1ec810535SDavid Ahern#!/bin/bash 2ec810535SDavid Ahern# SPDX-License-Identifier: GPL-2.0 3ec810535SDavid Ahern# 4ec810535SDavid Ahern# redirect test 5ec810535SDavid Ahern# 6ec810535SDavid Ahern# .253 +----+ 7ec810535SDavid Ahern# +----| r1 | 8ec810535SDavid Ahern# | +----+ 9ec810535SDavid Ahern# +----+ | |.1 10ec810535SDavid Ahern# | h1 |--------------+ | 10.1.1.0/30 2001:db8:1::0/126 11ec810535SDavid Ahern# +----+ .1 | |.2 12ec810535SDavid Ahern# 172.16.1/24 | +----+ +----+ 13ec810535SDavid Ahern# 2001:db8:16:1/64 +----| r2 |-------------------| h2 | 14ec810535SDavid Ahern# .254 +----+ .254 .2 +----+ 15ec810535SDavid Ahern# 172.16.2/24 16ec810535SDavid Ahern# 2001:db8:16:2/64 17ec810535SDavid Ahern# 18ec810535SDavid Ahern# Route from h1 to h2 goes through r1, eth1 - connection between r1 and r2. 19ec810535SDavid Ahern# Route on r1 changed to go to r2 via eth0. This causes a redirect to be sent 20ec810535SDavid Ahern# from r1 to h1 telling h1 to use r2 when talking to h2. 21ec810535SDavid Ahern 22ec810535SDavid AhernVERBOSE=0 23ec810535SDavid AhernPAUSE_ON_FAIL=no 24ec810535SDavid Ahern 25ec810535SDavid AhernH1_N1_IP=172.16.1.1 26ec810535SDavid AhernR1_N1_IP=172.16.1.253 27ec810535SDavid AhernR2_N1_IP=172.16.1.254 28ec810535SDavid Ahern 29ec810535SDavid AhernH1_N1_IP6=2001:db8:16:1::1 30ec810535SDavid AhernR1_N1_IP6=2001:db8:16:1::253 31ec810535SDavid AhernR2_N1_IP6=2001:db8:16:1::254 32ec810535SDavid Ahern 33ec810535SDavid AhernR1_R2_N1_IP=10.1.1.1 34ec810535SDavid AhernR2_R1_N1_IP=10.1.1.2 35ec810535SDavid Ahern 36ec810535SDavid AhernR1_R2_N1_IP6=2001:db8:1::1 37ec810535SDavid AhernR2_R1_N1_IP6=2001:db8:1::2 38ec810535SDavid Ahern 39ec810535SDavid AhernH2_N2=172.16.2.0/24 40ec810535SDavid AhernH2_N2_6=2001:db8:16:2::/64 41ec810535SDavid AhernH2_N2_IP=172.16.2.2 42ec810535SDavid AhernR2_N2_IP=172.16.2.254 43ec810535SDavid AhernH2_N2_IP6=2001:db8:16:2::2 44ec810535SDavid AhernR2_N2_IP6=2001:db8:16:2::254 45ec810535SDavid Ahern 46ec810535SDavid AhernVRF=red 47ec810535SDavid AhernVRF_TABLE=1111 48ec810535SDavid Ahern 49ec810535SDavid Ahern################################################################################ 50ec810535SDavid Ahern# helpers 51ec810535SDavid Ahern 52ec810535SDavid Ahernlog_section() 53ec810535SDavid Ahern{ 54ec810535SDavid Ahern echo 55ec810535SDavid Ahern echo "###########################################################################" 56ec810535SDavid Ahern echo "$*" 57ec810535SDavid Ahern echo "###########################################################################" 58ec810535SDavid Ahern echo 59ec810535SDavid Ahern} 60ec810535SDavid Ahern 61ec810535SDavid Ahernlog_test() 62ec810535SDavid Ahern{ 63ec810535SDavid Ahern local rc=$1 64ec810535SDavid Ahern local expected=$2 65ec810535SDavid Ahern local msg="$3" 66*0a36a75cSAndrea Righi local xfail=$4 67ec810535SDavid Ahern 68ec810535SDavid Ahern if [ ${rc} -eq ${expected} ]; then 69ec810535SDavid Ahern printf "TEST: %-60s [ OK ]\n" "${msg}" 70ec810535SDavid Ahern nsuccess=$((nsuccess+1)) 71*0a36a75cSAndrea Righi elif [ ${rc} -eq ${xfail} ]; then 72*0a36a75cSAndrea Righi printf "TEST: %-60s [XFAIL]\n" "${msg}" 73*0a36a75cSAndrea Righi nxfail=$((nxfail+1)) 74ec810535SDavid Ahern else 75ec810535SDavid Ahern ret=1 76ec810535SDavid Ahern nfail=$((nfail+1)) 77ec810535SDavid Ahern printf "TEST: %-60s [FAIL]\n" "${msg}" 78ec810535SDavid Ahern if [ "${PAUSE_ON_FAIL}" = "yes" ]; then 79ec810535SDavid Ahern echo 80ec810535SDavid Ahern echo "hit enter to continue, 'q' to quit" 81ec810535SDavid Ahern read a 82ec810535SDavid Ahern [ "$a" = "q" ] && exit 1 83ec810535SDavid Ahern fi 84ec810535SDavid Ahern fi 85ec810535SDavid Ahern} 86ec810535SDavid Ahern 8799513cfaSDavid Ahernlog_debug() 8899513cfaSDavid Ahern{ 8999513cfaSDavid Ahern if [ "$VERBOSE" = "1" ]; then 9099513cfaSDavid Ahern echo "$*" 9199513cfaSDavid Ahern fi 9299513cfaSDavid Ahern} 9399513cfaSDavid Ahern 94ec810535SDavid Ahernrun_cmd() 95ec810535SDavid Ahern{ 96ec810535SDavid Ahern local cmd="$*" 97ec810535SDavid Ahern local out 98ec810535SDavid Ahern local rc 99ec810535SDavid Ahern 100ec810535SDavid Ahern if [ "$VERBOSE" = "1" ]; then 101ec810535SDavid Ahern echo "COMMAND: $cmd" 102ec810535SDavid Ahern fi 103ec810535SDavid Ahern 104ec810535SDavid Ahern out=$(eval $cmd 2>&1) 105ec810535SDavid Ahern rc=$? 106ec810535SDavid Ahern if [ "$VERBOSE" = "1" -a -n "$out" ]; then 107ec810535SDavid Ahern echo "$out" 108ec810535SDavid Ahern fi 109ec810535SDavid Ahern 110ec810535SDavid Ahern [ "$VERBOSE" = "1" ] && echo 111ec810535SDavid Ahern 112ec810535SDavid Ahern return $rc 113ec810535SDavid Ahern} 114ec810535SDavid Ahern 115ec810535SDavid Ahernget_linklocal() 116ec810535SDavid Ahern{ 117ec810535SDavid Ahern local ns=$1 118ec810535SDavid Ahern local dev=$2 119ec810535SDavid Ahern local addr 120ec810535SDavid Ahern 121ec810535SDavid Ahern addr=$(ip -netns $ns -6 -br addr show dev ${dev} | \ 122ec810535SDavid Ahern awk '{ 123ec810535SDavid Ahern for (i = 3; i <= NF; ++i) { 124ec810535SDavid Ahern if ($i ~ /^fe80/) 125ec810535SDavid Ahern print $i 126ec810535SDavid Ahern } 127ec810535SDavid Ahern }' 128ec810535SDavid Ahern ) 129ec810535SDavid Ahern addr=${addr/\/*} 130ec810535SDavid Ahern 131ec810535SDavid Ahern [ -z "$addr" ] && return 1 132ec810535SDavid Ahern 133ec810535SDavid Ahern echo $addr 134ec810535SDavid Ahern 135ec810535SDavid Ahern return 0 136ec810535SDavid Ahern} 137ec810535SDavid Ahern 138ec810535SDavid Ahern################################################################################ 139ec810535SDavid Ahern# setup and teardown 140ec810535SDavid Ahern 141ec810535SDavid Aherncleanup() 142ec810535SDavid Ahern{ 143ec810535SDavid Ahern local ns 144ec810535SDavid Ahern 145ec810535SDavid Ahern for ns in h1 h2 r1 r2; do 146ec810535SDavid Ahern ip netns del $ns 2>/dev/null 147ec810535SDavid Ahern done 148ec810535SDavid Ahern} 149ec810535SDavid Ahern 150ec810535SDavid Aherncreate_vrf() 151ec810535SDavid Ahern{ 152ec810535SDavid Ahern local ns=$1 153ec810535SDavid Ahern 154ec810535SDavid Ahern ip -netns ${ns} link add ${VRF} type vrf table ${VRF_TABLE} 155ec810535SDavid Ahern ip -netns ${ns} link set ${VRF} up 156ec810535SDavid Ahern ip -netns ${ns} route add vrf ${VRF} unreachable default metric 8192 157ec810535SDavid Ahern ip -netns ${ns} -6 route add vrf ${VRF} unreachable default metric 8192 158ec810535SDavid Ahern 159ec810535SDavid Ahern ip -netns ${ns} addr add 127.0.0.1/8 dev ${VRF} 160ec810535SDavid Ahern ip -netns ${ns} -6 addr add ::1 dev ${VRF} nodad 161ec810535SDavid Ahern 162ec810535SDavid Ahern ip -netns ${ns} ru del pref 0 163ec810535SDavid Ahern ip -netns ${ns} ru add pref 32765 from all lookup local 164ec810535SDavid Ahern ip -netns ${ns} -6 ru del pref 0 165ec810535SDavid Ahern ip -netns ${ns} -6 ru add pref 32765 from all lookup local 166ec810535SDavid Ahern} 167ec810535SDavid Ahern 168ec810535SDavid Ahernsetup() 169ec810535SDavid Ahern{ 170ec810535SDavid Ahern local ns 171ec810535SDavid Ahern 172ec810535SDavid Ahern # 173ec810535SDavid Ahern # create nodes as namespaces 174ec810535SDavid Ahern # 175ec810535SDavid Ahern for ns in h1 h2 r1 r2; do 176ec810535SDavid Ahern ip netns add $ns 177ec810535SDavid Ahern ip -netns $ns li set lo up 178ec810535SDavid Ahern 179ec810535SDavid Ahern case "${ns}" in 180ec810535SDavid Ahern h[12]) ip netns exec $ns sysctl -q -w net.ipv4.conf.all.accept_redirects=1 18199513cfaSDavid Ahern ip netns exec $ns sysctl -q -w net.ipv6.conf.all.forwarding=0 182ec810535SDavid Ahern ip netns exec $ns sysctl -q -w net.ipv6.conf.all.accept_redirects=1 183ec810535SDavid Ahern ip netns exec $ns sysctl -q -w net.ipv6.conf.all.keep_addr_on_down=1 184ec810535SDavid Ahern ;; 185ec810535SDavid Ahern r[12]) ip netns exec $ns sysctl -q -w net.ipv4.ip_forward=1 186ec810535SDavid Ahern ip netns exec $ns sysctl -q -w net.ipv4.conf.all.send_redirects=1 187bcf7ddb0SDavid Ahern ip netns exec $ns sysctl -q -w net.ipv4.conf.default.rp_filter=0 188bcf7ddb0SDavid Ahern ip netns exec $ns sysctl -q -w net.ipv4.conf.all.rp_filter=0 189ec810535SDavid Ahern 190ec810535SDavid Ahern ip netns exec $ns sysctl -q -w net.ipv6.conf.all.forwarding=1 191ec810535SDavid Ahern ip netns exec $ns sysctl -q -w net.ipv6.route.mtu_expires=10 192ec810535SDavid Ahern esac 193ec810535SDavid Ahern done 194ec810535SDavid Ahern 195ec810535SDavid Ahern # 196ec810535SDavid Ahern # create interconnects 197ec810535SDavid Ahern # 198ec810535SDavid Ahern ip -netns h1 li add eth0 type veth peer name r1h1 199ec810535SDavid Ahern ip -netns h1 li set r1h1 netns r1 name eth0 up 200ec810535SDavid Ahern 201ec810535SDavid Ahern ip -netns h1 li add eth1 type veth peer name r2h1 202ec810535SDavid Ahern ip -netns h1 li set r2h1 netns r2 name eth0 up 203ec810535SDavid Ahern 204ec810535SDavid Ahern ip -netns h2 li add eth0 type veth peer name r2h2 205ec810535SDavid Ahern ip -netns h2 li set eth0 up 206ec810535SDavid Ahern ip -netns h2 li set r2h2 netns r2 name eth2 up 207ec810535SDavid Ahern 208ec810535SDavid Ahern ip -netns r1 li add eth1 type veth peer name r2r1 209ec810535SDavid Ahern ip -netns r1 li set eth1 up 210ec810535SDavid Ahern ip -netns r1 li set r2r1 netns r2 name eth1 up 211ec810535SDavid Ahern 212ec810535SDavid Ahern # 213ec810535SDavid Ahern # h1 214ec810535SDavid Ahern # 215ec810535SDavid Ahern if [ "${WITH_VRF}" = "yes" ]; then 216ec810535SDavid Ahern create_vrf "h1" 217ec810535SDavid Ahern H1_VRF_ARG="vrf ${VRF}" 218ec810535SDavid Ahern H1_PING_ARG="-I ${VRF}" 219ec810535SDavid Ahern else 220ec810535SDavid Ahern H1_VRF_ARG= 221ec810535SDavid Ahern H1_PING_ARG= 222ec810535SDavid Ahern fi 223ec810535SDavid Ahern ip -netns h1 li add br0 type bridge 224ec810535SDavid Ahern if [ "${WITH_VRF}" = "yes" ]; then 225ec810535SDavid Ahern ip -netns h1 li set br0 vrf ${VRF} up 226ec810535SDavid Ahern else 227ec810535SDavid Ahern ip -netns h1 li set br0 up 228ec810535SDavid Ahern fi 229ec810535SDavid Ahern ip -netns h1 addr add dev br0 ${H1_N1_IP}/24 230ec810535SDavid Ahern ip -netns h1 -6 addr add dev br0 ${H1_N1_IP6}/64 nodad 231ec810535SDavid Ahern ip -netns h1 li set eth0 master br0 up 232ec810535SDavid Ahern ip -netns h1 li set eth1 master br0 up 233ec810535SDavid Ahern 234ec810535SDavid Ahern # 235ec810535SDavid Ahern # h2 236ec810535SDavid Ahern # 237ec810535SDavid Ahern ip -netns h2 addr add dev eth0 ${H2_N2_IP}/24 238ec810535SDavid Ahern ip -netns h2 ro add default via ${R2_N2_IP} dev eth0 239ec810535SDavid Ahern ip -netns h2 -6 addr add dev eth0 ${H2_N2_IP6}/64 nodad 240ec810535SDavid Ahern ip -netns h2 -6 ro add default via ${R2_N2_IP6} dev eth0 241ec810535SDavid Ahern 242ec810535SDavid Ahern # 243ec810535SDavid Ahern # r1 244ec810535SDavid Ahern # 245ec810535SDavid Ahern ip -netns r1 addr add dev eth0 ${R1_N1_IP}/24 246ec810535SDavid Ahern ip -netns r1 -6 addr add dev eth0 ${R1_N1_IP6}/64 nodad 247ec810535SDavid Ahern ip -netns r1 addr add dev eth1 ${R1_R2_N1_IP}/30 248ec810535SDavid Ahern ip -netns r1 -6 addr add dev eth1 ${R1_R2_N1_IP6}/126 nodad 249ec810535SDavid Ahern 250ec810535SDavid Ahern # 251ec810535SDavid Ahern # r2 252ec810535SDavid Ahern # 253ec810535SDavid Ahern ip -netns r2 addr add dev eth0 ${R2_N1_IP}/24 254ec810535SDavid Ahern ip -netns r2 -6 addr add dev eth0 ${R2_N1_IP6}/64 nodad 255ec810535SDavid Ahern ip -netns r2 addr add dev eth1 ${R2_R1_N1_IP}/30 256ec810535SDavid Ahern ip -netns r2 -6 addr add dev eth1 ${R2_R1_N1_IP6}/126 nodad 257ec810535SDavid Ahern ip -netns r2 addr add dev eth2 ${R2_N2_IP}/24 258ec810535SDavid Ahern ip -netns r2 -6 addr add dev eth2 ${R2_N2_IP6}/64 nodad 259ec810535SDavid Ahern 260ec810535SDavid Ahern sleep 2 261ec810535SDavid Ahern 262ec810535SDavid Ahern R1_LLADDR=$(get_linklocal r1 eth0) 263ec810535SDavid Ahern if [ $? -ne 0 ]; then 264ec810535SDavid Ahern echo "Error: Failed to get link-local address of r1's eth0" 265ec810535SDavid Ahern exit 1 266ec810535SDavid Ahern fi 26799513cfaSDavid Ahern log_debug "initial gateway is R1's lladdr = ${R1_LLADDR}" 268ec810535SDavid Ahern 269ec810535SDavid Ahern R2_LLADDR=$(get_linklocal r2 eth0) 270ec810535SDavid Ahern if [ $? -ne 0 ]; then 271ec810535SDavid Ahern echo "Error: Failed to get link-local address of r2's eth0" 272ec810535SDavid Ahern exit 1 273ec810535SDavid Ahern fi 27499513cfaSDavid Ahern log_debug "initial gateway is R2's lladdr = ${R2_LLADDR}" 275ec810535SDavid Ahern} 276ec810535SDavid Ahern 277ec810535SDavid Ahernchange_h2_mtu() 278ec810535SDavid Ahern{ 279ec810535SDavid Ahern local mtu=$1 280ec810535SDavid Ahern 281ec810535SDavid Ahern run_cmd ip -netns h2 li set eth0 mtu ${mtu} 282ec810535SDavid Ahern run_cmd ip -netns r2 li set eth2 mtu ${mtu} 283ec810535SDavid Ahern} 284ec810535SDavid Ahern 285ec810535SDavid Aherncheck_exception() 286ec810535SDavid Ahern{ 287ec810535SDavid Ahern local mtu="$1" 288ec810535SDavid Ahern local with_redirect="$2" 289ec810535SDavid Ahern local desc="$3" 290ec810535SDavid Ahern 291ec810535SDavid Ahern # From 172.16.1.101: icmp_seq=1 Redirect Host(New nexthop: 172.16.1.102) 292ec810535SDavid Ahern if [ "$VERBOSE" = "1" ]; then 293ec810535SDavid Ahern echo "Commands to check for exception:" 294ec810535SDavid Ahern run_cmd ip -netns h1 ro get ${H1_VRF_ARG} ${H2_N2_IP} 295ec810535SDavid Ahern run_cmd ip -netns h1 -6 ro get ${H1_VRF_ARG} ${H2_N2_IP6} 296ec810535SDavid Ahern fi 297ec810535SDavid Ahern 298ec810535SDavid Ahern if [ -n "${mtu}" ]; then 299ec810535SDavid Ahern mtu=" mtu ${mtu}" 300ec810535SDavid Ahern fi 301ec810535SDavid Ahern if [ "$with_redirect" = "yes" ]; then 302ec810535SDavid Ahern ip -netns h1 ro get ${H1_VRF_ARG} ${H2_N2_IP} | \ 303ec810535SDavid Ahern grep -q "cache <redirected> expires [0-9]*sec${mtu}" 304ec810535SDavid Ahern elif [ -n "${mtu}" ]; then 305ec810535SDavid Ahern ip -netns h1 ro get ${H1_VRF_ARG} ${H2_N2_IP} | \ 306ec810535SDavid Ahern grep -q "cache expires [0-9]*sec${mtu}" 307ec810535SDavid Ahern else 30899513cfaSDavid Ahern # want to verify that neither mtu nor redirected appears in 30999513cfaSDavid Ahern # the route get output. The -v will wipe out the cache line 31099513cfaSDavid Ahern # if either are set so the last grep -q will not find a match 311ec810535SDavid Ahern ip -netns h1 ro get ${H1_VRF_ARG} ${H2_N2_IP} | \ 31299513cfaSDavid Ahern grep -E -v 'mtu|redirected' | grep -q "cache" 313ec810535SDavid Ahern fi 314ec810535SDavid Ahern log_test $? 0 "IPv4: ${desc}" 315ec810535SDavid Ahern 316ec810535SDavid Ahern if [ "$with_redirect" = "yes" ]; then 31799513cfaSDavid Ahern ip -netns h1 -6 ro get ${H1_VRF_ARG} ${H2_N2_IP6} | \ 31899513cfaSDavid Ahern grep -q "${H2_N2_IP6} from :: via ${R2_LLADDR} dev br0.*${mtu}" 31999513cfaSDavid Ahern elif [ -n "${mtu}" ]; then 32099513cfaSDavid Ahern ip -netns h1 -6 ro get ${H1_VRF_ARG} ${H2_N2_IP6} | \ 32199513cfaSDavid Ahern grep -q "${mtu}" 322ec810535SDavid Ahern else 32399513cfaSDavid Ahern # IPv6 is a bit harder. First strip out the match if it 32499513cfaSDavid Ahern # contains an mtu exception and then look for the first 32599513cfaSDavid Ahern # gateway - R1's lladdr 32699513cfaSDavid Ahern ip -netns h1 -6 ro get ${H1_VRF_ARG} ${H2_N2_IP6} | \ 32799513cfaSDavid Ahern grep -v "mtu" | grep -q "${R1_LLADDR}" 328ec810535SDavid Ahern fi 329*0a36a75cSAndrea Righi log_test $? 0 "IPv6: ${desc}" 1 330ec810535SDavid Ahern} 331ec810535SDavid Ahern 332ec810535SDavid Ahernrun_ping() 333ec810535SDavid Ahern{ 334ec810535SDavid Ahern local sz=$1 335ec810535SDavid Ahern 33699513cfaSDavid Ahern run_cmd ip netns exec h1 ping -q -M want -i 0.5 -c 10 -w 2 -s ${sz} ${H1_PING_ARG} ${H2_N2_IP} 33799513cfaSDavid Ahern run_cmd ip netns exec h1 ${ping6} -q -M want -i 0.5 -c 10 -w 2 -s ${sz} ${H1_PING_ARG} ${H2_N2_IP6} 338ec810535SDavid Ahern} 339ec810535SDavid Ahern 340622946d9SDavid Ahernreplace_route_new() 341622946d9SDavid Ahern{ 342622946d9SDavid Ahern # r1 to h2 via r2 and eth0 343622946d9SDavid Ahern run_cmd ip -netns r1 nexthop replace id 1 via ${R2_N1_IP} dev eth0 344622946d9SDavid Ahern run_cmd ip -netns r1 nexthop replace id 2 via ${R2_LLADDR} dev eth0 345622946d9SDavid Ahern} 346622946d9SDavid Ahern 347622946d9SDavid Ahernreset_route_new() 348622946d9SDavid Ahern{ 349622946d9SDavid Ahern run_cmd ip -netns r1 nexthop flush 350622946d9SDavid Ahern run_cmd ip -netns h1 nexthop flush 351622946d9SDavid Ahern 352622946d9SDavid Ahern initial_route_new 353622946d9SDavid Ahern} 354622946d9SDavid Ahern 355622946d9SDavid Aherninitial_route_new() 356622946d9SDavid Ahern{ 357622946d9SDavid Ahern # r1 to h2 via r2 and eth1 358622946d9SDavid Ahern run_cmd ip -netns r1 nexthop add id 1 via ${R2_R1_N1_IP} dev eth1 359622946d9SDavid Ahern run_cmd ip -netns r1 ro add ${H2_N2} nhid 1 360622946d9SDavid Ahern 361622946d9SDavid Ahern run_cmd ip -netns r1 nexthop add id 2 via ${R2_R1_N1_IP6} dev eth1 362622946d9SDavid Ahern run_cmd ip -netns r1 -6 ro add ${H2_N2_6} nhid 2 363622946d9SDavid Ahern 364622946d9SDavid Ahern # h1 to h2 via r1 365622946d9SDavid Ahern run_cmd ip -netns h1 nexthop add id 1 via ${R1_N1_IP} dev br0 366622946d9SDavid Ahern run_cmd ip -netns h1 ro add ${H1_VRF_ARG} ${H2_N2} nhid 1 367622946d9SDavid Ahern 368622946d9SDavid Ahern run_cmd ip -netns h1 nexthop add id 2 via ${R1_LLADDR} dev br0 369622946d9SDavid Ahern run_cmd ip -netns h1 -6 ro add ${H1_VRF_ARG} ${H2_N2_6} nhid 2 370622946d9SDavid Ahern} 371622946d9SDavid Ahern 372ec810535SDavid Ahernreplace_route_legacy() 373ec810535SDavid Ahern{ 374ec810535SDavid Ahern # r1 to h2 via r2 and eth0 375ec810535SDavid Ahern run_cmd ip -netns r1 ro replace ${H2_N2} via ${R2_N1_IP} dev eth0 376ec810535SDavid Ahern run_cmd ip -netns r1 -6 ro replace ${H2_N2_6} via ${R2_LLADDR} dev eth0 377ec810535SDavid Ahern} 378ec810535SDavid Ahern 37999513cfaSDavid Ahernreset_route_legacy() 38099513cfaSDavid Ahern{ 38199513cfaSDavid Ahern run_cmd ip -netns r1 ro del ${H2_N2} 38299513cfaSDavid Ahern run_cmd ip -netns r1 -6 ro del ${H2_N2_6} 38399513cfaSDavid Ahern 38499513cfaSDavid Ahern run_cmd ip -netns h1 ro del ${H1_VRF_ARG} ${H2_N2} 38599513cfaSDavid Ahern run_cmd ip -netns h1 -6 ro del ${H1_VRF_ARG} ${H2_N2_6} 38699513cfaSDavid Ahern 38799513cfaSDavid Ahern initial_route_legacy 38899513cfaSDavid Ahern} 38999513cfaSDavid Ahern 390ec810535SDavid Aherninitial_route_legacy() 391ec810535SDavid Ahern{ 392ec810535SDavid Ahern # r1 to h2 via r2 and eth1 393ec810535SDavid Ahern run_cmd ip -netns r1 ro add ${H2_N2} via ${R2_R1_N1_IP} dev eth1 394ec810535SDavid Ahern run_cmd ip -netns r1 -6 ro add ${H2_N2_6} via ${R2_R1_N1_IP6} dev eth1 395ec810535SDavid Ahern 396ec810535SDavid Ahern # h1 to h2 via r1 397ec810535SDavid Ahern # - IPv6 redirect only works if gateway is the LLA 398ec810535SDavid Ahern run_cmd ip -netns h1 ro add ${H1_VRF_ARG} ${H2_N2} via ${R1_N1_IP} dev br0 399ec810535SDavid Ahern run_cmd ip -netns h1 -6 ro add ${H1_VRF_ARG} ${H2_N2_6} via ${R1_LLADDR} dev br0 400ec810535SDavid Ahern} 401ec810535SDavid Ahern 402ec810535SDavid Aherncheck_connectivity() 403ec810535SDavid Ahern{ 404ec810535SDavid Ahern local rc 405ec810535SDavid Ahern 406ec810535SDavid Ahern run_cmd ip netns exec h1 ping -c1 -w1 ${H1_PING_ARG} ${H2_N2_IP} 407ec810535SDavid Ahern rc=$? 408ec810535SDavid Ahern run_cmd ip netns exec h1 ${ping6} -c1 -w1 ${H1_PING_ARG} ${H2_N2_IP6} 409ec810535SDavid Ahern [ $? -ne 0 ] && rc=$? 410ec810535SDavid Ahern 411ec810535SDavid Ahern return $rc 412ec810535SDavid Ahern} 413ec810535SDavid Ahern 414ec810535SDavid Aherndo_test() 415ec810535SDavid Ahern{ 416ec810535SDavid Ahern local ttype="$1" 417ec810535SDavid Ahern 418ec810535SDavid Ahern eval initial_route_${ttype} 419ec810535SDavid Ahern 420ec810535SDavid Ahern # verify connectivity 421ec810535SDavid Ahern check_connectivity 422ec810535SDavid Ahern if [ $? -ne 0 ]; then 423ec810535SDavid Ahern echo "Error: Basic connectivity is broken" 424ec810535SDavid Ahern ret=1 425ec810535SDavid Ahern return 426ec810535SDavid Ahern fi 427ec810535SDavid Ahern 428ec810535SDavid Ahern # redirect exception followed by mtu 429ec810535SDavid Ahern eval replace_route_${ttype} 430ec810535SDavid Ahern run_ping 64 431ec810535SDavid Ahern check_exception "" "yes" "redirect exception" 432ec810535SDavid Ahern 433ec810535SDavid Ahern check_connectivity 434ec810535SDavid Ahern if [ $? -ne 0 ]; then 435ec810535SDavid Ahern echo "Error: Basic connectivity is broken after redirect" 436ec810535SDavid Ahern ret=1 437ec810535SDavid Ahern return 438ec810535SDavid Ahern fi 439ec810535SDavid Ahern 440ec810535SDavid Ahern change_h2_mtu 1300 441ec810535SDavid Ahern run_ping 1350 442ec810535SDavid Ahern check_exception "1300" "yes" "redirect exception plus mtu" 443ec810535SDavid Ahern 444ec810535SDavid Ahern # remove exceptions and restore routing 445ec810535SDavid Ahern change_h2_mtu 1500 44699513cfaSDavid Ahern eval reset_route_${ttype} 447ec810535SDavid Ahern 448ec810535SDavid Ahern check_connectivity 449ec810535SDavid Ahern if [ $? -ne 0 ]; then 450ec810535SDavid Ahern echo "Error: Basic connectivity is broken after reset" 451ec810535SDavid Ahern ret=1 452ec810535SDavid Ahern return 453ec810535SDavid Ahern fi 454ec810535SDavid Ahern check_exception "" "no" "routing reset" 455ec810535SDavid Ahern 456ec810535SDavid Ahern # MTU exception followed by redirect 457ec810535SDavid Ahern change_h2_mtu 1300 458ec810535SDavid Ahern run_ping 1350 459ec810535SDavid Ahern check_exception "1300" "no" "mtu exception" 460ec810535SDavid Ahern 461ec810535SDavid Ahern eval replace_route_${ttype} 462ec810535SDavid Ahern run_ping 64 463ec810535SDavid Ahern check_exception "1300" "yes" "mtu exception plus redirect" 464ec810535SDavid Ahern 465ec810535SDavid Ahern check_connectivity 466ec810535SDavid Ahern if [ $? -ne 0 ]; then 467ec810535SDavid Ahern echo "Error: Basic connectivity is broken after redirect" 468ec810535SDavid Ahern ret=1 469ec810535SDavid Ahern return 470ec810535SDavid Ahern fi 471ec810535SDavid Ahern} 472ec810535SDavid Ahern 473ec810535SDavid Ahern################################################################################ 474ec810535SDavid Ahern# usage 475ec810535SDavid Ahern 476ec810535SDavid Ahernusage() 477ec810535SDavid Ahern{ 478ec810535SDavid Ahern cat <<EOF 479ec810535SDavid Ahernusage: ${0##*/} OPTS 480ec810535SDavid Ahern 481ec810535SDavid Ahern -p Pause on fail 482ec810535SDavid Ahern -v verbose mode (show commands and output) 483ec810535SDavid AhernEOF 484ec810535SDavid Ahern} 485ec810535SDavid Ahern 486ec810535SDavid Ahern################################################################################ 487ec810535SDavid Ahern# main 488ec810535SDavid Ahern 489ec810535SDavid Ahern# Some systems don't have a ping6 binary anymore 490ec810535SDavid Ahernwhich ping6 > /dev/null 2>&1 && ping6=$(which ping6) || ping6=$(which ping) 491ec810535SDavid Ahern 492ec810535SDavid Ahernret=0 493ec810535SDavid Ahernnsuccess=0 494ec810535SDavid Ahernnfail=0 495*0a36a75cSAndrea Righinxfail=0 496ec810535SDavid Ahern 497ec810535SDavid Ahernwhile getopts :pv o 498ec810535SDavid Aherndo 499ec810535SDavid Ahern case $o in 500ec810535SDavid Ahern p) PAUSE_ON_FAIL=yes;; 501ec810535SDavid Ahern v) VERBOSE=$(($VERBOSE + 1));; 502ec810535SDavid Ahern *) usage; exit 1;; 503ec810535SDavid Ahern esac 504ec810535SDavid Aherndone 505ec810535SDavid Ahern 506ec810535SDavid Aherntrap cleanup EXIT 507ec810535SDavid Ahern 508ec810535SDavid Aherncleanup 509ec810535SDavid AhernWITH_VRF=no 510ec810535SDavid Ahernsetup 511ec810535SDavid Ahern 512ec810535SDavid Ahernlog_section "Legacy routing" 513ec810535SDavid Aherndo_test "legacy" 514ec810535SDavid Ahern 515ec810535SDavid Aherncleanup 516ec810535SDavid Ahernlog_section "Legacy routing with VRF" 517ec810535SDavid AhernWITH_VRF=yes 518ec810535SDavid Ahernsetup 519ec810535SDavid Aherndo_test "legacy" 520ec810535SDavid Ahern 521622946d9SDavid Aherncleanup 522622946d9SDavid Ahernlog_section "Routing with nexthop objects" 523622946d9SDavid Ahernip nexthop ls >/dev/null 2>&1 524622946d9SDavid Ahernif [ $? -eq 0 ]; then 525622946d9SDavid Ahern WITH_VRF=no 526622946d9SDavid Ahern setup 527622946d9SDavid Ahern do_test "new" 528622946d9SDavid Ahern 529622946d9SDavid Ahern cleanup 530622946d9SDavid Ahern log_section "Routing with nexthop objects and VRF" 531622946d9SDavid Ahern WITH_VRF=yes 532622946d9SDavid Ahern setup 533622946d9SDavid Ahern do_test "new" 534622946d9SDavid Ahernelse 535622946d9SDavid Ahern echo "Nexthop objects not supported; skipping tests" 536622946d9SDavid Ahernfi 537622946d9SDavid Ahern 538ec810535SDavid Ahernprintf "\nTests passed: %3d\n" ${nsuccess} 539ec810535SDavid Ahernprintf "Tests failed: %3d\n" ${nfail} 540*0a36a75cSAndrea Righiprintf "Tests xfailed: %3d\n" ${nxfail} 541ec810535SDavid Ahern 542ec810535SDavid Ahernexit $ret 543