1#!/bin/bash 2# SPDX-License-Identifier: GPL-2.0 3 4# This test is for checking IPv4 and IPv6 FIB behavior in response to 5# different events. 6 7ret=0 8# Kselftest framework requirement - SKIP code is 4. 9ksft_skip=4 10 11# all tests in this script. Can be overridden with -t option 12TESTS="unregister down carrier nexthop suppress ipv6_rt ipv4_rt ipv6_addr_metric ipv4_addr_metric ipv6_route_metrics ipv4_route_metrics ipv4_route_v6_gw rp_filter ipv4_del_addr ipv4_mangle ipv6_mangle" 13 14VERBOSE=0 15PAUSE_ON_FAIL=no 16PAUSE=no 17IP="ip -netns ns1" 18NS_EXEC="ip netns exec ns1" 19 20which ping6 > /dev/null 2>&1 && ping6=$(which ping6) || ping6=$(which ping) 21 22log_test() 23{ 24 local rc=$1 25 local expected=$2 26 local msg="$3" 27 28 if [ ${rc} -eq ${expected} ]; then 29 printf " TEST: %-60s [ OK ]\n" "${msg}" 30 nsuccess=$((nsuccess+1)) 31 else 32 ret=1 33 nfail=$((nfail+1)) 34 printf " TEST: %-60s [FAIL]\n" "${msg}" 35 if [ "${PAUSE_ON_FAIL}" = "yes" ]; then 36 echo 37 echo "hit enter to continue, 'q' to quit" 38 read a 39 [ "$a" = "q" ] && exit 1 40 fi 41 fi 42 43 if [ "${PAUSE}" = "yes" ]; then 44 echo 45 echo "hit enter to continue, 'q' to quit" 46 read a 47 [ "$a" = "q" ] && exit 1 48 fi 49} 50 51setup() 52{ 53 set -e 54 ip netns add ns1 55 ip netns set ns1 auto 56 $IP link set dev lo up 57 ip netns exec ns1 sysctl -qw net.ipv4.ip_forward=1 58 ip netns exec ns1 sysctl -qw net.ipv6.conf.all.forwarding=1 59 60 $IP link add dummy0 type dummy 61 $IP link set dev dummy0 up 62 $IP address add 198.51.100.1/24 dev dummy0 63 $IP -6 address add 2001:db8:1::1/64 dev dummy0 64 set +e 65 66} 67 68cleanup() 69{ 70 $IP link del dev dummy0 &> /dev/null 71 ip netns del ns1 72 ip netns del ns2 &> /dev/null 73} 74 75get_linklocal() 76{ 77 local dev=$1 78 local addr 79 80 addr=$($IP -6 -br addr show dev ${dev} | \ 81 awk '{ 82 for (i = 3; i <= NF; ++i) { 83 if ($i ~ /^fe80/) 84 print $i 85 } 86 }' 87 ) 88 addr=${addr/\/*} 89 90 [ -z "$addr" ] && return 1 91 92 echo $addr 93 94 return 0 95} 96 97fib_unreg_unicast_test() 98{ 99 echo 100 echo "Single path route test" 101 102 setup 103 104 echo " Start point" 105 $IP route get fibmatch 198.51.100.2 &> /dev/null 106 log_test $? 0 "IPv4 fibmatch" 107 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null 108 log_test $? 0 "IPv6 fibmatch" 109 110 set -e 111 $IP link del dev dummy0 112 set +e 113 114 echo " Nexthop device deleted" 115 $IP route get fibmatch 198.51.100.2 &> /dev/null 116 log_test $? 2 "IPv4 fibmatch - no route" 117 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null 118 log_test $? 2 "IPv6 fibmatch - no route" 119 120 cleanup 121} 122 123fib_unreg_multipath_test() 124{ 125 126 echo 127 echo "Multipath route test" 128 129 setup 130 131 set -e 132 $IP link add dummy1 type dummy 133 $IP link set dev dummy1 up 134 $IP address add 192.0.2.1/24 dev dummy1 135 $IP -6 address add 2001:db8:2::1/64 dev dummy1 136 137 $IP route add 203.0.113.0/24 \ 138 nexthop via 198.51.100.2 dev dummy0 \ 139 nexthop via 192.0.2.2 dev dummy1 140 $IP -6 route add 2001:db8:3::/64 \ 141 nexthop via 2001:db8:1::2 dev dummy0 \ 142 nexthop via 2001:db8:2::2 dev dummy1 143 set +e 144 145 echo " Start point" 146 $IP route get fibmatch 203.0.113.1 &> /dev/null 147 log_test $? 0 "IPv4 fibmatch" 148 $IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null 149 log_test $? 0 "IPv6 fibmatch" 150 151 set -e 152 $IP link del dev dummy0 153 set +e 154 155 echo " One nexthop device deleted" 156 $IP route get fibmatch 203.0.113.1 &> /dev/null 157 log_test $? 2 "IPv4 - multipath route removed on delete" 158 159 $IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null 160 # In IPv6 we do not flush the entire multipath route. 161 log_test $? 0 "IPv6 - multipath down to single path" 162 163 set -e 164 $IP link del dev dummy1 165 set +e 166 167 echo " Second nexthop device deleted" 168 $IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null 169 log_test $? 2 "IPv6 - no route" 170 171 cleanup 172} 173 174fib_unreg_test() 175{ 176 fib_unreg_unicast_test 177 fib_unreg_multipath_test 178} 179 180fib_down_unicast_test() 181{ 182 echo 183 echo "Single path, admin down" 184 185 setup 186 187 echo " Start point" 188 $IP route get fibmatch 198.51.100.2 &> /dev/null 189 log_test $? 0 "IPv4 fibmatch" 190 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null 191 log_test $? 0 "IPv6 fibmatch" 192 193 set -e 194 $IP link set dev dummy0 down 195 set +e 196 197 echo " Route deleted on down" 198 $IP route get fibmatch 198.51.100.2 &> /dev/null 199 log_test $? 2 "IPv4 fibmatch" 200 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null 201 log_test $? 2 "IPv6 fibmatch" 202 203 cleanup 204} 205 206fib_down_multipath_test_do() 207{ 208 local down_dev=$1 209 local up_dev=$2 210 211 $IP route get fibmatch 203.0.113.1 \ 212 oif $down_dev &> /dev/null 213 log_test $? 2 "IPv4 fibmatch on down device" 214 $IP -6 route get fibmatch 2001:db8:3::1 \ 215 oif $down_dev &> /dev/null 216 log_test $? 2 "IPv6 fibmatch on down device" 217 218 $IP route get fibmatch 203.0.113.1 \ 219 oif $up_dev &> /dev/null 220 log_test $? 0 "IPv4 fibmatch on up device" 221 $IP -6 route get fibmatch 2001:db8:3::1 \ 222 oif $up_dev &> /dev/null 223 log_test $? 0 "IPv6 fibmatch on up device" 224 225 $IP route get fibmatch 203.0.113.1 | \ 226 grep $down_dev | grep -q "dead linkdown" 227 log_test $? 0 "IPv4 flags on down device" 228 $IP -6 route get fibmatch 2001:db8:3::1 | \ 229 grep $down_dev | grep -q "dead linkdown" 230 log_test $? 0 "IPv6 flags on down device" 231 232 $IP route get fibmatch 203.0.113.1 | \ 233 grep $up_dev | grep -q "dead linkdown" 234 log_test $? 1 "IPv4 flags on up device" 235 $IP -6 route get fibmatch 2001:db8:3::1 | \ 236 grep $up_dev | grep -q "dead linkdown" 237 log_test $? 1 "IPv6 flags on up device" 238} 239 240fib_down_multipath_test() 241{ 242 echo 243 echo "Admin down multipath" 244 245 setup 246 247 set -e 248 $IP link add dummy1 type dummy 249 $IP link set dev dummy1 up 250 251 $IP address add 192.0.2.1/24 dev dummy1 252 $IP -6 address add 2001:db8:2::1/64 dev dummy1 253 254 $IP route add 203.0.113.0/24 \ 255 nexthop via 198.51.100.2 dev dummy0 \ 256 nexthop via 192.0.2.2 dev dummy1 257 $IP -6 route add 2001:db8:3::/64 \ 258 nexthop via 2001:db8:1::2 dev dummy0 \ 259 nexthop via 2001:db8:2::2 dev dummy1 260 set +e 261 262 echo " Verify start point" 263 $IP route get fibmatch 203.0.113.1 &> /dev/null 264 log_test $? 0 "IPv4 fibmatch" 265 266 $IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null 267 log_test $? 0 "IPv6 fibmatch" 268 269 set -e 270 $IP link set dev dummy0 down 271 set +e 272 273 echo " One device down, one up" 274 fib_down_multipath_test_do "dummy0" "dummy1" 275 276 set -e 277 $IP link set dev dummy0 up 278 $IP link set dev dummy1 down 279 set +e 280 281 echo " Other device down and up" 282 fib_down_multipath_test_do "dummy1" "dummy0" 283 284 set -e 285 $IP link set dev dummy0 down 286 set +e 287 288 echo " Both devices down" 289 $IP route get fibmatch 203.0.113.1 &> /dev/null 290 log_test $? 2 "IPv4 fibmatch" 291 $IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null 292 log_test $? 2 "IPv6 fibmatch" 293 294 $IP link del dev dummy1 295 cleanup 296} 297 298fib_down_test() 299{ 300 fib_down_unicast_test 301 fib_down_multipath_test 302} 303 304# Local routes should not be affected when carrier changes. 305fib_carrier_local_test() 306{ 307 echo 308 echo "Local carrier tests - single path" 309 310 setup 311 312 set -e 313 $IP link set dev dummy0 carrier on 314 set +e 315 316 echo " Start point" 317 $IP route get fibmatch 198.51.100.1 &> /dev/null 318 log_test $? 0 "IPv4 fibmatch" 319 $IP -6 route get fibmatch 2001:db8:1::1 &> /dev/null 320 log_test $? 0 "IPv6 fibmatch" 321 322 $IP route get fibmatch 198.51.100.1 | \ 323 grep -q "linkdown" 324 log_test $? 1 "IPv4 - no linkdown flag" 325 $IP -6 route get fibmatch 2001:db8:1::1 | \ 326 grep -q "linkdown" 327 log_test $? 1 "IPv6 - no linkdown flag" 328 329 set -e 330 $IP link set dev dummy0 carrier off 331 sleep 1 332 set +e 333 334 echo " Carrier off on nexthop" 335 $IP route get fibmatch 198.51.100.1 &> /dev/null 336 log_test $? 0 "IPv4 fibmatch" 337 $IP -6 route get fibmatch 2001:db8:1::1 &> /dev/null 338 log_test $? 0 "IPv6 fibmatch" 339 340 $IP route get fibmatch 198.51.100.1 | \ 341 grep -q "linkdown" 342 log_test $? 1 "IPv4 - linkdown flag set" 343 $IP -6 route get fibmatch 2001:db8:1::1 | \ 344 grep -q "linkdown" 345 log_test $? 1 "IPv6 - linkdown flag set" 346 347 set -e 348 $IP address add 192.0.2.1/24 dev dummy0 349 $IP -6 address add 2001:db8:2::1/64 dev dummy0 350 set +e 351 352 echo " Route to local address with carrier down" 353 $IP route get fibmatch 192.0.2.1 &> /dev/null 354 log_test $? 0 "IPv4 fibmatch" 355 $IP -6 route get fibmatch 2001:db8:2::1 &> /dev/null 356 log_test $? 0 "IPv6 fibmatch" 357 358 $IP route get fibmatch 192.0.2.1 | \ 359 grep -q "linkdown" 360 log_test $? 1 "IPv4 linkdown flag set" 361 $IP -6 route get fibmatch 2001:db8:2::1 | \ 362 grep -q "linkdown" 363 log_test $? 1 "IPv6 linkdown flag set" 364 365 cleanup 366} 367 368fib_carrier_unicast_test() 369{ 370 ret=0 371 372 echo 373 echo "Single path route carrier test" 374 375 setup 376 377 set -e 378 $IP link set dev dummy0 carrier on 379 set +e 380 381 echo " Start point" 382 $IP route get fibmatch 198.51.100.2 &> /dev/null 383 log_test $? 0 "IPv4 fibmatch" 384 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null 385 log_test $? 0 "IPv6 fibmatch" 386 387 $IP route get fibmatch 198.51.100.2 | \ 388 grep -q "linkdown" 389 log_test $? 1 "IPv4 no linkdown flag" 390 $IP -6 route get fibmatch 2001:db8:1::2 | \ 391 grep -q "linkdown" 392 log_test $? 1 "IPv6 no linkdown flag" 393 394 set -e 395 $IP link set dev dummy0 carrier off 396 sleep 1 397 set +e 398 399 echo " Carrier down" 400 $IP route get fibmatch 198.51.100.2 &> /dev/null 401 log_test $? 0 "IPv4 fibmatch" 402 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null 403 log_test $? 0 "IPv6 fibmatch" 404 405 $IP route get fibmatch 198.51.100.2 | \ 406 grep -q "linkdown" 407 log_test $? 0 "IPv4 linkdown flag set" 408 $IP -6 route get fibmatch 2001:db8:1::2 | \ 409 grep -q "linkdown" 410 log_test $? 0 "IPv6 linkdown flag set" 411 412 set -e 413 $IP address add 192.0.2.1/24 dev dummy0 414 $IP -6 address add 2001:db8:2::1/64 dev dummy0 415 set +e 416 417 echo " Second address added with carrier down" 418 $IP route get fibmatch 192.0.2.2 &> /dev/null 419 log_test $? 0 "IPv4 fibmatch" 420 $IP -6 route get fibmatch 2001:db8:2::2 &> /dev/null 421 log_test $? 0 "IPv6 fibmatch" 422 423 $IP route get fibmatch 192.0.2.2 | \ 424 grep -q "linkdown" 425 log_test $? 0 "IPv4 linkdown flag set" 426 $IP -6 route get fibmatch 2001:db8:2::2 | \ 427 grep -q "linkdown" 428 log_test $? 0 "IPv6 linkdown flag set" 429 430 cleanup 431} 432 433fib_carrier_test() 434{ 435 fib_carrier_local_test 436 fib_carrier_unicast_test 437} 438 439fib_rp_filter_test() 440{ 441 echo 442 echo "IPv4 rp_filter tests" 443 444 setup 445 446 set -e 447 $IP link set dev lo address 52:54:00:6a:c7:5e 448 $IP link set dummy0 address 52:54:00:6a:c7:5e 449 $IP link add dummy1 type dummy 450 $IP link set dummy1 address 52:54:00:6a:c7:5e 451 $IP link set dev dummy1 up 452 $NS_EXEC sysctl -qw net.ipv4.conf.all.rp_filter=1 453 $NS_EXEC sysctl -qw net.ipv4.conf.all.accept_local=1 454 $NS_EXEC sysctl -qw net.ipv4.conf.all.route_localnet=1 455 456 $NS_EXEC tc qd add dev dummy1 parent root handle 1: fq_codel 457 $NS_EXEC tc filter add dev dummy1 parent 1: protocol arp basic action mirred egress redirect dev lo 458 $NS_EXEC tc filter add dev dummy1 parent 1: protocol ip basic action mirred egress redirect dev lo 459 set +e 460 461 run_cmd "ip netns exec ns1 ping -I dummy1 -w1 -c1 198.51.100.1" 462 log_test $? 0 "rp_filter passes local packets" 463 464 run_cmd "ip netns exec ns1 ping -I dummy1 -w1 -c1 127.0.0.1" 465 log_test $? 0 "rp_filter passes loopback packets" 466 467 cleanup 468} 469 470################################################################################ 471# Tests on nexthop spec 472 473# run 'ip route add' with given spec 474add_rt() 475{ 476 local desc="$1" 477 local erc=$2 478 local vrf=$3 479 local pfx=$4 480 local gw=$5 481 local dev=$6 482 local cmd out rc 483 484 [ "$vrf" = "-" ] && vrf="default" 485 [ -n "$gw" ] && gw="via $gw" 486 [ -n "$dev" ] && dev="dev $dev" 487 488 cmd="$IP route add vrf $vrf $pfx $gw $dev" 489 if [ "$VERBOSE" = "1" ]; then 490 printf "\n COMMAND: $cmd\n" 491 fi 492 493 out=$(eval $cmd 2>&1) 494 rc=$? 495 if [ "$VERBOSE" = "1" -a -n "$out" ]; then 496 echo " $out" 497 fi 498 log_test $rc $erc "$desc" 499} 500 501fib4_nexthop() 502{ 503 echo 504 echo "IPv4 nexthop tests" 505 506 echo "<<< write me >>>" 507} 508 509fib6_nexthop() 510{ 511 local lldummy=$(get_linklocal dummy0) 512 local llv1=$(get_linklocal dummy0) 513 514 if [ -z "$lldummy" ]; then 515 echo "Failed to get linklocal address for dummy0" 516 return 1 517 fi 518 if [ -z "$llv1" ]; then 519 echo "Failed to get linklocal address for veth1" 520 return 1 521 fi 522 523 echo 524 echo "IPv6 nexthop tests" 525 526 add_rt "Directly connected nexthop, unicast address" 0 \ 527 - 2001:db8:101::/64 2001:db8:1::2 528 add_rt "Directly connected nexthop, unicast address with device" 0 \ 529 - 2001:db8:102::/64 2001:db8:1::2 "dummy0" 530 add_rt "Gateway is linklocal address" 0 \ 531 - 2001:db8:103::1/64 $llv1 "veth0" 532 533 # fails because LL address requires a device 534 add_rt "Gateway is linklocal address, no device" 2 \ 535 - 2001:db8:104::1/64 $llv1 536 537 # local address can not be a gateway 538 add_rt "Gateway can not be local unicast address" 2 \ 539 - 2001:db8:105::/64 2001:db8:1::1 540 add_rt "Gateway can not be local unicast address, with device" 2 \ 541 - 2001:db8:106::/64 2001:db8:1::1 "dummy0" 542 add_rt "Gateway can not be a local linklocal address" 2 \ 543 - 2001:db8:107::1/64 $lldummy "dummy0" 544 545 # VRF tests 546 add_rt "Gateway can be local address in a VRF" 0 \ 547 - 2001:db8:108::/64 2001:db8:51::2 548 add_rt "Gateway can be local address in a VRF, with device" 0 \ 549 - 2001:db8:109::/64 2001:db8:51::2 "veth0" 550 add_rt "Gateway can be local linklocal address in a VRF" 0 \ 551 - 2001:db8:110::1/64 $llv1 "veth0" 552 553 add_rt "Redirect to VRF lookup" 0 \ 554 - 2001:db8:111::/64 "" "red" 555 556 add_rt "VRF route, gateway can be local address in default VRF" 0 \ 557 red 2001:db8:112::/64 2001:db8:51::1 558 559 # local address in same VRF fails 560 add_rt "VRF route, gateway can not be a local address" 2 \ 561 red 2001:db8:113::1/64 2001:db8:2::1 562 add_rt "VRF route, gateway can not be a local addr with device" 2 \ 563 red 2001:db8:114::1/64 2001:db8:2::1 "dummy1" 564} 565 566# Default VRF: 567# dummy0 - 198.51.100.1/24 2001:db8:1::1/64 568# veth0 - 192.0.2.1/24 2001:db8:51::1/64 569# 570# VRF red: 571# dummy1 - 192.168.2.1/24 2001:db8:2::1/64 572# veth1 - 192.0.2.2/24 2001:db8:51::2/64 573# 574# [ dummy0 veth0 ]--[ veth1 dummy1 ] 575 576fib_nexthop_test() 577{ 578 setup 579 580 set -e 581 582 $IP -4 rule add pref 32765 table local 583 $IP -4 rule del pref 0 584 $IP -6 rule add pref 32765 table local 585 $IP -6 rule del pref 0 586 587 $IP link add red type vrf table 1 588 $IP link set red up 589 $IP -4 route add vrf red unreachable default metric 4278198272 590 $IP -6 route add vrf red unreachable default metric 4278198272 591 592 $IP link add veth0 type veth peer name veth1 593 $IP link set dev veth0 up 594 $IP address add 192.0.2.1/24 dev veth0 595 $IP -6 address add 2001:db8:51::1/64 dev veth0 596 597 $IP link set dev veth1 vrf red up 598 $IP address add 192.0.2.2/24 dev veth1 599 $IP -6 address add 2001:db8:51::2/64 dev veth1 600 601 $IP link add dummy1 type dummy 602 $IP link set dev dummy1 vrf red up 603 $IP address add 192.168.2.1/24 dev dummy1 604 $IP -6 address add 2001:db8:2::1/64 dev dummy1 605 set +e 606 607 sleep 1 608 fib4_nexthop 609 fib6_nexthop 610 611 ( 612 $IP link del dev dummy1 613 $IP link del veth0 614 $IP link del red 615 ) 2>/dev/null 616 cleanup 617} 618 619fib_suppress_test() 620{ 621 echo 622 echo "FIB rule with suppress_prefixlength" 623 setup 624 625 $IP link add dummy1 type dummy 626 $IP link set dummy1 up 627 $IP -6 route add default dev dummy1 628 $IP -6 rule add table main suppress_prefixlength 0 629 ping -f -c 1000 -W 1 1234::1 >/dev/null 2>&1 630 $IP -6 rule del table main suppress_prefixlength 0 631 $IP link del dummy1 632 633 # If we got here without crashing, we're good. 634 log_test 0 0 "FIB rule suppress test" 635 636 cleanup 637} 638 639################################################################################ 640# Tests on route add and replace 641 642run_cmd() 643{ 644 local cmd="$1" 645 local out 646 local stderr="2>/dev/null" 647 648 if [ "$VERBOSE" = "1" ]; then 649 printf " COMMAND: $cmd\n" 650 stderr= 651 fi 652 653 out=$(eval $cmd $stderr) 654 rc=$? 655 if [ "$VERBOSE" = "1" -a -n "$out" ]; then 656 echo " $out" 657 fi 658 659 [ "$VERBOSE" = "1" ] && echo 660 661 return $rc 662} 663 664check_expected() 665{ 666 local out="$1" 667 local expected="$2" 668 local rc=0 669 670 [ "${out}" = "${expected}" ] && return 0 671 672 if [ -z "${out}" ]; then 673 if [ "$VERBOSE" = "1" ]; then 674 printf "\nNo route entry found\n" 675 printf "Expected:\n" 676 printf " ${expected}\n" 677 fi 678 return 1 679 fi 680 681 # tricky way to convert output to 1-line without ip's 682 # messy '\'; this drops all extra white space 683 out=$(echo ${out}) 684 if [ "${out}" != "${expected}" ]; then 685 rc=1 686 if [ "${VERBOSE}" = "1" ]; then 687 printf " Unexpected route entry. Have:\n" 688 printf " ${out}\n" 689 printf " Expected:\n" 690 printf " ${expected}\n\n" 691 fi 692 fi 693 694 return $rc 695} 696 697# add route for a prefix, flushing any existing routes first 698# expected to be the first step of a test 699add_route6() 700{ 701 local pfx="$1" 702 local nh="$2" 703 local out 704 705 if [ "$VERBOSE" = "1" ]; then 706 echo 707 echo " ##################################################" 708 echo 709 fi 710 711 run_cmd "$IP -6 ro flush ${pfx}" 712 [ $? -ne 0 ] && exit 1 713 714 out=$($IP -6 ro ls match ${pfx}) 715 if [ -n "$out" ]; then 716 echo "Failed to flush routes for prefix used for tests." 717 exit 1 718 fi 719 720 run_cmd "$IP -6 ro add ${pfx} ${nh}" 721 if [ $? -ne 0 ]; then 722 echo "Failed to add initial route for test." 723 exit 1 724 fi 725} 726 727# add initial route - used in replace route tests 728add_initial_route6() 729{ 730 add_route6 "2001:db8:104::/64" "$1" 731} 732 733check_route6() 734{ 735 local pfx 736 local expected="$1" 737 local out 738 local rc=0 739 740 set -- $expected 741 pfx=$1 742 743 out=$($IP -6 ro ls match ${pfx} | sed -e 's/ pref medium//') 744 check_expected "${out}" "${expected}" 745} 746 747route_cleanup() 748{ 749 $IP li del red 2>/dev/null 750 $IP li del dummy1 2>/dev/null 751 $IP li del veth1 2>/dev/null 752 $IP li del veth3 2>/dev/null 753 754 cleanup &> /dev/null 755} 756 757route_setup() 758{ 759 route_cleanup 760 setup 761 762 [ "${VERBOSE}" = "1" ] && set -x 763 set -e 764 765 ip netns add ns2 766 ip netns set ns2 auto 767 ip -netns ns2 link set dev lo up 768 ip netns exec ns2 sysctl -qw net.ipv4.ip_forward=1 769 ip netns exec ns2 sysctl -qw net.ipv6.conf.all.forwarding=1 770 771 $IP li add veth1 type veth peer name veth2 772 $IP li add veth3 type veth peer name veth4 773 774 $IP li set veth1 up 775 $IP li set veth3 up 776 $IP li set veth2 netns ns2 up 777 $IP li set veth4 netns ns2 up 778 ip -netns ns2 li add dummy1 type dummy 779 ip -netns ns2 li set dummy1 up 780 781 $IP -6 addr add 2001:db8:101::1/64 dev veth1 nodad 782 $IP -6 addr add 2001:db8:103::1/64 dev veth3 nodad 783 $IP addr add 172.16.101.1/24 dev veth1 784 $IP addr add 172.16.103.1/24 dev veth3 785 786 ip -netns ns2 -6 addr add 2001:db8:101::2/64 dev veth2 nodad 787 ip -netns ns2 -6 addr add 2001:db8:103::2/64 dev veth4 nodad 788 ip -netns ns2 -6 addr add 2001:db8:104::1/64 dev dummy1 nodad 789 790 ip -netns ns2 addr add 172.16.101.2/24 dev veth2 791 ip -netns ns2 addr add 172.16.103.2/24 dev veth4 792 ip -netns ns2 addr add 172.16.104.1/24 dev dummy1 793 794 set +e 795} 796 797# assumption is that basic add of a single path route works 798# otherwise just adding an address on an interface is broken 799ipv6_rt_add() 800{ 801 local rc 802 803 echo 804 echo "IPv6 route add / append tests" 805 806 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL 807 add_route6 "2001:db8:104::/64" "via 2001:db8:101::2" 808 run_cmd "$IP -6 ro add 2001:db8:104::/64 via 2001:db8:103::2" 809 log_test $? 2 "Attempt to add duplicate route - gw" 810 811 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL 812 add_route6 "2001:db8:104::/64" "via 2001:db8:101::2" 813 run_cmd "$IP -6 ro add 2001:db8:104::/64 dev veth3" 814 log_test $? 2 "Attempt to add duplicate route - dev only" 815 816 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL 817 add_route6 "2001:db8:104::/64" "via 2001:db8:101::2" 818 run_cmd "$IP -6 ro add unreachable 2001:db8:104::/64" 819 log_test $? 2 "Attempt to add duplicate route - reject route" 820 821 # route append with same prefix adds a new route 822 # - iproute2 sets NLM_F_CREATE | NLM_F_APPEND 823 add_route6 "2001:db8:104::/64" "via 2001:db8:101::2" 824 run_cmd "$IP -6 ro append 2001:db8:104::/64 via 2001:db8:103::2" 825 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1" 826 log_test $? 0 "Append nexthop to existing route - gw" 827 828 # insert mpath directly 829 add_route6 "2001:db8:104::/64" "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2" 830 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1" 831 log_test $? 0 "Add multipath route" 832 833 add_route6 "2001:db8:104::/64" "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2" 834 run_cmd "$IP -6 ro add 2001:db8:104::/64 nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2" 835 log_test $? 2 "Attempt to add duplicate multipath route" 836 837 # insert of a second route without append but different metric 838 add_route6 "2001:db8:104::/64" "via 2001:db8:101::2" 839 run_cmd "$IP -6 ro add 2001:db8:104::/64 via 2001:db8:103::2 metric 512" 840 rc=$? 841 if [ $rc -eq 0 ]; then 842 run_cmd "$IP -6 ro add 2001:db8:104::/64 via 2001:db8:103::3 metric 256" 843 rc=$? 844 fi 845 log_test $rc 0 "Route add with different metrics" 846 847 run_cmd "$IP -6 ro del 2001:db8:104::/64 metric 512" 848 rc=$? 849 if [ $rc -eq 0 ]; then 850 check_route6 "2001:db8:104::/64 via 2001:db8:103::3 dev veth3 metric 256 2001:db8:104::/64 via 2001:db8:101::2 dev veth1 metric 1024" 851 rc=$? 852 fi 853 log_test $rc 0 "Route delete with metric" 854} 855 856ipv6_rt_replace_single() 857{ 858 # single path with single path 859 # 860 add_initial_route6 "via 2001:db8:101::2" 861 run_cmd "$IP -6 ro replace 2001:db8:104::/64 via 2001:db8:103::2" 862 check_route6 "2001:db8:104::/64 via 2001:db8:103::2 dev veth3 metric 1024" 863 log_test $? 0 "Single path with single path" 864 865 # single path with multipath 866 # 867 add_initial_route6 "nexthop via 2001:db8:101::2" 868 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:103::2" 869 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::3 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1" 870 log_test $? 0 "Single path with multipath" 871 872 # single path with single path using MULTIPATH attribute 873 # 874 add_initial_route6 "via 2001:db8:101::2" 875 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:103::2" 876 check_route6 "2001:db8:104::/64 via 2001:db8:103::2 dev veth3 metric 1024" 877 log_test $? 0 "Single path with single path via multipath attribute" 878 879 # route replace fails - invalid nexthop 880 add_initial_route6 "via 2001:db8:101::2" 881 run_cmd "$IP -6 ro replace 2001:db8:104::/64 via 2001:db8:104::2" 882 if [ $? -eq 0 ]; then 883 # previous command is expected to fail so if it returns 0 884 # that means the test failed. 885 log_test 0 1 "Invalid nexthop" 886 else 887 check_route6 "2001:db8:104::/64 via 2001:db8:101::2 dev veth1 metric 1024" 888 log_test $? 0 "Invalid nexthop" 889 fi 890 891 # replace non-existent route 892 # - note use of change versus replace since ip adds NLM_F_CREATE 893 # for replace 894 add_initial_route6 "via 2001:db8:101::2" 895 run_cmd "$IP -6 ro change 2001:db8:105::/64 via 2001:db8:101::2" 896 log_test $? 2 "Single path - replace of non-existent route" 897} 898 899ipv6_rt_replace_mpath() 900{ 901 # multipath with multipath 902 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2" 903 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:103::3" 904 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::3 dev veth1 weight 1 nexthop via 2001:db8:103::3 dev veth3 weight 1" 905 log_test $? 0 "Multipath with multipath" 906 907 # multipath with single 908 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2" 909 run_cmd "$IP -6 ro replace 2001:db8:104::/64 via 2001:db8:101::3" 910 check_route6 "2001:db8:104::/64 via 2001:db8:101::3 dev veth1 metric 1024" 911 log_test $? 0 "Multipath with single path" 912 913 # multipath with single 914 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2" 915 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3" 916 check_route6 "2001:db8:104::/64 via 2001:db8:101::3 dev veth1 metric 1024" 917 log_test $? 0 "Multipath with single path via multipath attribute" 918 919 # multipath with dev-only 920 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2" 921 run_cmd "$IP -6 ro replace 2001:db8:104::/64 dev veth1" 922 check_route6 "2001:db8:104::/64 dev veth1 metric 1024" 923 log_test $? 0 "Multipath with dev-only" 924 925 # route replace fails - invalid nexthop 1 926 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2" 927 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:111::3 nexthop via 2001:db8:103::3" 928 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1" 929 log_test $? 0 "Multipath - invalid first nexthop" 930 931 # route replace fails - invalid nexthop 2 932 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2" 933 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:113::3" 934 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1" 935 log_test $? 0 "Multipath - invalid second nexthop" 936 937 # multipath non-existent route 938 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2" 939 run_cmd "$IP -6 ro change 2001:db8:105::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:103::3" 940 log_test $? 2 "Multipath - replace of non-existent route" 941} 942 943ipv6_rt_replace() 944{ 945 echo 946 echo "IPv6 route replace tests" 947 948 ipv6_rt_replace_single 949 ipv6_rt_replace_mpath 950} 951 952ipv6_route_test() 953{ 954 route_setup 955 956 ipv6_rt_add 957 ipv6_rt_replace 958 959 route_cleanup 960} 961 962ip_addr_metric_check() 963{ 964 ip addr help 2>&1 | grep -q metric 965 if [ $? -ne 0 ]; then 966 echo "iproute2 command does not support metric for addresses. Skipping test" 967 return 1 968 fi 969 970 return 0 971} 972 973ipv6_addr_metric_test() 974{ 975 local rc 976 977 echo 978 echo "IPv6 prefix route tests" 979 980 ip_addr_metric_check || return 1 981 982 setup 983 984 set -e 985 $IP li add dummy1 type dummy 986 $IP li add dummy2 type dummy 987 $IP li set dummy1 up 988 $IP li set dummy2 up 989 990 # default entry is metric 256 991 run_cmd "$IP -6 addr add dev dummy1 2001:db8:104::1/64" 992 run_cmd "$IP -6 addr add dev dummy2 2001:db8:104::2/64" 993 set +e 994 995 check_route6 "2001:db8:104::/64 dev dummy1 proto kernel metric 256 2001:db8:104::/64 dev dummy2 proto kernel metric 256" 996 log_test $? 0 "Default metric" 997 998 set -e 999 run_cmd "$IP -6 addr flush dev dummy1" 1000 run_cmd "$IP -6 addr add dev dummy1 2001:db8:104::1/64 metric 257" 1001 set +e 1002 1003 check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 256 2001:db8:104::/64 dev dummy1 proto kernel metric 257" 1004 log_test $? 0 "User specified metric on first device" 1005 1006 set -e 1007 run_cmd "$IP -6 addr flush dev dummy2" 1008 run_cmd "$IP -6 addr add dev dummy2 2001:db8:104::2/64 metric 258" 1009 set +e 1010 1011 check_route6 "2001:db8:104::/64 dev dummy1 proto kernel metric 257 2001:db8:104::/64 dev dummy2 proto kernel metric 258" 1012 log_test $? 0 "User specified metric on second device" 1013 1014 run_cmd "$IP -6 addr del dev dummy1 2001:db8:104::1/64 metric 257" 1015 rc=$? 1016 if [ $rc -eq 0 ]; then 1017 check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 258" 1018 rc=$? 1019 fi 1020 log_test $rc 0 "Delete of address on first device" 1021 1022 run_cmd "$IP -6 addr change dev dummy2 2001:db8:104::2/64 metric 259" 1023 rc=$? 1024 if [ $rc -eq 0 ]; then 1025 check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 259" 1026 rc=$? 1027 fi 1028 log_test $rc 0 "Modify metric of address" 1029 1030 # verify prefix route removed on down 1031 run_cmd "ip netns exec ns1 sysctl -qw net.ipv6.conf.all.keep_addr_on_down=1" 1032 run_cmd "$IP li set dev dummy2 down" 1033 rc=$? 1034 if [ $rc -eq 0 ]; then 1035 out=$($IP -6 ro ls match 2001:db8:104::/64) 1036 check_expected "${out}" "" 1037 rc=$? 1038 fi 1039 log_test $rc 0 "Prefix route removed on link down" 1040 1041 # verify prefix route re-inserted with assigned metric 1042 run_cmd "$IP li set dev dummy2 up" 1043 rc=$? 1044 if [ $rc -eq 0 ]; then 1045 check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 259" 1046 rc=$? 1047 fi 1048 log_test $rc 0 "Prefix route with metric on link up" 1049 1050 # verify peer metric added correctly 1051 set -e 1052 run_cmd "$IP -6 addr flush dev dummy2" 1053 run_cmd "$IP -6 addr add dev dummy2 2001:db8:104::1 peer 2001:db8:104::2 metric 260" 1054 set +e 1055 1056 check_route6 "2001:db8:104::1 dev dummy2 proto kernel metric 260" 1057 log_test $? 0 "Set metric with peer route on local side" 1058 check_route6 "2001:db8:104::2 dev dummy2 proto kernel metric 260" 1059 log_test $? 0 "Set metric with peer route on peer side" 1060 1061 set -e 1062 run_cmd "$IP -6 addr change dev dummy2 2001:db8:104::1 peer 2001:db8:104::3 metric 261" 1063 set +e 1064 1065 check_route6 "2001:db8:104::1 dev dummy2 proto kernel metric 261" 1066 log_test $? 0 "Modify metric and peer address on local side" 1067 check_route6 "2001:db8:104::3 dev dummy2 proto kernel metric 261" 1068 log_test $? 0 "Modify metric and peer address on peer side" 1069 1070 $IP li del dummy1 1071 $IP li del dummy2 1072 cleanup 1073} 1074 1075ipv6_route_metrics_test() 1076{ 1077 local rc 1078 1079 echo 1080 echo "IPv6 routes with metrics" 1081 1082 route_setup 1083 1084 # 1085 # single path with metrics 1086 # 1087 run_cmd "$IP -6 ro add 2001:db8:111::/64 via 2001:db8:101::2 mtu 1400" 1088 rc=$? 1089 if [ $rc -eq 0 ]; then 1090 check_route6 "2001:db8:111::/64 via 2001:db8:101::2 dev veth1 metric 1024 mtu 1400" 1091 rc=$? 1092 fi 1093 log_test $rc 0 "Single path route with mtu metric" 1094 1095 1096 # 1097 # multipath via separate routes with metrics 1098 # 1099 run_cmd "$IP -6 ro add 2001:db8:112::/64 via 2001:db8:101::2 mtu 1400" 1100 run_cmd "$IP -6 ro append 2001:db8:112::/64 via 2001:db8:103::2" 1101 rc=$? 1102 if [ $rc -eq 0 ]; then 1103 check_route6 "2001:db8:112::/64 metric 1024 mtu 1400 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1" 1104 rc=$? 1105 fi 1106 log_test $rc 0 "Multipath route via 2 single routes with mtu metric on first" 1107 1108 # second route is coalesced to first to make a multipath route. 1109 # MTU of the second path is hidden from display! 1110 run_cmd "$IP -6 ro add 2001:db8:113::/64 via 2001:db8:101::2" 1111 run_cmd "$IP -6 ro append 2001:db8:113::/64 via 2001:db8:103::2 mtu 1400" 1112 rc=$? 1113 if [ $rc -eq 0 ]; then 1114 check_route6 "2001:db8:113::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1" 1115 rc=$? 1116 fi 1117 log_test $rc 0 "Multipath route via 2 single routes with mtu metric on 2nd" 1118 1119 run_cmd "$IP -6 ro del 2001:db8:113::/64 via 2001:db8:101::2" 1120 if [ $? -eq 0 ]; then 1121 check_route6 "2001:db8:113::/64 via 2001:db8:103::2 dev veth3 metric 1024 mtu 1400" 1122 log_test $? 0 " MTU of second leg" 1123 fi 1124 1125 # 1126 # multipath with metrics 1127 # 1128 run_cmd "$IP -6 ro add 2001:db8:115::/64 mtu 1400 nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2" 1129 rc=$? 1130 if [ $rc -eq 0 ]; then 1131 check_route6 "2001:db8:115::/64 metric 1024 mtu 1400 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1" 1132 rc=$? 1133 fi 1134 log_test $rc 0 "Multipath route with mtu metric" 1135 1136 $IP -6 ro add 2001:db8:104::/64 via 2001:db8:101::2 mtu 1300 1137 run_cmd "ip netns exec ns1 ${ping6} -w1 -c1 -s 1500 2001:db8:104::1" 1138 log_test $? 0 "Using route with mtu metric" 1139 1140 run_cmd "$IP -6 ro add 2001:db8:114::/64 via 2001:db8:101::2 congctl lock foo" 1141 log_test $? 2 "Invalid metric (fails metric_convert)" 1142 1143 route_cleanup 1144} 1145 1146# add route for a prefix, flushing any existing routes first 1147# expected to be the first step of a test 1148add_route() 1149{ 1150 local pfx="$1" 1151 local nh="$2" 1152 local out 1153 1154 if [ "$VERBOSE" = "1" ]; then 1155 echo 1156 echo " ##################################################" 1157 echo 1158 fi 1159 1160 run_cmd "$IP ro flush ${pfx}" 1161 [ $? -ne 0 ] && exit 1 1162 1163 out=$($IP ro ls match ${pfx}) 1164 if [ -n "$out" ]; then 1165 echo "Failed to flush routes for prefix used for tests." 1166 exit 1 1167 fi 1168 1169 run_cmd "$IP ro add ${pfx} ${nh}" 1170 if [ $? -ne 0 ]; then 1171 echo "Failed to add initial route for test." 1172 exit 1 1173 fi 1174} 1175 1176# add initial route - used in replace route tests 1177add_initial_route() 1178{ 1179 add_route "172.16.104.0/24" "$1" 1180} 1181 1182check_route() 1183{ 1184 local pfx 1185 local expected="$1" 1186 local out 1187 1188 set -- $expected 1189 pfx=$1 1190 [ "${pfx}" = "unreachable" ] && pfx=$2 1191 1192 out=$($IP ro ls match ${pfx}) 1193 check_expected "${out}" "${expected}" 1194} 1195 1196# assumption is that basic add of a single path route works 1197# otherwise just adding an address on an interface is broken 1198ipv4_rt_add() 1199{ 1200 local rc 1201 1202 echo 1203 echo "IPv4 route add / append tests" 1204 1205 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL 1206 add_route "172.16.104.0/24" "via 172.16.101.2" 1207 run_cmd "$IP ro add 172.16.104.0/24 via 172.16.103.2" 1208 log_test $? 2 "Attempt to add duplicate route - gw" 1209 1210 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL 1211 add_route "172.16.104.0/24" "via 172.16.101.2" 1212 run_cmd "$IP ro add 172.16.104.0/24 dev veth3" 1213 log_test $? 2 "Attempt to add duplicate route - dev only" 1214 1215 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL 1216 add_route "172.16.104.0/24" "via 172.16.101.2" 1217 run_cmd "$IP ro add unreachable 172.16.104.0/24" 1218 log_test $? 2 "Attempt to add duplicate route - reject route" 1219 1220 # iproute2 prepend only sets NLM_F_CREATE 1221 # - adds a new route; does NOT convert existing route to ECMP 1222 add_route "172.16.104.0/24" "via 172.16.101.2" 1223 run_cmd "$IP ro prepend 172.16.104.0/24 via 172.16.103.2" 1224 check_route "172.16.104.0/24 via 172.16.103.2 dev veth3 172.16.104.0/24 via 172.16.101.2 dev veth1" 1225 log_test $? 0 "Add new nexthop for existing prefix" 1226 1227 # route append with same prefix adds a new route 1228 # - iproute2 sets NLM_F_CREATE | NLM_F_APPEND 1229 add_route "172.16.104.0/24" "via 172.16.101.2" 1230 run_cmd "$IP ro append 172.16.104.0/24 via 172.16.103.2" 1231 check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 172.16.104.0/24 via 172.16.103.2 dev veth3" 1232 log_test $? 0 "Append nexthop to existing route - gw" 1233 1234 add_route "172.16.104.0/24" "via 172.16.101.2" 1235 run_cmd "$IP ro append 172.16.104.0/24 dev veth3" 1236 check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 172.16.104.0/24 dev veth3 scope link" 1237 log_test $? 0 "Append nexthop to existing route - dev only" 1238 1239 add_route "172.16.104.0/24" "via 172.16.101.2" 1240 run_cmd "$IP ro append unreachable 172.16.104.0/24" 1241 check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 unreachable 172.16.104.0/24" 1242 log_test $? 0 "Append nexthop to existing route - reject route" 1243 1244 run_cmd "$IP ro flush 172.16.104.0/24" 1245 run_cmd "$IP ro add unreachable 172.16.104.0/24" 1246 run_cmd "$IP ro append 172.16.104.0/24 via 172.16.103.2" 1247 check_route "unreachable 172.16.104.0/24 172.16.104.0/24 via 172.16.103.2 dev veth3" 1248 log_test $? 0 "Append nexthop to existing reject route - gw" 1249 1250 run_cmd "$IP ro flush 172.16.104.0/24" 1251 run_cmd "$IP ro add unreachable 172.16.104.0/24" 1252 run_cmd "$IP ro append 172.16.104.0/24 dev veth3" 1253 check_route "unreachable 172.16.104.0/24 172.16.104.0/24 dev veth3 scope link" 1254 log_test $? 0 "Append nexthop to existing reject route - dev only" 1255 1256 # insert mpath directly 1257 add_route "172.16.104.0/24" "nexthop via 172.16.101.2 nexthop via 172.16.103.2" 1258 check_route "172.16.104.0/24 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1" 1259 log_test $? 0 "add multipath route" 1260 1261 add_route "172.16.104.0/24" "nexthop via 172.16.101.2 nexthop via 172.16.103.2" 1262 run_cmd "$IP ro add 172.16.104.0/24 nexthop via 172.16.101.2 nexthop via 172.16.103.2" 1263 log_test $? 2 "Attempt to add duplicate multipath route" 1264 1265 # insert of a second route without append but different metric 1266 add_route "172.16.104.0/24" "via 172.16.101.2" 1267 run_cmd "$IP ro add 172.16.104.0/24 via 172.16.103.2 metric 512" 1268 rc=$? 1269 if [ $rc -eq 0 ]; then 1270 run_cmd "$IP ro add 172.16.104.0/24 via 172.16.103.3 metric 256" 1271 rc=$? 1272 fi 1273 log_test $rc 0 "Route add with different metrics" 1274 1275 run_cmd "$IP ro del 172.16.104.0/24 metric 512" 1276 rc=$? 1277 if [ $rc -eq 0 ]; then 1278 check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 172.16.104.0/24 via 172.16.103.3 dev veth3 metric 256" 1279 rc=$? 1280 fi 1281 log_test $rc 0 "Route delete with metric" 1282} 1283 1284ipv4_rt_replace_single() 1285{ 1286 # single path with single path 1287 # 1288 add_initial_route "via 172.16.101.2" 1289 run_cmd "$IP ro replace 172.16.104.0/24 via 172.16.103.2" 1290 check_route "172.16.104.0/24 via 172.16.103.2 dev veth3" 1291 log_test $? 0 "Single path with single path" 1292 1293 # single path with multipath 1294 # 1295 add_initial_route "nexthop via 172.16.101.2" 1296 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3 nexthop via 172.16.103.2" 1297 check_route "172.16.104.0/24 nexthop via 172.16.101.3 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1" 1298 log_test $? 0 "Single path with multipath" 1299 1300 # single path with reject 1301 # 1302 add_initial_route "nexthop via 172.16.101.2" 1303 run_cmd "$IP ro replace unreachable 172.16.104.0/24" 1304 check_route "unreachable 172.16.104.0/24" 1305 log_test $? 0 "Single path with reject route" 1306 1307 # single path with single path using MULTIPATH attribute 1308 # 1309 add_initial_route "via 172.16.101.2" 1310 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.103.2" 1311 check_route "172.16.104.0/24 via 172.16.103.2 dev veth3" 1312 log_test $? 0 "Single path with single path via multipath attribute" 1313 1314 # route replace fails - invalid nexthop 1315 add_initial_route "via 172.16.101.2" 1316 run_cmd "$IP ro replace 172.16.104.0/24 via 2001:db8:104::2" 1317 if [ $? -eq 0 ]; then 1318 # previous command is expected to fail so if it returns 0 1319 # that means the test failed. 1320 log_test 0 1 "Invalid nexthop" 1321 else 1322 check_route "172.16.104.0/24 via 172.16.101.2 dev veth1" 1323 log_test $? 0 "Invalid nexthop" 1324 fi 1325 1326 # replace non-existent route 1327 # - note use of change versus replace since ip adds NLM_F_CREATE 1328 # for replace 1329 add_initial_route "via 172.16.101.2" 1330 run_cmd "$IP ro change 172.16.105.0/24 via 172.16.101.2" 1331 log_test $? 2 "Single path - replace of non-existent route" 1332} 1333 1334ipv4_rt_replace_mpath() 1335{ 1336 # multipath with multipath 1337 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2" 1338 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3 nexthop via 172.16.103.3" 1339 check_route "172.16.104.0/24 nexthop via 172.16.101.3 dev veth1 weight 1 nexthop via 172.16.103.3 dev veth3 weight 1" 1340 log_test $? 0 "Multipath with multipath" 1341 1342 # multipath with single 1343 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2" 1344 run_cmd "$IP ro replace 172.16.104.0/24 via 172.16.101.3" 1345 check_route "172.16.104.0/24 via 172.16.101.3 dev veth1" 1346 log_test $? 0 "Multipath with single path" 1347 1348 # multipath with single 1349 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2" 1350 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3" 1351 check_route "172.16.104.0/24 via 172.16.101.3 dev veth1" 1352 log_test $? 0 "Multipath with single path via multipath attribute" 1353 1354 # multipath with reject 1355 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2" 1356 run_cmd "$IP ro replace unreachable 172.16.104.0/24" 1357 check_route "unreachable 172.16.104.0/24" 1358 log_test $? 0 "Multipath with reject route" 1359 1360 # route replace fails - invalid nexthop 1 1361 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2" 1362 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.111.3 nexthop via 172.16.103.3" 1363 check_route "172.16.104.0/24 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1" 1364 log_test $? 0 "Multipath - invalid first nexthop" 1365 1366 # route replace fails - invalid nexthop 2 1367 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2" 1368 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3 nexthop via 172.16.113.3" 1369 check_route "172.16.104.0/24 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1" 1370 log_test $? 0 "Multipath - invalid second nexthop" 1371 1372 # multipath non-existent route 1373 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2" 1374 run_cmd "$IP ro change 172.16.105.0/24 nexthop via 172.16.101.3 nexthop via 172.16.103.3" 1375 log_test $? 2 "Multipath - replace of non-existent route" 1376} 1377 1378ipv4_rt_replace() 1379{ 1380 echo 1381 echo "IPv4 route replace tests" 1382 1383 ipv4_rt_replace_single 1384 ipv4_rt_replace_mpath 1385} 1386 1387# checks that cached input route on VRF port is deleted 1388# when VRF is deleted 1389ipv4_local_rt_cache() 1390{ 1391 run_cmd "ip addr add 10.0.0.1/32 dev lo" 1392 run_cmd "ip netns add test-ns" 1393 run_cmd "ip link add veth-outside type veth peer name veth-inside" 1394 run_cmd "ip link add vrf-100 type vrf table 1100" 1395 run_cmd "ip link set veth-outside master vrf-100" 1396 run_cmd "ip link set veth-inside netns test-ns" 1397 run_cmd "ip link set veth-outside up" 1398 run_cmd "ip link set vrf-100 up" 1399 run_cmd "ip route add 10.1.1.1/32 dev veth-outside table 1100" 1400 run_cmd "ip netns exec test-ns ip link set veth-inside up" 1401 run_cmd "ip netns exec test-ns ip addr add 10.1.1.1/32 dev veth-inside" 1402 run_cmd "ip netns exec test-ns ip route add 10.0.0.1/32 dev veth-inside" 1403 run_cmd "ip netns exec test-ns ip route add default via 10.0.0.1" 1404 run_cmd "ip netns exec test-ns ping 10.0.0.1 -c 1 -i 1" 1405 run_cmd "ip link delete vrf-100" 1406 1407 # if we do not hang test is a success 1408 log_test $? 0 "Cached route removed from VRF port device" 1409} 1410 1411ipv4_route_test() 1412{ 1413 route_setup 1414 1415 ipv4_rt_add 1416 ipv4_rt_replace 1417 ipv4_local_rt_cache 1418 1419 route_cleanup 1420} 1421 1422ipv4_addr_metric_test() 1423{ 1424 local rc 1425 1426 echo 1427 echo "IPv4 prefix route tests" 1428 1429 ip_addr_metric_check || return 1 1430 1431 setup 1432 1433 set -e 1434 $IP li add dummy1 type dummy 1435 $IP li add dummy2 type dummy 1436 $IP li set dummy1 up 1437 $IP li set dummy2 up 1438 1439 # default entry is metric 256 1440 run_cmd "$IP addr add dev dummy1 172.16.104.1/24" 1441 run_cmd "$IP addr add dev dummy2 172.16.104.2/24" 1442 set +e 1443 1444 check_route "172.16.104.0/24 dev dummy1 proto kernel scope link src 172.16.104.1 172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2" 1445 log_test $? 0 "Default metric" 1446 1447 set -e 1448 run_cmd "$IP addr flush dev dummy1" 1449 run_cmd "$IP addr add dev dummy1 172.16.104.1/24 metric 257" 1450 set +e 1451 1452 check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 172.16.104.0/24 dev dummy1 proto kernel scope link src 172.16.104.1 metric 257" 1453 log_test $? 0 "User specified metric on first device" 1454 1455 set -e 1456 run_cmd "$IP addr flush dev dummy2" 1457 run_cmd "$IP addr add dev dummy2 172.16.104.2/24 metric 258" 1458 set +e 1459 1460 check_route "172.16.104.0/24 dev dummy1 proto kernel scope link src 172.16.104.1 metric 257 172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 258" 1461 log_test $? 0 "User specified metric on second device" 1462 1463 run_cmd "$IP addr del dev dummy1 172.16.104.1/24 metric 257" 1464 rc=$? 1465 if [ $rc -eq 0 ]; then 1466 check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 258" 1467 rc=$? 1468 fi 1469 log_test $rc 0 "Delete of address on first device" 1470 1471 run_cmd "$IP addr change dev dummy2 172.16.104.2/24 metric 259" 1472 rc=$? 1473 if [ $rc -eq 0 ]; then 1474 check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 259" 1475 rc=$? 1476 fi 1477 log_test $rc 0 "Modify metric of address" 1478 1479 # verify prefix route removed on down 1480 run_cmd "$IP li set dev dummy2 down" 1481 rc=$? 1482 if [ $rc -eq 0 ]; then 1483 out=$($IP ro ls match 172.16.104.0/24) 1484 check_expected "${out}" "" 1485 rc=$? 1486 fi 1487 log_test $rc 0 "Prefix route removed on link down" 1488 1489 # verify prefix route re-inserted with assigned metric 1490 run_cmd "$IP li set dev dummy2 up" 1491 rc=$? 1492 if [ $rc -eq 0 ]; then 1493 check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 259" 1494 rc=$? 1495 fi 1496 log_test $rc 0 "Prefix route with metric on link up" 1497 1498 # explicitly check for metric changes on edge scenarios 1499 run_cmd "$IP addr flush dev dummy2" 1500 run_cmd "$IP addr add dev dummy2 172.16.104.0/24 metric 259" 1501 run_cmd "$IP addr change dev dummy2 172.16.104.0/24 metric 260" 1502 rc=$? 1503 if [ $rc -eq 0 ]; then 1504 check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.0 metric 260" 1505 rc=$? 1506 fi 1507 log_test $rc 0 "Modify metric of .0/24 address" 1508 1509 run_cmd "$IP addr flush dev dummy2" 1510 run_cmd "$IP addr add dev dummy2 172.16.104.1/32 peer 172.16.104.2 metric 260" 1511 rc=$? 1512 if [ $rc -eq 0 ]; then 1513 check_route "172.16.104.2 dev dummy2 proto kernel scope link src 172.16.104.1 metric 260" 1514 rc=$? 1515 fi 1516 log_test $rc 0 "Set metric of address with peer route" 1517 1518 run_cmd "$IP addr change dev dummy2 172.16.104.1/32 peer 172.16.104.3 metric 261" 1519 rc=$? 1520 if [ $rc -eq 0 ]; then 1521 check_route "172.16.104.3 dev dummy2 proto kernel scope link src 172.16.104.1 metric 261" 1522 rc=$? 1523 fi 1524 log_test $rc 0 "Modify metric and peer address for peer route" 1525 1526 $IP li del dummy1 1527 $IP li del dummy2 1528 cleanup 1529} 1530 1531ipv4_route_metrics_test() 1532{ 1533 local rc 1534 1535 echo 1536 echo "IPv4 route add / append tests" 1537 1538 route_setup 1539 1540 run_cmd "$IP ro add 172.16.111.0/24 via 172.16.101.2 mtu 1400" 1541 rc=$? 1542 if [ $rc -eq 0 ]; then 1543 check_route "172.16.111.0/24 via 172.16.101.2 dev veth1 mtu 1400" 1544 rc=$? 1545 fi 1546 log_test $rc 0 "Single path route with mtu metric" 1547 1548 1549 run_cmd "$IP ro add 172.16.112.0/24 mtu 1400 nexthop via 172.16.101.2 nexthop via 172.16.103.2" 1550 rc=$? 1551 if [ $rc -eq 0 ]; then 1552 check_route "172.16.112.0/24 mtu 1400 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1" 1553 rc=$? 1554 fi 1555 log_test $rc 0 "Multipath route with mtu metric" 1556 1557 $IP ro add 172.16.104.0/24 via 172.16.101.2 mtu 1300 1558 run_cmd "ip netns exec ns1 ping -w1 -c1 -s 1500 172.16.104.1" 1559 log_test $? 0 "Using route with mtu metric" 1560 1561 run_cmd "$IP ro add 172.16.111.0/24 via 172.16.101.2 congctl lock foo" 1562 log_test $? 2 "Invalid metric (fails metric_convert)" 1563 1564 route_cleanup 1565} 1566 1567ipv4_del_addr_test() 1568{ 1569 echo 1570 echo "IPv4 delete address route tests" 1571 1572 setup 1573 1574 set -e 1575 $IP li add dummy1 type dummy 1576 $IP li set dummy1 up 1577 $IP li add dummy2 type dummy 1578 $IP li set dummy2 up 1579 $IP li add red type vrf table 1111 1580 $IP li set red up 1581 $IP ro add vrf red unreachable default 1582 $IP li set dummy2 vrf red 1583 1584 $IP addr add dev dummy1 172.16.104.1/24 1585 $IP addr add dev dummy1 172.16.104.11/24 1586 $IP addr add dev dummy2 172.16.104.1/24 1587 $IP addr add dev dummy2 172.16.104.11/24 1588 $IP route add 172.16.105.0/24 via 172.16.104.2 src 172.16.104.11 1589 $IP route add vrf red 172.16.105.0/24 via 172.16.104.2 src 172.16.104.11 1590 set +e 1591 1592 # removing address from device in vrf should only remove route from vrf table 1593 $IP addr del dev dummy2 172.16.104.11/24 1594 $IP ro ls vrf red | grep -q 172.16.105.0/24 1595 log_test $? 1 "Route removed from VRF when source address deleted" 1596 1597 $IP ro ls | grep -q 172.16.105.0/24 1598 log_test $? 0 "Route in default VRF not removed" 1599 1600 $IP addr add dev dummy2 172.16.104.11/24 1601 $IP route add vrf red 172.16.105.0/24 via 172.16.104.2 src 172.16.104.11 1602 1603 $IP addr del dev dummy1 172.16.104.11/24 1604 $IP ro ls | grep -q 172.16.105.0/24 1605 log_test $? 1 "Route removed in default VRF when source address deleted" 1606 1607 $IP ro ls vrf red | grep -q 172.16.105.0/24 1608 log_test $? 0 "Route in VRF is not removed by address delete" 1609 1610 $IP li del dummy1 1611 $IP li del dummy2 1612 cleanup 1613} 1614 1615 1616ipv4_route_v6_gw_test() 1617{ 1618 local rc 1619 1620 echo 1621 echo "IPv4 route with IPv6 gateway tests" 1622 1623 route_setup 1624 sleep 2 1625 1626 # 1627 # single path route 1628 # 1629 run_cmd "$IP ro add 172.16.104.0/24 via inet6 2001:db8:101::2" 1630 rc=$? 1631 log_test $rc 0 "Single path route with IPv6 gateway" 1632 if [ $rc -eq 0 ]; then 1633 check_route "172.16.104.0/24 via inet6 2001:db8:101::2 dev veth1" 1634 fi 1635 1636 run_cmd "ip netns exec ns1 ping -w1 -c1 172.16.104.1" 1637 log_test $rc 0 "Single path route with IPv6 gateway - ping" 1638 1639 run_cmd "$IP ro del 172.16.104.0/24 via inet6 2001:db8:101::2" 1640 rc=$? 1641 log_test $rc 0 "Single path route delete" 1642 if [ $rc -eq 0 ]; then 1643 check_route "172.16.112.0/24" 1644 fi 1645 1646 # 1647 # multipath - v6 then v4 1648 # 1649 run_cmd "$IP ro add 172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 nexthop via 172.16.103.2 dev veth3" 1650 rc=$? 1651 log_test $rc 0 "Multipath route add - v6 nexthop then v4" 1652 if [ $rc -eq 0 ]; then 1653 check_route "172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1" 1654 fi 1655 1656 run_cmd "$IP ro del 172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 nexthop via inet6 2001:db8:101::2 dev veth1" 1657 log_test $? 2 " Multipath route delete - nexthops in wrong order" 1658 1659 run_cmd "$IP ro del 172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 nexthop via 172.16.103.2 dev veth3" 1660 log_test $? 0 " Multipath route delete exact match" 1661 1662 # 1663 # multipath - v4 then v6 1664 # 1665 run_cmd "$IP ro add 172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 nexthop via inet6 2001:db8:101::2 dev veth1" 1666 rc=$? 1667 log_test $rc 0 "Multipath route add - v4 nexthop then v6" 1668 if [ $rc -eq 0 ]; then 1669 check_route "172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 weight 1 nexthop via inet6 2001:db8:101::2 dev veth1 weight 1" 1670 fi 1671 1672 run_cmd "$IP ro del 172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 nexthop via 172.16.103.2 dev veth3" 1673 log_test $? 2 " Multipath route delete - nexthops in wrong order" 1674 1675 run_cmd "$IP ro del 172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 nexthop via inet6 2001:db8:101::2 dev veth1" 1676 log_test $? 0 " Multipath route delete exact match" 1677 1678 route_cleanup 1679} 1680 1681socat_check() 1682{ 1683 if [ ! -x "$(command -v socat)" ]; then 1684 echo "socat command not found. Skipping test" 1685 return 1 1686 fi 1687 1688 return 0 1689} 1690 1691iptables_check() 1692{ 1693 iptables -t mangle -L OUTPUT &> /dev/null 1694 if [ $? -ne 0 ]; then 1695 echo "iptables configuration not supported. Skipping test" 1696 return 1 1697 fi 1698 1699 return 0 1700} 1701 1702ip6tables_check() 1703{ 1704 ip6tables -t mangle -L OUTPUT &> /dev/null 1705 if [ $? -ne 0 ]; then 1706 echo "ip6tables configuration not supported. Skipping test" 1707 return 1 1708 fi 1709 1710 return 0 1711} 1712 1713ipv4_mangle_test() 1714{ 1715 local rc 1716 1717 echo 1718 echo "IPv4 mangling tests" 1719 1720 socat_check || return 1 1721 iptables_check || return 1 1722 1723 route_setup 1724 sleep 2 1725 1726 local tmp_file=$(mktemp) 1727 ip netns exec ns2 socat UDP4-LISTEN:54321,fork $tmp_file & 1728 1729 # Add a FIB rule and a route that will direct our connection to the 1730 # listening server. 1731 $IP rule add pref 100 ipproto udp sport 12345 dport 54321 table 123 1732 $IP route add table 123 172.16.101.0/24 dev veth1 1733 1734 # Add an unreachable route to the main table that will block our 1735 # connection in case the FIB rule is not hit. 1736 $IP route add unreachable 172.16.101.2/32 1737 1738 run_cmd "echo a | $NS_EXEC socat STDIN UDP4:172.16.101.2:54321,sourceport=12345" 1739 log_test $? 0 " Connection with correct parameters" 1740 1741 run_cmd "echo a | $NS_EXEC socat STDIN UDP4:172.16.101.2:54321,sourceport=11111" 1742 log_test $? 1 " Connection with incorrect parameters" 1743 1744 # Add a mangling rule and make sure connection is still successful. 1745 $NS_EXEC iptables -t mangle -A OUTPUT -j MARK --set-mark 1 1746 1747 run_cmd "echo a | $NS_EXEC socat STDIN UDP4:172.16.101.2:54321,sourceport=12345" 1748 log_test $? 0 " Connection with correct parameters - mangling" 1749 1750 # Delete the mangling rule and make sure connection is still 1751 # successful. 1752 $NS_EXEC iptables -t mangle -D OUTPUT -j MARK --set-mark 1 1753 1754 run_cmd "echo a | $NS_EXEC socat STDIN UDP4:172.16.101.2:54321,sourceport=12345" 1755 log_test $? 0 " Connection with correct parameters - no mangling" 1756 1757 # Verify connections were indeed successful on server side. 1758 [[ $(cat $tmp_file | wc -l) -eq 3 ]] 1759 log_test $? 0 " Connection check - server side" 1760 1761 $IP route del unreachable 172.16.101.2/32 1762 $IP route del table 123 172.16.101.0/24 dev veth1 1763 $IP rule del pref 100 1764 1765 { kill %% && wait %%; } 2>/dev/null 1766 rm $tmp_file 1767 1768 route_cleanup 1769} 1770 1771ipv6_mangle_test() 1772{ 1773 local rc 1774 1775 echo 1776 echo "IPv6 mangling tests" 1777 1778 socat_check || return 1 1779 ip6tables_check || return 1 1780 1781 route_setup 1782 sleep 2 1783 1784 local tmp_file=$(mktemp) 1785 ip netns exec ns2 socat UDP6-LISTEN:54321,fork $tmp_file & 1786 1787 # Add a FIB rule and a route that will direct our connection to the 1788 # listening server. 1789 $IP -6 rule add pref 100 ipproto udp sport 12345 dport 54321 table 123 1790 $IP -6 route add table 123 2001:db8:101::/64 dev veth1 1791 1792 # Add an unreachable route to the main table that will block our 1793 # connection in case the FIB rule is not hit. 1794 $IP -6 route add unreachable 2001:db8:101::2/128 1795 1796 run_cmd "echo a | $NS_EXEC socat STDIN UDP6:[2001:db8:101::2]:54321,sourceport=12345" 1797 log_test $? 0 " Connection with correct parameters" 1798 1799 run_cmd "echo a | $NS_EXEC socat STDIN UDP6:[2001:db8:101::2]:54321,sourceport=11111" 1800 log_test $? 1 " Connection with incorrect parameters" 1801 1802 # Add a mangling rule and make sure connection is still successful. 1803 $NS_EXEC ip6tables -t mangle -A OUTPUT -j MARK --set-mark 1 1804 1805 run_cmd "echo a | $NS_EXEC socat STDIN UDP6:[2001:db8:101::2]:54321,sourceport=12345" 1806 log_test $? 0 " Connection with correct parameters - mangling" 1807 1808 # Delete the mangling rule and make sure connection is still 1809 # successful. 1810 $NS_EXEC ip6tables -t mangle -D OUTPUT -j MARK --set-mark 1 1811 1812 run_cmd "echo a | $NS_EXEC socat STDIN UDP6:[2001:db8:101::2]:54321,sourceport=12345" 1813 log_test $? 0 " Connection with correct parameters - no mangling" 1814 1815 # Verify connections were indeed successful on server side. 1816 [[ $(cat $tmp_file | wc -l) -eq 3 ]] 1817 log_test $? 0 " Connection check - server side" 1818 1819 $IP -6 route del unreachable 2001:db8:101::2/128 1820 $IP -6 route del table 123 2001:db8:101::/64 dev veth1 1821 $IP -6 rule del pref 100 1822 1823 { kill %% && wait %%; } 2>/dev/null 1824 rm $tmp_file 1825 1826 route_cleanup 1827} 1828 1829################################################################################ 1830# usage 1831 1832usage() 1833{ 1834 cat <<EOF 1835usage: ${0##*/} OPTS 1836 1837 -t <test> Test(s) to run (default: all) 1838 (options: $TESTS) 1839 -p Pause on fail 1840 -P Pause after each test before cleanup 1841 -v verbose mode (show commands and output) 1842EOF 1843} 1844 1845################################################################################ 1846# main 1847 1848while getopts :t:pPhv o 1849do 1850 case $o in 1851 t) TESTS=$OPTARG;; 1852 p) PAUSE_ON_FAIL=yes;; 1853 P) PAUSE=yes;; 1854 v) VERBOSE=$(($VERBOSE + 1));; 1855 h) usage; exit 0;; 1856 *) usage; exit 1;; 1857 esac 1858done 1859 1860PEER_CMD="ip netns exec ${PEER_NS}" 1861 1862# make sure we don't pause twice 1863[ "${PAUSE}" = "yes" ] && PAUSE_ON_FAIL=no 1864 1865if [ "$(id -u)" -ne 0 ];then 1866 echo "SKIP: Need root privileges" 1867 exit $ksft_skip; 1868fi 1869 1870if [ ! -x "$(command -v ip)" ]; then 1871 echo "SKIP: Could not run test without ip tool" 1872 exit $ksft_skip 1873fi 1874 1875ip route help 2>&1 | grep -q fibmatch 1876if [ $? -ne 0 ]; then 1877 echo "SKIP: iproute2 too old, missing fibmatch" 1878 exit $ksft_skip 1879fi 1880 1881# start clean 1882cleanup &> /dev/null 1883 1884for t in $TESTS 1885do 1886 case $t in 1887 fib_unreg_test|unregister) fib_unreg_test;; 1888 fib_down_test|down) fib_down_test;; 1889 fib_carrier_test|carrier) fib_carrier_test;; 1890 fib_rp_filter_test|rp_filter) fib_rp_filter_test;; 1891 fib_nexthop_test|nexthop) fib_nexthop_test;; 1892 fib_suppress_test|suppress) fib_suppress_test;; 1893 ipv6_route_test|ipv6_rt) ipv6_route_test;; 1894 ipv4_route_test|ipv4_rt) ipv4_route_test;; 1895 ipv6_addr_metric) ipv6_addr_metric_test;; 1896 ipv4_addr_metric) ipv4_addr_metric_test;; 1897 ipv4_del_addr) ipv4_del_addr_test;; 1898 ipv6_route_metrics) ipv6_route_metrics_test;; 1899 ipv4_route_metrics) ipv4_route_metrics_test;; 1900 ipv4_route_v6_gw) ipv4_route_v6_gw_test;; 1901 ipv4_mangle) ipv4_mangle_test;; 1902 ipv6_mangle) ipv6_mangle_test;; 1903 1904 help) echo "Test names: $TESTS"; exit 0;; 1905 esac 1906done 1907 1908if [ "$TESTS" != "none" ]; then 1909 printf "\nTests passed: %3d\n" ${nsuccess} 1910 printf "Tests failed: %3d\n" ${nfail} 1911fi 1912 1913exit $ret 1914