Loading...
1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0
3
4# End-to-end eBPF tunnel test suite
5# The script tests BPF network tunnel implementation.
6#
7# Topology:
8# ---------
9# root namespace | at_ns0 namespace
10# |
11# ----------- | -----------
12# | tnl dev | | | tnl dev | (overlay network)
13# ----------- | -----------
14# metadata-mode | native-mode
15# with bpf |
16# |
17# ---------- | ----------
18# | veth1 | --------- | veth0 | (underlay network)
19# ---------- peer ----------
20#
21#
22# Device Configuration
23# --------------------
24# Root namespace with metadata-mode tunnel + BPF
25# Device names and addresses:
26# veth1 IP: 172.16.1.200, IPv6: 00::22 (underlay)
27# tunnel dev <type>11, ex: gre11, IPv4: 10.1.1.200, IPv6: 1::22 (overlay)
28#
29# Namespace at_ns0 with native tunnel
30# Device names and addresses:
31# veth0 IPv4: 172.16.1.100, IPv6: 00::11 (underlay)
32# tunnel dev <type>00, ex: gre00, IPv4: 10.1.1.100, IPv6: 1::11 (overlay)
33#
34#
35# End-to-end ping packet flow
36# ---------------------------
37# Most of the tests start by namespace creation, device configuration,
38# then ping the underlay and overlay network. When doing 'ping 10.1.1.100'
39# from root namespace, the following operations happen:
40# 1) Route lookup shows 10.1.1.100/24 belongs to tnl dev, fwd to tnl dev.
41# 2) Tnl device's egress BPF program is triggered and set the tunnel metadata,
42# with remote_ip=172.16.1.100 and others.
43# 3) Outer tunnel header is prepended and route the packet to veth1's egress
44# 4) veth0's ingress queue receive the tunneled packet at namespace at_ns0
45# 5) Tunnel protocol handler, ex: vxlan_rcv, decap the packet
46# 6) Forward the packet to the overlay tnl dev
47
48BPF_FILE="test_tunnel_kern.bpf.o"
49BPF_PIN_TUNNEL_DIR="/sys/fs/bpf/tc/tunnel"
50PING_ARG="-c 3 -w 10 -q"
51ret=0
52GREEN='\033[0;92m'
53RED='\033[0;31m'
54NC='\033[0m' # No Color
55
56config_device()
57{
58 ip netns add at_ns0
59 ip link add veth0 type veth peer name veth1
60 ip link set veth0 netns at_ns0
61 ip netns exec at_ns0 ip addr add 172.16.1.100/24 dev veth0
62 ip netns exec at_ns0 ip link set dev veth0 up
63 ip link set dev veth1 up mtu 1500
64 ip addr add dev veth1 172.16.1.200/24
65}
66
67add_gre_tunnel()
68{
69 tun_key=
70 if [ -n "$1" ]; then
71 tun_key="key $1"
72 fi
73
74 # at_ns0 namespace
75 ip netns exec at_ns0 \
76 ip link add dev $DEV_NS type $TYPE seq $tun_key \
77 local 172.16.1.100 remote 172.16.1.200
78 ip netns exec at_ns0 ip link set dev $DEV_NS up
79 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
80
81 # root namespace
82 ip link add dev $DEV type $TYPE $tun_key external
83 ip link set dev $DEV up
84 ip addr add dev $DEV 10.1.1.200/24
85}
86
87add_ip6gretap_tunnel()
88{
89
90 # assign ipv6 address
91 ip netns exec at_ns0 ip addr add ::11/96 dev veth0
92 ip netns exec at_ns0 ip link set dev veth0 up
93 ip addr add dev veth1 ::22/96
94 ip link set dev veth1 up
95
96 # at_ns0 namespace
97 ip netns exec at_ns0 \
98 ip link add dev $DEV_NS type $TYPE seq flowlabel 0xbcdef key 2 \
99 local ::11 remote ::22
100
101 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
102 ip netns exec at_ns0 ip addr add dev $DEV_NS fc80::100/96
103 ip netns exec at_ns0 ip link set dev $DEV_NS up
104
105 # root namespace
106 ip link add dev $DEV type $TYPE external
107 ip addr add dev $DEV 10.1.1.200/24
108 ip addr add dev $DEV fc80::200/24
109 ip link set dev $DEV up
110}
111
112add_erspan_tunnel()
113{
114 # at_ns0 namespace
115 if [ "$1" == "v1" ]; then
116 ip netns exec at_ns0 \
117 ip link add dev $DEV_NS type $TYPE seq key 2 \
118 local 172.16.1.100 remote 172.16.1.200 \
119 erspan_ver 1 erspan 123
120 else
121 ip netns exec at_ns0 \
122 ip link add dev $DEV_NS type $TYPE seq key 2 \
123 local 172.16.1.100 remote 172.16.1.200 \
124 erspan_ver 2 erspan_dir egress erspan_hwid 3
125 fi
126 ip netns exec at_ns0 ip link set dev $DEV_NS up
127 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
128
129 # root namespace
130 ip link add dev $DEV type $TYPE external
131 ip link set dev $DEV up
132 ip addr add dev $DEV 10.1.1.200/24
133}
134
135add_ip6erspan_tunnel()
136{
137
138 # assign ipv6 address
139 ip netns exec at_ns0 ip addr add ::11/96 dev veth0
140 ip netns exec at_ns0 ip link set dev veth0 up
141 ip addr add dev veth1 ::22/96
142 ip link set dev veth1 up
143
144 # at_ns0 namespace
145 if [ "$1" == "v1" ]; then
146 ip netns exec at_ns0 \
147 ip link add dev $DEV_NS type $TYPE seq key 2 \
148 local ::11 remote ::22 \
149 erspan_ver 1 erspan 123
150 else
151 ip netns exec at_ns0 \
152 ip link add dev $DEV_NS type $TYPE seq key 2 \
153 local ::11 remote ::22 \
154 erspan_ver 2 erspan_dir egress erspan_hwid 7
155 fi
156 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
157 ip netns exec at_ns0 ip link set dev $DEV_NS up
158
159 # root namespace
160 ip link add dev $DEV type $TYPE external
161 ip addr add dev $DEV 10.1.1.200/24
162 ip link set dev $DEV up
163}
164
165add_geneve_tunnel()
166{
167 # at_ns0 namespace
168 ip netns exec at_ns0 \
169 ip link add dev $DEV_NS type $TYPE \
170 id 2 dstport 6081 remote 172.16.1.200
171 ip netns exec at_ns0 ip link set dev $DEV_NS up
172 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
173
174 # root namespace
175 ip link add dev $DEV type $TYPE dstport 6081 external
176 ip link set dev $DEV up
177 ip addr add dev $DEV 10.1.1.200/24
178}
179
180add_ip6geneve_tunnel()
181{
182 ip netns exec at_ns0 ip addr add ::11/96 dev veth0
183 ip netns exec at_ns0 ip link set dev veth0 up
184 ip addr add dev veth1 ::22/96
185 ip link set dev veth1 up
186
187 # at_ns0 namespace
188 ip netns exec at_ns0 \
189 ip link add dev $DEV_NS type $TYPE id 22 \
190 remote ::22 # geneve has no local option
191 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
192 ip netns exec at_ns0 ip link set dev $DEV_NS up
193
194 # root namespace
195 ip link add dev $DEV type $TYPE external
196 ip addr add dev $DEV 10.1.1.200/24
197 ip link set dev $DEV up
198}
199
200add_ipip_tunnel()
201{
202 # at_ns0 namespace
203 ip netns exec at_ns0 \
204 ip link add dev $DEV_NS type $TYPE \
205 local 172.16.1.100 remote 172.16.1.200
206 ip netns exec at_ns0 ip link set dev $DEV_NS up
207 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
208
209 # root namespace
210 ip link add dev $DEV type $TYPE external
211 ip link set dev $DEV up
212 ip addr add dev $DEV 10.1.1.200/24
213}
214
215add_ip6tnl_tunnel()
216{
217 ip netns exec at_ns0 ip addr add ::11/96 dev veth0
218 ip netns exec at_ns0 ip link set dev veth0 up
219 ip addr add dev veth1 ::22/96
220 ip link set dev veth1 up
221
222 # at_ns0 namespace
223 ip netns exec at_ns0 \
224 ip link add dev $DEV_NS type $TYPE \
225 local ::11 remote ::22
226 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
227 ip netns exec at_ns0 ip addr add dev $DEV_NS 1::11/96
228 ip netns exec at_ns0 ip link set dev $DEV_NS up
229
230 # root namespace
231 ip link add dev $DEV type $TYPE external
232 ip addr add dev $DEV 10.1.1.200/24
233 ip addr add dev $DEV 1::22/96
234 ip link set dev $DEV up
235}
236
237test_gre()
238{
239 TYPE=gretap
240 DEV_NS=gretap00
241 DEV=gretap11
242 ret=0
243
244 check $TYPE
245 config_device
246 add_gre_tunnel 2
247 attach_bpf $DEV gre_set_tunnel gre_get_tunnel
248 ping $PING_ARG 10.1.1.100
249 check_err $?
250 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
251 check_err $?
252 cleanup
253
254 if [ $ret -ne 0 ]; then
255 echo -e ${RED}"FAIL: $TYPE"${NC}
256 return 1
257 fi
258 echo -e ${GREEN}"PASS: $TYPE"${NC}
259}
260
261test_gre_no_tunnel_key()
262{
263 TYPE=gre
264 DEV_NS=gre00
265 DEV=gre11
266 ret=0
267
268 check $TYPE
269 config_device
270 add_gre_tunnel
271 attach_bpf $DEV gre_set_tunnel_no_key gre_get_tunnel
272 ping $PING_ARG 10.1.1.100
273 check_err $?
274 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
275 check_err $?
276 cleanup
277
278 if [ $ret -ne 0 ]; then
279 echo -e ${RED}"FAIL: $TYPE"${NC}
280 return 1
281 fi
282 echo -e ${GREEN}"PASS: $TYPE"${NC}
283}
284
285test_ip6gre()
286{
287 TYPE=ip6gre
288 DEV_NS=ip6gre00
289 DEV=ip6gre11
290 ret=0
291
292 check $TYPE
293 config_device
294 # reuse the ip6gretap function
295 add_ip6gretap_tunnel
296 attach_bpf $DEV ip6gretap_set_tunnel ip6gretap_get_tunnel
297 # underlay
298 ping6 $PING_ARG ::11
299 # overlay: ipv4 over ipv6
300 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
301 ping $PING_ARG 10.1.1.100
302 check_err $?
303 # overlay: ipv6 over ipv6
304 ip netns exec at_ns0 ping6 $PING_ARG fc80::200
305 check_err $?
306 cleanup
307
308 if [ $ret -ne 0 ]; then
309 echo -e ${RED}"FAIL: $TYPE"${NC}
310 return 1
311 fi
312 echo -e ${GREEN}"PASS: $TYPE"${NC}
313}
314
315test_ip6gretap()
316{
317 TYPE=ip6gretap
318 DEV_NS=ip6gretap00
319 DEV=ip6gretap11
320 ret=0
321
322 check $TYPE
323 config_device
324 add_ip6gretap_tunnel
325 attach_bpf $DEV ip6gretap_set_tunnel ip6gretap_get_tunnel
326 # underlay
327 ping6 $PING_ARG ::11
328 # overlay: ipv4 over ipv6
329 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
330 ping $PING_ARG 10.1.1.100
331 check_err $?
332 # overlay: ipv6 over ipv6
333 ip netns exec at_ns0 ping6 $PING_ARG fc80::200
334 check_err $?
335 cleanup
336
337 if [ $ret -ne 0 ]; then
338 echo -e ${RED}"FAIL: $TYPE"${NC}
339 return 1
340 fi
341 echo -e ${GREEN}"PASS: $TYPE"${NC}
342}
343
344test_erspan()
345{
346 TYPE=erspan
347 DEV_NS=erspan00
348 DEV=erspan11
349 ret=0
350
351 check $TYPE
352 config_device
353 add_erspan_tunnel $1
354 attach_bpf $DEV erspan_set_tunnel erspan_get_tunnel
355 ping $PING_ARG 10.1.1.100
356 check_err $?
357 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
358 check_err $?
359 cleanup
360
361 if [ $ret -ne 0 ]; then
362 echo -e ${RED}"FAIL: $TYPE"${NC}
363 return 1
364 fi
365 echo -e ${GREEN}"PASS: $TYPE"${NC}
366}
367
368test_ip6erspan()
369{
370 TYPE=ip6erspan
371 DEV_NS=ip6erspan00
372 DEV=ip6erspan11
373 ret=0
374
375 check $TYPE
376 config_device
377 add_ip6erspan_tunnel $1
378 attach_bpf $DEV ip4ip6erspan_set_tunnel ip4ip6erspan_get_tunnel
379 ping6 $PING_ARG ::11
380 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
381 check_err $?
382 cleanup
383
384 if [ $ret -ne 0 ]; then
385 echo -e ${RED}"FAIL: $TYPE"${NC}
386 return 1
387 fi
388 echo -e ${GREEN}"PASS: $TYPE"${NC}
389}
390
391test_geneve()
392{
393 TYPE=geneve
394 DEV_NS=geneve00
395 DEV=geneve11
396 ret=0
397
398 check $TYPE
399 config_device
400 add_geneve_tunnel
401 attach_bpf $DEV geneve_set_tunnel geneve_get_tunnel
402 ping $PING_ARG 10.1.1.100
403 check_err $?
404 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
405 check_err $?
406 cleanup
407
408 if [ $ret -ne 0 ]; then
409 echo -e ${RED}"FAIL: $TYPE"${NC}
410 return 1
411 fi
412 echo -e ${GREEN}"PASS: $TYPE"${NC}
413}
414
415test_ip6geneve()
416{
417 TYPE=geneve
418 DEV_NS=ip6geneve00
419 DEV=ip6geneve11
420 ret=0
421
422 check $TYPE
423 config_device
424 add_ip6geneve_tunnel
425 attach_bpf $DEV ip6geneve_set_tunnel ip6geneve_get_tunnel
426 ping $PING_ARG 10.1.1.100
427 check_err $?
428 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
429 check_err $?
430 cleanup
431
432 if [ $ret -ne 0 ]; then
433 echo -e ${RED}"FAIL: ip6$TYPE"${NC}
434 return 1
435 fi
436 echo -e ${GREEN}"PASS: ip6$TYPE"${NC}
437}
438
439test_ipip()
440{
441 TYPE=ipip
442 DEV_NS=ipip00
443 DEV=ipip11
444 ret=0
445
446 check $TYPE
447 config_device
448 add_ipip_tunnel
449 ip link set dev veth1 mtu 1500
450 attach_bpf $DEV ipip_set_tunnel ipip_get_tunnel
451 ping $PING_ARG 10.1.1.100
452 check_err $?
453 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
454 check_err $?
455 cleanup
456
457 if [ $ret -ne 0 ]; then
458 echo -e ${RED}"FAIL: $TYPE"${NC}
459 return 1
460 fi
461 echo -e ${GREEN}"PASS: $TYPE"${NC}
462}
463
464test_ipip6()
465{
466 TYPE=ip6tnl
467 DEV_NS=ipip6tnl00
468 DEV=ipip6tnl11
469 ret=0
470
471 check $TYPE
472 config_device
473 add_ip6tnl_tunnel
474 ip link set dev veth1 mtu 1500
475 attach_bpf $DEV ipip6_set_tunnel ipip6_get_tunnel
476 # underlay
477 ping6 $PING_ARG ::11
478 # ip4 over ip6
479 ping $PING_ARG 10.1.1.100
480 check_err $?
481 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
482 check_err $?
483 cleanup
484
485 if [ $ret -ne 0 ]; then
486 echo -e ${RED}"FAIL: $TYPE"${NC}
487 return 1
488 fi
489 echo -e ${GREEN}"PASS: $TYPE"${NC}
490}
491
492test_ip6ip6()
493{
494 TYPE=ip6tnl
495 DEV_NS=ip6ip6tnl00
496 DEV=ip6ip6tnl11
497 ret=0
498
499 check $TYPE
500 config_device
501 add_ip6tnl_tunnel
502 ip link set dev veth1 mtu 1500
503 attach_bpf $DEV ip6ip6_set_tunnel ip6ip6_get_tunnel
504 # underlay
505 ping6 $PING_ARG ::11
506 # ip6 over ip6
507 ping6 $PING_ARG 1::11
508 check_err $?
509 ip netns exec at_ns0 ping6 $PING_ARG 1::22
510 check_err $?
511 cleanup
512
513 if [ $ret -ne 0 ]; then
514 echo -e ${RED}"FAIL: ip6$TYPE"${NC}
515 return 1
516 fi
517 echo -e ${GREEN}"PASS: ip6$TYPE"${NC}
518}
519
520attach_bpf()
521{
522 DEV=$1
523 SET=$2
524 GET=$3
525 mkdir -p ${BPF_PIN_TUNNEL_DIR}
526 bpftool prog loadall ${BPF_FILE} ${BPF_PIN_TUNNEL_DIR}/
527 tc qdisc add dev $DEV clsact
528 tc filter add dev $DEV egress bpf da object-pinned ${BPF_PIN_TUNNEL_DIR}/$SET
529 tc filter add dev $DEV ingress bpf da object-pinned ${BPF_PIN_TUNNEL_DIR}/$GET
530}
531
532cleanup()
533{
534 rm -rf ${BPF_PIN_TUNNEL_DIR}
535
536 ip netns delete at_ns0 2> /dev/null
537 ip link del veth1 2> /dev/null
538 ip link del ipip11 2> /dev/null
539 ip link del ipip6tnl11 2> /dev/null
540 ip link del ip6ip6tnl11 2> /dev/null
541 ip link del gretap11 2> /dev/null
542 ip link del gre11 2> /dev/null
543 ip link del ip6gre11 2> /dev/null
544 ip link del ip6gretap11 2> /dev/null
545 ip link del geneve11 2> /dev/null
546 ip link del ip6geneve11 2> /dev/null
547 ip link del erspan11 2> /dev/null
548 ip link del ip6erspan11 2> /dev/null
549}
550
551cleanup_exit()
552{
553 echo "CATCH SIGKILL or SIGINT, cleanup and exit"
554 cleanup
555 exit 0
556}
557
558check()
559{
560 ip link help 2>&1 | grep -q "\s$1\s"
561 if [ $? -ne 0 ];then
562 echo "SKIP $1: iproute2 not support"
563 cleanup
564 return 1
565 fi
566}
567
568enable_debug()
569{
570 echo 'file ip_gre.c +p' > /sys/kernel/debug/dynamic_debug/control
571 echo 'file ip6_gre.c +p' > /sys/kernel/debug/dynamic_debug/control
572 echo 'file geneve.c +p' > /sys/kernel/debug/dynamic_debug/control
573 echo 'file ipip.c +p' > /sys/kernel/debug/dynamic_debug/control
574}
575
576check_err()
577{
578 if [ $ret -eq 0 ]; then
579 ret=$1
580 fi
581}
582
583bpf_tunnel_test()
584{
585 local errors=0
586
587 echo "Testing GRE tunnel..."
588 test_gre
589 errors=$(( $errors + $? ))
590
591 echo "Testing GRE tunnel (without tunnel keys)..."
592 test_gre_no_tunnel_key
593 errors=$(( $errors + $? ))
594
595 echo "Testing IP6GRE tunnel..."
596 test_ip6gre
597 errors=$(( $errors + $? ))
598
599 echo "Testing IP6GRETAP tunnel..."
600 test_ip6gretap
601 errors=$(( $errors + $? ))
602
603 echo "Testing ERSPAN tunnel..."
604 test_erspan v2
605 errors=$(( $errors + $? ))
606
607 echo "Testing IP6ERSPAN tunnel..."
608 test_ip6erspan v2
609 errors=$(( $errors + $? ))
610
611 echo "Testing GENEVE tunnel..."
612 test_geneve
613 errors=$(( $errors + $? ))
614
615 echo "Testing IP6GENEVE tunnel..."
616 test_ip6geneve
617 errors=$(( $errors + $? ))
618
619 echo "Testing IPIP tunnel..."
620 test_ipip
621 errors=$(( $errors + $? ))
622
623 echo "Testing IPIP6 tunnel..."
624 test_ipip6
625 errors=$(( $errors + $? ))
626
627 echo "Testing IP6IP6 tunnel..."
628 test_ip6ip6
629 errors=$(( $errors + $? ))
630
631 return $errors
632}
633
634trap cleanup 0 3 6
635trap cleanup_exit 2 9
636
637cleanup
638bpf_tunnel_test
639
640if [ $? -ne 0 ]; then
641 echo -e "$(basename $0): ${RED}FAIL${NC}"
642 exit 1
643fi
644echo -e "$(basename $0): ${GREEN}PASS${NC}"
645exit 0
1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0
3
4# End-to-end eBPF tunnel test suite
5# The script tests BPF network tunnel implementation.
6#
7# Topology:
8# ---------
9# root namespace | at_ns0 namespace
10# |
11# ----------- | -----------
12# | tnl dev | | | tnl dev | (overlay network)
13# ----------- | -----------
14# metadata-mode | native-mode
15# with bpf |
16# |
17# ---------- | ----------
18# | veth1 | --------- | veth0 | (underlay network)
19# ---------- peer ----------
20#
21#
22# Device Configuration
23# --------------------
24# Root namespace with metadata-mode tunnel + BPF
25# Device names and addresses:
26# veth1 IP: 172.16.1.200, IPv6: 00::22 (underlay)
27# tunnel dev <type>11, ex: gre11, IPv4: 10.1.1.200 (overlay)
28#
29# Namespace at_ns0 with native tunnel
30# Device names and addresses:
31# veth0 IPv4: 172.16.1.100, IPv6: 00::11 (underlay)
32# tunnel dev <type>00, ex: gre00, IPv4: 10.1.1.100 (overlay)
33#
34#
35# End-to-end ping packet flow
36# ---------------------------
37# Most of the tests start by namespace creation, device configuration,
38# then ping the underlay and overlay network. When doing 'ping 10.1.1.100'
39# from root namespace, the following operations happen:
40# 1) Route lookup shows 10.1.1.100/24 belongs to tnl dev, fwd to tnl dev.
41# 2) Tnl device's egress BPF program is triggered and set the tunnel metadata,
42# with remote_ip=172.16.1.200 and others.
43# 3) Outer tunnel header is prepended and route the packet to veth1's egress
44# 4) veth0's ingress queue receive the tunneled packet at namespace at_ns0
45# 5) Tunnel protocol handler, ex: vxlan_rcv, decap the packet
46# 6) Forward the packet to the overlay tnl dev
47
48PING_ARG="-c 3 -w 10 -q"
49ret=0
50GREEN='\033[0;92m'
51RED='\033[0;31m'
52NC='\033[0m' # No Color
53
54config_device()
55{
56 ip netns add at_ns0
57 ip link add veth0 type veth peer name veth1
58 ip link set veth0 netns at_ns0
59 ip netns exec at_ns0 ip addr add 172.16.1.100/24 dev veth0
60 ip netns exec at_ns0 ip link set dev veth0 up
61 ip link set dev veth1 up mtu 1500
62 ip addr add dev veth1 172.16.1.200/24
63}
64
65add_gre_tunnel()
66{
67 # at_ns0 namespace
68 ip netns exec at_ns0 \
69 ip link add dev $DEV_NS type $TYPE seq key 2 \
70 local 172.16.1.100 remote 172.16.1.200
71 ip netns exec at_ns0 ip link set dev $DEV_NS up
72 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
73
74 # root namespace
75 ip link add dev $DEV type $TYPE key 2 external
76 ip link set dev $DEV up
77 ip addr add dev $DEV 10.1.1.200/24
78}
79
80add_ip6gretap_tunnel()
81{
82
83 # assign ipv6 address
84 ip netns exec at_ns0 ip addr add ::11/96 dev veth0
85 ip netns exec at_ns0 ip link set dev veth0 up
86 ip addr add dev veth1 ::22/96
87 ip link set dev veth1 up
88
89 # at_ns0 namespace
90 ip netns exec at_ns0 \
91 ip link add dev $DEV_NS type $TYPE seq flowlabel 0xbcdef key 2 \
92 local ::11 remote ::22
93
94 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
95 ip netns exec at_ns0 ip addr add dev $DEV_NS fc80::100/96
96 ip netns exec at_ns0 ip link set dev $DEV_NS up
97
98 # root namespace
99 ip link add dev $DEV type $TYPE external
100 ip addr add dev $DEV 10.1.1.200/24
101 ip addr add dev $DEV fc80::200/24
102 ip link set dev $DEV up
103}
104
105add_erspan_tunnel()
106{
107 # at_ns0 namespace
108 if [ "$1" == "v1" ]; then
109 ip netns exec at_ns0 \
110 ip link add dev $DEV_NS type $TYPE seq key 2 \
111 local 172.16.1.100 remote 172.16.1.200 \
112 erspan_ver 1 erspan 123
113 else
114 ip netns exec at_ns0 \
115 ip link add dev $DEV_NS type $TYPE seq key 2 \
116 local 172.16.1.100 remote 172.16.1.200 \
117 erspan_ver 2 erspan_dir egress erspan_hwid 3
118 fi
119 ip netns exec at_ns0 ip link set dev $DEV_NS up
120 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
121
122 # root namespace
123 ip link add dev $DEV type $TYPE external
124 ip link set dev $DEV up
125 ip addr add dev $DEV 10.1.1.200/24
126}
127
128add_ip6erspan_tunnel()
129{
130
131 # assign ipv6 address
132 ip netns exec at_ns0 ip addr add ::11/96 dev veth0
133 ip netns exec at_ns0 ip link set dev veth0 up
134 ip addr add dev veth1 ::22/96
135 ip link set dev veth1 up
136
137 # at_ns0 namespace
138 if [ "$1" == "v1" ]; then
139 ip netns exec at_ns0 \
140 ip link add dev $DEV_NS type $TYPE seq key 2 \
141 local ::11 remote ::22 \
142 erspan_ver 1 erspan 123
143 else
144 ip netns exec at_ns0 \
145 ip link add dev $DEV_NS type $TYPE seq key 2 \
146 local ::11 remote ::22 \
147 erspan_ver 2 erspan_dir egress erspan_hwid 7
148 fi
149 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
150 ip netns exec at_ns0 ip link set dev $DEV_NS up
151
152 # root namespace
153 ip link add dev $DEV type $TYPE external
154 ip addr add dev $DEV 10.1.1.200/24
155 ip link set dev $DEV up
156}
157
158add_vxlan_tunnel()
159{
160 # Set static ARP entry here because iptables set-mark works
161 # on L3 packet, as a result not applying to ARP packets,
162 # causing errors at get_tunnel_{key/opt}.
163
164 # at_ns0 namespace
165 ip netns exec at_ns0 \
166 ip link add dev $DEV_NS type $TYPE \
167 id 2 dstport 4789 gbp remote 172.16.1.200
168 ip netns exec at_ns0 \
169 ip link set dev $DEV_NS address 52:54:00:d9:01:00 up
170 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
171 ip netns exec at_ns0 arp -s 10.1.1.200 52:54:00:d9:02:00
172 ip netns exec at_ns0 iptables -A OUTPUT -j MARK --set-mark 0x800FF
173
174 # root namespace
175 ip link add dev $DEV type $TYPE external gbp dstport 4789
176 ip link set dev $DEV address 52:54:00:d9:02:00 up
177 ip addr add dev $DEV 10.1.1.200/24
178 arp -s 10.1.1.100 52:54:00:d9:01:00
179}
180
181add_ip6vxlan_tunnel()
182{
183 #ip netns exec at_ns0 ip -4 addr del 172.16.1.100 dev veth0
184 ip netns exec at_ns0 ip -6 addr add ::11/96 dev veth0
185 ip netns exec at_ns0 ip link set dev veth0 up
186 #ip -4 addr del 172.16.1.200 dev veth1
187 ip -6 addr add dev veth1 ::22/96
188 ip link set dev veth1 up
189
190 # at_ns0 namespace
191 ip netns exec at_ns0 \
192 ip link add dev $DEV_NS type $TYPE id 22 dstport 4789 \
193 local ::11 remote ::22
194 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
195 ip netns exec at_ns0 ip link set dev $DEV_NS up
196
197 # root namespace
198 ip link add dev $DEV type $TYPE external dstport 4789
199 ip addr add dev $DEV 10.1.1.200/24
200 ip link set dev $DEV up
201}
202
203add_geneve_tunnel()
204{
205 # at_ns0 namespace
206 ip netns exec at_ns0 \
207 ip link add dev $DEV_NS type $TYPE \
208 id 2 dstport 6081 remote 172.16.1.200
209 ip netns exec at_ns0 ip link set dev $DEV_NS up
210 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
211
212 # root namespace
213 ip link add dev $DEV type $TYPE dstport 6081 external
214 ip link set dev $DEV up
215 ip addr add dev $DEV 10.1.1.200/24
216}
217
218add_ip6geneve_tunnel()
219{
220 ip netns exec at_ns0 ip addr add ::11/96 dev veth0
221 ip netns exec at_ns0 ip link set dev veth0 up
222 ip addr add dev veth1 ::22/96
223 ip link set dev veth1 up
224
225 # at_ns0 namespace
226 ip netns exec at_ns0 \
227 ip link add dev $DEV_NS type $TYPE id 22 \
228 remote ::22 # geneve has no local option
229 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
230 ip netns exec at_ns0 ip link set dev $DEV_NS up
231
232 # root namespace
233 ip link add dev $DEV type $TYPE external
234 ip addr add dev $DEV 10.1.1.200/24
235 ip link set dev $DEV up
236}
237
238add_ipip_tunnel()
239{
240 # at_ns0 namespace
241 ip netns exec at_ns0 \
242 ip link add dev $DEV_NS type $TYPE \
243 local 172.16.1.100 remote 172.16.1.200
244 ip netns exec at_ns0 ip link set dev $DEV_NS up
245 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
246
247 # root namespace
248 ip link add dev $DEV type $TYPE external
249 ip link set dev $DEV up
250 ip addr add dev $DEV 10.1.1.200/24
251}
252
253add_ipip6tnl_tunnel()
254{
255 ip netns exec at_ns0 ip addr add ::11/96 dev veth0
256 ip netns exec at_ns0 ip link set dev veth0 up
257 ip addr add dev veth1 ::22/96
258 ip link set dev veth1 up
259
260 # at_ns0 namespace
261 ip netns exec at_ns0 \
262 ip link add dev $DEV_NS type $TYPE \
263 local ::11 remote ::22
264 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
265 ip netns exec at_ns0 ip link set dev $DEV_NS up
266
267 # root namespace
268 ip link add dev $DEV type $TYPE external
269 ip addr add dev $DEV 10.1.1.200/24
270 ip link set dev $DEV up
271}
272
273test_gre()
274{
275 TYPE=gretap
276 DEV_NS=gretap00
277 DEV=gretap11
278 ret=0
279
280 check $TYPE
281 config_device
282 add_gre_tunnel
283 attach_bpf $DEV gre_set_tunnel gre_get_tunnel
284 ping $PING_ARG 10.1.1.100
285 check_err $?
286 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
287 check_err $?
288 cleanup
289
290 if [ $ret -ne 0 ]; then
291 echo -e ${RED}"FAIL: $TYPE"${NC}
292 return 1
293 fi
294 echo -e ${GREEN}"PASS: $TYPE"${NC}
295}
296
297test_ip6gre()
298{
299 TYPE=ip6gre
300 DEV_NS=ip6gre00
301 DEV=ip6gre11
302 ret=0
303
304 check $TYPE
305 config_device
306 # reuse the ip6gretap function
307 add_ip6gretap_tunnel
308 attach_bpf $DEV ip6gretap_set_tunnel ip6gretap_get_tunnel
309 # underlay
310 ping6 $PING_ARG ::11
311 # overlay: ipv4 over ipv6
312 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
313 ping $PING_ARG 10.1.1.100
314 check_err $?
315 # overlay: ipv6 over ipv6
316 ip netns exec at_ns0 ping6 $PING_ARG fc80::200
317 check_err $?
318 cleanup
319
320 if [ $ret -ne 0 ]; then
321 echo -e ${RED}"FAIL: $TYPE"${NC}
322 return 1
323 fi
324 echo -e ${GREEN}"PASS: $TYPE"${NC}
325}
326
327test_ip6gretap()
328{
329 TYPE=ip6gretap
330 DEV_NS=ip6gretap00
331 DEV=ip6gretap11
332 ret=0
333
334 check $TYPE
335 config_device
336 add_ip6gretap_tunnel
337 attach_bpf $DEV ip6gretap_set_tunnel ip6gretap_get_tunnel
338 # underlay
339 ping6 $PING_ARG ::11
340 # overlay: ipv4 over ipv6
341 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
342 ping $PING_ARG 10.1.1.100
343 check_err $?
344 # overlay: ipv6 over ipv6
345 ip netns exec at_ns0 ping6 $PING_ARG fc80::200
346 check_err $?
347 cleanup
348
349 if [ $ret -ne 0 ]; then
350 echo -e ${RED}"FAIL: $TYPE"${NC}
351 return 1
352 fi
353 echo -e ${GREEN}"PASS: $TYPE"${NC}
354}
355
356test_erspan()
357{
358 TYPE=erspan
359 DEV_NS=erspan00
360 DEV=erspan11
361 ret=0
362
363 check $TYPE
364 config_device
365 add_erspan_tunnel $1
366 attach_bpf $DEV erspan_set_tunnel erspan_get_tunnel
367 ping $PING_ARG 10.1.1.100
368 check_err $?
369 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
370 check_err $?
371 cleanup
372
373 if [ $ret -ne 0 ]; then
374 echo -e ${RED}"FAIL: $TYPE"${NC}
375 return 1
376 fi
377 echo -e ${GREEN}"PASS: $TYPE"${NC}
378}
379
380test_ip6erspan()
381{
382 TYPE=ip6erspan
383 DEV_NS=ip6erspan00
384 DEV=ip6erspan11
385 ret=0
386
387 check $TYPE
388 config_device
389 add_ip6erspan_tunnel $1
390 attach_bpf $DEV ip4ip6erspan_set_tunnel ip4ip6erspan_get_tunnel
391 ping6 $PING_ARG ::11
392 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
393 check_err $?
394 cleanup
395
396 if [ $ret -ne 0 ]; then
397 echo -e ${RED}"FAIL: $TYPE"${NC}
398 return 1
399 fi
400 echo -e ${GREEN}"PASS: $TYPE"${NC}
401}
402
403test_vxlan()
404{
405 TYPE=vxlan
406 DEV_NS=vxlan00
407 DEV=vxlan11
408 ret=0
409
410 check $TYPE
411 config_device
412 add_vxlan_tunnel
413 attach_bpf $DEV vxlan_set_tunnel vxlan_get_tunnel
414 ping $PING_ARG 10.1.1.100
415 check_err $?
416 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
417 check_err $?
418 cleanup
419
420 if [ $ret -ne 0 ]; then
421 echo -e ${RED}"FAIL: $TYPE"${NC}
422 return 1
423 fi
424 echo -e ${GREEN}"PASS: $TYPE"${NC}
425}
426
427test_ip6vxlan()
428{
429 TYPE=vxlan
430 DEV_NS=ip6vxlan00
431 DEV=ip6vxlan11
432 ret=0
433
434 check $TYPE
435 config_device
436 add_ip6vxlan_tunnel
437 ip link set dev veth1 mtu 1500
438 attach_bpf $DEV ip6vxlan_set_tunnel ip6vxlan_get_tunnel
439 # underlay
440 ping6 $PING_ARG ::11
441 # ip4 over ip6
442 ping $PING_ARG 10.1.1.100
443 check_err $?
444 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
445 check_err $?
446 cleanup
447
448 if [ $ret -ne 0 ]; then
449 echo -e ${RED}"FAIL: ip6$TYPE"${NC}
450 return 1
451 fi
452 echo -e ${GREEN}"PASS: ip6$TYPE"${NC}
453}
454
455test_geneve()
456{
457 TYPE=geneve
458 DEV_NS=geneve00
459 DEV=geneve11
460 ret=0
461
462 check $TYPE
463 config_device
464 add_geneve_tunnel
465 attach_bpf $DEV geneve_set_tunnel geneve_get_tunnel
466 ping $PING_ARG 10.1.1.100
467 check_err $?
468 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
469 check_err $?
470 cleanup
471
472 if [ $ret -ne 0 ]; then
473 echo -e ${RED}"FAIL: $TYPE"${NC}
474 return 1
475 fi
476 echo -e ${GREEN}"PASS: $TYPE"${NC}
477}
478
479test_ip6geneve()
480{
481 TYPE=geneve
482 DEV_NS=ip6geneve00
483 DEV=ip6geneve11
484 ret=0
485
486 check $TYPE
487 config_device
488 add_ip6geneve_tunnel
489 attach_bpf $DEV ip6geneve_set_tunnel ip6geneve_get_tunnel
490 ping $PING_ARG 10.1.1.100
491 check_err $?
492 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
493 check_err $?
494 cleanup
495
496 if [ $ret -ne 0 ]; then
497 echo -e ${RED}"FAIL: ip6$TYPE"${NC}
498 return 1
499 fi
500 echo -e ${GREEN}"PASS: ip6$TYPE"${NC}
501}
502
503test_ipip()
504{
505 TYPE=ipip
506 DEV_NS=ipip00
507 DEV=ipip11
508 ret=0
509
510 check $TYPE
511 config_device
512 add_ipip_tunnel
513 ip link set dev veth1 mtu 1500
514 attach_bpf $DEV ipip_set_tunnel ipip_get_tunnel
515 ping $PING_ARG 10.1.1.100
516 check_err $?
517 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
518 check_err $?
519 cleanup
520
521 if [ $ret -ne 0 ]; then
522 echo -e ${RED}"FAIL: $TYPE"${NC}
523 return 1
524 fi
525 echo -e ${GREEN}"PASS: $TYPE"${NC}
526}
527
528test_ipip6()
529{
530 TYPE=ip6tnl
531 DEV_NS=ipip6tnl00
532 DEV=ipip6tnl11
533 ret=0
534
535 check $TYPE
536 config_device
537 add_ipip6tnl_tunnel
538 ip link set dev veth1 mtu 1500
539 attach_bpf $DEV ipip6_set_tunnel ipip6_get_tunnel
540 # underlay
541 ping6 $PING_ARG ::11
542 # ip4 over ip6
543 ping $PING_ARG 10.1.1.100
544 check_err $?
545 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
546 check_err $?
547 cleanup
548
549 if [ $ret -ne 0 ]; then
550 echo -e ${RED}"FAIL: $TYPE"${NC}
551 return 1
552 fi
553 echo -e ${GREEN}"PASS: $TYPE"${NC}
554}
555
556setup_xfrm_tunnel()
557{
558 auth=0x$(printf '1%.0s' {1..40})
559 enc=0x$(printf '2%.0s' {1..32})
560 spi_in_to_out=0x1
561 spi_out_to_in=0x2
562 # at_ns0 namespace
563 # at_ns0 -> root
564 ip netns exec at_ns0 \
565 ip xfrm state add src 172.16.1.100 dst 172.16.1.200 proto esp \
566 spi $spi_in_to_out reqid 1 mode tunnel \
567 auth-trunc 'hmac(sha1)' $auth 96 enc 'cbc(aes)' $enc
568 ip netns exec at_ns0 \
569 ip xfrm policy add src 10.1.1.100/32 dst 10.1.1.200/32 dir out \
570 tmpl src 172.16.1.100 dst 172.16.1.200 proto esp reqid 1 \
571 mode tunnel
572 # root -> at_ns0
573 ip netns exec at_ns0 \
574 ip xfrm state add src 172.16.1.200 dst 172.16.1.100 proto esp \
575 spi $spi_out_to_in reqid 2 mode tunnel \
576 auth-trunc 'hmac(sha1)' $auth 96 enc 'cbc(aes)' $enc
577 ip netns exec at_ns0 \
578 ip xfrm policy add src 10.1.1.200/32 dst 10.1.1.100/32 dir in \
579 tmpl src 172.16.1.200 dst 172.16.1.100 proto esp reqid 2 \
580 mode tunnel
581 # address & route
582 ip netns exec at_ns0 \
583 ip addr add dev veth0 10.1.1.100/32
584 ip netns exec at_ns0 \
585 ip route add 10.1.1.200 dev veth0 via 172.16.1.200 \
586 src 10.1.1.100
587
588 # root namespace
589 # at_ns0 -> root
590 ip xfrm state add src 172.16.1.100 dst 172.16.1.200 proto esp \
591 spi $spi_in_to_out reqid 1 mode tunnel \
592 auth-trunc 'hmac(sha1)' $auth 96 enc 'cbc(aes)' $enc
593 ip xfrm policy add src 10.1.1.100/32 dst 10.1.1.200/32 dir in \
594 tmpl src 172.16.1.100 dst 172.16.1.200 proto esp reqid 1 \
595 mode tunnel
596 # root -> at_ns0
597 ip xfrm state add src 172.16.1.200 dst 172.16.1.100 proto esp \
598 spi $spi_out_to_in reqid 2 mode tunnel \
599 auth-trunc 'hmac(sha1)' $auth 96 enc 'cbc(aes)' $enc
600 ip xfrm policy add src 10.1.1.200/32 dst 10.1.1.100/32 dir out \
601 tmpl src 172.16.1.200 dst 172.16.1.100 proto esp reqid 2 \
602 mode tunnel
603 # address & route
604 ip addr add dev veth1 10.1.1.200/32
605 ip route add 10.1.1.100 dev veth1 via 172.16.1.100 src 10.1.1.200
606}
607
608test_xfrm_tunnel()
609{
610 config_device
611 > /sys/kernel/debug/tracing/trace
612 setup_xfrm_tunnel
613 tc qdisc add dev veth1 clsact
614 tc filter add dev veth1 proto ip ingress bpf da obj test_tunnel_kern.o \
615 sec xfrm_get_state
616 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
617 sleep 1
618 grep "reqid 1" /sys/kernel/debug/tracing/trace
619 check_err $?
620 grep "spi 0x1" /sys/kernel/debug/tracing/trace
621 check_err $?
622 grep "remote ip 0xac100164" /sys/kernel/debug/tracing/trace
623 check_err $?
624 cleanup
625
626 if [ $ret -ne 0 ]; then
627 echo -e ${RED}"FAIL: xfrm tunnel"${NC}
628 return 1
629 fi
630 echo -e ${GREEN}"PASS: xfrm tunnel"${NC}
631}
632
633attach_bpf()
634{
635 DEV=$1
636 SET=$2
637 GET=$3
638 tc qdisc add dev $DEV clsact
639 tc filter add dev $DEV egress bpf da obj test_tunnel_kern.o sec $SET
640 tc filter add dev $DEV ingress bpf da obj test_tunnel_kern.o sec $GET
641}
642
643cleanup()
644{
645 ip netns delete at_ns0 2> /dev/null
646 ip link del veth1 2> /dev/null
647 ip link del ipip11 2> /dev/null
648 ip link del ipip6tnl11 2> /dev/null
649 ip link del gretap11 2> /dev/null
650 ip link del ip6gre11 2> /dev/null
651 ip link del ip6gretap11 2> /dev/null
652 ip link del vxlan11 2> /dev/null
653 ip link del ip6vxlan11 2> /dev/null
654 ip link del geneve11 2> /dev/null
655 ip link del ip6geneve11 2> /dev/null
656 ip link del erspan11 2> /dev/null
657 ip link del ip6erspan11 2> /dev/null
658 ip xfrm policy delete dir out src 10.1.1.200/32 dst 10.1.1.100/32 2> /dev/null
659 ip xfrm policy delete dir in src 10.1.1.100/32 dst 10.1.1.200/32 2> /dev/null
660 ip xfrm state delete src 172.16.1.100 dst 172.16.1.200 proto esp spi 0x1 2> /dev/null
661 ip xfrm state delete src 172.16.1.200 dst 172.16.1.100 proto esp spi 0x2 2> /dev/null
662}
663
664cleanup_exit()
665{
666 echo "CATCH SIGKILL or SIGINT, cleanup and exit"
667 cleanup
668 exit 0
669}
670
671check()
672{
673 ip link help 2>&1 | grep -q "\s$1\s"
674 if [ $? -ne 0 ];then
675 echo "SKIP $1: iproute2 not support"
676 cleanup
677 return 1
678 fi
679}
680
681enable_debug()
682{
683 echo 'file ip_gre.c +p' > /sys/kernel/debug/dynamic_debug/control
684 echo 'file ip6_gre.c +p' > /sys/kernel/debug/dynamic_debug/control
685 echo 'file vxlan.c +p' > /sys/kernel/debug/dynamic_debug/control
686 echo 'file geneve.c +p' > /sys/kernel/debug/dynamic_debug/control
687 echo 'file ipip.c +p' > /sys/kernel/debug/dynamic_debug/control
688}
689
690check_err()
691{
692 if [ $ret -eq 0 ]; then
693 ret=$1
694 fi
695}
696
697bpf_tunnel_test()
698{
699 local errors=0
700
701 echo "Testing GRE tunnel..."
702 test_gre
703 errors=$(( $errors + $? ))
704
705 echo "Testing IP6GRE tunnel..."
706 test_ip6gre
707 errors=$(( $errors + $? ))
708
709 echo "Testing IP6GRETAP tunnel..."
710 test_ip6gretap
711 errors=$(( $errors + $? ))
712
713 echo "Testing ERSPAN tunnel..."
714 test_erspan v2
715 errors=$(( $errors + $? ))
716
717 echo "Testing IP6ERSPAN tunnel..."
718 test_ip6erspan v2
719 errors=$(( $errors + $? ))
720
721 echo "Testing VXLAN tunnel..."
722 test_vxlan
723 errors=$(( $errors + $? ))
724
725 echo "Testing IP6VXLAN tunnel..."
726 test_ip6vxlan
727 errors=$(( $errors + $? ))
728
729 echo "Testing GENEVE tunnel..."
730 test_geneve
731 errors=$(( $errors + $? ))
732
733 echo "Testing IP6GENEVE tunnel..."
734 test_ip6geneve
735 errors=$(( $errors + $? ))
736
737 echo "Testing IPIP tunnel..."
738 test_ipip
739 errors=$(( $errors + $? ))
740
741 echo "Testing IPIP6 tunnel..."
742 test_ipip6
743 errors=$(( $errors + $? ))
744
745 echo "Testing IPSec tunnel..."
746 test_xfrm_tunnel
747 errors=$(( $errors + $? ))
748
749 return $errors
750}
751
752trap cleanup 0 3 6
753trap cleanup_exit 2 9
754
755cleanup
756bpf_tunnel_test
757
758if [ $? -ne 0 ]; then
759 echo -e "$(basename $0): ${RED}FAIL${NC}"
760 exit 1
761fi
762echo -e "$(basename $0): ${GREEN}PASS${NC}"
763exit 0