Lines Matching +full:bridge +full:- +full:enable
2 # SPDX-License-Identifier: GPL-2.0
4 # This test is for checking bridge neighbor suppression functionality. The
6 # host is connected to each bridge over multiple VLANs. The test checks that
10 # +-----------------------+ +------------------------+
22 # +----|------------------+ +----|-------------------+
25 # +----|-------------------------------+ +----|-------------------------------+
29 # | +------------+-----------+ | | +------------+-----------+ |
32 # | +---+---+ | | +---+---+ |
43 # | veth0 +-------+ veth0 |
46 # +------------------------------------+ +------------------------------------+
51 # All tests in this script. Can be overridden with -t option.
71 if [ ${rc} -eq ${expected} ]; then
72 printf "TEST: %-60s [ OK ]\n" "${msg}"
77 printf "TEST: %-60s [FAIL]\n" "${msg}"
113 if [ "$VERBOSE" = "1" -a -n "$out" ]; then
129 pkts=$(tc -n $ns -j -s filter show $id \
142 ip netns exec $ns sysctl -qw net.ipv6.conf.all.keep_addr_on_down=1
143 ip netns exec $ns sysctl -qw net.ipv6.conf.default.ignore_routes_with_linkdown=1
144 ip netns exec $ns sysctl -qw net.ipv6.conf.all.accept_dad=0
145 ip netns exec $ns sysctl -qw net.ipv6.conf.default.accept_dad=0
157 ip -n $h1 link add name eth0 type veth peer name swp1 netns $sw1
158 ip -n $sw1 link add name veth0 type veth peer name veth0 netns $sw2
159 ip -n $h2 link add name eth0 type veth peer name swp1 netns $sw2
170 ip -n $ns link set dev eth0 up
171 ip -n $ns link add link eth0 name eth0.10 up type vlan id 10
172 ip -n $ns link add link eth0 name eth0.20 up type vlan id 20
174 ip -n $ns address add $v4addr1 dev eth0.10
175 ip -n $ns address add $v4addr2 dev eth0.20
176 ip -n $ns address add $v6addr1 dev eth0.10
177 ip -n $ns address add $v6addr2 dev eth0.20
210 ip -n $ns address add $local_addr/32 dev lo
212 ip -n $ns link set dev veth0 up
213 ip -n $ns address add $veth_addr/28 dev veth0
214 ip -n $ns route add default via $gw_addr
216 ip -n $ns link add name br0 up type bridge vlan_filtering 1 \
219 ip -n $ns link add link br0 name br0.10 up type vlan id 10
220 bridge -n $ns vlan add vid 10 dev br0 self
222 ip -n $ns link add link br0 name br0.20 up type vlan id 20
223 bridge -n $ns vlan add vid 20 dev br0 self
225 ip -n $ns link set dev swp1 up master br0
226 bridge -n $ns vlan add vid 10 dev swp1
227 bridge -n $ns vlan add vid 20 dev swp1
229 ip -n $ns link add name vx0 up master br0 type vxlan \
231 bridge -n $ns fdb add 00:00:00:00:00:00 dev vx0 self static \
233 bridge -n $ns fdb add 00:00:00:00:00:00 dev vx0 self static \
235 bridge -n $ns link set dev vx0 vlan_tunnel on learning off
237 bridge -n $ns vlan add vid 10 dev vx0
238 bridge -n $ns vlan add vid 10 dev vx0 tunnel_info id 10010
240 bridge -n $ns vlan add vid 20 dev vx0
241 bridge -n $ns vlan add vid 20 dev vx0 tunnel_info id 10020
268 set -e
297 echo "Per-port ARP suppression - VLAN $vid"
298 echo "----------------------------------"
300 run_cmd "tc -n $sw1 qdisc replace dev vx0 clsact"
301 …run_cmd "tc -n $sw1 filter replace dev vx0 egress pref 1 handle 101 proto 0x0806 flower indev swp1…
303 # Initial state - check that ARP requests are not suppressed and that
305 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip -I eth0.$vid $tip"
310 # Enable neighbor suppression and check that nothing changes compared
312 run_cmd "bridge -n $sw1 link set dev vx0 neigh_suppress on"
313 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_suppress on\""
316 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip -I eth0.$vid $tip"
323 h2_mac=$(ip -n $h2 -j -p link show eth0.$vid | jq -r '.[]["address"]')
324 run_cmd "bridge -n $sw1 fdb replace $h2_mac dev vx0 master static vlan $vid"
327 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip -I eth0.$vid $tip"
334 run_cmd "ip -n $sw1 neigh replace $tip lladdr $h2_mac nud permanent dev br0.$vid"
337 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip -I eth0.$vid $tip"
344 run_cmd "ip -n $h2 link set dev eth0.$vid down"
347 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip -I eth0.$vid $tip"
352 run_cmd "ip -n $h2 link set dev eth0.$vid up"
357 run_cmd "bridge -n $sw1 link set dev vx0 neigh_suppress off"
358 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_suppress off\""
361 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip -I eth0.$vid $tip"
368 run_cmd "ip -n $h2 link set dev eth0.$vid down"
371 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip -I eth0.$vid $tip"
400 echo "Per-port NS suppression - VLAN $vid"
401 echo "---------------------------------"
403 run_cmd "tc -n $sw1 qdisc replace dev vx0 clsact"
404 …run_cmd "tc -n $sw1 filter replace dev vx0 egress pref 1 handle 101 proto ipv6 flower indev swp1 i…
406 # Initial state - check that NS messages are not suppressed and that ND
408 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr -w 5000 $daddr eth0.$vid"
413 # Enable neighbor suppression and check that nothing changes compared
415 run_cmd "bridge -n $sw1 link set dev vx0 neigh_suppress on"
416 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_suppress on\""
419 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr -w 5000 $daddr eth0.$vid"
426 h2_mac=$(ip -n $h2 -j -p link show eth0.$vid | jq -r '.[]["address"]')
427 run_cmd "bridge -n $sw1 fdb replace $h2_mac dev vx0 master static vlan $vid"
430 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr -w 5000 $daddr eth0.$vid"
437 run_cmd "ip -n $sw1 neigh replace $daddr lladdr $h2_mac nud permanent dev br0.$vid"
440 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr -w 5000 $daddr eth0.$vid"
447 run_cmd "ip -n $h2 link set dev eth0.$vid down"
450 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr -w 5000 $daddr eth0.$vid"
455 run_cmd "ip -n $h2 link set dev eth0.$vid up"
460 run_cmd "bridge -n $sw1 link set dev vx0 neigh_suppress off"
461 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_suppress off\""
464 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr -w 5000 $daddr eth0.$vid"
471 run_cmd "ip -n $h2 link set dev eth0.$vid down"
474 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr -w 5000 $daddr eth0.$vid"
509 echo "Per-{Port, VLAN} ARP suppression"
510 echo "--------------------------------"
512 run_cmd "tc -n $sw1 qdisc replace dev vx0 clsact"
513 …run_cmd "tc -n $sw1 filter replace dev vx0 egress pref 1 handle 101 proto 0x0806 flower indev swp1…
514 …run_cmd "tc -n $sw1 filter replace dev vx0 egress pref 1 handle 102 proto 0x0806 flower indev swp1…
516 h2_mac1=$(ip -n $h2 -j -p link show eth0.$vid1 | jq -r '.[]["address"]')
517 h2_mac2=$(ip -n $h2 -j -p link show eth0.$vid2 | jq -r '.[]["address"]')
518 run_cmd "bridge -n $sw1 fdb replace $h2_mac1 dev vx0 master static vlan $vid1"
519 run_cmd "bridge -n $sw1 fdb replace $h2_mac2 dev vx0 master static vlan $vid2"
520 run_cmd "ip -n $sw1 neigh replace $tip1 lladdr $h2_mac1 nud permanent dev br0.$vid1"
521 run_cmd "ip -n $sw1 neigh replace $tip2 lladdr $h2_mac2 nud permanent dev br0.$vid2"
523 # Enable per-{Port, VLAN} neighbor suppression and check that ARP
525 run_cmd "bridge -n $sw1 link set dev vx0 neigh_vlan_suppress on"
526 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_vlan_suppress on\""
529 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip1 -I eth0.$vid1 $tip1"
531 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip2 -I eth0.$vid2 $tip2"
539 # Enable neighbor suppression on VLAN 10 and check that only on this
541 run_cmd "bridge -n $sw1 vlan set vid $vid1 dev vx0 neigh_suppress on"
542 run_cmd "bridge -n $sw1 -d vlan show dev vx0 vid $vid1 | grep \"neigh_suppress on\""
544 run_cmd "bridge -n $sw1 -d vlan show dev vx0 vid $vid2 | grep \"neigh_suppress off\""
547 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip1 -I eth0.$vid1 $tip1"
549 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip2 -I eth0.$vid2 $tip2"
557 # Enable neighbor suppression on the port and check that it has no
559 run_cmd "bridge -n $sw1 link set dev vx0 neigh_suppress on"
560 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_suppress on\""
563 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip1 -I eth0.$vid1 $tip1"
565 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip2 -I eth0.$vid2 $tip2"
575 run_cmd "bridge -n $sw1 link set dev vx0 neigh_suppress off"
576 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_suppress off\""
579 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip1 -I eth0.$vid1 $tip1"
581 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip2 -I eth0.$vid2 $tip2"
591 run_cmd "bridge -n $sw1 vlan set vid $vid1 dev vx0 neigh_suppress off"
592 run_cmd "bridge -n $sw1 -d vlan show dev vx0 vid $vid1 | grep \"neigh_suppress off\""
595 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip1 -I eth0.$vid1 $tip1"
597 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip2 -I eth0.$vid2 $tip2"
605 # Disable per-{Port, VLAN} neighbor suppression, enable neighbor
608 run_cmd "bridge -n $sw1 link set dev vx0 neigh_vlan_suppress off"
609 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_vlan_suppress off\""
612 run_cmd "bridge -n $sw1 link set dev vx0 neigh_suppress on"
613 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_suppress on\""
616 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip1 -I eth0.$vid1 $tip1"
618 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip2 -I eth0.$vid2 $tip2"
640 echo "Per-{Port, VLAN} NS suppression"
641 echo "-------------------------------"
643 run_cmd "tc -n $sw1 qdisc replace dev vx0 clsact"
644 …run_cmd "tc -n $sw1 filter replace dev vx0 egress pref 1 handle 101 proto ipv6 flower indev swp1 i…
645 …run_cmd "tc -n $sw1 filter replace dev vx0 egress pref 1 handle 102 proto ipv6 flower indev swp1 i…
647 h2_mac1=$(ip -n $h2 -j -p link show eth0.$vid1 | jq -r '.[]["address"]')
648 h2_mac2=$(ip -n $h2 -j -p link show eth0.$vid2 | jq -r '.[]["address"]')
649 run_cmd "bridge -n $sw1 fdb replace $h2_mac1 dev vx0 master static vlan $vid1"
650 run_cmd "bridge -n $sw1 fdb replace $h2_mac2 dev vx0 master static vlan $vid2"
651 run_cmd "ip -n $sw1 neigh replace $daddr1 lladdr $h2_mac1 nud permanent dev br0.$vid1"
652 run_cmd "ip -n $sw1 neigh replace $daddr2 lladdr $h2_mac2 nud permanent dev br0.$vid2"
654 # Enable per-{Port, VLAN} neighbor suppression and check that NS
656 run_cmd "bridge -n $sw1 link set dev vx0 neigh_vlan_suppress on"
657 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_vlan_suppress on\""
660 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr1 -w 5000 $daddr1 eth0.$vid1"
662 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr2 -w 5000 $daddr2 eth0.$vid2"
670 # Enable neighbor suppression on VLAN 10 and check that only on this
672 run_cmd "bridge -n $sw1 vlan set vid $vid1 dev vx0 neigh_suppress on"
673 run_cmd "bridge -n $sw1 -d vlan show dev vx0 vid $vid1 | grep \"neigh_suppress on\""
675 run_cmd "bridge -n $sw1 -d vlan show dev vx0 vid $vid2 | grep \"neigh_suppress off\""
678 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr1 -w 5000 $daddr1 eth0.$vid1"
680 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr2 -w 5000 $daddr2 eth0.$vid2"
688 # Enable neighbor suppression on the port and check that it has no
690 run_cmd "bridge -n $sw1 link set dev vx0 neigh_suppress on"
691 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_suppress on\""
694 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr1 -w 5000 $daddr1 eth0.$vid1"
696 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr2 -w 5000 $daddr2 eth0.$vid2"
706 run_cmd "bridge -n $sw1 link set dev vx0 neigh_suppress off"
707 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_suppress off\""
710 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr1 -w 5000 $daddr1 eth0.$vid1"
712 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr2 -w 5000 $daddr2 eth0.$vid2"
722 run_cmd "bridge -n $sw1 vlan set vid $vid1 dev vx0 neigh_suppress off"
723 run_cmd "bridge -n $sw1 -d vlan show dev vx0 vid $vid1 | grep \"neigh_suppress off\""
726 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr1 -w 5000 $daddr1 eth0.$vid1"
728 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr2 -w 5000 $daddr2 eth0.$vid2"
736 # Disable per-{Port, VLAN} neighbor suppression, enable neighbor
739 run_cmd "bridge -n $sw1 link set dev vx0 neigh_vlan_suppress off"
740 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_vlan_suppress off\""
743 run_cmd "bridge -n $sw1 link set dev vx0 neigh_suppress on"
744 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_suppress on\""
747 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr1 -w 5000 $daddr1 eth0.$vid1"
749 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr2 -w 5000 $daddr2 eth0.$vid2"
766 -t <test> Test(s) to run (default: all)
768 -p Pause on fail
769 -P Pause after each test before cleanup
770 -v Verbose mode (show commands and output)
793 if [ "$(id -u)" -ne 0 ];then
798 if [ ! -x "$(command -v ip)" ]; then
803 if [ ! -x "$(command -v bridge)" ]; then
804 echo "SKIP: Could not run test without bridge tool"
808 if [ ! -x "$(command -v tc)" ]; then
813 if [ ! -x "$(command -v arping)" ]; then
818 if [ ! -x "$(command -v ndisc6)" ]; then
823 if [ ! -x "$(command -v jq)" ]; then
828 bridge link help 2>&1 | grep -q "neigh_vlan_suppress"
829 if [ $? -ne 0 ]; then
830 echo "SKIP: iproute2 bridge too old, missing per-VLAN neighbor suppression support"