1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0
3#
4# Test various aspects of VxLAN offloading which are specific to mlxsw, such
5# as sanitization of invalid configurations and offload indication.
6
7: ${ADDR_FAMILY:=ipv4}
8export ADDR_FAMILY
9
10: ${LOCAL_IP_1:=198.51.100.1}
11export LOCAL_IP_1
12
13: ${LOCAL_IP_2:=198.51.100.2}
14export LOCAL_IP_2
15
16: ${PREFIX_LEN:=32}
17export PREFIX_LEN
18
19: ${UDPCSUM_FLAFS:=noudpcsum}
20export UDPCSUM_FLAFS
21
22: ${MC_IP:=239.0.0.1}
23export MC_IP
24
25: ${IP_FLAG:=""}
26export IP_FLAG
27
28: ${ALL_TESTS:="
29	sanitization_test
30	offload_indication_test
31	sanitization_vlan_aware_test
32	offload_indication_vlan_aware_test
33"}
34
35lib_dir=$(dirname $0)/../../../net/forwarding
36NUM_NETIFS=2
37: ${TIMEOUT:=20000} # ms
38source $lib_dir/lib.sh
39
40setup_prepare()
41{
42	swp1=${NETIFS[p1]}
43	swp2=${NETIFS[p2]}
44
45	ip link set dev $swp1 up
46	ip link set dev $swp2 up
47}
48
49cleanup()
50{
51	pre_cleanup
52
53	ip link set dev $swp2 down
54	ip link set dev $swp1 down
55}
56
57sanitization_single_dev_test_pass()
58{
59	ip link set dev $swp1 master br0
60	check_err $?
61	ip link set dev vxlan0 master br0
62	check_err $?
63
64	ip link set dev $swp1 nomaster
65
66	ip link set dev $swp1 master br0
67	check_err $?
68}
69
70sanitization_single_dev_test_fail()
71{
72	ip link set dev $swp1 master br0
73	check_err $?
74	ip link set dev vxlan0 master br0 &> /dev/null
75	check_fail $?
76
77	ip link set dev $swp1 nomaster
78
79	ip link set dev vxlan0 master br0
80	check_err $?
81	ip link set dev $swp1 master br0 &> /dev/null
82	check_fail $?
83}
84
85sanitization_single_dev_valid_test()
86{
87	RET=0
88
89	ip link add dev br0 type bridge mcast_snooping 0
90
91	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
92		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
93
94	sanitization_single_dev_test_pass
95
96	ip link del dev vxlan0
97	ip link del dev br0
98
99	log_test "vxlan device - valid configuration"
100}
101
102sanitization_single_dev_vlan_aware_test()
103{
104	RET=0
105
106	ip link add dev br0 type bridge mcast_snooping 0 vlan_filtering 1
107
108	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
109		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
110
111	sanitization_single_dev_test_pass
112
113	ip link del dev vxlan0
114	ip link del dev br0
115
116	log_test "vxlan device with a vlan-aware bridge"
117}
118
119sanitization_single_dev_mcast_enabled_test()
120{
121	RET=0
122
123	ip link add dev br0 type bridge
124
125	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
126		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
127
128	sanitization_single_dev_test_fail
129
130	ip link del dev vxlan0
131	ip link del dev br0
132
133	log_test "vxlan device with a multicast enabled bridge"
134}
135
136sanitization_single_dev_mcast_group_test()
137{
138	RET=0
139
140	ip link add dev br0 type bridge mcast_snooping 0
141	ip link add name dummy1 up type dummy
142
143	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
144		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 \
145		dev dummy1 group $MC_IP
146
147	sanitization_single_dev_test_fail
148
149	ip link del dev vxlan0
150	ip link del dev dummy1
151	ip link del dev br0
152
153	log_test "vxlan device with a multicast group"
154}
155
156sanitization_single_dev_no_local_ip_test()
157{
158	RET=0
159
160	ip link add dev br0 type bridge mcast_snooping 0
161
162	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
163		ttl 20 tos inherit dstport 4789
164
165	sanitization_single_dev_test_fail
166
167	ip link del dev vxlan0
168	ip link del dev br0
169
170	log_test "vxlan device with no local ip"
171}
172
173sanitization_single_dev_learning_enabled_ipv4_test()
174{
175	RET=0
176
177	ip link add dev br0 type bridge mcast_snooping 0
178
179	ip link add name vxlan0 up type vxlan id 10 learning $UDPCSUM_FLAFS \
180		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
181
182	sanitization_single_dev_test_pass
183
184	ip link del dev vxlan0
185	ip link del dev br0
186
187	log_test "vxlan device with learning enabled"
188}
189
190sanitization_single_dev_local_interface_test()
191{
192	RET=0
193
194	ip link add dev br0 type bridge mcast_snooping 0
195	ip link add name dummy1 up type dummy
196
197	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
198		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 dev dummy1
199
200	sanitization_single_dev_test_fail
201
202	ip link del dev vxlan0
203	ip link del dev dummy1
204	ip link del dev br0
205
206	log_test "vxlan device with local interface"
207}
208
209sanitization_single_dev_port_range_test()
210{
211	RET=0
212
213	ip link add dev br0 type bridge mcast_snooping 0
214
215	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
216		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789 \
217		srcport 4000 5000
218
219	sanitization_single_dev_test_fail
220
221	ip link del dev vxlan0
222	ip link del dev br0
223
224	log_test "vxlan device with udp source port range"
225}
226
227sanitization_single_dev_tos_static_test()
228{
229	RET=0
230
231	ip link add dev br0 type bridge mcast_snooping 0
232
233	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
234		ttl 20 tos 20 local $LOCAL_IP_1 dstport 4789
235
236	sanitization_single_dev_test_fail
237
238	ip link del dev vxlan0
239	ip link del dev br0
240
241	log_test "vxlan device with static tos"
242}
243
244sanitization_single_dev_ttl_inherit_test()
245{
246	RET=0
247
248	ip link add dev br0 type bridge mcast_snooping 0
249
250	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
251		ttl inherit tos inherit local $LOCAL_IP_1 dstport 4789
252
253	sanitization_single_dev_test_fail
254
255	ip link del dev vxlan0
256	ip link del dev br0
257
258	log_test "vxlan device with inherit ttl"
259}
260
261sanitization_single_dev_udp_checksum_ipv4_test()
262{
263	RET=0
264
265	ip link add dev br0 type bridge mcast_snooping 0
266
267	ip link add name vxlan0 up type vxlan id 10 nolearning udpcsum \
268		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
269
270	sanitization_single_dev_test_fail
271
272	ip link del dev vxlan0
273	ip link del dev br0
274
275	log_test "vxlan device with udp checksum"
276}
277
278sanitization_single_dev_test()
279{
280	# These tests make sure that we correctly sanitize VxLAN device
281	# configurations we do not support
282	sanitization_single_dev_valid_test
283	sanitization_single_dev_vlan_aware_test
284	sanitization_single_dev_mcast_enabled_test
285	sanitization_single_dev_mcast_group_test
286	sanitization_single_dev_no_local_ip_test
287	sanitization_single_dev_learning_enabled_"$ADDR_FAMILY"_test
288	sanitization_single_dev_local_interface_test
289	sanitization_single_dev_port_range_test
290	sanitization_single_dev_tos_static_test
291	sanitization_single_dev_ttl_inherit_test
292	sanitization_single_dev_udp_checksum_"$ADDR_FAMILY"_test
293}
294
295sanitization_multi_devs_test_pass()
296{
297	ip link set dev $swp1 master br0
298	check_err $?
299	ip link set dev vxlan0 master br0
300	check_err $?
301	ip link set dev $swp2 master br1
302	check_err $?
303	ip link set dev vxlan1 master br1
304	check_err $?
305
306	ip link set dev $swp2 nomaster
307	ip link set dev $swp1 nomaster
308
309	ip link set dev $swp1 master br0
310	check_err $?
311	ip link set dev $swp2 master br1
312	check_err $?
313}
314
315sanitization_multi_devs_test_fail()
316{
317	ip link set dev $swp1 master br0
318	check_err $?
319	ip link set dev vxlan0 master br0
320	check_err $?
321	ip link set dev $swp2 master br1
322	check_err $?
323	ip link set dev vxlan1 master br1 &> /dev/null
324	check_fail $?
325
326	ip link set dev $swp2 nomaster
327	ip link set dev $swp1 nomaster
328
329	ip link set dev vxlan1 master br1
330	check_err $?
331	ip link set dev $swp1 master br0
332	check_err $?
333	ip link set dev $swp2 master br1 &> /dev/null
334	check_fail $?
335}
336
337sanitization_multi_devs_valid_test()
338{
339	RET=0
340
341	ip link add dev br0 type bridge mcast_snooping 0
342	ip link add dev br1 type bridge mcast_snooping 0
343
344	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
345		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
346	ip link add name vxlan1 up type vxlan id 20 nolearning $UDPCSUM_FLAFS \
347		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
348
349	sanitization_multi_devs_test_pass
350
351	ip link del dev vxlan1
352	ip link del dev vxlan0
353	ip link del dev br1
354	ip link del dev br0
355
356	log_test "multiple vxlan devices - valid configuration"
357}
358
359sanitization_multi_devs_ttl_test()
360{
361	RET=0
362
363	ip link add dev br0 type bridge mcast_snooping 0
364	ip link add dev br1 type bridge mcast_snooping 0
365
366	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
367		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
368	ip link add name vxlan1 up type vxlan id 20 nolearning $UDPCSUM_FLAFS \
369		ttl 40 tos inherit local $LOCAL_IP_1 dstport 4789
370
371	sanitization_multi_devs_test_fail
372
373	ip link del dev vxlan1
374	ip link del dev vxlan0
375	ip link del dev br1
376	ip link del dev br0
377
378	log_test "multiple vxlan devices with different ttl"
379}
380
381sanitization_multi_devs_udp_dstport_test()
382{
383	RET=0
384
385	ip link add dev br0 type bridge mcast_snooping 0
386	ip link add dev br1 type bridge mcast_snooping 0
387
388	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
389		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
390	ip link add name vxlan1 up type vxlan id 20 nolearning $UDPCSUM_FLAFS \
391		ttl 20 tos inherit local $LOCAL_IP_1 dstport 5789
392
393	sanitization_multi_devs_test_fail
394
395	ip link del dev vxlan1
396	ip link del dev vxlan0
397	ip link del dev br1
398	ip link del dev br0
399
400	log_test "multiple vxlan devices with different udp destination port"
401}
402
403sanitization_multi_devs_local_ip_test()
404{
405	RET=0
406
407	ip link add dev br0 type bridge mcast_snooping 0
408	ip link add dev br1 type bridge mcast_snooping 0
409
410	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
411		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
412	ip link add name vxlan1 up type vxlan id 20 nolearning $UDPCSUM_FLAFS \
413		ttl 20 tos inherit local $LOCAL_IP_2 dstport 4789
414
415	sanitization_multi_devs_test_fail
416
417	ip link del dev vxlan1
418	ip link del dev vxlan0
419	ip link del dev br1
420	ip link del dev br0
421
422	log_test "multiple vxlan devices with different local ip"
423}
424
425sanitization_multi_devs_test()
426{
427	# The device has a single VTEP, which means all the VxLAN devices
428	# we offload must share certain properties such as source IP and
429	# UDP destination port. These tests make sure that we forbid
430	# configurations that violate this limitation
431	sanitization_multi_devs_valid_test
432	sanitization_multi_devs_ttl_test
433	sanitization_multi_devs_udp_dstport_test
434	sanitization_multi_devs_local_ip_test
435}
436
437sanitization_test()
438{
439	sanitization_single_dev_test
440	sanitization_multi_devs_test
441}
442
443offload_indication_setup_create()
444{
445	# Create a simple setup with two bridges, each with a VxLAN device
446	# and one local port
447	ip link add name br0 up type bridge mcast_snooping 0
448	ip link add name br1 up type bridge mcast_snooping 0
449
450	ip link set dev $swp1 master br0
451	ip link set dev $swp2 master br1
452
453	ip address add $LOCAL_IP_1/$PREFIX_LEN dev lo
454
455	ip link add name vxlan0 up master br0 type vxlan id 10 nolearning \
456		$UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
457	ip link add name vxlan1 up master br1 type vxlan id 20 nolearning \
458		$UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
459}
460
461offload_indication_setup_destroy()
462{
463	ip link del dev vxlan1
464	ip link del dev vxlan0
465
466	ip address del $LOCAL_IP_1/$PREFIX_LEN dev lo
467
468	ip link set dev $swp2 nomaster
469	ip link set dev $swp1 nomaster
470
471	ip link del dev br1
472	ip link del dev br0
473}
474
475offload_indication_fdb_flood_test()
476{
477	RET=0
478
479	bridge fdb append 00:00:00:00:00:00 dev vxlan0 self dst $LOCAL_IP_2
480
481	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb 00:00:00:00:00:00 \
482		bridge fdb show brport vxlan0
483	check_err $?
484
485	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self
486
487	log_test "vxlan flood entry offload indication"
488}
489
490offload_indication_fdb_bridge_test()
491{
492	RET=0
493
494	bridge fdb add de:ad:be:ef:13:37 dev vxlan0 self master static \
495		dst $LOCAL_IP_2
496
497	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
498		de:ad:be:ef:13:37 self bridge fdb show brport vxlan0
499	check_err $?
500	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
501		de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan0
502	check_err $?
503
504	log_test "vxlan entry offload indication - initial state"
505
506	# Remove FDB entry from the bridge driver and check that corresponding
507	# entry in the VxLAN driver is not marked as offloaded
508	RET=0
509
510	bridge fdb del de:ad:be:ef:13:37 dev vxlan0 master
511	busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb \
512		de:ad:be:ef:13:37 self bridge fdb show brport vxlan0
513	check_err $?
514
515	log_test "vxlan entry offload indication - after removal from bridge"
516
517	# Add the FDB entry back to the bridge driver and make sure it is
518	# marked as offloaded in both drivers
519	RET=0
520
521	bridge fdb add de:ad:be:ef:13:37 dev vxlan0 master static
522	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
523		de:ad:be:ef:13:37 self bridge fdb show brport vxlan0
524	check_err $?
525	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
526		de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan0
527	check_err $?
528
529	log_test "vxlan entry offload indication - after re-add to bridge"
530
531	# Remove FDB entry from the VxLAN driver and check that corresponding
532	# entry in the bridge driver is not marked as offloaded
533	RET=0
534
535	bridge fdb del de:ad:be:ef:13:37 dev vxlan0 self
536	busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb \
537		de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan0
538	check_err $?
539
540	log_test "vxlan entry offload indication - after removal from vxlan"
541
542	# Add the FDB entry back to the VxLAN driver and make sure it is
543	# marked as offloaded in both drivers
544	RET=0
545
546	bridge fdb add de:ad:be:ef:13:37 dev vxlan0 self dst $LOCAL_IP_2
547	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
548		de:ad:be:ef:13:37 self bridge fdb show brport vxlan0
549	check_err $?
550	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
551		de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan0
552	check_err $?
553
554	log_test "vxlan entry offload indication - after re-add to vxlan"
555
556	bridge fdb del de:ad:be:ef:13:37 dev vxlan0 self master
557}
558
559offload_indication_fdb_test()
560{
561	offload_indication_fdb_flood_test
562	offload_indication_fdb_bridge_test
563}
564
565offload_indication_decap_route_test()
566{
567	RET=0
568
569	busywait "$TIMEOUT" wait_for_offload \
570		ip $IP_FLAG route show table local $LOCAL_IP_1
571	check_err $?
572
573	ip link set dev vxlan0 down
574	busywait "$TIMEOUT" wait_for_offload \
575		ip $IP_FLAG route show table local $LOCAL_IP_1
576	check_err $?
577
578	ip link set dev vxlan1 down
579	busywait "$TIMEOUT" not wait_for_offload \
580		ip $IP_FLAG route show table local $LOCAL_IP_1
581	check_err $?
582
583	log_test "vxlan decap route - vxlan device down"
584
585	RET=0
586
587	ip link set dev vxlan1 up
588	busywait "$TIMEOUT" wait_for_offload \
589		ip $IP_FLAG route show table local $LOCAL_IP_1
590	check_err $?
591
592	ip link set dev vxlan0 up
593	busywait "$TIMEOUT" wait_for_offload \
594		ip $IP_FLAG route show table local $LOCAL_IP_1
595	check_err $?
596
597	log_test "vxlan decap route - vxlan device up"
598
599	RET=0
600
601	ip address delete $LOCAL_IP_1/$PREFIX_LEN dev lo
602	busywait "$TIMEOUT" not wait_for_offload \
603		ip $IP_FLAG route show table local $LOCAL_IP_1
604	check_err $?
605
606	ip address add $LOCAL_IP_1/$PREFIX_LEN dev lo
607	busywait "$TIMEOUT" wait_for_offload \
608		ip $IP_FLAG route show table local $LOCAL_IP_1
609	check_err $?
610
611	log_test "vxlan decap route - add local route"
612
613	RET=0
614
615	ip link set dev $swp1 nomaster
616	busywait "$TIMEOUT" wait_for_offload \
617		ip $IP_FLAG route show table local $LOCAL_IP_1
618	check_err $?
619
620	ip link set dev $swp2 nomaster
621	busywait "$TIMEOUT" not wait_for_offload \
622		ip $IP_FLAG route show table local $LOCAL_IP_1
623	check_err $?
624
625	ip link set dev $swp1 master br0
626	ip link set dev $swp2 master br1
627	busywait "$TIMEOUT" wait_for_offload \
628		ip $IP_FLAG route show table local $LOCAL_IP_1
629	check_err $?
630
631	log_test "vxlan decap route - local ports enslavement"
632
633	RET=0
634
635	ip link del dev br0
636	busywait "$TIMEOUT" wait_for_offload \
637		ip $IP_FLAG route show table local $LOCAL_IP_1
638	check_err $?
639
640	ip link del dev br1
641	busywait "$TIMEOUT" not wait_for_offload \
642		ip $IP_FLAG route show table local $LOCAL_IP_1
643	check_err $?
644
645	log_test "vxlan decap route - bridge device deletion"
646
647	RET=0
648
649	ip link add name br0 up type bridge mcast_snooping 0
650	ip link add name br1 up type bridge mcast_snooping 0
651	ip link set dev $swp1 master br0
652	ip link set dev $swp2 master br1
653	ip link set dev vxlan0 master br0
654	ip link set dev vxlan1 master br1
655	busywait "$TIMEOUT" wait_for_offload \
656		ip $IP_FLAG route show table local $LOCAL_IP_1
657	check_err $?
658
659	ip link del dev vxlan0
660	busywait "$TIMEOUT" wait_for_offload \
661		ip $IP_FLAG route show table local $LOCAL_IP_1
662	check_err $?
663
664	ip link del dev vxlan1
665	busywait "$TIMEOUT" not wait_for_offload \
666		ip $IP_FLAG route show table local $LOCAL_IP_1
667	check_err $?
668
669	log_test "vxlan decap route - vxlan device deletion"
670
671	ip link add name vxlan0 up master br0 type vxlan id 10 nolearning \
672		$UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
673	ip link add name vxlan1 up master br1 type vxlan id 20 nolearning \
674		$UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
675}
676
677check_fdb_offloaded()
678{
679	local mac=00:11:22:33:44:55
680	local zmac=00:00:00:00:00:00
681
682	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $mac self \
683		bridge fdb show dev vxlan0
684	check_err $?
685	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $mac master \
686		bridge fdb show dev vxlan0
687	check_err $?
688
689	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $zmac self \
690		bridge fdb show dev vxlan0
691	check_err $?
692}
693
694check_vxlan_fdb_not_offloaded()
695{
696	local mac=00:11:22:33:44:55
697	local zmac=00:00:00:00:00:00
698
699	bridge fdb show dev vxlan0 | grep $mac | grep -q self
700	check_err $?
701	busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $mac self \
702		bridge fdb show dev vxlan0
703	check_err $?
704
705	bridge fdb show dev vxlan0 | grep $zmac | grep -q self
706	check_err $?
707	busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $zmac self \
708		bridge fdb show dev vxlan0
709	check_err $?
710}
711
712check_bridge_fdb_not_offloaded()
713{
714	local mac=00:11:22:33:44:55
715	local zmac=00:00:00:00:00:00
716
717	bridge fdb show dev vxlan0 | grep $mac | grep -q master
718	check_err $?
719	busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $mac master \
720		bridge fdb show dev vxlan0
721	check_err $?
722}
723
724__offload_indication_join_vxlan_first()
725{
726	local vid=$1; shift
727
728	local mac=00:11:22:33:44:55
729	local zmac=00:00:00:00:00:00
730
731	bridge fdb append $zmac dev vxlan0 self dst $LOCAL_IP_2
732
733	ip link set dev vxlan0 master br0
734	bridge fdb add dev vxlan0 $mac self master static dst $LOCAL_IP_2
735
736	RET=0
737	check_vxlan_fdb_not_offloaded
738	ip link set dev $swp1 master br0
739	sleep .1
740	check_fdb_offloaded
741	log_test "offload indication - attach vxlan first"
742
743	RET=0
744	ip link set dev vxlan0 down
745	check_vxlan_fdb_not_offloaded
746	check_bridge_fdb_not_offloaded
747	log_test "offload indication - set vxlan down"
748
749	RET=0
750	ip link set dev vxlan0 up
751	sleep .1
752	check_fdb_offloaded
753	log_test "offload indication - set vxlan up"
754
755	if [[ ! -z $vid ]]; then
756		RET=0
757		bridge vlan del dev vxlan0 vid $vid
758		check_vxlan_fdb_not_offloaded
759		check_bridge_fdb_not_offloaded
760		log_test "offload indication - delete VLAN"
761
762		RET=0
763		bridge vlan add dev vxlan0 vid $vid
764		check_vxlan_fdb_not_offloaded
765		check_bridge_fdb_not_offloaded
766		log_test "offload indication - add tagged VLAN"
767
768		RET=0
769		bridge vlan add dev vxlan0 vid $vid pvid untagged
770		sleep .1
771		check_fdb_offloaded
772		log_test "offload indication - add pvid/untagged VLAN"
773	fi
774
775	RET=0
776	ip link set dev $swp1 nomaster
777	check_vxlan_fdb_not_offloaded
778	log_test "offload indication - detach port"
779}
780
781offload_indication_join_vxlan_first()
782{
783	ip link add dev br0 up type bridge mcast_snooping 0
784	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
785		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
786
787	__offload_indication_join_vxlan_first
788
789	ip link del dev vxlan0
790	ip link del dev br0
791}
792
793__offload_indication_join_vxlan_last()
794{
795	local zmac=00:00:00:00:00:00
796
797	RET=0
798
799	bridge fdb append $zmac dev vxlan0 self dst $LOCAL_IP_2
800
801	ip link set dev $swp1 master br0
802
803	busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $zmac self \
804		bridge fdb show dev vxlan0
805	check_err $?
806
807	ip link set dev vxlan0 master br0
808
809	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $zmac self \
810		bridge fdb show dev vxlan0
811	check_err $?
812
813	log_test "offload indication - attach vxlan last"
814}
815
816offload_indication_join_vxlan_last()
817{
818	ip link add dev br0 up type bridge mcast_snooping 0
819	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
820		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
821
822	__offload_indication_join_vxlan_last
823
824	ip link del dev vxlan0
825	ip link del dev br0
826}
827
828offload_indication_test()
829{
830	offload_indication_setup_create
831	offload_indication_fdb_test
832	offload_indication_decap_route_test
833	offload_indication_setup_destroy
834
835	log_info "offload indication - replay & cleanup"
836	offload_indication_join_vxlan_first
837	offload_indication_join_vxlan_last
838}
839
840sanitization_vlan_aware_test()
841{
842	RET=0
843
844	ip link add dev br0 type bridge mcast_snooping 0 vlan_filtering 1
845
846	ip link add name vxlan10 up master br0 type vxlan id 10 nolearning \
847		$UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
848
849	ip link add name vxlan20 up master br0 type vxlan id 20 nolearning \
850		$UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
851
852	# Test that when each VNI is mapped to a different VLAN we can enslave
853	# a port to the bridge
854	bridge vlan add vid 10 dev vxlan10 pvid untagged
855	bridge vlan add vid 20 dev vxlan20 pvid untagged
856
857	ip link set dev $swp1 master br0
858	check_err $?
859
860	log_test "vlan-aware - enslavement to vlan-aware bridge"
861
862	# Try to map both VNIs to the same VLAN and make sure configuration
863	# fails
864	RET=0
865
866	bridge vlan add vid 10 dev vxlan20 pvid untagged &> /dev/null
867	check_fail $?
868
869	log_test "vlan-aware - two vnis mapped to the same vlan"
870
871	# Test that enslavement of a port to a bridge fails when two VNIs
872	# are mapped to the same VLAN
873	RET=0
874
875	ip link set dev $swp1 nomaster
876
877	bridge vlan del vid 20 dev vxlan20 pvid untagged
878	bridge vlan add vid 10 dev vxlan20 pvid untagged
879
880	ip link set dev $swp1 master br0 &> /dev/null
881	check_fail $?
882
883	log_test "vlan-aware - failed enslavement to vlan-aware bridge"
884
885	bridge vlan del vid 10 dev vxlan20
886	bridge vlan add vid 20 dev vxlan20 pvid untagged
887
888	# Test that when two VXLAN tunnels with conflicting configurations
889	# (i.e., different TTL) are enslaved to the same VLAN-aware bridge,
890	# then the enslavement of a port to the bridge is denied.
891
892	# Use the offload indication of the local route to ensure the VXLAN
893	# configuration was correctly rollbacked.
894	ip address add $LOCAL_IP_1/$PREFIX_LEN dev lo
895
896	ip link set dev vxlan10 type vxlan ttl 10
897	ip link set dev $swp1 master br0 &> /dev/null
898	check_fail $?
899
900	busywait "$TIMEOUT" not wait_for_offload \
901		ip $IP_FLAG route show table local $LOCAL_IP_1
902	check_err $?
903
904	log_test "vlan-aware - failed enslavement to bridge due to conflict"
905
906	ip link set dev vxlan10 type vxlan ttl 20
907	ip address del $LOCAL_IP_1/$PREFIX_LEN dev lo
908
909	ip link del dev vxlan20
910	ip link del dev vxlan10
911	ip link del dev br0
912}
913
914offload_indication_vlan_aware_setup_create()
915{
916	# Create a simple setup with two VxLAN devices and a single VLAN-aware
917	# bridge
918	ip link add name br0 up type bridge mcast_snooping 0 vlan_filtering 1 \
919		vlan_default_pvid 0
920
921	ip link set dev $swp1 master br0
922
923	bridge vlan add vid 10 dev $swp1
924	bridge vlan add vid 20 dev $swp1
925
926	ip address add $LOCAL_IP_1/$PREFIX_LEN dev lo
927
928	ip link add name vxlan10 up master br0 type vxlan id 10 nolearning \
929		$UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
930	ip link add name vxlan20 up master br0 type vxlan id 20 nolearning \
931		$UDPCSUM_FLAFS ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
932
933	bridge vlan add vid 10 dev vxlan10 pvid untagged
934	bridge vlan add vid 20 dev vxlan20 pvid untagged
935}
936
937offload_indication_vlan_aware_setup_destroy()
938{
939	bridge vlan del vid 20 dev vxlan20
940	bridge vlan del vid 10 dev vxlan10
941
942	ip link del dev vxlan20
943	ip link del dev vxlan10
944
945	ip address del $LOCAL_IP_1/$PREFIX_LEN dev lo
946
947	bridge vlan del vid 20 dev $swp1
948	bridge vlan del vid 10 dev $swp1
949
950	ip link set dev $swp1 nomaster
951
952	ip link del dev br0
953}
954
955offload_indication_vlan_aware_fdb_test()
956{
957	RET=0
958
959	log_info "vxlan entry offload indication - vlan-aware"
960
961	bridge fdb add de:ad:be:ef:13:37 dev vxlan10 self master static \
962		dst $LOCAL_IP_2 vlan 10
963
964	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
965		de:ad:be:ef:13:37 self bridge fdb show brport vxlan10
966	check_err $?
967	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
968		de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan10
969	check_err $?
970
971	log_test "vxlan entry offload indication - initial state"
972
973	# Remove FDB entry from the bridge driver and check that corresponding
974	# entry in the VxLAN driver is not marked as offloaded
975	RET=0
976
977	bridge fdb del de:ad:be:ef:13:37 dev vxlan10 master vlan 10
978	busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb \
979		de:ad:be:ef:13:37 self bridge fdb show brport vxlan10
980	check_err $?
981
982	log_test "vxlan entry offload indication - after removal from bridge"
983
984	# Add the FDB entry back to the bridge driver and make sure it is
985	# marked as offloaded in both drivers
986	RET=0
987
988	bridge fdb add de:ad:be:ef:13:37 dev vxlan10 master static vlan 10
989	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
990		de:ad:be:ef:13:37 self bridge fdb show brport vxlan10
991	check_err $?
992	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
993		de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan10
994	check_err $?
995
996	log_test "vxlan entry offload indication - after re-add to bridge"
997
998	# Remove FDB entry from the VxLAN driver and check that corresponding
999	# entry in the bridge driver is not marked as offloaded
1000	RET=0
1001
1002	bridge fdb del de:ad:be:ef:13:37 dev vxlan10 self
1003	busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb \
1004		de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan10
1005	check_err $?
1006
1007	log_test "vxlan entry offload indication - after removal from vxlan"
1008
1009	# Add the FDB entry back to the VxLAN driver and make sure it is
1010	# marked as offloaded in both drivers
1011	RET=0
1012
1013	bridge fdb add de:ad:be:ef:13:37 dev vxlan10 self dst $LOCAL_IP_2
1014	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
1015		de:ad:be:ef:13:37 self bridge fdb show brport vxlan10
1016	check_err $?
1017	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \
1018		de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan10
1019	check_err $?
1020
1021	log_test "vxlan entry offload indication - after re-add to vxlan"
1022
1023	bridge fdb del de:ad:be:ef:13:37 dev vxlan10 self master vlan 10
1024}
1025
1026offload_indication_vlan_aware_decap_route_test()
1027{
1028	RET=0
1029
1030	busywait "$TIMEOUT" wait_for_offload \
1031		ip $IP_FLAG route show table local $LOCAL_IP_1
1032	check_err $?
1033
1034	# Toggle PVID flag on one VxLAN device and make sure route is still
1035	# marked as offloaded
1036	bridge vlan add vid 10 dev vxlan10 untagged
1037
1038	busywait "$TIMEOUT" wait_for_offload \
1039		ip $IP_FLAG route show table local $LOCAL_IP_1
1040	check_err $?
1041
1042	# Toggle PVID flag on second VxLAN device and make sure route is no
1043	# longer marked as offloaded
1044	bridge vlan add vid 20 dev vxlan20 untagged
1045
1046	busywait "$TIMEOUT" not wait_for_offload \
1047		ip $IP_FLAG route show table local $LOCAL_IP_1
1048	check_err $?
1049
1050	# Toggle PVID flag back and make sure route is marked as offloaded
1051	bridge vlan add vid 10 dev vxlan10 pvid untagged
1052	bridge vlan add vid 20 dev vxlan20 pvid untagged
1053
1054	busywait "$TIMEOUT" wait_for_offload ip $IP_FLAG route show table local \
1055		$LOCAL_IP_1
1056	check_err $?
1057
1058	log_test "vxlan decap route - vni map/unmap"
1059}
1060
1061offload_indication_vlan_aware_join_vxlan_first()
1062{
1063	ip link add dev br0 up type bridge mcast_snooping 0 \
1064		vlan_filtering 1 vlan_default_pvid 1
1065	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
1066		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
1067
1068	__offload_indication_join_vxlan_first 1
1069
1070	ip link del dev vxlan0
1071	ip link del dev br0
1072}
1073
1074offload_indication_vlan_aware_join_vxlan_last()
1075{
1076	ip link add dev br0 up type bridge mcast_snooping 0 \
1077		vlan_filtering 1 vlan_default_pvid 1
1078	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
1079		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
1080
1081	__offload_indication_join_vxlan_last
1082
1083	ip link del dev vxlan0
1084	ip link del dev br0
1085}
1086
1087offload_indication_vlan_aware_l3vni_test()
1088{
1089	local zmac=00:00:00:00:00:00
1090
1091	RET=0
1092
1093	sysctl_set net.ipv6.conf.default.disable_ipv6 1
1094	ip link add dev br0 up type bridge mcast_snooping 0 \
1095		vlan_filtering 1 vlan_default_pvid 0
1096	ip link add name vxlan0 up type vxlan id 10 nolearning $UDPCSUM_FLAFS \
1097		ttl 20 tos inherit local $LOCAL_IP_1 dstport 4789
1098
1099	ip link set dev $swp1 master br0
1100
1101	# The test will use the offload indication on the FDB entry to
1102	# understand if the tunnel is offloaded or not
1103	bridge fdb append $zmac dev vxlan0 self dst $LOCAL_IP_2
1104
1105	ip link set dev vxlan0 master br0
1106	bridge vlan add dev vxlan0 vid 10 pvid untagged
1107
1108	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $zmac self \
1109		bridge fdb show brport vxlan0
1110	check_err $? "vxlan tunnel not offloaded when should"
1111
1112	# Configure a VLAN interface and make sure tunnel is offloaded
1113	ip link add link br0 name br10 up type vlan id 10
1114	sysctl_set net.ipv6.conf.br10.disable_ipv6 0
1115	ip -6 address add 2001:db8:1::1/64 dev br10
1116	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $zmac self \
1117		bridge fdb show brport vxlan0
1118	check_err $? "vxlan tunnel not offloaded when should"
1119
1120	# Unlink the VXLAN device, make sure tunnel is no longer offloaded,
1121	# then add it back to the bridge and make sure it is offloaded
1122	ip link set dev vxlan0 nomaster
1123	busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $zmac self \
1124		bridge fdb show brport vxlan0
1125	check_err $? "vxlan tunnel offloaded after unlinked from bridge"
1126
1127	ip link set dev vxlan0 master br0
1128	busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $zmac self \
1129		bridge fdb show brport vxlan0
1130	check_err $? "vxlan tunnel offloaded despite no matching vid"
1131
1132	bridge vlan add dev vxlan0 vid 10 pvid untagged
1133	busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $zmac self \
1134		bridge fdb show brport vxlan0
1135	check_err $? "vxlan tunnel not offloaded after adding vid"
1136
1137	log_test "vxlan - l3 vni"
1138
1139	ip link del dev vxlan0
1140	ip link del dev br0
1141	sysctl_restore net.ipv6.conf.default.disable_ipv6
1142}
1143
1144offload_indication_vlan_aware_test()
1145{
1146	offload_indication_vlan_aware_setup_create
1147	offload_indication_vlan_aware_fdb_test
1148	offload_indication_vlan_aware_decap_route_test
1149	offload_indication_vlan_aware_setup_destroy
1150
1151	log_info "offload indication - replay & cleanup - vlan aware"
1152	offload_indication_vlan_aware_join_vxlan_first
1153	offload_indication_vlan_aware_join_vxlan_last
1154	offload_indication_vlan_aware_l3vni_test
1155}
1156
1157trap cleanup EXIT
1158
1159setup_prepare
1160setup_wait
1161
1162tests_run
1163
1164exit $EXIT_STATUS
1165