1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0
3#
4# Test various aspects of VxLAN offloading which are specific to mlxsw, such
5# as sanitization of invalid configurations and offload indication.
6
7lib_dir=$(dirname $0)/../../../net/forwarding
8
9ALL_TESTS="sanitization_test offload_indication_test \
10	sanitization_vlan_aware_test offload_indication_vlan_aware_test"
11NUM_NETIFS=2
12source $lib_dir/lib.sh
13
14setup_prepare()
15{
16	swp1=${NETIFS[p1]}
17	swp2=${NETIFS[p2]}
18
19	ip link set dev $swp1 up
20	ip link set dev $swp2 up
21}
22
23cleanup()
24{
25	pre_cleanup
26
27	ip link set dev $swp2 down
28	ip link set dev $swp1 down
29}
30
31sanitization_single_dev_test_pass()
32{
33	ip link set dev $swp1 master br0
34	check_err $?
35	ip link set dev vxlan0 master br0
36	check_err $?
37
38	ip link set dev $swp1 nomaster
39
40	ip link set dev $swp1 master br0
41	check_err $?
42}
43
44sanitization_single_dev_test_fail()
45{
46	ip link set dev $swp1 master br0
47	check_err $?
48	ip link set dev vxlan0 master br0 &> /dev/null
49	check_fail $?
50
51	ip link set dev $swp1 nomaster
52
53	ip link set dev vxlan0 master br0
54	check_err $?
55	ip link set dev $swp1 master br0 &> /dev/null
56	check_fail $?
57}
58
59sanitization_single_dev_valid_test()
60{
61	RET=0
62
63	ip link add dev br0 type bridge mcast_snooping 0
64
65	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
66		ttl 20 tos inherit local 198.51.100.1 dstport 4789
67
68	sanitization_single_dev_test_pass
69
70	ip link del dev vxlan0
71	ip link del dev br0
72
73	log_test "vxlan device - valid configuration"
74}
75
76sanitization_single_dev_vlan_aware_test()
77{
78	RET=0
79
80	ip link add dev br0 type bridge mcast_snooping 0 vlan_filtering 1
81
82	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
83		ttl 20 tos inherit local 198.51.100.1 dstport 4789
84
85	sanitization_single_dev_test_pass
86
87	ip link del dev vxlan0
88	ip link del dev br0
89
90	log_test "vxlan device with a vlan-aware bridge"
91}
92
93sanitization_single_dev_mcast_enabled_test()
94{
95	RET=0
96
97	ip link add dev br0 type bridge
98
99	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
100		ttl 20 tos inherit local 198.51.100.1 dstport 4789
101
102	sanitization_single_dev_test_fail
103
104	ip link del dev vxlan0
105	ip link del dev br0
106
107	log_test "vxlan device with a multicast enabled bridge"
108}
109
110sanitization_single_dev_mcast_group_test()
111{
112	RET=0
113
114	ip link add dev br0 type bridge mcast_snooping 0
115
116	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
117		ttl 20 tos inherit local 198.51.100.1 dstport 4789 \
118		dev $swp2 group 239.0.0.1
119
120	sanitization_single_dev_test_fail
121
122	ip link del dev vxlan0
123	ip link del dev br0
124
125	log_test "vxlan device with a multicast group"
126}
127
128sanitization_single_dev_no_local_ip_test()
129{
130	RET=0
131
132	ip link add dev br0 type bridge mcast_snooping 0
133
134	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
135		ttl 20 tos inherit dstport 4789
136
137	sanitization_single_dev_test_fail
138
139	ip link del dev vxlan0
140	ip link del dev br0
141
142	log_test "vxlan device with no local ip"
143}
144
145sanitization_single_dev_local_ipv6_test()
146{
147	RET=0
148
149	ip link add dev br0 type bridge mcast_snooping 0
150
151	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
152		ttl 20 tos inherit local 2001:db8::1 dstport 4789
153
154	sanitization_single_dev_test_fail
155
156	ip link del dev vxlan0
157	ip link del dev br0
158
159	log_test "vxlan device with local ipv6 address"
160}
161
162sanitization_single_dev_learning_enabled_test()
163{
164	RET=0
165
166	ip link add dev br0 type bridge mcast_snooping 0
167
168	ip link add name vxlan0 up type vxlan id 10 learning noudpcsum \
169		ttl 20 tos inherit local 198.51.100.1 dstport 4789
170
171	sanitization_single_dev_test_pass
172
173	ip link del dev vxlan0
174	ip link del dev br0
175
176	log_test "vxlan device with learning enabled"
177}
178
179sanitization_single_dev_local_interface_test()
180{
181	RET=0
182
183	ip link add dev br0 type bridge mcast_snooping 0
184
185	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
186		ttl 20 tos inherit local 198.51.100.1 dstport 4789 dev $swp2
187
188	sanitization_single_dev_test_fail
189
190	ip link del dev vxlan0
191	ip link del dev br0
192
193	log_test "vxlan device with local interface"
194}
195
196sanitization_single_dev_port_range_test()
197{
198	RET=0
199
200	ip link add dev br0 type bridge mcast_snooping 0
201
202	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
203		ttl 20 tos inherit local 198.51.100.1 dstport 4789 \
204		srcport 4000 5000
205
206	sanitization_single_dev_test_fail
207
208	ip link del dev vxlan0
209	ip link del dev br0
210
211	log_test "vxlan device with udp source port range"
212}
213
214sanitization_single_dev_tos_static_test()
215{
216	RET=0
217
218	ip link add dev br0 type bridge mcast_snooping 0
219
220	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
221		ttl 20 tos 20 local 198.51.100.1 dstport 4789
222
223	sanitization_single_dev_test_fail
224
225	ip link del dev vxlan0
226	ip link del dev br0
227
228	log_test "vxlan device with static tos"
229}
230
231sanitization_single_dev_ttl_inherit_test()
232{
233	RET=0
234
235	ip link add dev br0 type bridge mcast_snooping 0
236
237	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
238		ttl inherit tos inherit local 198.51.100.1 dstport 4789
239
240	sanitization_single_dev_test_fail
241
242	ip link del dev vxlan0
243	ip link del dev br0
244
245	log_test "vxlan device with inherit ttl"
246}
247
248sanitization_single_dev_udp_checksum_test()
249{
250	RET=0
251
252	ip link add dev br0 type bridge mcast_snooping 0
253
254	ip link add name vxlan0 up type vxlan id 10 nolearning udpcsum \
255		ttl 20 tos inherit local 198.51.100.1 dstport 4789
256
257	sanitization_single_dev_test_fail
258
259	ip link del dev vxlan0
260	ip link del dev br0
261
262	log_test "vxlan device with udp checksum"
263}
264
265sanitization_single_dev_test()
266{
267	# These tests make sure that we correctly sanitize VxLAN device
268	# configurations we do not support
269	sanitization_single_dev_valid_test
270	sanitization_single_dev_vlan_aware_test
271	sanitization_single_dev_mcast_enabled_test
272	sanitization_single_dev_mcast_group_test
273	sanitization_single_dev_no_local_ip_test
274	sanitization_single_dev_local_ipv6_test
275	sanitization_single_dev_learning_enabled_test
276	sanitization_single_dev_local_interface_test
277	sanitization_single_dev_port_range_test
278	sanitization_single_dev_tos_static_test
279	sanitization_single_dev_ttl_inherit_test
280	sanitization_single_dev_udp_checksum_test
281}
282
283sanitization_multi_devs_test_pass()
284{
285	ip link set dev $swp1 master br0
286	check_err $?
287	ip link set dev vxlan0 master br0
288	check_err $?
289	ip link set dev $swp2 master br1
290	check_err $?
291	ip link set dev vxlan1 master br1
292	check_err $?
293
294	ip link set dev $swp2 nomaster
295	ip link set dev $swp1 nomaster
296
297	ip link set dev $swp1 master br0
298	check_err $?
299	ip link set dev $swp2 master br1
300	check_err $?
301}
302
303sanitization_multi_devs_test_fail()
304{
305	ip link set dev $swp1 master br0
306	check_err $?
307	ip link set dev vxlan0 master br0
308	check_err $?
309	ip link set dev $swp2 master br1
310	check_err $?
311	ip link set dev vxlan1 master br1 &> /dev/null
312	check_fail $?
313
314	ip link set dev $swp2 nomaster
315	ip link set dev $swp1 nomaster
316
317	ip link set dev vxlan1 master br1
318	check_err $?
319	ip link set dev $swp1 master br0
320	check_err $?
321	ip link set dev $swp2 master br1 &> /dev/null
322	check_fail $?
323}
324
325sanitization_multi_devs_valid_test()
326{
327	RET=0
328
329	ip link add dev br0 type bridge mcast_snooping 0
330	ip link add dev br1 type bridge mcast_snooping 0
331
332	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
333		ttl 20 tos inherit local 198.51.100.1 dstport 4789
334	ip link add name vxlan1 up type vxlan id 20 nolearning noudpcsum \
335		ttl 20 tos inherit local 198.51.100.1 dstport 4789
336
337	sanitization_multi_devs_test_pass
338
339	ip link del dev vxlan1
340	ip link del dev vxlan0
341	ip link del dev br1
342	ip link del dev br0
343
344	log_test "multiple vxlan devices - valid configuration"
345}
346
347sanitization_multi_devs_ttl_test()
348{
349	RET=0
350
351	ip link add dev br0 type bridge mcast_snooping 0
352	ip link add dev br1 type bridge mcast_snooping 0
353
354	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
355		ttl 20 tos inherit local 198.51.100.1 dstport 4789
356	ip link add name vxlan1 up type vxlan id 20 nolearning noudpcsum \
357		ttl 40 tos inherit local 198.51.100.1 dstport 4789
358
359	sanitization_multi_devs_test_fail
360
361	ip link del dev vxlan1
362	ip link del dev vxlan0
363	ip link del dev br1
364	ip link del dev br0
365
366	log_test "multiple vxlan devices with different ttl"
367}
368
369sanitization_multi_devs_udp_dstport_test()
370{
371	RET=0
372
373	ip link add dev br0 type bridge mcast_snooping 0
374	ip link add dev br1 type bridge mcast_snooping 0
375
376	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
377		ttl 20 tos inherit local 198.51.100.1 dstport 4789
378	ip link add name vxlan1 up type vxlan id 20 nolearning noudpcsum \
379		ttl 20 tos inherit local 198.51.100.1 dstport 5789
380
381	sanitization_multi_devs_test_fail
382
383	ip link del dev vxlan1
384	ip link del dev vxlan0
385	ip link del dev br1
386	ip link del dev br0
387
388	log_test "multiple vxlan devices with different udp destination port"
389}
390
391sanitization_multi_devs_local_ip_test()
392{
393	RET=0
394
395	ip link add dev br0 type bridge mcast_snooping 0
396	ip link add dev br1 type bridge mcast_snooping 0
397
398	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
399		ttl 20 tos inherit local 198.51.100.1 dstport 4789
400	ip link add name vxlan1 up type vxlan id 20 nolearning noudpcsum \
401		ttl 20 tos inherit local 198.51.100.2 dstport 4789
402
403	sanitization_multi_devs_test_fail
404
405	ip link del dev vxlan1
406	ip link del dev vxlan0
407	ip link del dev br1
408	ip link del dev br0
409
410	log_test "multiple vxlan devices with different local ip"
411}
412
413sanitization_multi_devs_test()
414{
415	# The device has a single VTEP, which means all the VxLAN devices
416	# we offload must share certain properties such as source IP and
417	# UDP destination port. These tests make sure that we forbid
418	# configurations that violate this limitation
419	sanitization_multi_devs_valid_test
420	sanitization_multi_devs_ttl_test
421	sanitization_multi_devs_udp_dstport_test
422	sanitization_multi_devs_local_ip_test
423}
424
425sanitization_test()
426{
427	sanitization_single_dev_test
428	sanitization_multi_devs_test
429}
430
431offload_indication_setup_create()
432{
433	# Create a simple setup with two bridges, each with a VxLAN device
434	# and one local port
435	ip link add name br0 up type bridge mcast_snooping 0
436	ip link add name br1 up type bridge mcast_snooping 0
437
438	ip link set dev $swp1 master br0
439	ip link set dev $swp2 master br1
440
441	ip address add 198.51.100.1/32 dev lo
442
443	ip link add name vxlan0 up master br0 type vxlan id 10 nolearning \
444		noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789
445	ip link add name vxlan1 up master br1 type vxlan id 20 nolearning \
446		noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789
447}
448
449offload_indication_setup_destroy()
450{
451	ip link del dev vxlan1
452	ip link del dev vxlan0
453
454	ip address del 198.51.100.1/32 dev lo
455
456	ip link set dev $swp2 nomaster
457	ip link set dev $swp1 nomaster
458
459	ip link del dev br1
460	ip link del dev br0
461}
462
463offload_indication_fdb_flood_test()
464{
465	RET=0
466
467	bridge fdb append 00:00:00:00:00:00 dev vxlan0 self dst 198.51.100.2
468
469	bridge fdb show brport vxlan0 | grep 00:00:00:00:00:00 \
470		| grep -q offload
471	check_err $?
472
473	bridge fdb del 00:00:00:00:00:00 dev vxlan0 self
474
475	log_test "vxlan flood entry offload indication"
476}
477
478offload_indication_fdb_bridge_test()
479{
480	RET=0
481
482	bridge fdb add de:ad:be:ef:13:37 dev vxlan0 self master static \
483		dst 198.51.100.2
484
485	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep self \
486		| grep -q offload
487	check_err $?
488	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep -v self \
489		| grep -q offload
490	check_err $?
491
492	log_test "vxlan entry offload indication - initial state"
493
494	# Remove FDB entry from the bridge driver and check that corresponding
495	# entry in the VxLAN driver is not marked as offloaded
496	RET=0
497
498	bridge fdb del de:ad:be:ef:13:37 dev vxlan0 master
499	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep self \
500		| grep -q offload
501	check_fail $?
502
503	log_test "vxlan entry offload indication - after removal from bridge"
504
505	# Add the FDB entry back to the bridge driver and make sure it is
506	# marked as offloaded in both drivers
507	RET=0
508
509	bridge fdb add de:ad:be:ef:13:37 dev vxlan0 master static
510	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep self \
511		| grep -q offload
512	check_err $?
513	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep -v self \
514		| grep -q offload
515	check_err $?
516
517	log_test "vxlan entry offload indication - after re-add to bridge"
518
519	# Remove FDB entry from the VxLAN driver and check that corresponding
520	# entry in the bridge driver is not marked as offloaded
521	RET=0
522
523	bridge fdb del de:ad:be:ef:13:37 dev vxlan0 self
524	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep -v self \
525		| grep -q offload
526	check_fail $?
527
528	log_test "vxlan entry offload indication - after removal from vxlan"
529
530	# Add the FDB entry back to the VxLAN driver and make sure it is
531	# marked as offloaded in both drivers
532	RET=0
533
534	bridge fdb add de:ad:be:ef:13:37 dev vxlan0 self dst 198.51.100.2
535	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep self \
536		| grep -q offload
537	check_err $?
538	bridge fdb show brport vxlan0 | grep de:ad:be:ef:13:37 | grep -v self \
539		| grep -q offload
540	check_err $?
541
542	log_test "vxlan entry offload indication - after re-add to vxlan"
543
544	bridge fdb del de:ad:be:ef:13:37 dev vxlan0 self master
545}
546
547offload_indication_fdb_test()
548{
549	offload_indication_fdb_flood_test
550	offload_indication_fdb_bridge_test
551}
552
553offload_indication_decap_route_test()
554{
555	RET=0
556
557	ip route show table local | grep 198.51.100.1 | grep -q offload
558	check_err $?
559
560	ip link set dev vxlan0 down
561	ip route show table local | grep 198.51.100.1 | grep -q offload
562	check_err $?
563
564	ip link set dev vxlan1 down
565	ip route show table local | grep 198.51.100.1 | grep -q offload
566	check_fail $?
567
568	log_test "vxlan decap route - vxlan device down"
569
570	RET=0
571
572	ip link set dev vxlan1 up
573	ip route show table local | grep 198.51.100.1 | grep -q offload
574	check_err $?
575
576	ip link set dev vxlan0 up
577	ip route show table local | grep 198.51.100.1 | grep -q offload
578	check_err $?
579
580	log_test "vxlan decap route - vxlan device up"
581
582	RET=0
583
584	ip address delete 198.51.100.1/32 dev lo
585	ip route show table local | grep 198.51.100.1 | grep -q offload
586	check_fail $?
587
588	ip address add 198.51.100.1/32 dev lo
589	ip route show table local | grep 198.51.100.1 | grep -q offload
590	check_err $?
591
592	log_test "vxlan decap route - add local route"
593
594	RET=0
595
596	ip link set dev $swp1 nomaster
597	ip route show table local | grep 198.51.100.1 | grep -q offload
598	check_err $?
599
600	ip link set dev $swp2 nomaster
601	ip route show table local | grep 198.51.100.1 | grep -q offload
602	check_fail $?
603
604	ip link set dev $swp1 master br0
605	ip link set dev $swp2 master br1
606	ip route show table local | grep 198.51.100.1 | grep -q offload
607	check_err $?
608
609	log_test "vxlan decap route - local ports enslavement"
610
611	RET=0
612
613	ip link del dev br0
614	ip route show table local | grep 198.51.100.1 | grep -q offload
615	check_err $?
616
617	ip link del dev br1
618	ip route show table local | grep 198.51.100.1 | grep -q offload
619	check_fail $?
620
621	log_test "vxlan decap route - bridge device deletion"
622
623	RET=0
624
625	ip link add name br0 up type bridge mcast_snooping 0
626	ip link add name br1 up type bridge mcast_snooping 0
627	ip link set dev $swp1 master br0
628	ip link set dev $swp2 master br1
629	ip link set dev vxlan0 master br0
630	ip link set dev vxlan1 master br1
631	ip route show table local | grep 198.51.100.1 | grep -q offload
632	check_err $?
633
634	ip link del dev vxlan0
635	ip route show table local | grep 198.51.100.1 | grep -q offload
636	check_err $?
637
638	ip link del dev vxlan1
639	ip route show table local | grep 198.51.100.1 | grep -q offload
640	check_fail $?
641
642	log_test "vxlan decap route - vxlan device deletion"
643
644	ip link add name vxlan0 up master br0 type vxlan id 10 nolearning \
645		noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789
646	ip link add name vxlan1 up master br1 type vxlan id 20 nolearning \
647		noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789
648}
649
650check_fdb_offloaded()
651{
652	local mac=00:11:22:33:44:55
653	local zmac=00:00:00:00:00:00
654
655	bridge fdb show dev vxlan0 | grep $mac | grep self | grep -q offload
656	check_err $?
657	bridge fdb show dev vxlan0 | grep $mac | grep master | grep -q offload
658	check_err $?
659
660	bridge fdb show dev vxlan0 | grep $zmac | grep self | grep -q offload
661	check_err $?
662}
663
664check_vxlan_fdb_not_offloaded()
665{
666	local mac=00:11:22:33:44:55
667	local zmac=00:00:00:00:00:00
668
669	bridge fdb show dev vxlan0 | grep $mac | grep -q self
670	check_err $?
671	bridge fdb show dev vxlan0 | grep $mac | grep self | grep -q offload
672	check_fail $?
673
674	bridge fdb show dev vxlan0 | grep $zmac | grep -q self
675	check_err $?
676	bridge fdb show dev vxlan0 | grep $zmac | grep self | grep -q offload
677	check_fail $?
678}
679
680check_bridge_fdb_not_offloaded()
681{
682	local mac=00:11:22:33:44:55
683	local zmac=00:00:00:00:00:00
684
685	bridge fdb show dev vxlan0 | grep $mac | grep -q master
686	check_err $?
687	bridge fdb show dev vxlan0 | grep $mac | grep master | grep -q offload
688	check_fail $?
689}
690
691__offload_indication_join_vxlan_first()
692{
693	local vid=$1; shift
694
695	local mac=00:11:22:33:44:55
696	local zmac=00:00:00:00:00:00
697
698	bridge fdb append $zmac dev vxlan0 self dst 198.51.100.2
699
700	ip link set dev vxlan0 master br0
701	bridge fdb add dev vxlan0 $mac self master static dst 198.51.100.2
702
703	RET=0
704	check_vxlan_fdb_not_offloaded
705	ip link set dev $swp1 master br0
706	sleep .1
707	check_fdb_offloaded
708	log_test "offload indication - attach vxlan first"
709
710	RET=0
711	ip link set dev vxlan0 down
712	check_vxlan_fdb_not_offloaded
713	check_bridge_fdb_not_offloaded
714	log_test "offload indication - set vxlan down"
715
716	RET=0
717	ip link set dev vxlan0 up
718	sleep .1
719	check_fdb_offloaded
720	log_test "offload indication - set vxlan up"
721
722	if [[ ! -z $vid ]]; then
723		RET=0
724		bridge vlan del dev vxlan0 vid $vid
725		check_vxlan_fdb_not_offloaded
726		check_bridge_fdb_not_offloaded
727		log_test "offload indication - delete VLAN"
728
729		RET=0
730		bridge vlan add dev vxlan0 vid $vid
731		check_vxlan_fdb_not_offloaded
732		check_bridge_fdb_not_offloaded
733		log_test "offload indication - add tagged VLAN"
734
735		RET=0
736		bridge vlan add dev vxlan0 vid $vid pvid untagged
737		sleep .1
738		check_fdb_offloaded
739		log_test "offload indication - add pvid/untagged VLAN"
740	fi
741
742	RET=0
743	ip link set dev $swp1 nomaster
744	check_vxlan_fdb_not_offloaded
745	log_test "offload indication - detach port"
746}
747
748offload_indication_join_vxlan_first()
749{
750	ip link add dev br0 up type bridge mcast_snooping 0
751	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
752		ttl 20 tos inherit local 198.51.100.1 dstport 4789
753
754	__offload_indication_join_vxlan_first
755
756	ip link del dev vxlan0
757	ip link del dev br0
758}
759
760__offload_indication_join_vxlan_last()
761{
762	local zmac=00:00:00:00:00:00
763
764	RET=0
765
766	bridge fdb append $zmac dev vxlan0 self dst 198.51.100.2
767
768	ip link set dev $swp1 master br0
769
770	bridge fdb show dev vxlan0 | grep $zmac | grep self | grep -q offload
771	check_fail $?
772
773	ip link set dev vxlan0 master br0
774
775	bridge fdb show dev vxlan0 | grep $zmac | grep self | grep -q offload
776	check_err $?
777
778	log_test "offload indication - attach vxlan last"
779}
780
781offload_indication_join_vxlan_last()
782{
783	ip link add dev br0 up type bridge mcast_snooping 0
784	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
785		ttl 20 tos inherit local 198.51.100.1 dstport 4789
786
787	__offload_indication_join_vxlan_last
788
789	ip link del dev vxlan0
790	ip link del dev br0
791}
792
793offload_indication_test()
794{
795	offload_indication_setup_create
796	offload_indication_fdb_test
797	offload_indication_decap_route_test
798	offload_indication_setup_destroy
799
800	log_info "offload indication - replay & cleanup"
801	offload_indication_join_vxlan_first
802	offload_indication_join_vxlan_last
803}
804
805sanitization_vlan_aware_test()
806{
807	RET=0
808
809	ip link add dev br0 type bridge mcast_snooping 0 vlan_filtering 1
810
811	ip link add name vxlan10 up master br0 type vxlan id 10 nolearning \
812		noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789
813
814	ip link add name vxlan20 up master br0 type vxlan id 20 nolearning \
815		noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789
816
817	# Test that when each VNI is mapped to a different VLAN we can enslave
818	# a port to the bridge
819	bridge vlan add vid 10 dev vxlan10 pvid untagged
820	bridge vlan add vid 20 dev vxlan20 pvid untagged
821
822	ip link set dev $swp1 master br0
823	check_err $?
824
825	log_test "vlan-aware - enslavement to vlan-aware bridge"
826
827	# Try to map both VNIs to the same VLAN and make sure configuration
828	# fails
829	RET=0
830
831	bridge vlan add vid 10 dev vxlan20 pvid untagged &> /dev/null
832	check_fail $?
833
834	log_test "vlan-aware - two vnis mapped to the same vlan"
835
836	# Test that enslavement of a port to a bridge fails when two VNIs
837	# are mapped to the same VLAN
838	RET=0
839
840	ip link set dev $swp1 nomaster
841
842	bridge vlan del vid 20 dev vxlan20 pvid untagged
843	bridge vlan add vid 10 dev vxlan20 pvid untagged
844
845	ip link set dev $swp1 master br0 &> /dev/null
846	check_fail $?
847
848	log_test "vlan-aware - failed enslavement to vlan-aware bridge"
849
850	bridge vlan del vid 10 dev vxlan20
851	bridge vlan add vid 20 dev vxlan20 pvid untagged
852
853	# Test that offloading of an unsupported tunnel fails when it is
854	# triggered by addition of VLAN to a local port
855	RET=0
856
857	# TOS must be set to inherit
858	ip link set dev vxlan10 type vxlan tos 42
859
860	ip link set dev $swp1 master br0
861	bridge vlan add vid 10 dev $swp1 &> /dev/null
862	check_fail $?
863
864	log_test "vlan-aware - failed vlan addition to a local port"
865
866	ip link set dev vxlan10 type vxlan tos inherit
867
868	ip link del dev vxlan20
869	ip link del dev vxlan10
870	ip link del dev br0
871}
872
873offload_indication_vlan_aware_setup_create()
874{
875	# Create a simple setup with two VxLAN devices and a single VLAN-aware
876	# bridge
877	ip link add name br0 up type bridge mcast_snooping 0 vlan_filtering 1 \
878		vlan_default_pvid 0
879
880	ip link set dev $swp1 master br0
881
882	bridge vlan add vid 10 dev $swp1
883	bridge vlan add vid 20 dev $swp1
884
885	ip address add 198.51.100.1/32 dev lo
886
887	ip link add name vxlan10 up master br0 type vxlan id 10 nolearning \
888		noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789
889	ip link add name vxlan20 up master br0 type vxlan id 20 nolearning \
890		noudpcsum ttl 20 tos inherit local 198.51.100.1 dstport 4789
891
892	bridge vlan add vid 10 dev vxlan10 pvid untagged
893	bridge vlan add vid 20 dev vxlan20 pvid untagged
894}
895
896offload_indication_vlan_aware_setup_destroy()
897{
898	bridge vlan del vid 20 dev vxlan20
899	bridge vlan del vid 10 dev vxlan10
900
901	ip link del dev vxlan20
902	ip link del dev vxlan10
903
904	ip address del 198.51.100.1/32 dev lo
905
906	bridge vlan del vid 20 dev $swp1
907	bridge vlan del vid 10 dev $swp1
908
909	ip link set dev $swp1 nomaster
910
911	ip link del dev br0
912}
913
914offload_indication_vlan_aware_fdb_test()
915{
916	RET=0
917
918	log_info "vxlan entry offload indication - vlan-aware"
919
920	bridge fdb add de:ad:be:ef:13:37 dev vxlan10 self master static \
921		dst 198.51.100.2 vlan 10
922
923	bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep self \
924		| grep -q offload
925	check_err $?
926	bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep -v self \
927		| grep -q offload
928	check_err $?
929
930	log_test "vxlan entry offload indication - initial state"
931
932	# Remove FDB entry from the bridge driver and check that corresponding
933	# entry in the VxLAN driver is not marked as offloaded
934	RET=0
935
936	bridge fdb del de:ad:be:ef:13:37 dev vxlan10 master vlan 10
937	bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep self \
938		| grep -q offload
939	check_fail $?
940
941	log_test "vxlan entry offload indication - after removal from bridge"
942
943	# Add the FDB entry back to the bridge driver and make sure it is
944	# marked as offloaded in both drivers
945	RET=0
946
947	bridge fdb add de:ad:be:ef:13:37 dev vxlan10 master static vlan 10
948	bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep self \
949		| grep -q offload
950	check_err $?
951	bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep -v self \
952		| grep -q offload
953	check_err $?
954
955	log_test "vxlan entry offload indication - after re-add to bridge"
956
957	# Remove FDB entry from the VxLAN driver and check that corresponding
958	# entry in the bridge driver is not marked as offloaded
959	RET=0
960
961	bridge fdb del de:ad:be:ef:13:37 dev vxlan10 self
962	bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep -v self \
963		| grep -q offload
964	check_fail $?
965
966	log_test "vxlan entry offload indication - after removal from vxlan"
967
968	# Add the FDB entry back to the VxLAN driver and make sure it is
969	# marked as offloaded in both drivers
970	RET=0
971
972	bridge fdb add de:ad:be:ef:13:37 dev vxlan10 self dst 198.51.100.2
973	bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep self \
974		| grep -q offload
975	check_err $?
976	bridge fdb show brport vxlan10 | grep de:ad:be:ef:13:37 | grep -v self \
977		| grep -q offload
978	check_err $?
979
980	log_test "vxlan entry offload indication - after re-add to vxlan"
981
982	bridge fdb del de:ad:be:ef:13:37 dev vxlan10 self master vlan 10
983}
984
985offload_indication_vlan_aware_decap_route_test()
986{
987	RET=0
988
989	ip route show table local | grep 198.51.100.1 | grep -q offload
990	check_err $?
991
992	# Toggle PVID flag on one VxLAN device and make sure route is still
993	# marked as offloaded
994	bridge vlan add vid 10 dev vxlan10 untagged
995
996	ip route show table local | grep 198.51.100.1 | grep -q offload
997	check_err $?
998
999	# Toggle PVID flag on second VxLAN device and make sure route is no
1000	# longer marked as offloaded
1001	bridge vlan add vid 20 dev vxlan20 untagged
1002
1003	ip route show table local | grep 198.51.100.1 | grep -q offload
1004	check_fail $?
1005
1006	# Toggle PVID flag back and make sure route is marked as offloaded
1007	bridge vlan add vid 10 dev vxlan10 pvid untagged
1008	bridge vlan add vid 20 dev vxlan20 pvid untagged
1009
1010	ip route show table local | grep 198.51.100.1 | grep -q offload
1011	check_err $?
1012
1013	log_test "vxlan decap route - vni map/unmap"
1014}
1015
1016offload_indication_vlan_aware_join_vxlan_first()
1017{
1018	ip link add dev br0 up type bridge mcast_snooping 0 \
1019		vlan_filtering 1 vlan_default_pvid 1
1020	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
1021		ttl 20 tos inherit local 198.51.100.1 dstport 4789
1022
1023	__offload_indication_join_vxlan_first 1
1024
1025	ip link del dev vxlan0
1026	ip link del dev br0
1027}
1028
1029offload_indication_vlan_aware_join_vxlan_last()
1030{
1031	ip link add dev br0 up type bridge mcast_snooping 0 \
1032		vlan_filtering 1 vlan_default_pvid 1
1033	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
1034		ttl 20 tos inherit local 198.51.100.1 dstport 4789
1035
1036	__offload_indication_join_vxlan_last
1037
1038	ip link del dev vxlan0
1039	ip link del dev br0
1040}
1041
1042offload_indication_vlan_aware_l3vni_test()
1043{
1044	local zmac=00:00:00:00:00:00
1045
1046	RET=0
1047
1048	sysctl_set net.ipv6.conf.default.disable_ipv6 1
1049	ip link add dev br0 up type bridge mcast_snooping 0 \
1050		vlan_filtering 1 vlan_default_pvid 0
1051	ip link add name vxlan0 up type vxlan id 10 nolearning noudpcsum \
1052		ttl 20 tos inherit local 198.51.100.1 dstport 4789
1053
1054	ip link set dev $swp1 master br0
1055
1056	# The test will use the offload indication on the FDB entry to
1057	# understand if the tunnel is offloaded or not
1058	bridge fdb append $zmac dev vxlan0 self dst 192.0.2.1
1059
1060	ip link set dev vxlan0 master br0
1061	bridge vlan add dev vxlan0 vid 10 pvid untagged
1062
1063	# No local port or router port is member in the VLAN, so tunnel should
1064	# not be offloaded
1065	bridge fdb show brport vxlan0 | grep $zmac | grep self \
1066		| grep -q offload
1067	check_fail $? "vxlan tunnel offloaded when should not"
1068
1069	# Configure a VLAN interface and make sure tunnel is offloaded
1070	ip link add link br0 name br10 up type vlan id 10
1071	sysctl_set net.ipv6.conf.br10.disable_ipv6 0
1072	ip -6 address add 2001:db8:1::1/64 dev br10
1073	bridge fdb show brport vxlan0 | grep $zmac | grep self \
1074		| grep -q offload
1075	check_err $? "vxlan tunnel not offloaded when should"
1076
1077	# Unlink the VXLAN device, make sure tunnel is no longer offloaded,
1078	# then add it back to the bridge and make sure it is offloaded
1079	ip link set dev vxlan0 nomaster
1080	bridge fdb show brport vxlan0 | grep $zmac | grep self \
1081		| grep -q offload
1082	check_fail $? "vxlan tunnel offloaded after unlinked from bridge"
1083
1084	ip link set dev vxlan0 master br0
1085	bridge fdb show brport vxlan0 | grep $zmac | grep self \
1086		| grep -q offload
1087	check_fail $? "vxlan tunnel offloaded despite no matching vid"
1088
1089	bridge vlan add dev vxlan0 vid 10 pvid untagged
1090	bridge fdb show brport vxlan0 | grep $zmac | grep self \
1091		| grep -q offload
1092	check_err $? "vxlan tunnel not offloaded after adding vid"
1093
1094	log_test "vxlan - l3 vni"
1095
1096	ip link del dev vxlan0
1097	ip link del dev br0
1098	sysctl_restore net.ipv6.conf.default.disable_ipv6
1099}
1100
1101offload_indication_vlan_aware_test()
1102{
1103	offload_indication_vlan_aware_setup_create
1104	offload_indication_vlan_aware_fdb_test
1105	offload_indication_vlan_aware_decap_route_test
1106	offload_indication_vlan_aware_setup_destroy
1107
1108	log_info "offload indication - replay & cleanup - vlan aware"
1109	offload_indication_vlan_aware_join_vxlan_first
1110	offload_indication_vlan_aware_join_vxlan_last
1111	offload_indication_vlan_aware_l3vni_test
1112}
1113
1114trap cleanup EXIT
1115
1116setup_prepare
1117setup_wait
1118
1119tests_run
1120
1121exit $EXIT_STATUS
1122