1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0
3
4ALL_TESTS="ping_ipv4"
5NUM_NETIFS=6
6source lib.sh
7
8h1_create()
9{
10	vrf_create "vrf-h1"
11	ip link set dev $h1 master vrf-h1
12
13	ip link set dev vrf-h1 up
14	ip link set dev $h1 up
15
16	ip address add 192.0.2.2/24 dev $h1
17
18	ip route add 198.51.100.0/24 vrf vrf-h1 nexthop via 192.0.2.1
19	ip route add 198.51.200.0/24 vrf vrf-h1 nexthop via 192.0.2.1
20}
21
22h1_destroy()
23{
24	ip route del 198.51.200.0/24 vrf vrf-h1
25	ip route del 198.51.100.0/24 vrf vrf-h1
26
27	ip address del 192.0.2.2/24 dev $h1
28
29	ip link set dev $h1 down
30	vrf_destroy "vrf-h1"
31}
32
33h2_create()
34{
35	vrf_create "vrf-h2"
36	ip link set dev $h2 master vrf-h2
37
38	ip link set dev vrf-h2 up
39	ip link set dev $h2 up
40
41	ip address add 198.51.100.2/24 dev $h2
42
43	ip route add 192.0.2.0/24 vrf vrf-h2 nexthop via 198.51.100.1
44	ip route add 198.51.200.0/24 vrf vrf-h2 nexthop via 198.51.100.1
45}
46
47h2_destroy()
48{
49	ip route del 198.51.200.0/24 vrf vrf-h2
50	ip route del 192.0.2.0/24 vrf vrf-h2
51
52	ip address del 198.51.100.2/24 dev $h2
53
54	ip link set dev $h2 down
55	vrf_destroy "vrf-h2"
56}
57
58h3_create()
59{
60	vrf_create "vrf-h3"
61	ip link set dev $h3 master vrf-h3
62
63	ip link set dev vrf-h3 up
64	ip link set dev $h3 up
65
66	ip address add 198.51.200.2/24 dev $h3
67
68	ip route add 192.0.2.0/24 vrf vrf-h3 nexthop via 198.51.200.1
69	ip route add 198.51.100.0/24 vrf vrf-h3 nexthop via 198.51.200.1
70}
71
72h3_destroy()
73{
74	ip route del 198.51.100.0/24 vrf vrf-h3
75	ip route del 192.0.2.0/24 vrf vrf-h3
76
77	ip address del 198.51.200.2/24 dev $h3
78
79	ip link set dev $h3 down
80	vrf_destroy "vrf-h3"
81}
82
83router_create()
84{
85	ip link set dev $rp1 up
86	ip link set dev $rp2 up
87	ip link set dev $rp3 up
88
89	ip address add 192.0.2.1/24 dev $rp1
90
91	ip address add 198.51.100.1/24 dev $rp2
92	ip address add 198.51.200.1/24 dev $rp3
93}
94
95router_destroy()
96{
97	ip address del 198.51.200.1/24 dev $rp3
98	ip address del 198.51.100.1/24 dev $rp2
99
100	ip address del 192.0.2.1/24 dev $rp1
101
102	ip link set dev $rp3 down
103	ip link set dev $rp2 down
104	ip link set dev $rp1 down
105}
106
107setup_prepare()
108{
109	h1=${NETIFS[p1]}
110	rp1=${NETIFS[p2]}
111
112	rp2=${NETIFS[p3]}
113	h2=${NETIFS[p4]}
114
115	rp3=${NETIFS[p5]}
116	h3=${NETIFS[p6]}
117
118	vrf_prepare
119
120	h1_create
121	h2_create
122	h3_create
123
124	router_create
125
126	forwarding_enable
127}
128
129cleanup()
130{
131	pre_cleanup
132
133	forwarding_restore
134
135	router_destroy
136
137	h3_destroy
138	h2_destroy
139	h1_destroy
140
141	vrf_cleanup
142}
143
144bc_forwarding_disable()
145{
146	sysctl_set net.ipv4.conf.all.bc_forwarding 0
147	sysctl_set net.ipv4.conf.$rp1.bc_forwarding 0
148	sysctl_set net.ipv4.conf.$rp2.bc_forwarding 0
149}
150
151bc_forwarding_enable()
152{
153	sysctl_set net.ipv4.conf.all.bc_forwarding 1
154	sysctl_set net.ipv4.conf.$rp1.bc_forwarding 1
155	sysctl_set net.ipv4.conf.$rp2.bc_forwarding 1
156}
157
158bc_forwarding_restore()
159{
160	sysctl_restore net.ipv4.conf.$rp2.bc_forwarding
161	sysctl_restore net.ipv4.conf.$rp1.bc_forwarding
162	sysctl_restore net.ipv4.conf.all.bc_forwarding
163}
164
165ping_test_from()
166{
167	local oif=$1
168	local dip=$2
169	local from=$3
170	local fail=${4:-0}
171
172	RET=0
173
174	log_info "ping $dip, expected reply from $from"
175	ip vrf exec $(master_name_get $oif) \
176		$PING -I $oif $dip -c 10 -i 0.1 -w $PING_TIMEOUT -b 2>&1 \
177		| grep "bytes from $from" > /dev/null
178	check_err_fail $fail $?
179}
180
181ping_ipv4()
182{
183	sysctl_set net.ipv4.icmp_echo_ignore_broadcasts 0
184
185	bc_forwarding_disable
186	log_info "bc_forwarding disabled on r1 =>"
187	ping_test_from $h1 198.51.100.255 192.0.2.1
188	log_test "h1 -> net2: reply from r1 (not forwarding)"
189	ping_test_from $h1 198.51.200.255 192.0.2.1
190	log_test "h1 -> net3: reply from r1 (not forwarding)"
191	ping_test_from $h1 192.0.2.255 192.0.2.1
192	log_test "h1 -> net1: reply from r1 (not dropping)"
193	ping_test_from $h1 255.255.255.255 192.0.2.1
194	log_test "h1 -> 255.255.255.255: reply from r1 (not forwarding)"
195
196	ping_test_from $h2 192.0.2.255 198.51.100.1
197	log_test "h2 -> net1: reply from r1 (not forwarding)"
198	ping_test_from $h2 198.51.200.255 198.51.100.1
199	log_test "h2 -> net3: reply from r1 (not forwarding)"
200	ping_test_from $h2 198.51.100.255 198.51.100.1
201	log_test "h2 -> net2: reply from r1 (not dropping)"
202	ping_test_from $h2 255.255.255.255 198.51.100.1
203	log_test "h2 -> 255.255.255.255: reply from r1 (not forwarding)"
204	bc_forwarding_restore
205
206	bc_forwarding_enable
207	log_info "bc_forwarding enabled on r1 =>"
208	ping_test_from $h1 198.51.100.255 198.51.100.2
209	log_test "h1 -> net2: reply from h2 (forwarding)"
210	ping_test_from $h1 198.51.200.255 198.51.200.2
211	log_test "h1 -> net3: reply from h3 (forwarding)"
212	ping_test_from $h1 192.0.2.255 192.0.2.1 1
213	log_test "h1 -> net1: no reply (dropping)"
214	ping_test_from $h1 255.255.255.255 192.0.2.1
215	log_test "h1 -> 255.255.255.255: reply from r1 (not forwarding)"
216
217	ping_test_from $h2 192.0.2.255 192.0.2.2
218	log_test "h2 -> net1: reply from h1 (forwarding)"
219	ping_test_from $h2 198.51.200.255 198.51.200.2
220	log_test "h2 -> net3: reply from h3 (forwarding)"
221	ping_test_from $h2 198.51.100.255 198.51.100.1 1
222	log_test "h2 -> net2: no reply (dropping)"
223	ping_test_from $h2 255.255.255.255 198.51.100.1
224	log_test "h2 -> 255.255.255.255: reply from r1 (not forwarding)"
225	bc_forwarding_restore
226
227	sysctl_restore net.ipv4.icmp_echo_ignore_broadcasts
228}
229
230trap cleanup EXIT
231
232setup_prepare
233setup_wait
234
235tests_run
236
237exit $EXIT_STATUS
238