__ __ __ __ _____ _ _ _____ _ _ _ | \/ | \ \ / / | __ \ (_) | | / ____| | | | | | \ / |_ __\ V / | |__) | __ ___ ____ _| |_ ___ | (___ | |__ ___| | | | |\/| | '__|> < | ___/ '__| \ \ / / _` | __/ _ \ \___ \| '_ \ / _ \ | | | | | | |_ / . \ | | | | | |\ V / (_| | || __/ ____) | | | | __/ | | |_| |_|_(_)_/ \_\ |_| |_| |_| \_/ \__,_|\__\___| |_____/|_| |_|\___V 2.1 if you need WebShell for Seo everyday contact me on Telegram Telegram Address : @jackleetFor_More_Tools:
#!/bin/bash
# SPDX-License-Identifier: GPL-2.0
#
# Test a "one-armed router" [1] scenario. Packets forwarded between H1 and H2
# should be forwarded by the ASIC, but also trapped so that ICMP redirect
# packets could be potentially generated.
#
# 1. https://en.wikipedia.org/wiki/One-armed_router
#
# +---------------------------------+
# | H1 (vrf) |
# | + $h1 |
# | | 192.0.2.1/24 |
# | | 2001:db8:1::1/64 |
# | | |
# | | default via 192.0.2.2 |
# | | default via 2001:db8:1::2 |
# +----|----------------------------+
# |
# +----|----------------------------------------------------------------------+
# | SW | |
# | +--|--------------------------------------------------------------------+ |
# | | + $swp1 BR0 (802.1d) | |
# | | | |
# | | 192.0.2.2/24 | |
# | | 2001:db8:1::2/64 | |
# | | 198.51.100.2/24 | |
# | | 2001:db8:2::2/64 | |
# | | | |
# | | + $swp2 | |
# | +--|--------------------------------------------------------------------+ |
# | | |
# +----|----------------------------------------------------------------------+
# |
# +----|----------------------------+
# | | default via 198.51.100.2 |
# | | default via 2001:db8:2::2 |
# | | |
# | | 2001:db8:2::1/64 |
# | | 198.51.100.1/24 |
# | + $h2 |
# | H2 (vrf) |
# +---------------------------------+
lib_dir=$(dirname $0)/../../../net/forwarding
ALL_TESTS="ping_ipv4 ping_ipv6 fwd_mark_ipv4 fwd_mark_ipv6"
NUM_NETIFS=4
source $lib_dir/tc_common.sh
source $lib_dir/lib.sh
h1_create()
{
simple_if_init $h1 192.0.2.1/24 2001:db8:1::1/64
ip -4 route add default vrf v$h1 nexthop via 192.0.2.2
ip -6 route add default vrf v$h1 nexthop via 2001:db8:1::2
}
h1_destroy()
{
ip -6 route del default vrf v$h1 nexthop via 2001:db8:1::2
ip -4 route del default vrf v$h1 nexthop via 192.0.2.2
simple_if_fini $h1 192.0.2.1/24 2001:db8:1::1/64
}
h2_create()
{
simple_if_init $h2 198.51.100.1/24 2001:db8:2::1/64
ip -4 route add default vrf v$h2 nexthop via 198.51.100.2
ip -6 route add default vrf v$h2 nexthop via 2001:db8:2::2
}
h2_destroy()
{
ip -6 route del default vrf v$h2 nexthop via 2001:db8:2::2
ip -4 route del default vrf v$h2 nexthop via 198.51.100.2
simple_if_fini $h2 198.51.100.1/24 2001:db8:2::1/64
}
switch_create()
{
ip link add name br0 address $(mac_get $swp1) \
type bridge mcast_snooping 0
ip link set dev br0 up
ip link set dev $swp1 master br0
ip link set dev $swp1 up
ip link set dev $swp2 master br0
ip link set dev $swp2 up
tc qdisc add dev $swp1 clsact
tc qdisc add dev $swp2 clsact
__addr_add_del br0 add 192.0.2.2/24 2001:db8:1::2/64
__addr_add_del br0 add 198.51.100.2/24 2001:db8:2::2/64
}
switch_destroy()
{
__addr_add_del br0 del 198.51.100.2/24 2001:db8:2::2/64
__addr_add_del br0 del 192.0.2.2/24 2001:db8:1::2/64
tc qdisc del dev $swp2 clsact
tc qdisc del dev $swp1 clsact
ip link set dev $swp2 down
ip link set dev $swp2 nomaster
ip link set dev $swp1 down
ip link set dev $swp1 nomaster
ip link set dev br0 down
ip link del dev br0
}
ping_ipv4()
{
ping_test $h1 198.51.100.1 ": h1->h2"
}
ping_ipv6()
{
ping6_test $h1 2001:db8:2::1 ": h1->h2"
}
fwd_mark_ipv4()
{
# Transmit packets from H1 to H2 and make sure they are trapped at
# swp1 due to loopback error, but only forwarded by the ASIC through
# swp2
tc filter add dev $swp1 ingress protocol ip pref 1 handle 101 flower \
skip_hw dst_ip 198.51.100.1 ip_proto udp dst_port 52768 \
action pass
tc filter add dev $swp2 egress protocol ip pref 1 handle 101 flower \
skip_hw dst_ip 198.51.100.1 ip_proto udp dst_port 52768 \
action pass
tc filter add dev $swp2 egress protocol ip pref 2 handle 102 flower \
skip_sw dst_ip 198.51.100.1 ip_proto udp dst_port 52768 \
action pass
ip vrf exec v$h1 $MZ $h1 -c 10 -d 100msec -p 64 -A 192.0.2.1 \
-B 198.51.100.1 -t udp dp=52768,sp=42768 -q
RET=0
tc_check_packets "dev $swp1 ingress" 101 10
check_err $?
log_test "fwd mark: trapping IPv4 packets due to LBERROR"
RET=0
tc_check_packets "dev $swp2 egress" 101 0
check_err $?
log_test "fwd mark: forwarding IPv4 packets in software"
RET=0
tc_check_packets "dev $swp2 egress" 102 10
check_err $?
log_test "fwd mark: forwarding IPv4 packets in hardware"
tc filter del dev $swp2 egress protocol ip pref 2 handle 102 flower
tc filter del dev $swp2 egress protocol ip pref 1 handle 101 flower
tc filter del dev $swp1 ingress protocol ip pref 1 handle 101 flower
}
fwd_mark_ipv6()
{
tc filter add dev $swp1 ingress protocol ipv6 pref 1 handle 101 flower \
skip_hw dst_ip 2001:db8:2::1 ip_proto udp dst_port 52768 \
action pass
tc filter add dev $swp2 egress protocol ipv6 pref 1 handle 101 flower \
skip_hw dst_ip 2001:db8:2::1 ip_proto udp dst_port 52768 \
action pass
tc filter add dev $swp2 egress protocol ipv6 pref 2 handle 102 flower \
skip_sw dst_ip 2001:db8:2::1 ip_proto udp dst_port 52768 \
action pass
ip vrf exec v$h1 $MZ $h1 -6 -c 10 -d 100msec -p 64 -A 2001:db8:1::1 \
-B 2001:db8:2::1 -t udp dp=52768,sp=42768 -q
RET=0
tc_check_packets "dev $swp1 ingress" 101 10
check_err $?
log_test "fwd mark: trapping IPv6 packets due to LBERROR"
RET=0
tc_check_packets "dev $swp2 egress" 101 0
check_err $?
log_test "fwd mark: forwarding IPv6 packets in software"
RET=0
tc_check_packets "dev $swp2 egress" 102 10
check_err $?
log_test "fwd mark: forwarding IPv6 packets in hardware"
tc filter del dev $swp2 egress protocol ipv6 pref 2 handle 102 flower
tc filter del dev $swp2 egress protocol ipv6 pref 1 handle 101 flower
tc filter del dev $swp1 ingress protocol ipv6 pref 1 handle 101 flower
}
setup_prepare()
{
h1=${NETIFS[p1]}
swp1=${NETIFS[p2]}
swp2=${NETIFS[p3]}
h2=${NETIFS[p4]}
vrf_prepare
forwarding_enable
sysctl_set net.ipv4.conf.all.accept_redirects 0
sysctl_set net.ipv6.conf.all.accept_redirects 0
h1_create
h2_create
switch_create
}
cleanup()
{
pre_cleanup
switch_destroy
h2_destroy
h1_destroy
sysctl_restore net.ipv6.conf.all.accept_redirects
sysctl_restore net.ipv4.conf.all.accept_redirects
forwarding_restore
vrf_cleanup
}
trap cleanup EXIT
setup_prepare
setup_wait
tests_run
exit $EXIT_STATUS
| Name | Type | Size | Permission | Actions |
|---|---|---|---|---|
| spectrum | Folder | 0755 |
|
|
| spectrum-2 | Folder | 0755 |
|
|
| blackhole_routes.sh | File | 4.96 KB | 0755 |
|
| devlink_linecard.sh | File | 7.5 KB | 0755 |
|
| devlink_trap.sh | File | 1.86 KB | 0755 |
|
| devlink_trap_acl_drops.sh | File | 2.4 KB | 0755 |
|
| devlink_trap_control.sh | File | 18.22 KB | 0755 |
|
| devlink_trap_l2_drops.sh | File | 12.87 KB | 0755 |
|
| devlink_trap_l3_drops.sh | File | 16.38 KB | 0755 |
|
| devlink_trap_l3_exceptions.sh | File | 13.64 KB | 0755 |
|
| devlink_trap_policer.sh | File | 9.75 KB | 0755 |
|
| devlink_trap_tunnel_ipip.sh | File | 5.24 KB | 0755 |
|
| devlink_trap_tunnel_ipip6.sh | File | 5.31 KB | 0755 |
|
| devlink_trap_tunnel_vxlan.sh | File | 8.84 KB | 0755 |
|
| devlink_trap_tunnel_vxlan_ipv6.sh | File | 9.32 KB | 0755 |
|
| egress_vid_classification.sh | File | 6.55 KB | 0755 |
|
| ethtool_lanes.sh | File | 4.02 KB | 0755 |
|
| extack.sh | File | 3.74 KB | 0755 |
|
| fib.sh | File | 5.43 KB | 0755 |
|
| fib_offload.sh | File | 9.93 KB | 0755 |
|
| hw_stats_l3.sh | File | 410 B | 0755 |
|
| ingress_rif_conf_1d.sh | File | 6.15 KB | 0755 |
|
| ingress_rif_conf_1q.sh | File | 6.23 KB | 0755 |
|
| ingress_rif_conf_vxlan.sh | File | 8.44 KB | 0755 |
|
| mirror_gre.sh | File | 3.78 KB | 0755 |
|
| mirror_gre_scale.sh | File | 5.43 KB | 0644 |
|
| mlxsw_lib.sh | File | 1.43 KB | 0644 |
|
| one_armed_router.sh | File | 6.82 KB | 0755 |
|
| pci_reset.sh | File | 1.27 KB | 0755 |
|
| port_range_occ.sh | File | 2.33 KB | 0755 |
|
| port_range_scale.sh | File | 1.51 KB | 0644 |
|
| port_scale.sh | File | 1.36 KB | 0644 |
|
| q_in_q_veto.sh | File | 8.06 KB | 0755 |
|
| qos_defprio.sh | File | 2.33 KB | 0755 |
|
| qos_dscp_bridge.sh | File | 4.14 KB | 0755 |
|
| qos_dscp_router.sh | File | 6.43 KB | 0755 |
|
| qos_ets_strict.sh | File | 9.09 KB | 0755 |
|
| qos_headroom.sh | File | 8.19 KB | 0755 |
|
| qos_lib.sh | File | 1.27 KB | 0644 |
|
| qos_max_descriptors.sh | File | 6.14 KB | 0755 |
|
| qos_mc_aware.sh | File | 9.54 KB | 0755 |
|
| qos_pfc.sh | File | 11.36 KB | 0755 |
|
| rif_bridge.sh | File | 4.12 KB | 0755 |
|
| rif_counter_scale.sh | File | 1.71 KB | 0644 |
|
| rif_lag.sh | File | 2.98 KB | 0755 |
|
| rif_lag_vlan.sh | File | 3.24 KB | 0755 |
|
| rif_mac_profile_scale.sh | File | 1.64 KB | 0644 |
|
| rif_mac_profiles.sh | File | 4.65 KB | 0755 |
|
| rif_mac_profiles_occ.sh | File | 2.87 KB | 0755 |
|
| router_bridge_lag.sh | File | 786 B | 0755 |
|
| router_scale.sh | File | 2.09 KB | 0644 |
|
| rtnetlink.sh | File | 26.93 KB | 0755 |
|
| sch_ets.sh | File | 2.3 KB | 0755 |
|
| sch_offload.sh | File | 5.25 KB | 0755 |
|
| sch_red_core.sh | File | 20.75 KB | 0644 |
|
| sch_red_ets.sh | File | 3.12 KB | 0755 |
|
| sch_red_prio.sh | File | 81 B | 0755 |
|
| sch_red_root.sh | File | 1.25 KB | 0755 |
|
| sch_tbf_ets.sh | File | 216 B | 0755 |
|
| sch_tbf_prio.sh | File | 217 B | 0755 |
|
| sch_tbf_root.sh | File | 217 B | 0755 |
|
| sharedbuffer.sh | File | 5.24 KB | 0755 |
|
| tc_action_hw_stats.sh | File | 2.24 KB | 0755 |
|
| tc_flower_scale.sh | File | 2.81 KB | 0644 |
|
| tc_police_occ.sh | File | 2.07 KB | 0755 |
|
| tc_police_scale.sh | File | 1.62 KB | 0644 |
|
| tc_restrictions.sh | File | 11.58 KB | 0755 |
|
| tc_sample.sh | File | 17.38 KB | 0755 |
|
| vxlan.sh | File | 30.19 KB | 0755 |
|
| vxlan_fdb_veto.sh | File | 3.11 KB | 0755 |
|
| vxlan_fdb_veto_ipv6.sh | File | 250 B | 0755 |
|
| vxlan_flooding.sh | File | 8.64 KB | 0755 |
|
| vxlan_ipv6.sh | File | 1.39 KB | 0755 |
|