linux/tools/testing/selftests/drivers/net/mlxsw/ingress_rif_conf_vxlan.sh

#!/bin/bash
# SPDX-License-Identifier: GPL-2.0

# Test routing after VXLAN decapsulation and verify that the order of
# configuration does not impact switch behavior. Verify that RIF is added
# correctly for existing mapping and that new mapping uses the correct RIF.

# +---------------------------+
# |                        H1 |
# |    + $h1                  |
# |    | 192.0.2.1/28         |
# +----|----------------------+
#      |
# +----|----------------------------------------------------------------------+
# | SW |                                                                      |
# | +--|--------------------------------------------------------------------+ |
# | |  + $swp1                         br1                                  | |
# | |     vid 10 pvid untagged                                              | |
# | |                                                                       | |
# | |                                                                       | |
# | |                                            + vx4001                   | |
# | |                                              local 192.0.2.17         | |
# | |                                              remote 192.0.2.18        | |
# | |                                              id 104001                | |
# | |                                              dstport $VXPORT          | |
# | |                                              vid 4001 pvid untagged   | |
# | |                                                                       | |
# | +----------------------------------+------------------------------------+ |
# |                                    |                                      |
# | +----------------------------------|------------------------------------+ |
# | |                                  |                                    | |
# | |  +-------------------------------+---------------------------------+  | |
# | |  |                                                                 |  | |
# | |  + vlan10                                                 vlan4001 +  | |
# | |    192.0.2.2/28                                                       | |
# | |                                                                       | |
# | |                               vrf-green                               | |
# | +-----------------------------------------------------------------------+ |
# |                                                                           |
# |    + $rp1                                       +lo                       |
# |    | 198.51.100.1/24                             192.0.2.17/32            |
# +----|----------------------------------------------------------------------+
#      |
# +----|--------------------------------------------------------+
# |    |                                             v$rp2      |
# |    + $rp2                                                   |
# |      198.51.100.2/24                                        |
# |                                                             |
# +-------------------------------------------------------------+

lib_dir=$(dirname $0)/../../../net/forwarding

ALL_TESTS="
	vni_fid_map_rif
	rif_vni_fid_map
"

NUM_NETIFS=4
source $lib_dir/lib.sh
source $lib_dir/tc_common.sh
source $lib_dir/devlink_lib.sh

: ${VXPORT:=4789}
export VXPORT

h1_create()
{
	simple_if_init $h1 192.0.2.1/28
}

h1_destroy()
{
	simple_if_fini $h1 192.0.2.1/28
}

switch_create()
{
	ip link add name br1 type bridge vlan_filtering 1 vlan_default_pvid 0 \
		mcast_snooping 0
	# Make sure the bridge uses the MAC address of the local port and not
	# that of the VxLAN's device.
	ip link set dev br1 address $(mac_get $swp1)
	ip link set dev br1 up

	ip link set dev $rp1 up
	ip address add dev $rp1 198.51.100.1/24

	ip link set dev $swp1 master br1
	ip link set dev $swp1 up
	bridge vlan add vid 10 dev $swp1 pvid untagged

	tc qdisc add dev $swp1 clsact

	ip link add name vx4001 type vxlan id 104001 \
		local 192.0.2.17 dstport $VXPORT \
		nolearning noudpcsum tos inherit ttl 100
	ip link set dev vx4001 up

	ip link set dev vx4001 master br1

	ip address add 192.0.2.17/32 dev lo

	# Create SVIs.
	vrf_create "vrf-green"
	ip link set dev vrf-green up

	ip link add link br1 name vlan10 up master vrf-green type vlan id 10

	# Replace neighbor to avoid 1 packet which is forwarded in software due
	# to "unresolved neigh".
	ip neigh replace dev vlan10 192.0.2.1 lladdr $(mac_get $h1)

	ip address add 192.0.2.2/28 dev vlan10

	bridge vlan add vid 10 dev br1 self
	bridge vlan add vid 4001 dev br1 self

	sysctl_set net.ipv4.conf.all.rp_filter 0
}

switch_destroy()
{
	sysctl_restore net.ipv4.conf.all.rp_filter

	bridge vlan del vid 4001 dev br1 self
	bridge vlan del vid 10 dev br1 self

	ip link del dev vlan10

	vrf_destroy "vrf-green"

	ip address del 192.0.2.17/32 dev lo

	tc qdisc del dev $swp1 clsact

	bridge vlan del vid 10 dev $swp1
	ip link set dev $swp1 down
	ip link set dev $swp1 nomaster

	ip link set dev vx4001 nomaster

	ip link set dev vx4001 down
	ip link del dev vx4001

	ip address del dev $rp1 198.51.100.1/24
	ip link set dev $rp1 down

	ip link set dev br1 down
	ip link del dev br1
}

vrp2_create()
{
	simple_if_init $rp2 198.51.100.2/24

	ip route add 192.0.2.17/32 vrf v$rp2 nexthop via 198.51.100.1
}

vrp2_destroy()
{
	ip route del 192.0.2.17/32 vrf v$rp2 nexthop via 198.51.100.1

	simple_if_fini $rp2 198.51.100.2/24
}

setup_prepare()
{
	h1=${NETIFS[p1]}
	swp1=${NETIFS[p2]}

	rp1=${NETIFS[p3]}
	rp2=${NETIFS[p4]}

	vrf_prepare
	forwarding_enable

	h1_create
	switch_create

	vrp2_create
}

cleanup()
{
	pre_cleanup

	vrp2_destroy

	switch_destroy
	h1_destroy

	forwarding_restore
	vrf_cleanup
}

payload_get()
{
	local dest_mac=$(mac_get vlan4001)
	local src_mac=$(mac_get $rp1)

	p=$(:
		)"08:"$(                      : VXLAN flags
		)"00:00:00:"$(                : VXLAN reserved
		)"01:96:41:"$(                : VXLAN VNI : 104001
		)"00:"$(                      : VXLAN reserved
		)"$dest_mac:"$(               : ETH daddr
		)"$src_mac:"$(                : ETH saddr
		)"08:00:"$(                   : ETH type
		)"45:"$(                      : IP version + IHL
		)"00:"$(                      : IP TOS
		)"00:54:"$(                   : IP total length
		)"3f:49:"$(                   : IP identification
		)"00:00:"$(                   : IP flags + frag off
		)"3f:"$(                      : IP TTL
		)"01:"$(                      : IP proto
		)"50:21:"$(                   : IP header csum
		)"c6:33:64:0a:"$(             : IP saddr: 198.51.100.10
		)"c0:00:02:01:"$(             : IP daddr: 192.0.2.1
	)
	echo $p
}

vlan_rif_add()
{
	rifs_occ_t0=$(devlink_resource_occ_get rifs)

	ip link add link br1 name vlan4001 up master vrf-green \
		type vlan id 4001

	rifs_occ_t1=$(devlink_resource_occ_get rifs)
	expected_rifs=$((rifs_occ_t0 + 1))

	[[ $expected_rifs -eq $rifs_occ_t1 ]]
	check_err $? "Expected $expected_rifs RIFs, $rifs_occ_t1 are used"
}

vlan_rif_del()
{
	ip link del dev vlan4001
}

vni_fid_map_rif()
{
	local rp1_mac=$(mac_get $rp1)

	RET=0

	# First add VNI->FID mapping to the FID of VLAN 4001
	bridge vlan add vid 4001 dev vx4001 pvid untagged

	# Add a RIF to the FID with VNI->FID mapping
	vlan_rif_add

	tc filter add dev $swp1 egress protocol ip pref 1 handle 101 \
		flower skip_sw dst_ip 192.0.2.1 action pass

	payload=$(payload_get)
	ip vrf exec v$rp2 $MZ $rp2 -c 10 -d 1msec -b $rp1_mac \
		-B 192.0.2.17 -A 192.0.2.18 \
		-t udp sp=12345,dp=$VXPORT,p=$payload -q

	tc_check_at_least_x_packets "dev $swp1 egress" 101 10
	check_err $? "Packets were not routed in hardware"

	log_test "Add RIF for existing VNI->FID mapping"

	tc filter del dev $swp1 egress

	bridge vlan del vid 4001 dev vx4001 pvid untagged
	vlan_rif_del
}

rif_vni_fid_map()
{
	local rp1_mac=$(mac_get $rp1)

	RET=0

	# First add a RIF to the FID of VLAN 4001
	vlan_rif_add

	# Add VNI->FID mapping to FID with a RIF
	bridge vlan add vid 4001 dev vx4001 pvid untagged

	tc filter add dev $swp1 egress protocol ip pref 1 handle 101 \
		flower skip_sw dst_ip 192.0.2.1 action pass

	payload=$(payload_get)
	ip vrf exec v$rp2 $MZ $rp2 -c 10 -d 1msec -b $rp1_mac \
		-B 192.0.2.17 -A 192.0.2.18 \
		-t udp sp=12345,dp=$VXPORT,p=$payload -q

	tc_check_at_least_x_packets "dev $swp1 egress" 101 10
	check_err $? "Packets were not routed in hardware"

	log_test "Add VNI->FID mapping for FID with a RIF"

	tc filter del dev $swp1 egress

	bridge vlan del vid 4001 dev vx4001 pvid untagged
	vlan_rif_del
}

trap cleanup EXIT

setup_prepare
setup_wait

tests_run

exit $EXIT_STATUS