1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0
3
4# This test is for checking IPv4 and IPv6 FIB behavior in response to
5# different events.
6
7ret=0
8# Kselftest framework requirement - SKIP code is 4.
9ksft_skip=4
10
11# all tests in this script. Can be overridden with -t option
12TESTS="unregister down carrier nexthop suppress ipv6_rt ipv4_rt ipv6_addr_metric ipv4_addr_metric ipv6_route_metrics ipv4_route_metrics ipv4_route_v6_gw rp_filter ipv4_del_addr"
13
14VERBOSE=0
15PAUSE_ON_FAIL=no
16PAUSE=no
17IP="ip -netns ns1"
18NS_EXEC="ip netns exec ns1"
19
20which ping6 > /dev/null 2>&1 && ping6=$(which ping6) || ping6=$(which ping)
21
22log_test()
23{
24	local rc=$1
25	local expected=$2
26	local msg="$3"
27
28	if [ ${rc} -eq ${expected} ]; then
29		printf "    TEST: %-60s  [ OK ]\n" "${msg}"
30		nsuccess=$((nsuccess+1))
31	else
32		ret=1
33		nfail=$((nfail+1))
34		printf "    TEST: %-60s  [FAIL]\n" "${msg}"
35		if [ "${PAUSE_ON_FAIL}" = "yes" ]; then
36		echo
37			echo "hit enter to continue, 'q' to quit"
38			read a
39			[ "$a" = "q" ] && exit 1
40		fi
41	fi
42
43	if [ "${PAUSE}" = "yes" ]; then
44		echo
45		echo "hit enter to continue, 'q' to quit"
46		read a
47		[ "$a" = "q" ] && exit 1
48	fi
49}
50
51setup()
52{
53	set -e
54	ip netns add ns1
55	ip netns set ns1 auto
56	$IP link set dev lo up
57	ip netns exec ns1 sysctl -qw net.ipv4.ip_forward=1
58	ip netns exec ns1 sysctl -qw net.ipv6.conf.all.forwarding=1
59
60	$IP link add dummy0 type dummy
61	$IP link set dev dummy0 up
62	$IP address add 198.51.100.1/24 dev dummy0
63	$IP -6 address add 2001:db8:1::1/64 dev dummy0
64	set +e
65
66}
67
68cleanup()
69{
70	$IP link del dev dummy0 &> /dev/null
71	ip netns del ns1
72	ip netns del ns2 &> /dev/null
73}
74
75get_linklocal()
76{
77	local dev=$1
78	local addr
79
80	addr=$($IP -6 -br addr show dev ${dev} | \
81	awk '{
82		for (i = 3; i <= NF; ++i) {
83			if ($i ~ /^fe80/)
84				print $i
85		}
86	}'
87	)
88	addr=${addr/\/*}
89
90	[ -z "$addr" ] && return 1
91
92	echo $addr
93
94	return 0
95}
96
97fib_unreg_unicast_test()
98{
99	echo
100	echo "Single path route test"
101
102	setup
103
104	echo "    Start point"
105	$IP route get fibmatch 198.51.100.2 &> /dev/null
106	log_test $? 0 "IPv4 fibmatch"
107	$IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
108	log_test $? 0 "IPv6 fibmatch"
109
110	set -e
111	$IP link del dev dummy0
112	set +e
113
114	echo "    Nexthop device deleted"
115	$IP route get fibmatch 198.51.100.2 &> /dev/null
116	log_test $? 2 "IPv4 fibmatch - no route"
117	$IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
118	log_test $? 2 "IPv6 fibmatch - no route"
119
120	cleanup
121}
122
123fib_unreg_multipath_test()
124{
125
126	echo
127	echo "Multipath route test"
128
129	setup
130
131	set -e
132	$IP link add dummy1 type dummy
133	$IP link set dev dummy1 up
134	$IP address add 192.0.2.1/24 dev dummy1
135	$IP -6 address add 2001:db8:2::1/64 dev dummy1
136
137	$IP route add 203.0.113.0/24 \
138		nexthop via 198.51.100.2 dev dummy0 \
139		nexthop via 192.0.2.2 dev dummy1
140	$IP -6 route add 2001:db8:3::/64 \
141		nexthop via 2001:db8:1::2 dev dummy0 \
142		nexthop via 2001:db8:2::2 dev dummy1
143	set +e
144
145	echo "    Start point"
146	$IP route get fibmatch 203.0.113.1 &> /dev/null
147	log_test $? 0 "IPv4 fibmatch"
148	$IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null
149	log_test $? 0 "IPv6 fibmatch"
150
151	set -e
152	$IP link del dev dummy0
153	set +e
154
155	echo "    One nexthop device deleted"
156	$IP route get fibmatch 203.0.113.1 &> /dev/null
157	log_test $? 2 "IPv4 - multipath route removed on delete"
158
159	$IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null
160	# In IPv6 we do not flush the entire multipath route.
161	log_test $? 0 "IPv6 - multipath down to single path"
162
163	set -e
164	$IP link del dev dummy1
165	set +e
166
167	echo "    Second nexthop device deleted"
168	$IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null
169	log_test $? 2 "IPv6 - no route"
170
171	cleanup
172}
173
174fib_unreg_test()
175{
176	fib_unreg_unicast_test
177	fib_unreg_multipath_test
178}
179
180fib_down_unicast_test()
181{
182	echo
183	echo "Single path, admin down"
184
185	setup
186
187	echo "    Start point"
188	$IP route get fibmatch 198.51.100.2 &> /dev/null
189	log_test $? 0 "IPv4 fibmatch"
190	$IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
191	log_test $? 0 "IPv6 fibmatch"
192
193	set -e
194	$IP link set dev dummy0 down
195	set +e
196
197	echo "    Route deleted on down"
198	$IP route get fibmatch 198.51.100.2 &> /dev/null
199	log_test $? 2 "IPv4 fibmatch"
200	$IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
201	log_test $? 2 "IPv6 fibmatch"
202
203	cleanup
204}
205
206fib_down_multipath_test_do()
207{
208	local down_dev=$1
209	local up_dev=$2
210
211	$IP route get fibmatch 203.0.113.1 \
212		oif $down_dev &> /dev/null
213	log_test $? 2 "IPv4 fibmatch on down device"
214	$IP -6 route get fibmatch 2001:db8:3::1 \
215		oif $down_dev &> /dev/null
216	log_test $? 2 "IPv6 fibmatch on down device"
217
218	$IP route get fibmatch 203.0.113.1 \
219		oif $up_dev &> /dev/null
220	log_test $? 0 "IPv4 fibmatch on up device"
221	$IP -6 route get fibmatch 2001:db8:3::1 \
222		oif $up_dev &> /dev/null
223	log_test $? 0 "IPv6 fibmatch on up device"
224
225	$IP route get fibmatch 203.0.113.1 | \
226		grep $down_dev | grep -q "dead linkdown"
227	log_test $? 0 "IPv4 flags on down device"
228	$IP -6 route get fibmatch 2001:db8:3::1 | \
229		grep $down_dev | grep -q "dead linkdown"
230	log_test $? 0 "IPv6 flags on down device"
231
232	$IP route get fibmatch 203.0.113.1 | \
233		grep $up_dev | grep -q "dead linkdown"
234	log_test $? 1 "IPv4 flags on up device"
235	$IP -6 route get fibmatch 2001:db8:3::1 | \
236		grep $up_dev | grep -q "dead linkdown"
237	log_test $? 1 "IPv6 flags on up device"
238}
239
240fib_down_multipath_test()
241{
242	echo
243	echo "Admin down multipath"
244
245	setup
246
247	set -e
248	$IP link add dummy1 type dummy
249	$IP link set dev dummy1 up
250
251	$IP address add 192.0.2.1/24 dev dummy1
252	$IP -6 address add 2001:db8:2::1/64 dev dummy1
253
254	$IP route add 203.0.113.0/24 \
255		nexthop via 198.51.100.2 dev dummy0 \
256		nexthop via 192.0.2.2 dev dummy1
257	$IP -6 route add 2001:db8:3::/64 \
258		nexthop via 2001:db8:1::2 dev dummy0 \
259		nexthop via 2001:db8:2::2 dev dummy1
260	set +e
261
262	echo "    Verify start point"
263	$IP route get fibmatch 203.0.113.1 &> /dev/null
264	log_test $? 0 "IPv4 fibmatch"
265
266	$IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null
267	log_test $? 0 "IPv6 fibmatch"
268
269	set -e
270	$IP link set dev dummy0 down
271	set +e
272
273	echo "    One device down, one up"
274	fib_down_multipath_test_do "dummy0" "dummy1"
275
276	set -e
277	$IP link set dev dummy0 up
278	$IP link set dev dummy1 down
279	set +e
280
281	echo "    Other device down and up"
282	fib_down_multipath_test_do "dummy1" "dummy0"
283
284	set -e
285	$IP link set dev dummy0 down
286	set +e
287
288	echo "    Both devices down"
289	$IP route get fibmatch 203.0.113.1 &> /dev/null
290	log_test $? 2 "IPv4 fibmatch"
291	$IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null
292	log_test $? 2 "IPv6 fibmatch"
293
294	$IP link del dev dummy1
295	cleanup
296}
297
298fib_down_test()
299{
300	fib_down_unicast_test
301	fib_down_multipath_test
302}
303
304# Local routes should not be affected when carrier changes.
305fib_carrier_local_test()
306{
307	echo
308	echo "Local carrier tests - single path"
309
310	setup
311
312	set -e
313	$IP link set dev dummy0 carrier on
314	set +e
315
316	echo "    Start point"
317	$IP route get fibmatch 198.51.100.1 &> /dev/null
318	log_test $? 0 "IPv4 fibmatch"
319	$IP -6 route get fibmatch 2001:db8:1::1 &> /dev/null
320	log_test $? 0 "IPv6 fibmatch"
321
322	$IP route get fibmatch 198.51.100.1 | \
323		grep -q "linkdown"
324	log_test $? 1 "IPv4 - no linkdown flag"
325	$IP -6 route get fibmatch 2001:db8:1::1 | \
326		grep -q "linkdown"
327	log_test $? 1 "IPv6 - no linkdown flag"
328
329	set -e
330	$IP link set dev dummy0 carrier off
331	sleep 1
332	set +e
333
334	echo "    Carrier off on nexthop"
335	$IP route get fibmatch 198.51.100.1 &> /dev/null
336	log_test $? 0 "IPv4 fibmatch"
337	$IP -6 route get fibmatch 2001:db8:1::1 &> /dev/null
338	log_test $? 0 "IPv6 fibmatch"
339
340	$IP route get fibmatch 198.51.100.1 | \
341		grep -q "linkdown"
342	log_test $? 1 "IPv4 - linkdown flag set"
343	$IP -6 route get fibmatch 2001:db8:1::1 | \
344		grep -q "linkdown"
345	log_test $? 1 "IPv6 - linkdown flag set"
346
347	set -e
348	$IP address add 192.0.2.1/24 dev dummy0
349	$IP -6 address add 2001:db8:2::1/64 dev dummy0
350	set +e
351
352	echo "    Route to local address with carrier down"
353	$IP route get fibmatch 192.0.2.1 &> /dev/null
354	log_test $? 0 "IPv4 fibmatch"
355	$IP -6 route get fibmatch 2001:db8:2::1 &> /dev/null
356	log_test $? 0 "IPv6 fibmatch"
357
358	$IP route get fibmatch 192.0.2.1 | \
359		grep -q "linkdown"
360	log_test $? 1 "IPv4 linkdown flag set"
361	$IP -6 route get fibmatch 2001:db8:2::1 | \
362		grep -q "linkdown"
363	log_test $? 1 "IPv6 linkdown flag set"
364
365	cleanup
366}
367
368fib_carrier_unicast_test()
369{
370	ret=0
371
372	echo
373	echo "Single path route carrier test"
374
375	setup
376
377	set -e
378	$IP link set dev dummy0 carrier on
379	set +e
380
381	echo "    Start point"
382	$IP route get fibmatch 198.51.100.2 &> /dev/null
383	log_test $? 0 "IPv4 fibmatch"
384	$IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
385	log_test $? 0 "IPv6 fibmatch"
386
387	$IP route get fibmatch 198.51.100.2 | \
388		grep -q "linkdown"
389	log_test $? 1 "IPv4 no linkdown flag"
390	$IP -6 route get fibmatch 2001:db8:1::2 | \
391		grep -q "linkdown"
392	log_test $? 1 "IPv6 no linkdown flag"
393
394	set -e
395	$IP link set dev dummy0 carrier off
396	sleep 1
397	set +e
398
399	echo "    Carrier down"
400	$IP route get fibmatch 198.51.100.2 &> /dev/null
401	log_test $? 0 "IPv4 fibmatch"
402	$IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
403	log_test $? 0 "IPv6 fibmatch"
404
405	$IP route get fibmatch 198.51.100.2 | \
406		grep -q "linkdown"
407	log_test $? 0 "IPv4 linkdown flag set"
408	$IP -6 route get fibmatch 2001:db8:1::2 | \
409		grep -q "linkdown"
410	log_test $? 0 "IPv6 linkdown flag set"
411
412	set -e
413	$IP address add 192.0.2.1/24 dev dummy0
414	$IP -6 address add 2001:db8:2::1/64 dev dummy0
415	set +e
416
417	echo "    Second address added with carrier down"
418	$IP route get fibmatch 192.0.2.2 &> /dev/null
419	log_test $? 0 "IPv4 fibmatch"
420	$IP -6 route get fibmatch 2001:db8:2::2 &> /dev/null
421	log_test $? 0 "IPv6 fibmatch"
422
423	$IP route get fibmatch 192.0.2.2 | \
424		grep -q "linkdown"
425	log_test $? 0 "IPv4 linkdown flag set"
426	$IP -6 route get fibmatch 2001:db8:2::2 | \
427		grep -q "linkdown"
428	log_test $? 0 "IPv6 linkdown flag set"
429
430	cleanup
431}
432
433fib_carrier_test()
434{
435	fib_carrier_local_test
436	fib_carrier_unicast_test
437}
438
439fib_rp_filter_test()
440{
441	echo
442	echo "IPv4 rp_filter tests"
443
444	setup
445
446	set -e
447	$IP link set dev lo address 52:54:00:6a:c7:5e
448	$IP link set dummy0 address 52:54:00:6a:c7:5e
449	$IP link add dummy1 type dummy
450	$IP link set dummy1 address 52:54:00:6a:c7:5e
451	$IP link set dev dummy1 up
452	$NS_EXEC sysctl -qw net.ipv4.conf.all.rp_filter=1
453	$NS_EXEC sysctl -qw net.ipv4.conf.all.accept_local=1
454	$NS_EXEC sysctl -qw net.ipv4.conf.all.route_localnet=1
455
456	$NS_EXEC tc qd add dev dummy1 parent root handle 1: fq_codel
457	$NS_EXEC tc filter add dev dummy1 parent 1: protocol arp basic action mirred egress redirect dev lo
458	$NS_EXEC tc filter add dev dummy1 parent 1: protocol ip basic action mirred egress redirect dev lo
459	set +e
460
461	run_cmd "ip netns exec ns1 ping -I dummy1 -w1 -c1 198.51.100.1"
462	log_test $? 0 "rp_filter passes local packets"
463
464	run_cmd "ip netns exec ns1 ping -I dummy1 -w1 -c1 127.0.0.1"
465	log_test $? 0 "rp_filter passes loopback packets"
466
467	cleanup
468}
469
470################################################################################
471# Tests on nexthop spec
472
473# run 'ip route add' with given spec
474add_rt()
475{
476	local desc="$1"
477	local erc=$2
478	local vrf=$3
479	local pfx=$4
480	local gw=$5
481	local dev=$6
482	local cmd out rc
483
484	[ "$vrf" = "-" ] && vrf="default"
485	[ -n "$gw" ] && gw="via $gw"
486	[ -n "$dev" ] && dev="dev $dev"
487
488	cmd="$IP route add vrf $vrf $pfx $gw $dev"
489	if [ "$VERBOSE" = "1" ]; then
490		printf "\n    COMMAND: $cmd\n"
491	fi
492
493	out=$(eval $cmd 2>&1)
494	rc=$?
495	if [ "$VERBOSE" = "1" -a -n "$out" ]; then
496		echo "    $out"
497	fi
498	log_test $rc $erc "$desc"
499}
500
501fib4_nexthop()
502{
503	echo
504	echo "IPv4 nexthop tests"
505
506	echo "<<< write me >>>"
507}
508
509fib6_nexthop()
510{
511	local lldummy=$(get_linklocal dummy0)
512	local llv1=$(get_linklocal dummy0)
513
514	if [ -z "$lldummy" ]; then
515		echo "Failed to get linklocal address for dummy0"
516		return 1
517	fi
518	if [ -z "$llv1" ]; then
519		echo "Failed to get linklocal address for veth1"
520		return 1
521	fi
522
523	echo
524	echo "IPv6 nexthop tests"
525
526	add_rt "Directly connected nexthop, unicast address" 0 \
527		- 2001:db8:101::/64 2001:db8:1::2
528	add_rt "Directly connected nexthop, unicast address with device" 0 \
529		- 2001:db8:102::/64 2001:db8:1::2 "dummy0"
530	add_rt "Gateway is linklocal address" 0 \
531		- 2001:db8:103::1/64 $llv1 "veth0"
532
533	# fails because LL address requires a device
534	add_rt "Gateway is linklocal address, no device" 2 \
535		- 2001:db8:104::1/64 $llv1
536
537	# local address can not be a gateway
538	add_rt "Gateway can not be local unicast address" 2 \
539		- 2001:db8:105::/64 2001:db8:1::1
540	add_rt "Gateway can not be local unicast address, with device" 2 \
541		- 2001:db8:106::/64 2001:db8:1::1 "dummy0"
542	add_rt "Gateway can not be a local linklocal address" 2 \
543		- 2001:db8:107::1/64 $lldummy "dummy0"
544
545	# VRF tests
546	add_rt "Gateway can be local address in a VRF" 0 \
547		- 2001:db8:108::/64 2001:db8:51::2
548	add_rt "Gateway can be local address in a VRF, with device" 0 \
549		- 2001:db8:109::/64 2001:db8:51::2 "veth0"
550	add_rt "Gateway can be local linklocal address in a VRF" 0 \
551		- 2001:db8:110::1/64 $llv1 "veth0"
552
553	add_rt "Redirect to VRF lookup" 0 \
554		- 2001:db8:111::/64 "" "red"
555
556	add_rt "VRF route, gateway can be local address in default VRF" 0 \
557		red 2001:db8:112::/64 2001:db8:51::1
558
559	# local address in same VRF fails
560	add_rt "VRF route, gateway can not be a local address" 2 \
561		red 2001:db8:113::1/64 2001:db8:2::1
562	add_rt "VRF route, gateway can not be a local addr with device" 2 \
563		red 2001:db8:114::1/64 2001:db8:2::1 "dummy1"
564}
565
566# Default VRF:
567#   dummy0 - 198.51.100.1/24 2001:db8:1::1/64
568#   veth0  - 192.0.2.1/24    2001:db8:51::1/64
569#
570# VRF red:
571#   dummy1 - 192.168.2.1/24 2001:db8:2::1/64
572#   veth1  - 192.0.2.2/24   2001:db8:51::2/64
573#
574#  [ dummy0   veth0 ]--[ veth1   dummy1 ]
575
576fib_nexthop_test()
577{
578	setup
579
580	set -e
581
582	$IP -4 rule add pref 32765 table local
583	$IP -4 rule del pref 0
584	$IP -6 rule add pref 32765 table local
585	$IP -6 rule del pref 0
586
587	$IP link add red type vrf table 1
588	$IP link set red up
589	$IP -4 route add vrf red unreachable default metric 4278198272
590	$IP -6 route add vrf red unreachable default metric 4278198272
591
592	$IP link add veth0 type veth peer name veth1
593	$IP link set dev veth0 up
594	$IP address add 192.0.2.1/24 dev veth0
595	$IP -6 address add 2001:db8:51::1/64 dev veth0
596
597	$IP link set dev veth1 vrf red up
598	$IP address add 192.0.2.2/24 dev veth1
599	$IP -6 address add 2001:db8:51::2/64 dev veth1
600
601	$IP link add dummy1 type dummy
602	$IP link set dev dummy1 vrf red up
603	$IP address add 192.168.2.1/24 dev dummy1
604	$IP -6 address add 2001:db8:2::1/64 dev dummy1
605	set +e
606
607	sleep 1
608	fib4_nexthop
609	fib6_nexthop
610
611	(
612	$IP link del dev dummy1
613	$IP link del veth0
614	$IP link del red
615	) 2>/dev/null
616	cleanup
617}
618
619fib_suppress_test()
620{
621	$IP link add dummy1 type dummy
622	$IP link set dummy1 up
623	$IP -6 route add default dev dummy1
624	$IP -6 rule add table main suppress_prefixlength 0
625	ping -f -c 1000 -W 1 1234::1 || true
626	$IP -6 rule del table main suppress_prefixlength 0
627	$IP link del dummy1
628
629	# If we got here without crashing, we're good.
630	return 0
631}
632
633################################################################################
634# Tests on route add and replace
635
636run_cmd()
637{
638	local cmd="$1"
639	local out
640	local stderr="2>/dev/null"
641
642	if [ "$VERBOSE" = "1" ]; then
643		printf "    COMMAND: $cmd\n"
644		stderr=
645	fi
646
647	out=$(eval $cmd $stderr)
648	rc=$?
649	if [ "$VERBOSE" = "1" -a -n "$out" ]; then
650		echo "    $out"
651	fi
652
653	[ "$VERBOSE" = "1" ] && echo
654
655	return $rc
656}
657
658check_expected()
659{
660	local out="$1"
661	local expected="$2"
662	local rc=0
663
664	[ "${out}" = "${expected}" ] && return 0
665
666	if [ -z "${out}" ]; then
667		if [ "$VERBOSE" = "1" ]; then
668			printf "\nNo route entry found\n"
669			printf "Expected:\n"
670			printf "    ${expected}\n"
671		fi
672		return 1
673	fi
674
675	# tricky way to convert output to 1-line without ip's
676	# messy '\'; this drops all extra white space
677	out=$(echo ${out})
678	if [ "${out}" != "${expected}" ]; then
679		rc=1
680		if [ "${VERBOSE}" = "1" ]; then
681			printf "    Unexpected route entry. Have:\n"
682			printf "        ${out}\n"
683			printf "    Expected:\n"
684			printf "        ${expected}\n\n"
685		fi
686	fi
687
688	return $rc
689}
690
691# add route for a prefix, flushing any existing routes first
692# expected to be the first step of a test
693add_route6()
694{
695	local pfx="$1"
696	local nh="$2"
697	local out
698
699	if [ "$VERBOSE" = "1" ]; then
700		echo
701		echo "    ##################################################"
702		echo
703	fi
704
705	run_cmd "$IP -6 ro flush ${pfx}"
706	[ $? -ne 0 ] && exit 1
707
708	out=$($IP -6 ro ls match ${pfx})
709	if [ -n "$out" ]; then
710		echo "Failed to flush routes for prefix used for tests."
711		exit 1
712	fi
713
714	run_cmd "$IP -6 ro add ${pfx} ${nh}"
715	if [ $? -ne 0 ]; then
716		echo "Failed to add initial route for test."
717		exit 1
718	fi
719}
720
721# add initial route - used in replace route tests
722add_initial_route6()
723{
724	add_route6 "2001:db8:104::/64" "$1"
725}
726
727check_route6()
728{
729	local pfx
730	local expected="$1"
731	local out
732	local rc=0
733
734	set -- $expected
735	pfx=$1
736
737	out=$($IP -6 ro ls match ${pfx} | sed -e 's/ pref medium//')
738	check_expected "${out}" "${expected}"
739}
740
741route_cleanup()
742{
743	$IP li del red 2>/dev/null
744	$IP li del dummy1 2>/dev/null
745	$IP li del veth1 2>/dev/null
746	$IP li del veth3 2>/dev/null
747
748	cleanup &> /dev/null
749}
750
751route_setup()
752{
753	route_cleanup
754	setup
755
756	[ "${VERBOSE}" = "1" ] && set -x
757	set -e
758
759	ip netns add ns2
760	ip netns set ns2 auto
761	ip -netns ns2 link set dev lo up
762	ip netns exec ns2 sysctl -qw net.ipv4.ip_forward=1
763	ip netns exec ns2 sysctl -qw net.ipv6.conf.all.forwarding=1
764
765	$IP li add veth1 type veth peer name veth2
766	$IP li add veth3 type veth peer name veth4
767
768	$IP li set veth1 up
769	$IP li set veth3 up
770	$IP li set veth2 netns ns2 up
771	$IP li set veth4 netns ns2 up
772	ip -netns ns2 li add dummy1 type dummy
773	ip -netns ns2 li set dummy1 up
774
775	$IP -6 addr add 2001:db8:101::1/64 dev veth1 nodad
776	$IP -6 addr add 2001:db8:103::1/64 dev veth3 nodad
777	$IP addr add 172.16.101.1/24 dev veth1
778	$IP addr add 172.16.103.1/24 dev veth3
779
780	ip -netns ns2 -6 addr add 2001:db8:101::2/64 dev veth2 nodad
781	ip -netns ns2 -6 addr add 2001:db8:103::2/64 dev veth4 nodad
782	ip -netns ns2 -6 addr add 2001:db8:104::1/64 dev dummy1 nodad
783
784	ip -netns ns2 addr add 172.16.101.2/24 dev veth2
785	ip -netns ns2 addr add 172.16.103.2/24 dev veth4
786	ip -netns ns2 addr add 172.16.104.1/24 dev dummy1
787
788	set +e
789}
790
791# assumption is that basic add of a single path route works
792# otherwise just adding an address on an interface is broken
793ipv6_rt_add()
794{
795	local rc
796
797	echo
798	echo "IPv6 route add / append tests"
799
800	# route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
801	add_route6 "2001:db8:104::/64" "via 2001:db8:101::2"
802	run_cmd "$IP -6 ro add 2001:db8:104::/64 via 2001:db8:103::2"
803	log_test $? 2 "Attempt to add duplicate route - gw"
804
805	# route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
806	add_route6 "2001:db8:104::/64" "via 2001:db8:101::2"
807	run_cmd "$IP -6 ro add 2001:db8:104::/64 dev veth3"
808	log_test $? 2 "Attempt to add duplicate route - dev only"
809
810	# route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
811	add_route6 "2001:db8:104::/64" "via 2001:db8:101::2"
812	run_cmd "$IP -6 ro add unreachable 2001:db8:104::/64"
813	log_test $? 2 "Attempt to add duplicate route - reject route"
814
815	# route append with same prefix adds a new route
816	# - iproute2 sets NLM_F_CREATE | NLM_F_APPEND
817	add_route6 "2001:db8:104::/64" "via 2001:db8:101::2"
818	run_cmd "$IP -6 ro append 2001:db8:104::/64 via 2001:db8:103::2"
819	check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
820	log_test $? 0 "Append nexthop to existing route - gw"
821
822	# insert mpath directly
823	add_route6 "2001:db8:104::/64" "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
824	check_route6  "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
825	log_test $? 0 "Add multipath route"
826
827	add_route6 "2001:db8:104::/64" "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
828	run_cmd "$IP -6 ro add 2001:db8:104::/64 nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
829	log_test $? 2 "Attempt to add duplicate multipath route"
830
831	# insert of a second route without append but different metric
832	add_route6 "2001:db8:104::/64" "via 2001:db8:101::2"
833	run_cmd "$IP -6 ro add 2001:db8:104::/64 via 2001:db8:103::2 metric 512"
834	rc=$?
835	if [ $rc -eq 0 ]; then
836		run_cmd "$IP -6 ro add 2001:db8:104::/64 via 2001:db8:103::3 metric 256"
837		rc=$?
838	fi
839	log_test $rc 0 "Route add with different metrics"
840
841	run_cmd "$IP -6 ro del 2001:db8:104::/64 metric 512"
842	rc=$?
843	if [ $rc -eq 0 ]; then
844		check_route6 "2001:db8:104::/64 via 2001:db8:103::3 dev veth3 metric 256 2001:db8:104::/64 via 2001:db8:101::2 dev veth1 metric 1024"
845		rc=$?
846	fi
847	log_test $rc 0 "Route delete with metric"
848}
849
850ipv6_rt_replace_single()
851{
852	# single path with single path
853	#
854	add_initial_route6 "via 2001:db8:101::2"
855	run_cmd "$IP -6 ro replace 2001:db8:104::/64 via 2001:db8:103::2"
856	check_route6 "2001:db8:104::/64 via 2001:db8:103::2 dev veth3 metric 1024"
857	log_test $? 0 "Single path with single path"
858
859	# single path with multipath
860	#
861	add_initial_route6 "nexthop via 2001:db8:101::2"
862	run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:103::2"
863	check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::3 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
864	log_test $? 0 "Single path with multipath"
865
866	# single path with single path using MULTIPATH attribute
867	#
868	add_initial_route6 "via 2001:db8:101::2"
869	run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:103::2"
870	check_route6 "2001:db8:104::/64 via 2001:db8:103::2 dev veth3 metric 1024"
871	log_test $? 0 "Single path with single path via multipath attribute"
872
873	# route replace fails - invalid nexthop
874	add_initial_route6 "via 2001:db8:101::2"
875	run_cmd "$IP -6 ro replace 2001:db8:104::/64 via 2001:db8:104::2"
876	if [ $? -eq 0 ]; then
877		# previous command is expected to fail so if it returns 0
878		# that means the test failed.
879		log_test 0 1 "Invalid nexthop"
880	else
881		check_route6 "2001:db8:104::/64 via 2001:db8:101::2 dev veth1 metric 1024"
882		log_test $? 0 "Invalid nexthop"
883	fi
884
885	# replace non-existent route
886	# - note use of change versus replace since ip adds NLM_F_CREATE
887	#   for replace
888	add_initial_route6 "via 2001:db8:101::2"
889	run_cmd "$IP -6 ro change 2001:db8:105::/64 via 2001:db8:101::2"
890	log_test $? 2 "Single path - replace of non-existent route"
891}
892
893ipv6_rt_replace_mpath()
894{
895	# multipath with multipath
896	add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
897	run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:103::3"
898	check_route6  "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::3 dev veth1 weight 1 nexthop via 2001:db8:103::3 dev veth3 weight 1"
899	log_test $? 0 "Multipath with multipath"
900
901	# multipath with single
902	add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
903	run_cmd "$IP -6 ro replace 2001:db8:104::/64 via 2001:db8:101::3"
904	check_route6  "2001:db8:104::/64 via 2001:db8:101::3 dev veth1 metric 1024"
905	log_test $? 0 "Multipath with single path"
906
907	# multipath with single
908	add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
909	run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3"
910	check_route6 "2001:db8:104::/64 via 2001:db8:101::3 dev veth1 metric 1024"
911	log_test $? 0 "Multipath with single path via multipath attribute"
912
913	# multipath with dev-only
914	add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
915	run_cmd "$IP -6 ro replace 2001:db8:104::/64 dev veth1"
916	check_route6 "2001:db8:104::/64 dev veth1 metric 1024"
917	log_test $? 0 "Multipath with dev-only"
918
919	# route replace fails - invalid nexthop 1
920	add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
921	run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:111::3 nexthop via 2001:db8:103::3"
922	check_route6  "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
923	log_test $? 0 "Multipath - invalid first nexthop"
924
925	# route replace fails - invalid nexthop 2
926	add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
927	run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:113::3"
928	check_route6  "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
929	log_test $? 0 "Multipath - invalid second nexthop"
930
931	# multipath non-existent route
932	add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
933	run_cmd "$IP -6 ro change 2001:db8:105::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:103::3"
934	log_test $? 2 "Multipath - replace of non-existent route"
935}
936
937ipv6_rt_replace()
938{
939	echo
940	echo "IPv6 route replace tests"
941
942	ipv6_rt_replace_single
943	ipv6_rt_replace_mpath
944}
945
946ipv6_route_test()
947{
948	route_setup
949
950	ipv6_rt_add
951	ipv6_rt_replace
952
953	route_cleanup
954}
955
956ip_addr_metric_check()
957{
958	ip addr help 2>&1 | grep -q metric
959	if [ $? -ne 0 ]; then
960		echo "iproute2 command does not support metric for addresses. Skipping test"
961		return 1
962	fi
963
964	return 0
965}
966
967ipv6_addr_metric_test()
968{
969	local rc
970
971	echo
972	echo "IPv6 prefix route tests"
973
974	ip_addr_metric_check || return 1
975
976	setup
977
978	set -e
979	$IP li add dummy1 type dummy
980	$IP li add dummy2 type dummy
981	$IP li set dummy1 up
982	$IP li set dummy2 up
983
984	# default entry is metric 256
985	run_cmd "$IP -6 addr add dev dummy1 2001:db8:104::1/64"
986	run_cmd "$IP -6 addr add dev dummy2 2001:db8:104::2/64"
987	set +e
988
989	check_route6 "2001:db8:104::/64 dev dummy1 proto kernel metric 256 2001:db8:104::/64 dev dummy2 proto kernel metric 256"
990	log_test $? 0 "Default metric"
991
992	set -e
993	run_cmd "$IP -6 addr flush dev dummy1"
994	run_cmd "$IP -6 addr add dev dummy1 2001:db8:104::1/64 metric 257"
995	set +e
996
997	check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 256 2001:db8:104::/64 dev dummy1 proto kernel metric 257"
998	log_test $? 0 "User specified metric on first device"
999
1000	set -e
1001	run_cmd "$IP -6 addr flush dev dummy2"
1002	run_cmd "$IP -6 addr add dev dummy2 2001:db8:104::2/64 metric 258"
1003	set +e
1004
1005	check_route6 "2001:db8:104::/64 dev dummy1 proto kernel metric 257 2001:db8:104::/64 dev dummy2 proto kernel metric 258"
1006	log_test $? 0 "User specified metric on second device"
1007
1008	run_cmd "$IP -6 addr del dev dummy1 2001:db8:104::1/64 metric 257"
1009	rc=$?
1010	if [ $rc -eq 0 ]; then
1011		check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 258"
1012		rc=$?
1013	fi
1014	log_test $rc 0 "Delete of address on first device"
1015
1016	run_cmd "$IP -6 addr change dev dummy2 2001:db8:104::2/64 metric 259"
1017	rc=$?
1018	if [ $rc -eq 0 ]; then
1019		check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 259"
1020		rc=$?
1021	fi
1022	log_test $rc 0 "Modify metric of address"
1023
1024	# verify prefix route removed on down
1025	run_cmd "ip netns exec ns1 sysctl -qw net.ipv6.conf.all.keep_addr_on_down=1"
1026	run_cmd "$IP li set dev dummy2 down"
1027	rc=$?
1028	if [ $rc -eq 0 ]; then
1029		out=$($IP -6 ro ls match 2001:db8:104::/64)
1030		check_expected "${out}" ""
1031		rc=$?
1032	fi
1033	log_test $rc 0 "Prefix route removed on link down"
1034
1035	# verify prefix route re-inserted with assigned metric
1036	run_cmd "$IP li set dev dummy2 up"
1037	rc=$?
1038	if [ $rc -eq 0 ]; then
1039		check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 259"
1040		rc=$?
1041	fi
1042	log_test $rc 0 "Prefix route with metric on link up"
1043
1044	$IP li del dummy1
1045	$IP li del dummy2
1046	cleanup
1047}
1048
1049ipv6_route_metrics_test()
1050{
1051	local rc
1052
1053	echo
1054	echo "IPv6 routes with metrics"
1055
1056	route_setup
1057
1058	#
1059	# single path with metrics
1060	#
1061	run_cmd "$IP -6 ro add 2001:db8:111::/64 via 2001:db8:101::2 mtu 1400"
1062	rc=$?
1063	if [ $rc -eq 0 ]; then
1064		check_route6  "2001:db8:111::/64 via 2001:db8:101::2 dev veth1 metric 1024 mtu 1400"
1065		rc=$?
1066	fi
1067	log_test $rc 0 "Single path route with mtu metric"
1068
1069
1070	#
1071	# multipath via separate routes with metrics
1072	#
1073	run_cmd "$IP -6 ro add 2001:db8:112::/64 via 2001:db8:101::2 mtu 1400"
1074	run_cmd "$IP -6 ro append 2001:db8:112::/64 via 2001:db8:103::2"
1075	rc=$?
1076	if [ $rc -eq 0 ]; then
1077		check_route6 "2001:db8:112::/64 metric 1024 mtu 1400 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
1078		rc=$?
1079	fi
1080	log_test $rc 0 "Multipath route via 2 single routes with mtu metric on first"
1081
1082	# second route is coalesced to first to make a multipath route.
1083	# MTU of the second path is hidden from display!
1084	run_cmd "$IP -6 ro add 2001:db8:113::/64 via 2001:db8:101::2"
1085	run_cmd "$IP -6 ro append 2001:db8:113::/64 via 2001:db8:103::2 mtu 1400"
1086	rc=$?
1087	if [ $rc -eq 0 ]; then
1088		check_route6 "2001:db8:113::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
1089		rc=$?
1090	fi
1091	log_test $rc 0 "Multipath route via 2 single routes with mtu metric on 2nd"
1092
1093	run_cmd "$IP -6 ro del 2001:db8:113::/64 via 2001:db8:101::2"
1094	if [ $? -eq 0 ]; then
1095		check_route6 "2001:db8:113::/64 via 2001:db8:103::2 dev veth3 metric 1024 mtu 1400"
1096		log_test $? 0 "    MTU of second leg"
1097	fi
1098
1099	#
1100	# multipath with metrics
1101	#
1102	run_cmd "$IP -6 ro add 2001:db8:115::/64 mtu 1400 nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1103	rc=$?
1104	if [ $rc -eq 0 ]; then
1105		check_route6  "2001:db8:115::/64 metric 1024 mtu 1400 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
1106		rc=$?
1107	fi
1108	log_test $rc 0 "Multipath route with mtu metric"
1109
1110	$IP -6 ro add 2001:db8:104::/64 via 2001:db8:101::2 mtu 1300
1111	run_cmd "ip netns exec ns1 ${ping6} -w1 -c1 -s 1500 2001:db8:104::1"
1112	log_test $? 0 "Using route with mtu metric"
1113
1114	run_cmd "$IP -6 ro add 2001:db8:114::/64 via  2001:db8:101::2  congctl lock foo"
1115	log_test $? 2 "Invalid metric (fails metric_convert)"
1116
1117	route_cleanup
1118}
1119
1120# add route for a prefix, flushing any existing routes first
1121# expected to be the first step of a test
1122add_route()
1123{
1124	local pfx="$1"
1125	local nh="$2"
1126	local out
1127
1128	if [ "$VERBOSE" = "1" ]; then
1129		echo
1130		echo "    ##################################################"
1131		echo
1132	fi
1133
1134	run_cmd "$IP ro flush ${pfx}"
1135	[ $? -ne 0 ] && exit 1
1136
1137	out=$($IP ro ls match ${pfx})
1138	if [ -n "$out" ]; then
1139		echo "Failed to flush routes for prefix used for tests."
1140		exit 1
1141	fi
1142
1143	run_cmd "$IP ro add ${pfx} ${nh}"
1144	if [ $? -ne 0 ]; then
1145		echo "Failed to add initial route for test."
1146		exit 1
1147	fi
1148}
1149
1150# add initial route - used in replace route tests
1151add_initial_route()
1152{
1153	add_route "172.16.104.0/24" "$1"
1154}
1155
1156check_route()
1157{
1158	local pfx
1159	local expected="$1"
1160	local out
1161
1162	set -- $expected
1163	pfx=$1
1164	[ "${pfx}" = "unreachable" ] && pfx=$2
1165
1166	out=$($IP ro ls match ${pfx})
1167	check_expected "${out}" "${expected}"
1168}
1169
1170# assumption is that basic add of a single path route works
1171# otherwise just adding an address on an interface is broken
1172ipv4_rt_add()
1173{
1174	local rc
1175
1176	echo
1177	echo "IPv4 route add / append tests"
1178
1179	# route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
1180	add_route "172.16.104.0/24" "via 172.16.101.2"
1181	run_cmd "$IP ro add 172.16.104.0/24 via 172.16.103.2"
1182	log_test $? 2 "Attempt to add duplicate route - gw"
1183
1184	# route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
1185	add_route "172.16.104.0/24" "via 172.16.101.2"
1186	run_cmd "$IP ro add 172.16.104.0/24 dev veth3"
1187	log_test $? 2 "Attempt to add duplicate route - dev only"
1188
1189	# route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
1190	add_route "172.16.104.0/24" "via 172.16.101.2"
1191	run_cmd "$IP ro add unreachable 172.16.104.0/24"
1192	log_test $? 2 "Attempt to add duplicate route - reject route"
1193
1194	# iproute2 prepend only sets NLM_F_CREATE
1195	# - adds a new route; does NOT convert existing route to ECMP
1196	add_route "172.16.104.0/24" "via 172.16.101.2"
1197	run_cmd "$IP ro prepend 172.16.104.0/24 via 172.16.103.2"
1198	check_route "172.16.104.0/24 via 172.16.103.2 dev veth3 172.16.104.0/24 via 172.16.101.2 dev veth1"
1199	log_test $? 0 "Add new nexthop for existing prefix"
1200
1201	# route append with same prefix adds a new route
1202	# - iproute2 sets NLM_F_CREATE | NLM_F_APPEND
1203	add_route "172.16.104.0/24" "via 172.16.101.2"
1204	run_cmd "$IP ro append 172.16.104.0/24 via 172.16.103.2"
1205	check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 172.16.104.0/24 via 172.16.103.2 dev veth3"
1206	log_test $? 0 "Append nexthop to existing route - gw"
1207
1208	add_route "172.16.104.0/24" "via 172.16.101.2"
1209	run_cmd "$IP ro append 172.16.104.0/24 dev veth3"
1210	check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 172.16.104.0/24 dev veth3 scope link"
1211	log_test $? 0 "Append nexthop to existing route - dev only"
1212
1213	add_route "172.16.104.0/24" "via 172.16.101.2"
1214	run_cmd "$IP ro append unreachable 172.16.104.0/24"
1215	check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 unreachable 172.16.104.0/24"
1216	log_test $? 0 "Append nexthop to existing route - reject route"
1217
1218	run_cmd "$IP ro flush 172.16.104.0/24"
1219	run_cmd "$IP ro add unreachable 172.16.104.0/24"
1220	run_cmd "$IP ro append 172.16.104.0/24 via 172.16.103.2"
1221	check_route "unreachable 172.16.104.0/24 172.16.104.0/24 via 172.16.103.2 dev veth3"
1222	log_test $? 0 "Append nexthop to existing reject route - gw"
1223
1224	run_cmd "$IP ro flush 172.16.104.0/24"
1225	run_cmd "$IP ro add unreachable 172.16.104.0/24"
1226	run_cmd "$IP ro append 172.16.104.0/24 dev veth3"
1227	check_route "unreachable 172.16.104.0/24 172.16.104.0/24 dev veth3 scope link"
1228	log_test $? 0 "Append nexthop to existing reject route - dev only"
1229
1230	# insert mpath directly
1231	add_route "172.16.104.0/24" "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1232	check_route  "172.16.104.0/24 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
1233	log_test $? 0 "add multipath route"
1234
1235	add_route "172.16.104.0/24" "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1236	run_cmd "$IP ro add 172.16.104.0/24 nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1237	log_test $? 2 "Attempt to add duplicate multipath route"
1238
1239	# insert of a second route without append but different metric
1240	add_route "172.16.104.0/24" "via 172.16.101.2"
1241	run_cmd "$IP ro add 172.16.104.0/24 via 172.16.103.2 metric 512"
1242	rc=$?
1243	if [ $rc -eq 0 ]; then
1244		run_cmd "$IP ro add 172.16.104.0/24 via 172.16.103.3 metric 256"
1245		rc=$?
1246	fi
1247	log_test $rc 0 "Route add with different metrics"
1248
1249	run_cmd "$IP ro del 172.16.104.0/24 metric 512"
1250	rc=$?
1251	if [ $rc -eq 0 ]; then
1252		check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 172.16.104.0/24 via 172.16.103.3 dev veth3 metric 256"
1253		rc=$?
1254	fi
1255	log_test $rc 0 "Route delete with metric"
1256}
1257
1258ipv4_rt_replace_single()
1259{
1260	# single path with single path
1261	#
1262	add_initial_route "via 172.16.101.2"
1263	run_cmd "$IP ro replace 172.16.104.0/24 via 172.16.103.2"
1264	check_route "172.16.104.0/24 via 172.16.103.2 dev veth3"
1265	log_test $? 0 "Single path with single path"
1266
1267	# single path with multipath
1268	#
1269	add_initial_route "nexthop via 172.16.101.2"
1270	run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3 nexthop via 172.16.103.2"
1271	check_route "172.16.104.0/24 nexthop via 172.16.101.3 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
1272	log_test $? 0 "Single path with multipath"
1273
1274	# single path with reject
1275	#
1276	add_initial_route "nexthop via 172.16.101.2"
1277	run_cmd "$IP ro replace unreachable 172.16.104.0/24"
1278	check_route "unreachable 172.16.104.0/24"
1279	log_test $? 0 "Single path with reject route"
1280
1281	# single path with single path using MULTIPATH attribute
1282	#
1283	add_initial_route "via 172.16.101.2"
1284	run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.103.2"
1285	check_route "172.16.104.0/24 via 172.16.103.2 dev veth3"
1286	log_test $? 0 "Single path with single path via multipath attribute"
1287
1288	# route replace fails - invalid nexthop
1289	add_initial_route "via 172.16.101.2"
1290	run_cmd "$IP ro replace 172.16.104.0/24 via 2001:db8:104::2"
1291	if [ $? -eq 0 ]; then
1292		# previous command is expected to fail so if it returns 0
1293		# that means the test failed.
1294		log_test 0 1 "Invalid nexthop"
1295	else
1296		check_route "172.16.104.0/24 via 172.16.101.2 dev veth1"
1297		log_test $? 0 "Invalid nexthop"
1298	fi
1299
1300	# replace non-existent route
1301	# - note use of change versus replace since ip adds NLM_F_CREATE
1302	#   for replace
1303	add_initial_route "via 172.16.101.2"
1304	run_cmd "$IP ro change 172.16.105.0/24 via 172.16.101.2"
1305	log_test $? 2 "Single path - replace of non-existent route"
1306}
1307
1308ipv4_rt_replace_mpath()
1309{
1310	# multipath with multipath
1311	add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1312	run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3 nexthop via 172.16.103.3"
1313	check_route  "172.16.104.0/24 nexthop via 172.16.101.3 dev veth1 weight 1 nexthop via 172.16.103.3 dev veth3 weight 1"
1314	log_test $? 0 "Multipath with multipath"
1315
1316	# multipath with single
1317	add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1318	run_cmd "$IP ro replace 172.16.104.0/24 via 172.16.101.3"
1319	check_route  "172.16.104.0/24 via 172.16.101.3 dev veth1"
1320	log_test $? 0 "Multipath with single path"
1321
1322	# multipath with single
1323	add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1324	run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3"
1325	check_route "172.16.104.0/24 via 172.16.101.3 dev veth1"
1326	log_test $? 0 "Multipath with single path via multipath attribute"
1327
1328	# multipath with reject
1329	add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1330	run_cmd "$IP ro replace unreachable 172.16.104.0/24"
1331	check_route "unreachable 172.16.104.0/24"
1332	log_test $? 0 "Multipath with reject route"
1333
1334	# route replace fails - invalid nexthop 1
1335	add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1336	run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.111.3 nexthop via 172.16.103.3"
1337	check_route  "172.16.104.0/24 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
1338	log_test $? 0 "Multipath - invalid first nexthop"
1339
1340	# route replace fails - invalid nexthop 2
1341	add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1342	run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3 nexthop via 172.16.113.3"
1343	check_route  "172.16.104.0/24 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
1344	log_test $? 0 "Multipath - invalid second nexthop"
1345
1346	# multipath non-existent route
1347	add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1348	run_cmd "$IP ro change 172.16.105.0/24 nexthop via 172.16.101.3 nexthop via 172.16.103.3"
1349	log_test $? 2 "Multipath - replace of non-existent route"
1350}
1351
1352ipv4_rt_replace()
1353{
1354	echo
1355	echo "IPv4 route replace tests"
1356
1357	ipv4_rt_replace_single
1358	ipv4_rt_replace_mpath
1359}
1360
1361ipv4_route_test()
1362{
1363	route_setup
1364
1365	ipv4_rt_add
1366	ipv4_rt_replace
1367
1368	route_cleanup
1369}
1370
1371ipv4_addr_metric_test()
1372{
1373	local rc
1374
1375	echo
1376	echo "IPv4 prefix route tests"
1377
1378	ip_addr_metric_check || return 1
1379
1380	setup
1381
1382	set -e
1383	$IP li add dummy1 type dummy
1384	$IP li add dummy2 type dummy
1385	$IP li set dummy1 up
1386	$IP li set dummy2 up
1387
1388	# default entry is metric 256
1389	run_cmd "$IP addr add dev dummy1 172.16.104.1/24"
1390	run_cmd "$IP addr add dev dummy2 172.16.104.2/24"
1391	set +e
1392
1393	check_route "172.16.104.0/24 dev dummy1 proto kernel scope link src 172.16.104.1 172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2"
1394	log_test $? 0 "Default metric"
1395
1396	set -e
1397	run_cmd "$IP addr flush dev dummy1"
1398	run_cmd "$IP addr add dev dummy1 172.16.104.1/24 metric 257"
1399	set +e
1400
1401	check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 172.16.104.0/24 dev dummy1 proto kernel scope link src 172.16.104.1 metric 257"
1402	log_test $? 0 "User specified metric on first device"
1403
1404	set -e
1405	run_cmd "$IP addr flush dev dummy2"
1406	run_cmd "$IP addr add dev dummy2 172.16.104.2/24 metric 258"
1407	set +e
1408
1409	check_route "172.16.104.0/24 dev dummy1 proto kernel scope link src 172.16.104.1 metric 257 172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 258"
1410	log_test $? 0 "User specified metric on second device"
1411
1412	run_cmd "$IP addr del dev dummy1 172.16.104.1/24 metric 257"
1413	rc=$?
1414	if [ $rc -eq 0 ]; then
1415		check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 258"
1416		rc=$?
1417	fi
1418	log_test $rc 0 "Delete of address on first device"
1419
1420	run_cmd "$IP addr change dev dummy2 172.16.104.2/24 metric 259"
1421	rc=$?
1422	if [ $rc -eq 0 ]; then
1423		check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 259"
1424		rc=$?
1425	fi
1426	log_test $rc 0 "Modify metric of address"
1427
1428	# verify prefix route removed on down
1429	run_cmd "$IP li set dev dummy2 down"
1430	rc=$?
1431	if [ $rc -eq 0 ]; then
1432		out=$($IP ro ls match 172.16.104.0/24)
1433		check_expected "${out}" ""
1434		rc=$?
1435	fi
1436	log_test $rc 0 "Prefix route removed on link down"
1437
1438	# verify prefix route re-inserted with assigned metric
1439	run_cmd "$IP li set dev dummy2 up"
1440	rc=$?
1441	if [ $rc -eq 0 ]; then
1442		check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 259"
1443		rc=$?
1444	fi
1445	log_test $rc 0 "Prefix route with metric on link up"
1446
1447	# explicitly check for metric changes on edge scenarios
1448	run_cmd "$IP addr flush dev dummy2"
1449	run_cmd "$IP addr add dev dummy2 172.16.104.0/24 metric 259"
1450	run_cmd "$IP addr change dev dummy2 172.16.104.0/24 metric 260"
1451	rc=$?
1452	if [ $rc -eq 0 ]; then
1453		check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.0 metric 260"
1454		rc=$?
1455	fi
1456	log_test $rc 0 "Modify metric of .0/24 address"
1457
1458	run_cmd "$IP addr flush dev dummy2"
1459	run_cmd "$IP addr add dev dummy2 172.16.104.1/32 peer 172.16.104.2 metric 260"
1460	run_cmd "$IP addr change dev dummy2 172.16.104.1/32 peer 172.16.104.2 metric 261"
1461	rc=$?
1462	if [ $rc -eq 0 ]; then
1463		check_route "172.16.104.2 dev dummy2 proto kernel scope link src 172.16.104.1 metric 261"
1464		rc=$?
1465	fi
1466	log_test $rc 0 "Modify metric of address with peer route"
1467
1468	$IP li del dummy1
1469	$IP li del dummy2
1470	cleanup
1471}
1472
1473ipv4_route_metrics_test()
1474{
1475	local rc
1476
1477	echo
1478	echo "IPv4 route add / append tests"
1479
1480	route_setup
1481
1482	run_cmd "$IP ro add 172.16.111.0/24 via 172.16.101.2 mtu 1400"
1483	rc=$?
1484	if [ $rc -eq 0 ]; then
1485		check_route "172.16.111.0/24 via 172.16.101.2 dev veth1 mtu 1400"
1486		rc=$?
1487	fi
1488	log_test $rc 0 "Single path route with mtu metric"
1489
1490
1491	run_cmd "$IP ro add 172.16.112.0/24 mtu 1400 nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1492	rc=$?
1493	if [ $rc -eq 0 ]; then
1494		check_route "172.16.112.0/24 mtu 1400 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
1495		rc=$?
1496	fi
1497	log_test $rc 0 "Multipath route with mtu metric"
1498
1499	$IP ro add 172.16.104.0/24 via 172.16.101.2 mtu 1300
1500	run_cmd "ip netns exec ns1 ping -w1 -c1 -s 1500 172.16.104.1"
1501	log_test $? 0 "Using route with mtu metric"
1502
1503	run_cmd "$IP ro add 172.16.111.0/24 via 172.16.101.2 congctl lock foo"
1504	log_test $? 2 "Invalid metric (fails metric_convert)"
1505
1506	route_cleanup
1507}
1508
1509ipv4_del_addr_test()
1510{
1511	echo
1512	echo "IPv4 delete address route tests"
1513
1514	setup
1515
1516	set -e
1517	$IP li add dummy1 type dummy
1518	$IP li set dummy1 up
1519	$IP li add dummy2 type dummy
1520	$IP li set dummy2 up
1521	$IP li add red type vrf table 1111
1522	$IP li set red up
1523	$IP ro add vrf red unreachable default
1524	$IP li set dummy2 vrf red
1525
1526	$IP addr add dev dummy1 172.16.104.1/24
1527	$IP addr add dev dummy1 172.16.104.11/24
1528	$IP addr add dev dummy2 172.16.104.1/24
1529	$IP addr add dev dummy2 172.16.104.11/24
1530	$IP route add 172.16.105.0/24 via 172.16.104.2 src 172.16.104.11
1531	$IP route add vrf red 172.16.105.0/24 via 172.16.104.2 src 172.16.104.11
1532	set +e
1533
1534	# removing address from device in vrf should only remove route from vrf table
1535	$IP addr del dev dummy2 172.16.104.11/24
1536	$IP ro ls vrf red | grep -q 172.16.105.0/24
1537	log_test $? 1 "Route removed from VRF when source address deleted"
1538
1539	$IP ro ls | grep -q 172.16.105.0/24
1540	log_test $? 0 "Route in default VRF not removed"
1541
1542	$IP addr add dev dummy2 172.16.104.11/24
1543	$IP route add vrf red 172.16.105.0/24 via 172.16.104.2 src 172.16.104.11
1544
1545	$IP addr del dev dummy1 172.16.104.11/24
1546	$IP ro ls | grep -q 172.16.105.0/24
1547	log_test $? 1 "Route removed in default VRF when source address deleted"
1548
1549	$IP ro ls vrf red | grep -q 172.16.105.0/24
1550	log_test $? 0 "Route in VRF is not removed by address delete"
1551
1552	$IP li del dummy1
1553	$IP li del dummy2
1554	cleanup
1555}
1556
1557
1558ipv4_route_v6_gw_test()
1559{
1560	local rc
1561
1562	echo
1563	echo "IPv4 route with IPv6 gateway tests"
1564
1565	route_setup
1566	sleep 2
1567
1568	#
1569	# single path route
1570	#
1571	run_cmd "$IP ro add 172.16.104.0/24 via inet6 2001:db8:101::2"
1572	rc=$?
1573	log_test $rc 0 "Single path route with IPv6 gateway"
1574	if [ $rc -eq 0 ]; then
1575		check_route "172.16.104.0/24 via inet6 2001:db8:101::2 dev veth1"
1576	fi
1577
1578	run_cmd "ip netns exec ns1 ping -w1 -c1 172.16.104.1"
1579	log_test $rc 0 "Single path route with IPv6 gateway - ping"
1580
1581	run_cmd "$IP ro del 172.16.104.0/24 via inet6 2001:db8:101::2"
1582	rc=$?
1583	log_test $rc 0 "Single path route delete"
1584	if [ $rc -eq 0 ]; then
1585		check_route "172.16.112.0/24"
1586	fi
1587
1588	#
1589	# multipath - v6 then v4
1590	#
1591	run_cmd "$IP ro add 172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 nexthop via 172.16.103.2 dev veth3"
1592	rc=$?
1593	log_test $rc 0 "Multipath route add - v6 nexthop then v4"
1594	if [ $rc -eq 0 ]; then
1595		check_route "172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
1596	fi
1597
1598	run_cmd "$IP ro del 172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 nexthop via inet6 2001:db8:101::2 dev veth1"
1599	log_test $? 2 "    Multipath route delete - nexthops in wrong order"
1600
1601	run_cmd "$IP ro del 172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 nexthop via 172.16.103.2 dev veth3"
1602	log_test $? 0 "    Multipath route delete exact match"
1603
1604	#
1605	# multipath - v4 then v6
1606	#
1607	run_cmd "$IP ro add 172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 nexthop via inet6 2001:db8:101::2 dev veth1"
1608	rc=$?
1609	log_test $rc 0 "Multipath route add - v4 nexthop then v6"
1610	if [ $rc -eq 0 ]; then
1611		check_route "172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 weight 1 nexthop via inet6 2001:db8:101::2 dev veth1 weight 1"
1612	fi
1613
1614	run_cmd "$IP ro del 172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 nexthop via 172.16.103.2 dev veth3"
1615	log_test $? 2 "    Multipath route delete - nexthops in wrong order"
1616
1617	run_cmd "$IP ro del 172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 nexthop via inet6 2001:db8:101::2 dev veth1"
1618	log_test $? 0 "    Multipath route delete exact match"
1619
1620	route_cleanup
1621}
1622
1623################################################################################
1624# usage
1625
1626usage()
1627{
1628	cat <<EOF
1629usage: ${0##*/} OPTS
1630
1631        -t <test>   Test(s) to run (default: all)
1632                    (options: $TESTS)
1633        -p          Pause on fail
1634        -P          Pause after each test before cleanup
1635        -v          verbose mode (show commands and output)
1636EOF
1637}
1638
1639################################################################################
1640# main
1641
1642while getopts :t:pPhv o
1643do
1644	case $o in
1645		t) TESTS=$OPTARG;;
1646		p) PAUSE_ON_FAIL=yes;;
1647		P) PAUSE=yes;;
1648		v) VERBOSE=$(($VERBOSE + 1));;
1649		h) usage; exit 0;;
1650		*) usage; exit 1;;
1651	esac
1652done
1653
1654PEER_CMD="ip netns exec ${PEER_NS}"
1655
1656# make sure we don't pause twice
1657[ "${PAUSE}" = "yes" ] && PAUSE_ON_FAIL=no
1658
1659if [ "$(id -u)" -ne 0 ];then
1660	echo "SKIP: Need root privileges"
1661	exit $ksft_skip;
1662fi
1663
1664if [ ! -x "$(command -v ip)" ]; then
1665	echo "SKIP: Could not run test without ip tool"
1666	exit $ksft_skip
1667fi
1668
1669ip route help 2>&1 | grep -q fibmatch
1670if [ $? -ne 0 ]; then
1671	echo "SKIP: iproute2 too old, missing fibmatch"
1672	exit $ksft_skip
1673fi
1674
1675# start clean
1676cleanup &> /dev/null
1677
1678for t in $TESTS
1679do
1680	case $t in
1681	fib_unreg_test|unregister)	fib_unreg_test;;
1682	fib_down_test|down)		fib_down_test;;
1683	fib_carrier_test|carrier)	fib_carrier_test;;
1684	fib_rp_filter_test|rp_filter)	fib_rp_filter_test;;
1685	fib_nexthop_test|nexthop)	fib_nexthop_test;;
1686	fib_suppress_test|suppress)	fib_suppress_test;;
1687	ipv6_route_test|ipv6_rt)	ipv6_route_test;;
1688	ipv4_route_test|ipv4_rt)	ipv4_route_test;;
1689	ipv6_addr_metric)		ipv6_addr_metric_test;;
1690	ipv4_addr_metric)		ipv4_addr_metric_test;;
1691	ipv4_del_addr)			ipv4_del_addr_test;;
1692	ipv6_route_metrics)		ipv6_route_metrics_test;;
1693	ipv4_route_metrics)		ipv4_route_metrics_test;;
1694	ipv4_route_v6_gw)		ipv4_route_v6_gw_test;;
1695
1696	help) echo "Test names: $TESTS"; exit 0;;
1697	esac
1698done
1699
1700if [ "$TESTS" != "none" ]; then
1701	printf "\nTests passed: %3d\n" ${nsuccess}
1702	printf "Tests failed: %3d\n"   ${nfail}
1703fi
1704
1705exit $ret
1706