[PATCH net-next v7 2/2] Add tests for vxlan nolocalbypass option.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Add test to make sure that the localbypass option is on by default.

Add test to change vxlan localbypass to nolocalbypass and check
that packets are delivered to userspace.

Signed-off-by: Vladimir Nikishkin <vladimir@xxxxxxxxxxxx>
---
 tools/testing/selftests/net/Makefile          |   1 +
 .../selftests/net/test_vxlan_nolocalbypass.sh | 234 ++++++++++++++++++
 2 files changed, 235 insertions(+)
 create mode 100755 tools/testing/selftests/net/test_vxlan_nolocalbypass.sh

diff --git a/tools/testing/selftests/net/Makefile b/tools/testing/selftests/net/Makefile
index c12df57d5539..7f3ab2a93ed6 100644
--- a/tools/testing/selftests/net/Makefile
+++ b/tools/testing/selftests/net/Makefile
@@ -84,6 +84,7 @@ TEST_GEN_FILES += ip_local_port_range
 TEST_GEN_FILES += bind_wildcard
 TEST_PROGS += test_vxlan_mdb.sh
 TEST_PROGS += test_bridge_neigh_suppress.sh
+TEST_PROGS += test_vxlan_nolocalbypass.sh
 
 TEST_FILES := settings
 
diff --git a/tools/testing/selftests/net/test_vxlan_nolocalbypass.sh b/tools/testing/selftests/net/test_vxlan_nolocalbypass.sh
new file mode 100755
index 000000000000..d8e48ab1e7e0
--- /dev/null
+++ b/tools/testing/selftests/net/test_vxlan_nolocalbypass.sh
@@ -0,0 +1,234 @@
+#!/bin/bash
+# SPDX-License-Identifier: GPL-2.0
+
+# This file is testing that the [no]localbypass option for a vxlan device is
+# working. With the nolocalbypass option, packets to a local destination, which
+# have no corresponding vxlan in the kernel, will be delivered to userspace, for
+# any userspace process to process. In this test tcpdump plays the role of such a
+# process. This is what the test 1 is checking.
+# The test 2 checks that without the nolocalbypass (which is equivalent to the
+# localbypass option), the packets do not reach userspace.
+
+EXIT_SUCCESS=0
+EXIT_FAIL=1
+ksft_skip=4
+nsuccess=0
+nfail=0
+
+ret=0
+
+TESTS="
+changelink_nolocalbypass_simple
+"
+VERBOSE=0
+PAUSE_ON_FAIL=no
+PAUSE=no
+
+
+NETNS_NAME=vxlan_nolocalbypass_test
+
+################################################################################
+# Utilities
+
+log_test()
+{
+	local rc=$1
+	local expected=$2
+	local msg="$3"
+
+	if [ ${rc} -eq ${expected} ]; then
+		printf "TEST: %-60s  [ OK ]\n" "${msg}"
+		nsuccess=$((nsuccess+1))
+	else
+		ret=1
+		nfail=$((nfail+1))
+		printf "TEST: %-60s  [FAIL]\n" "${msg}"
+		if [ "$VERBOSE" = "1" ]; then
+			echo "    rc=$rc, expected $expected"
+		fi
+
+		if [ "${PAUSE_ON_FAIL}" = "yes" ]; then
+		echo
+			echo "hit enter to continue, 'q' to quit"
+			read a
+			[ "$a" = "q" ] && exit 1
+		fi
+	fi
+
+	if [ "${PAUSE}" = "yes" ]; then
+		echo
+		echo "hit enter to continue, 'q' to quit"
+		read a
+		[ "$a" = "q" ] && exit 1
+	fi
+
+	[ "$VERBOSE" = "1" ] && echo
+}
+
+run_cmd()
+{
+	local cmd="$1"
+	local out
+	local stderr="2>/dev/null"
+
+	if [ "$VERBOSE" = "1" ]; then
+		printf "COMMAND: $cmd\n"
+		stderr=
+	fi
+
+	out=$(eval $cmd $stderr)
+	rc=$?
+	if [ "$VERBOSE" = "1" -a -n "$out" ]; then
+		echo "    $out"
+	fi
+
+	return $rc
+}
+
+socat_check_packets()
+{
+  echo TODO
+  exit 1
+}
+
+################################################################################
+# Setup
+
+setup()
+{
+  ip netns add "$NETNS_NAME"
+  ip -n "$NETNS_NAME" link set up lo
+  ip -n "$NETNS_NAME" addr add 127.0.0.1 dev lo
+}
+
+cleanup()
+{
+  ip netns del "$NETNS_NAME"
+}
+
+
+################################################################################
+# Tests
+
+changelink_nolocalbypass_simple()
+{
+  # test 1: by default, packets are dropped
+
+  run_cmd "ip -n $NETNS_NAME link add testvxlan0 type vxlan  \
+     id 100 \
+     dstport 4789 \
+     srcport 4789 4790 \
+     nolearning noproxy"
+  log_test $? 0 "Create vxlan with localbypass by default"
+  run_cmd "ip -n $NETNS_NAME link set up dev testvxlan0"
+  log_test $? 0 "Bring up vxlan device"
+  run_cmd "bridge -n $NETNS_NAME fdb add 00:00:00:00:00:00 dev testvxlan0 dst 127.0.0.1 port 4792"
+  log_test $? 0 "Add the most general fdb entry"
+  run_cmd "ip -n $NETNS_NAME address add 172.16.100.1/24 dev testvxlan0"
+
+  local tmp_file="$(mktemp)"
+  ip netns exec $NETNS_NAME socat UDP4-LISTEN:4792,fork "$tmp_file" &
+
+  run_cmd "ip netns exec $NETNS_NAME timeout 3 ping  172.16.100.2"
+
+  l_size=$(stat -c '%s' "$tmp_file" | tr -d '\n')
+  log_test $l_size 0 "    Packets dropped by default."
+
+  { kill %% && wait %%; } 2>/dev/null
+  rm -rf "$tmp_file"
+  touch "$tmp_file"
+  # test 2: nolocalbypass works
+
+  run_cmd "ip -n $NETNS_NAME link set testvxlan0 type vxlan nolocalbypass"
+
+  ip netns exec $NETNS_NAME socat UDP4-LISTEN:4792,fork "$tmp_file" &
+  sleep 1
+  run_cmd "ip netns exec $NETNS_NAME timeout 3 ping 172.16.100.2"
+
+  l_size=$(stat -c '%s' "$tmp_file" | tr -d '\n')
+  if [[ "$l_size" != 0 ]] ; then
+    log_test 1 1 "    Packets dropped by default."
+  else
+    log_test 0 1 "    Packets dropped by default."
+  fi
+
+  run_cmd "ip -n $NETNS_NAME link del dev testvxlan0 1>/dev/null 2>&1"
+
+  { kill %% && wait %%; } 2>/dev/null
+  rm -rf "$tmp_file"
+
+}
+
+################################################################################
+# Usage
+
+usage()
+{
+	cat <<EOF
+usage: ${0##*/} OPTS
+
+        -t <test>   Test(s) to run (default: all)
+                    (options: $TESTS)
+        -p          Pause on fail
+        -P          Pause after each test before cleanup
+        -v          Verbose mode (show commands and output)
+EOF
+}
+
+################################################################################
+# Main
+
+trap cleanup EXIT
+
+while getopts ":t:pPvh" opt; do
+	case $opt in
+		t) TESTS=$OPTARG ;;
+		p) PAUSE_ON_FAIL=yes;;
+		P) PAUSE=yes;;
+		v) VERBOSE=$(($VERBOSE + 1));;
+		h) usage; exit 0;;
+		*) usage; exit 1;;
+	esac
+done
+
+# Make sure we don't pause twice.
+[ "${PAUSE}" = "yes" ] && PAUSE_ON_FAIL=no
+
+if [ "$(id -u)" -ne 0 ];then
+  echo "SKIP: Need root privileges"
+  exit $ksft_skip;
+fi
+
+if [ ! -x "$(command -v ip)" ]; then
+  echo "SKIP: Could not run test without ip tool"
+  exit $ksft_skip
+fi
+
+if [ ! -x "$(command -v bridge)" ]; then
+  echo "SKIP: Could not run test without bridge tool"
+  exit $ksft_skip
+fi
+if [ ! -x "$(command -v socat)" ]; then
+  echo "socat command not found. Skipping test"
+  return 1
+fi
+
+ip link help vxlan 2>&1 | grep -q "localbypass"
+if [ $? -ne 0 ]; then
+   echo "SKIP: iproute2 ip too old, missing VXLAN nolocalbypass support"
+   exit $ksft_skip
+fi
+
+cleanup
+
+for t in $TESTS
+do
+	setup; $t; cleanup;
+done
+
+if [ "$TESTS" != "none" ]; then
+	printf "\nTests passed: %3d\n" ${nsuccess}
+	printf "Tests failed: %3d\n"   ${nfail}
+fi
+
+exit $ret
-- 
2.35.7

--
Fastmail.
[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux