1#!/bin/bash 2# SPDX-License-Identifier: GPL-2.0 3 4# This test is for checking the VXLAN vni filtering api and 5# datapath. 6# It simulates two hypervisors running two VMs each using four network 7# six namespaces: two for the HVs, four for the VMs. Each VM is 8# connected to a separate bridge. The VM's use overlapping vlans and 9# hence the separate bridge domain. Each vxlan device is a collect 10# metadata device with vni filtering and hence has the ability to 11# terminate configured vni's only. 12 13# +--------------------------------+ +------------------------------------+ 14# | vm-11 netns | | vm-21 netns | 15# | | | | 16# |+------------+ +-------------+ | |+-------------+ +----------------+ | 17# ||veth-11.10 | |veth-11.20 | | ||veth-21.10 | | veth-21.20 | | 18# ||10.0.10.11/24 |10.0.20.11/24| | ||10.0.10.21/24| | 10.0.20.21/24 | | 19# |+------|-----+ +|------------+ | |+-----------|-+ +---|------------+ | 20# | | | | | | | | 21# | | | | | +------------+ | 22# | +------------+ | | | veth-21 | | 23# | | veth-11 | | | | | | 24# | | | | | +-----|------+ | 25# | +-----|------+ | | | | 26# | | | | | | 27# +------------|-------------------+ +---------------|--------------------+ 28# +------------|-----------------------------------------|-------------------+ 29# | +-----|------+ +-----|------+ | 30# | |vethhv-11 | |vethhv-21 | | 31# | +----|-------+ +-----|------+ | 32# | +---|---+ +---|--+ | 33# | | br1 | | br2 | | 34# | +---|---+ +---|--+ | 35# | +---|----+ +---|--+ | 36# | | vxlan1| |vxlan2| | 37# | +--|-----+ +--|---+ | 38# | | | | 39# | | +---------------------+ | | 40# | | |veth0 | | | 41# | +---------|172.16.0.1/24 -----------+ | 42# | |2002:fee1::1/64 | | 43# | hv-1 netns +--------|------------+ | 44# +-----------------------------|--------------------------------------------+ 45# | 46# +-----------------------------|--------------------------------------------+ 47# | hv-2 netns +--------|-------------+ | 48# | | veth0 | | 49# | +------| 172.16.0.2/24 |---+ | 50# | | | 2002:fee1::2/64 | | | 51# | | | | | | 52# | | +----------------------+ | - | 53# | | | | 54# | +-|-------+ +--------|-+ | 55# | | vxlan1 | | vxlan2 | | 56# | +----|----+ +---|------+ | 57# | +--|--+ +-|---+ | 58# | | br1 | | br2 | | 59# | +--|--+ +--|--+ | 60# | +-----|-------+ +----|-------+ | 61# | | vethhv-12 | |vethhv-22 | | 62# | +------|------+ +-------|----+ | 63# +-----------------|----------------------------|---------------------------+ 64# | | 65# +-----------------|-----------------+ +--------|---------------------------+ 66# | +-------|---+ | | +--|---------+ | 67# | | veth-12 | | | |veth-22 | | 68# | +-|--------|+ | | +--|--------|+ | 69# | | | | | | | | 70# |+----------|--+ +---|-----------+ | |+-------|-----+ +|---------------+ | 71# ||veth-12.10 | |veth-12.20 | | ||veth-22.10 | |veth-22.20 | | 72# ||10.0.10.12/24| |10.0.20.12/24 | | ||10.0.10.22/24| |10.0.20.22/24 | | 73# |+-------------+ +---------------+ | |+-------------+ +----------------+ | 74# | | | | 75# | | | | 76# | vm-12 netns | |vm-22 netns | 77# +-----------------------------------+ +------------------------------------+ 78# 79# 80# This test tests the new vxlan vnifiltering api 81source lib.sh 82ret=0 83 84# all tests in this script. Can be overridden with -t option 85TESTS=" 86 vxlan_vnifilter_api 87 vxlan_vnifilter_datapath 88 vxlan_vnifilter_datapath_pervni 89 vxlan_vnifilter_datapath_mgroup 90 vxlan_vnifilter_datapath_mgroup_pervni 91 vxlan_vnifilter_metadata_and_traditional_mix 92" 93VERBOSE=0 94PAUSE_ON_FAIL=no 95PAUSE=no 96 97which ping6 > /dev/null 2>&1 && ping6=$(which ping6) || ping6=$(which ping) 98 99log_test() 100{ 101 local rc=$1 102 local expected=$2 103 local msg="$3" 104 105 if [ ${rc} -eq ${expected} ]; then 106 printf " TEST: %-60s [ OK ]\n" "${msg}" 107 nsuccess=$((nsuccess+1)) 108 else 109 ret=1 110 nfail=$((nfail+1)) 111 printf " TEST: %-60s [FAIL]\n" "${msg}" 112 if [ "${PAUSE_ON_FAIL}" = "yes" ]; then 113 echo 114 echo "hit enter to continue, 'q' to quit" 115 read a 116 [ "$a" = "q" ] && exit 1 117 fi 118 fi 119 120 if [ "${PAUSE}" = "yes" ]; then 121 echo 122 echo "hit enter to continue, 'q' to quit" 123 read a 124 [ "$a" = "q" ] && exit 1 125 fi 126} 127 128run_cmd() 129{ 130 local cmd="$1" 131 local out 132 local stderr="2>/dev/null" 133 134 if [ "$VERBOSE" = "1" ]; then 135 printf "COMMAND: $cmd\n" 136 stderr= 137 fi 138 139 out=$(eval $cmd $stderr) 140 rc=$? 141 if [ "$VERBOSE" = "1" -a -n "$out" ]; then 142 echo " $out" 143 fi 144 145 return $rc 146} 147 148check_hv_connectivity() { 149 ip netns exec $hv_1 ping -c 1 -W 1 $1 &>/dev/null 150 sleep 1 151 ip netns exec $hv_1 ping -c 1 -W 1 $2 &>/dev/null 152 153 return $? 154} 155 156check_vm_connectivity() { 157 run_cmd "ip netns exec $vm_11 ping -c 1 -W 1 10.0.10.12" 158 log_test $? 0 "VM connectivity over $1 (ipv4 default rdst)" 159 160 run_cmd "ip netns exec $vm_21 ping -c 1 -W 1 10.0.10.22" 161 log_test $? 0 "VM connectivity over $1 (ipv6 default rdst)" 162} 163 164cleanup() { 165 ip link del veth-hv-1 2>/dev/null || true 166 ip link del vethhv-11 vethhv-12 vethhv-21 vethhv-22 2>/dev/null || true 167 168 cleanup_ns $hv_1 $hv_2 $vm_11 $vm_21 $vm_12 $vm_22 $vm_31 $vm_32 169} 170 171trap cleanup EXIT 172 173setup-hv-networking() { 174 id=$1 175 local1=$2 176 mask1=$3 177 local2=$4 178 mask2=$5 179 180 ip link set veth-hv-$id netns ${hv[$id]} 181 ip -netns ${hv[$id]} link set veth-hv-$id name veth0 182 ip -netns ${hv[$id]} addr add $local1/$mask1 dev veth0 183 ip -netns ${hv[$id]} addr add $local2/$mask2 dev veth0 184 ip -netns ${hv[$id]} link set veth0 up 185} 186 187# Setups a "VM" simulated by a netns an a veth pair 188# example: setup-vm <hvid> <vmid> <brid> <VATTRS> <mcast_for_bum> 189# VATTRS = comma separated "<vlan>-<v[46]>-<localip>-<remoteip>-<VTYPE>-<vxlandstport>" 190# VTYPE = vxlan device type. "default = traditional device, metadata = metadata device 191# vnifilter = vnifiltering device, 192# vnifilterg = vnifiltering device with per vni group/remote" 193# example: 194# setup-vm 1 11 1 \ 195# 10-v4-172.16.0.1-239.1.1.100-vnifilterg,20-v4-172.16.0.1-239.1.1.100-vnifilterg 1 196# 197setup-vm() { 198 hvid=$1 199 vmid=$2 200 brid=$3 201 vattrs=$4 202 mcast=$5 203 lastvxlandev="" 204 205 # create bridge 206 ip -netns ${hv[$hvid]} link add br$brid type bridge vlan_filtering 1 vlan_default_pvid 0 \ 207 mcast_snooping 0 208 ip -netns ${hv[$hvid]} link set br$brid up 209 210 # create vm namespace and interfaces and connect to hypervisor 211 # namespace 212 hvvethif="vethhv-$vmid" 213 vmvethif="veth-$vmid" 214 ip link add $hvvethif type veth peer name $vmvethif 215 ip link set $hvvethif netns ${hv[$hvid]} 216 ip link set $vmvethif netns ${vm[$vmid]} 217 ip -netns ${hv[$hvid]} link set $hvvethif up 218 ip -netns ${vm[$vmid]} link set $vmvethif up 219 ip -netns ${hv[$hvid]} link set $hvvethif master br$brid 220 221 # configure VM vlan/vni filtering on hypervisor 222 for vmap in $(echo $vattrs | cut -d "," -f1- --output-delimiter=' ') 223 do 224 local vid=$(echo $vmap | awk -F'-' '{print ($1)}') 225 local family=$(echo $vmap | awk -F'-' '{print ($2)}') 226 local localip=$(echo $vmap | awk -F'-' '{print ($3)}') 227 local group=$(echo $vmap | awk -F'-' '{print ($4)}') 228 local vtype=$(echo $vmap | awk -F'-' '{print ($5)}') 229 local port=$(echo $vmap | awk -F'-' '{print ($6)}') 230 231 ip -netns ${vm[$vmid]} link add name $vmvethif.$vid link $vmvethif type vlan id $vid 232 ip -netns ${vm[$vmid]} addr add 10.0.$vid.$vmid/24 dev $vmvethif.$vid 233 ip -netns ${vm[$vmid]} link set $vmvethif.$vid up 234 235 tid=$vid 236 vxlandev="vxlan$brid" 237 vxlandevflags="" 238 239 if [[ -n $vtype && $vtype == "metadata" ]]; then 240 vxlandevflags="$vxlandevflags external" 241 elif [[ -n $vtype && $vtype == "vnifilter" || $vtype == "vnifilterg" ]]; then 242 vxlandevflags="$vxlandevflags external vnifilter" 243 tid=$((vid+brid)) 244 else 245 vxlandevflags="$vxlandevflags id $tid" 246 vxlandev="vxlan$tid" 247 fi 248 249 if [[ -n $vtype && $vtype != "vnifilterg" ]]; then 250 if [[ -n "$group" && "$group" != "null" ]]; then 251 if [ $mcast -eq 1 ]; then 252 vxlandevflags="$vxlandevflags group $group" 253 else 254 vxlandevflags="$vxlandevflags remote $group" 255 fi 256 fi 257 fi 258 259 if [[ -n "$port" && "$port" != "default" ]]; then 260 vxlandevflags="$vxlandevflags dstport $port" 261 fi 262 263 # create vxlan device 264 if [ "$vxlandev" != "$lastvxlandev" ]; then 265 ip -netns ${hv[$hvid]} link add $vxlandev type vxlan local $localip $vxlandevflags dev veth0 2>/dev/null 266 ip -netns ${hv[$hvid]} link set $vxlandev master br$brid 267 ip -netns ${hv[$hvid]} link set $vxlandev up 268 lastvxlandev=$vxlandev 269 fi 270 271 # add vlan 272 bridge -netns ${hv[$hvid]} vlan add vid $vid dev $hvvethif 273 bridge -netns ${hv[$hvid]} vlan add vid $vid pvid dev $vxlandev 274 275 # Add bridge vni filter for tx 276 if [[ -n $vtype && $vtype == "metadata" || $vtype == "vnifilter" || $vtype == "vnifilterg" ]]; then 277 bridge -netns ${hv[$hvid]} link set dev $vxlandev vlan_tunnel on 278 bridge -netns ${hv[$hvid]} vlan add dev $vxlandev vid $vid tunnel_info id $tid 279 fi 280 281 if [[ -n $vtype && $vtype == "metadata" ]]; then 282 bridge -netns ${hv[$hvid]} fdb add 00:00:00:00:00:00 dev $vxlandev \ 283 src_vni $tid vni $tid dst $group self 284 elif [[ -n $vtype && $vtype == "vnifilter" ]]; then 285 # Add per vni rx filter with 'bridge vni' api 286 bridge -netns ${hv[$hvid]} vni add dev $vxlandev vni $tid 287 elif [[ -n $vtype && $vtype == "vnifilterg" ]]; then 288 # Add per vni group config with 'bridge vni' api 289 if [ -n "$group" ]; then 290 if [ $mcast -eq 1 ]; then 291 bridge -netns ${hv[$hvid]} vni add dev $vxlandev vni $tid group $group 292 else 293 bridge -netns ${hv[$hvid]} vni add dev $vxlandev vni $tid remote $group 294 fi 295 fi 296 fi 297 done 298} 299 300setup_vnifilter_api() 301{ 302 ip link add veth-host type veth peer name veth-testns 303 setup_ns testns 304 ip link set veth-testns netns $testns 305} 306 307cleanup_vnifilter_api() 308{ 309 ip link del veth-host 2>/dev/null || true 310 ip netns del $testns 2>/dev/null || true 311} 312 313# tests vxlan filtering api 314vxlan_vnifilter_api() 315{ 316 hv1addr1="172.16.0.1" 317 hv2addr1="172.16.0.2" 318 hv1addr2="2002:fee1::1" 319 hv2addr2="2002:fee1::2" 320 localip="172.16.0.1" 321 group="239.1.1.101" 322 323 cleanup_vnifilter_api &>/dev/null 324 setup_vnifilter_api 325 326 # Duplicate vni test 327 # create non-vnifiltering traditional vni device 328 run_cmd "ip -netns $testns link add vxlan100 type vxlan id 100 local $localip dev veth-testns dstport 4789" 329 log_test $? 0 "Create traditional vxlan device" 330 331 # create vni filtering device 332 run_cmd "ip -netns $testns link add vxlan-ext1 type vxlan vnifilter local $localip dev veth-testns dstport 4789" 333 log_test $? 1 "Cannot create vnifilter device without external flag" 334 335 run_cmd "ip -netns $testns link add vxlan-ext1 type vxlan external vnifilter local $localip dev veth-testns dstport 4789" 336 log_test $? 0 "Creating external vxlan device with vnifilter flag" 337 338 run_cmd "bridge -netns $testns vni add dev vxlan-ext1 vni 100" 339 log_test $? 0 "Cannot set in-use vni id on vnifiltering device" 340 341 run_cmd "bridge -netns $testns vni add dev vxlan-ext1 vni 200" 342 log_test $? 0 "Set new vni id on vnifiltering device" 343 344 run_cmd "ip -netns $testns link add vxlan-ext2 type vxlan external vnifilter local $localip dev veth-testns dstport 4789" 345 log_test $? 0 "Create second external vxlan device with vnifilter flag" 346 347 run_cmd "bridge -netns $testns vni add dev vxlan-ext2 vni 200" 348 log_test $? 255 "Cannot set in-use vni id on vnifiltering device" 349 350 run_cmd "bridge -netns $testns vni add dev vxlan-ext2 vni 300" 351 log_test $? 0 "Set new vni id on vnifiltering device" 352 353 # check in bridge vni show 354 run_cmd "bridge -netns $testns vni add dev vxlan-ext2 vni 300" 355 log_test $? 0 "Update vni id on vnifiltering device" 356 357 run_cmd "bridge -netns $testns vni add dev vxlan-ext2 vni 400" 358 log_test $? 0 "Add new vni id on vnifiltering device" 359 360 # add multicast group per vni 361 run_cmd "bridge -netns $testns vni add dev vxlan-ext1 vni 200 group $group" 362 log_test $? 0 "Set multicast group on existing vni" 363 364 # add multicast group per vni 365 run_cmd "bridge -netns $testns vni add dev vxlan-ext2 vni 300 group $group" 366 log_test $? 0 "Set multicast group on existing vni" 367 368 # set vnifilter on an existing external vxlan device 369 run_cmd "ip -netns $testns link set dev vxlan-ext1 type vxlan external vnifilter" 370 log_test $? 2 "Cannot set vnifilter flag on a device" 371 372 # change vxlan vnifilter flag 373 run_cmd "ip -netns $testns link set dev vxlan-ext1 type vxlan external novnifilter" 374 log_test $? 2 "Cannot unset vnifilter flag on a device" 375} 376 377# Sanity test vnifilter datapath 378# vnifilter vnis inherit BUM group from 379# vxlan device 380vxlan_vnifilter_datapath() 381{ 382 hv1addr1="172.16.0.1" 383 hv2addr1="172.16.0.2" 384 hv1addr2="2002:fee1::1" 385 hv2addr2="2002:fee1::2" 386 387 setup_ns hv_1 hv_2 388 hv[1]=$hv_1 389 hv[2]=$hv_2 390 ip link add veth-hv-1 type veth peer name veth-hv-2 391 setup-hv-networking 1 $hv1addr1 24 $hv1addr2 64 $hv2addr1 $hv2addr2 392 setup-hv-networking 2 $hv2addr1 24 $hv2addr2 64 $hv1addr1 $hv1addr2 393 394 check_hv_connectivity hv2addr1 hv2addr2 395 396 setup_ns vm_11 vm_21 vm_12 vm_22 397 vm[11]=$vm_11 398 vm[21]=$vm_21 399 vm[12]=$vm_12 400 vm[22]=$vm_22 401 setup-vm 1 11 1 10-v4-$hv1addr1-$hv2addr1-vnifilter,20-v4-$hv1addr1-$hv2addr1-vnifilter 0 402 setup-vm 1 21 2 10-v6-$hv1addr2-$hv2addr2-vnifilter,20-v6-$hv1addr2-$hv2addr2-vnifilter 0 403 404 setup-vm 2 12 1 10-v4-$hv2addr1-$hv1addr1-vnifilter,20-v4-$hv2addr1-$hv1addr1-vnifilter 0 405 setup-vm 2 22 2 10-v6-$hv2addr2-$hv1addr2-vnifilter,20-v6-$hv2addr2-$hv1addr2-vnifilter 0 406 407 check_vm_connectivity "vnifiltering vxlan" 408} 409 410# Sanity test vnifilter datapath 411# with vnifilter per vni configured BUM 412# group/remote 413vxlan_vnifilter_datapath_pervni() 414{ 415 hv1addr1="172.16.0.1" 416 hv2addr1="172.16.0.2" 417 hv1addr2="2002:fee1::1" 418 hv2addr2="2002:fee1::2" 419 420 setup_ns hv_1 hv_2 421 hv[1]=$hv_1 422 hv[2]=$hv_2 423 ip link add veth-hv-1 type veth peer name veth-hv-2 424 setup-hv-networking 1 $hv1addr1 24 $hv1addr2 64 425 setup-hv-networking 2 $hv2addr1 24 $hv2addr2 64 426 427 check_hv_connectivity hv2addr1 hv2addr2 428 429 setup_ns vm_11 vm_21 vm_12 vm_22 430 vm[11]=$vm_11 431 vm[21]=$vm_21 432 vm[12]=$vm_12 433 vm[22]=$vm_22 434 setup-vm 1 11 1 10-v4-$hv1addr1-$hv2addr1-vnifilterg,20-v4-$hv1addr1-$hv2addr1-vnifilterg 0 435 setup-vm 1 21 2 10-v6-$hv1addr2-$hv2addr2-vnifilterg,20-v6-$hv1addr2-$hv2addr2-vnifilterg 0 436 437 setup-vm 2 12 1 10-v4-$hv2addr1-$hv1addr1-vnifilterg,20-v4-$hv2addr1-$hv1addr1-vnifilterg 0 438 setup-vm 2 22 2 10-v6-$hv2addr2-$hv1addr2-vnifilterg,20-v6-$hv2addr2-$hv1addr2-vnifilterg 0 439 440 check_vm_connectivity "vnifiltering vxlan pervni remote" 441} 442 443 444vxlan_vnifilter_datapath_mgroup() 445{ 446 hv1addr1="172.16.0.1" 447 hv2addr1="172.16.0.2" 448 hv1addr2="2002:fee1::1" 449 hv2addr2="2002:fee1::2" 450 group="239.1.1.100" 451 group6="ff07::1" 452 453 setup_ns hv_1 hv_2 454 hv[1]=$hv_1 455 hv[2]=$hv_2 456 ip link add veth-hv-1 type veth peer name veth-hv-2 457 setup-hv-networking 1 $hv1addr1 24 $hv1addr2 64 458 setup-hv-networking 2 $hv2addr1 24 $hv2addr2 64 459 460 check_hv_connectivity hv2addr1 hv2addr2 461 462 setup_ns vm_11 vm_21 vm_12 vm_22 463 vm[11]=$vm_11 464 vm[21]=$vm_21 465 vm[12]=$vm_12 466 vm[22]=$vm_22 467 setup-vm 1 11 1 10-v4-$hv1addr1-$group-vnifilter,20-v4-$hv1addr1-$group-vnifilter 1 468 setup-vm 1 21 2 "10-v6-$hv1addr2-$group6-vnifilter,20-v6-$hv1addr2-$group6-vnifilter" 1 469 470 setup-vm 2 12 1 10-v4-$hv2addr1-$group-vnifilter,20-v4-$hv2addr1-$group-vnifilter 1 471 setup-vm 2 22 2 10-v6-$hv2addr2-$group6-vnifilter,20-v6-$hv2addr2-$group6-vnifilter 1 472 473 check_vm_connectivity "vnifiltering vxlan mgroup" 474} 475 476vxlan_vnifilter_datapath_mgroup_pervni() 477{ 478 hv1addr1="172.16.0.1" 479 hv2addr1="172.16.0.2" 480 hv1addr2="2002:fee1::1" 481 hv2addr2="2002:fee1::2" 482 group="239.1.1.100" 483 group6="ff07::1" 484 485 setup_ns hv_1 hv_2 486 hv[1]=$hv_1 487 hv[2]=$hv_2 488 ip link add veth-hv-1 type veth peer name veth-hv-2 489 setup-hv-networking 1 $hv1addr1 24 $hv1addr2 64 490 setup-hv-networking 2 $hv2addr1 24 $hv2addr2 64 491 492 check_hv_connectivity hv2addr1 hv2addr2 493 494 setup_ns vm_11 vm_21 vm_12 vm_22 495 vm[11]=$vm_11 496 vm[21]=$vm_21 497 vm[12]=$vm_12 498 vm[22]=$vm_22 499 setup-vm 1 11 1 10-v4-$hv1addr1-$group-vnifilterg,20-v4-$hv1addr1-$group-vnifilterg 1 500 setup-vm 1 21 2 10-v6-$hv1addr2-$group6-vnifilterg,20-v6-$hv1addr2-$group6-vnifilterg 1 501 502 setup-vm 2 12 1 10-v4-$hv2addr1-$group-vnifilterg,20-v4-$hv2addr1-$group-vnifilterg 1 503 setup-vm 2 22 2 10-v6-$hv2addr2-$group6-vnifilterg,20-v6-$hv2addr2-$group6-vnifilterg 1 504 505 check_vm_connectivity "vnifiltering vxlan pervni mgroup" 506} 507 508vxlan_vnifilter_metadata_and_traditional_mix() 509{ 510 hv1addr1="172.16.0.1" 511 hv2addr1="172.16.0.2" 512 hv1addr2="2002:fee1::1" 513 hv2addr2="2002:fee1::2" 514 515 setup_ns hv_1 hv_2 516 hv[1]=$hv_1 517 hv[2]=$hv_2 518 ip link add veth-hv-1 type veth peer name veth-hv-2 519 setup-hv-networking 1 $hv1addr1 24 $hv1addr2 64 520 setup-hv-networking 2 $hv2addr1 24 $hv2addr2 64 521 522 check_hv_connectivity hv2addr1 hv2addr2 523 524 setup_ns vm_11 vm_21 vm_31 vm_12 vm_22 vm_32 525 vm[11]=$vm_11 526 vm[21]=$vm_21 527 vm[31]=$vm_31 528 vm[12]=$vm_12 529 vm[22]=$vm_22 530 vm[32]=$vm_32 531 setup-vm 1 11 1 10-v4-$hv1addr1-$hv2addr1-vnifilter,20-v4-$hv1addr1-$hv2addr1-vnifilter 0 532 setup-vm 1 21 2 10-v6-$hv1addr2-$hv2addr2-vnifilter,20-v6-$hv1addr2-$hv2addr2-vnifilter 0 533 setup-vm 1 31 3 30-v4-$hv1addr1-$hv2addr1-default-4790,40-v6-$hv1addr2-$hv2addr2-default-4790,50-v4-$hv1addr1-$hv2addr1-metadata-4791 0 534 535 536 setup-vm 2 12 1 10-v4-$hv2addr1-$hv1addr1-vnifilter,20-v4-$hv2addr1-$hv1addr1-vnifilter 0 537 setup-vm 2 22 2 10-v6-$hv2addr2-$hv1addr2-vnifilter,20-v6-$hv2addr2-$hv1addr2-vnifilter 0 538 setup-vm 2 32 3 30-v4-$hv2addr1-$hv1addr1-default-4790,40-v6-$hv2addr2-$hv1addr2-default-4790,50-v4-$hv2addr1-$hv1addr1-metadata-4791 0 539 540 check_vm_connectivity "vnifiltering vxlan pervni remote mix" 541 542 # check VM connectivity over traditional/non-vxlan filtering vxlan devices 543 run_cmd "ip netns exec $vm_31 ping -c 1 -W 1 10.0.30.32" 544 log_test $? 0 "VM connectivity over traditional vxlan (ipv4 default rdst)" 545 546 run_cmd "ip netns exec $vm_31 ping -c 1 -W 1 10.0.40.32" 547 log_test $? 0 "VM connectivity over traditional vxlan (ipv6 default rdst)" 548 549 run_cmd "ip netns exec $vm_31 ping -c 1 -W 1 10.0.50.32" 550 log_test $? 0 "VM connectivity over metadata nonfiltering vxlan (ipv4 default rdst)" 551} 552 553while getopts :t:pP46hv o 554do 555 case $o in 556 t) TESTS=$OPTARG;; 557 p) PAUSE_ON_FAIL=yes;; 558 P) PAUSE=yes;; 559 v) VERBOSE=$(($VERBOSE + 1));; 560 h) usage; exit 0;; 561 *) usage; exit 1;; 562 esac 563done 564 565# make sure we don't pause twice 566[ "${PAUSE}" = "yes" ] && PAUSE_ON_FAIL=no 567 568if [ "$(id -u)" -ne 0 ];then 569 echo "SKIP: Need root privileges" 570 exit $ksft_skip; 571fi 572 573if [ ! -x "$(command -v ip)" ]; then 574 echo "SKIP: Could not run test without ip tool" 575 exit $ksft_skip 576fi 577 578ip link help vxlan 2>&1 | grep -q "vnifilter" 579if [ $? -ne 0 ]; then 580 echo "SKIP: iproute2 too old, missing vxlan dev vnifilter setting" 581 sync 582 exit $ksft_skip 583fi 584 585bridge vni help 2>&1 | grep -q "Usage: bridge vni" 586if [ $? -ne 0 ]; then 587 echo "SKIP: iproute2 bridge lacks vxlan vnifiltering support" 588 exit $ksft_skip 589fi 590 591# start clean 592cleanup &> /dev/null 593 594for t in $TESTS 595do 596 case $t in 597 none) setup; exit 0;; 598 *) $t; cleanup;; 599 esac 600done 601 602if [ "$TESTS" != "none" ]; then 603 printf "\nTests passed: %3d\n" ${nsuccess} 604 printf "Tests failed: %3d\n" ${nfail} 605fi 606 607exit $ret 608