Loading...
Note: File does not exist in v3.1.
1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0
3
4# This test is for checking IPv4 and IPv6 FIB behavior in response to
5# different events.
6source lib.sh
7ret=0
8
9# all tests in this script. Can be overridden with -t option
10TESTS="unregister down carrier nexthop suppress ipv6_notify ipv4_notify \
11 ipv6_rt ipv4_rt ipv6_addr_metric ipv4_addr_metric ipv6_route_metrics \
12 ipv4_route_metrics ipv4_route_v6_gw rp_filter ipv4_del_addr \
13 ipv6_del_addr ipv4_mangle ipv6_mangle ipv4_bcast_neigh fib6_gc_test \
14 ipv4_mpath_list ipv6_mpath_list"
15
16VERBOSE=0
17PAUSE_ON_FAIL=no
18PAUSE=no
19
20which ping6 > /dev/null 2>&1 && ping6=$(which ping6) || ping6=$(which ping)
21
22log_test()
23{
24 local rc=$1
25 local expected=$2
26 local msg="$3"
27
28 if [ ${rc} -eq ${expected} ]; then
29 printf " TEST: %-60s [ OK ]\n" "${msg}"
30 nsuccess=$((nsuccess+1))
31 else
32 ret=1
33 nfail=$((nfail+1))
34 printf " TEST: %-60s [FAIL]\n" "${msg}"
35 if [ "${PAUSE_ON_FAIL}" = "yes" ]; then
36 echo
37 echo "hit enter to continue, 'q' to quit"
38 read a
39 [ "$a" = "q" ] && exit 1
40 fi
41 fi
42
43 if [ "${PAUSE}" = "yes" ]; then
44 echo
45 echo "hit enter to continue, 'q' to quit"
46 read a
47 [ "$a" = "q" ] && exit 1
48 fi
49}
50
51setup()
52{
53 set -e
54 setup_ns ns1
55 IP="$(which ip) -netns $ns1"
56 NS_EXEC="$(which ip) netns exec $ns1"
57 ip netns exec $ns1 sysctl -qw net.ipv4.ip_forward=1
58 ip netns exec $ns1 sysctl -qw net.ipv6.conf.all.forwarding=1
59
60 $IP link add dummy0 type dummy
61 $IP link set dev dummy0 up
62 $IP address add 198.51.100.1/24 dev dummy0
63 $IP -6 address add 2001:db8:1::1/64 dev dummy0
64 set +e
65
66}
67
68cleanup()
69{
70 $IP link del dev dummy0 &> /dev/null
71 cleanup_ns $ns1 $ns2
72}
73
74get_linklocal()
75{
76 local dev=$1
77 local addr
78
79 addr=$($IP -6 -br addr show dev ${dev} | \
80 awk '{
81 for (i = 3; i <= NF; ++i) {
82 if ($i ~ /^fe80/)
83 print $i
84 }
85 }'
86 )
87 addr=${addr/\/*}
88
89 [ -z "$addr" ] && return 1
90
91 echo $addr
92
93 return 0
94}
95
96fib_unreg_unicast_test()
97{
98 echo
99 echo "Single path route test"
100
101 setup
102
103 echo " Start point"
104 $IP route get fibmatch 198.51.100.2 &> /dev/null
105 log_test $? 0 "IPv4 fibmatch"
106 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
107 log_test $? 0 "IPv6 fibmatch"
108
109 set -e
110 $IP link del dev dummy0
111 set +e
112
113 echo " Nexthop device deleted"
114 $IP route get fibmatch 198.51.100.2 &> /dev/null
115 log_test $? 2 "IPv4 fibmatch - no route"
116 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
117 log_test $? 2 "IPv6 fibmatch - no route"
118
119 cleanup
120}
121
122fib_unreg_multipath_test()
123{
124
125 echo
126 echo "Multipath route test"
127
128 setup
129
130 set -e
131 $IP link add dummy1 type dummy
132 $IP link set dev dummy1 up
133 $IP address add 192.0.2.1/24 dev dummy1
134 $IP -6 address add 2001:db8:2::1/64 dev dummy1
135
136 $IP route add 203.0.113.0/24 \
137 nexthop via 198.51.100.2 dev dummy0 \
138 nexthop via 192.0.2.2 dev dummy1
139 $IP -6 route add 2001:db8:3::/64 \
140 nexthop via 2001:db8:1::2 dev dummy0 \
141 nexthop via 2001:db8:2::2 dev dummy1
142 set +e
143
144 echo " Start point"
145 $IP route get fibmatch 203.0.113.1 &> /dev/null
146 log_test $? 0 "IPv4 fibmatch"
147 $IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null
148 log_test $? 0 "IPv6 fibmatch"
149
150 set -e
151 $IP link del dev dummy0
152 set +e
153
154 echo " One nexthop device deleted"
155 $IP route get fibmatch 203.0.113.1 &> /dev/null
156 log_test $? 2 "IPv4 - multipath route removed on delete"
157
158 $IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null
159 # In IPv6 we do not flush the entire multipath route.
160 log_test $? 0 "IPv6 - multipath down to single path"
161
162 set -e
163 $IP link del dev dummy1
164 set +e
165
166 echo " Second nexthop device deleted"
167 $IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null
168 log_test $? 2 "IPv6 - no route"
169
170 cleanup
171}
172
173fib_unreg_test()
174{
175 fib_unreg_unicast_test
176 fib_unreg_multipath_test
177}
178
179fib_down_unicast_test()
180{
181 echo
182 echo "Single path, admin down"
183
184 setup
185
186 echo " Start point"
187 $IP route get fibmatch 198.51.100.2 &> /dev/null
188 log_test $? 0 "IPv4 fibmatch"
189 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
190 log_test $? 0 "IPv6 fibmatch"
191
192 set -e
193 $IP link set dev dummy0 down
194 set +e
195
196 echo " Route deleted on down"
197 $IP route get fibmatch 198.51.100.2 &> /dev/null
198 log_test $? 2 "IPv4 fibmatch"
199 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
200 log_test $? 2 "IPv6 fibmatch"
201
202 cleanup
203}
204
205fib_down_multipath_test_do()
206{
207 local down_dev=$1
208 local up_dev=$2
209
210 $IP route get fibmatch 203.0.113.1 \
211 oif $down_dev &> /dev/null
212 log_test $? 2 "IPv4 fibmatch on down device"
213 $IP -6 route get fibmatch 2001:db8:3::1 \
214 oif $down_dev &> /dev/null
215 log_test $? 2 "IPv6 fibmatch on down device"
216
217 $IP route get fibmatch 203.0.113.1 \
218 oif $up_dev &> /dev/null
219 log_test $? 0 "IPv4 fibmatch on up device"
220 $IP -6 route get fibmatch 2001:db8:3::1 \
221 oif $up_dev &> /dev/null
222 log_test $? 0 "IPv6 fibmatch on up device"
223
224 $IP route get fibmatch 203.0.113.1 | \
225 grep $down_dev | grep -q "dead linkdown"
226 log_test $? 0 "IPv4 flags on down device"
227 $IP -6 route get fibmatch 2001:db8:3::1 | \
228 grep $down_dev | grep -q "dead linkdown"
229 log_test $? 0 "IPv6 flags on down device"
230
231 $IP route get fibmatch 203.0.113.1 | \
232 grep $up_dev | grep -q "dead linkdown"
233 log_test $? 1 "IPv4 flags on up device"
234 $IP -6 route get fibmatch 2001:db8:3::1 | \
235 grep $up_dev | grep -q "dead linkdown"
236 log_test $? 1 "IPv6 flags on up device"
237}
238
239fib_down_multipath_test()
240{
241 echo
242 echo "Admin down multipath"
243
244 setup
245
246 set -e
247 $IP link add dummy1 type dummy
248 $IP link set dev dummy1 up
249
250 $IP address add 192.0.2.1/24 dev dummy1
251 $IP -6 address add 2001:db8:2::1/64 dev dummy1
252
253 $IP route add 203.0.113.0/24 \
254 nexthop via 198.51.100.2 dev dummy0 \
255 nexthop via 192.0.2.2 dev dummy1
256 $IP -6 route add 2001:db8:3::/64 \
257 nexthop via 2001:db8:1::2 dev dummy0 \
258 nexthop via 2001:db8:2::2 dev dummy1
259 set +e
260
261 echo " Verify start point"
262 $IP route get fibmatch 203.0.113.1 &> /dev/null
263 log_test $? 0 "IPv4 fibmatch"
264
265 $IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null
266 log_test $? 0 "IPv6 fibmatch"
267
268 set -e
269 $IP link set dev dummy0 down
270 set +e
271
272 echo " One device down, one up"
273 fib_down_multipath_test_do "dummy0" "dummy1"
274
275 set -e
276 $IP link set dev dummy0 up
277 $IP link set dev dummy1 down
278 set +e
279
280 echo " Other device down and up"
281 fib_down_multipath_test_do "dummy1" "dummy0"
282
283 set -e
284 $IP link set dev dummy0 down
285 set +e
286
287 echo " Both devices down"
288 $IP route get fibmatch 203.0.113.1 &> /dev/null
289 log_test $? 2 "IPv4 fibmatch"
290 $IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null
291 log_test $? 2 "IPv6 fibmatch"
292
293 $IP link del dev dummy1
294 cleanup
295}
296
297fib_down_test()
298{
299 fib_down_unicast_test
300 fib_down_multipath_test
301}
302
303# Local routes should not be affected when carrier changes.
304fib_carrier_local_test()
305{
306 echo
307 echo "Local carrier tests - single path"
308
309 setup
310
311 set -e
312 $IP link set dev dummy0 carrier on
313 set +e
314
315 echo " Start point"
316 $IP route get fibmatch 198.51.100.1 &> /dev/null
317 log_test $? 0 "IPv4 fibmatch"
318 $IP -6 route get fibmatch 2001:db8:1::1 &> /dev/null
319 log_test $? 0 "IPv6 fibmatch"
320
321 $IP route get fibmatch 198.51.100.1 | \
322 grep -q "linkdown"
323 log_test $? 1 "IPv4 - no linkdown flag"
324 $IP -6 route get fibmatch 2001:db8:1::1 | \
325 grep -q "linkdown"
326 log_test $? 1 "IPv6 - no linkdown flag"
327
328 set -e
329 $IP link set dev dummy0 carrier off
330 sleep 1
331 set +e
332
333 echo " Carrier off on nexthop"
334 $IP route get fibmatch 198.51.100.1 &> /dev/null
335 log_test $? 0 "IPv4 fibmatch"
336 $IP -6 route get fibmatch 2001:db8:1::1 &> /dev/null
337 log_test $? 0 "IPv6 fibmatch"
338
339 $IP route get fibmatch 198.51.100.1 | \
340 grep -q "linkdown"
341 log_test $? 1 "IPv4 - linkdown flag set"
342 $IP -6 route get fibmatch 2001:db8:1::1 | \
343 grep -q "linkdown"
344 log_test $? 1 "IPv6 - linkdown flag set"
345
346 set -e
347 $IP address add 192.0.2.1/24 dev dummy0
348 $IP -6 address add 2001:db8:2::1/64 dev dummy0
349 set +e
350
351 echo " Route to local address with carrier down"
352 $IP route get fibmatch 192.0.2.1 &> /dev/null
353 log_test $? 0 "IPv4 fibmatch"
354 $IP -6 route get fibmatch 2001:db8:2::1 &> /dev/null
355 log_test $? 0 "IPv6 fibmatch"
356
357 $IP route get fibmatch 192.0.2.1 | \
358 grep -q "linkdown"
359 log_test $? 1 "IPv4 linkdown flag set"
360 $IP -6 route get fibmatch 2001:db8:2::1 | \
361 grep -q "linkdown"
362 log_test $? 1 "IPv6 linkdown flag set"
363
364 cleanup
365}
366
367fib_carrier_unicast_test()
368{
369 ret=0
370
371 echo
372 echo "Single path route carrier test"
373
374 setup
375
376 set -e
377 $IP link set dev dummy0 carrier on
378 set +e
379
380 echo " Start point"
381 $IP route get fibmatch 198.51.100.2 &> /dev/null
382 log_test $? 0 "IPv4 fibmatch"
383 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
384 log_test $? 0 "IPv6 fibmatch"
385
386 $IP route get fibmatch 198.51.100.2 | \
387 grep -q "linkdown"
388 log_test $? 1 "IPv4 no linkdown flag"
389 $IP -6 route get fibmatch 2001:db8:1::2 | \
390 grep -q "linkdown"
391 log_test $? 1 "IPv6 no linkdown flag"
392
393 set -e
394 $IP link set dev dummy0 carrier off
395 sleep 1
396 set +e
397
398 echo " Carrier down"
399 $IP route get fibmatch 198.51.100.2 &> /dev/null
400 log_test $? 0 "IPv4 fibmatch"
401 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
402 log_test $? 0 "IPv6 fibmatch"
403
404 $IP route get fibmatch 198.51.100.2 | \
405 grep -q "linkdown"
406 log_test $? 0 "IPv4 linkdown flag set"
407 $IP -6 route get fibmatch 2001:db8:1::2 | \
408 grep -q "linkdown"
409 log_test $? 0 "IPv6 linkdown flag set"
410
411 set -e
412 $IP address add 192.0.2.1/24 dev dummy0
413 $IP -6 address add 2001:db8:2::1/64 dev dummy0
414 set +e
415
416 echo " Second address added with carrier down"
417 $IP route get fibmatch 192.0.2.2 &> /dev/null
418 log_test $? 0 "IPv4 fibmatch"
419 $IP -6 route get fibmatch 2001:db8:2::2 &> /dev/null
420 log_test $? 0 "IPv6 fibmatch"
421
422 $IP route get fibmatch 192.0.2.2 | \
423 grep -q "linkdown"
424 log_test $? 0 "IPv4 linkdown flag set"
425 $IP -6 route get fibmatch 2001:db8:2::2 | \
426 grep -q "linkdown"
427 log_test $? 0 "IPv6 linkdown flag set"
428
429 cleanup
430}
431
432fib_carrier_test()
433{
434 fib_carrier_local_test
435 fib_carrier_unicast_test
436}
437
438fib_rp_filter_test()
439{
440 echo
441 echo "IPv4 rp_filter tests"
442
443 setup
444
445 set -e
446 setup_ns ns2
447
448 $IP link add name veth1 type veth peer name veth2
449 $IP link set dev veth2 netns $ns2
450 $IP address add 192.0.2.1/24 dev veth1
451 ip -netns $ns2 address add 192.0.2.1/24 dev veth2
452 $IP link set dev veth1 up
453 ip -netns $ns2 link set dev veth2 up
454
455 $IP link set dev lo address 52:54:00:6a:c7:5e
456 $IP link set dev veth1 address 52:54:00:6a:c7:5e
457 ip -netns $ns2 link set dev lo address 52:54:00:6a:c7:5e
458 ip -netns $ns2 link set dev veth2 address 52:54:00:6a:c7:5e
459
460 # 1. (ns2) redirect lo's egress to veth2's egress
461 ip netns exec $ns2 tc qdisc add dev lo parent root handle 1: fq_codel
462 ip netns exec $ns2 tc filter add dev lo parent 1: protocol arp basic \
463 action mirred egress redirect dev veth2
464 ip netns exec $ns2 tc filter add dev lo parent 1: protocol ip basic \
465 action mirred egress redirect dev veth2
466
467 # 2. (ns1) redirect veth1's ingress to lo's ingress
468 $NS_EXEC tc qdisc add dev veth1 ingress
469 $NS_EXEC tc filter add dev veth1 ingress protocol arp basic \
470 action mirred ingress redirect dev lo
471 $NS_EXEC tc filter add dev veth1 ingress protocol ip basic \
472 action mirred ingress redirect dev lo
473
474 # 3. (ns1) redirect lo's egress to veth1's egress
475 $NS_EXEC tc qdisc add dev lo parent root handle 1: fq_codel
476 $NS_EXEC tc filter add dev lo parent 1: protocol arp basic \
477 action mirred egress redirect dev veth1
478 $NS_EXEC tc filter add dev lo parent 1: protocol ip basic \
479 action mirred egress redirect dev veth1
480
481 # 4. (ns2) redirect veth2's ingress to lo's ingress
482 ip netns exec $ns2 tc qdisc add dev veth2 ingress
483 ip netns exec $ns2 tc filter add dev veth2 ingress protocol arp basic \
484 action mirred ingress redirect dev lo
485 ip netns exec $ns2 tc filter add dev veth2 ingress protocol ip basic \
486 action mirred ingress redirect dev lo
487
488 $NS_EXEC sysctl -qw net.ipv4.conf.all.rp_filter=1
489 $NS_EXEC sysctl -qw net.ipv4.conf.all.accept_local=1
490 $NS_EXEC sysctl -qw net.ipv4.conf.all.route_localnet=1
491 ip netns exec $ns2 sysctl -qw net.ipv4.conf.all.rp_filter=1
492 ip netns exec $ns2 sysctl -qw net.ipv4.conf.all.accept_local=1
493 ip netns exec $ns2 sysctl -qw net.ipv4.conf.all.route_localnet=1
494 set +e
495
496 run_cmd "ip netns exec $ns2 ping -w1 -c1 192.0.2.1"
497 log_test $? 0 "rp_filter passes local packets"
498
499 run_cmd "ip netns exec $ns2 ping -w1 -c1 127.0.0.1"
500 log_test $? 0 "rp_filter passes loopback packets"
501
502 cleanup
503}
504
505################################################################################
506# Tests on nexthop spec
507
508# run 'ip route add' with given spec
509add_rt()
510{
511 local desc="$1"
512 local erc=$2
513 local vrf=$3
514 local pfx=$4
515 local gw=$5
516 local dev=$6
517 local cmd out rc
518
519 [ "$vrf" = "-" ] && vrf="default"
520 [ -n "$gw" ] && gw="via $gw"
521 [ -n "$dev" ] && dev="dev $dev"
522
523 cmd="$IP route add vrf $vrf $pfx $gw $dev"
524 if [ "$VERBOSE" = "1" ]; then
525 printf "\n COMMAND: $cmd\n"
526 fi
527
528 out=$(eval $cmd 2>&1)
529 rc=$?
530 if [ "$VERBOSE" = "1" -a -n "$out" ]; then
531 echo " $out"
532 fi
533 log_test $rc $erc "$desc"
534}
535
536fib4_nexthop()
537{
538 echo
539 echo "IPv4 nexthop tests"
540
541 echo "<<< write me >>>"
542}
543
544fib6_nexthop()
545{
546 local lldummy=$(get_linklocal dummy0)
547 local llv1=$(get_linklocal dummy0)
548
549 if [ -z "$lldummy" ]; then
550 echo "Failed to get linklocal address for dummy0"
551 return 1
552 fi
553 if [ -z "$llv1" ]; then
554 echo "Failed to get linklocal address for veth1"
555 return 1
556 fi
557
558 echo
559 echo "IPv6 nexthop tests"
560
561 add_rt "Directly connected nexthop, unicast address" 0 \
562 - 2001:db8:101::/64 2001:db8:1::2
563 add_rt "Directly connected nexthop, unicast address with device" 0 \
564 - 2001:db8:102::/64 2001:db8:1::2 "dummy0"
565 add_rt "Gateway is linklocal address" 0 \
566 - 2001:db8:103::1/64 $llv1 "veth0"
567
568 # fails because LL address requires a device
569 add_rt "Gateway is linklocal address, no device" 2 \
570 - 2001:db8:104::1/64 $llv1
571
572 # local address can not be a gateway
573 add_rt "Gateway can not be local unicast address" 2 \
574 - 2001:db8:105::/64 2001:db8:1::1
575 add_rt "Gateway can not be local unicast address, with device" 2 \
576 - 2001:db8:106::/64 2001:db8:1::1 "dummy0"
577 add_rt "Gateway can not be a local linklocal address" 2 \
578 - 2001:db8:107::1/64 $lldummy "dummy0"
579
580 # VRF tests
581 add_rt "Gateway can be local address in a VRF" 0 \
582 - 2001:db8:108::/64 2001:db8:51::2
583 add_rt "Gateway can be local address in a VRF, with device" 0 \
584 - 2001:db8:109::/64 2001:db8:51::2 "veth0"
585 add_rt "Gateway can be local linklocal address in a VRF" 0 \
586 - 2001:db8:110::1/64 $llv1 "veth0"
587
588 add_rt "Redirect to VRF lookup" 0 \
589 - 2001:db8:111::/64 "" "red"
590
591 add_rt "VRF route, gateway can be local address in default VRF" 0 \
592 red 2001:db8:112::/64 2001:db8:51::1
593
594 # local address in same VRF fails
595 add_rt "VRF route, gateway can not be a local address" 2 \
596 red 2001:db8:113::1/64 2001:db8:2::1
597 add_rt "VRF route, gateway can not be a local addr with device" 2 \
598 red 2001:db8:114::1/64 2001:db8:2::1 "dummy1"
599}
600
601# Default VRF:
602# dummy0 - 198.51.100.1/24 2001:db8:1::1/64
603# veth0 - 192.0.2.1/24 2001:db8:51::1/64
604#
605# VRF red:
606# dummy1 - 192.168.2.1/24 2001:db8:2::1/64
607# veth1 - 192.0.2.2/24 2001:db8:51::2/64
608#
609# [ dummy0 veth0 ]--[ veth1 dummy1 ]
610
611fib_nexthop_test()
612{
613 setup
614
615 set -e
616
617 $IP -4 rule add pref 32765 table local
618 $IP -4 rule del pref 0
619 $IP -6 rule add pref 32765 table local
620 $IP -6 rule del pref 0
621
622 $IP link add red type vrf table 1
623 $IP link set red up
624 $IP -4 route add vrf red unreachable default metric 4278198272
625 $IP -6 route add vrf red unreachable default metric 4278198272
626
627 $IP link add veth0 type veth peer name veth1
628 $IP link set dev veth0 up
629 $IP address add 192.0.2.1/24 dev veth0
630 $IP -6 address add 2001:db8:51::1/64 dev veth0
631
632 $IP link set dev veth1 vrf red up
633 $IP address add 192.0.2.2/24 dev veth1
634 $IP -6 address add 2001:db8:51::2/64 dev veth1
635
636 $IP link add dummy1 type dummy
637 $IP link set dev dummy1 vrf red up
638 $IP address add 192.168.2.1/24 dev dummy1
639 $IP -6 address add 2001:db8:2::1/64 dev dummy1
640 set +e
641
642 sleep 1
643 fib4_nexthop
644 fib6_nexthop
645
646 (
647 $IP link del dev dummy1
648 $IP link del veth0
649 $IP link del red
650 ) 2>/dev/null
651 cleanup
652}
653
654fib6_notify_test()
655{
656 setup
657
658 echo
659 echo "Fib6 info length calculation in route notify test"
660 set -e
661
662 for i in 10 20 30 40 50 60 70;
663 do
664 $IP link add dummy_$i type dummy
665 $IP link set dev dummy_$i up
666 $IP -6 address add 2001:$i::1/64 dev dummy_$i
667 done
668
669 $NS_EXEC ip monitor route &> errors.txt &
670 sleep 2
671
672 $IP -6 route add 2001::/64 \
673 nexthop via 2001:10::2 dev dummy_10 \
674 nexthop encap ip6 dst 2002::20 via 2001:20::2 dev dummy_20 \
675 nexthop encap ip6 dst 2002::30 via 2001:30::2 dev dummy_30 \
676 nexthop encap ip6 dst 2002::40 via 2001:40::2 dev dummy_40 \
677 nexthop encap ip6 dst 2002::50 via 2001:50::2 dev dummy_50 \
678 nexthop encap ip6 dst 2002::60 via 2001:60::2 dev dummy_60 \
679 nexthop encap ip6 dst 2002::70 via 2001:70::2 dev dummy_70
680
681 set +e
682
683 err=`cat errors.txt |grep "Message too long"`
684 if [ -z "$err" ];then
685 ret=0
686 else
687 ret=1
688 fi
689
690 log_test $ret 0 "ipv6 route add notify"
691
692 { kill %% && wait %%; } 2>/dev/null
693
694 #rm errors.txt
695
696 cleanup &> /dev/null
697}
698
699
700fib_notify_test()
701{
702 setup
703
704 echo
705 echo "Fib4 info length calculation in route notify test"
706
707 set -e
708
709 for i in 10 20 30 40 50 60 70;
710 do
711 $IP link add dummy_$i type dummy
712 $IP link set dev dummy_$i up
713 $IP address add 20.20.$i.2/24 dev dummy_$i
714 done
715
716 $NS_EXEC ip monitor route &> errors.txt &
717 sleep 2
718
719 $IP route add 10.0.0.0/24 \
720 nexthop via 20.20.10.1 dev dummy_10 \
721 nexthop encap ip dst 192.168.10.20 via 20.20.20.1 dev dummy_20 \
722 nexthop encap ip dst 192.168.10.30 via 20.20.30.1 dev dummy_30 \
723 nexthop encap ip dst 192.168.10.40 via 20.20.40.1 dev dummy_40 \
724 nexthop encap ip dst 192.168.10.50 via 20.20.50.1 dev dummy_50 \
725 nexthop encap ip dst 192.168.10.60 via 20.20.60.1 dev dummy_60 \
726 nexthop encap ip dst 192.168.10.70 via 20.20.70.1 dev dummy_70
727
728 set +e
729
730 err=`cat errors.txt |grep "Message too long"`
731 if [ -z "$err" ];then
732 ret=0
733 else
734 ret=1
735 fi
736
737 log_test $ret 0 "ipv4 route add notify"
738
739 { kill %% && wait %%; } 2>/dev/null
740
741 rm errors.txt
742
743 cleanup &> /dev/null
744}
745
746# Create a new dummy_10 to remove all associated routes.
747reset_dummy_10()
748{
749 $IP link del dev dummy_10
750
751 $IP link add dummy_10 type dummy
752 $IP link set dev dummy_10 up
753 $IP -6 address add 2001:10::1/64 dev dummy_10
754}
755
756check_rt_num()
757{
758 local expected=$1
759 local num=$2
760
761 if [ $num -ne $expected ]; then
762 echo "FAIL: Expected $expected routes, got $num"
763 ret=1
764 else
765 ret=0
766 fi
767}
768
769check_rt_num_clean()
770{
771 local expected=$1
772 local num=$2
773
774 if [ $num -ne $expected ]; then
775 log_test 1 0 "expected $expected routes, got $num"
776 set +e
777 cleanup &> /dev/null
778 return 1
779 fi
780 return 0
781}
782
783fib6_gc_test()
784{
785 setup
786
787 echo
788 echo "Fib6 garbage collection test"
789 set -e
790
791 EXPIRE=5
792 GC_WAIT_TIME=$((EXPIRE * 2 + 2))
793
794 # Check expiration of routes every $EXPIRE seconds (GC)
795 $NS_EXEC sysctl -wq net.ipv6.route.gc_interval=$EXPIRE
796
797 $IP link add dummy_10 type dummy
798 $IP link set dev dummy_10 up
799 $IP -6 address add 2001:10::1/64 dev dummy_10
800
801 $NS_EXEC sysctl -wq net.ipv6.route.flush=1
802
803 # Temporary routes
804 for i in $(seq 1 5); do
805 # Expire route after $EXPIRE seconds
806 $IP -6 route add 2001:20::$i \
807 via 2001:10::2 dev dummy_10 expires $EXPIRE
808 done
809 sleep $GC_WAIT_TIME
810 $NS_EXEC sysctl -wq net.ipv6.route.flush=1
811 check_rt_num 0 $($IP -6 route list |grep expires|wc -l)
812 log_test $ret 0 "ipv6 route garbage collection"
813
814 reset_dummy_10
815
816 # Permanent routes
817 for i in $(seq 1 5); do
818 $IP -6 route add 2001:30::$i \
819 via 2001:10::2 dev dummy_10
820 done
821 # Temporary routes
822 for i in $(seq 1 5); do
823 # Expire route after $EXPIRE seconds
824 $IP -6 route add 2001:20::$i \
825 via 2001:10::2 dev dummy_10 expires $EXPIRE
826 done
827 # Wait for GC
828 sleep $GC_WAIT_TIME
829 check_rt_num 0 $($IP -6 route list |grep expires|wc -l)
830 log_test $ret 0 "ipv6 route garbage collection (with permanent routes)"
831
832 reset_dummy_10
833
834 # Permanent routes
835 for i in $(seq 1 5); do
836 $IP -6 route add 2001:20::$i \
837 via 2001:10::2 dev dummy_10
838 done
839 # Replace with temporary routes
840 for i in $(seq 1 5); do
841 # Expire route after $EXPIRE seconds
842 $IP -6 route replace 2001:20::$i \
843 via 2001:10::2 dev dummy_10 expires $EXPIRE
844 done
845 # Wait for GC
846 sleep $GC_WAIT_TIME
847 check_rt_num 0 $($IP -6 route list |grep expires|wc -l)
848 log_test $ret 0 "ipv6 route garbage collection (replace with expires)"
849
850 reset_dummy_10
851
852 # Temporary routes
853 for i in $(seq 1 5); do
854 # Expire route after $EXPIRE seconds
855 $IP -6 route add 2001:20::$i \
856 via 2001:10::2 dev dummy_10 expires $EXPIRE
857 done
858 # Replace with permanent routes
859 for i in $(seq 1 5); do
860 $IP -6 route replace 2001:20::$i \
861 via 2001:10::2 dev dummy_10
862 done
863 check_rt_num_clean 0 $($IP -6 route list |grep expires|wc -l) || return
864
865 # Wait for GC
866 sleep $GC_WAIT_TIME
867 check_rt_num 5 $($IP -6 route list |grep -v expires|grep 2001:20::|wc -l)
868 log_test $ret 0 "ipv6 route garbage collection (replace with permanent)"
869
870 # ra6 is required for the next test. (ipv6toolkit)
871 if [ ! -x "$(command -v ra6)" ]; then
872 echo "SKIP: ra6 not found."
873 set +e
874 cleanup &> /dev/null
875 return
876 fi
877
878 # Delete dummy_10 and remove all routes
879 $IP link del dev dummy_10
880
881 # Create a pair of veth devices to send a RA message from one
882 # device to another.
883 $IP link add veth1 type veth peer name veth2
884 $IP link set dev veth1 up
885 $IP link set dev veth2 up
886 $IP -6 address add 2001:10::1/64 dev veth1 nodad
887 $IP -6 address add 2001:10::2/64 dev veth2 nodad
888
889 # Make veth1 ready to receive RA messages.
890 $NS_EXEC sysctl -wq net.ipv6.conf.veth1.accept_ra=2
891
892 # Send a RA message with a route from veth2 to veth1.
893 $NS_EXEC ra6 -i veth2 -d 2001:10::1 -t $EXPIRE
894
895 # Wait for the RA message.
896 sleep 1
897
898 # systemd may mess up the test. You syould make sure that
899 # systemd-networkd.service and systemd-networkd.socket are stopped.
900 check_rt_num_clean 1 $($IP -6 route list|grep expires|wc -l) || return
901
902 # Wait for GC
903 sleep $GC_WAIT_TIME
904 check_rt_num 0 $($IP -6 route list |grep expires|wc -l)
905 log_test $ret 0 "ipv6 route garbage collection (RA message)"
906
907 set +e
908
909 cleanup &> /dev/null
910}
911
912fib_suppress_test()
913{
914 echo
915 echo "FIB rule with suppress_prefixlength"
916 setup
917
918 $IP link add dummy1 type dummy
919 $IP link set dummy1 up
920 $IP -6 route add default dev dummy1
921 $IP -6 rule add table main suppress_prefixlength 0
922 ping -f -c 1000 -W 1 1234::1 >/dev/null 2>&1
923 $IP -6 rule del table main suppress_prefixlength 0
924 $IP link del dummy1
925
926 # If we got here without crashing, we're good.
927 log_test 0 0 "FIB rule suppress test"
928
929 cleanup
930}
931
932################################################################################
933# Tests on route add and replace
934
935run_cmd()
936{
937 local cmd="$1"
938 local out
939 local stderr="2>/dev/null"
940
941 if [ "$VERBOSE" = "1" ]; then
942 printf " COMMAND: $cmd\n"
943 stderr=
944 fi
945
946 out=$(eval $cmd $stderr)
947 rc=$?
948 if [ "$VERBOSE" = "1" -a -n "$out" ]; then
949 echo " $out"
950 fi
951
952 [ "$VERBOSE" = "1" ] && echo
953
954 return $rc
955}
956
957check_expected()
958{
959 local out="$1"
960 local expected="$2"
961 local rc=0
962
963 [ "${out}" = "${expected}" ] && return 0
964
965 if [ -z "${out}" ]; then
966 if [ "$VERBOSE" = "1" ]; then
967 printf "\nNo route entry found\n"
968 printf "Expected:\n"
969 printf " ${expected}\n"
970 fi
971 return 1
972 fi
973
974 # tricky way to convert output to 1-line without ip's
975 # messy '\'; this drops all extra white space
976 out=$(echo ${out})
977 if [ "${out}" != "${expected}" ]; then
978 rc=1
979 if [ "${VERBOSE}" = "1" ]; then
980 printf " Unexpected route entry. Have:\n"
981 printf " ${out}\n"
982 printf " Expected:\n"
983 printf " ${expected}\n\n"
984 fi
985 fi
986
987 return $rc
988}
989
990# add route for a prefix, flushing any existing routes first
991# expected to be the first step of a test
992add_route6()
993{
994 local pfx="$1"
995 local nh="$2"
996 local out
997
998 if [ "$VERBOSE" = "1" ]; then
999 echo
1000 echo " ##################################################"
1001 echo
1002 fi
1003
1004 run_cmd "$IP -6 ro flush ${pfx}"
1005 [ $? -ne 0 ] && exit 1
1006
1007 out=$($IP -6 ro ls match ${pfx})
1008 if [ -n "$out" ]; then
1009 echo "Failed to flush routes for prefix used for tests."
1010 exit 1
1011 fi
1012
1013 run_cmd "$IP -6 ro add ${pfx} ${nh}"
1014 if [ $? -ne 0 ]; then
1015 echo "Failed to add initial route for test."
1016 exit 1
1017 fi
1018}
1019
1020# add initial route - used in replace route tests
1021add_initial_route6()
1022{
1023 add_route6 "2001:db8:104::/64" "$1"
1024}
1025
1026check_route6()
1027{
1028 local pfx
1029 local expected="$1"
1030 local out
1031 local rc=0
1032
1033 set -- $expected
1034 pfx=$1
1035
1036 out=$($IP -6 ro ls match ${pfx} | sed -e 's/ pref medium//')
1037 check_expected "${out}" "${expected}"
1038}
1039
1040route_cleanup()
1041{
1042 $IP li del red 2>/dev/null
1043 $IP li del dummy1 2>/dev/null
1044 $IP li del veth1 2>/dev/null
1045 $IP li del veth3 2>/dev/null
1046
1047 cleanup &> /dev/null
1048}
1049
1050route_setup()
1051{
1052 route_cleanup
1053 setup
1054
1055 [ "${VERBOSE}" = "1" ] && set -x
1056 set -e
1057
1058 setup_ns ns2
1059 ip netns exec $ns2 sysctl -qw net.ipv4.ip_forward=1
1060 ip netns exec $ns2 sysctl -qw net.ipv6.conf.all.forwarding=1
1061
1062 $IP li add veth1 type veth peer name veth2
1063 $IP li add veth3 type veth peer name veth4
1064
1065 $IP li set veth1 up
1066 $IP li set veth3 up
1067 $IP li set veth2 netns $ns2 up
1068 $IP li set veth4 netns $ns2 up
1069 ip -netns $ns2 li add dummy1 type dummy
1070 ip -netns $ns2 li set dummy1 up
1071
1072 $IP -6 addr add 2001:db8:101::1/64 dev veth1 nodad
1073 $IP -6 addr add 2001:db8:103::1/64 dev veth3 nodad
1074 $IP addr add 172.16.101.1/24 dev veth1
1075 $IP addr add 172.16.103.1/24 dev veth3
1076
1077 ip -netns $ns2 -6 addr add 2001:db8:101::2/64 dev veth2 nodad
1078 ip -netns $ns2 -6 addr add 2001:db8:103::2/64 dev veth4 nodad
1079 ip -netns $ns2 -6 addr add 2001:db8:104::1/64 dev dummy1 nodad
1080
1081 ip -netns $ns2 addr add 172.16.101.2/24 dev veth2
1082 ip -netns $ns2 addr add 172.16.103.2/24 dev veth4
1083 ip -netns $ns2 addr add 172.16.104.1/24 dev dummy1
1084
1085 set +e
1086}
1087
1088# assumption is that basic add of a single path route works
1089# otherwise just adding an address on an interface is broken
1090ipv6_rt_add()
1091{
1092 local rc
1093
1094 echo
1095 echo "IPv6 route add / append tests"
1096
1097 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
1098 add_route6 "2001:db8:104::/64" "via 2001:db8:101::2"
1099 run_cmd "$IP -6 ro add 2001:db8:104::/64 via 2001:db8:103::2"
1100 log_test $? 2 "Attempt to add duplicate route - gw"
1101
1102 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
1103 add_route6 "2001:db8:104::/64" "via 2001:db8:101::2"
1104 run_cmd "$IP -6 ro add 2001:db8:104::/64 dev veth3"
1105 log_test $? 2 "Attempt to add duplicate route - dev only"
1106
1107 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
1108 add_route6 "2001:db8:104::/64" "via 2001:db8:101::2"
1109 run_cmd "$IP -6 ro add unreachable 2001:db8:104::/64"
1110 log_test $? 2 "Attempt to add duplicate route - reject route"
1111
1112 # route append with same prefix adds a new route
1113 # - iproute2 sets NLM_F_CREATE | NLM_F_APPEND
1114 add_route6 "2001:db8:104::/64" "via 2001:db8:101::2"
1115 run_cmd "$IP -6 ro append 2001:db8:104::/64 via 2001:db8:103::2"
1116 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
1117 log_test $? 0 "Append nexthop to existing route - gw"
1118
1119 # insert mpath directly
1120 add_route6 "2001:db8:104::/64" "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1121 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
1122 log_test $? 0 "Add multipath route"
1123
1124 add_route6 "2001:db8:104::/64" "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1125 run_cmd "$IP -6 ro add 2001:db8:104::/64 nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1126 log_test $? 2 "Attempt to add duplicate multipath route"
1127
1128 # insert of a second route without append but different metric
1129 add_route6 "2001:db8:104::/64" "via 2001:db8:101::2"
1130 run_cmd "$IP -6 ro add 2001:db8:104::/64 via 2001:db8:103::2 metric 512"
1131 rc=$?
1132 if [ $rc -eq 0 ]; then
1133 run_cmd "$IP -6 ro add 2001:db8:104::/64 via 2001:db8:103::3 metric 256"
1134 rc=$?
1135 fi
1136 log_test $rc 0 "Route add with different metrics"
1137
1138 run_cmd "$IP -6 ro del 2001:db8:104::/64 metric 512"
1139 rc=$?
1140 if [ $rc -eq 0 ]; then
1141 check_route6 "2001:db8:104::/64 via 2001:db8:103::3 dev veth3 metric 256 2001:db8:104::/64 via 2001:db8:101::2 dev veth1 metric 1024"
1142 rc=$?
1143 fi
1144 log_test $rc 0 "Route delete with metric"
1145}
1146
1147ipv6_rt_replace_single()
1148{
1149 # single path with single path
1150 #
1151 add_initial_route6 "via 2001:db8:101::2"
1152 run_cmd "$IP -6 ro replace 2001:db8:104::/64 via 2001:db8:103::2"
1153 check_route6 "2001:db8:104::/64 via 2001:db8:103::2 dev veth3 metric 1024"
1154 log_test $? 0 "Single path with single path"
1155
1156 # single path with multipath
1157 #
1158 add_initial_route6 "nexthop via 2001:db8:101::2"
1159 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:103::2"
1160 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::3 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
1161 log_test $? 0 "Single path with multipath"
1162
1163 # single path with single path using MULTIPATH attribute
1164 #
1165 add_initial_route6 "via 2001:db8:101::2"
1166 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:103::2"
1167 check_route6 "2001:db8:104::/64 via 2001:db8:103::2 dev veth3 metric 1024"
1168 log_test $? 0 "Single path with single path via multipath attribute"
1169
1170 # route replace fails - invalid nexthop
1171 add_initial_route6 "via 2001:db8:101::2"
1172 run_cmd "$IP -6 ro replace 2001:db8:104::/64 via 2001:db8:104::2"
1173 if [ $? -eq 0 ]; then
1174 # previous command is expected to fail so if it returns 0
1175 # that means the test failed.
1176 log_test 0 1 "Invalid nexthop"
1177 else
1178 check_route6 "2001:db8:104::/64 via 2001:db8:101::2 dev veth1 metric 1024"
1179 log_test $? 0 "Invalid nexthop"
1180 fi
1181
1182 # replace non-existent route
1183 # - note use of change versus replace since ip adds NLM_F_CREATE
1184 # for replace
1185 add_initial_route6 "via 2001:db8:101::2"
1186 run_cmd "$IP -6 ro change 2001:db8:105::/64 via 2001:db8:101::2"
1187 log_test $? 2 "Single path - replace of non-existent route"
1188}
1189
1190ipv6_rt_replace_mpath()
1191{
1192 # multipath with multipath
1193 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1194 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:103::3"
1195 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::3 dev veth1 weight 1 nexthop via 2001:db8:103::3 dev veth3 weight 1"
1196 log_test $? 0 "Multipath with multipath"
1197
1198 # multipath with single
1199 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1200 run_cmd "$IP -6 ro replace 2001:db8:104::/64 via 2001:db8:101::3"
1201 check_route6 "2001:db8:104::/64 via 2001:db8:101::3 dev veth1 metric 1024"
1202 log_test $? 0 "Multipath with single path"
1203
1204 # multipath with single
1205 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1206 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3"
1207 check_route6 "2001:db8:104::/64 via 2001:db8:101::3 dev veth1 metric 1024"
1208 log_test $? 0 "Multipath with single path via multipath attribute"
1209
1210 # multipath with dev-only
1211 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1212 run_cmd "$IP -6 ro replace 2001:db8:104::/64 dev veth1"
1213 check_route6 "2001:db8:104::/64 dev veth1 metric 1024"
1214 log_test $? 0 "Multipath with dev-only"
1215
1216 # route replace fails - invalid nexthop 1
1217 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1218 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:111::3 nexthop via 2001:db8:103::3"
1219 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
1220 log_test $? 0 "Multipath - invalid first nexthop"
1221
1222 # route replace fails - invalid nexthop 2
1223 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1224 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:113::3"
1225 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
1226 log_test $? 0 "Multipath - invalid second nexthop"
1227
1228 # multipath non-existent route
1229 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1230 run_cmd "$IP -6 ro change 2001:db8:105::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:103::3"
1231 log_test $? 2 "Multipath - replace of non-existent route"
1232}
1233
1234ipv6_rt_replace()
1235{
1236 echo
1237 echo "IPv6 route replace tests"
1238
1239 ipv6_rt_replace_single
1240 ipv6_rt_replace_mpath
1241}
1242
1243ipv6_rt_dsfield()
1244{
1245 echo
1246 echo "IPv6 route with dsfield tests"
1247
1248 run_cmd "$IP -6 route flush 2001:db8:102::/64"
1249
1250 # IPv6 doesn't support routing based on dsfield
1251 run_cmd "$IP -6 route add 2001:db8:102::/64 dsfield 0x04 via 2001:db8:101::2"
1252 log_test $? 2 "Reject route with dsfield"
1253}
1254
1255ipv6_route_test()
1256{
1257 route_setup
1258
1259 ipv6_rt_add
1260 ipv6_rt_replace
1261 ipv6_rt_dsfield
1262
1263 route_cleanup
1264}
1265
1266ip_addr_metric_check()
1267{
1268 ip addr help 2>&1 | grep -q metric
1269 if [ $? -ne 0 ]; then
1270 echo "iproute2 command does not support metric for addresses. Skipping test"
1271 return 1
1272 fi
1273
1274 return 0
1275}
1276
1277ipv6_addr_metric_test()
1278{
1279 local rc
1280
1281 echo
1282 echo "IPv6 prefix route tests"
1283
1284 ip_addr_metric_check || return 1
1285
1286 setup
1287
1288 set -e
1289 $IP li add dummy1 type dummy
1290 $IP li add dummy2 type dummy
1291 $IP li set dummy1 up
1292 $IP li set dummy2 up
1293
1294 # default entry is metric 256
1295 run_cmd "$IP -6 addr add dev dummy1 2001:db8:104::1/64"
1296 run_cmd "$IP -6 addr add dev dummy2 2001:db8:104::2/64"
1297 set +e
1298
1299 check_route6 "2001:db8:104::/64 dev dummy1 proto kernel metric 256 2001:db8:104::/64 dev dummy2 proto kernel metric 256"
1300 log_test $? 0 "Default metric"
1301
1302 set -e
1303 run_cmd "$IP -6 addr flush dev dummy1"
1304 run_cmd "$IP -6 addr add dev dummy1 2001:db8:104::1/64 metric 257"
1305 set +e
1306
1307 check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 256 2001:db8:104::/64 dev dummy1 proto kernel metric 257"
1308 log_test $? 0 "User specified metric on first device"
1309
1310 set -e
1311 run_cmd "$IP -6 addr flush dev dummy2"
1312 run_cmd "$IP -6 addr add dev dummy2 2001:db8:104::2/64 metric 258"
1313 set +e
1314
1315 check_route6 "2001:db8:104::/64 dev dummy1 proto kernel metric 257 2001:db8:104::/64 dev dummy2 proto kernel metric 258"
1316 log_test $? 0 "User specified metric on second device"
1317
1318 run_cmd "$IP -6 addr del dev dummy1 2001:db8:104::1/64 metric 257"
1319 rc=$?
1320 if [ $rc -eq 0 ]; then
1321 check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 258"
1322 rc=$?
1323 fi
1324 log_test $rc 0 "Delete of address on first device"
1325
1326 run_cmd "$IP -6 addr change dev dummy2 2001:db8:104::2/64 metric 259"
1327 rc=$?
1328 if [ $rc -eq 0 ]; then
1329 check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 259"
1330 rc=$?
1331 fi
1332 log_test $rc 0 "Modify metric of address"
1333
1334 # verify prefix route removed on down
1335 run_cmd "ip netns exec $ns1 sysctl -qw net.ipv6.conf.all.keep_addr_on_down=1"
1336 run_cmd "$IP li set dev dummy2 down"
1337 rc=$?
1338 if [ $rc -eq 0 ]; then
1339 out=$($IP -6 ro ls match 2001:db8:104::/64)
1340 check_expected "${out}" ""
1341 rc=$?
1342 fi
1343 log_test $rc 0 "Prefix route removed on link down"
1344
1345 # verify prefix route re-inserted with assigned metric
1346 run_cmd "$IP li set dev dummy2 up"
1347 rc=$?
1348 if [ $rc -eq 0 ]; then
1349 check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 259"
1350 rc=$?
1351 fi
1352 log_test $rc 0 "Prefix route with metric on link up"
1353
1354 # verify peer metric added correctly
1355 set -e
1356 run_cmd "$IP -6 addr flush dev dummy2"
1357 run_cmd "$IP -6 addr add dev dummy2 2001:db8:104::1 peer 2001:db8:104::2 metric 260"
1358 set +e
1359
1360 check_route6 "2001:db8:104::1 dev dummy2 proto kernel metric 260"
1361 log_test $? 0 "Set metric with peer route on local side"
1362 check_route6 "2001:db8:104::2 dev dummy2 proto kernel metric 260"
1363 log_test $? 0 "Set metric with peer route on peer side"
1364
1365 set -e
1366 run_cmd "$IP -6 addr change dev dummy2 2001:db8:104::1 peer 2001:db8:104::3 metric 261"
1367 set +e
1368
1369 check_route6 "2001:db8:104::1 dev dummy2 proto kernel metric 261"
1370 log_test $? 0 "Modify metric and peer address on local side"
1371 check_route6 "2001:db8:104::3 dev dummy2 proto kernel metric 261"
1372 log_test $? 0 "Modify metric and peer address on peer side"
1373
1374 $IP li del dummy1
1375 $IP li del dummy2
1376 cleanup
1377}
1378
1379ipv6_route_metrics_test()
1380{
1381 local rc
1382
1383 echo
1384 echo "IPv6 routes with metrics"
1385
1386 route_setup
1387
1388 #
1389 # single path with metrics
1390 #
1391 run_cmd "$IP -6 ro add 2001:db8:111::/64 via 2001:db8:101::2 mtu 1400"
1392 rc=$?
1393 if [ $rc -eq 0 ]; then
1394 check_route6 "2001:db8:111::/64 via 2001:db8:101::2 dev veth1 metric 1024 mtu 1400"
1395 rc=$?
1396 fi
1397 log_test $rc 0 "Single path route with mtu metric"
1398
1399
1400 #
1401 # multipath via separate routes with metrics
1402 #
1403 run_cmd "$IP -6 ro add 2001:db8:112::/64 via 2001:db8:101::2 mtu 1400"
1404 run_cmd "$IP -6 ro append 2001:db8:112::/64 via 2001:db8:103::2"
1405 rc=$?
1406 if [ $rc -eq 0 ]; then
1407 check_route6 "2001:db8:112::/64 metric 1024 mtu 1400 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
1408 rc=$?
1409 fi
1410 log_test $rc 0 "Multipath route via 2 single routes with mtu metric on first"
1411
1412 # second route is coalesced to first to make a multipath route.
1413 # MTU of the second path is hidden from display!
1414 run_cmd "$IP -6 ro add 2001:db8:113::/64 via 2001:db8:101::2"
1415 run_cmd "$IP -6 ro append 2001:db8:113::/64 via 2001:db8:103::2 mtu 1400"
1416 rc=$?
1417 if [ $rc -eq 0 ]; then
1418 check_route6 "2001:db8:113::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
1419 rc=$?
1420 fi
1421 log_test $rc 0 "Multipath route via 2 single routes with mtu metric on 2nd"
1422
1423 run_cmd "$IP -6 ro del 2001:db8:113::/64 via 2001:db8:101::2"
1424 if [ $? -eq 0 ]; then
1425 check_route6 "2001:db8:113::/64 via 2001:db8:103::2 dev veth3 metric 1024 mtu 1400"
1426 log_test $? 0 " MTU of second leg"
1427 fi
1428
1429 #
1430 # multipath with metrics
1431 #
1432 run_cmd "$IP -6 ro add 2001:db8:115::/64 mtu 1400 nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1433 rc=$?
1434 if [ $rc -eq 0 ]; then
1435 check_route6 "2001:db8:115::/64 metric 1024 mtu 1400 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
1436 rc=$?
1437 fi
1438 log_test $rc 0 "Multipath route with mtu metric"
1439
1440 $IP -6 ro add 2001:db8:104::/64 via 2001:db8:101::2 mtu 1300
1441 run_cmd "ip netns exec $ns1 ${ping6} -w1 -c1 -s 1500 2001:db8:104::1"
1442 log_test $? 0 "Using route with mtu metric"
1443
1444 run_cmd "$IP -6 ro add 2001:db8:114::/64 via 2001:db8:101::2 congctl lock foo"
1445 log_test $? 2 "Invalid metric (fails metric_convert)"
1446
1447 route_cleanup
1448}
1449
1450# add route for a prefix, flushing any existing routes first
1451# expected to be the first step of a test
1452add_route()
1453{
1454 local pfx="$1"
1455 local nh="$2"
1456 local out
1457
1458 if [ "$VERBOSE" = "1" ]; then
1459 echo
1460 echo " ##################################################"
1461 echo
1462 fi
1463
1464 run_cmd "$IP ro flush ${pfx}"
1465 [ $? -ne 0 ] && exit 1
1466
1467 out=$($IP ro ls match ${pfx})
1468 if [ -n "$out" ]; then
1469 echo "Failed to flush routes for prefix used for tests."
1470 exit 1
1471 fi
1472
1473 run_cmd "$IP ro add ${pfx} ${nh}"
1474 if [ $? -ne 0 ]; then
1475 echo "Failed to add initial route for test."
1476 exit 1
1477 fi
1478}
1479
1480# add initial route - used in replace route tests
1481add_initial_route()
1482{
1483 add_route "172.16.104.0/24" "$1"
1484}
1485
1486check_route()
1487{
1488 local pfx
1489 local expected="$1"
1490 local out
1491
1492 set -- $expected
1493 pfx=$1
1494 [ "${pfx}" = "unreachable" ] && pfx=$2
1495
1496 out=$($IP ro ls match ${pfx})
1497 check_expected "${out}" "${expected}"
1498}
1499
1500# assumption is that basic add of a single path route works
1501# otherwise just adding an address on an interface is broken
1502ipv4_rt_add()
1503{
1504 local rc
1505
1506 echo
1507 echo "IPv4 route add / append tests"
1508
1509 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
1510 add_route "172.16.104.0/24" "via 172.16.101.2"
1511 run_cmd "$IP ro add 172.16.104.0/24 via 172.16.103.2"
1512 log_test $? 2 "Attempt to add duplicate route - gw"
1513
1514 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
1515 add_route "172.16.104.0/24" "via 172.16.101.2"
1516 run_cmd "$IP ro add 172.16.104.0/24 dev veth3"
1517 log_test $? 2 "Attempt to add duplicate route - dev only"
1518
1519 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
1520 add_route "172.16.104.0/24" "via 172.16.101.2"
1521 run_cmd "$IP ro add unreachable 172.16.104.0/24"
1522 log_test $? 2 "Attempt to add duplicate route - reject route"
1523
1524 # iproute2 prepend only sets NLM_F_CREATE
1525 # - adds a new route; does NOT convert existing route to ECMP
1526 add_route "172.16.104.0/24" "via 172.16.101.2"
1527 run_cmd "$IP ro prepend 172.16.104.0/24 via 172.16.103.2"
1528 check_route "172.16.104.0/24 via 172.16.103.2 dev veth3 172.16.104.0/24 via 172.16.101.2 dev veth1"
1529 log_test $? 0 "Add new nexthop for existing prefix"
1530
1531 # route append with same prefix adds a new route
1532 # - iproute2 sets NLM_F_CREATE | NLM_F_APPEND
1533 add_route "172.16.104.0/24" "via 172.16.101.2"
1534 run_cmd "$IP ro append 172.16.104.0/24 via 172.16.103.2"
1535 check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 172.16.104.0/24 via 172.16.103.2 dev veth3"
1536 log_test $? 0 "Append nexthop to existing route - gw"
1537
1538 add_route "172.16.104.0/24" "via 172.16.101.2"
1539 run_cmd "$IP ro append 172.16.104.0/24 dev veth3"
1540 check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 172.16.104.0/24 dev veth3 scope link"
1541 log_test $? 0 "Append nexthop to existing route - dev only"
1542
1543 add_route "172.16.104.0/24" "via 172.16.101.2"
1544 run_cmd "$IP ro append unreachable 172.16.104.0/24"
1545 check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 unreachable 172.16.104.0/24"
1546 log_test $? 0 "Append nexthop to existing route - reject route"
1547
1548 run_cmd "$IP ro flush 172.16.104.0/24"
1549 run_cmd "$IP ro add unreachable 172.16.104.0/24"
1550 run_cmd "$IP ro append 172.16.104.0/24 via 172.16.103.2"
1551 check_route "unreachable 172.16.104.0/24 172.16.104.0/24 via 172.16.103.2 dev veth3"
1552 log_test $? 0 "Append nexthop to existing reject route - gw"
1553
1554 run_cmd "$IP ro flush 172.16.104.0/24"
1555 run_cmd "$IP ro add unreachable 172.16.104.0/24"
1556 run_cmd "$IP ro append 172.16.104.0/24 dev veth3"
1557 check_route "unreachable 172.16.104.0/24 172.16.104.0/24 dev veth3 scope link"
1558 log_test $? 0 "Append nexthop to existing reject route - dev only"
1559
1560 # insert mpath directly
1561 add_route "172.16.104.0/24" "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1562 check_route "172.16.104.0/24 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
1563 log_test $? 0 "add multipath route"
1564
1565 add_route "172.16.104.0/24" "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1566 run_cmd "$IP ro add 172.16.104.0/24 nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1567 log_test $? 2 "Attempt to add duplicate multipath route"
1568
1569 # insert of a second route without append but different metric
1570 add_route "172.16.104.0/24" "via 172.16.101.2"
1571 run_cmd "$IP ro add 172.16.104.0/24 via 172.16.103.2 metric 512"
1572 rc=$?
1573 if [ $rc -eq 0 ]; then
1574 run_cmd "$IP ro add 172.16.104.0/24 via 172.16.103.3 metric 256"
1575 rc=$?
1576 fi
1577 log_test $rc 0 "Route add with different metrics"
1578
1579 run_cmd "$IP ro del 172.16.104.0/24 metric 512"
1580 rc=$?
1581 if [ $rc -eq 0 ]; then
1582 check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 172.16.104.0/24 via 172.16.103.3 dev veth3 metric 256"
1583 rc=$?
1584 fi
1585 log_test $rc 0 "Route delete with metric"
1586}
1587
1588ipv4_rt_replace_single()
1589{
1590 # single path with single path
1591 #
1592 add_initial_route "via 172.16.101.2"
1593 run_cmd "$IP ro replace 172.16.104.0/24 via 172.16.103.2"
1594 check_route "172.16.104.0/24 via 172.16.103.2 dev veth3"
1595 log_test $? 0 "Single path with single path"
1596
1597 # single path with multipath
1598 #
1599 add_initial_route "nexthop via 172.16.101.2"
1600 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3 nexthop via 172.16.103.2"
1601 check_route "172.16.104.0/24 nexthop via 172.16.101.3 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
1602 log_test $? 0 "Single path with multipath"
1603
1604 # single path with reject
1605 #
1606 add_initial_route "nexthop via 172.16.101.2"
1607 run_cmd "$IP ro replace unreachable 172.16.104.0/24"
1608 check_route "unreachable 172.16.104.0/24"
1609 log_test $? 0 "Single path with reject route"
1610
1611 # single path with single path using MULTIPATH attribute
1612 #
1613 add_initial_route "via 172.16.101.2"
1614 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.103.2"
1615 check_route "172.16.104.0/24 via 172.16.103.2 dev veth3"
1616 log_test $? 0 "Single path with single path via multipath attribute"
1617
1618 # route replace fails - invalid nexthop
1619 add_initial_route "via 172.16.101.2"
1620 run_cmd "$IP ro replace 172.16.104.0/24 via 2001:db8:104::2"
1621 if [ $? -eq 0 ]; then
1622 # previous command is expected to fail so if it returns 0
1623 # that means the test failed.
1624 log_test 0 1 "Invalid nexthop"
1625 else
1626 check_route "172.16.104.0/24 via 172.16.101.2 dev veth1"
1627 log_test $? 0 "Invalid nexthop"
1628 fi
1629
1630 # replace non-existent route
1631 # - note use of change versus replace since ip adds NLM_F_CREATE
1632 # for replace
1633 add_initial_route "via 172.16.101.2"
1634 run_cmd "$IP ro change 172.16.105.0/24 via 172.16.101.2"
1635 log_test $? 2 "Single path - replace of non-existent route"
1636}
1637
1638ipv4_rt_replace_mpath()
1639{
1640 # multipath with multipath
1641 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1642 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3 nexthop via 172.16.103.3"
1643 check_route "172.16.104.0/24 nexthop via 172.16.101.3 dev veth1 weight 1 nexthop via 172.16.103.3 dev veth3 weight 1"
1644 log_test $? 0 "Multipath with multipath"
1645
1646 # multipath with single
1647 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1648 run_cmd "$IP ro replace 172.16.104.0/24 via 172.16.101.3"
1649 check_route "172.16.104.0/24 via 172.16.101.3 dev veth1"
1650 log_test $? 0 "Multipath with single path"
1651
1652 # multipath with single
1653 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1654 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3"
1655 check_route "172.16.104.0/24 via 172.16.101.3 dev veth1"
1656 log_test $? 0 "Multipath with single path via multipath attribute"
1657
1658 # multipath with reject
1659 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1660 run_cmd "$IP ro replace unreachable 172.16.104.0/24"
1661 check_route "unreachable 172.16.104.0/24"
1662 log_test $? 0 "Multipath with reject route"
1663
1664 # route replace fails - invalid nexthop 1
1665 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1666 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.111.3 nexthop via 172.16.103.3"
1667 check_route "172.16.104.0/24 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
1668 log_test $? 0 "Multipath - invalid first nexthop"
1669
1670 # route replace fails - invalid nexthop 2
1671 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1672 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3 nexthop via 172.16.113.3"
1673 check_route "172.16.104.0/24 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
1674 log_test $? 0 "Multipath - invalid second nexthop"
1675
1676 # multipath non-existent route
1677 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1678 run_cmd "$IP ro change 172.16.105.0/24 nexthop via 172.16.101.3 nexthop via 172.16.103.3"
1679 log_test $? 2 "Multipath - replace of non-existent route"
1680}
1681
1682ipv4_rt_replace()
1683{
1684 echo
1685 echo "IPv4 route replace tests"
1686
1687 ipv4_rt_replace_single
1688 ipv4_rt_replace_mpath
1689}
1690
1691# checks that cached input route on VRF port is deleted
1692# when VRF is deleted
1693ipv4_local_rt_cache()
1694{
1695 run_cmd "ip addr add 10.0.0.1/32 dev lo"
1696 run_cmd "setup_ns test-ns"
1697 run_cmd "ip link add veth-outside type veth peer name veth-inside"
1698 run_cmd "ip link add vrf-100 type vrf table 1100"
1699 run_cmd "ip link set veth-outside master vrf-100"
1700 run_cmd "ip link set veth-inside netns $test-ns"
1701 run_cmd "ip link set veth-outside up"
1702 run_cmd "ip link set vrf-100 up"
1703 run_cmd "ip route add 10.1.1.1/32 dev veth-outside table 1100"
1704 run_cmd "ip netns exec $test-ns ip link set veth-inside up"
1705 run_cmd "ip netns exec $test-ns ip addr add 10.1.1.1/32 dev veth-inside"
1706 run_cmd "ip netns exec $test-ns ip route add 10.0.0.1/32 dev veth-inside"
1707 run_cmd "ip netns exec $test-ns ip route add default via 10.0.0.1"
1708 run_cmd "ip netns exec $test-ns ping 10.0.0.1 -c 1 -i 1"
1709 run_cmd "ip link delete vrf-100"
1710
1711 # if we do not hang test is a success
1712 log_test $? 0 "Cached route removed from VRF port device"
1713}
1714
1715ipv4_rt_dsfield()
1716{
1717 echo
1718 echo "IPv4 route with dsfield tests"
1719
1720 run_cmd "$IP route flush 172.16.102.0/24"
1721
1722 # New routes should reject dsfield options that interfere with ECN
1723 run_cmd "$IP route add 172.16.102.0/24 dsfield 0x01 via 172.16.101.2"
1724 log_test $? 2 "Reject route with dsfield 0x01"
1725
1726 run_cmd "$IP route add 172.16.102.0/24 dsfield 0x02 via 172.16.101.2"
1727 log_test $? 2 "Reject route with dsfield 0x02"
1728
1729 run_cmd "$IP route add 172.16.102.0/24 dsfield 0x03 via 172.16.101.2"
1730 log_test $? 2 "Reject route with dsfield 0x03"
1731
1732 # A generic route that doesn't take DSCP into account
1733 run_cmd "$IP route add 172.16.102.0/24 via 172.16.101.2"
1734
1735 # A more specific route for DSCP 0x10
1736 run_cmd "$IP route add 172.16.102.0/24 dsfield 0x10 via 172.16.103.2"
1737
1738 # DSCP 0x10 should match the specific route, no matter the ECN bits
1739 $IP route get fibmatch 172.16.102.1 dsfield 0x10 | \
1740 grep -q "via 172.16.103.2"
1741 log_test $? 0 "IPv4 route with DSCP and ECN:Not-ECT"
1742
1743 $IP route get fibmatch 172.16.102.1 dsfield 0x11 | \
1744 grep -q "via 172.16.103.2"
1745 log_test $? 0 "IPv4 route with DSCP and ECN:ECT(1)"
1746
1747 $IP route get fibmatch 172.16.102.1 dsfield 0x12 | \
1748 grep -q "via 172.16.103.2"
1749 log_test $? 0 "IPv4 route with DSCP and ECN:ECT(0)"
1750
1751 $IP route get fibmatch 172.16.102.1 dsfield 0x13 | \
1752 grep -q "via 172.16.103.2"
1753 log_test $? 0 "IPv4 route with DSCP and ECN:CE"
1754
1755 # Unknown DSCP should match the generic route, no matter the ECN bits
1756 $IP route get fibmatch 172.16.102.1 dsfield 0x14 | \
1757 grep -q "via 172.16.101.2"
1758 log_test $? 0 "IPv4 route with unknown DSCP and ECN:Not-ECT"
1759
1760 $IP route get fibmatch 172.16.102.1 dsfield 0x15 | \
1761 grep -q "via 172.16.101.2"
1762 log_test $? 0 "IPv4 route with unknown DSCP and ECN:ECT(1)"
1763
1764 $IP route get fibmatch 172.16.102.1 dsfield 0x16 | \
1765 grep -q "via 172.16.101.2"
1766 log_test $? 0 "IPv4 route with unknown DSCP and ECN:ECT(0)"
1767
1768 $IP route get fibmatch 172.16.102.1 dsfield 0x17 | \
1769 grep -q "via 172.16.101.2"
1770 log_test $? 0 "IPv4 route with unknown DSCP and ECN:CE"
1771
1772 # Null DSCP should match the generic route, no matter the ECN bits
1773 $IP route get fibmatch 172.16.102.1 dsfield 0x00 | \
1774 grep -q "via 172.16.101.2"
1775 log_test $? 0 "IPv4 route with no DSCP and ECN:Not-ECT"
1776
1777 $IP route get fibmatch 172.16.102.1 dsfield 0x01 | \
1778 grep -q "via 172.16.101.2"
1779 log_test $? 0 "IPv4 route with no DSCP and ECN:ECT(1)"
1780
1781 $IP route get fibmatch 172.16.102.1 dsfield 0x02 | \
1782 grep -q "via 172.16.101.2"
1783 log_test $? 0 "IPv4 route with no DSCP and ECN:ECT(0)"
1784
1785 $IP route get fibmatch 172.16.102.1 dsfield 0x03 | \
1786 grep -q "via 172.16.101.2"
1787 log_test $? 0 "IPv4 route with no DSCP and ECN:CE"
1788}
1789
1790ipv4_route_test()
1791{
1792 route_setup
1793
1794 ipv4_rt_add
1795 ipv4_rt_replace
1796 ipv4_local_rt_cache
1797 ipv4_rt_dsfield
1798
1799 route_cleanup
1800}
1801
1802ipv4_addr_metric_test()
1803{
1804 local rc
1805
1806 echo
1807 echo "IPv4 prefix route tests"
1808
1809 ip_addr_metric_check || return 1
1810
1811 setup
1812
1813 set -e
1814 $IP li add dummy1 type dummy
1815 $IP li add dummy2 type dummy
1816 $IP li set dummy1 up
1817 $IP li set dummy2 up
1818
1819 # default entry is metric 256
1820 run_cmd "$IP addr add dev dummy1 172.16.104.1/24"
1821 run_cmd "$IP addr add dev dummy2 172.16.104.2/24"
1822 set +e
1823
1824 check_route "172.16.104.0/24 dev dummy1 proto kernel scope link src 172.16.104.1 172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2"
1825 log_test $? 0 "Default metric"
1826
1827 set -e
1828 run_cmd "$IP addr flush dev dummy1"
1829 run_cmd "$IP addr add dev dummy1 172.16.104.1/24 metric 257"
1830 set +e
1831
1832 check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 172.16.104.0/24 dev dummy1 proto kernel scope link src 172.16.104.1 metric 257"
1833 log_test $? 0 "User specified metric on first device"
1834
1835 set -e
1836 run_cmd "$IP addr flush dev dummy2"
1837 run_cmd "$IP addr add dev dummy2 172.16.104.2/24 metric 258"
1838 set +e
1839
1840 check_route "172.16.104.0/24 dev dummy1 proto kernel scope link src 172.16.104.1 metric 257 172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 258"
1841 log_test $? 0 "User specified metric on second device"
1842
1843 run_cmd "$IP addr del dev dummy1 172.16.104.1/24 metric 257"
1844 rc=$?
1845 if [ $rc -eq 0 ]; then
1846 check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 258"
1847 rc=$?
1848 fi
1849 log_test $rc 0 "Delete of address on first device"
1850
1851 run_cmd "$IP addr change dev dummy2 172.16.104.2/24 metric 259"
1852 rc=$?
1853 if [ $rc -eq 0 ]; then
1854 check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 259"
1855 rc=$?
1856 fi
1857 log_test $rc 0 "Modify metric of address"
1858
1859 # verify prefix route removed on down
1860 run_cmd "$IP li set dev dummy2 down"
1861 rc=$?
1862 if [ $rc -eq 0 ]; then
1863 out=$($IP ro ls match 172.16.104.0/24)
1864 check_expected "${out}" ""
1865 rc=$?
1866 fi
1867 log_test $rc 0 "Prefix route removed on link down"
1868
1869 # verify prefix route re-inserted with assigned metric
1870 run_cmd "$IP li set dev dummy2 up"
1871 rc=$?
1872 if [ $rc -eq 0 ]; then
1873 check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 259"
1874 rc=$?
1875 fi
1876 log_test $rc 0 "Prefix route with metric on link up"
1877
1878 # explicitly check for metric changes on edge scenarios
1879 run_cmd "$IP addr flush dev dummy2"
1880 run_cmd "$IP addr add dev dummy2 172.16.104.0/24 metric 259"
1881 run_cmd "$IP addr change dev dummy2 172.16.104.0/24 metric 260"
1882 rc=$?
1883 if [ $rc -eq 0 ]; then
1884 check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.0 metric 260"
1885 rc=$?
1886 fi
1887 log_test $rc 0 "Modify metric of .0/24 address"
1888
1889 run_cmd "$IP addr flush dev dummy2"
1890 run_cmd "$IP addr add dev dummy2 172.16.104.1/32 peer 172.16.104.2 metric 260"
1891 rc=$?
1892 if [ $rc -eq 0 ]; then
1893 check_route "172.16.104.2 dev dummy2 proto kernel scope link src 172.16.104.1 metric 260"
1894 rc=$?
1895 fi
1896 log_test $rc 0 "Set metric of address with peer route"
1897
1898 run_cmd "$IP addr change dev dummy2 172.16.104.1/32 peer 172.16.104.3 metric 261"
1899 rc=$?
1900 if [ $rc -eq 0 ]; then
1901 check_route "172.16.104.3 dev dummy2 proto kernel scope link src 172.16.104.1 metric 261"
1902 rc=$?
1903 fi
1904 log_test $rc 0 "Modify metric and peer address for peer route"
1905
1906 $IP li del dummy1
1907 $IP li del dummy2
1908 cleanup
1909}
1910
1911ipv4_route_metrics_test()
1912{
1913 local rc
1914
1915 echo
1916 echo "IPv4 route add / append tests"
1917
1918 route_setup
1919
1920 run_cmd "$IP ro add 172.16.111.0/24 via 172.16.101.2 mtu 1400"
1921 rc=$?
1922 if [ $rc -eq 0 ]; then
1923 check_route "172.16.111.0/24 via 172.16.101.2 dev veth1 mtu 1400"
1924 rc=$?
1925 fi
1926 log_test $rc 0 "Single path route with mtu metric"
1927
1928
1929 run_cmd "$IP ro add 172.16.112.0/24 mtu 1400 nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1930 rc=$?
1931 if [ $rc -eq 0 ]; then
1932 check_route "172.16.112.0/24 mtu 1400 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
1933 rc=$?
1934 fi
1935 log_test $rc 0 "Multipath route with mtu metric"
1936
1937 $IP ro add 172.16.104.0/24 via 172.16.101.2 mtu 1300
1938 run_cmd "ip netns exec $ns1 ping -w1 -c1 -s 1500 172.16.104.1"
1939 log_test $? 0 "Using route with mtu metric"
1940
1941 run_cmd "$IP ro add 172.16.111.0/24 via 172.16.101.2 congctl lock foo"
1942 log_test $? 2 "Invalid metric (fails metric_convert)"
1943
1944 route_cleanup
1945}
1946
1947ipv4_del_addr_test()
1948{
1949 echo
1950 echo "IPv4 delete address route tests"
1951
1952 setup
1953
1954 set -e
1955 $IP li add dummy1 type dummy
1956 $IP li set dummy1 up
1957 $IP li add dummy2 type dummy
1958 $IP li set dummy2 up
1959 $IP li add red type vrf table 1111
1960 $IP li set red up
1961 $IP ro add vrf red unreachable default
1962 $IP li set dummy2 vrf red
1963
1964 $IP addr add dev dummy1 172.16.104.1/24
1965 $IP addr add dev dummy1 172.16.104.11/24
1966 $IP addr add dev dummy1 172.16.104.12/24
1967 $IP addr add dev dummy1 172.16.104.13/24
1968 $IP addr add dev dummy2 172.16.104.1/24
1969 $IP addr add dev dummy2 172.16.104.11/24
1970 $IP addr add dev dummy2 172.16.104.12/24
1971 $IP route add 172.16.105.0/24 via 172.16.104.2 src 172.16.104.11
1972 $IP route add 172.16.106.0/24 dev lo src 172.16.104.12
1973 $IP route add table 0 172.16.107.0/24 via 172.16.104.2 src 172.16.104.13
1974 $IP route add vrf red 172.16.105.0/24 via 172.16.104.2 src 172.16.104.11
1975 $IP route add vrf red 172.16.106.0/24 dev lo src 172.16.104.12
1976 set +e
1977
1978 # removing address from device in vrf should only remove route from vrf table
1979 echo " Regular FIB info"
1980
1981 $IP addr del dev dummy2 172.16.104.11/24
1982 $IP ro ls vrf red | grep -q 172.16.105.0/24
1983 log_test $? 1 "Route removed from VRF when source address deleted"
1984
1985 $IP ro ls | grep -q 172.16.105.0/24
1986 log_test $? 0 "Route in default VRF not removed"
1987
1988 $IP addr add dev dummy2 172.16.104.11/24
1989 $IP route add vrf red 172.16.105.0/24 via 172.16.104.2 src 172.16.104.11
1990
1991 $IP addr del dev dummy1 172.16.104.11/24
1992 $IP ro ls | grep -q 172.16.105.0/24
1993 log_test $? 1 "Route removed in default VRF when source address deleted"
1994
1995 $IP ro ls vrf red | grep -q 172.16.105.0/24
1996 log_test $? 0 "Route in VRF is not removed by address delete"
1997
1998 # removing address from device in vrf should only remove route from vrf
1999 # table even when the associated fib info only differs in table ID
2000 echo " Identical FIB info with different table ID"
2001
2002 $IP addr del dev dummy2 172.16.104.12/24
2003 $IP ro ls vrf red | grep -q 172.16.106.0/24
2004 log_test $? 1 "Route removed from VRF when source address deleted"
2005
2006 $IP ro ls | grep -q 172.16.106.0/24
2007 log_test $? 0 "Route in default VRF not removed"
2008
2009 $IP addr add dev dummy2 172.16.104.12/24
2010 $IP route add vrf red 172.16.106.0/24 dev lo src 172.16.104.12
2011
2012 $IP addr del dev dummy1 172.16.104.12/24
2013 $IP ro ls | grep -q 172.16.106.0/24
2014 log_test $? 1 "Route removed in default VRF when source address deleted"
2015
2016 $IP ro ls vrf red | grep -q 172.16.106.0/24
2017 log_test $? 0 "Route in VRF is not removed by address delete"
2018
2019 # removing address from device in default vrf should remove route from
2020 # the default vrf even when route was inserted with a table ID of 0.
2021 echo " Table ID 0"
2022
2023 $IP addr del dev dummy1 172.16.104.13/24
2024 $IP ro ls | grep -q 172.16.107.0/24
2025 log_test $? 1 "Route removed in default VRF when source address deleted"
2026
2027 $IP li del dummy1
2028 $IP li del dummy2
2029 cleanup
2030}
2031
2032ipv6_del_addr_test()
2033{
2034 echo
2035 echo "IPv6 delete address route tests"
2036
2037 setup
2038
2039 set -e
2040 for i in $(seq 6); do
2041 $IP li add dummy${i} up type dummy
2042 done
2043
2044 $IP li add red up type vrf table 1111
2045 $IP ro add vrf red unreachable default
2046 for i in $(seq 4 6); do
2047 $IP li set dummy${i} vrf red
2048 done
2049
2050 $IP addr add dev dummy1 fe80::1/128
2051 $IP addr add dev dummy1 2001:db8:101::1/64
2052 $IP addr add dev dummy1 2001:db8:101::10/64
2053 $IP addr add dev dummy1 2001:db8:101::11/64
2054 $IP addr add dev dummy1 2001:db8:101::12/64
2055 $IP addr add dev dummy1 2001:db8:101::13/64
2056 $IP addr add dev dummy1 2001:db8:101::14/64
2057 $IP addr add dev dummy1 2001:db8:101::15/64
2058 $IP addr add dev dummy2 fe80::1/128
2059 $IP addr add dev dummy2 2001:db8:101::1/64
2060 $IP addr add dev dummy2 2001:db8:101::11/64
2061 $IP addr add dev dummy3 fe80::1/128
2062
2063 $IP addr add dev dummy4 2001:db8:101::1/64
2064 $IP addr add dev dummy4 2001:db8:101::10/64
2065 $IP addr add dev dummy4 2001:db8:101::11/64
2066 $IP addr add dev dummy4 2001:db8:101::12/64
2067 $IP addr add dev dummy4 2001:db8:101::13/64
2068 $IP addr add dev dummy4 2001:db8:101::14/64
2069 $IP addr add dev dummy5 2001:db8:101::1/64
2070 $IP addr add dev dummy5 2001:db8:101::11/64
2071
2072 # Single device using src address
2073 $IP route add 2001:db8:110::/64 dev dummy3 src 2001:db8:101::10
2074 # Two devices with the same source address
2075 $IP route add 2001:db8:111::/64 dev dummy3 src 2001:db8:101::11
2076 # VRF with single device using src address
2077 $IP route add vrf red 2001:db8:110::/64 dev dummy6 src 2001:db8:101::10
2078 # VRF with two devices using src address
2079 $IP route add vrf red 2001:db8:111::/64 dev dummy6 src 2001:db8:101::11
2080 # src address and nexthop dev in same VRF
2081 $IP route add 2001:db8:112::/64 dev dummy3 src 2001:db8:101::12
2082 $IP route add vrf red 2001:db8:112::/64 dev dummy6 src 2001:db8:101::12
2083 # src address and nexthop device in different VRF
2084 $IP route add 2001:db8:113::/64 dev lo src 2001:db8:101::13
2085 $IP route add vrf red 2001:db8:113::/64 dev lo src 2001:db8:101::13
2086 # table ID 0
2087 $IP route add table 0 2001:db8:115::/64 via 2001:db8:101::2 src 2001:db8:101::15
2088 # Link local source route
2089 $IP route add 2001:db8:116::/64 dev dummy2 src fe80::1
2090 $IP route add 2001:db8:117::/64 dev dummy3 src fe80::1
2091 set +e
2092
2093 echo " Single device using src address"
2094
2095 $IP addr del dev dummy1 2001:db8:101::10/64
2096 $IP -6 route show | grep -q "src 2001:db8:101::10 "
2097 log_test $? 1 "Prefsrc removed when src address removed on other device"
2098
2099 echo " Two devices with the same source address"
2100
2101 $IP addr del dev dummy1 2001:db8:101::11/64
2102 $IP -6 route show | grep -q "src 2001:db8:101::11 "
2103 log_test $? 0 "Prefsrc not removed when src address exist on other device"
2104
2105 $IP addr del dev dummy2 2001:db8:101::11/64
2106 $IP -6 route show | grep -q "src 2001:db8:101::11 "
2107 log_test $? 1 "Prefsrc removed when src address removed on all devices"
2108
2109 echo " VRF with single device using src address"
2110
2111 $IP addr del dev dummy4 2001:db8:101::10/64
2112 $IP -6 route show vrf red | grep -q "src 2001:db8:101::10 "
2113 log_test $? 1 "Prefsrc removed when src address removed on other device"
2114
2115 echo " VRF with two devices using src address"
2116
2117 $IP addr del dev dummy4 2001:db8:101::11/64
2118 $IP -6 route show vrf red | grep -q "src 2001:db8:101::11 "
2119 log_test $? 0 "Prefsrc not removed when src address exist on other device"
2120
2121 $IP addr del dev dummy5 2001:db8:101::11/64
2122 $IP -6 route show vrf red | grep -q "src 2001:db8:101::11 "
2123 log_test $? 1 "Prefsrc removed when src address removed on all devices"
2124
2125 echo " src address and nexthop dev in same VRF"
2126
2127 $IP addr del dev dummy4 2001:db8:101::12/64
2128 $IP -6 route show vrf red | grep -q "src 2001:db8:101::12 "
2129 log_test $? 1 "Prefsrc removed from VRF when source address deleted"
2130 $IP -6 route show | grep -q " src 2001:db8:101::12 "
2131 log_test $? 0 "Prefsrc in default VRF not removed"
2132
2133 $IP addr add dev dummy4 2001:db8:101::12/64
2134 $IP route replace vrf red 2001:db8:112::/64 dev dummy6 src 2001:db8:101::12
2135 $IP addr del dev dummy1 2001:db8:101::12/64
2136 $IP -6 route show vrf red | grep -q "src 2001:db8:101::12 "
2137 log_test $? 0 "Prefsrc not removed from VRF when source address exist"
2138 $IP -6 route show | grep -q " src 2001:db8:101::12 "
2139 log_test $? 1 "Prefsrc in default VRF removed"
2140
2141 echo " src address and nexthop device in different VRF"
2142
2143 $IP addr del dev dummy4 2001:db8:101::13/64
2144 $IP -6 route show vrf red | grep -q "src 2001:db8:101::13 "
2145 log_test $? 0 "Prefsrc not removed from VRF when nexthop dev in diff VRF"
2146 $IP -6 route show | grep -q "src 2001:db8:101::13 "
2147 log_test $? 0 "Prefsrc not removed in default VRF"
2148
2149 $IP addr add dev dummy4 2001:db8:101::13/64
2150 $IP addr del dev dummy1 2001:db8:101::13/64
2151 $IP -6 route show vrf red | grep -q "src 2001:db8:101::13 "
2152 log_test $? 1 "Prefsrc removed from VRF when nexthop dev in diff VRF"
2153 $IP -6 route show | grep -q "src 2001:db8:101::13 "
2154 log_test $? 1 "Prefsrc removed in default VRF"
2155
2156 echo " Table ID 0"
2157
2158 $IP addr del dev dummy1 2001:db8:101::15/64
2159 $IP -6 route show | grep -q "src 2001:db8:101::15"
2160 log_test $? 1 "Prefsrc removed from default VRF when source address deleted"
2161
2162 echo " Link local source route"
2163 $IP addr del dev dummy1 fe80::1/128
2164 $IP -6 route show | grep -q "2001:db8:116::/64 dev dummy2 src fe80::1"
2165 log_test $? 0 "Prefsrc not removed when delete ll addr from other dev"
2166 $IP addr del dev dummy2 fe80::1/128
2167 $IP -6 route show | grep -q "2001:db8:116::/64 dev dummy2 src fe80::1"
2168 log_test $? 1 "Prefsrc removed when delete ll addr"
2169 $IP -6 route show | grep -q "2001:db8:117::/64 dev dummy3 src fe80::1"
2170 log_test $? 0 "Prefsrc not removed when delete ll addr from other dev"
2171 $IP addr add dev dummy1 fe80::1/128
2172 $IP addr del dev dummy3 fe80::1/128
2173 $IP -6 route show | grep -q "2001:db8:117::/64 dev dummy3 src fe80::1"
2174 log_test $? 1 "Prefsrc removed even ll addr still exist on other dev"
2175
2176 for i in $(seq 6); do
2177 $IP li del dummy${i}
2178 done
2179 cleanup
2180}
2181
2182ipv4_route_v6_gw_test()
2183{
2184 local rc
2185
2186 echo
2187 echo "IPv4 route with IPv6 gateway tests"
2188
2189 route_setup
2190 sleep 2
2191
2192 #
2193 # single path route
2194 #
2195 run_cmd "$IP ro add 172.16.104.0/24 via inet6 2001:db8:101::2"
2196 rc=$?
2197 log_test $rc 0 "Single path route with IPv6 gateway"
2198 if [ $rc -eq 0 ]; then
2199 check_route "172.16.104.0/24 via inet6 2001:db8:101::2 dev veth1"
2200 fi
2201
2202 run_cmd "ip netns exec $ns1 ping -w1 -c1 172.16.104.1"
2203 log_test $rc 0 "Single path route with IPv6 gateway - ping"
2204
2205 run_cmd "$IP ro del 172.16.104.0/24 via inet6 2001:db8:101::2"
2206 rc=$?
2207 log_test $rc 0 "Single path route delete"
2208 if [ $rc -eq 0 ]; then
2209 check_route "172.16.112.0/24"
2210 fi
2211
2212 #
2213 # multipath - v6 then v4
2214 #
2215 run_cmd "$IP ro add 172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 nexthop via 172.16.103.2 dev veth3"
2216 rc=$?
2217 log_test $rc 0 "Multipath route add - v6 nexthop then v4"
2218 if [ $rc -eq 0 ]; then
2219 check_route "172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
2220 fi
2221
2222 run_cmd "$IP ro del 172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 nexthop via inet6 2001:db8:101::2 dev veth1"
2223 log_test $? 2 " Multipath route delete - nexthops in wrong order"
2224
2225 run_cmd "$IP ro del 172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 nexthop via 172.16.103.2 dev veth3"
2226 log_test $? 0 " Multipath route delete exact match"
2227
2228 #
2229 # multipath - v4 then v6
2230 #
2231 run_cmd "$IP ro add 172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 nexthop via inet6 2001:db8:101::2 dev veth1"
2232 rc=$?
2233 log_test $rc 0 "Multipath route add - v4 nexthop then v6"
2234 if [ $rc -eq 0 ]; then
2235 check_route "172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 weight 1 nexthop via inet6 2001:db8:101::2 dev veth1 weight 1"
2236 fi
2237
2238 run_cmd "$IP ro del 172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 nexthop via 172.16.103.2 dev veth3"
2239 log_test $? 2 " Multipath route delete - nexthops in wrong order"
2240
2241 run_cmd "$IP ro del 172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 nexthop via inet6 2001:db8:101::2 dev veth1"
2242 log_test $? 0 " Multipath route delete exact match"
2243
2244 route_cleanup
2245}
2246
2247socat_check()
2248{
2249 if [ ! -x "$(command -v socat)" ]; then
2250 echo "socat command not found. Skipping test"
2251 return 1
2252 fi
2253
2254 return 0
2255}
2256
2257iptables_check()
2258{
2259 iptables -t mangle -L OUTPUT &> /dev/null
2260 if [ $? -ne 0 ]; then
2261 echo "iptables configuration not supported. Skipping test"
2262 return 1
2263 fi
2264
2265 return 0
2266}
2267
2268ip6tables_check()
2269{
2270 ip6tables -t mangle -L OUTPUT &> /dev/null
2271 if [ $? -ne 0 ]; then
2272 echo "ip6tables configuration not supported. Skipping test"
2273 return 1
2274 fi
2275
2276 return 0
2277}
2278
2279ipv4_mangle_test()
2280{
2281 local rc
2282
2283 echo
2284 echo "IPv4 mangling tests"
2285
2286 socat_check || return 1
2287 iptables_check || return 1
2288
2289 route_setup
2290 sleep 2
2291
2292 local tmp_file=$(mktemp)
2293 ip netns exec $ns2 socat UDP4-LISTEN:54321,fork $tmp_file &
2294
2295 # Add a FIB rule and a route that will direct our connection to the
2296 # listening server.
2297 $IP rule add pref 100 ipproto udp sport 12345 dport 54321 table 123
2298 $IP route add table 123 172.16.101.0/24 dev veth1
2299
2300 # Add an unreachable route to the main table that will block our
2301 # connection in case the FIB rule is not hit.
2302 $IP route add unreachable 172.16.101.2/32
2303
2304 run_cmd "echo a | $NS_EXEC socat STDIN UDP4:172.16.101.2:54321,sourceport=12345"
2305 log_test $? 0 " Connection with correct parameters"
2306
2307 run_cmd "echo a | $NS_EXEC socat STDIN UDP4:172.16.101.2:54321,sourceport=11111"
2308 log_test $? 1 " Connection with incorrect parameters"
2309
2310 # Add a mangling rule and make sure connection is still successful.
2311 $NS_EXEC iptables -t mangle -A OUTPUT -j MARK --set-mark 1
2312
2313 run_cmd "echo a | $NS_EXEC socat STDIN UDP4:172.16.101.2:54321,sourceport=12345"
2314 log_test $? 0 " Connection with correct parameters - mangling"
2315
2316 # Delete the mangling rule and make sure connection is still
2317 # successful.
2318 $NS_EXEC iptables -t mangle -D OUTPUT -j MARK --set-mark 1
2319
2320 run_cmd "echo a | $NS_EXEC socat STDIN UDP4:172.16.101.2:54321,sourceport=12345"
2321 log_test $? 0 " Connection with correct parameters - no mangling"
2322
2323 # Verify connections were indeed successful on server side.
2324 [[ $(cat $tmp_file | wc -l) -eq 3 ]]
2325 log_test $? 0 " Connection check - server side"
2326
2327 $IP route del unreachable 172.16.101.2/32
2328 $IP route del table 123 172.16.101.0/24 dev veth1
2329 $IP rule del pref 100
2330
2331 { kill %% && wait %%; } 2>/dev/null
2332 rm $tmp_file
2333
2334 route_cleanup
2335}
2336
2337ipv6_mangle_test()
2338{
2339 local rc
2340
2341 echo
2342 echo "IPv6 mangling tests"
2343
2344 socat_check || return 1
2345 ip6tables_check || return 1
2346
2347 route_setup
2348 sleep 2
2349
2350 local tmp_file=$(mktemp)
2351 ip netns exec $ns2 socat UDP6-LISTEN:54321,fork $tmp_file &
2352
2353 # Add a FIB rule and a route that will direct our connection to the
2354 # listening server.
2355 $IP -6 rule add pref 100 ipproto udp sport 12345 dport 54321 table 123
2356 $IP -6 route add table 123 2001:db8:101::/64 dev veth1
2357
2358 # Add an unreachable route to the main table that will block our
2359 # connection in case the FIB rule is not hit.
2360 $IP -6 route add unreachable 2001:db8:101::2/128
2361
2362 run_cmd "echo a | $NS_EXEC socat STDIN UDP6:[2001:db8:101::2]:54321,sourceport=12345"
2363 log_test $? 0 " Connection with correct parameters"
2364
2365 run_cmd "echo a | $NS_EXEC socat STDIN UDP6:[2001:db8:101::2]:54321,sourceport=11111"
2366 log_test $? 1 " Connection with incorrect parameters"
2367
2368 # Add a mangling rule and make sure connection is still successful.
2369 $NS_EXEC ip6tables -t mangle -A OUTPUT -j MARK --set-mark 1
2370
2371 run_cmd "echo a | $NS_EXEC socat STDIN UDP6:[2001:db8:101::2]:54321,sourceport=12345"
2372 log_test $? 0 " Connection with correct parameters - mangling"
2373
2374 # Delete the mangling rule and make sure connection is still
2375 # successful.
2376 $NS_EXEC ip6tables -t mangle -D OUTPUT -j MARK --set-mark 1
2377
2378 run_cmd "echo a | $NS_EXEC socat STDIN UDP6:[2001:db8:101::2]:54321,sourceport=12345"
2379 log_test $? 0 " Connection with correct parameters - no mangling"
2380
2381 # Verify connections were indeed successful on server side.
2382 [[ $(cat $tmp_file | wc -l) -eq 3 ]]
2383 log_test $? 0 " Connection check - server side"
2384
2385 $IP -6 route del unreachable 2001:db8:101::2/128
2386 $IP -6 route del table 123 2001:db8:101::/64 dev veth1
2387 $IP -6 rule del pref 100
2388
2389 { kill %% && wait %%; } 2>/dev/null
2390 rm $tmp_file
2391
2392 route_cleanup
2393}
2394
2395ip_neigh_get_check()
2396{
2397 ip neigh help 2>&1 | grep -q 'ip neigh get'
2398 if [ $? -ne 0 ]; then
2399 echo "iproute2 command does not support neigh get. Skipping test"
2400 return 1
2401 fi
2402
2403 return 0
2404}
2405
2406ipv4_bcast_neigh_test()
2407{
2408 local rc
2409
2410 echo
2411 echo "IPv4 broadcast neighbour tests"
2412
2413 ip_neigh_get_check || return 1
2414
2415 setup
2416
2417 set -e
2418 run_cmd "$IP neigh add 192.0.2.111 lladdr 00:11:22:33:44:55 nud perm dev dummy0"
2419 run_cmd "$IP neigh add 192.0.2.255 lladdr 00:11:22:33:44:55 nud perm dev dummy0"
2420
2421 run_cmd "$IP neigh get 192.0.2.111 dev dummy0"
2422 run_cmd "$IP neigh get 192.0.2.255 dev dummy0"
2423
2424 run_cmd "$IP address add 192.0.2.1/24 broadcast 192.0.2.111 dev dummy0"
2425
2426 run_cmd "$IP neigh add 203.0.113.111 nud failed dev dummy0"
2427 run_cmd "$IP neigh add 203.0.113.255 nud failed dev dummy0"
2428
2429 run_cmd "$IP neigh get 203.0.113.111 dev dummy0"
2430 run_cmd "$IP neigh get 203.0.113.255 dev dummy0"
2431
2432 run_cmd "$IP address add 203.0.113.1/24 broadcast 203.0.113.111 dev dummy0"
2433 set +e
2434
2435 run_cmd "$IP neigh get 192.0.2.111 dev dummy0"
2436 log_test $? 0 "Resolved neighbour for broadcast address"
2437
2438 run_cmd "$IP neigh get 192.0.2.255 dev dummy0"
2439 log_test $? 0 "Resolved neighbour for network broadcast address"
2440
2441 run_cmd "$IP neigh get 203.0.113.111 dev dummy0"
2442 log_test $? 2 "Unresolved neighbour for broadcast address"
2443
2444 run_cmd "$IP neigh get 203.0.113.255 dev dummy0"
2445 log_test $? 2 "Unresolved neighbour for network broadcast address"
2446
2447 cleanup
2448}
2449
2450mpath_dep_check()
2451{
2452 if [ ! -x "$(command -v mausezahn)" ]; then
2453 echo "mausezahn command not found. Skipping test"
2454 return 1
2455 fi
2456
2457 if [ ! -x "$(command -v jq)" ]; then
2458 echo "jq command not found. Skipping test"
2459 return 1
2460 fi
2461
2462 if [ ! -x "$(command -v bc)" ]; then
2463 echo "bc command not found. Skipping test"
2464 return 1
2465 fi
2466
2467 if [ ! -x "$(command -v perf)" ]; then
2468 echo "perf command not found. Skipping test"
2469 return 1
2470 fi
2471
2472 perf list fib:* | grep -q fib_table_lookup
2473 if [ $? -ne 0 ]; then
2474 echo "IPv4 FIB tracepoint not found. Skipping test"
2475 return 1
2476 fi
2477
2478 perf list fib6:* | grep -q fib6_table_lookup
2479 if [ $? -ne 0 ]; then
2480 echo "IPv6 FIB tracepoint not found. Skipping test"
2481 return 1
2482 fi
2483
2484 return 0
2485}
2486
2487link_stats_get()
2488{
2489 local ns=$1; shift
2490 local dev=$1; shift
2491 local dir=$1; shift
2492 local stat=$1; shift
2493
2494 ip -n $ns -j -s link show dev $dev \
2495 | jq '.[]["stats64"]["'$dir'"]["'$stat'"]'
2496}
2497
2498list_rcv_eval()
2499{
2500 local file=$1; shift
2501 local expected=$1; shift
2502
2503 local count=$(tail -n 1 $file | jq '.["counter-value"] | tonumber | floor')
2504 local ratio=$(echo "scale=2; $count / $expected" | bc -l)
2505 local res=$(echo "$ratio >= 0.95" | bc)
2506 [[ $res -eq 1 ]]
2507 log_test $? 0 "Multipath route hit ratio ($ratio)"
2508}
2509
2510ipv4_mpath_list_test()
2511{
2512 echo
2513 echo "IPv4 multipath list receive tests"
2514
2515 mpath_dep_check || return 1
2516
2517 route_setup
2518
2519 set -e
2520 run_cmd "ip netns exec $ns1 ethtool -K veth1 tcp-segmentation-offload off"
2521
2522 run_cmd "ip netns exec $ns2 bash -c \"echo 20000 > /sys/class/net/veth2/gro_flush_timeout\""
2523 run_cmd "ip netns exec $ns2 bash -c \"echo 1 > /sys/class/net/veth2/napi_defer_hard_irqs\""
2524 run_cmd "ip netns exec $ns2 ethtool -K veth2 generic-receive-offload on"
2525 run_cmd "ip -n $ns2 link add name nh1 up type dummy"
2526 run_cmd "ip -n $ns2 link add name nh2 up type dummy"
2527 run_cmd "ip -n $ns2 address add 172.16.201.1/24 dev nh1"
2528 run_cmd "ip -n $ns2 address add 172.16.202.1/24 dev nh2"
2529 run_cmd "ip -n $ns2 neigh add 172.16.201.2 lladdr 00:11:22:33:44:55 nud perm dev nh1"
2530 run_cmd "ip -n $ns2 neigh add 172.16.202.2 lladdr 00:aa:bb:cc:dd:ee nud perm dev nh2"
2531 run_cmd "ip -n $ns2 route add 203.0.113.0/24
2532 nexthop via 172.16.201.2 nexthop via 172.16.202.2"
2533 run_cmd "ip netns exec $ns2 sysctl -qw net.ipv4.fib_multipath_hash_policy=1"
2534 run_cmd "ip netns exec $ns2 sysctl -qw net.ipv4.conf.veth2.rp_filter=0"
2535 run_cmd "ip netns exec $ns2 sysctl -qw net.ipv4.conf.all.rp_filter=0"
2536 run_cmd "ip netns exec $ns2 sysctl -qw net.ipv4.conf.default.rp_filter=0"
2537 set +e
2538
2539 local dmac=$(ip -n $ns2 -j link show dev veth2 | jq -r '.[]["address"]')
2540 local tmp_file=$(mktemp)
2541 local cmd="ip netns exec $ns1 mausezahn veth1 -a own -b $dmac
2542 -A 172.16.101.1 -B 203.0.113.1 -t udp 'sp=12345,dp=0-65535' -q"
2543
2544 # Packets forwarded in a list using a multipath route must not reuse a
2545 # cached result so that a flow always hits the same nexthop. In other
2546 # words, the FIB lookup tracepoint needs to be triggered for every
2547 # packet.
2548 local t0_rx_pkts=$(link_stats_get $ns2 veth2 rx packets)
2549 run_cmd "perf stat -a -e fib:fib_table_lookup --filter 'err == 0' -j -o $tmp_file -- $cmd"
2550 local t1_rx_pkts=$(link_stats_get $ns2 veth2 rx packets)
2551 local diff=$(echo $t1_rx_pkts - $t0_rx_pkts | bc -l)
2552 list_rcv_eval $tmp_file $diff
2553
2554 rm $tmp_file
2555 route_cleanup
2556}
2557
2558ipv6_mpath_list_test()
2559{
2560 echo
2561 echo "IPv6 multipath list receive tests"
2562
2563 mpath_dep_check || return 1
2564
2565 route_setup
2566
2567 set -e
2568 run_cmd "ip netns exec $ns1 ethtool -K veth1 tcp-segmentation-offload off"
2569
2570 run_cmd "ip netns exec $ns2 bash -c \"echo 20000 > /sys/class/net/veth2/gro_flush_timeout\""
2571 run_cmd "ip netns exec $ns2 bash -c \"echo 1 > /sys/class/net/veth2/napi_defer_hard_irqs\""
2572 run_cmd "ip netns exec $ns2 ethtool -K veth2 generic-receive-offload on"
2573 run_cmd "ip -n $ns2 link add name nh1 up type dummy"
2574 run_cmd "ip -n $ns2 link add name nh2 up type dummy"
2575 run_cmd "ip -n $ns2 -6 address add 2001:db8:201::1/64 dev nh1"
2576 run_cmd "ip -n $ns2 -6 address add 2001:db8:202::1/64 dev nh2"
2577 run_cmd "ip -n $ns2 -6 neigh add 2001:db8:201::2 lladdr 00:11:22:33:44:55 nud perm dev nh1"
2578 run_cmd "ip -n $ns2 -6 neigh add 2001:db8:202::2 lladdr 00:aa:bb:cc:dd:ee nud perm dev nh2"
2579 run_cmd "ip -n $ns2 -6 route add 2001:db8:301::/64
2580 nexthop via 2001:db8:201::2 nexthop via 2001:db8:202::2"
2581 run_cmd "ip netns exec $ns2 sysctl -qw net.ipv6.fib_multipath_hash_policy=1"
2582 set +e
2583
2584 local dmac=$(ip -n $ns2 -j link show dev veth2 | jq -r '.[]["address"]')
2585 local tmp_file=$(mktemp)
2586 local cmd="ip netns exec $ns1 mausezahn -6 veth1 -a own -b $dmac
2587 -A 2001:db8:101::1 -B 2001:db8:301::1 -t udp 'sp=12345,dp=0-65535' -q"
2588
2589 # Packets forwarded in a list using a multipath route must not reuse a
2590 # cached result so that a flow always hits the same nexthop. In other
2591 # words, the FIB lookup tracepoint needs to be triggered for every
2592 # packet.
2593 local t0_rx_pkts=$(link_stats_get $ns2 veth2 rx packets)
2594 run_cmd "perf stat -a -e fib6:fib6_table_lookup --filter 'err == 0' -j -o $tmp_file -- $cmd"
2595 local t1_rx_pkts=$(link_stats_get $ns2 veth2 rx packets)
2596 local diff=$(echo $t1_rx_pkts - $t0_rx_pkts | bc -l)
2597 list_rcv_eval $tmp_file $diff
2598
2599 rm $tmp_file
2600 route_cleanup
2601}
2602
2603################################################################################
2604# usage
2605
2606usage()
2607{
2608 cat <<EOF
2609usage: ${0##*/} OPTS
2610
2611 -t <test> Test(s) to run (default: all)
2612 (options: $TESTS)
2613 -p Pause on fail
2614 -P Pause after each test before cleanup
2615 -v verbose mode (show commands and output)
2616EOF
2617}
2618
2619################################################################################
2620# main
2621
2622trap cleanup EXIT
2623
2624while getopts :t:pPhv o
2625do
2626 case $o in
2627 t) TESTS=$OPTARG;;
2628 p) PAUSE_ON_FAIL=yes;;
2629 P) PAUSE=yes;;
2630 v) VERBOSE=$(($VERBOSE + 1));;
2631 h) usage; exit 0;;
2632 *) usage; exit 1;;
2633 esac
2634done
2635
2636PEER_CMD="ip netns exec ${PEER_NS}"
2637
2638# make sure we don't pause twice
2639[ "${PAUSE}" = "yes" ] && PAUSE_ON_FAIL=no
2640
2641if [ "$(id -u)" -ne 0 ];then
2642 echo "SKIP: Need root privileges"
2643 exit $ksft_skip;
2644fi
2645
2646if [ ! -x "$(command -v ip)" ]; then
2647 echo "SKIP: Could not run test without ip tool"
2648 exit $ksft_skip
2649fi
2650
2651ip route help 2>&1 | grep -q fibmatch
2652if [ $? -ne 0 ]; then
2653 echo "SKIP: iproute2 too old, missing fibmatch"
2654 exit $ksft_skip
2655fi
2656
2657# start clean
2658cleanup &> /dev/null
2659
2660for t in $TESTS
2661do
2662 case $t in
2663 fib_unreg_test|unregister) fib_unreg_test;;
2664 fib_down_test|down) fib_down_test;;
2665 fib_carrier_test|carrier) fib_carrier_test;;
2666 fib_rp_filter_test|rp_filter) fib_rp_filter_test;;
2667 fib_nexthop_test|nexthop) fib_nexthop_test;;
2668 fib_notify_test|ipv4_notify) fib_notify_test;;
2669 fib6_notify_test|ipv6_notify) fib6_notify_test;;
2670 fib_suppress_test|suppress) fib_suppress_test;;
2671 ipv6_route_test|ipv6_rt) ipv6_route_test;;
2672 ipv4_route_test|ipv4_rt) ipv4_route_test;;
2673 ipv6_addr_metric) ipv6_addr_metric_test;;
2674 ipv4_addr_metric) ipv4_addr_metric_test;;
2675 ipv4_del_addr) ipv4_del_addr_test;;
2676 ipv6_del_addr) ipv6_del_addr_test;;
2677 ipv6_route_metrics) ipv6_route_metrics_test;;
2678 ipv4_route_metrics) ipv4_route_metrics_test;;
2679 ipv4_route_v6_gw) ipv4_route_v6_gw_test;;
2680 ipv4_mangle) ipv4_mangle_test;;
2681 ipv6_mangle) ipv6_mangle_test;;
2682 ipv4_bcast_neigh) ipv4_bcast_neigh_test;;
2683 fib6_gc_test|ipv6_gc) fib6_gc_test;;
2684 ipv4_mpath_list) ipv4_mpath_list_test;;
2685 ipv6_mpath_list) ipv6_mpath_list_test;;
2686
2687 help) echo "Test names: $TESTS"; exit 0;;
2688 esac
2689done
2690
2691if [ "$TESTS" != "none" ]; then
2692 printf "\nTests passed: %3d\n" ${nsuccess}
2693 printf "Tests failed: %3d\n" ${nfail}
2694fi
2695
2696exit $ret