1ec810535SDavid Ahern#!/bin/bash 2ec810535SDavid Ahern# SPDX-License-Identifier: GPL-2.0 3ec810535SDavid Ahern# 4ec810535SDavid Ahern# redirect test 5ec810535SDavid Ahern# 6ec810535SDavid Ahern# .253 +----+ 7ec810535SDavid Ahern# +----| r1 | 8ec810535SDavid Ahern# | +----+ 9ec810535SDavid Ahern# +----+ | |.1 10ec810535SDavid Ahern# | h1 |--------------+ | 10.1.1.0/30 2001:db8:1::0/126 11ec810535SDavid Ahern# +----+ .1 | |.2 12ec810535SDavid Ahern# 172.16.1/24 | +----+ +----+ 13ec810535SDavid Ahern# 2001:db8:16:1/64 +----| r2 |-------------------| h2 | 14ec810535SDavid Ahern# .254 +----+ .254 .2 +----+ 15ec810535SDavid Ahern# 172.16.2/24 16ec810535SDavid Ahern# 2001:db8:16:2/64 17ec810535SDavid Ahern# 18ec810535SDavid Ahern# Route from h1 to h2 goes through r1, eth1 - connection between r1 and r2. 19ec810535SDavid Ahern# Route on r1 changed to go to r2 via eth0. This causes a redirect to be sent 20ec810535SDavid Ahern# from r1 to h1 telling h1 to use r2 when talking to h2. 21ec810535SDavid Ahern 22ec810535SDavid AhernVERBOSE=0 23ec810535SDavid AhernPAUSE_ON_FAIL=no 24ec810535SDavid Ahern 25ec810535SDavid AhernH1_N1_IP=172.16.1.1 26ec810535SDavid AhernR1_N1_IP=172.16.1.253 27ec810535SDavid AhernR2_N1_IP=172.16.1.254 28ec810535SDavid Ahern 29ec810535SDavid AhernH1_N1_IP6=2001:db8:16:1::1 30ec810535SDavid AhernR1_N1_IP6=2001:db8:16:1::253 31ec810535SDavid AhernR2_N1_IP6=2001:db8:16:1::254 32ec810535SDavid Ahern 33ec810535SDavid AhernR1_R2_N1_IP=10.1.1.1 34ec810535SDavid AhernR2_R1_N1_IP=10.1.1.2 35ec810535SDavid Ahern 36ec810535SDavid AhernR1_R2_N1_IP6=2001:db8:1::1 37ec810535SDavid AhernR2_R1_N1_IP6=2001:db8:1::2 38ec810535SDavid Ahern 39ec810535SDavid AhernH2_N2=172.16.2.0/24 40ec810535SDavid AhernH2_N2_6=2001:db8:16:2::/64 41ec810535SDavid AhernH2_N2_IP=172.16.2.2 42ec810535SDavid AhernR2_N2_IP=172.16.2.254 43ec810535SDavid AhernH2_N2_IP6=2001:db8:16:2::2 44ec810535SDavid AhernR2_N2_IP6=2001:db8:16:2::254 45ec810535SDavid Ahern 46ec810535SDavid AhernVRF=red 47ec810535SDavid AhernVRF_TABLE=1111 48ec810535SDavid Ahern 49ec810535SDavid Ahern################################################################################ 50ec810535SDavid Ahern# helpers 51ec810535SDavid Ahern 52ec810535SDavid Ahernlog_section() 53ec810535SDavid Ahern{ 54ec810535SDavid Ahern echo 55ec810535SDavid Ahern echo "###########################################################################" 56ec810535SDavid Ahern echo "$*" 57ec810535SDavid Ahern echo "###########################################################################" 58ec810535SDavid Ahern echo 59ec810535SDavid Ahern} 60ec810535SDavid Ahern 61ec810535SDavid Ahernlog_test() 62ec810535SDavid Ahern{ 63ec810535SDavid Ahern local rc=$1 64ec810535SDavid Ahern local expected=$2 65ec810535SDavid Ahern local msg="$3" 660a36a75cSAndrea Righi local xfail=$4 67ec810535SDavid Ahern 68ec810535SDavid Ahern if [ ${rc} -eq ${expected} ]; then 69ec810535SDavid Ahern printf "TEST: %-60s [ OK ]\n" "${msg}" 70ec810535SDavid Ahern nsuccess=$((nsuccess+1)) 710a36a75cSAndrea Righi elif [ ${rc} -eq ${xfail} ]; then 720a36a75cSAndrea Righi printf "TEST: %-60s [XFAIL]\n" "${msg}" 730a36a75cSAndrea Righi nxfail=$((nxfail+1)) 74ec810535SDavid Ahern else 75ec810535SDavid Ahern ret=1 76ec810535SDavid Ahern nfail=$((nfail+1)) 77ec810535SDavid Ahern printf "TEST: %-60s [FAIL]\n" "${msg}" 78ec810535SDavid Ahern if [ "${PAUSE_ON_FAIL}" = "yes" ]; then 79ec810535SDavid Ahern echo 80ec810535SDavid Ahern echo "hit enter to continue, 'q' to quit" 81ec810535SDavid Ahern read a 82ec810535SDavid Ahern [ "$a" = "q" ] && exit 1 83ec810535SDavid Ahern fi 84ec810535SDavid Ahern fi 85ec810535SDavid Ahern} 86ec810535SDavid Ahern 8799513cfaSDavid Ahernlog_debug() 8899513cfaSDavid Ahern{ 8999513cfaSDavid Ahern if [ "$VERBOSE" = "1" ]; then 9099513cfaSDavid Ahern echo "$*" 9199513cfaSDavid Ahern fi 9299513cfaSDavid Ahern} 9399513cfaSDavid Ahern 94ec810535SDavid Ahernrun_cmd() 95ec810535SDavid Ahern{ 96ec810535SDavid Ahern local cmd="$*" 97ec810535SDavid Ahern local out 98ec810535SDavid Ahern local rc 99ec810535SDavid Ahern 100ec810535SDavid Ahern if [ "$VERBOSE" = "1" ]; then 101ec810535SDavid Ahern echo "COMMAND: $cmd" 102ec810535SDavid Ahern fi 103ec810535SDavid Ahern 104ec810535SDavid Ahern out=$(eval $cmd 2>&1) 105ec810535SDavid Ahern rc=$? 106ec810535SDavid Ahern if [ "$VERBOSE" = "1" -a -n "$out" ]; then 107ec810535SDavid Ahern echo "$out" 108ec810535SDavid Ahern fi 109ec810535SDavid Ahern 110ec810535SDavid Ahern [ "$VERBOSE" = "1" ] && echo 111ec810535SDavid Ahern 112ec810535SDavid Ahern return $rc 113ec810535SDavid Ahern} 114ec810535SDavid Ahern 115ec810535SDavid Ahernget_linklocal() 116ec810535SDavid Ahern{ 117ec810535SDavid Ahern local ns=$1 118ec810535SDavid Ahern local dev=$2 119ec810535SDavid Ahern local addr 120ec810535SDavid Ahern 121ec810535SDavid Ahern addr=$(ip -netns $ns -6 -br addr show dev ${dev} | \ 122ec810535SDavid Ahern awk '{ 123ec810535SDavid Ahern for (i = 3; i <= NF; ++i) { 124ec810535SDavid Ahern if ($i ~ /^fe80/) 125ec810535SDavid Ahern print $i 126ec810535SDavid Ahern } 127ec810535SDavid Ahern }' 128ec810535SDavid Ahern ) 129ec810535SDavid Ahern addr=${addr/\/*} 130ec810535SDavid Ahern 131ec810535SDavid Ahern [ -z "$addr" ] && return 1 132ec810535SDavid Ahern 133ec810535SDavid Ahern echo $addr 134ec810535SDavid Ahern 135ec810535SDavid Ahern return 0 136ec810535SDavid Ahern} 137ec810535SDavid Ahern 138ec810535SDavid Ahern################################################################################ 139ec810535SDavid Ahern# setup and teardown 140ec810535SDavid Ahern 141ec810535SDavid Aherncleanup() 142ec810535SDavid Ahern{ 143ec810535SDavid Ahern local ns 144ec810535SDavid Ahern 145ec810535SDavid Ahern for ns in h1 h2 r1 r2; do 146ec810535SDavid Ahern ip netns del $ns 2>/dev/null 147ec810535SDavid Ahern done 148ec810535SDavid Ahern} 149ec810535SDavid Ahern 150ec810535SDavid Aherncreate_vrf() 151ec810535SDavid Ahern{ 152ec810535SDavid Ahern local ns=$1 153ec810535SDavid Ahern 154ec810535SDavid Ahern ip -netns ${ns} link add ${VRF} type vrf table ${VRF_TABLE} 155ec810535SDavid Ahern ip -netns ${ns} link set ${VRF} up 156ec810535SDavid Ahern ip -netns ${ns} route add vrf ${VRF} unreachable default metric 8192 157ec810535SDavid Ahern ip -netns ${ns} -6 route add vrf ${VRF} unreachable default metric 8192 158ec810535SDavid Ahern 159ec810535SDavid Ahern ip -netns ${ns} addr add 127.0.0.1/8 dev ${VRF} 160ec810535SDavid Ahern ip -netns ${ns} -6 addr add ::1 dev ${VRF} nodad 161ec810535SDavid Ahern 162ec810535SDavid Ahern ip -netns ${ns} ru del pref 0 163ec810535SDavid Ahern ip -netns ${ns} ru add pref 32765 from all lookup local 164ec810535SDavid Ahern ip -netns ${ns} -6 ru del pref 0 165ec810535SDavid Ahern ip -netns ${ns} -6 ru add pref 32765 from all lookup local 166ec810535SDavid Ahern} 167ec810535SDavid Ahern 168ec810535SDavid Ahernsetup() 169ec810535SDavid Ahern{ 170ec810535SDavid Ahern local ns 171ec810535SDavid Ahern 172ec810535SDavid Ahern # 173ec810535SDavid Ahern # create nodes as namespaces 174ec810535SDavid Ahern # 175ec810535SDavid Ahern for ns in h1 h2 r1 r2; do 176ec810535SDavid Ahern ip netns add $ns 177ec810535SDavid Ahern ip -netns $ns li set lo up 178ec810535SDavid Ahern 179ec810535SDavid Ahern case "${ns}" in 180ec810535SDavid Ahern h[12]) ip netns exec $ns sysctl -q -w net.ipv4.conf.all.accept_redirects=1 18199513cfaSDavid Ahern ip netns exec $ns sysctl -q -w net.ipv6.conf.all.forwarding=0 182ec810535SDavid Ahern ip netns exec $ns sysctl -q -w net.ipv6.conf.all.accept_redirects=1 183ec810535SDavid Ahern ip netns exec $ns sysctl -q -w net.ipv6.conf.all.keep_addr_on_down=1 184ec810535SDavid Ahern ;; 185ec810535SDavid Ahern r[12]) ip netns exec $ns sysctl -q -w net.ipv4.ip_forward=1 186ec810535SDavid Ahern ip netns exec $ns sysctl -q -w net.ipv4.conf.all.send_redirects=1 187bcf7ddb0SDavid Ahern ip netns exec $ns sysctl -q -w net.ipv4.conf.default.rp_filter=0 188bcf7ddb0SDavid Ahern ip netns exec $ns sysctl -q -w net.ipv4.conf.all.rp_filter=0 189ec810535SDavid Ahern 190ec810535SDavid Ahern ip netns exec $ns sysctl -q -w net.ipv6.conf.all.forwarding=1 191ec810535SDavid Ahern ip netns exec $ns sysctl -q -w net.ipv6.route.mtu_expires=10 192ec810535SDavid Ahern esac 193ec810535SDavid Ahern done 194ec810535SDavid Ahern 195ec810535SDavid Ahern # 196ec810535SDavid Ahern # create interconnects 197ec810535SDavid Ahern # 198ec810535SDavid Ahern ip -netns h1 li add eth0 type veth peer name r1h1 199ec810535SDavid Ahern ip -netns h1 li set r1h1 netns r1 name eth0 up 200ec810535SDavid Ahern 201ec810535SDavid Ahern ip -netns h1 li add eth1 type veth peer name r2h1 202ec810535SDavid Ahern ip -netns h1 li set r2h1 netns r2 name eth0 up 203ec810535SDavid Ahern 204ec810535SDavid Ahern ip -netns h2 li add eth0 type veth peer name r2h2 205ec810535SDavid Ahern ip -netns h2 li set eth0 up 206ec810535SDavid Ahern ip -netns h2 li set r2h2 netns r2 name eth2 up 207ec810535SDavid Ahern 208ec810535SDavid Ahern ip -netns r1 li add eth1 type veth peer name r2r1 209ec810535SDavid Ahern ip -netns r1 li set eth1 up 210ec810535SDavid Ahern ip -netns r1 li set r2r1 netns r2 name eth1 up 211ec810535SDavid Ahern 212ec810535SDavid Ahern # 213ec810535SDavid Ahern # h1 214ec810535SDavid Ahern # 215ec810535SDavid Ahern if [ "${WITH_VRF}" = "yes" ]; then 216ec810535SDavid Ahern create_vrf "h1" 217ec810535SDavid Ahern H1_VRF_ARG="vrf ${VRF}" 218ec810535SDavid Ahern H1_PING_ARG="-I ${VRF}" 219ec810535SDavid Ahern else 220ec810535SDavid Ahern H1_VRF_ARG= 221ec810535SDavid Ahern H1_PING_ARG= 222ec810535SDavid Ahern fi 223ec810535SDavid Ahern ip -netns h1 li add br0 type bridge 224ec810535SDavid Ahern if [ "${WITH_VRF}" = "yes" ]; then 225ec810535SDavid Ahern ip -netns h1 li set br0 vrf ${VRF} up 226ec810535SDavid Ahern else 227ec810535SDavid Ahern ip -netns h1 li set br0 up 228ec810535SDavid Ahern fi 229ec810535SDavid Ahern ip -netns h1 addr add dev br0 ${H1_N1_IP}/24 230ec810535SDavid Ahern ip -netns h1 -6 addr add dev br0 ${H1_N1_IP6}/64 nodad 231ec810535SDavid Ahern ip -netns h1 li set eth0 master br0 up 232ec810535SDavid Ahern ip -netns h1 li set eth1 master br0 up 233ec810535SDavid Ahern 234ec810535SDavid Ahern # 235ec810535SDavid Ahern # h2 236ec810535SDavid Ahern # 237ec810535SDavid Ahern ip -netns h2 addr add dev eth0 ${H2_N2_IP}/24 238ec810535SDavid Ahern ip -netns h2 ro add default via ${R2_N2_IP} dev eth0 239ec810535SDavid Ahern ip -netns h2 -6 addr add dev eth0 ${H2_N2_IP6}/64 nodad 240ec810535SDavid Ahern ip -netns h2 -6 ro add default via ${R2_N2_IP6} dev eth0 241ec810535SDavid Ahern 242ec810535SDavid Ahern # 243ec810535SDavid Ahern # r1 244ec810535SDavid Ahern # 245ec810535SDavid Ahern ip -netns r1 addr add dev eth0 ${R1_N1_IP}/24 246ec810535SDavid Ahern ip -netns r1 -6 addr add dev eth0 ${R1_N1_IP6}/64 nodad 247ec810535SDavid Ahern ip -netns r1 addr add dev eth1 ${R1_R2_N1_IP}/30 248ec810535SDavid Ahern ip -netns r1 -6 addr add dev eth1 ${R1_R2_N1_IP6}/126 nodad 249ec810535SDavid Ahern 250ec810535SDavid Ahern # 251ec810535SDavid Ahern # r2 252ec810535SDavid Ahern # 253ec810535SDavid Ahern ip -netns r2 addr add dev eth0 ${R2_N1_IP}/24 254ec810535SDavid Ahern ip -netns r2 -6 addr add dev eth0 ${R2_N1_IP6}/64 nodad 255ec810535SDavid Ahern ip -netns r2 addr add dev eth1 ${R2_R1_N1_IP}/30 256ec810535SDavid Ahern ip -netns r2 -6 addr add dev eth1 ${R2_R1_N1_IP6}/126 nodad 257ec810535SDavid Ahern ip -netns r2 addr add dev eth2 ${R2_N2_IP}/24 258ec810535SDavid Ahern ip -netns r2 -6 addr add dev eth2 ${R2_N2_IP6}/64 nodad 259ec810535SDavid Ahern 260ec810535SDavid Ahern sleep 2 261ec810535SDavid Ahern 262ec810535SDavid Ahern R1_LLADDR=$(get_linklocal r1 eth0) 263ec810535SDavid Ahern if [ $? -ne 0 ]; then 264ec810535SDavid Ahern echo "Error: Failed to get link-local address of r1's eth0" 265ec810535SDavid Ahern exit 1 266ec810535SDavid Ahern fi 26799513cfaSDavid Ahern log_debug "initial gateway is R1's lladdr = ${R1_LLADDR}" 268ec810535SDavid Ahern 269ec810535SDavid Ahern R2_LLADDR=$(get_linklocal r2 eth0) 270ec810535SDavid Ahern if [ $? -ne 0 ]; then 271ec810535SDavid Ahern echo "Error: Failed to get link-local address of r2's eth0" 272ec810535SDavid Ahern exit 1 273ec810535SDavid Ahern fi 27499513cfaSDavid Ahern log_debug "initial gateway is R2's lladdr = ${R2_LLADDR}" 275ec810535SDavid Ahern} 276ec810535SDavid Ahern 277ec810535SDavid Ahernchange_h2_mtu() 278ec810535SDavid Ahern{ 279ec810535SDavid Ahern local mtu=$1 280ec810535SDavid Ahern 281ec810535SDavid Ahern run_cmd ip -netns h2 li set eth0 mtu ${mtu} 282ec810535SDavid Ahern run_cmd ip -netns r2 li set eth2 mtu ${mtu} 283ec810535SDavid Ahern} 284ec810535SDavid Ahern 285ec810535SDavid Aherncheck_exception() 286ec810535SDavid Ahern{ 287ec810535SDavid Ahern local mtu="$1" 288ec810535SDavid Ahern local with_redirect="$2" 289ec810535SDavid Ahern local desc="$3" 290ec810535SDavid Ahern 291ec810535SDavid Ahern # From 172.16.1.101: icmp_seq=1 Redirect Host(New nexthop: 172.16.1.102) 292ec810535SDavid Ahern if [ "$VERBOSE" = "1" ]; then 293ec810535SDavid Ahern echo "Commands to check for exception:" 294ec810535SDavid Ahern run_cmd ip -netns h1 ro get ${H1_VRF_ARG} ${H2_N2_IP} 295ec810535SDavid Ahern run_cmd ip -netns h1 -6 ro get ${H1_VRF_ARG} ${H2_N2_IP6} 296ec810535SDavid Ahern fi 297ec810535SDavid Ahern 298ec810535SDavid Ahern if [ -n "${mtu}" ]; then 299ec810535SDavid Ahern mtu=" mtu ${mtu}" 300ec810535SDavid Ahern fi 301ec810535SDavid Ahern if [ "$with_redirect" = "yes" ]; then 302ec810535SDavid Ahern ip -netns h1 ro get ${H1_VRF_ARG} ${H2_N2_IP} | \ 303ec810535SDavid Ahern grep -q "cache <redirected> expires [0-9]*sec${mtu}" 304ec810535SDavid Ahern elif [ -n "${mtu}" ]; then 305ec810535SDavid Ahern ip -netns h1 ro get ${H1_VRF_ARG} ${H2_N2_IP} | \ 306ec810535SDavid Ahern grep -q "cache expires [0-9]*sec${mtu}" 307ec810535SDavid Ahern else 30899513cfaSDavid Ahern # want to verify that neither mtu nor redirected appears in 30999513cfaSDavid Ahern # the route get output. The -v will wipe out the cache line 31099513cfaSDavid Ahern # if either are set so the last grep -q will not find a match 311ec810535SDavid Ahern ip -netns h1 ro get ${H1_VRF_ARG} ${H2_N2_IP} | \ 31299513cfaSDavid Ahern grep -E -v 'mtu|redirected' | grep -q "cache" 313ec810535SDavid Ahern fi 314*a4377575SPo-Hsu Lin log_test $? 0 "IPv4: ${desc}" 0 315ec810535SDavid Ahern 3160e02bf5dSHangbin Liu # No PMTU info for test "redirect" and "mtu exception plus redirect" 3170e02bf5dSHangbin Liu if [ "$with_redirect" = "yes" ] && [ "$desc" != "redirect exception plus mtu" ]; then 31899513cfaSDavid Ahern ip -netns h1 -6 ro get ${H1_VRF_ARG} ${H2_N2_IP6} | \ 3190e02bf5dSHangbin Liu grep -v "mtu" | grep -q "${H2_N2_IP6} .*via ${R2_LLADDR} dev br0" 32099513cfaSDavid Ahern elif [ -n "${mtu}" ]; then 32199513cfaSDavid Ahern ip -netns h1 -6 ro get ${H1_VRF_ARG} ${H2_N2_IP6} | \ 32299513cfaSDavid Ahern grep -q "${mtu}" 323ec810535SDavid Ahern else 32499513cfaSDavid Ahern # IPv6 is a bit harder. First strip out the match if it 32599513cfaSDavid Ahern # contains an mtu exception and then look for the first 32699513cfaSDavid Ahern # gateway - R1's lladdr 32799513cfaSDavid Ahern ip -netns h1 -6 ro get ${H1_VRF_ARG} ${H2_N2_IP6} | \ 32899513cfaSDavid Ahern grep -v "mtu" | grep -q "${R1_LLADDR}" 329ec810535SDavid Ahern fi 3300a36a75cSAndrea Righi log_test $? 0 "IPv6: ${desc}" 1 331ec810535SDavid Ahern} 332ec810535SDavid Ahern 333ec810535SDavid Ahernrun_ping() 334ec810535SDavid Ahern{ 335ec810535SDavid Ahern local sz=$1 336ec810535SDavid Ahern 33799513cfaSDavid Ahern run_cmd ip netns exec h1 ping -q -M want -i 0.5 -c 10 -w 2 -s ${sz} ${H1_PING_ARG} ${H2_N2_IP} 33899513cfaSDavid Ahern run_cmd ip netns exec h1 ${ping6} -q -M want -i 0.5 -c 10 -w 2 -s ${sz} ${H1_PING_ARG} ${H2_N2_IP6} 339ec810535SDavid Ahern} 340ec810535SDavid Ahern 341622946d9SDavid Ahernreplace_route_new() 342622946d9SDavid Ahern{ 343622946d9SDavid Ahern # r1 to h2 via r2 and eth0 344622946d9SDavid Ahern run_cmd ip -netns r1 nexthop replace id 1 via ${R2_N1_IP} dev eth0 345622946d9SDavid Ahern run_cmd ip -netns r1 nexthop replace id 2 via ${R2_LLADDR} dev eth0 346622946d9SDavid Ahern} 347622946d9SDavid Ahern 348622946d9SDavid Ahernreset_route_new() 349622946d9SDavid Ahern{ 350622946d9SDavid Ahern run_cmd ip -netns r1 nexthop flush 351622946d9SDavid Ahern run_cmd ip -netns h1 nexthop flush 352622946d9SDavid Ahern 353622946d9SDavid Ahern initial_route_new 354622946d9SDavid Ahern} 355622946d9SDavid Ahern 356622946d9SDavid Aherninitial_route_new() 357622946d9SDavid Ahern{ 358622946d9SDavid Ahern # r1 to h2 via r2 and eth1 359622946d9SDavid Ahern run_cmd ip -netns r1 nexthop add id 1 via ${R2_R1_N1_IP} dev eth1 360622946d9SDavid Ahern run_cmd ip -netns r1 ro add ${H2_N2} nhid 1 361622946d9SDavid Ahern 362622946d9SDavid Ahern run_cmd ip -netns r1 nexthop add id 2 via ${R2_R1_N1_IP6} dev eth1 363622946d9SDavid Ahern run_cmd ip -netns r1 -6 ro add ${H2_N2_6} nhid 2 364622946d9SDavid Ahern 365622946d9SDavid Ahern # h1 to h2 via r1 366622946d9SDavid Ahern run_cmd ip -netns h1 nexthop add id 1 via ${R1_N1_IP} dev br0 367622946d9SDavid Ahern run_cmd ip -netns h1 ro add ${H1_VRF_ARG} ${H2_N2} nhid 1 368622946d9SDavid Ahern 369622946d9SDavid Ahern run_cmd ip -netns h1 nexthop add id 2 via ${R1_LLADDR} dev br0 370622946d9SDavid Ahern run_cmd ip -netns h1 -6 ro add ${H1_VRF_ARG} ${H2_N2_6} nhid 2 371622946d9SDavid Ahern} 372622946d9SDavid Ahern 373ec810535SDavid Ahernreplace_route_legacy() 374ec810535SDavid Ahern{ 375ec810535SDavid Ahern # r1 to h2 via r2 and eth0 376ec810535SDavid Ahern run_cmd ip -netns r1 ro replace ${H2_N2} via ${R2_N1_IP} dev eth0 377ec810535SDavid Ahern run_cmd ip -netns r1 -6 ro replace ${H2_N2_6} via ${R2_LLADDR} dev eth0 378ec810535SDavid Ahern} 379ec810535SDavid Ahern 38099513cfaSDavid Ahernreset_route_legacy() 38199513cfaSDavid Ahern{ 38299513cfaSDavid Ahern run_cmd ip -netns r1 ro del ${H2_N2} 38399513cfaSDavid Ahern run_cmd ip -netns r1 -6 ro del ${H2_N2_6} 38499513cfaSDavid Ahern 38599513cfaSDavid Ahern run_cmd ip -netns h1 ro del ${H1_VRF_ARG} ${H2_N2} 38699513cfaSDavid Ahern run_cmd ip -netns h1 -6 ro del ${H1_VRF_ARG} ${H2_N2_6} 38799513cfaSDavid Ahern 38899513cfaSDavid Ahern initial_route_legacy 38999513cfaSDavid Ahern} 39099513cfaSDavid Ahern 391ec810535SDavid Aherninitial_route_legacy() 392ec810535SDavid Ahern{ 393ec810535SDavid Ahern # r1 to h2 via r2 and eth1 394ec810535SDavid Ahern run_cmd ip -netns r1 ro add ${H2_N2} via ${R2_R1_N1_IP} dev eth1 395ec810535SDavid Ahern run_cmd ip -netns r1 -6 ro add ${H2_N2_6} via ${R2_R1_N1_IP6} dev eth1 396ec810535SDavid Ahern 397ec810535SDavid Ahern # h1 to h2 via r1 398ec810535SDavid Ahern # - IPv6 redirect only works if gateway is the LLA 399ec810535SDavid Ahern run_cmd ip -netns h1 ro add ${H1_VRF_ARG} ${H2_N2} via ${R1_N1_IP} dev br0 400ec810535SDavid Ahern run_cmd ip -netns h1 -6 ro add ${H1_VRF_ARG} ${H2_N2_6} via ${R1_LLADDR} dev br0 401ec810535SDavid Ahern} 402ec810535SDavid Ahern 403ec810535SDavid Aherncheck_connectivity() 404ec810535SDavid Ahern{ 405ec810535SDavid Ahern local rc 406ec810535SDavid Ahern 407ec810535SDavid Ahern run_cmd ip netns exec h1 ping -c1 -w1 ${H1_PING_ARG} ${H2_N2_IP} 408ec810535SDavid Ahern rc=$? 409ec810535SDavid Ahern run_cmd ip netns exec h1 ${ping6} -c1 -w1 ${H1_PING_ARG} ${H2_N2_IP6} 410ec810535SDavid Ahern [ $? -ne 0 ] && rc=$? 411ec810535SDavid Ahern 412ec810535SDavid Ahern return $rc 413ec810535SDavid Ahern} 414ec810535SDavid Ahern 415ec810535SDavid Aherndo_test() 416ec810535SDavid Ahern{ 417ec810535SDavid Ahern local ttype="$1" 418ec810535SDavid Ahern 419ec810535SDavid Ahern eval initial_route_${ttype} 420ec810535SDavid Ahern 421ec810535SDavid Ahern # verify connectivity 422ec810535SDavid Ahern check_connectivity 423ec810535SDavid Ahern if [ $? -ne 0 ]; then 424ec810535SDavid Ahern echo "Error: Basic connectivity is broken" 425ec810535SDavid Ahern ret=1 426ec810535SDavid Ahern return 427ec810535SDavid Ahern fi 428ec810535SDavid Ahern 429ec810535SDavid Ahern # redirect exception followed by mtu 430ec810535SDavid Ahern eval replace_route_${ttype} 431ec810535SDavid Ahern run_ping 64 432ec810535SDavid Ahern check_exception "" "yes" "redirect exception" 433ec810535SDavid Ahern 434ec810535SDavid Ahern check_connectivity 435ec810535SDavid Ahern if [ $? -ne 0 ]; then 436ec810535SDavid Ahern echo "Error: Basic connectivity is broken after redirect" 437ec810535SDavid Ahern ret=1 438ec810535SDavid Ahern return 439ec810535SDavid Ahern fi 440ec810535SDavid Ahern 441ec810535SDavid Ahern change_h2_mtu 1300 442ec810535SDavid Ahern run_ping 1350 443ec810535SDavid Ahern check_exception "1300" "yes" "redirect exception plus mtu" 444ec810535SDavid Ahern 445ec810535SDavid Ahern # remove exceptions and restore routing 446ec810535SDavid Ahern change_h2_mtu 1500 44799513cfaSDavid Ahern eval reset_route_${ttype} 448ec810535SDavid Ahern 449ec810535SDavid Ahern check_connectivity 450ec810535SDavid Ahern if [ $? -ne 0 ]; then 451ec810535SDavid Ahern echo "Error: Basic connectivity is broken after reset" 452ec810535SDavid Ahern ret=1 453ec810535SDavid Ahern return 454ec810535SDavid Ahern fi 455ec810535SDavid Ahern check_exception "" "no" "routing reset" 456ec810535SDavid Ahern 457ec810535SDavid Ahern # MTU exception followed by redirect 458ec810535SDavid Ahern change_h2_mtu 1300 459ec810535SDavid Ahern run_ping 1350 460ec810535SDavid Ahern check_exception "1300" "no" "mtu exception" 461ec810535SDavid Ahern 462ec810535SDavid Ahern eval replace_route_${ttype} 463ec810535SDavid Ahern run_ping 64 464ec810535SDavid Ahern check_exception "1300" "yes" "mtu exception plus redirect" 465ec810535SDavid Ahern 466ec810535SDavid Ahern check_connectivity 467ec810535SDavid Ahern if [ $? -ne 0 ]; then 468ec810535SDavid Ahern echo "Error: Basic connectivity is broken after redirect" 469ec810535SDavid Ahern ret=1 470ec810535SDavid Ahern return 471ec810535SDavid Ahern fi 472ec810535SDavid Ahern} 473ec810535SDavid Ahern 474ec810535SDavid Ahern################################################################################ 475ec810535SDavid Ahern# usage 476ec810535SDavid Ahern 477ec810535SDavid Ahernusage() 478ec810535SDavid Ahern{ 479ec810535SDavid Ahern cat <<EOF 480ec810535SDavid Ahernusage: ${0##*/} OPTS 481ec810535SDavid Ahern 482ec810535SDavid Ahern -p Pause on fail 483ec810535SDavid Ahern -v verbose mode (show commands and output) 484ec810535SDavid AhernEOF 485ec810535SDavid Ahern} 486ec810535SDavid Ahern 487ec810535SDavid Ahern################################################################################ 488ec810535SDavid Ahern# main 489ec810535SDavid Ahern 490ec810535SDavid Ahern# Some systems don't have a ping6 binary anymore 491ec810535SDavid Ahernwhich ping6 > /dev/null 2>&1 && ping6=$(which ping6) || ping6=$(which ping) 492ec810535SDavid Ahern 493ec810535SDavid Ahernret=0 494ec810535SDavid Ahernnsuccess=0 495ec810535SDavid Ahernnfail=0 4960a36a75cSAndrea Righinxfail=0 497ec810535SDavid Ahern 498ec810535SDavid Ahernwhile getopts :pv o 499ec810535SDavid Aherndo 500ec810535SDavid Ahern case $o in 501ec810535SDavid Ahern p) PAUSE_ON_FAIL=yes;; 502ec810535SDavid Ahern v) VERBOSE=$(($VERBOSE + 1));; 503ec810535SDavid Ahern *) usage; exit 1;; 504ec810535SDavid Ahern esac 505ec810535SDavid Aherndone 506ec810535SDavid Ahern 507ec810535SDavid Aherntrap cleanup EXIT 508ec810535SDavid Ahern 509ec810535SDavid Aherncleanup 510ec810535SDavid AhernWITH_VRF=no 511ec810535SDavid Ahernsetup 512ec810535SDavid Ahern 513ec810535SDavid Ahernlog_section "Legacy routing" 514ec810535SDavid Aherndo_test "legacy" 515ec810535SDavid Ahern 516ec810535SDavid Aherncleanup 517ec810535SDavid Ahernlog_section "Legacy routing with VRF" 518ec810535SDavid AhernWITH_VRF=yes 519ec810535SDavid Ahernsetup 520ec810535SDavid Aherndo_test "legacy" 521ec810535SDavid Ahern 522622946d9SDavid Aherncleanup 523622946d9SDavid Ahernlog_section "Routing with nexthop objects" 524622946d9SDavid Ahernip nexthop ls >/dev/null 2>&1 525622946d9SDavid Ahernif [ $? -eq 0 ]; then 526622946d9SDavid Ahern WITH_VRF=no 527622946d9SDavid Ahern setup 528622946d9SDavid Ahern do_test "new" 529622946d9SDavid Ahern 530622946d9SDavid Ahern cleanup 531622946d9SDavid Ahern log_section "Routing with nexthop objects and VRF" 532622946d9SDavid Ahern WITH_VRF=yes 533622946d9SDavid Ahern setup 534622946d9SDavid Ahern do_test "new" 535622946d9SDavid Ahernelse 536622946d9SDavid Ahern echo "Nexthop objects not supported; skipping tests" 537622946d9SDavid Ahernfi 538622946d9SDavid Ahern 539ec810535SDavid Ahernprintf "\nTests passed: %3d\n" ${nsuccess} 540ec810535SDavid Ahernprintf "Tests failed: %3d\n" ${nfail} 5410a36a75cSAndrea Righiprintf "Tests xfailed: %3d\n" ${nxfail} 542ec810535SDavid Ahern 543ec810535SDavid Ahernexit $ret 544