linux/samples/bpf/test_tunnel_bpf.sh
<<
>>
Prefs 
   1#!/bin/bash
   2# In Namespace 0 (at_ns0) using native tunnel
   3# Overlay IP: 10.1.1.100
   4# local 192.16.1.100 remote 192.16.1.200
   5# veth0 IP: 172.16.1.100, tunnel dev <type>00
   6
   7# Out of Namespace using BPF set/get on lwtunnel
   8# Overlay IP: 10.1.1.200
   9# local 172.16.1.200 remote 172.16.1.100
  10# veth1 IP: 172.16.1.200, tunnel dev <type>11
  11
  12function config_device {
  13        ip netns add at_ns0
  14        ip link add veth0 type veth peer name veth1
  15        ip link set veth0 netns at_ns0
  16        ip netns exec at_ns0 ip addr add 172.16.1.100/24 dev veth0
  17        ip netns exec at_ns0 ip link set dev veth0 up
  18        ip link set dev veth1 up mtu 1500
  19        ip addr add dev veth1 172.16.1.200/24
  20}
  21
  22function add_gre_tunnel {
  23        # in namespace
  24        ip netns exec at_ns0 \
  25                ip link add dev $DEV_NS type $TYPE key 2 local 172.16.1.100 remote 172.16.1.200
  26        ip netns exec at_ns0 ip link set dev $DEV_NS up
  27        ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
  28
  29        # out of namespace
  30        ip link add dev $DEV type $TYPE key 2 external
  31        ip link set dev $DEV up
  32        ip addr add dev $DEV 10.1.1.200/24
  33}
  34
  35function add_vxlan_tunnel {
  36        # Set static ARP entry here because iptables set-mark works
  37        # on L3 packet, as a result not applying to ARP packets,
  38        # causing errors at get_tunnel_{key/opt}.
  39
  40        # in namespace
  41        ip netns exec at_ns0 \
  42                ip link add dev $DEV_NS type $TYPE id 2 dstport 4789 gbp remote 172.16.1.200
  43        ip netns exec at_ns0 ip link set dev $DEV_NS address 52:54:00:d9:01:00 up
  44        ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
  45        ip netns exec at_ns0 arp -s 10.1.1.200 52:54:00:d9:02:00
  46        ip netns exec at_ns0 iptables -A OUTPUT -j MARK --set-mark 0x800FF
  47
  48        # out of namespace
  49        ip link add dev $DEV type $TYPE external gbp dstport 4789
  50        ip link set dev $DEV address 52:54:00:d9:02:00 up
  51        ip addr add dev $DEV 10.1.1.200/24
  52        arp -s 10.1.1.100 52:54:00:d9:01:00
  53}
  54
  55function add_geneve_tunnel {
  56        # in namespace
  57        ip netns exec at_ns0 \
  58                ip link add dev $DEV_NS type $TYPE id 2 dstport 6081 remote 172.16.1.200
  59        ip netns exec at_ns0 ip link set dev $DEV_NS up
  60        ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
  61
  62        # out of namespace
  63        ip link add dev $DEV type $TYPE dstport 6081 external
  64        ip link set dev $DEV up
  65        ip addr add dev $DEV 10.1.1.200/24
  66}
  67
  68function add_ipip_tunnel {
  69        # in namespace
  70        ip netns exec at_ns0 \
  71                ip link add dev $DEV_NS type $TYPE local 172.16.1.100 remote 172.16.1.200
  72        ip netns exec at_ns0 ip link set dev $DEV_NS up
  73        ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
  74
  75        # out of namespace
  76        ip link add dev $DEV type $TYPE external
  77        ip link set dev $DEV up
  78        ip addr add dev $DEV 10.1.1.200/24
  79}
  80
  81function attach_bpf {
  82        DEV=$1
  83        SET_TUNNEL=$2
  84        GET_TUNNEL=$3
  85        tc qdisc add dev $DEV clsact
  86        tc filter add dev $DEV egress bpf da obj tcbpf2_kern.o sec $SET_TUNNEL
  87        tc filter add dev $DEV ingress bpf da obj tcbpf2_kern.o sec $GET_TUNNEL
  88}
  89
  90function test_gre {
  91        TYPE=gretap
  92        DEV_NS=gretap00
  93        DEV=gretap11
  94        config_device
  95        add_gre_tunnel
  96        attach_bpf $DEV gre_set_tunnel gre_get_tunnel
  97        ping -c 1 10.1.1.100
  98        ip netns exec at_ns0 ping -c 1 10.1.1.200
  99        cleanup
 100}
 101
 102function test_vxlan {
 103        TYPE=vxlan
 104        DEV_NS=vxlan00
 105        DEV=vxlan11
 106        config_device
 107        add_vxlan_tunnel
 108        attach_bpf $DEV vxlan_set_tunnel vxlan_get_tunnel
 109        ping -c 1 10.1.1.100
 110        ip netns exec at_ns0 ping -c 1 10.1.1.200
 111        cleanup
 112}
 113
 114function test_geneve {
 115        TYPE=geneve
 116        DEV_NS=geneve00
 117        DEV=geneve11
 118        config_device
 119        add_geneve_tunnel
 120        attach_bpf $DEV geneve_set_tunnel geneve_get_tunnel
 121        ping -c 1 10.1.1.100
 122        ip netns exec at_ns0 ping -c 1 10.1.1.200
 123        cleanup
 124}
 125
 126function test_ipip {
 127        TYPE=ipip
 128        DEV_NS=ipip00
 129        DEV=ipip11
 130        config_device
 131        tcpdump -nei veth1 &
 132        cat /sys/kernel/debug/tracing/trace_pipe &
 133        add_ipip_tunnel
 134        ethtool -K veth1 gso off gro off rx off tx off
 135        ip link set dev veth1 mtu 1500
 136        attach_bpf $DEV ipip_set_tunnel ipip_get_tunnel
 137        ping -c 1 10.1.1.100
 138        ip netns exec at_ns0 ping -c 1 10.1.1.200
 139        ip netns exec at_ns0 iperf -sD -p 5200 > /dev/null
 140        sleep 0.2
 141        iperf -c 10.1.1.100 -n 5k -p 5200
 142        cleanup
 143}
 144
 145function cleanup {
 146        set +ex
 147        pkill iperf
 148        ip netns delete at_ns0
 149        ip link del veth1
 150        ip link del ipip11
 151        ip link del gretap11
 152        ip link del vxlan11
 153        ip link del geneve11
 154        pkill tcpdump
 155        pkill cat
 156        set -ex
 157}
 158
 159cleanup
 160echo "Testing GRE tunnel..."
 161test_gre
 162echo "Testing VXLAN tunnel..."
 163test_vxlan
 164echo "Testing GENEVE tunnel..."
 165test_geneve
 166echo "Testing IPIP tunnel..."
 167test_ipip
 168echo "*** PASS ***"
 169
Hosted by Missing Link Electronics. The original LXR software by the LXR community, this experimental version by lxr@linux.no.