1#!/bin/bash
  2# SPDX-License-Identifier: GPL-2.0
  3
  4# This test is for checking VXLAN underlay in a non-default VRF.
  5#
  6# It simulates two hypervisors running a VM each using four network namespaces:
  7# two for the HVs, two for the VMs.
  8# A small VXLAN tunnel is made between the two hypervisors to have the two vms
  9# in the same virtual L2:
 10#
 11# +-------------------+                                    +-------------------+
 12# |                   |                                    |                   |
 13# |    vm-1 netns     |                                    |    vm-2 netns     |
 14# |                   |                                    |                   |
 15# |  +-------------+  |                                    |  +-------------+  |
 16# |  |   veth-hv   |  |                                    |  |   veth-hv   |  |
 17# |  | 10.0.0.1/24 |  |                                    |  | 10.0.0.2/24 |  |
 18# |  +-------------+  |                                    |  +-------------+  |
 19# |        .          |                                    |         .         |
 20# +-------------------+                                    +-------------------+
 21#          .                                                         .
 22#          .                                                         .
 23#          .                                                         .
 24# +-----------------------------------+   +------------------------------------+
 25# |        .                          |   |                          .         |
 26# |  +----------+                     |   |                     +----------+   |
 27# |  | veth-tap |                     |   |                     | veth-tap |   |
 28# |  +----+-----+                     |   |                     +----+-----+   |
 29# |       |                           |   |                          |         |
 30# |    +--+--+      +--------------+  |   |  +--------------+     +--+--+      |
 31# |    | br0 |      | vrf-underlay |  |   |  | vrf-underlay |     | br0 |      |
 32# |    +--+--+      +-------+------+  |   |  +------+-------+     +--+--+      |
 33# |       |                 |         |   |         |                |         |
 34# |   +---+----+    +-------+-------+ |   | +-------+-------+    +---+----+    |
 35# |   | vxlan0 |....|     veth0     |.|...|.|     veth0     |....| vxlan0 |    |
 36# |   +--------+    | 172.16.0.1/24 | |   | | 172.16.0.2/24 |    +--------+    |
 37# |                 +---------------+ |   | +---------------+                  |
 38# |                                   |   |                                    |
 39# |             hv-1 netns            |   |           hv-2 netns               |
 40# |                                   |   |                                    |
 41# +-----------------------------------+   +------------------------------------+
 42#
 43# This tests both the connectivity between vm-1 and vm-2, and that the underlay
 44# can be moved in and out of the vrf by unsetting and setting veth0's master.
 45
 46source lib.sh
 47set -e
 48
 49cleanup() {
 50    ip link del veth-hv-1 2>/dev/null || true
 51    ip link del veth-tap 2>/dev/null || true
 52
 53    cleanup_ns $hv_1 $hv_2 $vm_1 $vm_2
 54}
 55
 56# Clean start
 57cleanup &> /dev/null
 58
 59[[ $1 == "clean" ]] && exit 0
 60
 61trap cleanup EXIT
 62setup_ns hv_1 hv_2 vm_1 vm_2
 63hv[1]=$hv_1
 64hv[2]=$hv_2
 65vm[1]=$vm_1
 66vm[2]=$vm_2
 67
 68# Setup "Hypervisors" simulated with netns
 69ip link add veth-hv-1 type veth peer name veth-hv-2
 70setup-hv-networking() {
 71    id=$1
 72
 73    ip link set veth-hv-$id netns ${hv[$id]}
 74    ip -netns ${hv[$id]} link set veth-hv-$id name veth0
 75
 76    ip -netns ${hv[$id]} link add vrf-underlay type vrf table 1
 77    ip -netns ${hv[$id]} link set vrf-underlay up
 78    ip -netns ${hv[$id]} addr add 172.16.0.$id/24 dev veth0
 79    ip -netns ${hv[$id]} link set veth0 up
 80
 81    ip -netns ${hv[$id]} link add br0 type bridge
 82    ip -netns ${hv[$id]} link set br0 up
 83
 84    ip -netns ${hv[$id]} link add vxlan0 type vxlan id 10 local 172.16.0.$id dev veth0 dstport 4789
 85    ip -netns ${hv[$id]} link set vxlan0 master br0
 86    ip -netns ${hv[$id]} link set vxlan0 up
 87}
 88setup-hv-networking 1
 89setup-hv-networking 2
 90
 91# Check connectivity between HVs by pinging hv-2 from hv-1
 92echo -n "Checking HV connectivity                                           "
 93ip netns exec $hv_1 ping -c 1 -W 1 172.16.0.2 &> /dev/null || (echo "[FAIL]"; false)
 94echo "[ OK ]"
 95
 96# Setups a "VM" simulated by a netns an a veth pair
 97setup-vm() {
 98    id=$1
 99
100    ip link add veth-tap type veth peer name veth-hv
101
102    ip link set veth-tap netns ${hv[$id]}
103    ip -netns ${hv[$id]} link set veth-tap master br0
104    ip -netns ${hv[$id]} link set veth-tap up
105
106    ip link set veth-hv address 02:1d:8d:dd:0c:6$id
107
108    ip link set veth-hv netns ${vm[$id]}
109    ip -netns ${vm[$id]} addr add 10.0.0.$id/24 dev veth-hv
110    ip -netns ${vm[$id]} link set veth-hv up
111}
112setup-vm 1
113setup-vm 2
114
115# Setup VTEP routes to make ARP work
116bridge -netns $hv_1 fdb add 00:00:00:00:00:00 dev vxlan0 dst 172.16.0.2 self permanent
117bridge -netns $hv_2 fdb add 00:00:00:00:00:00 dev vxlan0 dst 172.16.0.1 self permanent
118
119echo -n "Check VM connectivity through VXLAN (underlay in the default VRF)  "
120ip netns exec $vm_1 ping -c 1 -W 1 10.0.0.2 &> /dev/null || (echo "[FAIL]"; false)
121echo "[ OK ]"
122
123# Move the underlay to a non-default VRF
124ip -netns $hv_1 link set veth0 vrf vrf-underlay
125ip -netns $hv_1 link set vxlan0 down
126ip -netns $hv_1 link set vxlan0 up
127ip -netns $hv_2 link set veth0 vrf vrf-underlay
128ip -netns $hv_2 link set vxlan0 down
129ip -netns $hv_2 link set vxlan0 up
130
131echo -n "Check VM connectivity through VXLAN (underlay in a VRF)            "
132ip netns exec $vm_1 ping -c 1 -W 1 10.0.0.2 &> /dev/null || (echo "[FAIL]"; false)
133echo "[ OK ]"