1#!/bin/bash 2# SPDX-License-Identifier: GPL-2.0 3# 4# Test various aspects of VxLAN offloading which are specific to mlxsw, such 5# as sanitization of invalid configurations and offload indication. 6 7lib_dir=$(dirname $0)/../../../net/forwarding 8 9ALL_TESTS="sanitization_test offload_indication_test \ 10 sanitization_vlan_aware_test offload_indication_vlan_aware_test" 11NUM_NETIFS=2 12: ${TIMEOUT:=20000} # ms 13source $lib_dir/lib.sh 14 15setup_prepare() 16{ 17 swp1=${NETIFS[p1]} 18 swp2=${NETIFS[p2]} 19 20 ip link set dev $swp1 up 21 ip link set dev $swp2 up 22} 23 24cleanup() 25{ 26 pre_cleanup 27 28 ip link set dev $swp2 down 29 ip link set dev $swp1 down 30} 31 32sanitization_single_dev_test_pass() 33{ 34 ip link set dev $swp1 master br0 35 check_err $? 36 ip link set dev vxlan0 master br0 37 check_err $? 38 39 ip link set dev $swp1 nomaster 40 41 ip link set dev $swp1 master br0 42 check_err $? 43} 44 45sanitization_single_dev_test_fail() 46{ 47 ip link set dev $swp1 master br0 48 check_err $? 49 ip link set dev vxlan0 master br0 &> /dev/null 50 check_fail $? 51 52 ip link set dev $swp1 nomaster 53 54 ip link set dev vxlan0 master br0 55 check_err $? 56 ip link set dev $swp1 master br0 &> /dev/null 57 check_fail $? 58} 59 60sanitization_single_dev_valid_test() 61{ 62 RET=0 63 64 ip link add dev br0 type bridge mcast_snooping 0 65 66 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 67 ttl 20 tos inherit local 198.51.100.1 dstport 4789 68 69 sanitization_single_dev_test_pass 70 71 ip link del dev vxlan0 72 ip link del dev br0 73 74 log_test "vxlan device - valid configuration" 75} 76 77sanitization_single_dev_vlan_aware_test() 78{ 79 RET=0 80 81 ip link add dev br0 type bridge mcast_snooping 0 vlan_filtering 1 82 83 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 84 ttl 20 tos inherit local 198.51.100.1 dstport 4789 85 86 sanitization_single_dev_test_pass 87 88 ip link del dev vxlan0 89 ip link del dev br0 90 91 log_test "vxlan device with a vlan-aware bridge" 92} 93 94sanitization_single_dev_mcast_enabled_test() 95{ 96 RET=0 97 98 ip link add dev br0 type bridge 99 100 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 101 ttl 20 tos inherit local 198.51.100.1 dstport 4789 102 103 sanitization_single_dev_test_fail 104 105 ip link del dev vxlan0 106 ip link del dev br0 107 108 log_test "vxlan device with a multicast enabled bridge" 109} 110 111sanitization_single_dev_mcast_group_test() 112{ 113 RET=0 114 115 ip link add dev br0 type bridge mcast_snooping 0 116 ip link add name dummy1 up type dummy 117 118 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 119 ttl 20 tos inherit local 198.51.100.1 dstport 4789 \ 120 dev dummy1 group 239.0.0.1 121 122 sanitization_single_dev_test_fail 123 124 ip link del dev vxlan0 125 ip link del dev dummy1 126 ip link del dev br0 127 128 log_test "vxlan device with a multicast group" 129} 130 131sanitization_single_dev_no_local_ip_test() 132{ 133 RET=0 134 135 ip link add dev br0 type bridge mcast_snooping 0 136 137 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 138 ttl 20 tos inherit dstport 4789 139 140 sanitization_single_dev_test_fail 141 142 ip link del dev vxlan0 143 ip link del dev br0 144 145 log_test "vxlan device with no local ip" 146} 147 148sanitization_single_dev_local_ipv6_test() 149{ 150 RET=0 151 152 ip link add dev br0 type bridge mcast_snooping 0 153 154 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 155 ttl 20 tos inherit local 2001:db8::1 dstport 4789 156 157 sanitization_single_dev_test_fail 158 159 ip link del dev vxlan0 160 ip link del dev br0 161 162 log_test "vxlan device with local ipv6 address" 163} 164 165sanitization_single_dev_learning_enabled_test() 166{ 167 RET=0 168 169 ip link add dev br0 type bridge mcast_snooping 0 170 171 ip link add name vxlan0 up type vxlan id 10 learning noudpcsum \ 172 ttl 20 tos inherit local 198.51.100.1 dstport 4789 173 174 sanitization_single_dev_test_pass 175 176 ip link del dev vxlan0 177 ip link del dev br0 178 179 log_test "vxlan device with learning enabled" 180} 181 182sanitization_single_dev_local_interface_test() 183{ 184 RET=0 185 186 ip link add dev br0 type bridge mcast_snooping 0 187 ip link add name dummy1 up type dummy 188 189 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 190 ttl 20 tos inherit local 198.51.100.1 dstport 4789 dev dummy1 191 192 sanitization_single_dev_test_fail 193 194 ip link del dev vxlan0 195 ip link del dev dummy1 196 ip link del dev br0 197 198 log_test "vxlan device with local interface" 199} 200 201sanitization_single_dev_port_range_test() 202{ 203 RET=0 204 205 ip link add dev br0 type bridge mcast_snooping 0 206 207 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 208 ttl 20 tos inherit local 198.51.100.1 dstport 4789 \ 209 srcport 4000 5000 210 211 sanitization_single_dev_test_fail 212 213 ip link del dev vxlan0 214 ip link del dev br0 215 216 log_test "vxlan device with udp source port range" 217} 218 219sanitization_single_dev_tos_static_test() 220{ 221 RET=0 222 223 ip link add dev br0 type bridge mcast_snooping 0 224 225 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 226 ttl 20 tos 20 local 198.51.100.1 dstport 4789 227 228 sanitization_single_dev_test_fail 229 230 ip link del dev vxlan0 231 ip link del dev br0 232 233 log_test "vxlan device with static tos" 234} 235 236sanitization_single_dev_ttl_inherit_test() 237{ 238 RET=0 239 240 ip link add dev br0 type bridge mcast_snooping 0 241 242 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 243 ttl inherit tos inherit local 198.51.100.1 dstport 4789 244 245 sanitization_single_dev_test_fail 246 247 ip link del dev vxlan0 248 ip link del dev br0 249 250 log_test "vxlan device with inherit ttl" 251} 252 253sanitization_single_dev_udp_checksum_test() 254{ 255 RET=0 256 257 ip link add dev br0 type bridge mcast_snooping 0 258 259 ip link add name vxlan0 up type vxlan id 10 nolearning udpcsum \ 260 ttl 20 tos inherit local 198.51.100.1 dstport 4789 261 262 sanitization_single_dev_test_fail 263 264 ip link del dev vxlan0 265 ip link del dev br0 266 267 log_test "vxlan device with udp checksum" 268} 269 270sanitization_single_dev_test() 271{ 272 # These tests make sure that we correctly sanitize VxLAN device 273 # configurations we do not support 274 sanitization_single_dev_valid_test 275 sanitization_single_dev_vlan_aware_test 276 sanitization_single_dev_mcast_enabled_test 277 sanitization_single_dev_mcast_group_test 278 sanitization_single_dev_no_local_ip_test 279 sanitization_single_dev_local_ipv6_test 280 sanitization_single_dev_learning_enabled_test 281 sanitization_single_dev_local_interface_test 282 sanitization_single_dev_port_range_test 283 sanitization_single_dev_tos_static_test 284 sanitization_single_dev_ttl_inherit_test 285 sanitization_single_dev_udp_checksum_test 286} 287 288sanitization_multi_devs_test_pass() 289{ 290 ip link set dev $swp1 master br0 291 check_err $? 292 ip link set dev vxlan0 master br0 293 check_err $? 294 ip link set dev $swp2 master br1 295 check_err $? 296 ip link set dev vxlan1 master br1 297 check_err $? 298 299 ip link set dev $swp2 nomaster 300 ip link set dev $swp1 nomaster 301 302 ip link set dev $swp1 master br0 303 check_err $? 304 ip link set dev $swp2 master br1 305 check_err $? 306} 307 308sanitization_multi_devs_test_fail() 309{ 310 ip link set dev $swp1 master br0 311 check_err $? 312 ip link set dev vxlan0 master br0 313 check_err $? 314 ip link set dev $swp2 master br1 315 check_err $? 316 ip link set dev vxlan1 master br1 &> /dev/null 317 check_fail $? 318 319 ip link set dev $swp2 nomaster 320 ip link set dev $swp1 nomaster 321 322 ip link set dev vxlan1 master br1 323 check_err $? 324 ip link set dev $swp1 master br0 325 check_err $? 326 ip link set dev $swp2 master br1 &> /dev/null 327 check_fail $? 328} 329 330sanitization_multi_devs_valid_test() 331{ 332 RET=0 333 334 ip link add dev br0 type bridge mcast_snooping 0 335 ip link add dev br1 type bridge mcast_snooping 0 336 337 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 338 ttl 20 tos inherit local 198.51.100.1 dstport 4789 339 ip link add name vxlan1 up type vxlan id 20 nolearning noudpcsum \ 340 ttl 20 tos inherit local 198.51.100.1 dstport 4789 341 342 sanitization_multi_devs_test_pass 343 344 ip link del dev vxlan1 345 ip link del dev vxlan0 346 ip link del dev br1 347 ip link del dev br0 348 349 log_test "multiple vxlan devices - valid configuration" 350} 351 352sanitization_multi_devs_ttl_test() 353{ 354 RET=0 355 356 ip link add dev br0 type bridge mcast_snooping 0 357 ip link add dev br1 type bridge mcast_snooping 0 358 359 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 360 ttl 20 tos inherit local 198.51.100.1 dstport 4789 361 ip link add name vxlan1 up type vxlan id 20 nolearning noudpcsum \ 362 ttl 40 tos inherit local 198.51.100.1 dstport 4789 363 364 sanitization_multi_devs_test_fail 365 366 ip link del dev vxlan1 367 ip link del dev vxlan0 368 ip link del dev br1 369 ip link del dev br0 370 371 log_test "multiple vxlan devices with different ttl" 372} 373 374sanitization_multi_devs_udp_dstport_test() 375{ 376 RET=0 377 378 ip link add dev br0 type bridge mcast_snooping 0 379 ip link add dev br1 type bridge mcast_snooping 0 380 381 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 382 ttl 20 tos inherit local 198.51.100.1 dstport 4789 383 ip link add name vxlan1 up type vxlan id 20 nolearning noudpcsum \ 384 ttl 20 tos inherit local 198.51.100.1 dstport 5789 385 386 sanitization_multi_devs_test_fail 387 388 ip link del dev vxlan1 389 ip link del dev vxlan0 390 ip link del dev br1 391 ip link del dev br0 392 393 log_test "multiple vxlan devices with different udp destination port" 394} 395 396sanitization_multi_devs_local_ip_test() 397{ 398 RET=0 399 400 ip link add dev br0 type bridge mcast_snooping 0 401 ip link add dev br1 type bridge mcast_snooping 0 402 403 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 404 ttl 20 tos inherit local 198.51.100.1 dstport 4789 405 ip link add name vxlan1 up type vxlan id 20 nolearning noudpcsum \ 406 ttl 20 tos inherit local 198.51.100.2 dstport 4789 407 408 sanitization_multi_devs_test_fail 409 410 ip link del dev vxlan1 411 ip link del dev vxlan0 412 ip link del dev br1 413 ip link del dev br0 414 415 log_test "multiple vxlan devices with different local ip" 416} 417 418sanitization_multi_devs_test() 419{ 420 # The device has a single VTEP, which means all the VxLAN devices 421 # we offload must share certain properties such as source IP and 422 # UDP destination port. These tests make sure that we forbid 423 # configurations that violate this limitation 424 sanitization_multi_devs_valid_test 425 sanitization_multi_devs_ttl_test 426 sanitization_multi_devs_udp_dstport_test 427 sanitization_multi_devs_local_ip_test 428} 429 430sanitization_test() 431{ 432 sanitization_single_dev_test 433 sanitization_multi_devs_test 434} 435 436offload_indication_setup_create() 437{ 438 # Create a simple setup with two bridges, each with a VxLAN device 439 # and one local port 440 ip link add name br0 up type bridge mcast_snooping 0 441 ip link add name br1 up type bridge mcast_snooping 0 442 443 ip link set dev $swp1 master br0 444 ip link set dev $swp2 master br1 445 446 ip address add 198.51.100.1/32 dev lo 447 448 ip link add name vxlan0 up master br0 type vxlan id 10 nolearning \ 449 noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789 450 ip link add name vxlan1 up master br1 type vxlan id 20 nolearning \ 451 noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789 452} 453 454offload_indication_setup_destroy() 455{ 456 ip link del dev vxlan1 457 ip link del dev vxlan0 458 459 ip address del 198.51.100.1/32 dev lo 460 461 ip link set dev $swp2 nomaster 462 ip link set dev $swp1 nomaster 463 464 ip link del dev br1 465 ip link del dev br0 466} 467 468offload_indication_fdb_flood_test() 469{ 470 RET=0 471 472 bridge fdb append 00:00:00:00:00:00 dev vxlan0 self dst 198.51.100.2 473 474 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb 00:00:00:00:00:00 \ 475 bridge fdb show brport vxlan0 476 check_err $? 477 478 bridge fdb del 00:00:00:00:00:00 dev vxlan0 self 479 480 log_test "vxlan flood entry offload indication" 481} 482 483offload_indication_fdb_bridge_test() 484{ 485 RET=0 486 487 bridge fdb add de:ad:be:ef:13:37 dev vxlan0 self master static \ 488 dst 198.51.100.2 489 490 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 491 de:ad:be:ef:13:37 self bridge fdb show brport vxlan0 492 check_err $? 493 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 494 de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan0 495 check_err $? 496 497 log_test "vxlan entry offload indication - initial state" 498 499 # Remove FDB entry from the bridge driver and check that corresponding 500 # entry in the VxLAN driver is not marked as offloaded 501 RET=0 502 503 bridge fdb del de:ad:be:ef:13:37 dev vxlan0 master 504 busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb \ 505 de:ad:be:ef:13:37 self bridge fdb show brport vxlan0 506 check_err $? 507 508 log_test "vxlan entry offload indication - after removal from bridge" 509 510 # Add the FDB entry back to the bridge driver and make sure it is 511 # marked as offloaded in both drivers 512 RET=0 513 514 bridge fdb add de:ad:be:ef:13:37 dev vxlan0 master static 515 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 516 de:ad:be:ef:13:37 self bridge fdb show brport vxlan0 517 check_err $? 518 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 519 de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan0 520 check_err $? 521 522 log_test "vxlan entry offload indication - after re-add to bridge" 523 524 # Remove FDB entry from the VxLAN driver and check that corresponding 525 # entry in the bridge driver is not marked as offloaded 526 RET=0 527 528 bridge fdb del de:ad:be:ef:13:37 dev vxlan0 self 529 busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb \ 530 de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan0 531 check_err $? 532 533 log_test "vxlan entry offload indication - after removal from vxlan" 534 535 # Add the FDB entry back to the VxLAN driver and make sure it is 536 # marked as offloaded in both drivers 537 RET=0 538 539 bridge fdb add de:ad:be:ef:13:37 dev vxlan0 self dst 198.51.100.2 540 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 541 de:ad:be:ef:13:37 self bridge fdb show brport vxlan0 542 check_err $? 543 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 544 de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan0 545 check_err $? 546 547 log_test "vxlan entry offload indication - after re-add to vxlan" 548 549 bridge fdb del de:ad:be:ef:13:37 dev vxlan0 self master 550} 551 552offload_indication_fdb_test() 553{ 554 offload_indication_fdb_flood_test 555 offload_indication_fdb_bridge_test 556} 557 558offload_indication_decap_route_test() 559{ 560 RET=0 561 562 busywait "$TIMEOUT" wait_for_offload \ 563 ip route show table local 198.51.100.1 564 check_err $? 565 566 ip link set dev vxlan0 down 567 busywait "$TIMEOUT" wait_for_offload \ 568 ip route show table local 198.51.100.1 569 check_err $? 570 571 ip link set dev vxlan1 down 572 busywait "$TIMEOUT" not wait_for_offload \ 573 ip route show table local 198.51.100.1 574 check_err $? 575 576 log_test "vxlan decap route - vxlan device down" 577 578 RET=0 579 580 ip link set dev vxlan1 up 581 busywait "$TIMEOUT" wait_for_offload \ 582 ip route show table local 198.51.100.1 583 check_err $? 584 585 ip link set dev vxlan0 up 586 busywait "$TIMEOUT" wait_for_offload \ 587 ip route show table local 198.51.100.1 588 check_err $? 589 590 log_test "vxlan decap route - vxlan device up" 591 592 RET=0 593 594 ip address delete 198.51.100.1/32 dev lo 595 busywait "$TIMEOUT" not wait_for_offload \ 596 ip route show table local 198.51.100.1 597 check_err $? 598 599 ip address add 198.51.100.1/32 dev lo 600 busywait "$TIMEOUT" wait_for_offload \ 601 ip route show table local 198.51.100.1 602 check_err $? 603 604 log_test "vxlan decap route - add local route" 605 606 RET=0 607 608 ip link set dev $swp1 nomaster 609 busywait "$TIMEOUT" wait_for_offload \ 610 ip route show table local 198.51.100.1 611 check_err $? 612 613 ip link set dev $swp2 nomaster 614 busywait "$TIMEOUT" not wait_for_offload \ 615 ip route show table local 198.51.100.1 616 check_err $? 617 618 ip link set dev $swp1 master br0 619 ip link set dev $swp2 master br1 620 busywait "$TIMEOUT" wait_for_offload \ 621 ip route show table local 198.51.100.1 622 check_err $? 623 624 log_test "vxlan decap route - local ports enslavement" 625 626 RET=0 627 628 ip link del dev br0 629 busywait "$TIMEOUT" wait_for_offload \ 630 ip route show table local 198.51.100.1 631 check_err $? 632 633 ip link del dev br1 634 busywait "$TIMEOUT" not wait_for_offload \ 635 ip route show table local 198.51.100.1 636 check_err $? 637 638 log_test "vxlan decap route - bridge device deletion" 639 640 RET=0 641 642 ip link add name br0 up type bridge mcast_snooping 0 643 ip link add name br1 up type bridge mcast_snooping 0 644 ip link set dev $swp1 master br0 645 ip link set dev $swp2 master br1 646 ip link set dev vxlan0 master br0 647 ip link set dev vxlan1 master br1 648 busywait "$TIMEOUT" wait_for_offload \ 649 ip route show table local 198.51.100.1 650 check_err $? 651 652 ip link del dev vxlan0 653 busywait "$TIMEOUT" wait_for_offload \ 654 ip route show table local 198.51.100.1 655 check_err $? 656 657 ip link del dev vxlan1 658 busywait "$TIMEOUT" not wait_for_offload \ 659 ip route show table local 198.51.100.1 660 check_err $? 661 662 log_test "vxlan decap route - vxlan device deletion" 663 664 ip link add name vxlan0 up master br0 type vxlan id 10 nolearning \ 665 noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789 666 ip link add name vxlan1 up master br1 type vxlan id 20 nolearning \ 667 noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789 668} 669 670check_fdb_offloaded() 671{ 672 local mac=00:11:22:33:44:55 673 local zmac=00:00:00:00:00:00 674 675 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $mac self \ 676 bridge fdb show dev vxlan0 677 check_err $? 678 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $mac master \ 679 bridge fdb show dev vxlan0 680 check_err $? 681 682 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $zmac self \ 683 bridge fdb show dev vxlan0 684 check_err $? 685} 686 687check_vxlan_fdb_not_offloaded() 688{ 689 local mac=00:11:22:33:44:55 690 local zmac=00:00:00:00:00:00 691 692 bridge fdb show dev vxlan0 | grep $mac | grep -q self 693 check_err $? 694 busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $mac self \ 695 bridge fdb show dev vxlan0 696 check_err $? 697 698 bridge fdb show dev vxlan0 | grep $zmac | grep -q self 699 check_err $? 700 busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $zmac self \ 701 bridge fdb show dev vxlan0 702 check_err $? 703} 704 705check_bridge_fdb_not_offloaded() 706{ 707 local mac=00:11:22:33:44:55 708 local zmac=00:00:00:00:00:00 709 710 bridge fdb show dev vxlan0 | grep $mac | grep -q master 711 check_err $? 712 busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $mac master \ 713 bridge fdb show dev vxlan0 714 check_err $? 715} 716 717__offload_indication_join_vxlan_first() 718{ 719 local vid=$1; shift 720 721 local mac=00:11:22:33:44:55 722 local zmac=00:00:00:00:00:00 723 724 bridge fdb append $zmac dev vxlan0 self dst 198.51.100.2 725 726 ip link set dev vxlan0 master br0 727 bridge fdb add dev vxlan0 $mac self master static dst 198.51.100.2 728 729 RET=0 730 check_vxlan_fdb_not_offloaded 731 ip link set dev $swp1 master br0 732 sleep .1 733 check_fdb_offloaded 734 log_test "offload indication - attach vxlan first" 735 736 RET=0 737 ip link set dev vxlan0 down 738 check_vxlan_fdb_not_offloaded 739 check_bridge_fdb_not_offloaded 740 log_test "offload indication - set vxlan down" 741 742 RET=0 743 ip link set dev vxlan0 up 744 sleep .1 745 check_fdb_offloaded 746 log_test "offload indication - set vxlan up" 747 748 if [[ ! -z $vid ]]; then 749 RET=0 750 bridge vlan del dev vxlan0 vid $vid 751 check_vxlan_fdb_not_offloaded 752 check_bridge_fdb_not_offloaded 753 log_test "offload indication - delete VLAN" 754 755 RET=0 756 bridge vlan add dev vxlan0 vid $vid 757 check_vxlan_fdb_not_offloaded 758 check_bridge_fdb_not_offloaded 759 log_test "offload indication - add tagged VLAN" 760 761 RET=0 762 bridge vlan add dev vxlan0 vid $vid pvid untagged 763 sleep .1 764 check_fdb_offloaded 765 log_test "offload indication - add pvid/untagged VLAN" 766 fi 767 768 RET=0 769 ip link set dev $swp1 nomaster 770 check_vxlan_fdb_not_offloaded 771 log_test "offload indication - detach port" 772} 773 774offload_indication_join_vxlan_first() 775{ 776 ip link add dev br0 up type bridge mcast_snooping 0 777 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 778 ttl 20 tos inherit local 198.51.100.1 dstport 4789 779 780 __offload_indication_join_vxlan_first 781 782 ip link del dev vxlan0 783 ip link del dev br0 784} 785 786__offload_indication_join_vxlan_last() 787{ 788 local zmac=00:00:00:00:00:00 789 790 RET=0 791 792 bridge fdb append $zmac dev vxlan0 self dst 198.51.100.2 793 794 ip link set dev $swp1 master br0 795 796 busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $zmac self \ 797 bridge fdb show dev vxlan0 798 check_err $? 799 800 ip link set dev vxlan0 master br0 801 802 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $zmac self \ 803 bridge fdb show dev vxlan0 804 check_err $? 805 806 log_test "offload indication - attach vxlan last" 807} 808 809offload_indication_join_vxlan_last() 810{ 811 ip link add dev br0 up type bridge mcast_snooping 0 812 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 813 ttl 20 tos inherit local 198.51.100.1 dstport 4789 814 815 __offload_indication_join_vxlan_last 816 817 ip link del dev vxlan0 818 ip link del dev br0 819} 820 821offload_indication_test() 822{ 823 offload_indication_setup_create 824 offload_indication_fdb_test 825 offload_indication_decap_route_test 826 offload_indication_setup_destroy 827 828 log_info "offload indication - replay & cleanup" 829 offload_indication_join_vxlan_first 830 offload_indication_join_vxlan_last 831} 832 833sanitization_vlan_aware_test() 834{ 835 RET=0 836 837 ip link add dev br0 type bridge mcast_snooping 0 vlan_filtering 1 838 839 ip link add name vxlan10 up master br0 type vxlan id 10 nolearning \ 840 noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789 841 842 ip link add name vxlan20 up master br0 type vxlan id 20 nolearning \ 843 noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789 844 845 # Test that when each VNI is mapped to a different VLAN we can enslave 846 # a port to the bridge 847 bridge vlan add vid 10 dev vxlan10 pvid untagged 848 bridge vlan add vid 20 dev vxlan20 pvid untagged 849 850 ip link set dev $swp1 master br0 851 check_err $? 852 853 log_test "vlan-aware - enslavement to vlan-aware bridge" 854 855 # Try to map both VNIs to the same VLAN and make sure configuration 856 # fails 857 RET=0 858 859 bridge vlan add vid 10 dev vxlan20 pvid untagged &> /dev/null 860 check_fail $? 861 862 log_test "vlan-aware - two vnis mapped to the same vlan" 863 864 # Test that enslavement of a port to a bridge fails when two VNIs 865 # are mapped to the same VLAN 866 RET=0 867 868 ip link set dev $swp1 nomaster 869 870 bridge vlan del vid 20 dev vxlan20 pvid untagged 871 bridge vlan add vid 10 dev vxlan20 pvid untagged 872 873 ip link set dev $swp1 master br0 &> /dev/null 874 check_fail $? 875 876 log_test "vlan-aware - failed enslavement to vlan-aware bridge" 877 878 bridge vlan del vid 10 dev vxlan20 879 bridge vlan add vid 20 dev vxlan20 pvid untagged 880 881 # Test that when two VXLAN tunnels with conflicting configurations 882 # (i.e., different TTL) are enslaved to the same VLAN-aware bridge, 883 # then the enslavement of a port to the bridge is denied. 884 885 # Use the offload indication of the local route to ensure the VXLAN 886 # configuration was correctly rollbacked. 887 ip address add 198.51.100.1/32 dev lo 888 889 ip link set dev vxlan10 type vxlan ttl 10 890 ip link set dev $swp1 master br0 &> /dev/null 891 check_fail $? 892 893 busywait "$TIMEOUT" not wait_for_offload \ 894 ip route show table local 198.51.100.1 895 check_err $? 896 897 log_test "vlan-aware - failed enslavement to bridge due to conflict" 898 899 ip link set dev vxlan10 type vxlan ttl 20 900 ip address del 198.51.100.1/32 dev lo 901 902 ip link del dev vxlan20 903 ip link del dev vxlan10 904 ip link del dev br0 905} 906 907offload_indication_vlan_aware_setup_create() 908{ 909 # Create a simple setup with two VxLAN devices and a single VLAN-aware 910 # bridge 911 ip link add name br0 up type bridge mcast_snooping 0 vlan_filtering 1 \ 912 vlan_default_pvid 0 913 914 ip link set dev $swp1 master br0 915 916 bridge vlan add vid 10 dev $swp1 917 bridge vlan add vid 20 dev $swp1 918 919 ip address add 198.51.100.1/32 dev lo 920 921 ip link add name vxlan10 up master br0 type vxlan id 10 nolearning \ 922 noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789 923 ip link add name vxlan20 up master br0 type vxlan id 20 nolearning \ 924 noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789 925 926 bridge vlan add vid 10 dev vxlan10 pvid untagged 927 bridge vlan add vid 20 dev vxlan20 pvid untagged 928} 929 930offload_indication_vlan_aware_setup_destroy() 931{ 932 bridge vlan del vid 20 dev vxlan20 933 bridge vlan del vid 10 dev vxlan10 934 935 ip link del dev vxlan20 936 ip link del dev vxlan10 937 938 ip address del 198.51.100.1/32 dev lo 939 940 bridge vlan del vid 20 dev $swp1 941 bridge vlan del vid 10 dev $swp1 942 943 ip link set dev $swp1 nomaster 944 945 ip link del dev br0 946} 947 948offload_indication_vlan_aware_fdb_test() 949{ 950 RET=0 951 952 log_info "vxlan entry offload indication - vlan-aware" 953 954 bridge fdb add de:ad:be:ef:13:37 dev vxlan10 self master static \ 955 dst 198.51.100.2 vlan 10 956 957 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 958 de:ad:be:ef:13:37 self bridge fdb show brport vxlan10 959 check_err $? 960 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 961 de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan10 962 check_err $? 963 964 log_test "vxlan entry offload indication - initial state" 965 966 # Remove FDB entry from the bridge driver and check that corresponding 967 # entry in the VxLAN driver is not marked as offloaded 968 RET=0 969 970 bridge fdb del de:ad:be:ef:13:37 dev vxlan10 master vlan 10 971 busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb \ 972 de:ad:be:ef:13:37 self bridge fdb show brport vxlan10 973 check_err $? 974 975 log_test "vxlan entry offload indication - after removal from bridge" 976 977 # Add the FDB entry back to the bridge driver and make sure it is 978 # marked as offloaded in both drivers 979 RET=0 980 981 bridge fdb add de:ad:be:ef:13:37 dev vxlan10 master static vlan 10 982 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 983 de:ad:be:ef:13:37 self bridge fdb show brport vxlan10 984 check_err $? 985 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 986 de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan10 987 check_err $? 988 989 log_test "vxlan entry offload indication - after re-add to bridge" 990 991 # Remove FDB entry from the VxLAN driver and check that corresponding 992 # entry in the bridge driver is not marked as offloaded 993 RET=0 994 995 bridge fdb del de:ad:be:ef:13:37 dev vxlan10 self 996 busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb \ 997 de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan10 998 check_err $? 999 1000 log_test "vxlan entry offload indication - after removal from vxlan" 1001 1002 # Add the FDB entry back to the VxLAN driver and make sure it is 1003 # marked as offloaded in both drivers 1004 RET=0 1005 1006 bridge fdb add de:ad:be:ef:13:37 dev vxlan10 self dst 198.51.100.2 1007 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 1008 de:ad:be:ef:13:37 self bridge fdb show brport vxlan10 1009 check_err $? 1010 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb \ 1011 de:ad:be:ef:13:37 self -v bridge fdb show brport vxlan10 1012 check_err $? 1013 1014 log_test "vxlan entry offload indication - after re-add to vxlan" 1015 1016 bridge fdb del de:ad:be:ef:13:37 dev vxlan10 self master vlan 10 1017} 1018 1019offload_indication_vlan_aware_decap_route_test() 1020{ 1021 RET=0 1022 1023 busywait "$TIMEOUT" wait_for_offload \ 1024 ip route show table local 198.51.100.1 1025 check_err $? 1026 1027 # Toggle PVID flag on one VxLAN device and make sure route is still 1028 # marked as offloaded 1029 bridge vlan add vid 10 dev vxlan10 untagged 1030 1031 busywait "$TIMEOUT" wait_for_offload \ 1032 ip route show table local 198.51.100.1 1033 check_err $? 1034 1035 # Toggle PVID flag on second VxLAN device and make sure route is no 1036 # longer marked as offloaded 1037 bridge vlan add vid 20 dev vxlan20 untagged 1038 1039 busywait "$TIMEOUT" not wait_for_offload \ 1040 ip route show table local 198.51.100.1 1041 check_err $? 1042 1043 # Toggle PVID flag back and make sure route is marked as offloaded 1044 bridge vlan add vid 10 dev vxlan10 pvid untagged 1045 bridge vlan add vid 20 dev vxlan20 pvid untagged 1046 1047 busywait "$TIMEOUT" wait_for_offload ip route show table local 198.51.100.1 1048 check_err $? 1049 1050 log_test "vxlan decap route - vni map/unmap" 1051} 1052 1053offload_indication_vlan_aware_join_vxlan_first() 1054{ 1055 ip link add dev br0 up type bridge mcast_snooping 0 \ 1056 vlan_filtering 1 vlan_default_pvid 1 1057 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 1058 ttl 20 tos inherit local 198.51.100.1 dstport 4789 1059 1060 __offload_indication_join_vxlan_first 1 1061 1062 ip link del dev vxlan0 1063 ip link del dev br0 1064} 1065 1066offload_indication_vlan_aware_join_vxlan_last() 1067{ 1068 ip link add dev br0 up type bridge mcast_snooping 0 \ 1069 vlan_filtering 1 vlan_default_pvid 1 1070 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 1071 ttl 20 tos inherit local 198.51.100.1 dstport 4789 1072 1073 __offload_indication_join_vxlan_last 1074 1075 ip link del dev vxlan0 1076 ip link del dev br0 1077} 1078 1079offload_indication_vlan_aware_l3vni_test() 1080{ 1081 local zmac=00:00:00:00:00:00 1082 1083 RET=0 1084 1085 sysctl_set net.ipv6.conf.default.disable_ipv6 1 1086 ip link add dev br0 up type bridge mcast_snooping 0 \ 1087 vlan_filtering 1 vlan_default_pvid 0 1088 ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \ 1089 ttl 20 tos inherit local 198.51.100.1 dstport 4789 1090 1091 ip link set dev $swp1 master br0 1092 1093 # The test will use the offload indication on the FDB entry to 1094 # understand if the tunnel is offloaded or not 1095 bridge fdb append $zmac dev vxlan0 self dst 192.0.2.1 1096 1097 ip link set dev vxlan0 master br0 1098 bridge vlan add dev vxlan0 vid 10 pvid untagged 1099 1100 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $zmac self \ 1101 bridge fdb show brport vxlan0 1102 check_err $? "vxlan tunnel not offloaded when should" 1103 1104 # Configure a VLAN interface and make sure tunnel is offloaded 1105 ip link add link br0 name br10 up type vlan id 10 1106 sysctl_set net.ipv6.conf.br10.disable_ipv6 0 1107 ip -6 address add 2001:db8:1::1/64 dev br10 1108 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $zmac self \ 1109 bridge fdb show brport vxlan0 1110 check_err $? "vxlan tunnel not offloaded when should" 1111 1112 # Unlink the VXLAN device, make sure tunnel is no longer offloaded, 1113 # then add it back to the bridge and make sure it is offloaded 1114 ip link set dev vxlan0 nomaster 1115 busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $zmac self \ 1116 bridge fdb show brport vxlan0 1117 check_err $? "vxlan tunnel offloaded after unlinked from bridge" 1118 1119 ip link set dev vxlan0 master br0 1120 busywait "$TIMEOUT" not wait_for_offload grep_bridge_fdb $zmac self \ 1121 bridge fdb show brport vxlan0 1122 check_err $? "vxlan tunnel offloaded despite no matching vid" 1123 1124 bridge vlan add dev vxlan0 vid 10 pvid untagged 1125 busywait "$TIMEOUT" wait_for_offload grep_bridge_fdb $zmac self \ 1126 bridge fdb show brport vxlan0 1127 check_err $? "vxlan tunnel not offloaded after adding vid" 1128 1129 log_test "vxlan - l3 vni" 1130 1131 ip link del dev vxlan0 1132 ip link del dev br0 1133 sysctl_restore net.ipv6.conf.default.disable_ipv6 1134} 1135 1136offload_indication_vlan_aware_test() 1137{ 1138 offload_indication_vlan_aware_setup_create 1139 offload_indication_vlan_aware_fdb_test 1140 offload_indication_vlan_aware_decap_route_test 1141 offload_indication_vlan_aware_setup_destroy 1142 1143 log_info "offload indication - replay & cleanup - vlan aware" 1144 offload_indication_vlan_aware_join_vxlan_first 1145 offload_indication_vlan_aware_join_vxlan_last 1146 offload_indication_vlan_aware_l3vni_test 1147} 1148 1149trap cleanup EXIT 1150 1151setup_prepare 1152setup_wait 1153 1154tests_run 1155 1156exit $EXIT_STATUS 1157