Skip to content
This repository was archived by the owner on Nov 8, 2023. It is now read-only.

Commit 476a4f0

Browse files
vladimirolteandavem330
vladimiroltean
authored and
davem330
committed
selftests: forwarding: add a no_forwarding.sh test
Bombard a standalone switch port with various kinds of traffic to ensure it is really standalone and doesn't leak packets to other switch ports. Also check for switch ports in different bridges, and switch ports in a VLAN-aware bridge but having different pvids. No forwarding should take place in either case. Signed-off-by: Vladimir Oltean <[email protected]> Signed-off-by: David S. Miller <[email protected]>
1 parent a5114df commit 476a4f0

File tree

1 file changed

+261
-0
lines changed

1 file changed

+261
-0
lines changed

tools/testing/selftests/net/forwarding/no_forwarding.sh

Lines changed: 261 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,261 @@
1+
#!/bin/bash
2+
# SPDX-License-Identifier: GPL-2.0
3+
4+
ALL_TESTS="standalone two_bridges one_bridge_two_pvids"
5+
NUM_NETIFS=4
6+
7+
source lib.sh
8+
9+
h1=${NETIFS[p1]}
10+
h2=${NETIFS[p3]}
11+
swp1=${NETIFS[p2]}
12+
swp2=${NETIFS[p4]}
13+
14+
H1_IPV4="192.0.2.1"
15+
H2_IPV4="192.0.2.2"
16+
H1_IPV6="2001:db8:1::1"
17+
H2_IPV6="2001:db8:1::2"
18+
19+
IPV4_ALLNODES="224.0.0.1"
20+
IPV6_ALLNODES="ff02::1"
21+
MACV4_ALLNODES="01:00:5e:00:00:01"
22+
MACV6_ALLNODES="33:33:00:00:00:01"
23+
NON_IP_MC="01:02:03:04:05:06"
24+
NON_IP_PKT="00:04 48:45:4c:4f"
25+
BC="ff:ff:ff:ff:ff:ff"
26+
27+
# The full 4K VLAN space is too much to check, so strategically pick some
28+
# values which should provide reasonable coverage
29+
vids=(0 1 2 5 10 20 50 100 200 500 1000 1000 2000 4000 4094)
30+
31+
send_non_ip()
32+
{
33+
local if_name=$1
34+
local smac=$2
35+
local dmac=$3
36+
37+
$MZ -q $if_name "$dmac $smac $NON_IP_PKT"
38+
}
39+
40+
send_uc_ipv4()
41+
{
42+
local if_name=$1
43+
local dmac=$2
44+
45+
ip neigh add $H2_IPV4 lladdr $dmac dev $if_name
46+
ping_do $if_name $H2_IPV4
47+
ip neigh del $H2_IPV4 dev $if_name
48+
}
49+
50+
send_mc_ipv4()
51+
{
52+
local if_name=$1
53+
54+
ping_do $if_name $IPV4_ALLNODES "-I $if_name"
55+
}
56+
57+
send_uc_ipv6()
58+
{
59+
local if_name=$1
60+
local dmac=$2
61+
62+
ip -6 neigh add $H2_IPV6 lladdr $dmac dev $if_name
63+
ping6_do $if_name $H2_IPV6
64+
ip -6 neigh del $H2_IPV6 dev $if_name
65+
}
66+
67+
send_mc_ipv6()
68+
{
69+
local if_name=$1
70+
71+
ping6_do $if_name $IPV6_ALLNODES%$if_name
72+
}
73+
74+
check_rcv()
75+
{
76+
local if_name=$1
77+
local type=$2
78+
local pattern=$3
79+
local should_fail=1
80+
81+
RET=0
82+
83+
tcpdump_show $if_name | grep -q "$pattern"
84+
85+
check_err_fail "$should_fail" "$?" "reception"
86+
87+
log_test "$type"
88+
}
89+
90+
run_test()
91+
{
92+
local test_name="$1"
93+
local smac=$(mac_get $h1)
94+
local dmac=$(mac_get $h2)
95+
local h1_ipv6_lladdr=$(ipv6_lladdr_get $h1)
96+
local vid=
97+
98+
echo "$test_name: Sending packets"
99+
100+
tcpdump_start $h2
101+
102+
send_non_ip $h1 $smac $dmac
103+
send_non_ip $h1 $smac $NON_IP_MC
104+
send_non_ip $h1 $smac $BC
105+
send_uc_ipv4 $h1 $dmac
106+
send_mc_ipv4 $h1
107+
send_uc_ipv6 $h1 $dmac
108+
send_mc_ipv6 $h1
109+
110+
for vid in "${vids[@]}"; do
111+
vlan_create $h1 $vid
112+
simple_if_init $h1.$vid $H1_IPV4/24 $H1_IPV6/64
113+
114+
send_non_ip $h1.$vid $smac $dmac
115+
send_non_ip $h1.$vid $smac $NON_IP_MC
116+
send_non_ip $h1.$vid $smac $BC
117+
send_uc_ipv4 $h1.$vid $dmac
118+
send_mc_ipv4 $h1.$vid
119+
send_uc_ipv6 $h1.$vid $dmac
120+
send_mc_ipv6 $h1.$vid
121+
122+
simple_if_fini $h1.$vid $H1_IPV4/24 $H1_IPV6/64
123+
vlan_destroy $h1 $vid
124+
done
125+
126+
sleep 1
127+
128+
echo "$test_name: Checking which packets were received"
129+
130+
tcpdump_stop $h2
131+
132+
check_rcv $h2 "$test_name: Unicast non-IP untagged" \
133+
"$smac > $dmac, 802.3, length 4:"
134+
135+
check_rcv $h2 "$test_name: Multicast non-IP untagged" \
136+
"$smac > $NON_IP_MC, 802.3, length 4:"
137+
138+
check_rcv $h2 "$test_name: Broadcast non-IP untagged" \
139+
"$smac > $BC, 802.3, length 4:"
140+
141+
check_rcv $h2 "$test_name: Unicast IPv4 untagged" \
142+
"$smac > $dmac, ethertype IPv4 (0x0800)"
143+
144+
check_rcv $h2 "$test_name: Multicast IPv4 untagged" \
145+
"$smac > $MACV4_ALLNODES, ethertype IPv4 (0x0800).*: $H1_IPV4 > $IPV4_ALLNODES"
146+
147+
check_rcv $h2 "$test_name: Unicast IPv6 untagged" \
148+
"$smac > $dmac, ethertype IPv6 (0x86dd).*8: $H1_IPV6 > $H2_IPV6"
149+
150+
check_rcv $h2 "$test_name: Multicast IPv6 untagged" \
151+
"$smac > $MACV6_ALLNODES, ethertype IPv6 (0x86dd).*: $h1_ipv6_lladdr > $IPV6_ALLNODES"
152+
153+
for vid in "${vids[@]}"; do
154+
check_rcv $h2 "$test_name: Unicast non-IP VID $vid" \
155+
"$smac > $dmac, ethertype 802.1Q (0x8100).*vlan $vid,.*length 4"
156+
157+
check_rcv $h2 "$test_name: Multicast non-IP VID $vid" \
158+
"$smac > $NON_IP_MC, ethertype 802.1Q (0x8100).*vlan $vid,.*length 4"
159+
160+
check_rcv $h2 "$test_name: Broadcast non-IP VID $vid" \
161+
"$smac > $BC, ethertype 802.1Q (0x8100).*vlan $vid,.*length 4"
162+
163+
check_rcv $h2 "$test_name: Unicast IPv4 VID $vid" \
164+
"$smac > $dmac, ethertype 802.1Q (0x8100).*vlan $vid,.*ethertype IPv4 (0x0800), $H1_IPV4 > $H2_IPV4"
165+
166+
check_rcv $h2 "$test_name: Multicast IPv4 VID $vid" \
167+
"$smac > $MACV4_ALLNODES, ethertype 802.1Q (0x8100).*vlan $vid,.*ethertype IPv4 (0x0800), $H1_IPV4 > $IPV4_ALLNODES"
168+
169+
check_rcv $h2 "$test_name: Unicast IPv6 VID $vid" \
170+
"$smac > $dmac, ethertype 802.1Q (0x8100).*vlan $vid,.*ethertype IPv6 (0x86dd), $H1_IPV6 > $H2_IPV6"
171+
172+
check_rcv $h2 "$test_name: Multicast IPv6 VID $vid" \
173+
"$smac > $MACV6_ALLNODES, ethertype 802.1Q (0x8100).*vlan $vid,.*ethertype IPv6 (0x86dd), $h1_ipv6_lladdr > $IPV6_ALLNODES"
174+
done
175+
176+
tcpdump_cleanup $h2
177+
}
178+
179+
standalone()
180+
{
181+
run_test "Standalone switch ports"
182+
}
183+
184+
two_bridges()
185+
{
186+
ip link add br0 type bridge && ip link set br0 up
187+
ip link add br1 type bridge && ip link set br1 up
188+
ip link set $swp1 master br0
189+
ip link set $swp2 master br1
190+
191+
run_test "Switch ports in different bridges"
192+
193+
ip link del br1
194+
ip link del br0
195+
}
196+
197+
one_bridge_two_pvids()
198+
{
199+
ip link add br0 type bridge vlan_filtering 1 vlan_default_pvid 0
200+
ip link set br0 up
201+
ip link set $swp1 master br0
202+
ip link set $swp2 master br0
203+
204+
bridge vlan add dev $swp1 vid 1 pvid untagged
205+
bridge vlan add dev $swp1 vid 2 pvid untagged
206+
207+
run_test "Switch ports in VLAN-aware bridge with different PVIDs"
208+
209+
ip link del br0
210+
}
211+
212+
h1_create()
213+
{
214+
simple_if_init $h1 $H1_IPV4/24 $H1_IPV6/64
215+
}
216+
217+
h1_destroy()
218+
{
219+
simple_if_fini $h1 $H1_IPV4/24 $H1_IPV6/64
220+
}
221+
222+
h2_create()
223+
{
224+
simple_if_init $h2 $H2_IPV4/24 $H2_IPV6/64
225+
}
226+
227+
h2_destroy()
228+
{
229+
simple_if_fini $h2 $H2_IPV4/24 $H2_IPV6/64
230+
}
231+
232+
cleanup()
233+
{
234+
pre_cleanup
235+
236+
h2_destroy
237+
h1_destroy
238+
239+
vrf_cleanup
240+
}
241+
242+
setup_prepare()
243+
{
244+
vrf_prepare
245+
246+
h1_create
247+
h2_create
248+
# we call simple_if_init from the test itself, but setup_wait expects
249+
# that we call it from here, and waits until the interfaces are up
250+
ip link set dev $swp1 up
251+
ip link set dev $swp2 up
252+
}
253+
254+
trap cleanup EXIT
255+
256+
setup_prepare
257+
setup_wait
258+
259+
tests_run
260+
261+
exit $EXIT_STATUS

0 commit comments

Comments
 (0)