blob: 24f4ab328bd2de7267eca7c66e25f86324e612c4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
|
# SPDX-License-Identifier: GPL-2.0
#!/bin/bash
# Handles creation and destruction of IP-in-IP or GRE tunnels over the given
# topology. Supports both flat and hierarchical models.
#
# Flat Model:
# Overlay and underlay share the same VRF.
# SW1 uses default VRF so tunnel has no bound dev.
# SW2 uses non-default VRF tunnel has a bound dev.
# +--------------------------------+
# | H1 |
# | $h1 + |
# | 198.51.100.1/24 | |
# | 2001:db8:1::1/64 | |
# +-------------------------|------+
# |
# +-------------------------|-------------------+
# | SW1 | |
# | $ol1 + |
# | 198.51.100.2/24 |
# | 2001:db8:1::2/64 |
# | |
# | + g1a (ip6gre) |
# | loc=2001:db8:3::1 |
# | rem=2001:db8:3::2 --. |
# | tos=inherit | |
# | . |
# | .--------------------- |
# | | |
# | v |
# | + $ul1.111 (vlan) |
# | | 2001:db8:10::1/64 |
# | \ |
# | \____________ |
# | | |
# | VRF default + $ul1 |
# +---------------------|-----------------------+
# |
# +---------------------|-----------------------+
# | SW2 | |
# | $ul2 + |
# | ___________| |
# | / |
# | / |
# | + $ul2.111 (vlan) |
# | ^ 2001:db8:10::2/64 |
# | | |
# | | |
# | '----------------------. |
# | + g2a (ip6gre) | |
# | loc=2001:db8:3::2 | |
# | rem=2001:db8:3::1 --' |
# | tos=inherit |
# | |
# | + $ol2 |
# | | 203.0.113.2/24 |
# | VRF v$ol2 | 2001:db8:2::2/64 |
# +---------------------|-----------------------+
# +---------------------|----------+
# | H2 | |
# | $h2 + |
# | 203.0.113.1/24 |
# | 2001:db8:2::1/64 |
# +--------------------------------+
#
# Hierarchical model:
# The tunnel is bound to a device in a different VRF
#
# +--------------------------------+
# | H1 |
# | $h1 + |
# | 198.51.100.1/24 | |
# | 2001:db8:1::1/64 | |
# +-------------------------|------+
# |
# +-------------------------|-------------------+
# | SW1 | |
# | +-----------------------|-----------------+ |
# | | $ol1 + | |
# | | 198.51.100.2/24 | |
# | | 2001:db8:1::2/64 | |
# | | | |
# | | + g1a (ip6gre) | |
# | | loc=2001:db8:3::1 | |
# | | rem=2001:db8:3::2 | |
# | | tos=inherit | |
# | | ^ | |
# | | VRF v$ol1 | | |
# | +--------------------|--------------------+ |
# | | |
# | +--------------------|--------------------+ |
# | | VRF v$ul1 | | |
# | | | | |
# | | v | |
# | | dummy1 + | |
# | | 2001:db8:3::1/64 | |
# | | .-----------' | |
# | | | | |
# | | v | |
# | | + $ul1.111 (vlan) | |
# | | | 2001:db8:10::1/64 | |
# | | \ | |
# | | \__________ | |
# | | | | |
# | | + $ul1 | |
# | +---------------------|-------------------+ |
# +-----------------------|---------------------+
# |
# +-----------------------|---------------------+
# | SW2 | |
# | +---------------------|-------------------+ |
# | | + $ul2 | |
# | | _____| | |
# | | / | |
# | | / | |
# | | | $ul2.111 (vlan) | |
# | | + 2001:db8:10::2/64 | |
# | | ^ | |
# | | | | |
# | | '------. | |
# | | dummy2 + | |
# | | 2001:db8:3::2/64 | |
# | | ^ | |
# | | | | |
# | | | | |
# | | VRF v$ul2 | | |
# | +---------------------|-------------------+ |
# | | |
# | +---------------------|-------------------+ |
# | | VRF v$ol2 | | |
# | | | | |
# | | v | |
# | | g2a (ip6gre) + | |
# | | loc=2001:db8:3::2 | |
# | | rem=2001:db8:3::1 | |
# | | tos=inherit | |
# | | | |
# | | $ol2 + | |
# | | 203.0.113.2/24 | | |
# | | 2001:db8:2::2/64 | | |
# | +---------------------|-------------------+ |
# +-----------------------|---------------------+
# |
# +-----------------------|--------+
# | H2 | |
# | $h2 + |
# | 203.0.113.1/24 |
# | 2001:db8:2::1/64 |
# +--------------------------------+
source lib.sh
source tc_common.sh
h1_create()
{
simple_if_init $h1 198.51.100.1/24 2001:db8:1::1/64
ip route add vrf v$h1 203.0.113.0/24 via 198.51.100.2
ip -6 route add vrf v$h1 2001:db8:2::/64 via 2001:db8:1::2
}
h1_destroy()
{
ip -6 route del vrf v$h1 2001:db8:2::/64 via 2001:db8:1::2
ip route del vrf v$h1 203.0.113.0/24 via 198.51.100.2
simple_if_fini $h1 198.51.100.1/24 2001:db8:1::1/64
}
h2_create()
{
simple_if_init $h2 203.0.113.1/24 2001:db8:2::1/64
ip route add vrf v$h2 198.51.100.0/24 via 203.0.113.2
ip -6 route add vrf v$h2 2001:db8:1::/64 via 2001:db8:2::2
}
h2_destroy()
{
ip -6 route del vrf v$h2 2001:db8:1::/64 via 2001:db8:2::2
ip route del vrf v$h2 198.51.100.0/24 via 203.0.113.2
simple_if_fini $h2 203.0.113.1/24 2001:db8:2::1/64
}
sw1_flat_create()
{
local ol1=$1; shift
local ul1=$1; shift
ip link set dev $ol1 up
__addr_add_del $ol1 add 198.51.100.2/24 2001:db8:1::2/64
ip link set dev $ul1 up
vlan_create $ul1 111 "" 2001:db8:10::1/64
tunnel_create g1a ip6gre 2001:db8:3::1 2001:db8:3::2 tos inherit \
ttl inherit "$@"
ip link set dev g1a up
__addr_add_del g1a add "2001:db8:3::1/128"
ip -6 route add 2001:db8:3::2/128 via 2001:db8:10::2
ip route add 203.0.113.0/24 dev g1a
ip -6 route add 2001:db8:2::/64 dev g1a
}
sw1_flat_destroy()
{
local ol1=$1; shift
local ul1=$1; shift
ip -6 route del 2001:db8:2::/64
ip route del 203.0.113.0/24
ip -6 route del 2001:db8:3::2/128 via 2001:db8:10::2
__simple_if_fini g1a 2001:db8:3::1/128
tunnel_destroy g1a
vlan_destroy $ul1 111
__simple_if_fini $ul1
__simple_if_fini $ol1 198.51.100.2/24 2001:db8:1::2/64
}
sw2_flat_create()
{
local ol2=$1; shift
local ul2=$1; shift
simple_if_init $ol2 203.0.113.2/24 2001:db8:2::2/64
__simple_if_init $ul2 v$ol2
vlan_create $ul2 111 v$ol2 2001:db8:10::2/64
tunnel_create g2a ip6gre 2001:db8:3::2 2001:db8:3::1 tos inherit \
ttl inherit dev v$ol2 "$@"
__simple_if_init g2a v$ol2 2001:db8:3::2/128
# Replace neighbor to avoid 1 dropped packet due to "unresolved neigh"
ip neigh replace dev $ol2 203.0.113.1 lladdr $(mac_get $h2)
ip -6 neigh replace dev $ol2 2001:db8:2::1 lladdr $(mac_get $h2)
ip -6 route add vrf v$ol2 2001:db8:3::1/128 via 2001:db8:10::1
ip route add vrf v$ol2 198.51.100.0/24 dev g2a
ip -6 route add vrf v$ol2 2001:db8:1::/64 dev g2a
}
sw2_flat_destroy()
{
local ol2=$1; shift
local ul2=$1; shift
ip -6 route del vrf v$ol2 2001:db8:2::/64
ip route del vrf v$ol2 198.51.100.0/24
ip -6 route del vrf v$ol2 2001:db8:3::1/128 via 2001:db8:10::1
__simple_if_fini g2a 2001:db8:3::2/128
tunnel_destroy g2a
vlan_destroy $ul2 111
__simple_if_fini $ul2
simple_if_fini $ol2 203.0.113.2/24 2001:db8:2::2/64
}
sw1_hierarchical_create()
{
local ol1=$1; shift
local ul1=$1; shift
simple_if_init $ol1 198.51.100.2/24 2001:db8:1::2/64
simple_if_init $ul1
ip link add name dummy1 type dummy
__simple_if_init dummy1 v$ul1 2001:db8:3::1/64
vlan_create $ul1 111 v$ul1 2001:db8:10::1/64
tunnel_create g1a ip6gre 2001:db8:3::1 2001:db8:3::2 tos inherit \
ttl inherit dev dummy1 "$@"
ip link set dev g1a master v$ol1
ip -6 route add vrf v$ul1 2001:db8:3::2/128 via 2001:db8:10::2
ip route add vrf v$ol1 203.0.113.0/24 dev g1a
ip -6 route add vrf v$ol1 2001:db8:2::/64 dev g1a
}
sw1_hierarchical_destroy()
{
local ol1=$1; shift
local ul1=$1; shift
ip -6 route del vrf v$ol1 2001:db8:2::/64
ip route del vrf v$ol1 203.0.113.0/24
ip -6 route del vrf v$ul1 2001:db8:3::2/128
tunnel_destroy g1a
vlan_destroy $ul1 111
__simple_if_fini dummy1 2001:db8:3::1/64
ip link del dev dummy1
simple_if_fini $ul1
simple_if_fini $ol1 198.51.100.2/24 2001:db8:1::2/64
}
sw2_hierarchical_create()
{
local ol2=$1; shift
local ul2=$1; shift
simple_if_init $ol2 203.0.113.2/24 2001:db8:2::2/64
simple_if_init $ul2
ip link add name dummy2 type dummy
__simple_if_init dummy2 v$ul2 2001:db8:3::2/64
vlan_create $ul2 111 v$ul2 2001:db8:10::2/64
tunnel_create g2a ip6gre 2001:db8:3::2 2001:db8:3::1 tos inherit \
ttl inherit dev dummy2 "$@"
ip link set dev g2a master v$ol2
# Replace neighbor to avoid 1 dropped packet due to "unresolved neigh"
ip neigh replace dev $ol2 203.0.113.1 lladdr $(mac_get $h2)
ip -6 neigh replace dev $ol2 2001:db8:2::1 lladdr $(mac_get $h2)
ip -6 route add vrf v$ul2 2001:db8:3::1/128 via 2001:db8:10::1
ip route add vrf v$ol2 198.51.100.0/24 dev g2a
ip -6 route add vrf v$ol2 2001:db8:1::/64 dev g2a
}
sw2_hierarchical_destroy()
{
local ol2=$1; shift
local ul2=$1; shift
ip -6 route del vrf v$ol2 2001:db8:2::/64
ip route del vrf v$ol2 198.51.100.0/24
ip -6 route del vrf v$ul2 2001:db8:3::1/128
tunnel_destroy g2a
vlan_destroy $ul2 111
__simple_if_fini dummy2 2001:db8:3::2/64
ip link del dev dummy2
simple_if_fini $ul2
simple_if_fini $ol2 203.0.113.2/24 2001:db8:2::2/64
}
test_traffic_ip4ip6()
{
RET=0
h1mac=$(mac_get $h1)
ol1mac=$(mac_get $ol1)
tc qdisc add dev $ul1 clsact
tc filter add dev $ul1 egress proto all pref 1 handle 101 \
flower $TC_FLAG action pass
tc qdisc add dev $ol2 clsact
tc filter add dev $ol2 egress protocol ipv4 pref 1 handle 101 \
flower $TC_FLAG dst_ip 203.0.113.1 action pass
$MZ $h1 -c 1000 -p 64 -a $h1mac -b $ol1mac -A 198.51.100.1 \
-B 203.0.113.1 -t ip -q -d $MZ_DELAY
# Check ports after encap and after decap.
tc_check_at_least_x_packets "dev $ul1 egress" 101 1000
check_err $? "Packets did not go through $ul1, tc_flag = $TC_FLAG"
tc_check_at_least_x_packets "dev $ol2 egress" 101 1000
check_err $? "Packets did not go through $ol2, tc_flag = $TC_FLAG"
log_test "$@"
tc filter del dev $ol2 egress protocol ipv4 pref 1 handle 101 flower
tc qdisc del dev $ol2 clsact
tc filter del dev $ul1 egress proto all pref 1 handle 101 flower
tc qdisc del dev $ul1 clsact
}
test_traffic_ip6ip6()
{
RET=0
h1mac=$(mac_get $h1)
ol1mac=$(mac_get $ol1)
tc qdisc add dev $ul1 clsact
tc filter add dev $ul1 egress proto all pref 1 handle 101 \
flower $TC_FLAG action pass
tc qdisc add dev $ol2 clsact
tc filter add dev $ol2 egress protocol ipv6 pref 1 handle 101 \
flower $TC_FLAG dst_ip 2001:db8:2::1 action pass
$MZ -6 $h1 -c 1000 -p 64 -a $h1mac -b $ol1mac -A 2001:db8:1::1 \
-B 2001:db8:2::1 -t ip -q -d $MZ_DELAY
# Check ports after encap and after decap.
tc_check_at_least_x_packets "dev $ul1 egress" 101 1000
check_err $? "Packets did not go through $ul1, tc_flag = $TC_FLAG"
tc_check_at_least_x_packets "dev $ol2 egress" 101 1000
check_err $? "Packets did not go through $ol2, tc_flag = $TC_FLAG"
log_test "$@"
tc filter del dev $ol2 egress protocol ipv6 pref 1 handle 101 flower
tc qdisc del dev $ol2 clsact
tc filter del dev $ul1 egress proto all pref 1 handle 101 flower
tc qdisc del dev $ul1 clsact
}
topo_mtu_change()
{
local mtu=$1
ip link set mtu $mtu dev $h1
ip link set mtu $mtu dev $ol1
ip link set mtu $mtu dev g1a
ip link set mtu $mtu dev $ul1
ip link set mtu $mtu dev $ul1.111
ip link set mtu $mtu dev $h2
ip link set mtu $mtu dev $ol2
ip link set mtu $mtu dev g2a
ip link set mtu $mtu dev $ul2
ip link set mtu $mtu dev $ul2.111
}
test_mtu_change()
{
RET=0
ping6_do $h1 2001:db8:2::1 "-s 1800 -w 3"
check_fail $? "ping GRE IPv6 should not pass with packet size 1800"
RET=0
topo_mtu_change 2000
ping6_do $h1 2001:db8:2::1 "-s 1800 -w 3"
check_err $?
log_test "ping GRE IPv6, packet size 1800 after MTU change"
}
|