Linux 4.16.11
[linux/fpc-iii.git] / samples / bpf / test_tunnel_bpf.sh
blob43ce049996eeb5b4d81394705861a3f11715d3b4
1 #!/bin/bash
2 # SPDX-License-Identifier: GPL-2.0
3 # In Namespace 0 (at_ns0) using native tunnel
4 # Overlay IP: 10.1.1.100
5 # local 192.16.1.100 remote 192.16.1.200
6 # veth0 IP: 172.16.1.100, tunnel dev <type>00
8 # Out of Namespace using BPF set/get on lwtunnel
9 # Overlay IP: 10.1.1.200
10 # local 172.16.1.200 remote 172.16.1.100
11 # veth1 IP: 172.16.1.200, tunnel dev <type>11
13 function config_device {
14 ip netns add at_ns0
15 ip link add veth0 type veth peer name veth1
16 ip link set veth0 netns at_ns0
17 ip netns exec at_ns0 ip addr add 172.16.1.100/24 dev veth0
18 ip netns exec at_ns0 ip link set dev veth0 up
19 ip link set dev veth1 up mtu 1500
20 ip addr add dev veth1 172.16.1.200/24
23 function add_gre_tunnel {
24 # in namespace
25 ip netns exec at_ns0 \
26 ip link add dev $DEV_NS type $TYPE key 2 local 172.16.1.100 remote 172.16.1.200
27 ip netns exec at_ns0 ip link set dev $DEV_NS up
28 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
30 # out of namespace
31 ip link add dev $DEV type $TYPE key 2 external
32 ip link set dev $DEV up
33 ip addr add dev $DEV 10.1.1.200/24
36 function add_ip6gretap_tunnel {
38 # assign ipv6 address
39 ip netns exec at_ns0 ip addr add ::11/96 dev veth0
40 ip netns exec at_ns0 ip link set dev veth0 up
41 ip addr add dev veth1 ::22/96
42 ip link set dev veth1 up
44 # in namespace
45 ip netns exec at_ns0 \
46 ip link add dev $DEV_NS type $TYPE flowlabel 0xbcdef key 2 \
47 local ::11 remote ::22
49 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
50 ip netns exec at_ns0 ip addr add dev $DEV_NS fc80::100/96
51 ip netns exec at_ns0 ip link set dev $DEV_NS up
53 # out of namespace
54 ip link add dev $DEV type $TYPE external
55 ip addr add dev $DEV 10.1.1.200/24
56 ip addr add dev $DEV fc80::200/24
57 ip link set dev $DEV up
60 function add_erspan_tunnel {
61 # in namespace
62 if [ "$1" == "v1" ]; then
63 ip netns exec at_ns0 \
64 ip link add dev $DEV_NS type $TYPE seq key 2 \
65 local 172.16.1.100 remote 172.16.1.200 \
66 erspan_ver 1 erspan 123
67 else
68 ip netns exec at_ns0 \
69 ip link add dev $DEV_NS type $TYPE seq key 2 \
70 local 172.16.1.100 remote 172.16.1.200 \
71 erspan_ver 2 erspan_dir egress erspan_hwid 3
73 ip netns exec at_ns0 ip link set dev $DEV_NS up
74 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
76 # out of namespace
77 ip link add dev $DEV type $TYPE external
78 ip link set dev $DEV up
79 ip addr add dev $DEV 10.1.1.200/24
82 function add_ip6erspan_tunnel {
84 # assign ipv6 address
85 ip netns exec at_ns0 ip addr add ::11/96 dev veth0
86 ip netns exec at_ns0 ip link set dev veth0 up
87 ip addr add dev veth1 ::22/96
88 ip link set dev veth1 up
90 # in namespace
91 if [ "$1" == "v1" ]; then
92 ip netns exec at_ns0 \
93 ip link add dev $DEV_NS type $TYPE seq key 2 \
94 local ::11 remote ::22 \
95 erspan_ver 1 erspan 123
96 else
97 ip netns exec at_ns0 \
98 ip link add dev $DEV_NS type $TYPE seq key 2 \
99 local ::11 remote ::22 \
100 erspan_ver 2 erspan_dir egress erspan_hwid 7
102 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
103 ip netns exec at_ns0 ip link set dev $DEV_NS up
105 # out of namespace
106 ip link add dev $DEV type $TYPE external
107 ip addr add dev $DEV 10.1.1.200/24
108 ip link set dev $DEV up
111 function add_vxlan_tunnel {
112 # Set static ARP entry here because iptables set-mark works
113 # on L3 packet, as a result not applying to ARP packets,
114 # causing errors at get_tunnel_{key/opt}.
116 # in namespace
117 ip netns exec at_ns0 \
118 ip link add dev $DEV_NS type $TYPE id 2 dstport 4789 gbp remote 172.16.1.200
119 ip netns exec at_ns0 ip link set dev $DEV_NS address 52:54:00:d9:01:00 up
120 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
121 ip netns exec at_ns0 arp -s 10.1.1.200 52:54:00:d9:02:00
122 ip netns exec at_ns0 iptables -A OUTPUT -j MARK --set-mark 0x800FF
124 # out of namespace
125 ip link add dev $DEV type $TYPE external gbp dstport 4789
126 ip link set dev $DEV address 52:54:00:d9:02:00 up
127 ip addr add dev $DEV 10.1.1.200/24
128 arp -s 10.1.1.100 52:54:00:d9:01:00
131 function add_geneve_tunnel {
132 # in namespace
133 ip netns exec at_ns0 \
134 ip link add dev $DEV_NS type $TYPE id 2 dstport 6081 remote 172.16.1.200
135 ip netns exec at_ns0 ip link set dev $DEV_NS up
136 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
138 # out of namespace
139 ip link add dev $DEV type $TYPE dstport 6081 external
140 ip link set dev $DEV up
141 ip addr add dev $DEV 10.1.1.200/24
144 function add_ipip_tunnel {
145 # in namespace
146 ip netns exec at_ns0 \
147 ip link add dev $DEV_NS type $TYPE local 172.16.1.100 remote 172.16.1.200
148 ip netns exec at_ns0 ip link set dev $DEV_NS up
149 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
151 # out of namespace
152 ip link add dev $DEV type $TYPE external
153 ip link set dev $DEV up
154 ip addr add dev $DEV 10.1.1.200/24
157 function attach_bpf {
158 DEV=$1
159 SET_TUNNEL=$2
160 GET_TUNNEL=$3
161 tc qdisc add dev $DEV clsact
162 tc filter add dev $DEV egress bpf da obj tcbpf2_kern.o sec $SET_TUNNEL
163 tc filter add dev $DEV ingress bpf da obj tcbpf2_kern.o sec $GET_TUNNEL
166 function test_gre {
167 TYPE=gretap
168 DEV_NS=gretap00
169 DEV=gretap11
170 config_device
171 add_gre_tunnel
172 attach_bpf $DEV gre_set_tunnel gre_get_tunnel
173 ping -c 1 10.1.1.100
174 ip netns exec at_ns0 ping -c 1 10.1.1.200
175 cleanup
178 function test_ip6gre {
179 TYPE=ip6gre
180 DEV_NS=ip6gre00
181 DEV=ip6gre11
182 config_device
183 # reuse the ip6gretap function
184 add_ip6gretap_tunnel
185 attach_bpf $DEV ip6gretap_set_tunnel ip6gretap_get_tunnel
186 # underlay
187 ping6 -c 4 ::11
188 # overlay: ipv4 over ipv6
189 ip netns exec at_ns0 ping -c 1 10.1.1.200
190 ping -c 1 10.1.1.100
191 # overlay: ipv6 over ipv6
192 ip netns exec at_ns0 ping6 -c 1 fc80::200
193 cleanup
196 function test_ip6gretap {
197 TYPE=ip6gretap
198 DEV_NS=ip6gretap00
199 DEV=ip6gretap11
200 config_device
201 add_ip6gretap_tunnel
202 attach_bpf $DEV ip6gretap_set_tunnel ip6gretap_get_tunnel
203 # underlay
204 ping6 -c 4 ::11
205 # overlay: ipv4 over ipv6
206 ip netns exec at_ns0 ping -i .2 -c 1 10.1.1.200
207 ping -c 1 10.1.1.100
208 # overlay: ipv6 over ipv6
209 ip netns exec at_ns0 ping6 -c 1 fc80::200
210 cleanup
213 function test_erspan {
214 TYPE=erspan
215 DEV_NS=erspan00
216 DEV=erspan11
217 config_device
218 add_erspan_tunnel $1
219 attach_bpf $DEV erspan_set_tunnel erspan_get_tunnel
220 ping -c 1 10.1.1.100
221 ip netns exec at_ns0 ping -c 1 10.1.1.200
222 cleanup
225 function test_ip6erspan {
226 TYPE=ip6erspan
227 DEV_NS=ip6erspan00
228 DEV=ip6erspan11
229 config_device
230 add_ip6erspan_tunnel $1
231 attach_bpf $DEV ip4ip6erspan_set_tunnel ip4ip6erspan_get_tunnel
232 ping6 -c 3 ::11
233 ip netns exec at_ns0 ping -c 1 10.1.1.200
234 cleanup
237 function test_vxlan {
238 TYPE=vxlan
239 DEV_NS=vxlan00
240 DEV=vxlan11
241 config_device
242 add_vxlan_tunnel
243 attach_bpf $DEV vxlan_set_tunnel vxlan_get_tunnel
244 ping -c 1 10.1.1.100
245 ip netns exec at_ns0 ping -c 1 10.1.1.200
246 cleanup
249 function test_geneve {
250 TYPE=geneve
251 DEV_NS=geneve00
252 DEV=geneve11
253 config_device
254 add_geneve_tunnel
255 attach_bpf $DEV geneve_set_tunnel geneve_get_tunnel
256 ping -c 1 10.1.1.100
257 ip netns exec at_ns0 ping -c 1 10.1.1.200
258 cleanup
261 function test_ipip {
262 TYPE=ipip
263 DEV_NS=ipip00
264 DEV=ipip11
265 config_device
266 tcpdump -nei veth1 &
267 cat /sys/kernel/debug/tracing/trace_pipe &
268 add_ipip_tunnel
269 ethtool -K veth1 gso off gro off rx off tx off
270 ip link set dev veth1 mtu 1500
271 attach_bpf $DEV ipip_set_tunnel ipip_get_tunnel
272 ping -c 1 10.1.1.100
273 ip netns exec at_ns0 ping -c 1 10.1.1.200
274 ip netns exec at_ns0 iperf -sD -p 5200 > /dev/null
275 sleep 0.2
276 iperf -c 10.1.1.100 -n 5k -p 5200
277 cleanup
280 function cleanup {
281 set +ex
282 pkill iperf
283 ip netns delete at_ns0
284 ip link del veth1
285 ip link del ipip11
286 ip link del gretap11
287 ip link del ip6gre11
288 ip link del ip6gretap11
289 ip link del vxlan11
290 ip link del geneve11
291 ip link del erspan11
292 ip link del ip6erspan11
293 pkill tcpdump
294 pkill cat
295 set -ex
298 trap cleanup 0 2 3 6 9
299 cleanup
300 echo "Testing GRE tunnel..."
301 test_gre
302 echo "Testing IP6GRE tunnel..."
303 test_ip6gre
304 echo "Testing IP6GRETAP tunnel..."
305 test_ip6gretap
306 echo "Testing ERSPAN tunnel..."
307 test_erspan v1
308 test_erspan v2
309 echo "Testing IP6ERSPAN tunnel..."
310 test_ip6erspan v1
311 test_ip6erspan v2
312 echo "Testing VXLAN tunnel..."
313 test_vxlan
314 echo "Testing GENEVE tunnel..."
315 test_geneve
316 echo "Testing IPIP tunnel..."
317 test_ipip
318 echo "*** PASS ***"