1#!/bin/bash
2# SPDX-License-Identifier: GPL-2.0
3
4# Test for "tc action mirred egress mirror" when the underlay route points at a
5# bridge device with vlan filtering (802.1q), and the egress device is a team
6# device.
7#
8# +----------------------+                             +----------------------+
9# | H1                   |                             |                   H2 |
10# |     + $h1.333        |                             |        $h1.555 +     |
11# |     | 192.0.2.1/28   |                             |  192.0.2.18/28 |     |
12# +-----|----------------+                             +----------------|-----+
13#       |                               $h1                             |
14#       +--------------------------------+------------------------------+
15#                                        |
16# +--------------------------------------|------------------------------------+
17# | SW                                   o---> mirror                         |
18# |                                      |                                    |
19# |     +--------------------------------+------------------------------+     |
20# |     |                              $swp1                            |     |
21# |     + $swp1.333                                           $swp1.555 +     |
22# |       192.0.2.2/28                                    192.0.2.17/28       |
23# |                                                                           |
24# | +-----------------------------------------------------------------------+ |
25# | |                        BR1 (802.1q)                                   | |
26# | |     + lag (team)       192.0.2.129/28                                 | |
27# | |    / \                 2001:db8:2::1/64                               | |
28# | +---/---\---------------------------------------------------------------+ |
29# |    /     \                                                            ^   |
30# |   |       \                                        + gt4 (gretap)     |   |
31# |   |        \                                         loc=192.0.2.129  |   |
32# |   |         \                                        rem=192.0.2.130 -+   |
33# |   |          \                                       ttl=100              |
34# |   |           \                                      tos=inherit          |
35# |   |            \                                                          |
36# |   |             \_________________________________                        |
37# |   |                                               \                       |
38# |   + $swp3                                          + $swp4                |
39# +---|------------------------------------------------|----------------------+
40#     |                                                |
41# +---|----------------------+                     +---|----------------------+
42# |   + $h3               H3 |                     |   + $h4               H4 |
43# |     192.0.2.130/28       |                     |     192.0.2.130/28       |
44# |     2001:db8:2::2/64     |                     |     2001:db8:2::2/64     |
45# +--------------------------+                     +--------------------------+
46
47ALL_TESTS="
48	test_mirror_gretap_first
49	test_mirror_gretap_second
50"
51
52REQUIRE_TEAMD="yes"
53NUM_NETIFS=6
54source lib.sh
55source mirror_lib.sh
56source mirror_gre_lib.sh
57
58require_command $ARPING
59
60vlan_host_create()
61{
62	local if_name=$1; shift
63	local vid=$1; shift
64	local vrf_name=$1; shift
65	local ips=("${@}")
66
67	vrf_create $vrf_name
68	ip link set dev $vrf_name up
69	vlan_create $if_name $vid $vrf_name "${ips[@]}"
70}
71
72vlan_host_destroy()
73{
74	local if_name=$1; shift
75	local vid=$1; shift
76	local vrf_name=$1; shift
77
78	vlan_destroy $if_name $vid
79	ip link set dev $vrf_name down
80	vrf_destroy $vrf_name
81}
82
83h1_create()
84{
85	vlan_host_create $h1 333 vrf-h1 192.0.2.1/28
86	ip -4 route add 192.0.2.16/28 vrf vrf-h1 nexthop via 192.0.2.2
87}
88
89h1_destroy()
90{
91	ip -4 route del 192.0.2.16/28 vrf vrf-h1
92	vlan_host_destroy $h1 333 vrf-h1
93}
94
95h2_create()
96{
97	vlan_host_create $h1 555 vrf-h2 192.0.2.18/28
98	ip -4 route add 192.0.2.0/28 vrf vrf-h2 nexthop via 192.0.2.17
99}
100
101h2_destroy()
102{
103	ip -4 route del 192.0.2.0/28 vrf vrf-h2
104	vlan_host_destroy $h1 555 vrf-h2
105}
106
107h3_create()
108{
109	simple_if_init $h3 192.0.2.130/28
110	tc qdisc add dev $h3 clsact
111}
112
113h3_destroy()
114{
115	tc qdisc del dev $h3 clsact
116	simple_if_fini $h3 192.0.2.130/28
117}
118
119h4_create()
120{
121	simple_if_init $h4 192.0.2.130/28
122	tc qdisc add dev $h4 clsact
123}
124
125h4_destroy()
126{
127	tc qdisc del dev $h4 clsact
128	simple_if_fini $h4 192.0.2.130/28
129}
130
131switch_create()
132{
133	ip link set dev $swp1 up
134	tc qdisc add dev $swp1 clsact
135	vlan_create $swp1 333 "" 192.0.2.2/28
136	vlan_create $swp1 555 "" 192.0.2.17/28
137
138	tunnel_create gt4 gretap 192.0.2.129 192.0.2.130 \
139		      ttl 100 tos inherit
140
141	ip link set dev $swp3 up
142	ip link set dev $swp4 up
143
144	ip link add name br1 address $(mac_get $swp3) \
145		type bridge vlan_filtering 1
146
147	team_create lag loadbalance $swp3 $swp4
148	ip link set dev lag master br1
149
150	ip link set dev br1 up
151	__addr_add_del br1 add 192.0.2.129/32
152	ip -4 route add 192.0.2.130/32 dev br1
153}
154
155switch_destroy()
156{
157	ip link set dev lag nomaster
158	team_destroy lag
159
160	ip -4 route del 192.0.2.130/32 dev br1
161	__addr_add_del br1 del 192.0.2.129/32
162	ip link set dev br1 down
163	ip link del dev br1
164
165	ip link set dev $swp4 down
166	ip link set dev $swp3 down
167
168	tunnel_destroy gt4
169
170	vlan_destroy $swp1 555
171	vlan_destroy $swp1 333
172	tc qdisc del dev $swp1 clsact
173	ip link set dev $swp1 down
174}
175
176setup_prepare()
177{
178	h1=${NETIFS[p1]}
179	swp1=${NETIFS[p2]}
180
181	swp3=${NETIFS[p3]}
182	h3=${NETIFS[p4]}
183
184	swp4=${NETIFS[p5]}
185	h4=${NETIFS[p6]}
186
187	vrf_prepare
188
189	ip link set dev $h1 up
190	h1_create
191	h2_create
192	h3_create
193	h4_create
194	switch_create
195
196	forwarding_enable
197
198	trap_install $h3 ingress
199	trap_install $h4 ingress
200}
201
202cleanup()
203{
204	pre_cleanup
205
206	trap_uninstall $h4 ingress
207	trap_uninstall $h3 ingress
208
209	forwarding_restore
210
211	switch_destroy
212	h4_destroy
213	h3_destroy
214	h2_destroy
215	h1_destroy
216	ip link set dev $h1 down
217
218	vrf_cleanup
219}
220
221test_lag_slave()
222{
223	local host_dev=$1; shift
224	local up_dev=$1; shift
225	local down_dev=$1; shift
226	local what=$1; shift
227
228	RET=0
229
230	tc filter add dev $swp1 ingress pref 999 \
231		proto 802.1q flower vlan_ethtype arp \
232		action pass
233	mirror_install $swp1 ingress gt4 \
234		"proto 802.1q flower vlan_id 333"
235
236	# Test connectivity through $up_dev when $down_dev is set down.
237	ip link set dev $down_dev down
238	ip neigh flush dev br1
239	setup_wait_dev $up_dev
240	setup_wait_dev $host_dev
241	$ARPING -I br1 192.0.2.130 -qfc 1
242	sleep 2
243	mirror_test vrf-h1 192.0.2.1 192.0.2.18 $host_dev 1 ">= 10"
244
245	# Test lack of connectivity when both slaves are down.
246	ip link set dev $up_dev down
247	sleep 2
248	mirror_test vrf-h1 192.0.2.1 192.0.2.18 $h3 1 0
249	mirror_test vrf-h1 192.0.2.1 192.0.2.18 $h4 1 0
250
251	ip link set dev $up_dev up
252	ip link set dev $down_dev up
253	mirror_uninstall $swp1 ingress
254	tc filter del dev $swp1 ingress pref 999
255
256	log_test "$what"
257}
258
259test_mirror_gretap_first()
260{
261	test_lag_slave $h3 $swp3 $swp4 "mirror to gretap: LAG first slave"
262}
263
264test_mirror_gretap_second()
265{
266	test_lag_slave $h4 $swp4 $swp3 "mirror to gretap: LAG second slave"
267}
268
269trap cleanup EXIT
270
271setup_prepare
272setup_wait
273
274tests_run
275
276exit $EXIT_STATUS
277