xref: /linux/tools/testing/selftests/drivers/net/mlxsw/ingress_rif_conf_1q.sh (revision 3a5ddc88)

#!/bin/bash
# SPDX-License-Identifier: GPL-2.0

# Test routing over bridge and verify that the order of configuration does not
# impact switch behavior. Verify that RIF is added correctly for existing
# mapping and that packets can be routed via port which is added after the FID
# already has a RIF.

# +-------------------+                   +--------------------+
# | H1                |                   | H2                 |
# |                   |                   |                    |
# |         $h1.10 +  |                   |  + $h2.10          |
# |   192.0.2.1/28 |  |                   |  | 192.0.2.3/28    |
# |                |  |                   |  |                 |
# |            $h1 +  |                   |  + $h2             |
# +----------------|--+                   +--|-----------------+
#                  |                         |
# +----------------|-------------------------|-----------------+
# | SW             |                         |                 |
# | +--------------|-------------------------|---------------+ |
# | |        $swp1 +                         + $swp2         | |
# | |                                                        | |
# | |                           br0                          | |
# | +--------------------------------------------------------+ |
# |                              |                             |
# |                           br0.10                           |
# |                        192.0.2.2/28                        |
# |                                                            |
# |                                                            |
# |          $swp3 +                                           |
# |  192.0.2.17/28 |                                           |
# +----------------|-------------------------------------------+
#                  |
# +----------------|--+
# |            $h3 +  |
# |  192.0.2.18/28    |
# |                   |
# | H3                |
# +-------------------+

lib_dir=$(dirname $0)/../../../net/forwarding

ALL_TESTS="
	vid_map_rif
	rif_vid_map
"

NUM_NETIFS=6
source $lib_dir/lib.sh
source $lib_dir/tc_common.sh
source $lib_dir/devlink_lib.sh

h1_create()
{
	simple_if_init $h1
	vlan_create $h1 10 v$h1 192.0.2.1/28

	ip route add 192.0.2.16/28 vrf v$h1 nexthop via 192.0.2.2
}

h1_destroy()
{
	ip route del 192.0.2.16/28 vrf v$h1 nexthop via 192.0.2.2

	vlan_destroy $h1 10
	simple_if_fini $h1
}

h2_create()
{
	simple_if_init $h2
	vlan_create $h2 10 v$h2 192.0.2.3/28
}

h2_destroy()
{
	vlan_destroy $h2 10
	simple_if_fini $h2
}

h3_create()
{
	simple_if_init $h3 192.0.2.18/28
	ip route add 192.0.2.0/28 vrf v$h3 nexthop via 192.0.2.17
}

h3_destroy()
{
	ip route del 192.0.2.0/28 vrf v$h3 nexthop via 192.0.2.17
	simple_if_fini $h3 192.0.2.18/28
}

switch_create()
{
	ip link set dev $swp1 up

	ip link add dev br0 type bridge vlan_filtering 1 mcast_snooping 0

	# By default, a link-local address is generated when netdevice becomes
	# up. Adding an address to the bridge will cause creating a RIF for it.
	# Prevent generating link-local address to be able to control when the
	# RIF is added.
	sysctl_set net.ipv6.conf.br0.addr_gen_mode 1
	ip link set dev br0 up

	ip link set dev $swp2 up
	ip link set dev $swp2 master br0
	bridge vlan add vid 10 dev $swp2

	ip link set dev $swp3 up
	__addr_add_del $swp3 add 192.0.2.17/28
	tc qdisc add dev $swp3 clsact

	# Replace neighbor to avoid 1 packet which is forwarded in software due
	# to "unresolved neigh".
	ip neigh replace dev $swp3 192.0.2.18 lladdr $(mac_get $h3)
}

switch_destroy()
{
	tc qdisc del dev $swp3 clsact
	__addr_add_del $swp3 del 192.0.2.17/28
	ip link set dev $swp3 down

	bridge vlan del vid 10 dev $swp2
	ip link set dev $swp2 nomaster
	ip link set dev $swp2 down

	ip link set dev br0 down
	sysctl_restore net.ipv6.conf.br0.addr_gen_mode
	ip link del dev br0

	ip link set dev $swp1 down
}

setup_prepare()
{
	h1=${NETIFS[p1]}
	swp1=${NETIFS[p2]}

	swp2=${NETIFS[p3]}
	h2=${NETIFS[p4]}

	swp3=${NETIFS[p5]}
	h3=${NETIFS[p6]}

	vrf_prepare
	forwarding_enable

	h1_create
	h2_create
	h3_create

	switch_create
}

cleanup()
{
	pre_cleanup

	switch_destroy

	h3_destroy
	h2_destroy
	h1_destroy

	forwarding_restore
	vrf_cleanup
}

bridge_rif_add()
{
	rifs_occ_t0=$(devlink_resource_occ_get rifs)
	vlan_create br0 10 "" 192.0.2.2/28
	rifs_occ_t1=$(devlink_resource_occ_get rifs)

	expected_rifs=$((rifs_occ_t0 + 1))

	[[ $expected_rifs -eq $rifs_occ_t1 ]]
	check_err $? "Expected $expected_rifs RIFs, $rifs_occ_t1 are used"

	sleep 1
}

bridge_rif_del()
{
	vlan_destroy br0 10
}

vid_map_rif()
{
	RET=0

	# First add VID->FID for vlan 10, then add a RIF and verify that
	# packets can be routed via the existing mapping.
	bridge vlan add vid 10 dev br0 self
	ip link set dev $swp1 master br0
	bridge vlan add vid 10 dev $swp1

	bridge_rif_add

	tc filter add dev $swp3 egress protocol ip pref 1 handle 101 \
		flower skip_sw dst_ip 192.0.2.18 action pass

	ping_do $h1.10 192.0.2.18
	check_err $? "Ping failed"

	tc_check_at_least_x_packets "dev $swp3 egress" 101 10
	check_err $? "Packets were not routed in hardware"

	log_test "Add RIF for existing VID->FID mapping"

	tc filter del dev $swp3 egress

	bridge_rif_del

	bridge vlan del vid 10 dev $swp1
	ip link set dev $swp1 nomaster
	bridge vlan del vid 10 dev br0 self
}

rif_vid_map()
{
	RET=0

	# Using 802.1Q, there is only one VID->FID map for each VID. That means
	# that we cannot really check adding a new map for existing FID with a
	# RIF. Verify that packets can be routed via port which is added after
	# the FID already has a RIF, although in practice there is no new
	# mapping in the hardware.
	bridge vlan add vid 10 dev br0 self
	bridge_rif_add

	ip link set dev $swp1 master br0
	bridge vlan add vid 10 dev $swp1

	tc filter add dev $swp3 egress protocol ip pref 1 handle 101 \
		flower skip_sw dst_ip 192.0.2.18 action pass

	ping_do $h1.10 192.0.2.18
	check_err $? "Ping failed"

	tc_check_at_least_x_packets "dev $swp3 egress" 101 10
	check_err $? "Packets were not routed in hardware"

	log_test "Add port to VID->FID mapping for FID with a RIF"

	tc filter del dev $swp3 egress

	bridge vlan del vid 10 dev $swp1
	ip link set dev $swp1 nomaster

	bridge_rif_del
	bridge vlan del vid 10 dev br0 self
}

trap cleanup EXIT

setup_prepare
setup_wait

tests_run

exit $EXIT_STATUS