WIP FPC-III support

[linux/fpc-iii.git] / tools / testing / selftests / drivers / net / mlxsw / blackhole_routes.sh

#!/bin/bash
# SPDX-License-Identifier: GPL-2.0
#
# Test that blackhole routes are marked as offloaded and that packets hitting
# them are dropped by the ASIC and not by the kernel.
#
# +---------------------------------+
# | H1 (vrf)                        |
# |    + $h1                        |
# |    | 192.0.2.1/24               |
# |    | 2001:db8:1::1/64           |
# |    |                            |
# |    |  default via 192.0.2.2     |
# |    |  default via 2001:db8:1::2 |
# +----|----------------------------+
#      |
# +----|----------------------------------------------------------------------+
# | SW |                                                                      |
# |    + $rp1                                                                 |
# |        192.0.2.2/24                                                       |
# |        2001:db8:1::2/64                                                   |
# |                                                                           |
# |        2001:db8:2::2/64                                                   |
# |        198.51.100.2/24                                                    |
# |    + $rp2                                                                 |
# |    |                                                                      |
# +----|----------------------------------------------------------------------+
#      |
# +----|----------------------------+
# |    |  default via 198.51.100.2  |
# |    |  default via 2001:db8:2::2 |
# |    |                            |
# |    | 2001:db8:2::1/64           |
# |    | 198.51.100.1/24            |
# |    + $h2                        |
# | H2 (vrf)                        |
# +---------------------------------+

lib_dir=$(dirname $0)/../../../net/forwarding

ALL_TESTS="
        ping_ipv4
        ping_ipv6
        blackhole_ipv4
        blackhole_ipv6
"
NUM_NETIFS=4
: ${TIMEOUT:=20000} # ms
source $lib_dir/tc_common.sh
source $lib_dir/lib.sh

h1_create()
{
        simple_if_init $h1 192.0.2.1/24 2001:db8:1::1/64

        ip -4 route add default vrf v$h1 nexthop via 192.0.2.2
        ip -6 route add default vrf v$h1 nexthop via 2001:db8:1::2
}

h1_destroy()
{
        ip -6 route del default vrf v$h1 nexthop via 2001:db8:1::2
        ip -4 route del default vrf v$h1 nexthop via 192.0.2.2

        simple_if_fini $h1 192.0.2.1/24 2001:db8:1::1/64
}

h2_create()
{
        simple_if_init $h2 198.51.100.1/24 2001:db8:2::1/64

        ip -4 route add default vrf v$h2 nexthop via 198.51.100.2
        ip -6 route add default vrf v$h2 nexthop via 2001:db8:2::2
}

h2_destroy()
{
        ip -6 route del default vrf v$h2 nexthop via 2001:db8:2::2
        ip -4 route del default vrf v$h2 nexthop via 198.51.100.2

        simple_if_fini $h2 198.51.100.1/24 2001:db8:2::1/64
}

router_create()
{
        ip link set dev $rp1 up
        ip link set dev $rp2 up

        tc qdisc add dev $rp1 clsact

        __addr_add_del $rp1 add 192.0.2.2/24 2001:db8:1::2/64
        __addr_add_del $rp2 add 198.51.100.2/24 2001:db8:2::2/64
}

router_destroy()
{
        __addr_add_del $rp2 del 198.51.100.2/24 2001:db8:2::2/64
        __addr_add_del $rp1 del 192.0.2.2/24 2001:db8:1::2/64

        tc qdisc del dev $rp1 clsact

        ip link set dev $rp2 down
        ip link set dev $rp1 down
}

ping_ipv4()
{
        ping_test $h1 198.51.100.1 ": h1->h2"
}

ping_ipv6()
{
        ping6_test $h1 2001:db8:2::1 ": h1->h2"
}

blackhole_ipv4()
{
        # Transmit packets from H1 to H2 and make sure they are dropped by the
        # ASIC and not by the kernel
        RET=0

        ip -4 route add blackhole 198.51.100.0/30
        tc filter add dev $rp1 ingress protocol ip pref 1 handle 101 flower \
                skip_hw dst_ip 198.51.100.1 src_ip 192.0.2.1 ip_proto icmp \
                action pass

        busywait "$TIMEOUT" wait_for_offload ip -4 route show 198.51.100.0/30
        check_err $? "route not marked as offloaded when should"

        ping_do $h1 198.51.100.1
        check_fail $? "ping passed when should not"

        tc_check_packets "dev $rp1 ingress" 101 0
        check_err $? "packets trapped and not dropped by ASIC"

        log_test "IPv4 blackhole route"

        tc filter del dev $rp1 ingress protocol ip pref 1 handle 101 flower
        ip -4 route del blackhole 198.51.100.0/30
}

blackhole_ipv6()
{
        RET=0

        ip -6 route add blackhole 2001:db8:2::/120
        tc filter add dev $rp1 ingress protocol ipv6 pref 1 handle 101 flower \
                skip_hw dst_ip 2001:db8:2::1 src_ip 2001:db8:1::1 \
                ip_proto icmpv6 action pass

        busywait "$TIMEOUT" wait_for_offload ip -6 route show 2001:db8:2::/120
        check_err $? "route not marked as offloaded when should"

        ping6_do $h1 2001:db8:2::1
        check_fail $? "ping passed when should not"

        tc_check_packets "dev $rp1 ingress" 101 0
        check_err $? "packets trapped and not dropped by ASIC"

        log_test "IPv6 blackhole route"

        tc filter del dev $rp1 ingress protocol ipv6 pref 1 handle 101 flower
        ip -6 route del blackhole 2001:db8:2::/120
}

setup_prepare()
{
        h1=${NETIFS[p1]}
        rp1=${NETIFS[p2]}

        rp2=${NETIFS[p3]}
        h2=${NETIFS[p4]}

        vrf_prepare
        forwarding_enable

        h1_create
        h2_create
        router_create
}

cleanup()
{
        pre_cleanup

        router_destroy
        h2_destroy
        h1_destroy

        forwarding_restore
        vrf_cleanup
}

trap cleanup EXIT

setup_prepare
setup_wait

tests_run

exit $EXIT_STATUS