2 # SPDX-License-Identifier: GPL-2.0
4 # Test VxLAN flooding. The device stores flood records in a singly linked list
5 # where each record stores up to four IPv6 addresses of remote VTEPs. The test
6 # verifies that packets are correctly flooded in various cases such as deletion
7 # of a record in the middle of the list.
9 # +-----------------------+
12 # | | 2001:db8:1::1/64 |
13 # +----|------------------+
15 # +----|----------------------------------------------------------------------+
17 # | +--|--------------------------------------------------------------------+ |
18 # | | + $swp1 BR0 (802.1d) | |
20 # | | + vxlan0 (vxlan) | |
21 # | | local 2001:db8:2::1 | |
22 # | | remote 2001:db8:2::{2..17} | |
23 # | | id 10 dstport 4789 | |
24 # | +-----------------------------------------------------------------------+ |
26 # | 2001:db8:2::0/64 via 2001:db8:3::2 |
29 # | | 2001:db8:3::1/64 |
30 # +----|----------------------------------------------------------------------+
32 # +----|--------------------------------------------------------+
35 # | 2001:db8:3::2/64 |
37 # +-------------------------------------------------------------+
39 lib_dir=$(dirname $0)/../../../../net/forwarding
41 ALL_TESTS="flooding_test"
43 source $lib_dir/tc_common.sh
44 source $lib_dir/lib.sh
48 simple_if_init $h1 2001:db8:1::1/64
53 simple_if_fini $h1 2001:db8:1::1/64
58 # Make sure the bridge uses the MAC address of the local port and
59 # not that of the VxLAN's device
60 ip link add dev br0 type bridge mcast_snooping 0
61 ip link set dev br0 address $(mac_get $swp1)
63 ip link add name vxlan0 type vxlan id 10 nolearning \
64 udp6zerocsumrx udp6zerocsumtx ttl 20 tos inherit \
65 local 2001:db8:2::1 dstport 4789
67 ip address add 2001:db8:2::1/128 dev lo
69 ip link set dev $swp1 master br0
70 ip link set dev vxlan0 master br0
72 ip link set dev br0 up
73 ip link set dev $swp1 up
74 ip link set dev vxlan0 up
79 ip link set dev vxlan0 down
80 ip link set dev $swp1 down
81 ip link set dev br0 down
83 ip link set dev vxlan0 nomaster
84 ip link set dev $swp1 nomaster
86 ip address del 2001:db8:2::1/128 dev lo
88 ip link del dev vxlan0
95 # This router is in the default VRF, where the VxLAN device is
96 # performing the L3 lookup
97 ip link set dev $rp1 up
98 ip address add 2001:db8:3::1/64 dev $rp1
99 ip route add 2001:db8:2::0/64 via 2001:db8:3::2
104 ip route del 2001:db8:2::0/64 via 2001:db8:3::2
105 ip address del 2001:db8:3::1/64 dev $rp1
106 ip link set dev $rp1 down
111 # This router is not in the default VRF, so use simple_if_init()
112 simple_if_init $rp2 2001:db8:3::2/64
117 simple_if_fini $rp2 2001:db8:3::2/64
156 flooding_remotes_add()
162 # Prevent unwanted packets from entering the bridge and interfering
164 tc qdisc add dev br0 clsact
165 tc filter add dev br0 egress protocol all pref 1 handle 1 \
166 matchall skip_hw action drop
167 tc qdisc add dev $h1 clsact
168 tc filter add dev $h1 egress protocol all pref 1 handle 1 \
169 flower skip_hw dst_mac de:ad:be:ef:13:37 action pass
170 tc filter add dev $h1 egress protocol all pref 2 handle 2 \
171 matchall skip_hw action drop
173 for i in $(eval echo {1..$num_remotes}); do
176 bridge fdb append 00:00:00:00:00:00 dev vxlan0 self \
181 flooding_filters_add()
187 tc qdisc add dev $rp2 clsact
189 for i in $(eval echo {1..$num_remotes}); do
192 tc filter add dev $rp2 ingress protocol ipv6 pref $i handle $i \
193 flower ip_proto udp dst_ip 2001:db8:2::$lsb \
194 dst_port 4789 skip_sw action drop
198 flooding_filters_del()
203 for i in $(eval echo {1..$num_remotes}); do
204 tc filter del dev $rp2 ingress protocol ipv6 pref $i \
208 tc qdisc del dev $rp2 clsact
210 tc filter del dev $h1 egress protocol all pref 2 handle 2 matchall
211 tc filter del dev $h1 egress protocol all pref 1 handle 1 flower
212 tc qdisc del dev $h1 clsact
213 tc filter del dev br0 egress protocol all pref 1 handle 1 matchall
214 tc qdisc del dev br0 clsact
217 flooding_check_packets()
220 local num_remotes=${#packets[@]}
223 for i in $(eval echo {1..$num_remotes}); do
224 tc_check_packets "dev $rp2 ingress" $i ${packets[i - 1]}
225 check_err $? "remote $i - did not get expected number of packets"
231 # Use 16 remote VTEPs that will be stored in 4 records. The array
232 # 'packets' will store how many packets are expected to be received
233 # by each remote VTEP at each stage of the test
234 declare -a packets=(1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1)
239 # Add FDB entries for remote VTEPs and corresponding tc filters on the
240 # ingress of the nexthop router. These filters will count how many
241 # packets were flooded to each remote VTEP
242 flooding_remotes_add $num_remotes
243 flooding_filters_add $num_remotes
245 # Send one packet and make sure it is flooded to all the remote VTEPs
246 $MZ $h1 -q -p 64 -b de:ad:be:ef:13:37 -t ip -c 1
247 flooding_check_packets "${packets[@]}"
248 log_test "flood after 1 packet"
250 # Delete the third record which corresponds to VTEPs with LSB 10..13
251 # and check that packet is flooded correctly when we remove a record
252 # from the middle of the list
255 packets=(2 2 2 2 2 2 2 2 1 1 1 1 2 2 2 2)
256 bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::10
257 bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::11
258 bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::12
259 bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::13
261 $MZ $h1 -q -p 64 -b de:ad:be:ef:13:37 -t ip -c 1
262 flooding_check_packets "${packets[@]}"
263 log_test "flood after 2 packets"
265 # Delete the first record and make sure the packet is flooded correctly
268 packets=(2 2 2 2 3 3 3 3 1 1 1 1 3 3 3 3)
269 bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::2
270 bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::3
271 bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::4
272 bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::5
274 $MZ $h1 -q -p 64 -b de:ad:be:ef:13:37 -t ip -c 1
275 flooding_check_packets "${packets[@]}"
276 log_test "flood after 3 packets"
278 # Delete the last record and make sure the packet is flooded correctly
281 packets=(2 2 2 2 4 4 4 4 1 1 1 1 3 3 3 3)
282 bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::14
283 bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::15
284 bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::16
285 bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::17
287 $MZ -6 $h1 -q -p 64 -b de:ad:be:ef:13:37 -t ip -c 1
288 flooding_check_packets "${packets[@]}"
289 log_test "flood after 4 packets"
291 # Delete the last record, one entry at a time and make sure single
292 # entries are correctly removed
295 packets=(2 2 2 2 4 5 5 5 1 1 1 1 3 3 3 3)
296 bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::6
298 $MZ -6 $h1 -q -p 64 -b de:ad:be:ef:13:37 -t ip -c 1
299 flooding_check_packets "${packets[@]}"
300 log_test "flood after 5 packets"
304 packets=(2 2 2 2 4 5 6 6 1 1 1 1 3 3 3 3)
305 bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::7
307 $MZ -6 $h1 -q -p 64 -b de:ad:be:ef:13:37 -t ip -c 1
308 flooding_check_packets "${packets[@]}"
309 log_test "flood after 6 packets"
313 packets=(2 2 2 2 4 5 6 7 1 1 1 1 3 3 3 3)
314 bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::8
316 $MZ -6 $h1 -q -p 64 -b de:ad:be:ef:13:37 -t ip -c 1
317 flooding_check_packets "${packets[@]}"
318 log_test "flood after 7 packets"
322 packets=(2 2 2 2 4 5 6 7 1 1 1 1 3 3 3 3)
323 bridge fdb del 00:00:00:00:00:00 dev vxlan0 self dst 2001:db8:2::9
325 $MZ -6 $h1 -q -p 64 -b de:ad:be:ef:13:37 -t ip -c 1
326 flooding_check_packets "${packets[@]}"
327 log_test "flood after 8 packets"
329 flooding_filters_del $num_remotes