanitization_single_dev_local_interface_test()
179{
180	RET=0
181
182	ip link add dev br0 type bridge mcast_snooping 0
183
184	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
185		ttl 20 tos inherit local 198.51.100.1 dstport 4789 dev $swp2
186
187	sanitization_single_dev_test_fail
188
189	ip link del dev vxlan0
190	ip link del dev br0
191
192	log_test "vxlan device with local interface"
193}
194
195sanitization_single_dev_port_range_test()
196{
197	RET=0
198
199	ip link add dev br0 type bridge mcast_snooping 0
200
201	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
202		ttl 20 tos inherit local 198.51.100.1 dstport 4789 \
203		srcport 4000 5000
204
205	sanitization_single_dev_test_fail
206
207	ip link del dev vxlan0
208	ip link del dev br0
209
210	log_test "vxlan device with udp source port range"
211}
212
213sanitization_single_dev_tos_static_test()
214{
215	RET=0
216
217	ip link add dev br0 type bridge mcast_snooping 0
218
219	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
220		ttl 20 tos 20 local 198.51.100.1 dstport 4789
221
222	sanitization_single_dev_test_fail
223
224	ip link del dev vxlan0
225	ip link del dev br0
226
227	log_test "vxlan device with static tos"
228}
229
230sanitization_single_dev_ttl_inherit_test()
231{
232	RET=0
233
234	ip link add dev br0 type bridge mcast_snooping 0
235
236	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
237		ttl inherit tos inherit local 198.51.100.1 dstport 4789
238
239	sanitization_single_dev_test_fail
240
241	ip link del dev vxlan0
242	ip link del dev br0
243
244	log_test "vxlan device with inherit ttl"
245}
246
247sanitization_single_dev_udp_checksum_test()
248{
249	RET=0
250
251	ip link add dev br0 type bridge mcast_snooping 0
252
253	ip link add name vxlan0 up type vxlan id 10 nolearning udpcsum \
254		ttl 20 tos inherit local 198.51.100.1 dstport 4789
255
256	sanitization_single_dev_test_fail
257
258	ip link del dev vxlan0
259	ip link del dev br0
260
261	log_test "vxlan device with udp checksum"
262}
263
264sanitization_single_dev_test()
265{
266	# These tests make sure that we correctly sanitize VxLAN device
267	# configurations we do not support
268	sanitization_single_dev_valid_test
269	sanitization_single_dev_vlan_aware_test
270	sanitization_single_dev_mcast_enabled_test
271	sanitization_single_dev_mcast_group_test
272	sanitization_single_dev_no_local_ip_test
273	sanitization_single_dev_local_ipv6_test
274	sanitization_single_dev_learning_enabled_test
275	sanitization_single_dev_local_interface_test
276	sanitization_single_dev_port_range_test
277	sanitization_single_dev_tos_static_test
278	sanitization_single_dev_ttl_inherit_test
279	sanitization_single_dev_udp_checksum_test
280}
281
282sanitization_multi_devs_test_pass()
283{
284	ip link set dev $swp1 master br0
285	check_err $?
286	ip link set dev vxlan0 master br0
287	check_err $?
288	ip link set dev $swp2 master br1
289	check_err $?
290	ip link set dev vxlan1 master br1
291	check_err $?
292
293	ip link set dev $swp2 nomaster
294	ip link set dev $swp1 nomaster
295
296	ip link set dev $swp1 master br0
297	check_err $?
298	ip link set dev $swp2 master br1
299	check_err $?
300}
301
302sanitization_multi_devs_test_fail()
303{
304	ip link set dev $swp1 master br0
305	check_err $?
306	ip link set dev vxlan0 master br0
307	check_err $?
308	ip link set dev $swp2 master br1
309	check_err $?
310	ip link set dev vxlan1 master br1 &> /dev/null
311	check_fail $?
312
313	ip link set dev $swp2 nomaster
314	ip link set dev $swp1 nomaster
315
316	ip link set dev vxlan1 master br1
317	check_err $?
318	ip link set dev $swp1 master br0
319	check_err $?
320	ip link set dev $swp2 master br1 &> /dev/null
321	check_fail $?
322}
323
324sanitization_multi_devs_valid_test()
325{
326	RET=0
327
328	ip link add dev br0 type bridge mcast_snooping 0
329	ip link add dev br1 type bridge mcast_snooping 0
330
331	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
332		ttl 20 tos inherit local 198.51.100.1 dstport 4789
333	ip link add name vxlan1 up type vxlan id 20 nolearning noudpcsum \
334		ttl 20 tos inherit local 198.51.100.1 dstport 4789
335
336	sanitization_multi_devs_test_pass
337
338	ip link del dev vxlan1
339	ip link del dev vxlan0
340	ip link del dev br1
341	ip link del dev br0
342
343	log_test "multiple vxlan devices - valid configuration"
344}
345
346sanitization_multi_devs_ttl_test()
347{
348	RET=0
349
350	ip link add dev br0 type bridge mcast_snooping 0
351	ip link add dev br1 type bridge mcast_snooping 0
352
353	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
354		ttl 20 tos inherit local 198.51.100.1 dstport 4789
355	ip link add name vxlan1 up type vxlan id 20 nolearning noudpcsum \
356		ttl 40 tos inherit local 198.51.100.1 dstport 4789
357
358	sanitization_multi_devs_test_fail
359
360	ip link del dev vxlan1
361	ip link del dev vxlan0
362	ip link del dev br1
363	ip link del dev br0
364
365	log_test "multiple vxlan devices with different ttl"
366}
367
368sanitization_multi_devs_udp_dstport_test()
369{
370	RET=0
371
372	ip link add dev br0 type bridge mcast_snooping 0
373	ip link add dev br1 type bridge mcast_snooping 0
374
375	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
376		ttl 20 tos inherit local 198.51.100.1 dstport 4789
377	ip link add name vxlan1 up type vxlan id 20 nolearning noudpcsum \
378		ttl 20 tos inherit local 198.51.100.1 dstport 5789
379
380	sanitization_multi_devs_test_fail
381
382	ip link del dev vxlan1
383	ip link del dev vxlan0
384	ip link del dev br1
385	ip link del dev br0
386
387	log_test "multiple vxlan devices with different udp destination port"
388}
389
390sanitization_multi_devs_local_ip_test()
391{
392	RET=0
393
394	ip link add dev br0 type bridge mcast_snooping 0
395	ip link add dev br1 type bridge mcast_snooping 0
396
397	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
398		ttl 20 tos inherit local 198.51.100.1 dstport 4789
399	ip link add name vxlan1 up type vxlan id 20 nolearning noudpcsum \
400		ttl 20 tos inherit local 198.51.100.2 dstport 4789
401
402	sanitization_multi_devs_test_fail
403
404	ip link del dev vxlan1
405	ip link del dev vxlan0
406	ip link del dev br1
407	ip link del dev br0
408
409	log_test "multiple vxlan devices with different local ip"
410}
411
412sanitization_multi_devs_test()
413{
414	# The device has a single VTEP, which means all the VxLAN devices
415	# we offload must share certain properties such as source IP and
416	# UDP destination port. These tests make sure that we forbid
417	# configurations that violate this limitation
418	sanitization_multi_devs_valid_test
419	sanitization_multi_devs_ttl_test
420	sanitization_multi_devs_udp_dstport_test
421	sanitization_multi_devs_local_ip_test
422}
423
424sanitization_test()
425{
426	sanitization_single_dev_test
427	sanitization_multi_devs_test
428}
429
430offload_indication_setup_create()
431{
432	# Create a simple setup with two bridges, each with a VxLAN device
433	# and one local port
434	ip link add name br0 up type bridge mcast_snooping 0
435	ip link add name br1 up type bridge mcast_snooping 0
436
437	ip link set dev $swp1 master br0
438	ip link set dev $swp2 master br1
439
440	ip address add 198.51.100.1/32 dev lo
441
442	ip link add name vxlan0 up master br0 type vxlan id 10 nolearning \
443		noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789
444	ip link add name vxlan1 up master br1 type vxlan id 20 nolearning \
445		noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789
446}
447
448offload_indication_setup_destroy()
449{
450	ip link del dev vxlan1
451	ip link del dev vxlan0
452
453	ip address del 198.51.100.1/32 dev lo
454
455	ip link set dev $swp2 nomaster
456	ip link set dev $swp1 nomaster
457
458	ip link del dev br1
459	ip link del dev br0
460}
461
462offload_indication_fdb_flood_test()
463{
464	RET=0
465
466	bridge fdb append 00:00:00:00:00:00 dev vxlan0 self dst 198.51.100.2
467
468	bridge fdb show brport vxlan0 | grep 00:00:00:00:00:00 \
469		| grep -q offload
470	check_err $?
471
472	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self
473
474	log_test "vxlan flood entry offload indication"
475}
476
477offload_indication_fdb_bridge_test()
478{
479	RET=0
480
481	bridge fdb add de:ad:be:ef:13:37 dev vxlan0 self master static \
482		dst 198.51.100.2
483
484	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep self \
485		| grep -q offload
486	check_err $?
487	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep -v self \
488		| grep -q offload
489	check_err $?
490
491	log_test "vxlan entry offload indication - initial state"
492
493	# Remove FDB entry from the bridge driver and check that corresponding
494	# entry in the VxLAN driver is not marked as offloaded
495	RET=0
496
497	bridge fdb del de:ad:be:ef:13:37 dev vxlan0 master
498	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep self \
499		| grep -q offload
500	check_fail $?
501
502	log_test "vxlan entry offload indication - after removal from bridge"
503
504	# Add the FDB entry back to the bridge driver and make sure it is
505	# marked as offloaded in both drivers
506	RET=0
507
508	bridge fdb add de:ad:be:ef:13:37 dev vxlan0 master static
509	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep self \
510		| grep -q offload
511	check_err $?
512	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep -v self \
513		| grep -q offload
514	check_err $?
515
516	log_test "vxlan entry offload indication - after re-add to bridge"
517
518	# Remove FDB entry from the VxLAN driver and check that corresponding
519	# entry in the bridge driver is not marked as offloaded
520	RET=0
521
522	bridge fdb del de:ad:be:ef:13:37 dev vxlan0 self
523	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep -v self \
524		| grep -q offload
525	check_fail $?
526
527	log_test "vxlan entry offload indication - after removal from vxlan"
528
529	# Add the FDB entry back to the VxLAN driver and make sure it is
530	# marked as offloaded in both drivers
531	RET=0
532
533	bridge fdb add de:ad:be:ef:13:37 dev vxlan0 self dst 198.51.100.2
534	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep self \
535		| grep -q offload
536	check_err $?
537	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep -v self \
538		| grep -q offload
539	check_err $?
540
541	log_test "vxlan entry offload indication - after re-add to vxlan"
542
543	bridge fdb del de:ad:be:ef:13:37 dev vxlan0 self master
544}
545
546offload_indication_fdb_test()
547{
548	offload_indication_fdb_flood_test
549	offload_indication_fdb_bridge_test
550}
551
552offload_indication_decap_route_test()
553{
554	RET=0
555
556	ip route show table local | grep 198.51.100.1 | grep -q offload
557	check_err $?
558
559	ip link set dev vxlan0 down
560	ip route show table local | grep 198.51.100.1 | grep -q offload
561	check_err $?
562
563	ip link set dev vxlan1 down
564	ip route show table local | grep 198.51.100.1 | grep -q offload
565	check_fail $?
566
567	log_test "vxlan decap route - vxlan device down"
568
569	RET=0
570
571	ip link set dev vxlan1 up
572	ip route show table local | grep 198.51.100.1 | grep -q offload
573	check_err $?
574
575	ip link set dev vxlan0 up
576	ip route show table local | grep 198.51.100.1 | grep -q offload
577	check_err $?
578
579	log_test "vxlan decap route - vxlan device up"
580
581	RET=0
582
583	ip address delete 198.51.100.1/32 dev lo
584	ip route show table local | grep 198.51.100.1 | grep -q offload
585	check_fail $?
586
587	ip address add 198.51.100.1/32 dev lo
588	ip route show table local | grep 198.51.100.1 | grep -q offload
589	check_err $?
590
591	log_test "vxlan decap route - add local route"
592
593	RET=0
594
595	ip link set dev $swp1 nomaster
596	ip route show table local | grep 198.51.100.1 | grep -q offload
597	check_err $?
598
599	ip link set dev $swp2 nomaster
600	ip route show table local | grep 198.51.100.1 | grep -q offload
601	check_fail $?
602
603	ip link set dev $swp1 master br0
604	ip link set dev $swp2 master br1
605	ip route show table local | grep 198.51.100.1 | grep -q offload
606	check_err $?
607
608	log_test "vxlan decap route - local ports enslavement"
609
610	RET=0
611
612	ip link del dev br0
613	ip route show table local | grep 198.51.100.1 | grep -q offload
614	check_err $?
615
616	ip link del dev br1
617	ip route show table local | grep 198.51.100.1 | grep -q offload
618	check_fail $?
619
620	log_test "vxlan decap route - bridge device deletion"
621
622	RET=0
623
624	ip link add name br0 up type bridge mcast_snooping 0
625	ip link add name br1 up type bridge mcast_snooping 0
626	ip link set dev $swp1 master br0
627	ip link set dev $swp2 master br1
628	ip link set dev vxlan0 master br0
629	ip link set dev vxlan1 master br1
630	ip route show table local | grep 198.51.100.1 | grep -q offload
631	check_err $?
632
633	ip link del dev vxlan0
634	ip route show table local | grep 198.51.100.1 | grep -q offload
635	check_err $?
636
637	ip link del dev vxlan1
638	ip route show table local | grep 198.51.100.1 | grep -q offload
639	check_fail $?
640
641	log_test "vxlan decap route - vxlan device deletion"
642
643	ip link add name vxlan0 up master br0 type vxlan id 10 nolearning \
644		noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789
645	ip link add name vxlan1 up master br1 type vxlan id 20 nolearning \
646		noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789
647}
648
649offload_indication_test()
650{
651	offload_indication_setup_create
652	offload_indication_fdb_test
653	offload_indication_decap_route_test
654	offload_indication_setup_destroy
655}
656
657trap cleanup EXIT
658
659setup_prepare
660setup_wait
661
662tests_run
663
664exit $EXIT_STATUS
665