1#!/bin/bash
  2# In Namespace 0 (at_ns0) using native tunnel
  3# Overlay IP: 10.1.1.100
  4# local 192.16.1.100 remote 192.16.1.200
  5# veth0 IP: 172.16.1.100, tunnel dev <type>00
  6
  7# Out of Namespace using BPF set/get on lwtunnel
  8# Overlay IP: 10.1.1.200
  9# local 172.16.1.200 remote 172.16.1.100
 10# veth1 IP: 172.16.1.200, tunnel dev <type>11
 11
 12function config_device {
 13	ip netns add at_ns0
 14	ip link add veth0 type veth peer name veth1
 15	ip link set veth0 netns at_ns0
 16	ip netns exec at_ns0 ip addr add 172.16.1.100/24 dev veth0
 17	ip netns exec at_ns0 ip link set dev veth0 up
 18	ip link set dev veth1 up mtu 1500
 19	ip addr add dev veth1 172.16.1.200/24
 20}
 21
 22function add_gre_tunnel {
 23	# in namespace
 24	ip netns exec at_ns0 \
 25		ip link add dev $DEV_NS type $TYPE key 2 local 172.16.1.100 remote 172.16.1.200
 26	ip netns exec at_ns0 ip link set dev $DEV_NS up
 27	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
 28
 29	# out of namespace
 30	ip link add dev $DEV type $TYPE key 2 external
 31	ip link set dev $DEV up
 32	ip addr add dev $DEV 10.1.1.200/24
 33}
 34
 35function add_vxlan_tunnel {
 36	# Set static ARP entry here because iptables set-mark works
 37	# on L3 packet, as a result not applying to ARP packets,
 38	# causing errors at get_tunnel_{key/opt}.
 39
 40	# in namespace
 41	ip netns exec at_ns0 \
 42		ip link add dev $DEV_NS type $TYPE id 2 dstport 4789 gbp remote 172.16.1.200
 43	ip netns exec at_ns0 ip link set dev $DEV_NS address 52:54:00:d9:01:00 up
 44	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
 45	ip netns exec at_ns0 arp -s 10.1.1.200 52:54:00:d9:02:00
 46	ip netns exec at_ns0 iptables -A OUTPUT -j MARK --set-mark 0x800FF
 47
 48	# out of namespace
 49	ip link add dev $DEV type $TYPE external gbp dstport 4789
 50	ip link set dev $DEV address 52:54:00:d9:02:00 up
 51	ip addr add dev $DEV 10.1.1.200/24
 52	arp -s 10.1.1.100 52:54:00:d9:01:00
 53}
 54
 55function add_geneve_tunnel {
 56	# in namespace
 57	ip netns exec at_ns0 \
 58		ip link add dev $DEV_NS type $TYPE id 2 dstport 6081 remote 172.16.1.200
 59	ip netns exec at_ns0 ip link set dev $DEV_NS up
 60	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
 61
 62	# out of namespace
 63	ip link add dev $DEV type $TYPE dstport 6081 external
 64	ip link set dev $DEV up
 65	ip addr add dev $DEV 10.1.1.200/24
 66}
 67
 68function add_ipip_tunnel {
 69	# in namespace
 70	ip netns exec at_ns0 \
 71		ip link add dev $DEV_NS type $TYPE local 172.16.1.100 remote 172.16.1.200
 72	ip netns exec at_ns0 ip link set dev $DEV_NS up
 73	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
 74
 75	# out of namespace
 76	ip link add dev $DEV type $TYPE external
 77	ip link set dev $DEV up
 78	ip addr add dev $DEV 10.1.1.200/24
 79}
 80
 81function attach_bpf {
 82	DEV=$1
 83	SET_TUNNEL=$2
 84	GET_TUNNEL=$3
 85	tc qdisc add dev $DEV clsact
 86	tc filter add dev $DEV egress bpf da obj tcbpf2_kern.o sec $SET_TUNNEL
 87	tc filter add dev $DEV ingress bpf da obj tcbpf2_kern.o sec $GET_TUNNEL
 88}
 89
 90function test_gre {
 91	TYPE=gretap
 92	DEV_NS=gretap00
 93	DEV=gretap11
 94	config_device
 95	add_gre_tunnel
 96	attach_bpf $DEV gre_set_tunnel gre_get_tunnel
 97	ping -c 1 10.1.1.100
 98	ip netns exec at_ns0 ping -c 1 10.1.1.200
 99	cleanup
100}
101
102function test_vxlan {
103	TYPE=vxlan
104	DEV_NS=vxlan00
105	DEV=vxlan11
106	config_device
107	add_vxlan_tunnel
108	attach_bpf $DEV vxlan_set_tunnel vxlan_get_tunnel
109	ping -c 1 10.1.1.100
110	ip netns exec at_ns0 ping -c 1 10.1.1.200
111	cleanup
112}
113
114function test_geneve {
115	TYPE=geneve
116	DEV_NS=geneve00
117	DEV=geneve11
118	config_device
119	add_geneve_tunnel
120	attach_bpf $DEV geneve_set_tunnel geneve_get_tunnel
121	ping -c 1 10.1.1.100
122	ip netns exec at_ns0 ping -c 1 10.1.1.200
123	cleanup
124}
125
126function test_ipip {
127	TYPE=ipip
128	DEV_NS=ipip00
129	DEV=ipip11
130	config_device
131	tcpdump -nei veth1 &
132	cat /sys/kernel/debug/tracing/trace_pipe &
133	add_ipip_tunnel
134	ethtool -K veth1 gso off gro off rx off tx off
135	ip link set dev veth1 mtu 1500
136	attach_bpf $DEV ipip_set_tunnel ipip_get_tunnel
137	ping -c 1 10.1.1.100
138	ip netns exec at_ns0 ping -c 1 10.1.1.200
139	ip netns exec at_ns0 iperf -sD -p 5200 > /dev/null
140	sleep 0.2
141	iperf -c 10.1.1.100 -n 5k -p 5200
142	cleanup
143}
144
145function cleanup {
146	set +ex
147	pkill iperf
148	ip netns delete at_ns0
149	ip link del veth1
150	ip link del ipip11
151	ip link del gretap11
152	ip link del geneve11
153	pkill tcpdump
154	pkill cat
155	set -ex
156}
157
158cleanup
159echo "Testing GRE tunnel..."
160test_gre
161echo "Testing VXLAN tunnel..."
162test_vxlan
163echo "Testing GENEVE tunnel..."
164test_geneve
165echo "Testing IPIP tunnel..."
166test_ipip
167echo "*** PASS ***"