1d7cdd897SAlexander V. Chernikov#!/usr/bin/env atf-sh 2d7cdd897SAlexander V. Chernikov#- 3d7cdd897SAlexander V. Chernikov# SPDX-License-Identifier: BSD-2-Clause 4d7cdd897SAlexander V. Chernikov# 5d7cdd897SAlexander V. Chernikov# Copyright (c) 2020 Alexander V. Chernikov 6d7cdd897SAlexander V. Chernikov# 7d7cdd897SAlexander V. Chernikov# Redistribution and use in source and binary forms, with or without 8d7cdd897SAlexander V. Chernikov# modification, are permitted provided that the following conditions 9d7cdd897SAlexander V. Chernikov# are met: 10d7cdd897SAlexander V. Chernikov# 1. Redistributions of source code must retain the above copyright 11d7cdd897SAlexander V. Chernikov# notice, this list of conditions and the following disclaimer. 12d7cdd897SAlexander V. Chernikov# 2. Redistributions in binary form must reproduce the above copyright 13d7cdd897SAlexander V. Chernikov# notice, this list of conditions and the following disclaimer in the 14d7cdd897SAlexander V. Chernikov# documentation and/or other materials provided with the distribution. 15d7cdd897SAlexander V. Chernikov# 16d7cdd897SAlexander V. Chernikov# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17d7cdd897SAlexander V. Chernikov# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18d7cdd897SAlexander V. Chernikov# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19d7cdd897SAlexander V. Chernikov# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20d7cdd897SAlexander V. Chernikov# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21d7cdd897SAlexander V. Chernikov# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22d7cdd897SAlexander V. Chernikov# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23d7cdd897SAlexander V. Chernikov# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24d7cdd897SAlexander V. Chernikov# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25d7cdd897SAlexander V. Chernikov# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26d7cdd897SAlexander V. Chernikov# SUCH DAMAGE. 27d7cdd897SAlexander V. Chernikov# 28d7cdd897SAlexander V. Chernikov# 29d7cdd897SAlexander V. Chernikov 30d7cdd897SAlexander V. Chernikov. $(atf_get_srcdir)/../common/vnet.subr 31d7cdd897SAlexander V. Chernikov 32d7cdd897SAlexander V. Chernikovatf_test_case "fwd_ip6_gu_icmp_iface_fast_success" "cleanup" 33d7cdd897SAlexander V. Chernikovfwd_ip6_gu_icmp_iface_fast_success_head() { 34d7cdd897SAlexander V. Chernikov 35d7cdd897SAlexander V. Chernikov atf_set descr 'Test valid IPv6 global unicast fast-forwarding to interface' 36d7cdd897SAlexander V. Chernikov atf_set require.user root 37d7cdd897SAlexander V. Chernikov atf_set require.progs scapy 38d7cdd897SAlexander V. Chernikov} 39d7cdd897SAlexander V. Chernikov 40d7cdd897SAlexander V. Chernikovfwd_ip6_gu_icmp_iface_fast_success_body() { 41d7cdd897SAlexander V. Chernikov 42d7cdd897SAlexander V. Chernikov ids=65529 43d7cdd897SAlexander V. Chernikov id=`printf "%x" ${ids}` 44d7cdd897SAlexander V. Chernikov if [ $$ -gt 65535 ]; then 45d7cdd897SAlexander V. Chernikov xl=`printf "%x" $(($$ - 65535))` 46d7cdd897SAlexander V. Chernikov yl="1" 47d7cdd897SAlexander V. Chernikov else 48d7cdd897SAlexander V. Chernikov xl=`printf "%x" $$` 49d7cdd897SAlexander V. Chernikov yl="" 50d7cdd897SAlexander V. Chernikov fi 51d7cdd897SAlexander V. Chernikov 52d7cdd897SAlexander V. Chernikov vnet_init 53d7cdd897SAlexander V. Chernikov 54d7cdd897SAlexander V. Chernikov ip6a="2001:db8:6666:0000:${yl}:${id}:1:${xl}" 55d7cdd897SAlexander V. Chernikov ip6b="2001:db8:6666:0000:${yl}:${id}:2:${xl}" 56d7cdd897SAlexander V. Chernikov plen=96 57d7cdd897SAlexander V. Chernikov 58d7cdd897SAlexander V. Chernikov src_ip="2001:db8:6666:0000:${yl}:${id}:3:${xl}" 59d7cdd897SAlexander V. Chernikov 60d7cdd897SAlexander V. Chernikov script_name="../common/sender.py" 61d7cdd897SAlexander V. Chernikov 62d7cdd897SAlexander V. Chernikov epair=$(vnet_mkepair) 63d7cdd897SAlexander V. Chernikov ifconfig ${epair}a up 64d7cdd897SAlexander V. Chernikov ifconfig ${epair}a inet6 ${ip6a}/${plen} 65d7cdd897SAlexander V. Chernikov 66d7cdd897SAlexander V. Chernikov jname="v6t-${id}-${yl}-${xl}" 67d7cdd897SAlexander V. Chernikov vnet_mkjail ${jname} ${epair}b 68d7cdd897SAlexander V. Chernikov jexec ${jname} ifconfig ${epair}b up 69d7cdd897SAlexander V. Chernikov jexec ${jname} ifconfig ${epair}b inet6 ${ip6b}/${plen} 70d7cdd897SAlexander V. Chernikov 71d7cdd897SAlexander V. Chernikov jail_mac=`jexec ${jname} ifconfig ${epair}b ether | awk '$1~/ether/{print$2}'` 72d7cdd897SAlexander V. Chernikov 73d7cdd897SAlexander V. Chernikov our_mac=`ifconfig ${epair}a ether | awk '$1~/ether/{print$2}'` 74d7cdd897SAlexander V. Chernikov 75d7cdd897SAlexander V. Chernikov # wait for DAD to complete 76d7cdd897SAlexander V. Chernikov while [ `jexec ${jname} ifconfig ${epair}b inet6 | grep -c tentative` != "0" ]; do 77d7cdd897SAlexander V. Chernikov sleep 0.1 78d7cdd897SAlexander V. Chernikov done 79d7cdd897SAlexander V. Chernikov while [ `ifconfig ${epair}a inet6 | grep -c tentative` != "0" ]; do 80d7cdd897SAlexander V. Chernikov sleep 0.1 81d7cdd897SAlexander V. Chernikov done 82d7cdd897SAlexander V. Chernikov 83d7cdd897SAlexander V. Chernikov jexec ${jname} sysctl net.inet6.ip6.forwarding=1 84d7cdd897SAlexander V. Chernikov # As we're doing router-on-the-stick, turn sending IP redirects off: 85d7cdd897SAlexander V. Chernikov jexec ${jname} sysctl net.inet6.ip6.redirect=0 86d7cdd897SAlexander V. Chernikov 87d7cdd897SAlexander V. Chernikov atf_check -s exit:0 $(atf_get_srcdir)/${script_name} \ 88d7cdd897SAlexander V. Chernikov --test_name fwd_ip6_icmp \ 89d7cdd897SAlexander V. Chernikov --smac ${our_mac} --dmac ${jail_mac} \ 90d7cdd897SAlexander V. Chernikov --sip ${src_ip} --dip ${ip6a} \ 91d7cdd897SAlexander V. Chernikov --iface ${epair}a 92d7cdd897SAlexander V. Chernikov 93d7cdd897SAlexander V. Chernikov # check counters are valid 94d7cdd897SAlexander V. Chernikov atf_check -o match:'1 packet forwarded' jexec ${jname} netstat -sp ip6 95d7cdd897SAlexander V. Chernikov} 96d7cdd897SAlexander V. Chernikov 97d7cdd897SAlexander V. Chernikovfwd_ip6_gu_icmp_iface_fast_success_cleanup() { 98d7cdd897SAlexander V. Chernikov 99d7cdd897SAlexander V. Chernikov vnet_cleanup 100d7cdd897SAlexander V. Chernikov} 101d7cdd897SAlexander V. Chernikov 102d7cdd897SAlexander V. Chernikovatf_test_case "fwd_ip6_gu_icmp_gw_gu_fast_success" "cleanup" 103d7cdd897SAlexander V. Chernikovfwd_ip6_gu_icmp_gw_gu_fast_success_head() { 104d7cdd897SAlexander V. Chernikov 105d7cdd897SAlexander V. Chernikov atf_set descr 'Test valid IPv6 global unicast fast-forwarding to GU gw' 106d7cdd897SAlexander V. Chernikov atf_set require.user root 107d7cdd897SAlexander V. Chernikov atf_set require.progs scapy 108d7cdd897SAlexander V. Chernikov} 109d7cdd897SAlexander V. Chernikov 110d7cdd897SAlexander V. Chernikovfwd_ip6_gu_icmp_gw_gu_fast_success_body() { 111d7cdd897SAlexander V. Chernikov 112d7cdd897SAlexander V. Chernikov ids=65528 113d7cdd897SAlexander V. Chernikov id=`printf "%x" ${ids}` 114d7cdd897SAlexander V. Chernikov if [ $$ -gt 65535 ]; then 115d7cdd897SAlexander V. Chernikov xl=`printf "%x" $(($$ - 65535))` 116d7cdd897SAlexander V. Chernikov yl="1" 117d7cdd897SAlexander V. Chernikov else 118d7cdd897SAlexander V. Chernikov xl=`printf "%x" $$` 119d7cdd897SAlexander V. Chernikov yl="" 120d7cdd897SAlexander V. Chernikov fi 121d7cdd897SAlexander V. Chernikov 122d7cdd897SAlexander V. Chernikov vnet_init 123d7cdd897SAlexander V. Chernikov 124d7cdd897SAlexander V. Chernikov ip6a="2001:db8:6666:0000:${yl}:${id}:1:${xl}" 125d7cdd897SAlexander V. Chernikov ip6b="2001:db8:6666:0000:${yl}:${id}:2:${xl}" 126d7cdd897SAlexander V. Chernikov plen=96 127d7cdd897SAlexander V. Chernikov 128d7cdd897SAlexander V. Chernikov src_ip="2001:db8:6666:0000:${yl}:${id}:3:${xl}" 129d7cdd897SAlexander V. Chernikov dst_ip="2001:db8:6666:0000:${yl}:${id}:4:${xl}" 130d7cdd897SAlexander V. Chernikov 131d7cdd897SAlexander V. Chernikov script_name="../common/sender.py" 132d7cdd897SAlexander V. Chernikov 133d7cdd897SAlexander V. Chernikov epair=$(vnet_mkepair) 134d7cdd897SAlexander V. Chernikov ifconfig ${epair}a up 135d7cdd897SAlexander V. Chernikov ifconfig ${epair}a inet6 ${ip6a}/${plen} 136d7cdd897SAlexander V. Chernikov 137d7cdd897SAlexander V. Chernikov jname="v6t-${id}-${yl}-${xl}" 138d7cdd897SAlexander V. Chernikov vnet_mkjail ${jname} ${epair}b 139d7cdd897SAlexander V. Chernikov jexec ${jname} ifconfig ${epair}b up 140d7cdd897SAlexander V. Chernikov jexec ${jname} ifconfig ${epair}b inet6 ${ip6b}/${plen} 141d7cdd897SAlexander V. Chernikov 142d7cdd897SAlexander V. Chernikov jail_mac=`jexec ${jname} ifconfig ${epair}b ether | awk '$1~/ether/{print$2}'` 143d7cdd897SAlexander V. Chernikov 144d7cdd897SAlexander V. Chernikov our_mac=`ifconfig ${epair}a ether | awk '$1~/ether/{print$2}'` 145d7cdd897SAlexander V. Chernikov 146d7cdd897SAlexander V. Chernikov # wait for DAD to complete 147d7cdd897SAlexander V. Chernikov while [ `jexec ${jname} ifconfig ${epair}b inet6 | grep -c tentative` != "0" ]; do 148d7cdd897SAlexander V. Chernikov sleep 0.1 149d7cdd897SAlexander V. Chernikov done 150d7cdd897SAlexander V. Chernikov while [ `ifconfig ${epair}a inet6 | grep -c tentative` != "0" ]; do 151d7cdd897SAlexander V. Chernikov sleep 0.1 152d7cdd897SAlexander V. Chernikov done 153d7cdd897SAlexander V. Chernikov 154d7cdd897SAlexander V. Chernikov # Add static route back to us 155d7cdd897SAlexander V. Chernikov jexec ${jname} route add -6 -host ${dst_ip} ${ip6a} 156d7cdd897SAlexander V. Chernikov 157d7cdd897SAlexander V. Chernikov jexec ${jname} sysctl net.inet6.ip6.forwarding=1 158d7cdd897SAlexander V. Chernikov # As we're doing router-on-the-stick, turn sending IP redirects off: 159d7cdd897SAlexander V. Chernikov jexec ${jname} sysctl net.inet6.ip6.redirect=0 160d7cdd897SAlexander V. Chernikov 161d7cdd897SAlexander V. Chernikov atf_check -s exit:0 $(atf_get_srcdir)/${script_name} \ 162d7cdd897SAlexander V. Chernikov --test_name fwd_ip6_icmp \ 163d7cdd897SAlexander V. Chernikov --smac ${our_mac} --dmac ${jail_mac} \ 164d7cdd897SAlexander V. Chernikov --sip ${src_ip} --dip ${dst_ip} \ 165d7cdd897SAlexander V. Chernikov --iface ${epair}a 166d7cdd897SAlexander V. Chernikov 167d7cdd897SAlexander V. Chernikov # check counters are valid 168d7cdd897SAlexander V. Chernikov atf_check -o match:'1 packet forwarded' jexec ${jname} netstat -sp ip6 169d7cdd897SAlexander V. Chernikov} 170d7cdd897SAlexander V. Chernikov 171d7cdd897SAlexander V. Chernikovfwd_ip6_gu_icmp_gw_gu_fast_success_cleanup() { 172d7cdd897SAlexander V. Chernikov 173d7cdd897SAlexander V. Chernikov vnet_cleanup 174d7cdd897SAlexander V. Chernikov} 175d7cdd897SAlexander V. Chernikov 176d7cdd897SAlexander V. Chernikovatf_test_case "fwd_ip6_gu_icmp_gw_ll_fast_success" "cleanup" 177d7cdd897SAlexander V. Chernikovfwd_ip6_gu_icmp_gw_ll_fast_success_head() { 178d7cdd897SAlexander V. Chernikov 179d7cdd897SAlexander V. Chernikov atf_set descr 'Test valid IPv6 global unicast fast-forwarding to LL gw' 180d7cdd897SAlexander V. Chernikov atf_set require.user root 181d7cdd897SAlexander V. Chernikov atf_set require.progs scapy 182d7cdd897SAlexander V. Chernikov} 183d7cdd897SAlexander V. Chernikov 184d7cdd897SAlexander V. Chernikovfwd_ip6_gu_icmp_gw_ll_fast_success_body() { 185d7cdd897SAlexander V. Chernikov 186d7cdd897SAlexander V. Chernikov ids=65527 187d7cdd897SAlexander V. Chernikov id=`printf "%x" ${ids}` 188d7cdd897SAlexander V. Chernikov if [ $$ -gt 65535 ]; then 189d7cdd897SAlexander V. Chernikov xl=`printf "%x" $(($$ - 65535))` 190d7cdd897SAlexander V. Chernikov yl="1" 191d7cdd897SAlexander V. Chernikov else 192d7cdd897SAlexander V. Chernikov xl=`printf "%x" $$` 193d7cdd897SAlexander V. Chernikov yl="" 194d7cdd897SAlexander V. Chernikov fi 195d7cdd897SAlexander V. Chernikov 196d7cdd897SAlexander V. Chernikov vnet_init 197d7cdd897SAlexander V. Chernikov 198d7cdd897SAlexander V. Chernikov ip6a="2001:db8:6666:0000:${yl}:${id}:1:${xl}" 199d7cdd897SAlexander V. Chernikov ip6b="2001:db8:6666:0000:${yl}:${id}:2:${xl}" 200d7cdd897SAlexander V. Chernikov plen=96 201d7cdd897SAlexander V. Chernikov 202d7cdd897SAlexander V. Chernikov src_ip="2001:db8:6666:0000:${yl}:${id}:3:${xl}" 203d7cdd897SAlexander V. Chernikov dst_ip="2001:db8:6666:0000:${yl}:${id}:4:${xl}" 204d7cdd897SAlexander V. Chernikov 205d7cdd897SAlexander V. Chernikov script_name="../common/sender.py" 206d7cdd897SAlexander V. Chernikov 207d7cdd897SAlexander V. Chernikov epair=$(vnet_mkepair) 208d7cdd897SAlexander V. Chernikov ifconfig ${epair}a up 209d7cdd897SAlexander V. Chernikov ifconfig ${epair}a inet6 ${ip6a}/${plen} 210d7cdd897SAlexander V. Chernikov 211d7cdd897SAlexander V. Chernikov jname="v6t-${id}-${yl}-${xl}" 212d7cdd897SAlexander V. Chernikov vnet_mkjail ${jname} ${epair}b 213d7cdd897SAlexander V. Chernikov jexec ${jname} ifconfig ${epair}b up 214d7cdd897SAlexander V. Chernikov jexec ${jname} ifconfig ${epair}b inet6 ${ip6b}/${plen} 215d7cdd897SAlexander V. Chernikov 216d7cdd897SAlexander V. Chernikov jail_mac=`jexec ${jname} ifconfig ${epair}b ether | awk '$1~/ether/{print$2}'` 217d7cdd897SAlexander V. Chernikov 218d7cdd897SAlexander V. Chernikov our_mac=`ifconfig ${epair}a ether | awk '$1~/ether/{print$2}'` 219d7cdd897SAlexander V. Chernikov our_ll_ip=`ifconfig ${epair}a inet6 | awk '$1~/inet6/&& $2~/^fe80:/{print$2}' | awk -F% '{print$1}'` 220d7cdd897SAlexander V. Chernikov 221d7cdd897SAlexander V. Chernikov # wait for DAD to complete 222d7cdd897SAlexander V. Chernikov while [ `jexec ${jname} ifconfig ${epair}b inet6 | grep -c tentative` != "0" ]; do 223d7cdd897SAlexander V. Chernikov sleep 0.1 224d7cdd897SAlexander V. Chernikov done 225d7cdd897SAlexander V. Chernikov while [ `ifconfig ${epair}a inet6 | grep -c tentative` != "0" ]; do 226d7cdd897SAlexander V. Chernikov sleep 0.1 227d7cdd897SAlexander V. Chernikov done 228d7cdd897SAlexander V. Chernikov 229d7cdd897SAlexander V. Chernikov # Add static route back to us 230d7cdd897SAlexander V. Chernikov atf_check -s exit:0 -o ignore jexec ${jname} route add -6 -host ${dst_ip} ${our_ll_ip}%${epair}b 231d7cdd897SAlexander V. Chernikov 232d7cdd897SAlexander V. Chernikov jexec ${jname} sysctl net.inet6.ip6.forwarding=1 233d7cdd897SAlexander V. Chernikov # As we're doing router-on-the-stick, turn sending IP redirects off: 234d7cdd897SAlexander V. Chernikov jexec ${jname} sysctl net.inet6.ip6.redirect=0 235d7cdd897SAlexander V. Chernikov 236d7cdd897SAlexander V. Chernikov atf_check -s exit:0 $(atf_get_srcdir)/${script_name} \ 237d7cdd897SAlexander V. Chernikov --test_name fwd_ip6_icmp \ 238d7cdd897SAlexander V. Chernikov --smac ${our_mac} --dmac ${jail_mac} \ 239d7cdd897SAlexander V. Chernikov --sip ${src_ip} --dip ${dst_ip} \ 240d7cdd897SAlexander V. Chernikov --iface ${epair}a 241d7cdd897SAlexander V. Chernikov 242d7cdd897SAlexander V. Chernikov # check counters are valid 243d7cdd897SAlexander V. Chernikov atf_check -o match:'1 packet forwarded' jexec ${jname} netstat -sp ip6 244d7cdd897SAlexander V. Chernikov} 245d7cdd897SAlexander V. Chernikov 246d7cdd897SAlexander V. Chernikovfwd_ip6_gu_icmp_gw_ll_fast_success_cleanup() { 247d7cdd897SAlexander V. Chernikov 248d7cdd897SAlexander V. Chernikov vnet_cleanup 249d7cdd897SAlexander V. Chernikov} 250d7cdd897SAlexander V. Chernikov 251d7cdd897SAlexander V. Chernikovatf_test_case "fwd_ip6_gu_icmp_iface_slow_success" "cleanup" 252d7cdd897SAlexander V. Chernikovfwd_ip6_gu_icmp_iface_slow_success_head() { 253d7cdd897SAlexander V. Chernikov 254d7cdd897SAlexander V. Chernikov atf_set descr 'Test valid IPv6 global unicast fast-forwarding to interface' 255d7cdd897SAlexander V. Chernikov atf_set require.user root 256d7cdd897SAlexander V. Chernikov atf_set require.progs scapy 257d7cdd897SAlexander V. Chernikov} 258d7cdd897SAlexander V. Chernikov 259d7cdd897SAlexander V. Chernikovfwd_ip6_gu_icmp_iface_slow_success_body() { 260d7cdd897SAlexander V. Chernikov 261d7cdd897SAlexander V. Chernikov ids=65526 262d7cdd897SAlexander V. Chernikov id=`printf "%x" ${ids}` 263d7cdd897SAlexander V. Chernikov if [ $$ -gt 65535 ]; then 264d7cdd897SAlexander V. Chernikov xl=`printf "%x" $(($$ - 65535))` 265d7cdd897SAlexander V. Chernikov yl="1" 266d7cdd897SAlexander V. Chernikov else 267d7cdd897SAlexander V. Chernikov xl=`printf "%x" $$` 268d7cdd897SAlexander V. Chernikov yl="" 269d7cdd897SAlexander V. Chernikov fi 270d7cdd897SAlexander V. Chernikov 271d7cdd897SAlexander V. Chernikov vnet_init 272d7cdd897SAlexander V. Chernikov 273d7cdd897SAlexander V. Chernikov ip6a="2001:db8:6666:0000:${yl}:${id}:1:${xl}" 274d7cdd897SAlexander V. Chernikov ip6b="2001:db8:6666:0000:${yl}:${id}:2:${xl}" 275d7cdd897SAlexander V. Chernikov plen=96 276d7cdd897SAlexander V. Chernikov 277d7cdd897SAlexander V. Chernikov src_ip="2001:db8:6666:0000:${yl}:${id}:3:${xl}" 278d7cdd897SAlexander V. Chernikov 279d7cdd897SAlexander V. Chernikov script_name="../common/sender.py" 280d7cdd897SAlexander V. Chernikov 281d7cdd897SAlexander V. Chernikov epair=$(vnet_mkepair) 282d7cdd897SAlexander V. Chernikov ifconfig ${epair}a up 283d7cdd897SAlexander V. Chernikov ifconfig ${epair}a inet6 ${ip6a}/${plen} 284d7cdd897SAlexander V. Chernikov 285d7cdd897SAlexander V. Chernikov jname="v6t-${id}-${yl}-${xl}" 286d7cdd897SAlexander V. Chernikov vnet_mkjail ${jname} ${epair}b 287d7cdd897SAlexander V. Chernikov jexec ${jname} ifconfig ${epair}b up 288d7cdd897SAlexander V. Chernikov jexec ${jname} ifconfig ${epair}b inet6 ${ip6b}/${plen} 289d7cdd897SAlexander V. Chernikov 290d7cdd897SAlexander V. Chernikov jail_mac=`jexec ${jname} ifconfig ${epair}b ether | awk '$1~/ether/{print$2}'` 291d7cdd897SAlexander V. Chernikov 292d7cdd897SAlexander V. Chernikov our_mac=`ifconfig ${epair}a ether | awk '$1~/ether/{print$2}'` 293d7cdd897SAlexander V. Chernikov 294d7cdd897SAlexander V. Chernikov # wait for DAD to complete 295d7cdd897SAlexander V. Chernikov while [ `jexec ${jname} ifconfig ${epair}b inet6 | grep -c tentative` != "0" ]; do 296d7cdd897SAlexander V. Chernikov sleep 0.1 297d7cdd897SAlexander V. Chernikov done 298d7cdd897SAlexander V. Chernikov while [ `ifconfig ${epair}a inet6 | grep -c tentative` != "0" ]; do 299d7cdd897SAlexander V. Chernikov sleep 0.1 300d7cdd897SAlexander V. Chernikov done 301d7cdd897SAlexander V. Chernikov 302d7cdd897SAlexander V. Chernikov jexec ${jname} sysctl net.inet6.ip6.forwarding=1 303d7cdd897SAlexander V. Chernikov # Do not turn off route redirects to ensure slow path is on 304d7cdd897SAlexander V. Chernikov 305d7cdd897SAlexander V. Chernikov atf_check -s exit:0 $(atf_get_srcdir)/${script_name} \ 306d7cdd897SAlexander V. Chernikov --test_name fwd_ip6_icmp \ 307d7cdd897SAlexander V. Chernikov --smac ${our_mac} --dmac ${jail_mac} \ 308d7cdd897SAlexander V. Chernikov --sip ${src_ip} --dip ${ip6a} \ 309d7cdd897SAlexander V. Chernikov --iface ${epair}a 310d7cdd897SAlexander V. Chernikov 311d7cdd897SAlexander V. Chernikov # check counters are valid 312d7cdd897SAlexander V. Chernikov atf_check -o match:'1 packet forwarded' jexec ${jname} netstat -sp ip6 313d7cdd897SAlexander V. Chernikov} 314d7cdd897SAlexander V. Chernikov 315d7cdd897SAlexander V. Chernikovfwd_ip6_gu_icmp_iface_slow_success_cleanup() { 316d7cdd897SAlexander V. Chernikov 317d7cdd897SAlexander V. Chernikov vnet_cleanup 318d7cdd897SAlexander V. Chernikov} 319d7cdd897SAlexander V. Chernikov 320d7cdd897SAlexander V. Chernikovatf_test_case "fwd_ip6_gu_icmp_gw_gu_slow_success" "cleanup" 321d7cdd897SAlexander V. Chernikovfwd_ip6_gu_icmp_gw_gu_slow_success_head() { 322d7cdd897SAlexander V. Chernikov 323d7cdd897SAlexander V. Chernikov atf_set descr 'Test valid IPv6 global unicast fast-forwarding to GU gw' 324d7cdd897SAlexander V. Chernikov atf_set require.user root 325d7cdd897SAlexander V. Chernikov atf_set require.progs scapy 326d7cdd897SAlexander V. Chernikov} 327d7cdd897SAlexander V. Chernikov 328d7cdd897SAlexander V. Chernikovfwd_ip6_gu_icmp_gw_gu_slow_success_body() { 329d7cdd897SAlexander V. Chernikov 330d7cdd897SAlexander V. Chernikov ids=65525 331d7cdd897SAlexander V. Chernikov id=`printf "%x" ${ids}` 332d7cdd897SAlexander V. Chernikov if [ $$ -gt 65535 ]; then 333d7cdd897SAlexander V. Chernikov xl=`printf "%x" $(($$ - 65535))` 334d7cdd897SAlexander V. Chernikov yl="1" 335d7cdd897SAlexander V. Chernikov else 336d7cdd897SAlexander V. Chernikov xl=`printf "%x" $$` 337d7cdd897SAlexander V. Chernikov yl="" 338d7cdd897SAlexander V. Chernikov fi 339d7cdd897SAlexander V. Chernikov 340d7cdd897SAlexander V. Chernikov vnet_init 341d7cdd897SAlexander V. Chernikov 342d7cdd897SAlexander V. Chernikov ip6a="2001:db8:6666:0000:${yl}:${id}:1:${xl}" 343d7cdd897SAlexander V. Chernikov ip6b="2001:db8:6666:0000:${yl}:${id}:2:${xl}" 344d7cdd897SAlexander V. Chernikov plen=96 345d7cdd897SAlexander V. Chernikov 346d7cdd897SAlexander V. Chernikov src_ip="2001:db8:6666:0000:${yl}:${id}:3:${xl}" 347d7cdd897SAlexander V. Chernikov dst_ip="2001:db8:6666:0000:${yl}:${id}:4:${xl}" 348d7cdd897SAlexander V. Chernikov 349d7cdd897SAlexander V. Chernikov script_name="../common/sender.py" 350d7cdd897SAlexander V. Chernikov 351d7cdd897SAlexander V. Chernikov epair=$(vnet_mkepair) 352d7cdd897SAlexander V. Chernikov ifconfig ${epair}a up 353d7cdd897SAlexander V. Chernikov ifconfig ${epair}a inet6 ${ip6a}/${plen} 354d7cdd897SAlexander V. Chernikov 355d7cdd897SAlexander V. Chernikov jname="v6t-${id}-${yl}-${xl}" 356d7cdd897SAlexander V. Chernikov vnet_mkjail ${jname} ${epair}b 357d7cdd897SAlexander V. Chernikov jexec ${jname} ifconfig ${epair}b up 358d7cdd897SAlexander V. Chernikov jexec ${jname} ifconfig ${epair}b inet6 ${ip6b}/${plen} 359d7cdd897SAlexander V. Chernikov 360d7cdd897SAlexander V. Chernikov jail_mac=`jexec ${jname} ifconfig ${epair}b ether | awk '$1~/ether/{print$2}'` 361d7cdd897SAlexander V. Chernikov 362d7cdd897SAlexander V. Chernikov our_mac=`ifconfig ${epair}a ether | awk '$1~/ether/{print$2}'` 363d7cdd897SAlexander V. Chernikov 364d7cdd897SAlexander V. Chernikov # wait for DAD to complete 365d7cdd897SAlexander V. Chernikov while [ `jexec ${jname} ifconfig ${epair}b inet6 | grep -c tentative` != "0" ]; do 366d7cdd897SAlexander V. Chernikov sleep 0.1 367d7cdd897SAlexander V. Chernikov done 368d7cdd897SAlexander V. Chernikov while [ `ifconfig ${epair}a inet6 | grep -c tentative` != "0" ]; do 369d7cdd897SAlexander V. Chernikov sleep 0.1 370d7cdd897SAlexander V. Chernikov done 371d7cdd897SAlexander V. Chernikov 372d7cdd897SAlexander V. Chernikov # Add static route back to us 373d7cdd897SAlexander V. Chernikov jexec ${jname} route add -6 -host ${dst_ip} ${ip6a} 374d7cdd897SAlexander V. Chernikov 375d7cdd897SAlexander V. Chernikov jexec ${jname} sysctl net.inet6.ip6.forwarding=1 376d7cdd897SAlexander V. Chernikov # Do not turn off route redirects to ensure slow path is on 377d7cdd897SAlexander V. Chernikov 3783f73fbb0SMark Johnston atf_check -s exit:0 \ 379d7cdd897SAlexander V. Chernikov $(atf_get_srcdir)/${script_name} \ 380d7cdd897SAlexander V. Chernikov --test_name fwd_ip6_icmp \ 381d7cdd897SAlexander V. Chernikov --smac ${our_mac} --dmac ${jail_mac} \ 382d7cdd897SAlexander V. Chernikov --sip ${src_ip} --dip ${dst_ip} \ 383d7cdd897SAlexander V. Chernikov --iface ${epair}a 384d7cdd897SAlexander V. Chernikov jexec ${jname} netstat -sp ip6 385d7cdd897SAlexander V. Chernikov 386d7cdd897SAlexander V. Chernikov # check counters are valid 387d7cdd897SAlexander V. Chernikov atf_check -o match:'1 packet forwarded' jexec ${jname} netstat -sp ip6 388d7cdd897SAlexander V. Chernikov} 389d7cdd897SAlexander V. Chernikov 390d7cdd897SAlexander V. Chernikovfwd_ip6_gu_icmp_gw_gu_slow_success_cleanup() { 391d7cdd897SAlexander V. Chernikov 392d7cdd897SAlexander V. Chernikov vnet_cleanup 393d7cdd897SAlexander V. Chernikov} 394d7cdd897SAlexander V. Chernikov 395d7cdd897SAlexander V. Chernikovatf_test_case "fwd_ip6_gu_icmp_gw_ll_slow_success" "cleanup" 396d7cdd897SAlexander V. Chernikovfwd_ip6_gu_icmp_gw_ll_slow_success_head() { 397d7cdd897SAlexander V. Chernikov 398d7cdd897SAlexander V. Chernikov atf_set descr 'Test valid IPv6 global unicast fast-forwarding to LL gw' 399d7cdd897SAlexander V. Chernikov atf_set require.user root 400d7cdd897SAlexander V. Chernikov atf_set require.progs scapy 401d7cdd897SAlexander V. Chernikov} 402d7cdd897SAlexander V. Chernikov 403d7cdd897SAlexander V. Chernikovfwd_ip6_gu_icmp_gw_ll_slow_success_body() { 404d7cdd897SAlexander V. Chernikov 405d7cdd897SAlexander V. Chernikov ids=65524 406d7cdd897SAlexander V. Chernikov id=`printf "%x" ${ids}` 407d7cdd897SAlexander V. Chernikov if [ $$ -gt 65535 ]; then 408d7cdd897SAlexander V. Chernikov xl=`printf "%x" $(($$ - 65535))` 409d7cdd897SAlexander V. Chernikov yl="1" 410d7cdd897SAlexander V. Chernikov else 411d7cdd897SAlexander V. Chernikov xl=`printf "%x" $$` 412d7cdd897SAlexander V. Chernikov yl="" 413d7cdd897SAlexander V. Chernikov fi 414d7cdd897SAlexander V. Chernikov 415d7cdd897SAlexander V. Chernikov vnet_init 416d7cdd897SAlexander V. Chernikov 417d7cdd897SAlexander V. Chernikov ip6a="2001:db8:6666:0000:${yl}:${id}:1:${xl}" 418d7cdd897SAlexander V. Chernikov ip6b="2001:db8:6666:0000:${yl}:${id}:2:${xl}" 419d7cdd897SAlexander V. Chernikov plen=96 420d7cdd897SAlexander V. Chernikov 421d7cdd897SAlexander V. Chernikov src_ip="2001:db8:6666:0000:${yl}:${id}:3:${xl}" 422d7cdd897SAlexander V. Chernikov dst_ip="2001:db8:6666:0000:${yl}:${id}:4:${xl}" 423d7cdd897SAlexander V. Chernikov 424d7cdd897SAlexander V. Chernikov script_name="../common/sender.py" 425d7cdd897SAlexander V. Chernikov 426d7cdd897SAlexander V. Chernikov epair=$(vnet_mkepair) 427d7cdd897SAlexander V. Chernikov ifconfig ${epair}a up 428d7cdd897SAlexander V. Chernikov ifconfig ${epair}a inet6 ${ip6a}/${plen} 429d7cdd897SAlexander V. Chernikov 430d7cdd897SAlexander V. Chernikov jname="v6t-${id}-${yl}-${xl}" 431d7cdd897SAlexander V. Chernikov vnet_mkjail ${jname} ${epair}b 432d7cdd897SAlexander V. Chernikov jexec ${jname} ifconfig ${epair}b up 433d7cdd897SAlexander V. Chernikov jexec ${jname} ifconfig ${epair}b inet6 ${ip6b}/${plen} 434d7cdd897SAlexander V. Chernikov 435d7cdd897SAlexander V. Chernikov jail_mac=`jexec ${jname} ifconfig ${epair}b ether | awk '$1~/ether/{print$2}'` 436d7cdd897SAlexander V. Chernikov 437d7cdd897SAlexander V. Chernikov our_mac=`ifconfig ${epair}a ether | awk '$1~/ether/{print$2}'` 438d7cdd897SAlexander V. Chernikov our_ll_ip=`ifconfig ${epair}a inet6 | awk '$1~/inet6/&& $2~/^fe80:/{print$2}' | awk -F% '{print$1}'` 439d7cdd897SAlexander V. Chernikov 440d7cdd897SAlexander V. Chernikov # wait for DAD to complete 441d7cdd897SAlexander V. Chernikov while [ `jexec ${jname} ifconfig ${epair}b inet6 | grep -c tentative` != "0" ]; do 442d7cdd897SAlexander V. Chernikov sleep 0.1 443d7cdd897SAlexander V. Chernikov done 444d7cdd897SAlexander V. Chernikov while [ `ifconfig ${epair}a inet6 | grep -c tentative` != "0" ]; do 445d7cdd897SAlexander V. Chernikov sleep 0.1 446d7cdd897SAlexander V. Chernikov done 447d7cdd897SAlexander V. Chernikov 448d7cdd897SAlexander V. Chernikov # Add static route back to us 449d7cdd897SAlexander V. Chernikov atf_check -s exit:0 -o ignore jexec ${jname} route add -6 -host ${dst_ip} ${our_ll_ip}%${epair}b 450d7cdd897SAlexander V. Chernikov 451d7cdd897SAlexander V. Chernikov jexec ${jname} sysctl net.inet6.ip6.forwarding=1 452d7cdd897SAlexander V. Chernikov # Do not turn off route redirects to ensure slow path is on 453d7cdd897SAlexander V. Chernikov 454d7cdd897SAlexander V. Chernikov atf_check -s exit:0 $(atf_get_srcdir)/${script_name} \ 455d7cdd897SAlexander V. Chernikov --test_name fwd_ip6_icmp \ 456d7cdd897SAlexander V. Chernikov --smac ${our_mac} --dmac ${jail_mac} \ 457d7cdd897SAlexander V. Chernikov --sip ${src_ip} --dip ${dst_ip} \ 458d7cdd897SAlexander V. Chernikov --iface ${epair}a 459d7cdd897SAlexander V. Chernikov 460d7cdd897SAlexander V. Chernikov # check counters are valid 461d7cdd897SAlexander V. Chernikov atf_check -o match:'1 packet forwarded' jexec ${jname} netstat -sp ip6 462d7cdd897SAlexander V. Chernikov} 463d7cdd897SAlexander V. Chernikov 464d7cdd897SAlexander V. Chernikovfwd_ip6_gu_icmp_gw_ll_slow_success_cleanup() { 465d7cdd897SAlexander V. Chernikov 466d7cdd897SAlexander V. Chernikov vnet_cleanup 467d7cdd897SAlexander V. Chernikov} 468d7cdd897SAlexander V. Chernikov 469d7cdd897SAlexander V. Chernikovatf_init_test_cases() 470d7cdd897SAlexander V. Chernikov{ 471d7cdd897SAlexander V. Chernikov 472d7cdd897SAlexander V. Chernikov atf_add_test_case "fwd_ip6_gu_icmp_iface_fast_success" 473d7cdd897SAlexander V. Chernikov atf_add_test_case "fwd_ip6_gu_icmp_gw_gu_fast_success" 474d7cdd897SAlexander V. Chernikov atf_add_test_case "fwd_ip6_gu_icmp_gw_ll_fast_success" 475d7cdd897SAlexander V. Chernikov atf_add_test_case "fwd_ip6_gu_icmp_iface_slow_success" 476d7cdd897SAlexander V. Chernikov atf_add_test_case "fwd_ip6_gu_icmp_gw_gu_slow_success" 477d7cdd897SAlexander V. Chernikov atf_add_test_case "fwd_ip6_gu_icmp_gw_ll_slow_success" 478d7cdd897SAlexander V. Chernikov} 479d7cdd897SAlexander V. Chernikov 480d7cdd897SAlexander V. Chernikov# end 481d7cdd897SAlexander V. Chernikov 482