search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Linux 4.19.133
[linux/fpc-iii.git] / tools / testing / selftests / bpf / test_tunnel.sh
blob546aee3e9fb457ae166c0fda8bc0c3b484f1a19b
1 #!/bin/bash
2 # SPDX-License-Identifier: GPL-2.0
3
4 # End-to-end eBPF tunnel test suite
5 # The script tests BPF network tunnel implementation.
6 #
7 # Topology:
8 # ---------
9 # root namespace | at_ns0 namespace
10 # |
11 # ----------- | -----------
12 # | tnl dev | | | tnl dev | (overlay network)
13 # ----------- | -----------
14 # metadata-mode | native-mode
15 # with bpf |
16 # |
17 # ---------- | ----------
18 # | veth1 | --------- | veth0 | (underlay network)
19 # ---------- peer ----------
20 #
21 #
22 # Device Configuration
23 # --------------------
24 # Root namespace with metadata-mode tunnel + BPF
25 # Device names and addresses:
26 # veth1 IP: 172.16.1.200, IPv6: 00::22 (underlay)
27 # tunnel dev <type>11, ex: gre11, IPv4: 10.1.1.200 (overlay)
28 #
29 # Namespace at_ns0 with native tunnel
30 # Device names and addresses:
31 # veth0 IPv4: 172.16.1.100, IPv6: 00::11 (underlay)
32 # tunnel dev <type>00, ex: gre00, IPv4: 10.1.1.100 (overlay)
33 #
34 #
35 # End-to-end ping packet flow
36 # ---------------------------
37 # Most of the tests start by namespace creation, device configuration,
38 # then ping the underlay and overlay network. When doing 'ping 10.1.1.100'
39 # from root namespace, the following operations happen:
40 # 1) Route lookup shows 10.1.1.100/24 belongs to tnl dev, fwd to tnl dev.
41 # 2) Tnl device's egress BPF program is triggered and set the tunnel metadata,
42 # with remote_ip=172.16.1.200 and others.
43 # 3) Outer tunnel header is prepended and route the packet to veth1's egress
44 # 4) veth0's ingress queue receive the tunneled packet at namespace at_ns0
45 # 5) Tunnel protocol handler, ex: vxlan_rcv, decap the packet
46 # 6) Forward the packet to the overlay tnl dev
47
48 PING_ARG="-c 3 -w 10 -q"
49 ret=0
50 GREEN='\033[0;92m'
51 RED='\033[0;31m'
52 NC='\033[0m' # No Color
53
54 config_device()
55 {
56 ip netns add at_ns0
57 ip link add veth0 type veth peer name veth1
58 ip link set veth0 netns at_ns0
59 ip netns exec at_ns0 ip addr add 172.16.1.100/24 dev veth0
60 ip netns exec at_ns0 ip link set dev veth0 up
61 ip link set dev veth1 up mtu 1500
62 ip addr add dev veth1 172.16.1.200/24
63 }
64
65 add_gre_tunnel()
66 {
67 # at_ns0 namespace
68 ip netns exec at_ns0 \
69 ip link add dev $DEV_NS type $TYPE seq key 2 \
70 local 172.16.1.100 remote 172.16.1.200
71 ip netns exec at_ns0 ip link set dev $DEV_NS up
72 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
73
74 # root namespace
75 ip link add dev $DEV type $TYPE key 2 external
76 ip link set dev $DEV up
77 ip addr add dev $DEV 10.1.1.200/24
78 }
79
80 add_ip6gretap_tunnel()
81 {
82
83 # assign ipv6 address
84 ip netns exec at_ns0 ip addr add ::11/96 dev veth0
85 ip netns exec at_ns0 ip link set dev veth0 up
86 ip addr add dev veth1 ::22/96
87 ip link set dev veth1 up
88
89 # at_ns0 namespace
90 ip netns exec at_ns0 \
91 ip link add dev $DEV_NS type $TYPE seq flowlabel 0xbcdef key 2 \
92 local ::11 remote ::22
93
94 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
95 ip netns exec at_ns0 ip addr add dev $DEV_NS fc80::100/96
96 ip netns exec at_ns0 ip link set dev $DEV_NS up
97
98 # root namespace
99 ip link add dev $DEV type $TYPE external
100 ip addr add dev $DEV 10.1.1.200/24
101 ip addr add dev $DEV fc80::200/24
102 ip link set dev $DEV up
103 }
104
105 add_erspan_tunnel()
106 {
107 # at_ns0 namespace
108 if [ "$1" == "v1" ]; then
109 ip netns exec at_ns0 \
110 ip link add dev $DEV_NS type $TYPE seq key 2 \
111 local 172.16.1.100 remote 172.16.1.200 \
112 erspan_ver 1 erspan 123
113 else
114 ip netns exec at_ns0 \
115 ip link add dev $DEV_NS type $TYPE seq key 2 \
116 local 172.16.1.100 remote 172.16.1.200 \
117 erspan_ver 2 erspan_dir egress erspan_hwid 3
118 fi
119 ip netns exec at_ns0 ip link set dev $DEV_NS up
120 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
121
122 # root namespace
123 ip link add dev $DEV type $TYPE external
124 ip link set dev $DEV up
125 ip addr add dev $DEV 10.1.1.200/24
126 }
127
128 add_ip6erspan_tunnel()
129 {
130
131 # assign ipv6 address
132 ip netns exec at_ns0 ip addr add ::11/96 dev veth0
133 ip netns exec at_ns0 ip link set dev veth0 up
134 ip addr add dev veth1 ::22/96
135 ip link set dev veth1 up
136
137 # at_ns0 namespace
138 if [ "$1" == "v1" ]; then
139 ip netns exec at_ns0 \
140 ip link add dev $DEV_NS type $TYPE seq key 2 \
141 local ::11 remote ::22 \
142 erspan_ver 1 erspan 123
143 else
144 ip netns exec at_ns0 \
145 ip link add dev $DEV_NS type $TYPE seq key 2 \
146 local ::11 remote ::22 \
147 erspan_ver 2 erspan_dir egress erspan_hwid 7
148 fi
149 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
150 ip netns exec at_ns0 ip link set dev $DEV_NS up
151
152 # root namespace
153 ip link add dev $DEV type $TYPE external
154 ip addr add dev $DEV 10.1.1.200/24
155 ip link set dev $DEV up
156 }
157
158 add_vxlan_tunnel()
159 {
160 # Set static ARP entry here because iptables set-mark works
161 # on L3 packet, as a result not applying to ARP packets,
162 # causing errors at get_tunnel_{key/opt}.
163
164 # at_ns0 namespace
165 ip netns exec at_ns0 \
166 ip link add dev $DEV_NS type $TYPE \
167 id 2 dstport 4789 gbp remote 172.16.1.200
168 ip netns exec at_ns0 \
169 ip link set dev $DEV_NS address 52:54:00:d9:01:00 up
170 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
171 ip netns exec at_ns0 arp -s 10.1.1.200 52:54:00:d9:02:00
172 ip netns exec at_ns0 iptables -A OUTPUT -j MARK --set-mark 0x800FF
173
174 # root namespace
175 ip link add dev $DEV type $TYPE external gbp dstport 4789
176 ip link set dev $DEV address 52:54:00:d9:02:00 up
177 ip addr add dev $DEV 10.1.1.200/24
178 arp -s 10.1.1.100 52:54:00:d9:01:00
179 }
180
181 add_ip6vxlan_tunnel()
182 {
183 #ip netns exec at_ns0 ip -4 addr del 172.16.1.100 dev veth0
184 ip netns exec at_ns0 ip -6 addr add ::11/96 dev veth0
185 ip netns exec at_ns0 ip link set dev veth0 up
186 #ip -4 addr del 172.16.1.200 dev veth1
187 ip -6 addr add dev veth1 ::22/96
188 ip link set dev veth1 up
189
190 # at_ns0 namespace
191 ip netns exec at_ns0 \
192 ip link add dev $DEV_NS type $TYPE id 22 dstport 4789 \
193 local ::11 remote ::22
194 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
195 ip netns exec at_ns0 ip link set dev $DEV_NS up
196
197 # root namespace
198 ip link add dev $DEV type $TYPE external dstport 4789
199 ip addr add dev $DEV 10.1.1.200/24
200 ip link set dev $DEV up
201 }
202
203 add_geneve_tunnel()
204 {
205 # at_ns0 namespace
206 ip netns exec at_ns0 \
207 ip link add dev $DEV_NS type $TYPE \
208 id 2 dstport 6081 remote 172.16.1.200
209 ip netns exec at_ns0 ip link set dev $DEV_NS up
210 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
211
212 # root namespace
213 ip link add dev $DEV type $TYPE dstport 6081 external
214 ip link set dev $DEV up
215 ip addr add dev $DEV 10.1.1.200/24
216 }
217
218 add_ip6geneve_tunnel()
219 {
220 ip netns exec at_ns0 ip addr add ::11/96 dev veth0
221 ip netns exec at_ns0 ip link set dev veth0 up
222 ip addr add dev veth1 ::22/96
223 ip link set dev veth1 up
224
225 # at_ns0 namespace
226 ip netns exec at_ns0 \
227 ip link add dev $DEV_NS type $TYPE id 22 \
228 remote ::22 # geneve has no local option
229 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
230 ip netns exec at_ns0 ip link set dev $DEV_NS up
231
232 # root namespace
233 ip link add dev $DEV type $TYPE external
234 ip addr add dev $DEV 10.1.1.200/24
235 ip link set dev $DEV up
236 }
237
238 add_ipip_tunnel()
239 {
240 # at_ns0 namespace
241 ip netns exec at_ns0 \
242 ip link add dev $DEV_NS type $TYPE \
243 local 172.16.1.100 remote 172.16.1.200
244 ip netns exec at_ns0 ip link set dev $DEV_NS up
245 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
246
247 # root namespace
248 ip link add dev $DEV type $TYPE external
249 ip link set dev $DEV up
250 ip addr add dev $DEV 10.1.1.200/24
251 }
252
253 add_ipip6tnl_tunnel()
254 {
255 ip netns exec at_ns0 ip addr add ::11/96 dev veth0
256 ip netns exec at_ns0 ip link set dev veth0 up
257 ip addr add dev veth1 ::22/96
258 ip link set dev veth1 up
259
260 # at_ns0 namespace
261 ip netns exec at_ns0 \
262 ip link add dev $DEV_NS type $TYPE \
263 local ::11 remote ::22
264 ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
265 ip netns exec at_ns0 ip link set dev $DEV_NS up
266
267 # root namespace
268 ip link add dev $DEV type $TYPE external
269 ip addr add dev $DEV 10.1.1.200/24
270 ip link set dev $DEV up
271 }
272
273 test_gre()
274 {
275 TYPE=gretap
276 DEV_NS=gretap00
277 DEV=gretap11
278 ret=0
279
280 check $TYPE
281 config_device
282 add_gre_tunnel
283 attach_bpf $DEV gre_set_tunnel gre_get_tunnel
284 ping $PING_ARG 10.1.1.100
285 check_err $?
286 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
287 check_err $?
288 cleanup
289
290 if [ $ret -ne 0 ]; then
291 echo -e ${RED}"FAIL: $TYPE"${NC}
292 return 1
293 fi
294 echo -e ${GREEN}"PASS: $TYPE"${NC}
295 }
296
297 test_ip6gre()
298 {
299 TYPE=ip6gre
300 DEV_NS=ip6gre00
301 DEV=ip6gre11
302 ret=0
303
304 check $TYPE
305 config_device
306 # reuse the ip6gretap function
307 add_ip6gretap_tunnel
308 attach_bpf $DEV ip6gretap_set_tunnel ip6gretap_get_tunnel
309 # underlay
310 ping6 $PING_ARG ::11
311 # overlay: ipv4 over ipv6
312 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
313 ping $PING_ARG 10.1.1.100
314 check_err $?
315 # overlay: ipv6 over ipv6
316 ip netns exec at_ns0 ping6 $PING_ARG fc80::200
317 check_err $?
318 cleanup
319
320 if [ $ret -ne 0 ]; then
321 echo -e ${RED}"FAIL: $TYPE"${NC}
322 return 1
323 fi
324 echo -e ${GREEN}"PASS: $TYPE"${NC}
325 }
326
327 test_ip6gretap()
328 {
329 TYPE=ip6gretap
330 DEV_NS=ip6gretap00
331 DEV=ip6gretap11
332 ret=0
333
334 check $TYPE
335 config_device
336 add_ip6gretap_tunnel
337 attach_bpf $DEV ip6gretap_set_tunnel ip6gretap_get_tunnel
338 # underlay
339 ping6 $PING_ARG ::11
340 # overlay: ipv4 over ipv6
341 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
342 ping $PING_ARG 10.1.1.100
343 check_err $?
344 # overlay: ipv6 over ipv6
345 ip netns exec at_ns0 ping6 $PING_ARG fc80::200
346 check_err $?
347 cleanup
348
349 if [ $ret -ne 0 ]; then
350 echo -e ${RED}"FAIL: $TYPE"${NC}
351 return 1
352 fi
353 echo -e ${GREEN}"PASS: $TYPE"${NC}
354 }
355
356 test_erspan()
357 {
358 TYPE=erspan
359 DEV_NS=erspan00
360 DEV=erspan11
361 ret=0
362
363 check $TYPE
364 config_device
365 add_erspan_tunnel $1
366 attach_bpf $DEV erspan_set_tunnel erspan_get_tunnel
367 ping $PING_ARG 10.1.1.100
368 check_err $?
369 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
370 check_err $?
371 cleanup
372
373 if [ $ret -ne 0 ]; then
374 echo -e ${RED}"FAIL: $TYPE"${NC}
375 return 1
376 fi
377 echo -e ${GREEN}"PASS: $TYPE"${NC}
378 }
379
380 test_ip6erspan()
381 {
382 TYPE=ip6erspan
383 DEV_NS=ip6erspan00
384 DEV=ip6erspan11
385 ret=0
386
387 check $TYPE
388 config_device
389 add_ip6erspan_tunnel $1
390 attach_bpf $DEV ip4ip6erspan_set_tunnel ip4ip6erspan_get_tunnel
391 ping6 $PING_ARG ::11
392 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
393 check_err $?
394 cleanup
395
396 if [ $ret -ne 0 ]; then
397 echo -e ${RED}"FAIL: $TYPE"${NC}
398 return 1
399 fi
400 echo -e ${GREEN}"PASS: $TYPE"${NC}
401 }
402
403 test_vxlan()
404 {
405 TYPE=vxlan
406 DEV_NS=vxlan00
407 DEV=vxlan11
408 ret=0
409
410 check $TYPE
411 config_device
412 add_vxlan_tunnel
413 attach_bpf $DEV vxlan_set_tunnel vxlan_get_tunnel
414 ping $PING_ARG 10.1.1.100
415 check_err $?
416 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
417 check_err $?
418 cleanup
419
420 if [ $ret -ne 0 ]; then
421 echo -e ${RED}"FAIL: $TYPE"${NC}
422 return 1
423 fi
424 echo -e ${GREEN}"PASS: $TYPE"${NC}
425 }
426
427 test_ip6vxlan()
428 {
429 TYPE=vxlan
430 DEV_NS=ip6vxlan00
431 DEV=ip6vxlan11
432 ret=0
433
434 check $TYPE
435 config_device
436 add_ip6vxlan_tunnel
437 ip link set dev veth1 mtu 1500
438 attach_bpf $DEV ip6vxlan_set_tunnel ip6vxlan_get_tunnel
439 # underlay
440 ping6 $PING_ARG ::11
441 # ip4 over ip6
442 ping $PING_ARG 10.1.1.100
443 check_err $?
444 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
445 check_err $?
446 cleanup
447
448 if [ $ret -ne 0 ]; then
449 echo -e ${RED}"FAIL: ip6$TYPE"${NC}
450 return 1
451 fi
452 echo -e ${GREEN}"PASS: ip6$TYPE"${NC}
453 }
454
455 test_geneve()
456 {
457 TYPE=geneve
458 DEV_NS=geneve00
459 DEV=geneve11
460 ret=0
461
462 check $TYPE
463 config_device
464 add_geneve_tunnel
465 attach_bpf $DEV geneve_set_tunnel geneve_get_tunnel
466 ping $PING_ARG 10.1.1.100
467 check_err $?
468 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
469 check_err $?
470 cleanup
471
472 if [ $ret -ne 0 ]; then
473 echo -e ${RED}"FAIL: $TYPE"${NC}
474 return 1
475 fi
476 echo -e ${GREEN}"PASS: $TYPE"${NC}
477 }
478
479 test_ip6geneve()
480 {
481 TYPE=geneve
482 DEV_NS=ip6geneve00
483 DEV=ip6geneve11
484 ret=0
485
486 check $TYPE
487 config_device
488 add_ip6geneve_tunnel
489 attach_bpf $DEV ip6geneve_set_tunnel ip6geneve_get_tunnel
490 ping $PING_ARG 10.1.1.100
491 check_err $?
492 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
493 check_err $?
494 cleanup
495
496 if [ $ret -ne 0 ]; then
497 echo -e ${RED}"FAIL: ip6$TYPE"${NC}
498 return 1
499 fi
500 echo -e ${GREEN}"PASS: ip6$TYPE"${NC}
501 }
502
503 test_ipip()
504 {
505 TYPE=ipip
506 DEV_NS=ipip00
507 DEV=ipip11
508 ret=0
509
510 check $TYPE
511 config_device
512 add_ipip_tunnel
513 ip link set dev veth1 mtu 1500
514 attach_bpf $DEV ipip_set_tunnel ipip_get_tunnel
515 ping $PING_ARG 10.1.1.100
516 check_err $?
517 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
518 check_err $?
519 cleanup
520
521 if [ $ret -ne 0 ]; then
522 echo -e ${RED}"FAIL: $TYPE"${NC}
523 return 1
524 fi
525 echo -e ${GREEN}"PASS: $TYPE"${NC}
526 }
527
528 test_ipip6()
529 {
530 TYPE=ip6tnl
531 DEV_NS=ipip6tnl00
532 DEV=ipip6tnl11
533 ret=0
534
535 check $TYPE
536 config_device
537 add_ipip6tnl_tunnel
538 ip link set dev veth1 mtu 1500
539 attach_bpf $DEV ipip6_set_tunnel ipip6_get_tunnel
540 # underlay
541 ping6 $PING_ARG ::11
542 # ip4 over ip6
543 ping $PING_ARG 10.1.1.100
544 check_err $?
545 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
546 check_err $?
547 cleanup
548
549 if [ $ret -ne 0 ]; then
550 echo -e ${RED}"FAIL: $TYPE"${NC}
551 return 1
552 fi
553 echo -e ${GREEN}"PASS: $TYPE"${NC}
554 }
555
556 setup_xfrm_tunnel()
557 {
558 auth=0x$(printf '1%.0s' {1..40})
559 enc=0x$(printf '2%.0s' {1..32})
560 spi_in_to_out=0x1
561 spi_out_to_in=0x2
562 # at_ns0 namespace
563 # at_ns0 -> root
564 ip netns exec at_ns0 \
565 ip xfrm state add src 172.16.1.100 dst 172.16.1.200 proto esp \
566 spi $spi_in_to_out reqid 1 mode tunnel \
567 auth-trunc 'hmac(sha1)' $auth 96 enc 'cbc(aes)' $enc
568 ip netns exec at_ns0 \
569 ip xfrm policy add src 10.1.1.100/32 dst 10.1.1.200/32 dir out \
570 tmpl src 172.16.1.100 dst 172.16.1.200 proto esp reqid 1 \
571 mode tunnel
572 # root -> at_ns0
573 ip netns exec at_ns0 \
574 ip xfrm state add src 172.16.1.200 dst 172.16.1.100 proto esp \
575 spi $spi_out_to_in reqid 2 mode tunnel \
576 auth-trunc 'hmac(sha1)' $auth 96 enc 'cbc(aes)' $enc
577 ip netns exec at_ns0 \
578 ip xfrm policy add src 10.1.1.200/32 dst 10.1.1.100/32 dir in \
579 tmpl src 172.16.1.200 dst 172.16.1.100 proto esp reqid 2 \
580 mode tunnel
581 # address & route
582 ip netns exec at_ns0 \
583 ip addr add dev veth0 10.1.1.100/32
584 ip netns exec at_ns0 \
585 ip route add 10.1.1.200 dev veth0 via 172.16.1.200 \
586 src 10.1.1.100
587
588 # root namespace
589 # at_ns0 -> root
590 ip xfrm state add src 172.16.1.100 dst 172.16.1.200 proto esp \
591 spi $spi_in_to_out reqid 1 mode tunnel \
592 auth-trunc 'hmac(sha1)' $auth 96 enc 'cbc(aes)' $enc
593 ip xfrm policy add src 10.1.1.100/32 dst 10.1.1.200/32 dir in \
594 tmpl src 172.16.1.100 dst 172.16.1.200 proto esp reqid 1 \
595 mode tunnel
596 # root -> at_ns0
597 ip xfrm state add src 172.16.1.200 dst 172.16.1.100 proto esp \
598 spi $spi_out_to_in reqid 2 mode tunnel \
599 auth-trunc 'hmac(sha1)' $auth 96 enc 'cbc(aes)' $enc
600 ip xfrm policy add src 10.1.1.200/32 dst 10.1.1.100/32 dir out \
601 tmpl src 172.16.1.200 dst 172.16.1.100 proto esp reqid 2 \
602 mode tunnel
603 # address & route
604 ip addr add dev veth1 10.1.1.200/32
605 ip route add 10.1.1.100 dev veth1 via 172.16.1.100 src 10.1.1.200
606 }
607
608 test_xfrm_tunnel()
609 {
610 config_device
611 > /sys/kernel/debug/tracing/trace
612 setup_xfrm_tunnel
613 tc qdisc add dev veth1 clsact
614 tc filter add dev veth1 proto ip ingress bpf da obj test_tunnel_kern.o \
615 sec xfrm_get_state
616 ip netns exec at_ns0 ping $PING_ARG 10.1.1.200
617 sleep 1
618 grep "reqid 1" /sys/kernel/debug/tracing/trace
619 check_err $?
620 grep "spi 0x1" /sys/kernel/debug/tracing/trace
621 check_err $?
622 grep "remote ip 0xac100164" /sys/kernel/debug/tracing/trace
623 check_err $?
624 cleanup
625
626 if [ $ret -ne 0 ]; then
627 echo -e ${RED}"FAIL: xfrm tunnel"${NC}
628 return 1
629 fi
630 echo -e ${GREEN}"PASS: xfrm tunnel"${NC}
631 }
632
633 attach_bpf()
634 {
635 DEV=$1
636 SET=$2
637 GET=$3
638 tc qdisc add dev $DEV clsact
639 tc filter add dev $DEV egress bpf da obj test_tunnel_kern.o sec $SET
640 tc filter add dev $DEV ingress bpf da obj test_tunnel_kern.o sec $GET
641 }
642
643 cleanup()
644 {
645 ip netns delete at_ns0 2> /dev/null
646 ip link del veth1 2> /dev/null
647 ip link del ipip11 2> /dev/null
648 ip link del ipip6tnl11 2> /dev/null
649 ip link del gretap11 2> /dev/null
650 ip link del ip6gre11 2> /dev/null
651 ip link del ip6gretap11 2> /dev/null
652 ip link del vxlan11 2> /dev/null
653 ip link del ip6vxlan11 2> /dev/null
654 ip link del geneve11 2> /dev/null
655 ip link del ip6geneve11 2> /dev/null
656 ip link del erspan11 2> /dev/null
657 ip link del ip6erspan11 2> /dev/null
658 ip xfrm policy delete dir out src 10.1.1.200/32 dst 10.1.1.100/32 2> /dev/null
659 ip xfrm policy delete dir in src 10.1.1.100/32 dst 10.1.1.200/32 2> /dev/null
660 ip xfrm state delete src 172.16.1.100 dst 172.16.1.200 proto esp spi 0x1 2> /dev/null
661 ip xfrm state delete src 172.16.1.200 dst 172.16.1.100 proto esp spi 0x2 2> /dev/null
662 }
663
664 cleanup_exit()
665 {
666 echo "CATCH SIGKILL or SIGINT, cleanup and exit"
667 cleanup
668 exit 0
669 }
670
671 check()
672 {
673 ip link help 2>&1 | grep -q "\s$1\s"
674 if [ $? -ne 0 ];then
675 echo "SKIP $1: iproute2 not support"
676 cleanup
677 return 1
678 fi
679 }
680
681 enable_debug()
682 {
683 echo 'file ip_gre.c +p' > /sys/kernel/debug/dynamic_debug/control
684 echo 'file ip6_gre.c +p' > /sys/kernel/debug/dynamic_debug/control
685 echo 'file vxlan.c +p' > /sys/kernel/debug/dynamic_debug/control
686 echo 'file geneve.c +p' > /sys/kernel/debug/dynamic_debug/control
687 echo 'file ipip.c +p' > /sys/kernel/debug/dynamic_debug/control
688 }
689
690 check_err()
691 {
692 if [ $ret -eq 0 ]; then
693 ret=$1
694 fi
695 }
696
697 bpf_tunnel_test()
698 {
699 echo "Testing GRE tunnel..."
700 test_gre
701 echo "Testing IP6GRE tunnel..."
702 test_ip6gre
703 echo "Testing IP6GRETAP tunnel..."
704 test_ip6gretap
705 echo "Testing ERSPAN tunnel..."
706 test_erspan v2
707 echo "Testing IP6ERSPAN tunnel..."
708 test_ip6erspan v2
709 echo "Testing VXLAN tunnel..."
710 test_vxlan
711 echo "Testing IP6VXLAN tunnel..."
712 test_ip6vxlan
713 echo "Testing GENEVE tunnel..."
714 test_geneve
715 echo "Testing IP6GENEVE tunnel..."
716 test_ip6geneve
717 echo "Testing IPIP tunnel..."
718 test_ipip
719 echo "Testing IPIP6 tunnel..."
720 test_ipip6
721 echo "Testing IPSec tunnel..."
722 test_xfrm_tunnel
723 }
724
725 trap cleanup 0 3 6
726 trap cleanup_exit 2 9
727
728 cleanup
729 bpf_tunnel_test
730
731 exit 0
Linux with added FPC-III support