mirror of
https://github.com/Fishwaldo/Star64_linux.git
synced 2025-03-17 20:54:10 +00:00
Merge branch 'Remove unused test_ipip.sh test and add missed'
Hangbin Liu says: ==================== In comment173ca26e9b
("samples/bpf: add comprehensive ipip, ipip6, ip6ip6 test") we added some bpf tunnel tests. In commit933a741e3b
("selftests/bpf: bpf tunnel test.") when we moved it to the current folder, we missed some points: 1. ip6ip6 test is not added 2. forgot to remove test_ipip.sh in sample folder 3. TCP test code is not removed in test_tunnel_kern.c In this patch set I add back ip6ip6 test and remove unused code. I'm not sure if this should be net or net-next, so just set to net. Here is the test result: ``` Testing IP6IP6 tunnel... PING ::11(::11) 56 data bytes --- ::11 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 63ms rtt min/avg/max/mdev = 0.014/1028.308/2060.906/841.361 ms, pipe 2 PING 1::11(1::11) 56 data bytes --- 1::11 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 48ms rtt min/avg/max/mdev = 0.026/0.029/0.036/0.006 ms PING 1::22(1::22) 56 data bytes --- 1::22 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 47ms rtt min/avg/max/mdev = 0.030/0.048/0.067/0.016 ms PASS: ip6ip6tnl ``` v3: Add back ICMP check as Martin suggested. v2: Keep ip6ip6 section in test_tunnel_kern.c. ==================== Acked-by: Martin KaFai Lau <kafai@fb.com> Signed-off-by: Alexei Starovoitov <ast@kernel.org>
This commit is contained in:
commit
9600d623db
3 changed files with 46 additions and 218 deletions
|
@ -1,179 +0,0 @@
|
|||
#!/bin/bash
|
||||
# SPDX-License-Identifier: GPL-2.0
|
||||
|
||||
function config_device {
|
||||
ip netns add at_ns0
|
||||
ip netns add at_ns1
|
||||
ip netns add at_ns2
|
||||
ip link add veth0 type veth peer name veth0b
|
||||
ip link add veth1 type veth peer name veth1b
|
||||
ip link add veth2 type veth peer name veth2b
|
||||
ip link set veth0b up
|
||||
ip link set veth1b up
|
||||
ip link set veth2b up
|
||||
ip link set dev veth0b mtu 1500
|
||||
ip link set dev veth1b mtu 1500
|
||||
ip link set dev veth2b mtu 1500
|
||||
ip link set veth0 netns at_ns0
|
||||
ip link set veth1 netns at_ns1
|
||||
ip link set veth2 netns at_ns2
|
||||
ip netns exec at_ns0 ip addr add 172.16.1.100/24 dev veth0
|
||||
ip netns exec at_ns0 ip addr add 2401:db00::1/64 dev veth0 nodad
|
||||
ip netns exec at_ns0 ip link set dev veth0 up
|
||||
ip netns exec at_ns1 ip addr add 172.16.1.101/24 dev veth1
|
||||
ip netns exec at_ns1 ip addr add 2401:db00::2/64 dev veth1 nodad
|
||||
ip netns exec at_ns1 ip link set dev veth1 up
|
||||
ip netns exec at_ns2 ip addr add 172.16.1.200/24 dev veth2
|
||||
ip netns exec at_ns2 ip addr add 2401:db00::3/64 dev veth2 nodad
|
||||
ip netns exec at_ns2 ip link set dev veth2 up
|
||||
ip link add br0 type bridge
|
||||
ip link set br0 up
|
||||
ip link set dev br0 mtu 1500
|
||||
ip link set veth0b master br0
|
||||
ip link set veth1b master br0
|
||||
ip link set veth2b master br0
|
||||
}
|
||||
|
||||
function add_ipip_tunnel {
|
||||
ip netns exec at_ns0 \
|
||||
ip link add dev $DEV_NS type ipip local 172.16.1.100 remote 172.16.1.200
|
||||
ip netns exec at_ns0 ip link set dev $DEV_NS up
|
||||
ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
|
||||
ip netns exec at_ns1 \
|
||||
ip link add dev $DEV_NS type ipip local 172.16.1.101 remote 172.16.1.200
|
||||
ip netns exec at_ns1 ip link set dev $DEV_NS up
|
||||
# same inner IP address in at_ns0 and at_ns1
|
||||
ip netns exec at_ns1 ip addr add dev $DEV_NS 10.1.1.100/24
|
||||
|
||||
ip netns exec at_ns2 ip link add dev $DEV type ipip external
|
||||
ip netns exec at_ns2 ip link set dev $DEV up
|
||||
ip netns exec at_ns2 ip addr add dev $DEV 10.1.1.200/24
|
||||
}
|
||||
|
||||
function add_ipip6_tunnel {
|
||||
ip netns exec at_ns0 \
|
||||
ip link add dev $DEV_NS type ip6tnl mode ipip6 local 2401:db00::1/64 remote 2401:db00::3/64
|
||||
ip netns exec at_ns0 ip link set dev $DEV_NS up
|
||||
ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
|
||||
ip netns exec at_ns1 \
|
||||
ip link add dev $DEV_NS type ip6tnl mode ipip6 local 2401:db00::2/64 remote 2401:db00::3/64
|
||||
ip netns exec at_ns1 ip link set dev $DEV_NS up
|
||||
# same inner IP address in at_ns0 and at_ns1
|
||||
ip netns exec at_ns1 ip addr add dev $DEV_NS 10.1.1.100/24
|
||||
|
||||
ip netns exec at_ns2 ip link add dev $DEV type ip6tnl mode ipip6 external
|
||||
ip netns exec at_ns2 ip link set dev $DEV up
|
||||
ip netns exec at_ns2 ip addr add dev $DEV 10.1.1.200/24
|
||||
}
|
||||
|
||||
function add_ip6ip6_tunnel {
|
||||
ip netns exec at_ns0 \
|
||||
ip link add dev $DEV_NS type ip6tnl mode ip6ip6 local 2401:db00::1/64 remote 2401:db00::3/64
|
||||
ip netns exec at_ns0 ip link set dev $DEV_NS up
|
||||
ip netns exec at_ns0 ip addr add dev $DEV_NS 2601:646::1/64
|
||||
ip netns exec at_ns1 \
|
||||
ip link add dev $DEV_NS type ip6tnl mode ip6ip6 local 2401:db00::2/64 remote 2401:db00::3/64
|
||||
ip netns exec at_ns1 ip link set dev $DEV_NS up
|
||||
# same inner IP address in at_ns0 and at_ns1
|
||||
ip netns exec at_ns1 ip addr add dev $DEV_NS 2601:646::1/64
|
||||
|
||||
ip netns exec at_ns2 ip link add dev $DEV type ip6tnl mode ip6ip6 external
|
||||
ip netns exec at_ns2 ip link set dev $DEV up
|
||||
ip netns exec at_ns2 ip addr add dev $DEV 2601:646::2/64
|
||||
}
|
||||
|
||||
function attach_bpf {
|
||||
DEV=$1
|
||||
SET_TUNNEL=$2
|
||||
GET_TUNNEL=$3
|
||||
ip netns exec at_ns2 tc qdisc add dev $DEV clsact
|
||||
ip netns exec at_ns2 tc filter add dev $DEV egress bpf da obj tcbpf2_kern.o sec $SET_TUNNEL
|
||||
ip netns exec at_ns2 tc filter add dev $DEV ingress bpf da obj tcbpf2_kern.o sec $GET_TUNNEL
|
||||
}
|
||||
|
||||
function test_ipip {
|
||||
DEV_NS=ipip_std
|
||||
DEV=ipip_bpf
|
||||
config_device
|
||||
# tcpdump -nei br0 &
|
||||
cat /sys/kernel/debug/tracing/trace_pipe &
|
||||
|
||||
add_ipip_tunnel
|
||||
attach_bpf $DEV ipip_set_tunnel ipip_get_tunnel
|
||||
|
||||
ip netns exec at_ns0 ping -c 1 10.1.1.200
|
||||
ip netns exec at_ns2 ping -c 1 10.1.1.100
|
||||
ip netns exec at_ns0 iperf -sD -p 5200 > /dev/null
|
||||
ip netns exec at_ns1 iperf -sD -p 5201 > /dev/null
|
||||
sleep 0.2
|
||||
# tcp check _same_ IP over different tunnels
|
||||
ip netns exec at_ns2 iperf -c 10.1.1.100 -n 5k -p 5200
|
||||
ip netns exec at_ns2 iperf -c 10.1.1.100 -n 5k -p 5201
|
||||
cleanup
|
||||
}
|
||||
|
||||
# IPv4 over IPv6 tunnel
|
||||
function test_ipip6 {
|
||||
DEV_NS=ipip_std
|
||||
DEV=ipip_bpf
|
||||
config_device
|
||||
# tcpdump -nei br0 &
|
||||
cat /sys/kernel/debug/tracing/trace_pipe &
|
||||
|
||||
add_ipip6_tunnel
|
||||
attach_bpf $DEV ipip6_set_tunnel ipip6_get_tunnel
|
||||
|
||||
ip netns exec at_ns0 ping -c 1 10.1.1.200
|
||||
ip netns exec at_ns2 ping -c 1 10.1.1.100
|
||||
ip netns exec at_ns0 iperf -sD -p 5200 > /dev/null
|
||||
ip netns exec at_ns1 iperf -sD -p 5201 > /dev/null
|
||||
sleep 0.2
|
||||
# tcp check _same_ IP over different tunnels
|
||||
ip netns exec at_ns2 iperf -c 10.1.1.100 -n 5k -p 5200
|
||||
ip netns exec at_ns2 iperf -c 10.1.1.100 -n 5k -p 5201
|
||||
cleanup
|
||||
}
|
||||
|
||||
# IPv6 over IPv6 tunnel
|
||||
function test_ip6ip6 {
|
||||
DEV_NS=ipip_std
|
||||
DEV=ipip_bpf
|
||||
config_device
|
||||
# tcpdump -nei br0 &
|
||||
cat /sys/kernel/debug/tracing/trace_pipe &
|
||||
|
||||
add_ip6ip6_tunnel
|
||||
attach_bpf $DEV ip6ip6_set_tunnel ip6ip6_get_tunnel
|
||||
|
||||
ip netns exec at_ns0 ping -6 -c 1 2601:646::2
|
||||
ip netns exec at_ns2 ping -6 -c 1 2601:646::1
|
||||
ip netns exec at_ns0 iperf -6sD -p 5200 > /dev/null
|
||||
ip netns exec at_ns1 iperf -6sD -p 5201 > /dev/null
|
||||
sleep 0.2
|
||||
# tcp check _same_ IP over different tunnels
|
||||
ip netns exec at_ns2 iperf -6c 2601:646::1 -n 5k -p 5200
|
||||
ip netns exec at_ns2 iperf -6c 2601:646::1 -n 5k -p 5201
|
||||
cleanup
|
||||
}
|
||||
|
||||
function cleanup {
|
||||
set +ex
|
||||
pkill iperf
|
||||
ip netns delete at_ns0
|
||||
ip netns delete at_ns1
|
||||
ip netns delete at_ns2
|
||||
ip link del veth0
|
||||
ip link del veth1
|
||||
ip link del veth2
|
||||
ip link del br0
|
||||
pkill tcpdump
|
||||
pkill cat
|
||||
set -ex
|
||||
}
|
||||
|
||||
cleanup
|
||||
echo "Testing IP tunnels..."
|
||||
test_ipip
|
||||
test_ipip6
|
||||
test_ip6ip6
|
||||
echo "*** PASS ***"
|
|
@ -15,7 +15,6 @@
|
|||
#include <linux/ip.h>
|
||||
#include <linux/ipv6.h>
|
||||
#include <linux/types.h>
|
||||
#include <linux/tcp.h>
|
||||
#include <linux/socket.h>
|
||||
#include <linux/pkt_cls.h>
|
||||
#include <linux/erspan.h>
|
||||
|
@ -528,12 +527,11 @@ int _ipip_set_tunnel(struct __sk_buff *skb)
|
|||
struct bpf_tunnel_key key = {};
|
||||
void *data = (void *)(long)skb->data;
|
||||
struct iphdr *iph = data;
|
||||
struct tcphdr *tcp = data + sizeof(*iph);
|
||||
void *data_end = (void *)(long)skb->data_end;
|
||||
int ret;
|
||||
|
||||
/* single length check */
|
||||
if (data + sizeof(*iph) + sizeof(*tcp) > data_end) {
|
||||
if (data + sizeof(*iph) > data_end) {
|
||||
ERROR(1);
|
||||
return TC_ACT_SHOT;
|
||||
}
|
||||
|
@ -541,16 +539,6 @@ int _ipip_set_tunnel(struct __sk_buff *skb)
|
|||
key.tunnel_ttl = 64;
|
||||
if (iph->protocol == IPPROTO_ICMP) {
|
||||
key.remote_ipv4 = 0xac100164; /* 172.16.1.100 */
|
||||
} else {
|
||||
if (iph->protocol != IPPROTO_TCP || iph->ihl != 5)
|
||||
return TC_ACT_SHOT;
|
||||
|
||||
if (tcp->dest == bpf_htons(5200))
|
||||
key.remote_ipv4 = 0xac100164; /* 172.16.1.100 */
|
||||
else if (tcp->dest == bpf_htons(5201))
|
||||
key.remote_ipv4 = 0xac100165; /* 172.16.1.101 */
|
||||
else
|
||||
return TC_ACT_SHOT;
|
||||
}
|
||||
|
||||
ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key), 0);
|
||||
|
@ -585,19 +573,20 @@ int _ipip6_set_tunnel(struct __sk_buff *skb)
|
|||
struct bpf_tunnel_key key = {};
|
||||
void *data = (void *)(long)skb->data;
|
||||
struct iphdr *iph = data;
|
||||
struct tcphdr *tcp = data + sizeof(*iph);
|
||||
void *data_end = (void *)(long)skb->data_end;
|
||||
int ret;
|
||||
|
||||
/* single length check */
|
||||
if (data + sizeof(*iph) + sizeof(*tcp) > data_end) {
|
||||
if (data + sizeof(*iph) > data_end) {
|
||||
ERROR(1);
|
||||
return TC_ACT_SHOT;
|
||||
}
|
||||
|
||||
__builtin_memset(&key, 0x0, sizeof(key));
|
||||
key.remote_ipv6[3] = bpf_htonl(0x11); /* ::11 */
|
||||
key.tunnel_ttl = 64;
|
||||
if (iph->protocol == IPPROTO_ICMP) {
|
||||
key.remote_ipv6[3] = bpf_htonl(0x11); /* ::11 */
|
||||
}
|
||||
|
||||
ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key),
|
||||
BPF_F_TUNINFO_IPV6);
|
||||
|
@ -634,35 +623,18 @@ int _ip6ip6_set_tunnel(struct __sk_buff *skb)
|
|||
struct bpf_tunnel_key key = {};
|
||||
void *data = (void *)(long)skb->data;
|
||||
struct ipv6hdr *iph = data;
|
||||
struct tcphdr *tcp = data + sizeof(*iph);
|
||||
void *data_end = (void *)(long)skb->data_end;
|
||||
int ret;
|
||||
|
||||
/* single length check */
|
||||
if (data + sizeof(*iph) + sizeof(*tcp) > data_end) {
|
||||
if (data + sizeof(*iph) > data_end) {
|
||||
ERROR(1);
|
||||
return TC_ACT_SHOT;
|
||||
}
|
||||
|
||||
key.remote_ipv6[0] = bpf_htonl(0x2401db00);
|
||||
key.tunnel_ttl = 64;
|
||||
|
||||
if (iph->nexthdr == 58 /* NEXTHDR_ICMP */) {
|
||||
key.remote_ipv6[3] = bpf_htonl(1);
|
||||
} else {
|
||||
if (iph->nexthdr != 6 /* NEXTHDR_TCP */) {
|
||||
ERROR(iph->nexthdr);
|
||||
return TC_ACT_SHOT;
|
||||
}
|
||||
|
||||
if (tcp->dest == bpf_htons(5200)) {
|
||||
key.remote_ipv6[3] = bpf_htonl(1);
|
||||
} else if (tcp->dest == bpf_htons(5201)) {
|
||||
key.remote_ipv6[3] = bpf_htonl(2);
|
||||
} else {
|
||||
ERROR(tcp->dest);
|
||||
return TC_ACT_SHOT;
|
||||
}
|
||||
key.remote_ipv6[3] = bpf_htonl(0x11); /* ::11 */
|
||||
}
|
||||
|
||||
ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key),
|
||||
|
|
|
@ -24,12 +24,12 @@
|
|||
# Root namespace with metadata-mode tunnel + BPF
|
||||
# Device names and addresses:
|
||||
# veth1 IP: 172.16.1.200, IPv6: 00::22 (underlay)
|
||||
# tunnel dev <type>11, ex: gre11, IPv4: 10.1.1.200 (overlay)
|
||||
# tunnel dev <type>11, ex: gre11, IPv4: 10.1.1.200, IPv6: 1::22 (overlay)
|
||||
#
|
||||
# Namespace at_ns0 with native tunnel
|
||||
# Device names and addresses:
|
||||
# veth0 IPv4: 172.16.1.100, IPv6: 00::11 (underlay)
|
||||
# tunnel dev <type>00, ex: gre00, IPv4: 10.1.1.100 (overlay)
|
||||
# tunnel dev <type>00, ex: gre00, IPv4: 10.1.1.100, IPv6: 1::11 (overlay)
|
||||
#
|
||||
#
|
||||
# End-to-end ping packet flow
|
||||
|
@ -250,7 +250,7 @@ add_ipip_tunnel()
|
|||
ip addr add dev $DEV 10.1.1.200/24
|
||||
}
|
||||
|
||||
add_ipip6tnl_tunnel()
|
||||
add_ip6tnl_tunnel()
|
||||
{
|
||||
ip netns exec at_ns0 ip addr add ::11/96 dev veth0
|
||||
ip netns exec at_ns0 ip link set dev veth0 up
|
||||
|
@ -262,11 +262,13 @@ add_ipip6tnl_tunnel()
|
|||
ip link add dev $DEV_NS type $TYPE \
|
||||
local ::11 remote ::22
|
||||
ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
|
||||
ip netns exec at_ns0 ip addr add dev $DEV_NS 1::11/96
|
||||
ip netns exec at_ns0 ip link set dev $DEV_NS up
|
||||
|
||||
# root namespace
|
||||
ip link add dev $DEV type $TYPE external
|
||||
ip addr add dev $DEV 10.1.1.200/24
|
||||
ip addr add dev $DEV 1::22/96
|
||||
ip link set dev $DEV up
|
||||
}
|
||||
|
||||
|
@ -534,7 +536,7 @@ test_ipip6()
|
|||
|
||||
check $TYPE
|
||||
config_device
|
||||
add_ipip6tnl_tunnel
|
||||
add_ip6tnl_tunnel
|
||||
ip link set dev veth1 mtu 1500
|
||||
attach_bpf $DEV ipip6_set_tunnel ipip6_get_tunnel
|
||||
# underlay
|
||||
|
@ -553,6 +555,34 @@ test_ipip6()
|
|||
echo -e ${GREEN}"PASS: $TYPE"${NC}
|
||||
}
|
||||
|
||||
test_ip6ip6()
|
||||
{
|
||||
TYPE=ip6tnl
|
||||
DEV_NS=ip6ip6tnl00
|
||||
DEV=ip6ip6tnl11
|
||||
ret=0
|
||||
|
||||
check $TYPE
|
||||
config_device
|
||||
add_ip6tnl_tunnel
|
||||
ip link set dev veth1 mtu 1500
|
||||
attach_bpf $DEV ip6ip6_set_tunnel ip6ip6_get_tunnel
|
||||
# underlay
|
||||
ping6 $PING_ARG ::11
|
||||
# ip6 over ip6
|
||||
ping6 $PING_ARG 1::11
|
||||
check_err $?
|
||||
ip netns exec at_ns0 ping6 $PING_ARG 1::22
|
||||
check_err $?
|
||||
cleanup
|
||||
|
||||
if [ $ret -ne 0 ]; then
|
||||
echo -e ${RED}"FAIL: ip6$TYPE"${NC}
|
||||
return 1
|
||||
fi
|
||||
echo -e ${GREEN}"PASS: ip6$TYPE"${NC}
|
||||
}
|
||||
|
||||
setup_xfrm_tunnel()
|
||||
{
|
||||
auth=0x$(printf '1%.0s' {1..40})
|
||||
|
@ -646,6 +676,7 @@ cleanup()
|
|||
ip link del veth1 2> /dev/null
|
||||
ip link del ipip11 2> /dev/null
|
||||
ip link del ipip6tnl11 2> /dev/null
|
||||
ip link del ip6ip6tnl11 2> /dev/null
|
||||
ip link del gretap11 2> /dev/null
|
||||
ip link del ip6gre11 2> /dev/null
|
||||
ip link del ip6gretap11 2> /dev/null
|
||||
|
@ -742,6 +773,10 @@ bpf_tunnel_test()
|
|||
test_ipip6
|
||||
errors=$(( $errors + $? ))
|
||||
|
||||
echo "Testing IP6IP6 tunnel..."
|
||||
test_ip6ip6
|
||||
errors=$(( $errors + $? ))
|
||||
|
||||
echo "Testing IPSec tunnel..."
|
||||
test_xfrm_tunnel
|
||||
errors=$(( $errors + $? ))
|
||||
|
|
Loading…
Add table
Reference in a new issue