2 # SPDX-License-Identifier: GPL-2.0
4 # +---------------------------+ +------------------------------+
5 # | vrf-h1 | | vrf-h2 |
7 # | | 10.1.1.101/24 | | | 10.1.2.101/24 |
8 # | | default via 10.1.1.1 | | | default via 10.1.2.1 |
9 # +----|----------------------+ +----|-------------------------+
11 # +----|--------------------------------------------|-------------------------+
13 # | +--|--------------------------------------------|-----------------------+ |
14 # | | + $swp1 br1 + $swp2 | |
15 # | | vid 10 pvid untagged vid 20 pvid untagged | |
17 # | | + vx10 + vx20 | |
18 # | | local 10.0.0.1 local 10.0.0.1 | |
19 # | | remote 10.0.0.2 remote 10.0.0.2 | |
20 # | | id 1010 id 1020 | |
21 # | | dstport 4789 dstport 4789 | |
22 # | | vid 10 pvid untagged vid 20 pvid untagged | |
25 # | | local 10.0.0.1 | |
26 # | | remote 10.0.0.2 | |
28 # | | dstport 4789 | |
29 # | | vid 4001 pvid untagged | |
31 # | +-----------------------------------+-----------------------------------+ |
33 # | +-----------------------------------|-----------------------------------+ |
35 # | | +--------------------------------+--------------------------------+ | |
37 # | | + vlan10 | vlan20 + | |
38 # | | | 10.1.1.11/24 | 10.1.2.11/24 | | |
40 # | | + vlan10-v (macvlan) + vlan20-v (macvlan) + | |
41 # | | 10.1.1.1/24 vlan4001 10.1.2.1/24 | |
42 # | | 00:00:5e:00:01:01 00:00:5e:00:01:01 | |
44 # | +-----------------------------------------------------------------------+ |
47 # | | 192.0.2.1/24 10.0.0.1/32 |
48 # +----|----------------------------------------------------------------------+
50 # +----|--------------------------------------------------------+
55 # =============================================================================
60 # +----|--------------------------------------------------------+
62 # +----|----------------------------------------------------------------------+
63 # | + v2 (veth) +lo NS1 (netns) |
64 # | 192.0.3.1/24 10.0.0.2/32 |
66 # | +-----------------------------------------------------------------------+ |
68 # | | + vlan10-v (macvlan) vlan20-v (macvlan) + | |
69 # | | | 10.1.1.1/24 10.1.2.1/24 | | |
70 # | | | 00:00:5e:00:01:01 00:00:5e:00:01:01 | | |
71 # | | | vlan4001 | | |
72 # | | + vlan10 + vlan20 + | |
73 # | | | 10.1.1.12/24 | 10.1.2.12/24 | | |
75 # | | +--------------------------------+--------------------------------+ | |
77 # | +-----------------------------------|-----------------------------------+ |
79 # | +-----------------------------------+-----------------------------------+ |
81 # | | + vx10 + vx20 | |
82 # | | local 10.0.0.2 local 10.0.0.2 | |
83 # | | remote 10.0.0.1 remote 10.0.0.1 | |
84 # | | id 1010 id 1020 | |
85 # | | dstport 4789 dstport 4789 | |
86 # | | vid 10 pvid untagged vid 20 pvid untagged | |
89 # | | local 10.0.0.2 | |
90 # | | remote 10.0.0.1 | |
92 # | | dstport 4789 | |
93 # | | vid 4001 pvid untagged | |
95 # | | + w1 (veth) + w3 (veth) | |
96 # | | | vid 10 pvid untagged br1 | vid 20 pvid untagged | |
97 # | +--|------------------------------------------|-------------------------+ |
100 # | +--|----------------------+ +--|-------------------------+ |
101 # | | | vrf-h1 | | | vrf-h2 | |
102 # | | + w2 (veth) | | + w4 (veth) | |
103 # | | 10.1.1.102/24 | | 10.1.2.102/24 | |
104 # | | default via 10.1.1.1 | | default via 10.1.2.1 | |
105 # | +-------------------------+ +----------------------------+ |
106 # +---------------------------------------------------------------------------+
116 local vrf_name
=$1; shift
117 local if_name
=$1; shift
118 local ip_addr
=$1; shift
119 local gw_ip
=$1; shift
122 ip link
set dev
$if_name master
$vrf_name
123 ip link
set dev
$vrf_name up
124 ip link
set dev
$if_name up
126 ip address add
$ip_addr/24 dev
$if_name
127 ip neigh replace
$gw_ip lladdr
00:00:5e
:00:01:01 nud permanent \
129 ip route add default vrf
$vrf_name nexthop via
$gw_ip
135 local vrf_name
=$1; shift
136 local if_name
=$1; shift
137 local ip_addr
=$1; shift
138 local gw_ip
=$1; shift
140 ip route del default vrf
$vrf_name nexthop via
$gw_ip
141 ip neigh del
$gw_ip dev
$if_name
142 ip address del
$ip_addr/24 dev
$if_name
144 ip link
set dev
$if_name down
145 vrf_destroy
$vrf_name
150 hx_create
"vrf-h1" $h1 10.1.1.101 10.1.1.1
155 hx_destroy
"vrf-h1" $h1 10.1.1.101 10.1.1.1
160 hx_create
"vrf-h2" $h2 10.1.2.101 10.1.2.1
165 hx_destroy
"vrf-h2" $h2 10.1.2.101 10.1.2.1
170 ip link add name br1
type bridge vlan_filtering
1 vlan_default_pvid
0 \
172 # Make sure the bridge uses the MAC address of the local port and not
173 # that of the VxLAN's device.
174 ip link
set dev br1 address $
(mac_get
$swp1)
175 ip link
set dev br1 up
177 ip link
set dev
$rp1 up
178 ip address add dev
$rp1 192.0.2.1/24
179 ip route add
10.0.0.2/32 nexthop via
192.0.2.2
181 ip link add name vx10
type vxlan id
1010 \
182 local 10.0.0.1 remote
10.0.0.2 dstport
4789 \
183 nolearning noudpcsum tos inherit ttl
100
184 ip link
set dev vx10 up
186 ip link
set dev vx10 master br1
187 bridge vlan add vid
10 dev vx10 pvid untagged
189 ip link add name vx20
type vxlan id
1020 \
190 local 10.0.0.1 remote
10.0.0.2 dstport
4789 \
191 nolearning noudpcsum tos inherit ttl
100
192 ip link
set dev vx20 up
194 ip link
set dev vx20 master br1
195 bridge vlan add vid
20 dev vx20 pvid untagged
197 ip link
set dev
$swp1 master br1
198 ip link
set dev
$swp1 up
199 bridge vlan add vid
10 dev
$swp1 pvid untagged
201 ip link
set dev
$swp2 master br1
202 ip link
set dev
$swp2 up
203 bridge vlan add vid
20 dev
$swp2 pvid untagged
205 ip link add name vx4001
type vxlan id
104001 \
206 local 10.0.0.1 dstport
4789 \
207 nolearning noudpcsum tos inherit ttl
100
208 ip link
set dev vx4001 up
210 ip link
set dev vx4001 master br1
211 bridge vlan add vid
4001 dev vx4001 pvid untagged
213 ip address add
10.0.0.1/32 dev lo
216 vrf_create
"vrf-green"
217 ip link
set dev vrf-green up
219 ip link add link br1 name vlan10 up master vrf-green
type vlan id
10
220 ip address add
10.1.1.11/24 dev vlan10
221 ip link add link vlan10 name vlan10-v up master vrf-green \
222 address
00:00:5e
:00:01:01 type macvlan mode private
223 ip address add
10.1.1.1/24 dev vlan10-v
225 ip link add link br1 name vlan20 up master vrf-green
type vlan id
20
226 ip address add
10.1.2.11/24 dev vlan20
227 ip link add link vlan20 name vlan20-v up master vrf-green \
228 address
00:00:5e
:00:01:01 type macvlan mode private
229 ip address add
10.1.2.1/24 dev vlan20-v
231 ip link add link br1 name vlan4001 up master vrf-green \
234 bridge vlan add vid
10 dev br1 self
235 bridge vlan add vid
20 dev br1 self
236 bridge vlan add vid
4001 dev br1 self
238 bridge fdb add
00:00:5e
:00:01:01 dev br1 self
local vlan
10
239 bridge fdb add
00:00:5e
:00:01:01 dev br1 self
local vlan
20
241 sysctl_set net.ipv4.conf.all.rp_filter
0
242 sysctl_set net.ipv4.conf.vlan10-v.rp_filter
0
243 sysctl_set net.ipv4.conf.vlan20-v.rp_filter
0
248 sysctl_restore net.ipv4.conf.all.rp_filter
250 bridge fdb del
00:00:5e
:00:01:01 dev br1 self
local vlan
20
251 bridge fdb del
00:00:5e
:00:01:01 dev br1 self
local vlan
10
253 bridge vlan del vid
4001 dev br1 self
254 bridge vlan del vid
20 dev br1 self
255 bridge vlan del vid
10 dev br1 self
257 ip link del dev vlan4001
259 ip link del dev vlan20
261 ip link del dev vlan10
263 vrf_destroy
"vrf-green"
265 ip address del
10.0.0.1/32 dev lo
267 bridge vlan del vid
20 dev
$swp2
268 ip link
set dev
$swp2 down
269 ip link
set dev
$swp2 nomaster
271 bridge vlan del vid
10 dev
$swp1
272 ip link
set dev
$swp1 down
273 ip link
set dev
$swp1 nomaster
275 bridge vlan del vid
4001 dev vx4001
276 ip link
set dev vx4001 nomaster
278 ip link
set dev vx4001 down
279 ip link del dev vx4001
281 bridge vlan del vid
20 dev vx20
282 ip link
set dev vx20 nomaster
284 ip link
set dev vx20 down
287 bridge vlan del vid
10 dev vx10
288 ip link
set dev vx10 nomaster
290 ip link
set dev vx10 down
293 ip route del
10.0.0.2/32 nexthop via
192.0.2.2
294 ip address del dev
$rp1 192.0.2.1/24
295 ip link
set dev
$rp1 down
297 ip link
set dev br1 down
303 vrf_create
"vrf-spine"
304 ip link
set dev
$rp2 master vrf-spine
305 ip link
set dev v1 master vrf-spine
306 ip link
set dev vrf-spine up
307 ip link
set dev
$rp2 up
308 ip link
set dev v1 up
310 ip address add
192.0.2.2/24 dev
$rp2
311 ip address add
192.0.3.2/24 dev v1
313 ip route add
10.0.0.1/32 vrf vrf-spine nexthop via
192.0.2.1
314 ip route add
10.0.0.2/32 vrf vrf-spine nexthop via
192.0.3.1
319 ip route del
10.0.0.2/32 vrf vrf-spine nexthop via
192.0.3.1
320 ip route del
10.0.0.1/32 vrf vrf-spine nexthop via
192.0.2.1
322 ip address del
192.0.3.2/24 dev v1
323 ip address del
192.0.2.2/24 dev
$rp2
325 ip link
set dev v1 down
326 ip link
set dev
$rp2 down
327 vrf_destroy
"vrf-spine"
332 hx_create
"vrf-h1" w2
10.1.1.102 10.1.1.1
334 export -f ns_h1_create
338 hx_create
"vrf-h2" w4
10.1.2.102 10.1.2.1
340 export -f ns_h2_create
344 ip link add name br1
type bridge vlan_filtering
1 vlan_default_pvid
0 \
346 ip link
set dev br1 up
348 ip link
set dev v2 up
349 ip address add dev v2
192.0.3.1/24
350 ip route add
10.0.0.1/32 nexthop via
192.0.3.2
352 ip link add name vx10
type vxlan id
1010 \
353 local 10.0.0.2 remote
10.0.0.1 dstport
4789 \
354 nolearning noudpcsum tos inherit ttl
100
355 ip link
set dev vx10 up
357 ip link
set dev vx10 master br1
358 bridge vlan add vid
10 dev vx10 pvid untagged
360 ip link add name vx20
type vxlan id
1020 \
361 local 10.0.0.2 remote
10.0.0.1 dstport
4789 \
362 nolearning noudpcsum tos inherit ttl
100
363 ip link
set dev vx20 up
365 ip link
set dev vx20 master br1
366 bridge vlan add vid
20 dev vx20 pvid untagged
368 ip link add name vx4001
type vxlan id
104001 \
369 local 10.0.0.2 dstport
4789 \
370 nolearning noudpcsum tos inherit ttl
100
371 ip link
set dev vx4001 up
373 ip link
set dev vx4001 master br1
374 bridge vlan add vid
4001 dev vx4001 pvid untagged
376 ip link
set dev w1 master br1
377 ip link
set dev w1 up
378 bridge vlan add vid
10 dev w1 pvid untagged
380 ip link
set dev w3 master br1
381 ip link
set dev w3 up
382 bridge vlan add vid
20 dev w3 pvid untagged
384 ip address add
10.0.0.2/32 dev lo
387 vrf_create
"vrf-green"
388 ip link
set dev vrf-green up
390 ip link add link br1 name vlan10 up master vrf-green
type vlan id
10
391 ip address add
10.1.1.12/24 dev vlan10
392 ip link add link vlan10 name vlan10-v up master vrf-green \
393 address
00:00:5e
:00:01:01 type macvlan mode private
394 ip address add
10.1.1.1/24 dev vlan10-v
396 ip link add link br1 name vlan20 up master vrf-green
type vlan id
20
397 ip address add
10.1.2.12/24 dev vlan20
398 ip link add link vlan20 name vlan20-v up master vrf-green \
399 address
00:00:5e
:00:01:01 type macvlan mode private
400 ip address add
10.1.2.1/24 dev vlan20-v
402 ip link add link br1 name vlan4001 up master vrf-green \
405 bridge vlan add vid
10 dev br1 self
406 bridge vlan add vid
20 dev br1 self
407 bridge vlan add vid
4001 dev br1 self
409 bridge fdb add
00:00:5e
:00:01:01 dev br1 self
local vlan
10
410 bridge fdb add
00:00:5e
:00:01:01 dev br1 self
local vlan
20
412 sysctl_set net.ipv4.conf.all.rp_filter
0
413 sysctl_set net.ipv4.conf.vlan10-v.rp_filter
0
414 sysctl_set net.ipv4.conf.vlan20-v.rp_filter
0
416 export -f ns_switch_create
420 ip link add name w1
type veth peer name w2
421 ip link add name w3
type veth peer name w4
423 ip link
set dev lo up
434 ip link
set dev v2 netns ns1
440 ip netns
exec ns1 ip link
set dev v2 netns
1
452 bridge fdb add
$mac1 dev vx10 self master extern_learn static \
454 bridge fdb add
$mac2 dev vx20 self master extern_learn static \
457 ip neigh add
$ip1 lladdr
$mac1 nud noarp dev vlan10 \
459 ip neigh add
$ip2 lladdr
$mac2 nud noarp dev vlan20 \
462 export -f __l2_vni_init
466 local h1_ns_mac
=$
(in_ns ns1 mac_get w2
)
467 local h2_ns_mac
=$
(in_ns ns1 mac_get w4
)
468 local h1_mac
=$
(mac_get
$h1)
469 local h2_mac
=$
(mac_get
$h2)
471 __l2_vni_init
$h1_ns_mac $h2_ns_mac 10.1.1.102 10.1.2.102 10.0.0.2
472 in_ns ns1 __l2_vni_init
$h1_mac $h2_mac 10.1.1.101 10.1.2.101 10.0.0.1
478 local vtep_ip
=$1; shift
479 local host1_ip
=$1; shift
480 local host2_ip
=$1; shift
482 bridge fdb add
$mac dev vx4001 self master extern_learn static \
483 dst
$vtep_ip vlan
4001
485 ip neigh add
$vtep_ip lladdr
$mac nud noarp dev vlan4001 extern_learn
487 ip route add
$host1_ip/32 vrf vrf-green nexthop via
$vtep_ip \
489 ip route add
$host2_ip/32 vrf vrf-green nexthop via
$vtep_ip \
492 export -f __l3_vni_init
496 local vlan4001_ns_mac
=$
(in_ns ns1 mac_get vlan4001
)
497 local vlan4001_mac
=$
(mac_get vlan4001
)
499 __l3_vni_init
$vlan4001_ns_mac 10.0.0.2 10.1.1.102 10.1.2.102
500 in_ns ns1 __l3_vni_init
$vlan4001_mac 10.0.0.1 10.1.1.101 10.1.2.101
521 ip link add name v1
type veth peer name v2
547 ping_test
$h1 10.1.2.101 ": local->local vid 10->vid 20"
548 ping_test
$h1 10.1.1.102 ": local->remote vid 10->vid 10"
549 ping_test
$h2 10.1.2.102 ": local->remote vid 20->vid 20"
550 ping_test
$h1 10.1.2.102 ": local->remote vid 10->vid 20"
551 ping_test
$h2 10.1.1.102 ": local->remote vid 20->vid 10"