1#!/bin/bash 2# SPDX-License-Identifier: GPL-2.0 3# 4# Test devlink-trap tunnel exceptions functionality over mlxsw. 5# Check all exception traps to make sure they are triggered under the right 6# conditions. 7 8# +-------------------------+ 9# | H1 | 10# | $h1 + | 11# | 192.0.2.1/28 | | 12# +-------------------|-----+ 13# | 14# +-------------------|-----+ 15# | SW1 | | 16# | $swp1 + | 17# | 192.0.2.2/28 | 18# | | 19# | + g1a (gre) | 20# | loc=192.0.2.65 | 21# | rem=192.0.2.66 | 22# | tos=inherit | 23# | | 24# | + $rp1 | 25# | | 198.51.100.1/28 | 26# +--|----------------------+ 27# | 28# +--|----------------------+ 29# | | VRF2 | 30# | + $rp2 | 31# | 198.51.100.2/28 | 32# +-------------------------+ 33 34lib_dir=$(dirname $0)/../../../net/forwarding 35 36ALL_TESTS=" 37 decap_error_test 38" 39 40NUM_NETIFS=4 41source $lib_dir/lib.sh 42source $lib_dir/tc_common.sh 43source $lib_dir/devlink_lib.sh 44 45h1_create() 46{ 47 simple_if_init $h1 192.0.2.1/28 48} 49 50h1_destroy() 51{ 52 simple_if_fini $h1 192.0.2.1/28 53} 54 55vrf2_create() 56{ 57 simple_if_init $rp2 198.51.100.2/28 58} 59 60vrf2_destroy() 61{ 62 simple_if_fini $rp2 198.51.100.2/28 63} 64 65switch_create() 66{ 67 __addr_add_del $swp1 add 192.0.2.2/28 68 tc qdisc add dev $swp1 clsact 69 ip link set dev $swp1 up 70 71 tunnel_create g1 gre 192.0.2.65 192.0.2.66 tos inherit 72 __addr_add_del g1 add 192.0.2.65/32 73 ip link set dev g1 up 74 75 __addr_add_del $rp1 add 198.51.100.1/28 76 ip link set dev $rp1 up 77} 78 79switch_destroy() 80{ 81 ip link set dev $rp1 down 82 __addr_add_del $rp1 del 198.51.100.1/28 83 84 ip link set dev g1 down 85 __addr_add_del g1 del 192.0.2.65/32 86 tunnel_destroy g1 87 88 ip link set dev $swp1 down 89 tc qdisc del dev $swp1 clsact 90 __addr_add_del $swp1 del 192.0.2.2/28 91} 92 93setup_prepare() 94{ 95 h1=${NETIFS[p1]} 96 swp1=${NETIFS[p2]} 97 98 rp1=${NETIFS[p3]} 99 rp2=${NETIFS[p4]} 100 101 forwarding_enable 102 vrf_prepare 103 h1_create 104 switch_create 105 vrf2_create 106} 107 108cleanup() 109{ 110 pre_cleanup 111 112 vrf2_destroy 113 switch_destroy 114 h1_destroy 115 vrf_cleanup 116 forwarding_restore 117} 118 119ecn_payload_get() 120{ 121 p=$(: 122 )"0"$( : GRE flags 123 )"0:00:"$( : Reserved + version 124 )"08:00:"$( : ETH protocol type 125 )"4"$( : IP version 126 )"5:"$( : IHL 127 )"00:"$( : IP TOS 128 )"00:14:"$( : IP total length 129 )"00:00:"$( : IP identification 130 )"20:00:"$( : IP flags + frag off 131 )"30:"$( : IP TTL 132 )"01:"$( : IP proto 133 )"E7:E6:"$( : IP header csum 134 )"C0:00:01:01:"$( : IP saddr : 192.0.1.1 135 )"C0:00:02:01:"$( : IP daddr : 192.0.2.1 136 ) 137 echo $p 138} 139 140ecn_decap_test() 141{ 142 local trap_name="decap_error" 143 local desc=$1; shift 144 local ecn_desc=$1; shift 145 local outer_tos=$1; shift 146 local mz_pid 147 148 RET=0 149 150 tc filter add dev $swp1 egress protocol ip pref 1 handle 101 \ 151 flower src_ip 192.0.1.1 dst_ip 192.0.2.1 action pass 152 153 rp1_mac=$(mac_get $rp1) 154 rp2_mac=$(mac_get $rp2) 155 payload=$(ecn_payload_get) 156 157 ip vrf exec v$rp2 $MZ $rp2 -c 0 -d 1msec -a $rp2_mac -b $rp1_mac \ 158 -A 192.0.2.66 -B 192.0.2.65 -t ip \ 159 len=48,tos=$outer_tos,proto=47,p=$payload -q & 160 161 mz_pid=$! 162 163 devlink_trap_exception_test $trap_name 164 165 tc_check_packets "dev $swp1 egress" 101 0 166 check_err $? "Packets were not dropped" 167 168 log_test "$desc: Inner ECN is not ECT and outer is $ecn_desc" 169 170 kill $mz_pid && wait $mz_pid &> /dev/null 171 tc filter del dev $swp1 egress protocol ip pref 1 handle 101 flower 172} 173 174ipip_payload_get() 175{ 176 local flags=$1; shift 177 local key=$1; shift 178 179 p=$(: 180 )"$flags"$( : GRE flags 181 )"0:00:"$( : Reserved + version 182 )"08:00:"$( : ETH protocol type 183 )"$key"$( : Key 184 )"4"$( : IP version 185 )"5:"$( : IHL 186 )"00:"$( : IP TOS 187 )"00:14:"$( : IP total length 188 )"00:00:"$( : IP identification 189 )"20:00:"$( : IP flags + frag off 190 )"30:"$( : IP TTL 191 )"01:"$( : IP proto 192 )"E7:E6:"$( : IP header csum 193 )"C0:00:01:01:"$( : IP saddr : 192.0.1.1 194 )"C0:00:02:01:"$( : IP daddr : 192.0.2.1 195 ) 196 echo $p 197} 198 199no_matching_tunnel_test() 200{ 201 local trap_name="decap_error" 202 local desc=$1; shift 203 local sip=$1; shift 204 local mz_pid 205 206 RET=0 207 208 tc filter add dev $swp1 egress protocol ip pref 1 handle 101 \ 209 flower src_ip 192.0.1.1 dst_ip 192.0.2.1 action pass 210 211 rp1_mac=$(mac_get $rp1) 212 rp2_mac=$(mac_get $rp2) 213 payload=$(ipip_payload_get "$@") 214 215 ip vrf exec v$rp2 $MZ $rp2 -c 0 -d 1msec -a $rp2_mac -b $rp1_mac \ 216 -A $sip -B 192.0.2.65 -t ip len=48,proto=47,p=$payload -q & 217 mz_pid=$! 218 219 devlink_trap_exception_test $trap_name 220 221 tc_check_packets "dev $swp1 egress" 101 0 222 check_err $? "Packets were not dropped" 223 224 log_test "$desc" 225 226 kill $mz_pid && wait $mz_pid &> /dev/null 227 tc filter del dev $swp1 egress protocol ip pref 1 handle 101 flower 228} 229 230decap_error_test() 231{ 232 # Correct source IP - the remote address 233 local sip=192.0.2.66 234 235 ecn_decap_test "Decap error" "ECT(1)" 01 236 ecn_decap_test "Decap error" "ECT(0)" 02 237 ecn_decap_test "Decap error" "CE" 03 238 239 no_matching_tunnel_test "Decap error: Source IP check failed" \ 240 192.0.2.68 "0" 241 no_matching_tunnel_test \ 242 "Decap error: Key exists but was not expected" $sip "2" ":E9:" 243 244 # Destroy the tunnel and create new one with key 245 __addr_add_del g1 del 192.0.2.65/32 246 tunnel_destroy g1 247 248 tunnel_create g1 gre 192.0.2.65 192.0.2.66 tos inherit key 233 249 __addr_add_del g1 add 192.0.2.65/32 250 251 no_matching_tunnel_test \ 252 "Decap error: Key does not exist but was expected" $sip "0" 253 no_matching_tunnel_test \ 254 "Decap error: Packet has a wrong key field" $sip "2" "E8:" 255} 256 257trap cleanup EXIT 258 259setup_prepare 260setup_wait 261tests_run 262 263exit $EXIT_STATUS 264
