Lines Matching +full:bridge +full:- +full:enable
2 # SPDX-License-Identifier: GPL-2.0
4 # This test is for checking bridge neighbor suppression functionality. The
6 # host is connected to each bridge over multiple VLANs. The test checks that
10 # +-----------------------+ +------------------------+
22 # +----|------------------+ +----|-------------------+
25 # +----|-------------------------------+ +----|-------------------------------+
29 # | +------------+-----------+ | | +------------+-----------+ |
32 # | +---+---+ | | +---+---+ |
43 # | veth0 +-------+ veth0 |
46 # +------------------------------------+ +------------------------------------+
51 # All tests in this script. Can be overridden with -t option.
71 if [ ${rc} -eq ${expected} ]; then
72 printf "TEST: %-60s [ OK ]\n" "${msg}"
77 printf "TEST: %-60s [FAIL]\n" "${msg}"
113 if [ "$VERBOSE" = "1" -a -n "$out" ]; then
129 pkts=$(tc -n $ns -j -s filter show $id \
142 ip netns exec $ns sysctl -qw net.ipv6.conf.all.keep_addr_on_down=1
143 ip netns exec $ns sysctl -qw net.ipv6.conf.default.ignore_routes_with_linkdown=1
144 ip netns exec $ns sysctl -qw net.ipv6.conf.all.accept_dad=0
145 ip netns exec $ns sysctl -qw net.ipv6.conf.default.accept_dad=0
178 ip -n $ns link set dev eth0 up
179 ip -n $ns link add link eth0 name eth0.10 up type vlan id 10
180 ip -n $ns link add link eth0 name eth0.20 up type vlan id 20
182 ip -n $ns address add $v4addr1 dev eth0.10
183 ip -n $ns address add $v4addr2 dev eth0.20
184 ip -n $ns address add $v6addr1 dev eth0.10
185 ip -n $ns address add $v6addr2 dev eth0.20
218 ip -n $ns address add $local_addr/32 dev lo
220 ip -n $ns link set dev veth0 up
221 ip -n $ns address add $veth_addr/28 dev veth0
222 ip -n $ns route add default via $gw_addr
224 ip -n $ns link add name br0 up type bridge vlan_filtering 1 \
227 ip -n $ns link add link br0 name br0.10 up type vlan id 10
228 bridge -n $ns vlan add vid 10 dev br0 self
230 ip -n $ns link add link br0 name br0.20 up type vlan id 20
231 bridge -n $ns vlan add vid 20 dev br0 self
233 ip -n $ns link set dev swp1 up master br0
234 bridge -n $ns vlan add vid 10 dev swp1
235 bridge -n $ns vlan add vid 20 dev swp1
237 ip -n $ns link add name vx0 up master br0 type vxlan \
239 bridge -n $ns fdb add 00:00:00:00:00:00 dev vx0 self static \
241 bridge -n $ns fdb add 00:00:00:00:00:00 dev vx0 self static \
243 bridge -n $ns link set dev vx0 vlan_tunnel on learning off
245 bridge -n $ns vlan add vid 10 dev vx0
246 bridge -n $ns vlan add vid 10 dev vx0 tunnel_info id 10010
248 bridge -n $ns vlan add vid 20 dev vx0
249 bridge -n $ns vlan add vid 20 dev vx0 tunnel_info id 10020
276 set -e
305 echo "Per-port ARP suppression - VLAN $vid"
306 echo "----------------------------------"
308 run_cmd "tc -n $sw1 qdisc replace dev vx0 clsact"
309 …run_cmd "tc -n $sw1 filter replace dev vx0 egress pref 1 handle 101 proto 0x0806 flower indev swp1…
311 # Initial state - check that ARP requests are not suppressed and that
313 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip -I eth0.$vid $tip"
318 # Enable neighbor suppression and check that nothing changes compared
320 run_cmd "bridge -n $sw1 link set dev vx0 neigh_suppress on"
321 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_suppress on\""
324 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip -I eth0.$vid $tip"
331 h2_mac=$(ip -n $h2 -j -p link show eth0.$vid | jq -r '.[]["address"]')
332 run_cmd "bridge -n $sw1 fdb replace $h2_mac dev vx0 master static vlan $vid"
335 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip -I eth0.$vid $tip"
342 run_cmd "ip -n $sw1 neigh replace $tip lladdr $h2_mac nud permanent dev br0.$vid"
345 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip -I eth0.$vid $tip"
352 run_cmd "ip -n $h2 link set dev eth0.$vid down"
355 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip -I eth0.$vid $tip"
360 run_cmd "ip -n $h2 link set dev eth0.$vid up"
365 run_cmd "bridge -n $sw1 link set dev vx0 neigh_suppress off"
366 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_suppress off\""
369 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip -I eth0.$vid $tip"
376 run_cmd "ip -n $h2 link set dev eth0.$vid down"
379 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip -I eth0.$vid $tip"
408 echo "Per-port NS suppression - VLAN $vid"
409 echo "---------------------------------"
411 run_cmd "tc -n $sw1 qdisc replace dev vx0 clsact"
412 …run_cmd "tc -n $sw1 filter replace dev vx0 egress pref 1 handle 101 proto ipv6 flower indev swp1 i…
414 # Initial state - check that NS messages are not suppressed and that ND
416 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr -w 5000 $daddr eth0.$vid"
421 # Enable neighbor suppression and check that nothing changes compared
423 run_cmd "bridge -n $sw1 link set dev vx0 neigh_suppress on"
424 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_suppress on\""
427 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr -w 5000 $daddr eth0.$vid"
434 h2_mac=$(ip -n $h2 -j -p link show eth0.$vid | jq -r '.[]["address"]')
435 run_cmd "bridge -n $sw1 fdb replace $h2_mac dev vx0 master static vlan $vid"
438 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr -w 5000 $daddr eth0.$vid"
445 run_cmd "ip -n $sw1 neigh replace $daddr lladdr $h2_mac nud permanent dev br0.$vid"
448 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr -w 5000 $daddr eth0.$vid"
455 run_cmd "ip -n $h2 link set dev eth0.$vid down"
458 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr -w 5000 $daddr eth0.$vid"
463 run_cmd "ip -n $h2 link set dev eth0.$vid up"
468 run_cmd "bridge -n $sw1 link set dev vx0 neigh_suppress off"
469 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_suppress off\""
472 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr -w 5000 $daddr eth0.$vid"
479 run_cmd "ip -n $h2 link set dev eth0.$vid down"
482 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr -w 5000 $daddr eth0.$vid"
517 echo "Per-{Port, VLAN} ARP suppression"
518 echo "--------------------------------"
520 run_cmd "tc -n $sw1 qdisc replace dev vx0 clsact"
521 …run_cmd "tc -n $sw1 filter replace dev vx0 egress pref 1 handle 101 proto 0x0806 flower indev swp1…
522 …run_cmd "tc -n $sw1 filter replace dev vx0 egress pref 1 handle 102 proto 0x0806 flower indev swp1…
524 h2_mac1=$(ip -n $h2 -j -p link show eth0.$vid1 | jq -r '.[]["address"]')
525 h2_mac2=$(ip -n $h2 -j -p link show eth0.$vid2 | jq -r '.[]["address"]')
526 run_cmd "bridge -n $sw1 fdb replace $h2_mac1 dev vx0 master static vlan $vid1"
527 run_cmd "bridge -n $sw1 fdb replace $h2_mac2 dev vx0 master static vlan $vid2"
528 run_cmd "ip -n $sw1 neigh replace $tip1 lladdr $h2_mac1 nud permanent dev br0.$vid1"
529 run_cmd "ip -n $sw1 neigh replace $tip2 lladdr $h2_mac2 nud permanent dev br0.$vid2"
531 # Enable per-{Port, VLAN} neighbor suppression and check that ARP
533 run_cmd "bridge -n $sw1 link set dev vx0 neigh_vlan_suppress on"
534 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_vlan_suppress on\""
537 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip1 -I eth0.$vid1 $tip1"
539 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip2 -I eth0.$vid2 $tip2"
547 # Enable neighbor suppression on VLAN 10 and check that only on this
549 run_cmd "bridge -n $sw1 vlan set vid $vid1 dev vx0 neigh_suppress on"
550 run_cmd "bridge -n $sw1 -d vlan show dev vx0 vid $vid1 | grep \"neigh_suppress on\""
552 run_cmd "bridge -n $sw1 -d vlan show dev vx0 vid $vid2 | grep \"neigh_suppress off\""
555 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip1 -I eth0.$vid1 $tip1"
557 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip2 -I eth0.$vid2 $tip2"
565 # Enable neighbor suppression on the port and check that it has no
567 run_cmd "bridge -n $sw1 link set dev vx0 neigh_suppress on"
568 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_suppress on\""
571 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip1 -I eth0.$vid1 $tip1"
573 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip2 -I eth0.$vid2 $tip2"
583 run_cmd "bridge -n $sw1 link set dev vx0 neigh_suppress off"
584 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_suppress off\""
587 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip1 -I eth0.$vid1 $tip1"
589 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip2 -I eth0.$vid2 $tip2"
599 run_cmd "bridge -n $sw1 vlan set vid $vid1 dev vx0 neigh_suppress off"
600 run_cmd "bridge -n $sw1 -d vlan show dev vx0 vid $vid1 | grep \"neigh_suppress off\""
603 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip1 -I eth0.$vid1 $tip1"
605 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip2 -I eth0.$vid2 $tip2"
613 # Disable per-{Port, VLAN} neighbor suppression, enable neighbor
616 run_cmd "bridge -n $sw1 link set dev vx0 neigh_vlan_suppress off"
617 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_vlan_suppress off\""
620 run_cmd "bridge -n $sw1 link set dev vx0 neigh_suppress on"
621 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_suppress on\""
624 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip1 -I eth0.$vid1 $tip1"
626 run_cmd "ip netns exec $h1 arping -q -b -c 1 -w 5 -s $sip2 -I eth0.$vid2 $tip2"
648 echo "Per-{Port, VLAN} NS suppression"
649 echo "-------------------------------"
651 run_cmd "tc -n $sw1 qdisc replace dev vx0 clsact"
652 …run_cmd "tc -n $sw1 filter replace dev vx0 egress pref 1 handle 101 proto ipv6 flower indev swp1 i…
653 …run_cmd "tc -n $sw1 filter replace dev vx0 egress pref 1 handle 102 proto ipv6 flower indev swp1 i…
655 h2_mac1=$(ip -n $h2 -j -p link show eth0.$vid1 | jq -r '.[]["address"]')
656 h2_mac2=$(ip -n $h2 -j -p link show eth0.$vid2 | jq -r '.[]["address"]')
657 run_cmd "bridge -n $sw1 fdb replace $h2_mac1 dev vx0 master static vlan $vid1"
658 run_cmd "bridge -n $sw1 fdb replace $h2_mac2 dev vx0 master static vlan $vid2"
659 run_cmd "ip -n $sw1 neigh replace $daddr1 lladdr $h2_mac1 nud permanent dev br0.$vid1"
660 run_cmd "ip -n $sw1 neigh replace $daddr2 lladdr $h2_mac2 nud permanent dev br0.$vid2"
662 # Enable per-{Port, VLAN} neighbor suppression and check that NS
664 run_cmd "bridge -n $sw1 link set dev vx0 neigh_vlan_suppress on"
665 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_vlan_suppress on\""
668 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr1 -w 5000 $daddr1 eth0.$vid1"
670 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr2 -w 5000 $daddr2 eth0.$vid2"
678 # Enable neighbor suppression on VLAN 10 and check that only on this
680 run_cmd "bridge -n $sw1 vlan set vid $vid1 dev vx0 neigh_suppress on"
681 run_cmd "bridge -n $sw1 -d vlan show dev vx0 vid $vid1 | grep \"neigh_suppress on\""
683 run_cmd "bridge -n $sw1 -d vlan show dev vx0 vid $vid2 | grep \"neigh_suppress off\""
686 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr1 -w 5000 $daddr1 eth0.$vid1"
688 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr2 -w 5000 $daddr2 eth0.$vid2"
696 # Enable neighbor suppression on the port and check that it has no
698 run_cmd "bridge -n $sw1 link set dev vx0 neigh_suppress on"
699 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_suppress on\""
702 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr1 -w 5000 $daddr1 eth0.$vid1"
704 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr2 -w 5000 $daddr2 eth0.$vid2"
714 run_cmd "bridge -n $sw1 link set dev vx0 neigh_suppress off"
715 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_suppress off\""
718 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr1 -w 5000 $daddr1 eth0.$vid1"
720 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr2 -w 5000 $daddr2 eth0.$vid2"
730 run_cmd "bridge -n $sw1 vlan set vid $vid1 dev vx0 neigh_suppress off"
731 run_cmd "bridge -n $sw1 -d vlan show dev vx0 vid $vid1 | grep \"neigh_suppress off\""
734 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr1 -w 5000 $daddr1 eth0.$vid1"
736 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr2 -w 5000 $daddr2 eth0.$vid2"
744 # Disable per-{Port, VLAN} neighbor suppression, enable neighbor
747 run_cmd "bridge -n $sw1 link set dev vx0 neigh_vlan_suppress off"
748 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_vlan_suppress off\""
751 run_cmd "bridge -n $sw1 link set dev vx0 neigh_suppress on"
752 run_cmd "bridge -n $sw1 -d link show dev vx0 | grep \"neigh_suppress on\""
755 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr1 -w 5000 $daddr1 eth0.$vid1"
757 run_cmd "ip netns exec $h1 ndisc6 -q -r 1 -s $saddr2 -w 5000 $daddr2 eth0.$vid2"
774 -t <test> Test(s) to run (default: all)
776 -p Pause on fail
777 -P Pause after each test before cleanup
778 -v Verbose mode (show commands and output)
801 if [ "$(id -u)" -ne 0 ];then
806 if [ ! -x "$(command -v ip)" ]; then
811 if [ ! -x "$(command -v bridge)" ]; then
812 echo "SKIP: Could not run test without bridge tool"
816 if [ ! -x "$(command -v tc)" ]; then
821 if [ ! -x "$(command -v arping)" ]; then
826 if [ ! -x "$(command -v ndisc6)" ]; then
831 if [ ! -x "$(command -v jq)" ]; then
836 bridge link help 2>&1 | grep -q "neigh_vlan_suppress"
837 if [ $? -ne 0 ]; then
838 echo "SKIP: iproute2 bridge too old, missing per-VLAN neighbor suppression support"