selftests: add a selftest for directed broadcast forwarding

As Ido's suggestion, this patch is to add a selftest for directed
broadcast forwarding with vrf. It does the assertion by checking
the src IP of the echo-reply packet in ping_test_from.

Signed-off-by: Xin Long <lucien.xin@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Xin Long 2018-07-27 16:37:29 +08:00 committed by David S. Miller
parent 5cbf777cfd
commit 40f98b9af9
1 changed files with 233 additions and 0 deletions

View File

@ -0,0 +1,233 @@
#!/bin/bash
# SPDX-License-Identifier: GPL-2.0
ALL_TESTS="ping_ipv4"
NUM_NETIFS=6
source lib.sh
h1_create()
{
vrf_create "vrf-h1"
ip link set dev $h1 master vrf-h1
ip link set dev vrf-h1 up
ip link set dev $h1 up
ip address add 192.0.2.2/24 dev $h1
ip route add 198.51.100.0/24 vrf vrf-h1 nexthop via 192.0.2.1
ip route add 198.51.200.0/24 vrf vrf-h1 nexthop via 192.0.2.1
}
h1_destroy()
{
ip route del 198.51.200.0/24 vrf vrf-h1
ip route del 198.51.100.0/24 vrf vrf-h1
ip address del 192.0.2.2/24 dev $h1
ip link set dev $h1 down
vrf_destroy "vrf-h1"
}
h2_create()
{
vrf_create "vrf-h2"
ip link set dev $h2 master vrf-h2
ip link set dev vrf-h2 up
ip link set dev $h2 up
ip address add 198.51.100.2/24 dev $h2
ip route add 192.0.2.0/24 vrf vrf-h2 nexthop via 198.51.100.1
ip route add 198.51.200.0/24 vrf vrf-h2 nexthop via 198.51.100.1
}
h2_destroy()
{
ip route del 198.51.200.0/24 vrf vrf-h2
ip route del 192.0.2.0/24 vrf vrf-h2
ip address del 198.51.100.2/24 dev $h2
ip link set dev $h2 down
vrf_destroy "vrf-h2"
}
h3_create()
{
vrf_create "vrf-h3"
ip link set dev $h3 master vrf-h3
ip link set dev vrf-h3 up
ip link set dev $h3 up
ip address add 198.51.200.2/24 dev $h3
ip route add 192.0.2.0/24 vrf vrf-h3 nexthop via 198.51.200.1
ip route add 198.51.100.0/24 vrf vrf-h3 nexthop via 198.51.200.1
}
h3_destroy()
{
ip route del 198.51.100.0/24 vrf vrf-h3
ip route del 192.0.2.0/24 vrf vrf-h3
ip address del 198.51.200.2/24 dev $h3
ip link set dev $h3 down
vrf_destroy "vrf-h3"
}
router_create()
{
ip link set dev $rp1 up
ip link set dev $rp2 up
ip link set dev $rp3 up
ip address add 192.0.2.1/24 dev $rp1
ip address add 198.51.100.1/24 dev $rp2
ip address add 198.51.200.1/24 dev $rp3
}
router_destroy()
{
ip address del 198.51.200.1/24 dev $rp3
ip address del 198.51.100.1/24 dev $rp2
ip address del 192.0.2.1/24 dev $rp1
ip link set dev $rp3 down
ip link set dev $rp2 down
ip link set dev $rp1 down
}
setup_prepare()
{
h1=${NETIFS[p1]}
rp1=${NETIFS[p2]}
rp2=${NETIFS[p3]}
h2=${NETIFS[p4]}
rp3=${NETIFS[p5]}
h3=${NETIFS[p6]}
vrf_prepare
h1_create
h2_create
h3_create
router_create
forwarding_enable
}
cleanup()
{
pre_cleanup
forwarding_restore
router_destroy
h3_destroy
h2_destroy
h1_destroy
vrf_cleanup
}
bc_forwarding_disable()
{
sysctl_set net.ipv4.conf.all.bc_forwarding 0
sysctl_set net.ipv4.conf.$rp1.bc_forwarding 0
}
bc_forwarding_enable()
{
sysctl_set net.ipv4.conf.all.bc_forwarding 1
sysctl_set net.ipv4.conf.$rp1.bc_forwarding 1
}
bc_forwarding_restore()
{
sysctl_restore net.ipv4.conf.$rp1.bc_forwarding
sysctl_restore net.ipv4.conf.all.bc_forwarding
}
ping_test_from()
{
local oif=$1
local dip=$2
local from=$3
local fail=${4:-0}
RET=0
log_info "ping $dip, expected reply from $from"
ip vrf exec $(master_name_get $oif) \
$PING -I $oif $dip -c 10 -i 0.1 -w 2 -b 2>&1 | grep $from &> /dev/null
check_err_fail $fail $?
}
ping_ipv4()
{
sysctl_set net.ipv4.icmp_echo_ignore_broadcasts 0
bc_forwarding_disable
log_info "bc_forwarding disabled on r1 =>"
ping_test_from $h1 198.51.100.255 192.0.2.1
log_test "h1 -> net2: reply from r1 (not forwarding)"
ping_test_from $h1 198.51.200.255 192.0.2.1
log_test "h1 -> net3: reply from r1 (not forwarding)"
ping_test_from $h1 192.0.2.255 192.0.2.1
log_test "h1 -> net1: reply from r1 (not dropping)"
ping_test_from $h1 255.255.255.255 192.0.2.1
log_test "h1 -> 255.255.255.255: reply from r1 (not forwarding)"
ping_test_from $h2 192.0.2.255 198.51.100.1
log_test "h2 -> net1: reply from r1 (not forwarding)"
ping_test_from $h2 198.51.200.255 198.51.100.1
log_test "h2 -> net3: reply from r1 (not forwarding)"
ping_test_from $h2 198.51.100.255 198.51.100.1
log_test "h2 -> net2: reply from r1 (not dropping)"
ping_test_from $h2 255.255.255.255 198.51.100.1
log_test "h2 -> 255.255.255.255: reply from r1 (not forwarding)"
bc_forwarding_restore
bc_forwarding_enable
log_info "bc_forwarding enabled on r1 =>"
ping_test_from $h1 198.51.100.255 198.51.100.2
log_test "h1 -> net2: reply from h2 (forwarding)"
ping_test_from $h1 198.51.200.255 198.51.200.2
log_test "h1 -> net3: reply from h3 (forwarding)"
ping_test_from $h1 192.0.2.255 192.0.2.1 1
log_test "h1 -> net1: no reply (dropping)"
ping_test_from $h1 255.255.255.255 192.0.2.1
log_test "h1 -> 255.255.255.255: reply from r1 (not forwarding)"
ping_test_from $h2 192.0.2.255 192.0.2.2
log_test "h2 -> net1: reply from h1 (forwarding)"
ping_test_from $h2 198.51.200.255 198.51.200.2
log_test "h2 -> net3: reply from h3 (forwarding)"
ping_test_from $h2 198.51.100.255 198.51.100.1 1
log_test "h2 -> net2: no reply (dropping)"
ping_test_from $h2 255.255.255.255 198.51.100.1
log_test "h2 -> 255.255.255.255: reply from r1 (not forwarding)"
bc_forwarding_restore
sysctl_restore net.ipv4.icmp_echo_ignore_broadcasts
}
trap cleanup EXIT
setup_prepare
setup_wait
tests_run
exit $EXIT_STATUS