Orange Pi5 kernel

^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300    1) #!/bin/bash
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300    2) # SPDX-License-Identifier: GPL-2.0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300    3) #
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300    4) # Copyright (c) 2019 David Ahern <dsahern@gmail.com>. All rights reserved.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300    5) #
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300    6) # IPv4 and IPv6 functional tests focusing on VRF and routing lookups
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300    7) # for various permutations:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300    8) #   1. icmp, tcp, udp and netfilter
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300    9) #   2. client, server, no-server
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   10) #   3. global address on interface
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   11) #   4. global address on 'lo'
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   12) #   5. remote and local traffic
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   13) #   6. VRF and non-VRF permutations
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   14) #
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   15) # Setup:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   16) #                     ns-A     |     ns-B
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   17) # No VRF case:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   18) #    [ lo ]         [ eth1 ]---|---[ eth1 ]      [ lo ]
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   19) #                                                remote address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   20) # VRF case:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   21) #         [ red ]---[ eth1 ]---|---[ eth1 ]      [ lo ]
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   22) #
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   23) # ns-A:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   24) #     eth1: 172.16.1.1/24, 2001:db8:1::1/64
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   25) #       lo: 127.0.0.1/8, ::1/128
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   26) #           172.16.2.1/32, 2001:db8:2::1/128
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   27) #      red: 127.0.0.1/8, ::1/128
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   28) #           172.16.3.1/32, 2001:db8:3::1/128
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   29) #
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   30) # ns-B:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   31) #     eth1: 172.16.1.2/24, 2001:db8:1::2/64
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   32) #      lo2: 127.0.0.1/8, ::1/128
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   33) #           172.16.2.2/32, 2001:db8:2::2/128
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   34) #
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   35) # ns-A to ns-C connection - only for VRF and same config
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   36) # as ns-A to ns-B
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   37) #
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   38) # server / client nomenclature relative to ns-A
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   39) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   40) VERBOSE=0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   41) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   42) NSA_DEV=eth1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   43) NSA_DEV2=eth2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   44) NSB_DEV=eth1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   45) NSC_DEV=eth2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   46) VRF=red
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   47) VRF_TABLE=1101
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   48) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   49) # IPv4 config
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   50) NSA_IP=172.16.1.1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   51) NSB_IP=172.16.1.2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   52) VRF_IP=172.16.3.1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   53) NS_NET=172.16.1.0/24
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   54) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   55) # IPv6 config
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   56) NSA_IP6=2001:db8:1::1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   57) NSB_IP6=2001:db8:1::2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   58) VRF_IP6=2001:db8:3::1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   59) NS_NET6=2001:db8:1::/120
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   60) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   61) NSA_LO_IP=172.16.2.1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   62) NSB_LO_IP=172.16.2.2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   63) NSA_LO_IP6=2001:db8:2::1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   64) NSB_LO_IP6=2001:db8:2::2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   65) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   66) MD5_PW=abc123
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   67) MD5_WRONG_PW=abc1234
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   68) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   69) MCAST=ff02::1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   70) # set after namespace create
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   71) NSA_LINKIP6=
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   72) NSB_LINKIP6=
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   73) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   74) NSA=ns-A
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   75) NSB=ns-B
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   76) NSC=ns-C
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   77) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   78) NSA_CMD="ip netns exec ${NSA}"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   79) NSB_CMD="ip netns exec ${NSB}"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   80) NSC_CMD="ip netns exec ${NSC}"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   81) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   82) which ping6 > /dev/null 2>&1 && ping6=$(which ping6) || ping6=$(which ping)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   83) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   84) ################################################################################
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   85) # utilities
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   86) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   87) log_test()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   88) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   89) 	local rc=$1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   90) 	local expected=$2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   91) 	local msg="$3"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   92) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   93) 	[ "${VERBOSE}" = "1" ] && echo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   94) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   95) 	if [ ${rc} -eq ${expected} ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   96) 		nsuccess=$((nsuccess+1))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   97) 		printf "TEST: %-70s  [ OK ]\n" "${msg}"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   98) 	else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   99) 		nfail=$((nfail+1))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  100) 		printf "TEST: %-70s  [FAIL]\n" "${msg}"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  101) 		if [ "${PAUSE_ON_FAIL}" = "yes" ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  102) 			echo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  103) 			echo "hit enter to continue, 'q' to quit"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  104) 			read a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  105) 			[ "$a" = "q" ] && exit 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  106) 		fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  107) 	fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  108) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  109) 	if [ "${PAUSE}" = "yes" ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  110) 		echo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  111) 		echo "hit enter to continue, 'q' to quit"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  112) 		read a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  113) 		[ "$a" = "q" ] && exit 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  114) 	fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  115) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  116) 	kill_procs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  117) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  118) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  119) log_test_addr()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  120) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  121) 	local addr=$1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  122) 	local rc=$2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  123) 	local expected=$3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  124) 	local msg="$4"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  125) 	local astr
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  126) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  127) 	astr=$(addr2str ${addr})
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  128) 	log_test $rc $expected "$msg - ${astr}"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  129) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  130) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  131) log_section()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  132) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  133) 	echo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  134) 	echo "###########################################################################"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  135) 	echo "$*"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  136) 	echo "###########################################################################"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  137) 	echo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  138) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  139) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  140) log_subsection()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  141) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  142) 	echo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  143) 	echo "#################################################################"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  144) 	echo "$*"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  145) 	echo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  146) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  147) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  148) log_start()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  149) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  150) 	# make sure we have no test instances running
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  151) 	kill_procs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  152) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  153) 	if [ "${VERBOSE}" = "1" ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  154) 		echo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  155) 		echo "#######################################################"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  156) 	fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  157) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  158) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  159) log_debug()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  160) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  161) 	if [ "${VERBOSE}" = "1" ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  162) 		echo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  163) 		echo "$*"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  164) 		echo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  165) 	fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  166) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  167) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  168) show_hint()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  169) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  170) 	if [ "${VERBOSE}" = "1" ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  171) 		echo "HINT: $*"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  172) 		echo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  173) 	fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  174) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  175) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  176) kill_procs()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  177) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  178) 	killall nettest ping ping6 >/dev/null 2>&1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  179) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  180) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  181) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  182) do_run_cmd()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  183) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  184) 	local cmd="$*"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  185) 	local out
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  186) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  187) 	if [ "$VERBOSE" = "1" ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  188) 		echo "COMMAND: ${cmd}"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  189) 	fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  190) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  191) 	out=$($cmd 2>&1)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  192) 	rc=$?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  193) 	if [ "$VERBOSE" = "1" -a -n "$out" ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  194) 		echo "$out"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  195) 	fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  196) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  197) 	return $rc
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  198) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  199) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  200) run_cmd()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  201) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  202) 	do_run_cmd ${NSA_CMD} $*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  203) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  204) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  205) run_cmd_nsb()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  206) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  207) 	do_run_cmd ${NSB_CMD} $*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  208) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  209) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  210) run_cmd_nsc()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  211) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  212) 	do_run_cmd ${NSC_CMD} $*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  213) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  214) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  215) setup_cmd()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  216) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  217) 	local cmd="$*"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  218) 	local rc
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  219) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  220) 	run_cmd ${cmd}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  221) 	rc=$?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  222) 	if [ $rc -ne 0 ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  223) 		# show user the command if not done so already
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  224) 		if [ "$VERBOSE" = "0" ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  225) 			echo "setup command: $cmd"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  226) 		fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  227) 		echo "failed. stopping tests"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  228) 		if [ "${PAUSE_ON_FAIL}" = "yes" ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  229) 			echo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  230) 			echo "hit enter to continue"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  231) 			read a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  232) 		fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  233) 		exit $rc
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  234) 	fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  235) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  236) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  237) setup_cmd_nsb()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  238) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  239) 	local cmd="$*"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  240) 	local rc
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  241) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  242) 	run_cmd_nsb ${cmd}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  243) 	rc=$?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  244) 	if [ $rc -ne 0 ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  245) 		# show user the command if not done so already
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  246) 		if [ "$VERBOSE" = "0" ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  247) 			echo "setup command: $cmd"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  248) 		fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  249) 		echo "failed. stopping tests"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  250) 		if [ "${PAUSE_ON_FAIL}" = "yes" ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  251) 			echo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  252) 			echo "hit enter to continue"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  253) 			read a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  254) 		fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  255) 		exit $rc
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  256) 	fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  257) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  258) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  259) setup_cmd_nsc()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  260) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  261) 	local cmd="$*"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  262) 	local rc
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  263) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  264) 	run_cmd_nsc ${cmd}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  265) 	rc=$?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  266) 	if [ $rc -ne 0 ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  267) 		# show user the command if not done so already
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  268) 		if [ "$VERBOSE" = "0" ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  269) 			echo "setup command: $cmd"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  270) 		fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  271) 		echo "failed. stopping tests"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  272) 		if [ "${PAUSE_ON_FAIL}" = "yes" ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  273) 			echo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  274) 			echo "hit enter to continue"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  275) 			read a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  276) 		fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  277) 		exit $rc
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  278) 	fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  279) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  280) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  281) # set sysctl values in NS-A
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  282) set_sysctl()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  283) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  284) 	echo "SYSCTL: $*"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  285) 	echo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  286) 	run_cmd sysctl -q -w $*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  287) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  288) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  289) ################################################################################
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  290) # Setup for tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  291) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  292) addr2str()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  293) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  294) 	case "$1" in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  295) 	127.0.0.1) echo "loopback";;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  296) 	::1) echo "IPv6 loopback";;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  297) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  298) 	${NSA_IP})	echo "ns-A IP";;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  299) 	${NSA_IP6})	echo "ns-A IPv6";;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  300) 	${NSA_LO_IP})	echo "ns-A loopback IP";;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  301) 	${NSA_LO_IP6})	echo "ns-A loopback IPv6";;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  302) 	${NSA_LINKIP6}|${NSA_LINKIP6}%*) echo "ns-A IPv6 LLA";;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  303) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  304) 	${NSB_IP})	echo "ns-B IP";;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  305) 	${NSB_IP6})	echo "ns-B IPv6";;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  306) 	${NSB_LO_IP})	echo "ns-B loopback IP";;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  307) 	${NSB_LO_IP6})	echo "ns-B loopback IPv6";;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  308) 	${NSB_LINKIP6}|${NSB_LINKIP6}%*) echo "ns-B IPv6 LLA";;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  309) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  310) 	${VRF_IP})	echo "VRF IP";;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  311) 	${VRF_IP6})	echo "VRF IPv6";;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  312) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  313) 	${MCAST}%*)	echo "multicast IP";;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  314) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  315) 	*) echo "unknown";;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  316) 	esac
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  317) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  318) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  319) get_linklocal()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  320) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  321) 	local ns=$1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  322) 	local dev=$2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  323) 	local addr
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  324) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  325) 	addr=$(ip -netns ${ns} -6 -br addr show dev ${dev} | \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  326) 	awk '{
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  327) 		for (i = 3; i <= NF; ++i) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  328) 			if ($i ~ /^fe80/)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  329) 				print $i
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  330) 		}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  331) 	}'
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  332) 	)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  333) 	addr=${addr/\/*}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  334) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  335) 	[ -z "$addr" ] && return 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  336) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  337) 	echo $addr
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  338) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  339) 	return 0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  340) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  341) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  342) ################################################################################
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  343) # create namespaces and vrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  344) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  345) create_vrf()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  346) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  347) 	local ns=$1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  348) 	local vrf=$2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  349) 	local table=$3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  350) 	local addr=$4
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  351) 	local addr6=$5
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  352) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  353) 	ip -netns ${ns} link add ${vrf} type vrf table ${table}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  354) 	ip -netns ${ns} link set ${vrf} up
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  355) 	ip -netns ${ns} route add vrf ${vrf} unreachable default metric 8192
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  356) 	ip -netns ${ns} -6 route add vrf ${vrf} unreachable default metric 8192
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  357) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  358) 	ip -netns ${ns} addr add 127.0.0.1/8 dev ${vrf}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  359) 	ip -netns ${ns} -6 addr add ::1 dev ${vrf} nodad
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  360) 	if [ "${addr}" != "-" ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  361) 		ip -netns ${ns} addr add dev ${vrf} ${addr}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  362) 	fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  363) 	if [ "${addr6}" != "-" ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  364) 		ip -netns ${ns} -6 addr add dev ${vrf} ${addr6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  365) 	fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  366) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  367) 	ip -netns ${ns} ru del pref 0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  368) 	ip -netns ${ns} ru add pref 32765 from all lookup local
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  369) 	ip -netns ${ns} -6 ru del pref 0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  370) 	ip -netns ${ns} -6 ru add pref 32765 from all lookup local
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  371) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  372) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  373) create_ns()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  374) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  375) 	local ns=$1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  376) 	local addr=$2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  377) 	local addr6=$3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  378) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  379) 	ip netns add ${ns}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  380) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  381) 	ip -netns ${ns} link set lo up
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  382) 	if [ "${addr}" != "-" ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  383) 		ip -netns ${ns} addr add dev lo ${addr}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  384) 	fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  385) 	if [ "${addr6}" != "-" ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  386) 		ip -netns ${ns} -6 addr add dev lo ${addr6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  387) 	fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  388) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  389) 	ip -netns ${ns} ro add unreachable default metric 8192
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  390) 	ip -netns ${ns} -6 ro add unreachable default metric 8192
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  391) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  392) 	ip netns exec ${ns} sysctl -qw net.ipv4.ip_forward=1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  393) 	ip netns exec ${ns} sysctl -qw net.ipv6.conf.all.keep_addr_on_down=1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  394) 	ip netns exec ${ns} sysctl -qw net.ipv6.conf.all.forwarding=1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  395) 	ip netns exec ${ns} sysctl -qw net.ipv6.conf.default.forwarding=1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  396) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  397) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  398) # create veth pair to connect namespaces and apply addresses.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  399) connect_ns()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  400) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  401) 	local ns1=$1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  402) 	local ns1_dev=$2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  403) 	local ns1_addr=$3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  404) 	local ns1_addr6=$4
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  405) 	local ns2=$5
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  406) 	local ns2_dev=$6
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  407) 	local ns2_addr=$7
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  408) 	local ns2_addr6=$8
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  409) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  410) 	ip -netns ${ns1} li add ${ns1_dev} type veth peer name tmp
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  411) 	ip -netns ${ns1} li set ${ns1_dev} up
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  412) 	ip -netns ${ns1} li set tmp netns ${ns2} name ${ns2_dev}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  413) 	ip -netns ${ns2} li set ${ns2_dev} up
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  414) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  415) 	if [ "${ns1_addr}" != "-" ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  416) 		ip -netns ${ns1} addr add dev ${ns1_dev} ${ns1_addr}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  417) 		ip -netns ${ns2} addr add dev ${ns2_dev} ${ns2_addr}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  418) 	fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  419) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  420) 	if [ "${ns1_addr6}" != "-" ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  421) 		ip -netns ${ns1} addr add dev ${ns1_dev} ${ns1_addr6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  422) 		ip -netns ${ns2} addr add dev ${ns2_dev} ${ns2_addr6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  423) 	fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  424) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  425) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  426) cleanup()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  427) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  428) 	# explicit cleanups to check those code paths
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  429) 	ip netns | grep -q ${NSA}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  430) 	if [ $? -eq 0 ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  431) 		ip -netns ${NSA} link delete ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  432) 		ip -netns ${NSA} ro flush table ${VRF_TABLE}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  433) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  434) 		ip -netns ${NSA} addr flush dev ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  435) 		ip -netns ${NSA} -6 addr flush dev ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  436) 		ip -netns ${NSA} link set dev ${NSA_DEV} down
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  437) 		ip -netns ${NSA} link del dev ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  438) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  439) 		ip netns pids ${NSA} | xargs kill 2>/dev/null
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  440) 		ip netns del ${NSA}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  441) 	fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  442) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  443) 	ip netns pids ${NSB} | xargs kill 2>/dev/null
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  444) 	ip netns del ${NSB}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  445) 	ip netns pids ${NSC} | xargs kill 2>/dev/null
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  446) 	ip netns del ${NSC} >/dev/null 2>&1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  447) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  448) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  449) cleanup_vrf_dup()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  450) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  451) 	ip link del ${NSA_DEV2} >/dev/null 2>&1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  452) 	ip netns pids ${NSC} | xargs kill 2>/dev/null
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  453) 	ip netns del ${NSC} >/dev/null 2>&1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  454) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  455) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  456) setup_vrf_dup()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  457) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  458) 	# some VRF tests use ns-C which has the same config as
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  459) 	# ns-B but for a device NOT in the VRF
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  460) 	create_ns ${NSC} "-" "-"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  461) 	connect_ns ${NSA} ${NSA_DEV2} ${NSA_IP}/24 ${NSA_IP6}/64 \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  462) 		   ${NSC} ${NSC_DEV} ${NSB_IP}/24 ${NSB_IP6}/64
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  463) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  464) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  465) setup()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  466) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  467) 	local with_vrf=${1}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  468) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  469) 	# make sure we are starting with a clean slate
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  470) 	kill_procs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  471) 	cleanup 2>/dev/null
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  472) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  473) 	log_debug "Configuring network namespaces"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  474) 	set -e
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  475) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  476) 	create_ns ${NSA} ${NSA_LO_IP}/32 ${NSA_LO_IP6}/128
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  477) 	create_ns ${NSB} ${NSB_LO_IP}/32 ${NSB_LO_IP6}/128
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  478) 	connect_ns ${NSA} ${NSA_DEV} ${NSA_IP}/24 ${NSA_IP6}/64 \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  479) 		   ${NSB} ${NSB_DEV} ${NSB_IP}/24 ${NSB_IP6}/64
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  480) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  481) 	NSA_LINKIP6=$(get_linklocal ${NSA} ${NSA_DEV})
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  482) 	NSB_LINKIP6=$(get_linklocal ${NSB} ${NSB_DEV})
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  483) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  484) 	# tell ns-A how to get to remote addresses of ns-B
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  485) 	if [ "${with_vrf}" = "yes" ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  486) 		create_vrf ${NSA} ${VRF} ${VRF_TABLE} ${VRF_IP} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  487) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  488) 		ip -netns ${NSA} link set dev ${NSA_DEV} vrf ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  489) 		ip -netns ${NSA} ro add vrf ${VRF} ${NSB_LO_IP}/32 via ${NSB_IP} dev ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  490) 		ip -netns ${NSA} -6 ro add vrf ${VRF} ${NSB_LO_IP6}/128 via ${NSB_IP6} dev ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  491) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  492) 		ip -netns ${NSB} ro add ${VRF_IP}/32 via ${NSA_IP} dev ${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  493) 		ip -netns ${NSB} -6 ro add ${VRF_IP6}/128 via ${NSA_IP6} dev ${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  494) 	else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  495) 		ip -netns ${NSA} ro add ${NSB_LO_IP}/32 via ${NSB_IP} dev ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  496) 		ip -netns ${NSA} ro add ${NSB_LO_IP6}/128 via ${NSB_IP6} dev ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  497) 	fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  498) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  499) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  500) 	# tell ns-B how to get to remote addresses of ns-A
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  501) 	ip -netns ${NSB} ro add ${NSA_LO_IP}/32 via ${NSA_IP} dev ${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  502) 	ip -netns ${NSB} ro add ${NSA_LO_IP6}/128 via ${NSA_IP6} dev ${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  503) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  504) 	set +e
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  505) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  506) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  507) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  508) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  509) setup_lla_only()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  510) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  511) 	# make sure we are starting with a clean slate
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  512) 	kill_procs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  513) 	cleanup 2>/dev/null
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  514) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  515) 	log_debug "Configuring network namespaces"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  516) 	set -e
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  517) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  518) 	create_ns ${NSA} "-" "-"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  519) 	create_ns ${NSB} "-" "-"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  520) 	create_ns ${NSC} "-" "-"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  521) 	connect_ns ${NSA} ${NSA_DEV} "-" "-" \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  522) 		   ${NSB} ${NSB_DEV} "-" "-"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  523) 	connect_ns ${NSA} ${NSA_DEV2} "-" "-" \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  524) 		   ${NSC} ${NSC_DEV}  "-" "-"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  525) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  526) 	NSA_LINKIP6=$(get_linklocal ${NSA} ${NSA_DEV})
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  527) 	NSB_LINKIP6=$(get_linklocal ${NSB} ${NSB_DEV})
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  528) 	NSC_LINKIP6=$(get_linklocal ${NSC} ${NSC_DEV})
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  529) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  530) 	create_vrf ${NSA} ${VRF} ${VRF_TABLE} "-" "-"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  531) 	ip -netns ${NSA} link set dev ${NSA_DEV} vrf ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  532) 	ip -netns ${NSA} link set dev ${NSA_DEV2} vrf ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  533) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  534) 	set +e
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  535) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  536) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  537) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  538) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  539) ################################################################################
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  540) # IPv4
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  541) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  542) ipv4_ping_novrf()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  543) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  544) 	local a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  545) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  546) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  547) 	# out
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  548) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  549) 	for a in ${NSB_IP} ${NSB_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  550) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  551) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  552) 		run_cmd ping -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  553) 		log_test_addr ${a} $? 0 "ping out"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  554) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  555) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  556) 		run_cmd ping -c1 -w1 -I ${NSA_DEV} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  557) 		log_test_addr ${a} $? 0 "ping out, device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  558) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  559) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  560) 		run_cmd ping -c1 -w1 -I ${NSA_LO_IP} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  561) 		log_test_addr ${a} $? 0 "ping out, address bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  562) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  563) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  564) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  565) 	# in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  566) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  567) 	for a in ${NSA_IP} ${NSA_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  568) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  569) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  570) 		run_cmd_nsb ping -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  571) 		log_test_addr ${a} $? 0 "ping in"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  572) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  573) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  574) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  575) 	# local traffic
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  576) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  577) 	for a in ${NSA_IP} ${NSA_LO_IP} 127.0.0.1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  578) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  579) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  580) 		run_cmd ping -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  581) 		log_test_addr ${a} $? 0 "ping local"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  582) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  583) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  584) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  585) 	# local traffic, socket bound to device
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  586) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  587) 	# address on device
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  588) 	a=${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  589) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  590) 	run_cmd ping -c1 -w1 -I ${NSA_DEV} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  591) 	log_test_addr ${a} $? 0 "ping local, device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  592) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  593) 	# loopback addresses not reachable from device bind
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  594) 	# fails in a really weird way though because ipv4 special cases
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  595) 	# route lookups with oif set.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  596) 	for a in ${NSA_LO_IP} 127.0.0.1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  597) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  598) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  599) 		show_hint "Fails since address on loopback device is out of device scope"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  600) 		run_cmd ping -c1 -w1 -I ${NSA_DEV} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  601) 		log_test_addr ${a} $? 1 "ping local, device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  602) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  603) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  604) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  605) 	# ip rule blocks reachability to remote address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  606) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  607) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  608) 	setup_cmd ip rule add pref 32765 from all lookup local
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  609) 	setup_cmd ip rule del pref 0 from all lookup local
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  610) 	setup_cmd ip rule add pref 50 to ${NSB_LO_IP} prohibit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  611) 	setup_cmd ip rule add pref 51 from ${NSB_IP} prohibit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  612) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  613) 	a=${NSB_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  614) 	run_cmd ping -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  615) 	log_test_addr ${a} $? 2 "ping out, blocked by rule"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  616) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  617) 	# NOTE: ipv4 actually allows the lookup to fail and yet still create
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  618) 	# a viable rtable if the oif (e.g., bind to device) is set, so this
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  619) 	# case succeeds despite the rule
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  620) 	# run_cmd ping -c1 -w1 -I ${NSA_DEV} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  621) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  622) 	a=${NSA_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  623) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  624) 	show_hint "Response generates ICMP (or arp request is ignored) due to ip rule"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  625) 	run_cmd_nsb ping -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  626) 	log_test_addr ${a} $? 1 "ping in, blocked by rule"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  627) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  628) 	[ "$VERBOSE" = "1" ] && echo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  629) 	setup_cmd ip rule del pref 32765 from all lookup local
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  630) 	setup_cmd ip rule add pref 0 from all lookup local
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  631) 	setup_cmd ip rule del pref 50 to ${NSB_LO_IP} prohibit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  632) 	setup_cmd ip rule del pref 51 from ${NSB_IP} prohibit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  633) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  634) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  635) 	# route blocks reachability to remote address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  636) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  637) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  638) 	setup_cmd ip route replace unreachable ${NSB_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  639) 	setup_cmd ip route replace unreachable ${NSB_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  640) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  641) 	a=${NSB_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  642) 	run_cmd ping -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  643) 	log_test_addr ${a} $? 2 "ping out, blocked by route"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  644) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  645) 	# NOTE: ipv4 actually allows the lookup to fail and yet still create
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  646) 	# a viable rtable if the oif (e.g., bind to device) is set, so this
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  647) 	# case succeeds despite not having a route for the address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  648) 	# run_cmd ping -c1 -w1 -I ${NSA_DEV} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  649) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  650) 	a=${NSA_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  651) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  652) 	show_hint "Response is dropped (or arp request is ignored) due to ip route"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  653) 	run_cmd_nsb ping -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  654) 	log_test_addr ${a} $? 1 "ping in, blocked by route"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  655) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  656) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  657) 	# remove 'remote' routes; fallback to default
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  658) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  659) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  660) 	setup_cmd ip ro del ${NSB_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  661) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  662) 	a=${NSB_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  663) 	run_cmd ping -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  664) 	log_test_addr ${a} $? 2 "ping out, unreachable default route"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  665) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  666) 	# NOTE: ipv4 actually allows the lookup to fail and yet still create
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  667) 	# a viable rtable if the oif (e.g., bind to device) is set, so this
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  668) 	# case succeeds despite not having a route for the address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  669) 	# run_cmd ping -c1 -w1 -I ${NSA_DEV} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  670) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  671) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  672) ipv4_ping_vrf()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  673) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  674) 	local a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  675) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  676) 	# should default on; does not exist on older kernels
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  677) 	set_sysctl net.ipv4.raw_l3mdev_accept=1 2>/dev/null
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  678) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  679) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  680) 	# out
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  681) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  682) 	for a in ${NSB_IP} ${NSB_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  683) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  684) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  685) 		run_cmd ping -c1 -w1 -I ${VRF} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  686) 		log_test_addr ${a} $? 0 "ping out, VRF bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  687) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  688) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  689) 		run_cmd ping -c1 -w1 -I ${NSA_DEV} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  690) 		log_test_addr ${a} $? 0 "ping out, device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  691) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  692) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  693) 		run_cmd ip vrf exec ${VRF} ping -c1 -w1 -I ${NSA_IP} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  694) 		log_test_addr ${a} $? 0 "ping out, vrf device + dev address bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  695) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  696) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  697) 		run_cmd ip vrf exec ${VRF} ping -c1 -w1 -I ${VRF_IP} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  698) 		log_test_addr ${a} $? 0 "ping out, vrf device + vrf address bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  699) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  700) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  701) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  702) 	# in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  703) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  704) 	for a in ${NSA_IP} ${VRF_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  705) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  706) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  707) 		run_cmd_nsb ping -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  708) 		log_test_addr ${a} $? 0 "ping in"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  709) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  710) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  711) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  712) 	# local traffic, local address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  713) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  714) 	for a in ${NSA_IP} ${VRF_IP} 127.0.0.1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  715) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  716) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  717) 		show_hint "Source address should be ${a}"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  718) 		run_cmd ping -c1 -w1 -I ${VRF} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  719) 		log_test_addr ${a} $? 0 "ping local, VRF bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  720) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  721) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  722) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  723) 	# local traffic, socket bound to device
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  724) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  725) 	# address on device
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  726) 	a=${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  727) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  728) 	run_cmd ping -c1 -w1 -I ${NSA_DEV} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  729) 	log_test_addr ${a} $? 0 "ping local, device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  730) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  731) 	# vrf device is out of scope
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  732) 	for a in ${VRF_IP} 127.0.0.1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  733) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  734) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  735) 		show_hint "Fails since address on vrf device is out of device scope"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  736) 		run_cmd ping -c1 -w1 -I ${NSA_DEV} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  737) 		log_test_addr ${a} $? 1 "ping local, device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  738) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  739) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  740) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  741) 	# ip rule blocks address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  742) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  743) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  744) 	setup_cmd ip rule add pref 50 to ${NSB_LO_IP} prohibit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  745) 	setup_cmd ip rule add pref 51 from ${NSB_IP} prohibit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  746) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  747) 	a=${NSB_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  748) 	run_cmd ping -c1 -w1 -I ${VRF} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  749) 	log_test_addr ${a} $? 2 "ping out, vrf bind, blocked by rule"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  750) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  751) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  752) 	run_cmd ping -c1 -w1 -I ${NSA_DEV} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  753) 	log_test_addr ${a} $? 2 "ping out, device bind, blocked by rule"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  754) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  755) 	a=${NSA_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  756) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  757) 	show_hint "Response lost due to ip rule"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  758) 	run_cmd_nsb ping -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  759) 	log_test_addr ${a} $? 1 "ping in, blocked by rule"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  760) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  761) 	[ "$VERBOSE" = "1" ] && echo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  762) 	setup_cmd ip rule del pref 50 to ${NSB_LO_IP} prohibit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  763) 	setup_cmd ip rule del pref 51 from ${NSB_IP} prohibit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  764) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  765) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  766) 	# remove 'remote' routes; fallback to default
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  767) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  768) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  769) 	setup_cmd ip ro del vrf ${VRF} ${NSB_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  770) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  771) 	a=${NSB_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  772) 	run_cmd ping -c1 -w1 -I ${VRF} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  773) 	log_test_addr ${a} $? 2 "ping out, vrf bind, unreachable route"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  774) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  775) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  776) 	run_cmd ping -c1 -w1 -I ${NSA_DEV} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  777) 	log_test_addr ${a} $? 2 "ping out, device bind, unreachable route"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  778) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  779) 	a=${NSA_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  780) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  781) 	show_hint "Response lost by unreachable route"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  782) 	run_cmd_nsb ping -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  783) 	log_test_addr ${a} $? 1 "ping in, unreachable route"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  784) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  785) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  786) ipv4_ping()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  787) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  788) 	log_section "IPv4 ping"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  789) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  790) 	log_subsection "No VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  791) 	setup
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  792) 	set_sysctl net.ipv4.raw_l3mdev_accept=0 2>/dev/null
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  793) 	ipv4_ping_novrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  794) 	setup
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  795) 	set_sysctl net.ipv4.raw_l3mdev_accept=1 2>/dev/null
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  796) 	ipv4_ping_novrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  797) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  798) 	log_subsection "With VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  799) 	setup "yes"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  800) 	ipv4_ping_vrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  801) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  802) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  803) ################################################################################
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  804) # IPv4 TCP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  805) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  806) #
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  807) # MD5 tests without VRF
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  808) #
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  809) ipv4_tcp_md5_novrf()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  810) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  811) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  812) 	# single address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  813) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  814) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  815) 	# basic use case
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  816) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  817) 	run_cmd nettest -s -M ${MD5_PW} -r ${NSB_IP} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  818) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  819) 	run_cmd_nsb nettest -r ${NSA_IP} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  820) 	log_test $? 0 "MD5: Single address config"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  821) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  822) 	# client sends MD5, server not configured
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  823) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  824) 	show_hint "Should timeout due to MD5 mismatch"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  825) 	run_cmd nettest -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  826) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  827) 	run_cmd_nsb nettest -r ${NSA_IP} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  828) 	log_test $? 2 "MD5: Server no config, client uses password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  829) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  830) 	# wrong password
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  831) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  832) 	show_hint "Should timeout since client uses wrong password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  833) 	run_cmd nettest -s -M ${MD5_PW} -r ${NSB_IP} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  834) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  835) 	run_cmd_nsb nettest -r ${NSA_IP} -M ${MD5_WRONG_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  836) 	log_test $? 2 "MD5: Client uses wrong password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  837) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  838) 	# client from different address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  839) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  840) 	show_hint "Should timeout due to MD5 mismatch"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  841) 	run_cmd nettest -s -M ${MD5_PW} -r ${NSB_LO_IP} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  842) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  843) 	run_cmd_nsb nettest -r ${NSA_IP} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  844) 	log_test $? 2 "MD5: Client address does not match address configured with password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  845) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  846) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  847) 	# MD5 extension - prefix length
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  848) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  849) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  850) 	# client in prefix
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  851) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  852) 	run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  853) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  854) 	run_cmd_nsb nettest  -r ${NSA_IP} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  855) 	log_test $? 0 "MD5: Prefix config"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  856) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  857) 	# client in prefix, wrong password
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  858) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  859) 	show_hint "Should timeout since client uses wrong password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  860) 	run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  861) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  862) 	run_cmd_nsb nettest -r ${NSA_IP} -M ${MD5_WRONG_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  863) 	log_test $? 2 "MD5: Prefix config, client uses wrong password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  864) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  865) 	# client outside of prefix
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  866) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  867) 	show_hint "Should timeout due to MD5 mismatch"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  868) 	run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  869) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  870) 	run_cmd_nsb nettest -l ${NSB_LO_IP} -r ${NSA_IP} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  871) 	log_test $? 2 "MD5: Prefix config, client address not in configured prefix"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  872) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  873) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  874) #
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  875) # MD5 tests with VRF
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  876) #
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  877) ipv4_tcp_md5()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  878) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  879) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  880) 	# single address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  881) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  882) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  883) 	# basic use case
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  884) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  885) 	run_cmd nettest -s -d ${VRF} -M ${MD5_PW} -r ${NSB_IP} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  886) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  887) 	run_cmd_nsb nettest -r ${NSA_IP} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  888) 	log_test $? 0 "MD5: VRF: Single address config"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  889) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  890) 	# client sends MD5, server not configured
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  891) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  892) 	show_hint "Should timeout since server does not have MD5 auth"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  893) 	run_cmd nettest -s -d ${VRF} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  894) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  895) 	run_cmd_nsb nettest -r ${NSA_IP} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  896) 	log_test $? 2 "MD5: VRF: Server no config, client uses password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  897) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  898) 	# wrong password
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  899) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  900) 	show_hint "Should timeout since client uses wrong password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  901) 	run_cmd nettest -s -d ${VRF} -M ${MD5_PW} -r ${NSB_IP} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  902) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  903) 	run_cmd_nsb nettest -r ${NSA_IP} -M ${MD5_WRONG_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  904) 	log_test $? 2 "MD5: VRF: Client uses wrong password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  905) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  906) 	# client from different address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  907) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  908) 	show_hint "Should timeout since server config differs from client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  909) 	run_cmd nettest -s -d ${VRF} -M ${MD5_PW} -r ${NSB_LO_IP} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  910) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  911) 	run_cmd_nsb nettest -r ${NSA_IP} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  912) 	log_test $? 2 "MD5: VRF: Client address does not match address configured with password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  913) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  914) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  915) 	# MD5 extension - prefix length
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  916) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  917) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  918) 	# client in prefix
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  919) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  920) 	run_cmd nettest -s -d ${VRF} -M ${MD5_PW} -m ${NS_NET} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  921) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  922) 	run_cmd_nsb nettest  -r ${NSA_IP} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  923) 	log_test $? 0 "MD5: VRF: Prefix config"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  924) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  925) 	# client in prefix, wrong password
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  926) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  927) 	show_hint "Should timeout since client uses wrong password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  928) 	run_cmd nettest -s -d ${VRF} -M ${MD5_PW} -m ${NS_NET} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  929) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  930) 	run_cmd_nsb nettest -r ${NSA_IP} -M ${MD5_WRONG_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  931) 	log_test $? 2 "MD5: VRF: Prefix config, client uses wrong password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  932) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  933) 	# client outside of prefix
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  934) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  935) 	show_hint "Should timeout since client address is outside of prefix"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  936) 	run_cmd nettest -s -d ${VRF} -M ${MD5_PW} -m ${NS_NET} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  937) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  938) 	run_cmd_nsb nettest -l ${NSB_LO_IP} -r ${NSA_IP} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  939) 	log_test $? 2 "MD5: VRF: Prefix config, client address not in configured prefix"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  940) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  941) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  942) 	# duplicate config between default VRF and a VRF
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  943) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  944) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  945) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  946) 	run_cmd nettest -s -d ${VRF} -M ${MD5_PW} -r ${NSB_IP} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  947) 	run_cmd nettest -s -M ${MD5_WRONG_PW} -r ${NSB_IP} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  948) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  949) 	run_cmd_nsb nettest  -r ${NSA_IP} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  950) 	log_test $? 0 "MD5: VRF: Single address config in default VRF and VRF, conn in VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  951) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  952) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  953) 	run_cmd nettest -s -d ${VRF} -M ${MD5_PW} -r ${NSB_IP} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  954) 	run_cmd nettest -s -M ${MD5_WRONG_PW} -r ${NSB_IP} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  955) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  956) 	run_cmd_nsc nettest  -r ${NSA_IP} -M ${MD5_WRONG_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  957) 	log_test $? 0 "MD5: VRF: Single address config in default VRF and VRF, conn in default VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  958) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  959) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  960) 	show_hint "Should timeout since client in default VRF uses VRF password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  961) 	run_cmd nettest -s -d ${VRF} -M ${MD5_PW} -r ${NSB_IP} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  962) 	run_cmd nettest -s -M ${MD5_WRONG_PW} -r ${NSB_IP} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  963) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  964) 	run_cmd_nsc nettest -r ${NSA_IP} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  965) 	log_test $? 2 "MD5: VRF: Single address config in default VRF and VRF, conn in default VRF with VRF pw"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  966) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  967) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  968) 	show_hint "Should timeout since client in VRF uses default VRF password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  969) 	run_cmd nettest -s -d ${VRF} -M ${MD5_PW} -r ${NSB_IP} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  970) 	run_cmd nettest -s -M ${MD5_WRONG_PW} -r ${NSB_IP} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  971) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  972) 	run_cmd_nsb nettest -r ${NSA_IP} -M ${MD5_WRONG_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  973) 	log_test $? 2 "MD5: VRF: Single address config in default VRF and VRF, conn in VRF with default VRF pw"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  974) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  975) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  976) 	run_cmd nettest -s -d ${VRF} -M ${MD5_PW} -m ${NS_NET} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  977) 	run_cmd nettest -s -M ${MD5_WRONG_PW} -m ${NS_NET} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  978) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  979) 	run_cmd_nsb nettest  -r ${NSA_IP} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  980) 	log_test $? 0 "MD5: VRF: Prefix config in default VRF and VRF, conn in VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  981) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  982) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  983) 	run_cmd nettest -s -d ${VRF} -M ${MD5_PW} -m ${NS_NET} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  984) 	run_cmd nettest -s -M ${MD5_WRONG_PW} -m ${NS_NET} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  985) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  986) 	run_cmd_nsc nettest  -r ${NSA_IP} -M ${MD5_WRONG_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  987) 	log_test $? 0 "MD5: VRF: Prefix config in default VRF and VRF, conn in default VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  988) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  989) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  990) 	show_hint "Should timeout since client in default VRF uses VRF password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  991) 	run_cmd nettest -s -d ${VRF} -M ${MD5_PW} -m ${NS_NET} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  992) 	run_cmd nettest -s -M ${MD5_WRONG_PW} -m ${NS_NET} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  993) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  994) 	run_cmd_nsc nettest -r ${NSA_IP} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  995) 	log_test $? 2 "MD5: VRF: Prefix config in default VRF and VRF, conn in default VRF with VRF pw"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  996) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  997) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  998) 	show_hint "Should timeout since client in VRF uses default VRF password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  999) 	run_cmd nettest -s -d ${VRF} -M ${MD5_PW} -m ${NS_NET} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1000) 	run_cmd nettest -s -M ${MD5_WRONG_PW} -m ${NS_NET} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1001) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1002) 	run_cmd_nsb nettest -r ${NSA_IP} -M ${MD5_WRONG_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1003) 	log_test $? 2 "MD5: VRF: Prefix config in default VRF and VRF, conn in VRF with default VRF pw"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1004) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1005) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1006) 	# negative tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1007) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1008) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1009) 	run_cmd nettest -s -d ${NSA_DEV} -M ${MD5_PW} -r ${NSB_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1010) 	log_test $? 1 "MD5: VRF: Device must be a VRF - single address"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1011) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1012) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1013) 	run_cmd nettest -s -d ${NSA_DEV} -M ${MD5_PW} -m ${NS_NET}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1014) 	log_test $? 1 "MD5: VRF: Device must be a VRF - prefix"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1015) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1016) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1017) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1018) ipv4_tcp_novrf()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1019) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1020) 	local a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1021) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1022) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1023) 	# server tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1024) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1025) 	for a in ${NSA_IP} ${NSA_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1026) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1027) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1028) 		run_cmd nettest -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1029) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1030) 		run_cmd_nsb nettest -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1031) 		log_test_addr ${a} $? 0 "Global server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1032) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1033) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1034) 	a=${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1035) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1036) 	run_cmd nettest -s -d ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1037) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1038) 	run_cmd_nsb nettest -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1039) 	log_test_addr ${a} $? 0 "Device server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1040) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1041) 	# verify TCP reset sent and received
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1042) 	for a in ${NSA_IP} ${NSA_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1043) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1044) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1045) 		show_hint "Should fail 'Connection refused' since there is no server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1046) 		run_cmd_nsb nettest -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1047) 		log_test_addr ${a} $? 1 "No server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1048) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1049) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1050) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1051) 	# client
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1052) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1053) 	for a in ${NSB_IP} ${NSB_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1054) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1055) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1056) 		run_cmd_nsb nettest -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1057) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1058) 		run_cmd nettest -r ${a} -0 ${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1059) 		log_test_addr ${a} $? 0 "Client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1060) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1061) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1062) 		run_cmd_nsb nettest -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1063) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1064) 		run_cmd nettest -r ${a} -d ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1065) 		log_test_addr ${a} $? 0 "Client, device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1066) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1067) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1068) 		show_hint "Should fail 'Connection refused'"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1069) 		run_cmd nettest -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1070) 		log_test_addr ${a} $? 1 "No server, unbound client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1071) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1072) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1073) 		show_hint "Should fail 'Connection refused'"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1074) 		run_cmd nettest -r ${a} -d ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1075) 		log_test_addr ${a} $? 1 "No server, device client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1076) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1077) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1078) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1079) 	# local address tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1080) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1081) 	for a in ${NSA_IP} ${NSA_LO_IP} 127.0.0.1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1082) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1083) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1084) 		run_cmd nettest -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1085) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1086) 		run_cmd nettest -r ${a} -0 ${a} -1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1087) 		log_test_addr ${a} $? 0 "Global server, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1088) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1089) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1090) 	a=${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1091) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1092) 	run_cmd nettest -s -d ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1093) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1094) 	run_cmd nettest -r ${a} -0 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1095) 	log_test_addr ${a} $? 0 "Device server, unbound client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1096) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1097) 	for a in ${NSA_LO_IP} 127.0.0.1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1098) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1099) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1100) 		show_hint "Should fail 'Connection refused' since addresses on loopback are out of device scope"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1101) 		run_cmd nettest -s -d ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1102) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1103) 		run_cmd nettest -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1104) 		log_test_addr ${a} $? 1 "Device server, unbound client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1105) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1106) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1107) 	a=${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1108) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1109) 	run_cmd nettest -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1110) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1111) 	run_cmd nettest -r ${a} -0 ${a} -d ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1112) 	log_test_addr ${a} $? 0 "Global server, device client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1113) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1114) 	for a in ${NSA_LO_IP} 127.0.0.1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1115) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1116) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1117) 		show_hint "Should fail 'No route to host' since addresses on loopback are out of device scope"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1118) 		run_cmd nettest -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1119) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1120) 		run_cmd nettest -r ${a} -d ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1121) 		log_test_addr ${a} $? 1 "Global server, device client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1122) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1123) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1124) 	a=${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1125) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1126) 	run_cmd nettest -s -d ${NSA_DEV} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1127) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1128) 	run_cmd nettest  -d ${NSA_DEV} -r ${a} -0 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1129) 	log_test_addr ${a} $? 0 "Device server, device client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1130) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1131) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1132) 	show_hint "Should fail 'Connection refused'"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1133) 	run_cmd nettest -d ${NSA_DEV} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1134) 	log_test_addr ${a} $? 1 "No server, device client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1135) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1136) 	ipv4_tcp_md5_novrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1137) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1138) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1139) ipv4_tcp_vrf()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1140) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1141) 	local a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1142) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1143) 	# disable global server
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1144) 	log_subsection "Global server disabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1145) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1146) 	set_sysctl net.ipv4.tcp_l3mdev_accept=0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1147) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1148) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1149) 	# server tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1150) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1151) 	for a in ${NSA_IP} ${VRF_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1152) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1153) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1154) 		show_hint "Should fail 'Connection refused' since global server with VRF is disabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1155) 		run_cmd nettest -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1156) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1157) 		run_cmd_nsb nettest -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1158) 		log_test_addr ${a} $? 1 "Global server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1159) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1160) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1161) 		run_cmd nettest -s -d ${VRF} -2 ${VRF} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1162) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1163) 		run_cmd_nsb nettest -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1164) 		log_test_addr ${a} $? 0 "VRF server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1165) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1166) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1167) 		run_cmd nettest -s -d ${NSA_DEV} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1168) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1169) 		run_cmd_nsb nettest -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1170) 		log_test_addr ${a} $? 0 "Device server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1171) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1172) 		# verify TCP reset received
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1173) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1174) 		show_hint "Should fail 'Connection refused' since there is no server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1175) 		run_cmd_nsb nettest -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1176) 		log_test_addr ${a} $? 1 "No server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1177) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1178) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1179) 	# local address tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1180) 	# (${VRF_IP} and 127.0.0.1 both timeout)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1181) 	a=${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1182) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1183) 	show_hint "Should fail 'Connection refused' since global server with VRF is disabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1184) 	run_cmd nettest -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1185) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1186) 	run_cmd nettest -r ${a} -d ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1187) 	log_test_addr ${a} $? 1 "Global server, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1188) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1189) 	# run MD5 tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1190) 	setup_vrf_dup
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1191) 	ipv4_tcp_md5
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1192) 	cleanup_vrf_dup
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1193) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1194) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1195) 	# enable VRF global server
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1196) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1197) 	log_subsection "VRF Global server enabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1198) 	set_sysctl net.ipv4.tcp_l3mdev_accept=1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1199) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1200) 	for a in ${NSA_IP} ${VRF_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1201) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1202) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1203) 		show_hint "client socket should be bound to VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1204) 		run_cmd nettest -s -2 ${VRF} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1205) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1206) 		run_cmd_nsb nettest -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1207) 		log_test_addr ${a} $? 0 "Global server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1208) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1209) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1210) 		show_hint "client socket should be bound to VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1211) 		run_cmd nettest -s -d ${VRF} -2 ${VRF} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1212) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1213) 		run_cmd_nsb nettest -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1214) 		log_test_addr ${a} $? 0 "VRF server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1215) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1216) 		# verify TCP reset received
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1217) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1218) 		show_hint "Should fail 'Connection refused'"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1219) 		run_cmd_nsb nettest -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1220) 		log_test_addr ${a} $? 1 "No server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1221) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1222) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1223) 	a=${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1224) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1225) 	show_hint "client socket should be bound to device"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1226) 	run_cmd nettest -s -d ${NSA_DEV} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1227) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1228) 	run_cmd_nsb nettest -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1229) 	log_test_addr ${a} $? 0 "Device server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1230) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1231) 	# local address tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1232) 	for a in ${NSA_IP} ${VRF_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1233) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1234) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1235) 		show_hint "Should fail 'Connection refused' since client is not bound to VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1236) 		run_cmd nettest -s -d ${VRF} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1237) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1238) 		run_cmd nettest -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1239) 		log_test_addr ${a} $? 1 "Global server, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1240) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1241) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1242) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1243) 	# client
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1244) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1245) 	for a in ${NSB_IP} ${NSB_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1246) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1247) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1248) 		run_cmd_nsb nettest -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1249) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1250) 		run_cmd nettest -r ${a} -d ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1251) 		log_test_addr ${a} $? 0 "Client, VRF bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1252) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1253) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1254) 		run_cmd_nsb nettest -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1255) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1256) 		run_cmd nettest -r ${a} -d ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1257) 		log_test_addr ${a} $? 0 "Client, device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1258) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1259) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1260) 		show_hint "Should fail 'Connection refused'"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1261) 		run_cmd nettest -r ${a} -d ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1262) 		log_test_addr ${a} $? 1 "No server, VRF client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1263) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1264) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1265) 		show_hint "Should fail 'Connection refused'"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1266) 		run_cmd nettest -r ${a} -d ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1267) 		log_test_addr ${a} $? 1 "No server, device client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1268) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1269) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1270) 	for a in ${NSA_IP} ${VRF_IP} 127.0.0.1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1271) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1272) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1273) 		run_cmd nettest -s -d ${VRF} -2 ${VRF} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1274) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1275) 		run_cmd nettest -r ${a} -d ${VRF} -0 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1276) 		log_test_addr ${a} $? 0 "VRF server, VRF client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1277) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1278) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1279) 	a=${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1280) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1281) 	run_cmd nettest -s -d ${VRF} -2 ${VRF} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1282) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1283) 	run_cmd nettest -r ${a} -d ${NSA_DEV} -0 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1284) 	log_test_addr ${a} $? 0 "VRF server, device client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1285) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1286) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1287) 	show_hint "Should fail 'No route to host' since client is out of VRF scope"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1288) 	run_cmd nettest -s -d ${VRF} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1289) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1290) 	run_cmd nettest -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1291) 	log_test_addr ${a} $? 1 "VRF server, unbound client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1292) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1293) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1294) 	run_cmd nettest -s -d ${NSA_DEV} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1295) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1296) 	run_cmd nettest -r ${a} -d ${VRF} -0 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1297) 	log_test_addr ${a} $? 0 "Device server, VRF client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1298) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1299) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1300) 	run_cmd nettest -s -d ${NSA_DEV} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1301) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1302) 	run_cmd nettest -r ${a} -d ${NSA_DEV} -0 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1303) 	log_test_addr ${a} $? 0 "Device server, device client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1304) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1305) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1306) ipv4_tcp()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1307) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1308) 	log_section "IPv4/TCP"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1309) 	log_subsection "No VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1310) 	setup
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1311) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1312) 	# tcp_l3mdev_accept should have no affect without VRF;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1313) 	# run tests with it enabled and disabled to verify
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1314) 	log_subsection "tcp_l3mdev_accept disabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1315) 	set_sysctl net.ipv4.tcp_l3mdev_accept=0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1316) 	ipv4_tcp_novrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1317) 	log_subsection "tcp_l3mdev_accept enabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1318) 	set_sysctl net.ipv4.tcp_l3mdev_accept=1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1319) 	ipv4_tcp_novrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1320) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1321) 	log_subsection "With VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1322) 	setup "yes"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1323) 	ipv4_tcp_vrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1324) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1325) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1326) ################################################################################
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1327) # IPv4 UDP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1328) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1329) ipv4_udp_novrf()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1330) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1331) 	local a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1332) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1333) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1334) 	# server tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1335) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1336) 	for a in ${NSA_IP} ${NSA_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1337) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1338) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1339) 		run_cmd nettest -D -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1340) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1341) 		run_cmd_nsb nettest -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1342) 		log_test_addr ${a} $? 0 "Global server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1343) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1344) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1345) 		show_hint "Should fail 'Connection refused' since there is no server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1346) 		run_cmd_nsb nettest -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1347) 		log_test_addr ${a} $? 1 "No server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1348) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1349) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1350) 	a=${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1351) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1352) 	run_cmd nettest -D -d ${NSA_DEV} -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1353) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1354) 	run_cmd_nsb nettest -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1355) 	log_test_addr ${a} $? 0 "Device server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1356) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1357) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1358) 	# client
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1359) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1360) 	for a in ${NSB_IP} ${NSB_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1361) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1362) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1363) 		run_cmd_nsb nettest -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1364) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1365) 		run_cmd nettest -D -r ${a} -0 ${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1366) 		log_test_addr ${a} $? 0 "Client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1367) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1368) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1369) 		run_cmd_nsb nettest -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1370) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1371) 		run_cmd nettest -D -r ${a} -d ${NSA_DEV} -0 ${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1372) 		log_test_addr ${a} $? 0 "Client, device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1373) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1374) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1375) 		run_cmd_nsb nettest -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1376) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1377) 		run_cmd nettest -D -r ${a} -d ${NSA_DEV} -C -0 ${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1378) 		log_test_addr ${a} $? 0 "Client, device send via cmsg"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1379) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1380) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1381) 		run_cmd_nsb nettest -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1382) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1383) 		run_cmd nettest -D -r ${a} -d ${NSA_DEV} -S -0 ${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1384) 		log_test_addr ${a} $? 0 "Client, device bind via IP_UNICAST_IF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1385) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1386) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1387) 		show_hint "Should fail 'Connection refused'"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1388) 		run_cmd nettest -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1389) 		log_test_addr ${a} $? 1 "No server, unbound client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1390) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1391) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1392) 		show_hint "Should fail 'Connection refused'"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1393) 		run_cmd nettest -D -r ${a} -d ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1394) 		log_test_addr ${a} $? 1 "No server, device client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1395) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1396) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1397) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1398) 	# local address tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1399) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1400) 	for a in ${NSA_IP} ${NSA_LO_IP} 127.0.0.1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1401) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1402) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1403) 		run_cmd nettest -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1404) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1405) 		run_cmd nettest -D -r ${a} -0 ${a} -1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1406) 		log_test_addr ${a} $? 0 "Global server, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1407) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1408) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1409) 	a=${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1410) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1411) 	run_cmd nettest -s -D -d ${NSA_DEV} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1412) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1413) 	run_cmd nettest -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1414) 	log_test_addr ${a} $? 0 "Device server, unbound client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1415) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1416) 	for a in ${NSA_LO_IP} 127.0.0.1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1417) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1418) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1419) 		show_hint "Should fail 'Connection refused' since address is out of device scope"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1420) 		run_cmd nettest -s -D -d ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1421) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1422) 		run_cmd nettest -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1423) 		log_test_addr ${a} $? 1 "Device server, unbound client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1424) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1425) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1426) 	a=${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1427) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1428) 	run_cmd nettest -s -D &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1429) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1430) 	run_cmd nettest -D -d ${NSA_DEV} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1431) 	log_test_addr ${a} $? 0 "Global server, device client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1432) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1433) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1434) 	run_cmd nettest -s -D &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1435) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1436) 	run_cmd nettest -D -d ${NSA_DEV} -C -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1437) 	log_test_addr ${a} $? 0 "Global server, device send via cmsg, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1438) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1439) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1440) 	run_cmd nettest -s -D &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1441) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1442) 	run_cmd nettest -D -d ${NSA_DEV} -S -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1443) 	log_test_addr ${a} $? 0 "Global server, device client via IP_UNICAST_IF, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1444) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1445) 	# IPv4 with device bind has really weird behavior - it overrides the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1446) 	# fib lookup, generates an rtable and tries to send the packet. This
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1447) 	# causes failures for local traffic at different places
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1448) 	for a in ${NSA_LO_IP} 127.0.0.1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1449) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1450) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1451) 		show_hint "Should fail since addresses on loopback are out of device scope"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1452) 		run_cmd nettest -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1453) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1454) 		run_cmd nettest -D -r ${a} -d ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1455) 		log_test_addr ${a} $? 2 "Global server, device client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1456) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1457) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1458) 		show_hint "Should fail since addresses on loopback are out of device scope"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1459) 		run_cmd nettest -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1460) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1461) 		run_cmd nettest -D -r ${a} -d ${NSA_DEV} -C
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1462) 		log_test_addr ${a} $? 1 "Global server, device send via cmsg, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1463) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1464) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1465) 		show_hint "Should fail since addresses on loopback are out of device scope"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1466) 		run_cmd nettest -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1467) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1468) 		run_cmd nettest -D -r ${a} -d ${NSA_DEV} -S
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1469) 		log_test_addr ${a} $? 1 "Global server, device client via IP_UNICAST_IF, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1470) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1471) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1472) 	a=${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1473) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1474) 	run_cmd nettest -D -s -d ${NSA_DEV} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1475) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1476) 	run_cmd nettest -D -d ${NSA_DEV} -r ${a} -0 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1477) 	log_test_addr ${a} $? 0 "Device server, device client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1478) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1479) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1480) 	run_cmd nettest -D -d ${NSA_DEV} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1481) 	log_test_addr ${a} $? 2 "No server, device client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1482) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1483) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1484) ipv4_udp_vrf()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1485) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1486) 	local a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1487) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1488) 	# disable global server
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1489) 	log_subsection "Global server disabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1490) 	set_sysctl net.ipv4.udp_l3mdev_accept=0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1491) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1492) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1493) 	# server tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1494) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1495) 	for a in ${NSA_IP} ${VRF_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1496) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1497) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1498) 		show_hint "Fails because ingress is in a VRF and global server is disabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1499) 		run_cmd nettest -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1500) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1501) 		run_cmd_nsb nettest -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1502) 		log_test_addr ${a} $? 1 "Global server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1503) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1504) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1505) 		run_cmd nettest -D -d ${VRF} -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1506) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1507) 		run_cmd_nsb nettest -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1508) 		log_test_addr ${a} $? 0 "VRF server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1509) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1510) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1511) 		run_cmd nettest -D -d ${NSA_DEV} -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1512) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1513) 		run_cmd_nsb nettest -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1514) 		log_test_addr ${a} $? 0 "Enslaved device server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1515) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1516) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1517) 		show_hint "Should fail 'Connection refused' since there is no server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1518) 		run_cmd_nsb nettest -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1519) 		log_test_addr ${a} $? 1 "No server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1520) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1521) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1522) 		show_hint "Should fail 'Connection refused' since global server is out of scope"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1523) 		run_cmd nettest -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1524) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1525) 		run_cmd nettest -D -d ${VRF} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1526) 		log_test_addr ${a} $? 1 "Global server, VRF client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1527) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1528) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1529) 	a=${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1530) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1531) 	run_cmd nettest -s -D -d ${VRF} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1532) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1533) 	run_cmd nettest -D -d ${VRF} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1534) 	log_test_addr ${a} $? 0 "VRF server, VRF client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1535) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1536) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1537) 	run_cmd nettest -s -D -d ${VRF} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1538) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1539) 	run_cmd nettest -D -d ${NSA_DEV} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1540) 	log_test_addr ${a} $? 0 "VRF server, enslaved device client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1541) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1542) 	a=${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1543) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1544) 	run_cmd nettest -s -D -d ${NSA_DEV} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1545) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1546) 	run_cmd nettest -D -d ${VRF} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1547) 	log_test_addr ${a} $? 0 "Enslaved device server, VRF client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1548) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1549) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1550) 	run_cmd nettest -s -D -d ${NSA_DEV} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1551) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1552) 	run_cmd nettest -D -d ${NSA_DEV} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1553) 	log_test_addr ${a} $? 0 "Enslaved device server, device client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1554) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1555) 	# enable global server
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1556) 	log_subsection "Global server enabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1557) 	set_sysctl net.ipv4.udp_l3mdev_accept=1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1558) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1559) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1560) 	# server tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1561) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1562) 	for a in ${NSA_IP} ${VRF_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1563) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1564) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1565) 		run_cmd nettest -D -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1566) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1567) 		run_cmd_nsb nettest -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1568) 		log_test_addr ${a} $? 0 "Global server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1569) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1570) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1571) 		run_cmd nettest -D -d ${VRF} -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1572) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1573) 		run_cmd_nsb nettest -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1574) 		log_test_addr ${a} $? 0 "VRF server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1575) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1576) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1577) 		run_cmd nettest -D -d ${NSA_DEV} -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1578) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1579) 		run_cmd_nsb nettest -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1580) 		log_test_addr ${a} $? 0 "Enslaved device server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1581) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1582) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1583) 		show_hint "Should fail 'Connection refused'"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1584) 		run_cmd_nsb nettest -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1585) 		log_test_addr ${a} $? 1 "No server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1586) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1587) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1588) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1589) 	# client tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1590) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1591) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1592) 	run_cmd_nsb nettest -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1593) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1594) 	run_cmd nettest -d ${VRF} -D -r ${NSB_IP} -1 ${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1595) 	log_test $? 0 "VRF client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1596) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1597) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1598) 	run_cmd_nsb nettest -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1599) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1600) 	run_cmd nettest -d ${NSA_DEV} -D -r ${NSB_IP} -1 ${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1601) 	log_test $? 0 "Enslaved device client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1602) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1603) 	# negative test - should fail
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1604) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1605) 	show_hint "Should fail 'Connection refused'"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1606) 	run_cmd nettest -D -d ${VRF} -r ${NSB_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1607) 	log_test $? 1 "No server, VRF client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1608) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1609) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1610) 	show_hint "Should fail 'Connection refused'"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1611) 	run_cmd nettest -D -d ${NSA_DEV} -r ${NSB_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1612) 	log_test $? 1 "No server, enslaved device client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1613) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1614) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1615) 	# local address tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1616) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1617) 	a=${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1618) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1619) 	run_cmd nettest -D -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1620) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1621) 	run_cmd nettest -D -d ${VRF} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1622) 	log_test_addr ${a} $? 0 "Global server, VRF client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1623) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1624) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1625) 	run_cmd nettest -s -D -d ${VRF} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1626) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1627) 	run_cmd nettest -D -d ${VRF} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1628) 	log_test_addr ${a} $? 0 "VRF server, VRF client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1629) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1630) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1631) 	run_cmd nettest -s -D -d ${VRF} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1632) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1633) 	run_cmd nettest -D -d ${NSA_DEV} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1634) 	log_test_addr ${a} $? 0 "VRF server, device client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1635) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1636) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1637) 	run_cmd nettest -s -D -d ${NSA_DEV} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1638) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1639) 	run_cmd nettest -D -d ${VRF} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1640) 	log_test_addr ${a} $? 0 "Enslaved device server, VRF client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1641) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1642) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1643) 	run_cmd nettest -s -D -d ${NSA_DEV} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1644) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1645) 	run_cmd nettest -D -d ${NSA_DEV} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1646) 	log_test_addr ${a} $? 0 "Enslaved device server, device client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1647) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1648) 	for a in ${VRF_IP} 127.0.0.1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1649) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1650) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1651) 		run_cmd nettest -D -s -2 ${VRF} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1652) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1653) 		run_cmd nettest -D -d ${VRF} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1654) 		log_test_addr ${a} $? 0 "Global server, VRF client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1655) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1656) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1657) 	for a in ${VRF_IP} 127.0.0.1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1658) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1659) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1660) 		run_cmd nettest -s -D -d ${VRF} -2 ${VRF} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1661) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1662) 		run_cmd nettest -D -d ${VRF} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1663) 		log_test_addr ${a} $? 0 "VRF server, VRF client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1664) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1665) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1666) 	# negative test - should fail
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1667) 	# verifies ECONNREFUSED
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1668) 	for a in ${NSA_IP} ${VRF_IP} 127.0.0.1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1669) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1670) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1671) 		show_hint "Should fail 'Connection refused'"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1672) 		run_cmd nettest -D -d ${VRF} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1673) 		log_test_addr ${a} $? 1 "No server, VRF client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1674) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1675) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1676) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1677) ipv4_udp()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1678) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1679) 	log_section "IPv4/UDP"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1680) 	log_subsection "No VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1681) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1682) 	setup
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1683) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1684) 	# udp_l3mdev_accept should have no affect without VRF;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1685) 	# run tests with it enabled and disabled to verify
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1686) 	log_subsection "udp_l3mdev_accept disabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1687) 	set_sysctl net.ipv4.udp_l3mdev_accept=0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1688) 	ipv4_udp_novrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1689) 	log_subsection "udp_l3mdev_accept enabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1690) 	set_sysctl net.ipv4.udp_l3mdev_accept=1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1691) 	ipv4_udp_novrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1692) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1693) 	log_subsection "With VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1694) 	setup "yes"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1695) 	ipv4_udp_vrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1696) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1697) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1698) ################################################################################
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1699) # IPv4 address bind
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1700) #
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1701) # verifies ability or inability to bind to an address / device
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1702) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1703) ipv4_addr_bind_novrf()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1704) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1705) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1706) 	# raw socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1707) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1708) 	for a in ${NSA_IP} ${NSA_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1709) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1710) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1711) 		run_cmd nettest -s -R -P icmp -l ${a} -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1712) 		log_test_addr ${a} $? 0 "Raw socket bind to local address"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1713) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1714) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1715) 		run_cmd nettest -s -R -P icmp -l ${a} -d ${NSA_DEV} -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1716) 		log_test_addr ${a} $? 0 "Raw socket bind to local address after device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1717) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1718) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1719) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1720) 	# tcp sockets
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1721) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1722) 	a=${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1723) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1724) 	run_cmd nettest -l ${a} -r ${NSB_IP} -t1 -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1725) 	log_test_addr ${a} $? 0 "TCP socket bind to local address"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1726) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1727) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1728) 	run_cmd nettest -l ${a} -r ${NSB_IP} -d ${NSA_DEV} -t1 -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1729) 	log_test_addr ${a} $? 0 "TCP socket bind to local address after device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1730) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1731) 	# Sadly, the kernel allows binding a socket to a device and then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1732) 	# binding to an address not on the device. The only restriction
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1733) 	# is that the address is valid in the L3 domain. So this test
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1734) 	# passes when it really should not
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1735) 	#a=${NSA_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1736) 	#log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1737) 	#show_hint "Should fail with 'Cannot assign requested address'"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1738) 	#run_cmd nettest -s -l ${a} -d ${NSA_DEV} -t1 -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1739) 	#log_test_addr ${a} $? 1 "TCP socket bind to out of scope local address"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1740) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1741) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1742) ipv4_addr_bind_vrf()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1743) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1744) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1745) 	# raw socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1746) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1747) 	for a in ${NSA_IP} ${VRF_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1748) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1749) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1750) 		show_hint "Socket not bound to VRF, but address is in VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1751) 		run_cmd nettest -s -R -P icmp -l ${a} -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1752) 		log_test_addr ${a} $? 1 "Raw socket bind to local address"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1753) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1754) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1755) 		run_cmd nettest -s -R -P icmp -l ${a} -d ${NSA_DEV} -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1756) 		log_test_addr ${a} $? 0 "Raw socket bind to local address after device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1757) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1758) 		run_cmd nettest -s -R -P icmp -l ${a} -d ${VRF} -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1759) 		log_test_addr ${a} $? 0 "Raw socket bind to local address after VRF bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1760) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1761) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1762) 	a=${NSA_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1763) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1764) 	show_hint "Address on loopback is out of VRF scope"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1765) 	run_cmd nettest -s -R -P icmp -l ${a} -d ${VRF} -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1766) 	log_test_addr ${a} $? 1 "Raw socket bind to out of scope address after VRF bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1767) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1768) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1769) 	# tcp sockets
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1770) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1771) 	for a in ${NSA_IP} ${VRF_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1772) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1773) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1774) 		run_cmd nettest -s -l ${a} -d ${VRF} -t1 -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1775) 		log_test_addr ${a} $? 0 "TCP socket bind to local address"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1776) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1777) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1778) 		run_cmd nettest -s -l ${a} -d ${NSA_DEV} -t1 -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1779) 		log_test_addr ${a} $? 0 "TCP socket bind to local address after device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1780) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1781) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1782) 	a=${NSA_LO_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1783) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1784) 	show_hint "Address on loopback out of scope for VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1785) 	run_cmd nettest -s -l ${a} -d ${VRF} -t1 -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1786) 	log_test_addr ${a} $? 1 "TCP socket bind to invalid local address for VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1787) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1788) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1789) 	show_hint "Address on loopback out of scope for device in VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1790) 	run_cmd nettest -s -l ${a} -d ${NSA_DEV} -t1 -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1791) 	log_test_addr ${a} $? 1 "TCP socket bind to invalid local address for device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1792) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1793) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1794) ipv4_addr_bind()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1795) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1796) 	log_section "IPv4 address binds"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1797) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1798) 	log_subsection "No VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1799) 	setup
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1800) 	ipv4_addr_bind_novrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1801) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1802) 	log_subsection "With VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1803) 	setup "yes"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1804) 	ipv4_addr_bind_vrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1805) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1806) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1807) ################################################################################
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1808) # IPv4 runtime tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1809) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1810) ipv4_rt()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1811) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1812) 	local desc="$1"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1813) 	local varg="$2"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1814) 	local with_vrf="yes"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1815) 	local a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1816) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1817) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1818) 	# server tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1819) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1820) 	for a in ${NSA_IP} ${VRF_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1821) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1822) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1823) 		run_cmd nettest ${varg} -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1824) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1825) 		run_cmd_nsb nettest ${varg} -r ${a} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1826) 		sleep 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1827) 		run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1828) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1829) 		log_test_addr ${a} 0 0 "${desc}, global server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1830) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1831) 		setup ${with_vrf}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1832) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1833) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1834) 	for a in ${NSA_IP} ${VRF_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1835) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1836) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1837) 		run_cmd nettest ${varg} -s -d ${VRF} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1838) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1839) 		run_cmd_nsb nettest ${varg} -r ${a} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1840) 		sleep 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1841) 		run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1842) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1843) 		log_test_addr ${a} 0 0 "${desc}, VRF server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1844) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1845) 		setup ${with_vrf}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1846) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1847) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1848) 	a=${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1849) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1850) 	run_cmd nettest ${varg} -s -d ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1851) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1852) 	run_cmd_nsb nettest ${varg} -r ${a} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1853) 	sleep 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1854) 	run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1855) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1856) 	log_test_addr ${a} 0 0 "${desc}, enslaved device server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1857) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1858) 	setup ${with_vrf}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1859) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1860) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1861) 	# client test
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1862) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1863) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1864) 	run_cmd_nsb nettest ${varg} -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1865) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1866) 	run_cmd nettest ${varg} -d ${VRF} -r ${NSB_IP} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1867) 	sleep 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1868) 	run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1869) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1870) 	log_test_addr ${a} 0 0 "${desc}, VRF client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1871) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1872) 	setup ${with_vrf}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1873) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1874) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1875) 	run_cmd_nsb nettest ${varg} -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1876) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1877) 	run_cmd nettest ${varg} -d ${NSA_DEV} -r ${NSB_IP} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1878) 	sleep 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1879) 	run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1880) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1881) 	log_test_addr ${a} 0 0 "${desc}, enslaved device client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1882) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1883) 	setup ${with_vrf}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1884) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1885) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1886) 	# local address tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1887) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1888) 	for a in ${NSA_IP} ${VRF_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1889) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1890) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1891) 		run_cmd nettest ${varg} -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1892) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1893) 		run_cmd nettest ${varg} -d ${VRF} -r ${a} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1894) 		sleep 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1895) 		run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1896) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1897) 		log_test_addr ${a} 0 0 "${desc}, global server, VRF client, local"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1898) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1899) 		setup ${with_vrf}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1900) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1901) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1902) 	for a in ${NSA_IP} ${VRF_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1903) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1904) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1905) 		run_cmd nettest ${varg} -d ${VRF} -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1906) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1907) 		run_cmd nettest ${varg} -d ${VRF} -r ${a} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1908) 		sleep 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1909) 		run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1910) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1911) 		log_test_addr ${a} 0 0 "${desc}, VRF server and client, local"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1912) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1913) 		setup ${with_vrf}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1914) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1915) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1916) 	a=${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1917) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1918) 	run_cmd nettest ${varg} -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1919) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1920) 	run_cmd nettest ${varg} -d ${NSA_DEV} -r ${a} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1921) 	sleep 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1922) 	run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1923) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1924) 	log_test_addr ${a} 0 0 "${desc}, global server, enslaved device client, local"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1925) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1926) 	setup ${with_vrf}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1927) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1928) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1929) 	run_cmd nettest ${varg} -d ${VRF} -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1930) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1931) 	run_cmd nettest ${varg} -d ${NSA_DEV} -r ${a} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1932) 	sleep 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1933) 	run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1934) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1935) 	log_test_addr ${a} 0 0 "${desc}, VRF server, enslaved device client, local"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1936) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1937) 	setup ${with_vrf}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1938) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1939) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1940) 	run_cmd nettest ${varg} -d ${NSA_DEV} -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1941) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1942) 	run_cmd nettest ${varg} -d ${NSA_DEV} -r ${a} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1943) 	sleep 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1944) 	run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1945) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1946) 	log_test_addr ${a} 0 0 "${desc}, enslaved device server and client, local"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1947) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1948) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1949) ipv4_ping_rt()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1950) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1951) 	local with_vrf="yes"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1952) 	local a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1953) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1954) 	for a in ${NSA_IP} ${VRF_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1955) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1956) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1957) 		run_cmd_nsb ping -f ${a} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1958) 		sleep 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1959) 		run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1960) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1961) 		log_test_addr ${a} 0 0 "Device delete with active traffic - ping in"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1962) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1963) 		setup ${with_vrf}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1964) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1965) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1966) 	a=${NSB_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1967) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1968) 	run_cmd ping -f -I ${VRF} ${a} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1969) 	sleep 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1970) 	run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1971) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1972) 	log_test_addr ${a} 0 0 "Device delete with active traffic - ping out"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1973) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1974) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1975) ipv4_runtime()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1976) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1977) 	log_section "Run time tests - ipv4"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1978) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1979) 	setup "yes"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1980) 	ipv4_ping_rt
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1981) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1982) 	setup "yes"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1983) 	ipv4_rt "TCP active socket"  "-n -1"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1984) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1985) 	setup "yes"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1986) 	ipv4_rt "TCP passive socket" "-i"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1987) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1988) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1989) ################################################################################
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1990) # IPv6
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1991) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1992) ipv6_ping_novrf()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1993) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1994) 	local a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1995) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1996) 	# should not have an impact, but make a known state
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1997) 	set_sysctl net.ipv4.raw_l3mdev_accept=0 2>/dev/null
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1998) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1999) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2000) 	# out
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2001) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2002) 	for a in ${NSB_IP6} ${NSB_LO_IP6} ${NSB_LINKIP6}%${NSA_DEV} ${MCAST}%${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2003) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2004) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2005) 		run_cmd ${ping6} -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2006) 		log_test_addr ${a} $? 0 "ping out"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2007) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2008) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2009) 	for a in ${NSB_IP6} ${NSB_LO_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2010) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2011) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2012) 		run_cmd ${ping6} -c1 -w1 -I ${NSA_DEV} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2013) 		log_test_addr ${a} $? 0 "ping out, device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2014) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2015) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2016) 		run_cmd ${ping6} -c1 -w1 -I ${NSA_LO_IP6} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2017) 		log_test_addr ${a} $? 0 "ping out, loopback address bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2018) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2019) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2020) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2021) 	# in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2022) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2023) 	for a in ${NSA_IP6} ${NSA_LO_IP6} ${NSA_LINKIP6}%${NSB_DEV} ${MCAST}%${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2024) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2025) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2026) 		run_cmd_nsb ${ping6} -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2027) 		log_test_addr ${a} $? 0 "ping in"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2028) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2029) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2030) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2031) 	# local traffic, local address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2032) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2033) 	for a in ${NSA_IP6} ${NSA_LO_IP6} ::1 ${NSA_LINKIP6}%${NSA_DEV} ${MCAST}%${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2034) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2035) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2036) 		run_cmd ${ping6} -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2037) 		log_test_addr ${a} $? 0 "ping local, no bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2038) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2039) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2040) 	for a in ${NSA_IP6} ${NSA_LINKIP6}%${NSA_DEV} ${MCAST}%${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2041) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2042) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2043) 		run_cmd ${ping6} -c1 -w1 -I ${NSA_DEV} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2044) 		log_test_addr ${a} $? 0 "ping local, device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2045) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2046) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2047) 	for a in ${NSA_LO_IP6} ::1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2048) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2049) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2050) 		show_hint "Fails since address on loopback is out of device scope"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2051) 		run_cmd ${ping6} -c1 -w1 -I ${NSA_DEV} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2052) 		log_test_addr ${a} $? 2 "ping local, device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2053) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2054) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2055) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2056) 	# ip rule blocks address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2057) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2058) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2059) 	setup_cmd ip -6 rule add pref 32765 from all lookup local
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2060) 	setup_cmd ip -6 rule del pref 0 from all lookup local
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2061) 	setup_cmd ip -6 rule add pref 50 to ${NSB_LO_IP6} prohibit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2062) 	setup_cmd ip -6 rule add pref 51 from ${NSB_IP6} prohibit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2063) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2064) 	a=${NSB_LO_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2065) 	run_cmd ${ping6} -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2066) 	log_test_addr ${a} $? 2 "ping out, blocked by rule"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2067) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2068) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2069) 	run_cmd ${ping6} -c1 -w1 -I ${NSA_DEV} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2070) 	log_test_addr ${a} $? 2 "ping out, device bind, blocked by rule"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2071) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2072) 	a=${NSA_LO_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2073) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2074) 	show_hint "Response lost due to ip rule"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2075) 	run_cmd_nsb ${ping6} -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2076) 	log_test_addr ${a} $? 1 "ping in, blocked by rule"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2077) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2078) 	setup_cmd ip -6 rule add pref 0 from all lookup local
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2079) 	setup_cmd ip -6 rule del pref 32765 from all lookup local
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2080) 	setup_cmd ip -6 rule del pref 50 to ${NSB_LO_IP6} prohibit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2081) 	setup_cmd ip -6 rule del pref 51 from ${NSB_IP6} prohibit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2082) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2083) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2084) 	# route blocks reachability to remote address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2085) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2086) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2087) 	setup_cmd ip -6 route del ${NSB_LO_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2088) 	setup_cmd ip -6 route add unreachable ${NSB_LO_IP6} metric 10
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2089) 	setup_cmd ip -6 route add unreachable ${NSB_IP6} metric 10
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2090) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2091) 	a=${NSB_LO_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2092) 	run_cmd ${ping6} -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2093) 	log_test_addr ${a} $? 2 "ping out, blocked by route"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2094) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2095) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2096) 	run_cmd ${ping6} -c1 -w1 -I ${NSA_DEV} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2097) 	log_test_addr ${a} $? 2 "ping out, device bind, blocked by route"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2098) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2099) 	a=${NSA_LO_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2100) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2101) 	show_hint "Response lost due to ip route"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2102) 	run_cmd_nsb ${ping6} -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2103) 	log_test_addr ${a} $? 1 "ping in, blocked by route"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2104) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2105) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2106) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2107) 	# remove 'remote' routes; fallback to default
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2108) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2109) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2110) 	setup_cmd ip -6 ro del unreachable ${NSB_LO_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2111) 	setup_cmd ip -6 ro del unreachable ${NSB_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2112) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2113) 	a=${NSB_LO_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2114) 	run_cmd ${ping6} -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2115) 	log_test_addr ${a} $? 2 "ping out, unreachable route"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2116) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2117) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2118) 	run_cmd ${ping6} -c1 -w1 -I ${NSA_DEV} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2119) 	log_test_addr ${a} $? 2 "ping out, device bind, unreachable route"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2120) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2121) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2122) ipv6_ping_vrf()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2123) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2124) 	local a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2125) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2126) 	# should default on; does not exist on older kernels
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2127) 	set_sysctl net.ipv4.raw_l3mdev_accept=1 2>/dev/null
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2128) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2129) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2130) 	# out
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2131) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2132) 	for a in ${NSB_IP6} ${NSB_LO_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2133) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2134) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2135) 		run_cmd ${ping6} -c1 -w1 -I ${VRF} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2136) 		log_test_addr ${a} $? 0 "ping out, VRF bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2137) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2138) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2139) 	for a in ${NSB_LINKIP6}%${VRF} ${MCAST}%${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2140) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2141) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2142) 		show_hint "Fails since VRF device does not support linklocal or multicast"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2143) 		run_cmd ${ping6} -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2144) 		log_test_addr ${a} $? 1 "ping out, VRF bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2145) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2146) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2147) 	for a in ${NSB_IP6} ${NSB_LO_IP6} ${NSB_LINKIP6}%${NSA_DEV} ${MCAST}%${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2148) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2149) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2150) 		run_cmd ${ping6} -c1 -w1 -I ${NSA_DEV} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2151) 		log_test_addr ${a} $? 0 "ping out, device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2152) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2153) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2154) 	for a in ${NSB_IP6} ${NSB_LO_IP6} ${NSB_LINKIP6}%${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2155) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2156) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2157) 		run_cmd ip vrf exec ${VRF} ${ping6} -c1 -w1 -I ${VRF_IP6} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2158) 		log_test_addr ${a} $? 0 "ping out, vrf device+address bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2159) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2160) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2161) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2162) 	# in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2163) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2164) 	for a in ${NSA_IP6} ${VRF_IP6} ${NSA_LINKIP6}%${NSB_DEV} ${MCAST}%${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2165) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2166) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2167) 		run_cmd_nsb ${ping6} -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2168) 		log_test_addr ${a} $? 0 "ping in"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2169) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2170) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2171) 	a=${NSA_LO_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2172) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2173) 	show_hint "Fails since loopback address is out of VRF scope"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2174) 	run_cmd_nsb ${ping6} -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2175) 	log_test_addr ${a} $? 1 "ping in"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2176) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2177) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2178) 	# local traffic, local address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2179) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2180) 	for a in ${NSA_IP6} ${VRF_IP6} ::1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2181) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2182) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2183) 		show_hint "Source address should be ${a}"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2184) 		run_cmd ${ping6} -c1 -w1 -I ${VRF} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2185) 		log_test_addr ${a} $? 0 "ping local, VRF bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2186) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2187) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2188) 	for a in ${NSA_IP6} ${NSA_LINKIP6}%${NSA_DEV} ${MCAST}%${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2189) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2190) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2191) 		run_cmd ${ping6} -c1 -w1 -I ${NSA_DEV} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2192) 		log_test_addr ${a} $? 0 "ping local, device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2193) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2194) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2195) 	# LLA to GUA - remove ipv6 global addresses from ns-B
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2196) 	setup_cmd_nsb ip -6 addr del ${NSB_IP6}/64 dev ${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2197) 	setup_cmd_nsb ip -6 addr del ${NSB_LO_IP6}/128 dev lo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2198) 	setup_cmd_nsb ip -6 ro add ${NSA_IP6}/128 via ${NSA_LINKIP6} dev ${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2199) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2200) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2201) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2202) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2203) 		run_cmd_nsb ${ping6} -c1 -w1 ${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2204) 		log_test_addr ${a} $? 0 "ping in, LLA to GUA"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2205) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2206) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2207) 	setup_cmd_nsb ip -6 ro del ${NSA_IP6}/128 via ${NSA_LINKIP6} dev ${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2208) 	setup_cmd_nsb ip -6 addr add ${NSB_IP6}/64 dev ${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2209) 	setup_cmd_nsb ip -6 addr add ${NSB_LO_IP6}/128 dev lo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2210) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2211) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2212) 	# ip rule blocks address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2213) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2214) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2215) 	setup_cmd ip -6 rule add pref 50 to ${NSB_LO_IP6} prohibit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2216) 	setup_cmd ip -6 rule add pref 51 from ${NSB_IP6} prohibit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2217) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2218) 	a=${NSB_LO_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2219) 	run_cmd ${ping6} -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2220) 	log_test_addr ${a} $? 2 "ping out, blocked by rule"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2221) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2222) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2223) 	run_cmd ${ping6} -c1 -w1 -I ${NSA_DEV} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2224) 	log_test_addr ${a} $? 2 "ping out, device bind, blocked by rule"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2225) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2226) 	a=${NSA_LO_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2227) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2228) 	show_hint "Response lost due to ip rule"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2229) 	run_cmd_nsb ${ping6} -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2230) 	log_test_addr ${a} $? 1 "ping in, blocked by rule"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2231) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2232) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2233) 	setup_cmd ip -6 rule del pref 50 to ${NSB_LO_IP6} prohibit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2234) 	setup_cmd ip -6 rule del pref 51 from ${NSB_IP6} prohibit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2235) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2236) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2237) 	# remove 'remote' routes; fallback to default
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2238) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2239) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2240) 	setup_cmd ip -6 ro del ${NSB_LO_IP6} vrf ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2241) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2242) 	a=${NSB_LO_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2243) 	run_cmd ${ping6} -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2244) 	log_test_addr ${a} $? 2 "ping out, unreachable route"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2245) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2246) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2247) 	run_cmd ${ping6} -c1 -w1 -I ${NSA_DEV} ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2248) 	log_test_addr ${a} $? 2 "ping out, device bind, unreachable route"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2249) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2250) 	ip -netns ${NSB} -6 ro del ${NSA_LO_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2251) 	a=${NSA_LO_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2252) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2253) 	run_cmd_nsb ${ping6} -c1 -w1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2254) 	log_test_addr ${a} $? 2 "ping in, unreachable route"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2255) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2256) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2257) ipv6_ping()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2258) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2259) 	log_section "IPv6 ping"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2260) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2261) 	log_subsection "No VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2262) 	setup
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2263) 	ipv6_ping_novrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2264) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2265) 	log_subsection "With VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2266) 	setup "yes"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2267) 	ipv6_ping_vrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2268) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2269) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2270) ################################################################################
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2271) # IPv6 TCP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2272) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2273) #
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2274) # MD5 tests without VRF
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2275) #
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2276) ipv6_tcp_md5_novrf()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2277) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2278) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2279) 	# single address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2280) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2281) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2282) 	# basic use case
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2283) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2284) 	run_cmd nettest -6 -s -M ${MD5_PW} -r ${NSB_IP6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2285) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2286) 	run_cmd_nsb nettest -6 -r ${NSA_IP6} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2287) 	log_test $? 0 "MD5: Single address config"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2288) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2289) 	# client sends MD5, server not configured
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2290) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2291) 	show_hint "Should timeout due to MD5 mismatch"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2292) 	run_cmd nettest -6 -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2293) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2294) 	run_cmd_nsb nettest -6 -r ${NSA_IP6} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2295) 	log_test $? 2 "MD5: Server no config, client uses password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2296) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2297) 	# wrong password
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2298) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2299) 	show_hint "Should timeout since client uses wrong password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2300) 	run_cmd nettest -6 -s -M ${MD5_PW} -r ${NSB_IP6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2301) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2302) 	run_cmd_nsb nettest -6 -r ${NSA_IP6} -M ${MD5_WRONG_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2303) 	log_test $? 2 "MD5: Client uses wrong password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2304) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2305) 	# client from different address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2306) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2307) 	show_hint "Should timeout due to MD5 mismatch"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2308) 	run_cmd nettest -6 -s -M ${MD5_PW} -r ${NSB_LO_IP6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2309) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2310) 	run_cmd_nsb nettest -6 -r ${NSA_IP6} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2311) 	log_test $? 2 "MD5: Client address does not match address configured with password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2312) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2313) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2314) 	# MD5 extension - prefix length
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2315) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2316) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2317) 	# client in prefix
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2318) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2319) 	run_cmd nettest -6 -s -M ${MD5_PW} -m ${NS_NET6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2320) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2321) 	run_cmd_nsb nettest -6  -r ${NSA_IP6} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2322) 	log_test $? 0 "MD5: Prefix config"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2323) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2324) 	# client in prefix, wrong password
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2325) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2326) 	show_hint "Should timeout since client uses wrong password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2327) 	run_cmd nettest -6 -s -M ${MD5_PW} -m ${NS_NET6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2328) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2329) 	run_cmd_nsb nettest -6 -r ${NSA_IP6} -M ${MD5_WRONG_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2330) 	log_test $? 2 "MD5: Prefix config, client uses wrong password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2331) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2332) 	# client outside of prefix
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2333) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2334) 	show_hint "Should timeout due to MD5 mismatch"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2335) 	run_cmd nettest -6 -s -M ${MD5_PW} -m ${NS_NET6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2336) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2337) 	run_cmd_nsb nettest -6 -l ${NSB_LO_IP6} -r ${NSA_IP6} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2338) 	log_test $? 2 "MD5: Prefix config, client address not in configured prefix"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2339) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2340) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2341) #
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2342) # MD5 tests with VRF
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2343) #
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2344) ipv6_tcp_md5()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2345) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2346) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2347) 	# single address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2348) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2349) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2350) 	# basic use case
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2351) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2352) 	run_cmd nettest -6 -s -d ${VRF} -M ${MD5_PW} -r ${NSB_IP6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2353) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2354) 	run_cmd_nsb nettest -6 -r ${NSA_IP6} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2355) 	log_test $? 0 "MD5: VRF: Single address config"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2356) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2357) 	# client sends MD5, server not configured
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2358) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2359) 	show_hint "Should timeout since server does not have MD5 auth"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2360) 	run_cmd nettest -6 -s -d ${VRF} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2361) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2362) 	run_cmd_nsb nettest -6 -r ${NSA_IP6} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2363) 	log_test $? 2 "MD5: VRF: Server no config, client uses password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2364) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2365) 	# wrong password
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2366) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2367) 	show_hint "Should timeout since client uses wrong password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2368) 	run_cmd nettest -6 -s -d ${VRF} -M ${MD5_PW} -r ${NSB_IP6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2369) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2370) 	run_cmd_nsb nettest -6 -r ${NSA_IP6} -M ${MD5_WRONG_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2371) 	log_test $? 2 "MD5: VRF: Client uses wrong password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2372) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2373) 	# client from different address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2374) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2375) 	show_hint "Should timeout since server config differs from client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2376) 	run_cmd nettest -6 -s -d ${VRF} -M ${MD5_PW} -r ${NSB_LO_IP6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2377) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2378) 	run_cmd_nsb nettest -6 -r ${NSA_IP6} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2379) 	log_test $? 2 "MD5: VRF: Client address does not match address configured with password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2380) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2381) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2382) 	# MD5 extension - prefix length
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2383) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2384) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2385) 	# client in prefix
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2386) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2387) 	run_cmd nettest -6 -s -d ${VRF} -M ${MD5_PW} -m ${NS_NET6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2388) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2389) 	run_cmd_nsb nettest -6  -r ${NSA_IP6} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2390) 	log_test $? 0 "MD5: VRF: Prefix config"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2391) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2392) 	# client in prefix, wrong password
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2393) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2394) 	show_hint "Should timeout since client uses wrong password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2395) 	run_cmd nettest -6 -s -d ${VRF} -M ${MD5_PW} -m ${NS_NET6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2396) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2397) 	run_cmd_nsb nettest -6 -r ${NSA_IP6} -M ${MD5_WRONG_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2398) 	log_test $? 2 "MD5: VRF: Prefix config, client uses wrong password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2399) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2400) 	# client outside of prefix
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2401) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2402) 	show_hint "Should timeout since client address is outside of prefix"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2403) 	run_cmd nettest -6 -s -d ${VRF} -M ${MD5_PW} -m ${NS_NET6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2404) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2405) 	run_cmd_nsb nettest -6 -l ${NSB_LO_IP6} -r ${NSA_IP6} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2406) 	log_test $? 2 "MD5: VRF: Prefix config, client address not in configured prefix"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2407) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2408) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2409) 	# duplicate config between default VRF and a VRF
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2410) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2411) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2412) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2413) 	run_cmd nettest -6 -s -d ${VRF} -M ${MD5_PW} -r ${NSB_IP6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2414) 	run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -r ${NSB_IP6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2415) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2416) 	run_cmd_nsb nettest -6  -r ${NSA_IP6} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2417) 	log_test $? 0 "MD5: VRF: Single address config in default VRF and VRF, conn in VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2418) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2419) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2420) 	run_cmd nettest -6 -s -d ${VRF} -M ${MD5_PW} -r ${NSB_IP6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2421) 	run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -r ${NSB_IP6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2422) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2423) 	run_cmd_nsc nettest -6  -r ${NSA_IP6} -M ${MD5_WRONG_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2424) 	log_test $? 0 "MD5: VRF: Single address config in default VRF and VRF, conn in default VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2425) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2426) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2427) 	show_hint "Should timeout since client in default VRF uses VRF password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2428) 	run_cmd nettest -6 -s -d ${VRF} -M ${MD5_PW} -r ${NSB_IP6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2429) 	run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -r ${NSB_IP6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2430) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2431) 	run_cmd_nsc nettest -6 -r ${NSA_IP6} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2432) 	log_test $? 2 "MD5: VRF: Single address config in default VRF and VRF, conn in default VRF with VRF pw"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2433) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2434) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2435) 	show_hint "Should timeout since client in VRF uses default VRF password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2436) 	run_cmd nettest -6 -s -d ${VRF} -M ${MD5_PW} -r ${NSB_IP6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2437) 	run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -r ${NSB_IP6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2438) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2439) 	run_cmd_nsb nettest -6 -r ${NSA_IP6} -M ${MD5_WRONG_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2440) 	log_test $? 2 "MD5: VRF: Single address config in default VRF and VRF, conn in VRF with default VRF pw"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2441) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2442) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2443) 	run_cmd nettest -6 -s -d ${VRF} -M ${MD5_PW} -m ${NS_NET6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2444) 	run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -m ${NS_NET6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2445) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2446) 	run_cmd_nsb nettest -6  -r ${NSA_IP6} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2447) 	log_test $? 0 "MD5: VRF: Prefix config in default VRF and VRF, conn in VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2448) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2449) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2450) 	run_cmd nettest -6 -s -d ${VRF} -M ${MD5_PW} -m ${NS_NET6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2451) 	run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -m ${NS_NET6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2452) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2453) 	run_cmd_nsc nettest -6  -r ${NSA_IP6} -M ${MD5_WRONG_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2454) 	log_test $? 0 "MD5: VRF: Prefix config in default VRF and VRF, conn in default VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2455) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2456) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2457) 	show_hint "Should timeout since client in default VRF uses VRF password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2458) 	run_cmd nettest -6 -s -d ${VRF} -M ${MD5_PW} -m ${NS_NET6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2459) 	run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -m ${NS_NET6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2460) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2461) 	run_cmd_nsc nettest -6 -r ${NSA_IP6} -M ${MD5_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2462) 	log_test $? 2 "MD5: VRF: Prefix config in default VRF and VRF, conn in default VRF with VRF pw"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2463) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2464) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2465) 	show_hint "Should timeout since client in VRF uses default VRF password"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2466) 	run_cmd nettest -6 -s -d ${VRF} -M ${MD5_PW} -m ${NS_NET6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2467) 	run_cmd nettest -6 -s -M ${MD5_WRONG_PW} -m ${NS_NET6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2468) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2469) 	run_cmd_nsb nettest -6 -r ${NSA_IP6} -M ${MD5_WRONG_PW}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2470) 	log_test $? 2 "MD5: VRF: Prefix config in default VRF and VRF, conn in VRF with default VRF pw"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2471) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2472) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2473) 	# negative tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2474) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2475) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2476) 	run_cmd nettest -6 -s -d ${NSA_DEV} -M ${MD5_PW} -r ${NSB_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2477) 	log_test $? 1 "MD5: VRF: Device must be a VRF - single address"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2478) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2479) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2480) 	run_cmd nettest -6 -s -d ${NSA_DEV} -M ${MD5_PW} -m ${NS_NET6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2481) 	log_test $? 1 "MD5: VRF: Device must be a VRF - prefix"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2482) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2483) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2484) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2485) ipv6_tcp_novrf()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2486) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2487) 	local a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2488) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2489) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2490) 	# server tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2491) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2492) 	for a in ${NSA_IP6} ${NSA_LO_IP6} ${NSA_LINKIP6}%${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2493) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2494) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2495) 		run_cmd nettest -6 -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2496) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2497) 		run_cmd_nsb nettest -6 -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2498) 		log_test_addr ${a} $? 0 "Global server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2499) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2500) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2501) 	# verify TCP reset received
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2502) 	for a in ${NSA_IP6} ${NSA_LO_IP6} ${NSA_LINKIP6}%${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2503) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2504) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2505) 		show_hint "Should fail 'Connection refused'"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2506) 		run_cmd_nsb nettest -6 -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2507) 		log_test_addr ${a} $? 1 "No server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2508) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2509) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2510) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2511) 	# client
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2512) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2513) 	for a in ${NSB_IP6} ${NSB_LO_IP6} ${NSB_LINKIP6}%${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2514) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2515) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2516) 		run_cmd_nsb nettest -6 -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2517) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2518) 		run_cmd nettest -6 -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2519) 		log_test_addr ${a} $? 0 "Client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2520) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2521) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2522) 	for a in ${NSB_IP6} ${NSB_LO_IP6} ${NSB_LINKIP6}%${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2523) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2524) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2525) 		run_cmd_nsb nettest -6 -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2526) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2527) 		run_cmd nettest -6 -r ${a} -d ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2528) 		log_test_addr ${a} $? 0 "Client, device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2529) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2530) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2531) 	for a in ${NSB_IP6} ${NSB_LO_IP6} ${NSB_LINKIP6}%${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2532) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2533) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2534) 		show_hint "Should fail 'Connection refused'"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2535) 		run_cmd nettest -6 -r ${a} -d ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2536) 		log_test_addr ${a} $? 1 "No server, device client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2537) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2538) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2539) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2540) 	# local address tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2541) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2542) 	for a in ${NSA_IP6} ${NSA_LO_IP6} ::1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2543) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2544) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2545) 		run_cmd nettest -6 -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2546) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2547) 		run_cmd nettest -6 -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2548) 		log_test_addr ${a} $? 0 "Global server, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2549) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2550) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2551) 	a=${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2552) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2553) 	run_cmd nettest -6 -s -d ${NSA_DEV} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2554) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2555) 	run_cmd nettest -6 -r ${a} -0 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2556) 	log_test_addr ${a} $? 0 "Device server, unbound client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2557) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2558) 	for a in ${NSA_LO_IP6} ::1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2559) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2560) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2561) 		show_hint "Should fail 'Connection refused' since addresses on loopback are out of device scope"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2562) 		run_cmd nettest -6 -s -d ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2563) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2564) 		run_cmd nettest -6 -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2565) 		log_test_addr ${a} $? 1 "Device server, unbound client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2566) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2567) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2568) 	a=${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2569) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2570) 	run_cmd nettest -6 -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2571) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2572) 	run_cmd nettest -6 -r ${a} -d ${NSA_DEV} -0 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2573) 	log_test_addr ${a} $? 0 "Global server, device client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2574) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2575) 	for a in ${NSA_LO_IP6} ::1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2576) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2577) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2578) 		show_hint "Should fail 'Connection refused' since addresses on loopback are out of device scope"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2579) 		run_cmd nettest -6 -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2580) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2581) 		run_cmd nettest -6 -r ${a} -d ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2582) 		log_test_addr ${a} $? 1 "Global server, device client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2583) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2584) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2585) 	for a in ${NSA_IP6} ${NSA_LINKIP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2586) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2587) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2588) 		run_cmd nettest -6 -s -d ${NSA_DEV} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2589) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2590) 		run_cmd nettest -6  -d ${NSA_DEV} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2591) 		log_test_addr ${a} $? 0 "Device server, device client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2592) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2593) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2594) 	for a in ${NSA_IP6} ${NSA_LINKIP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2595) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2596) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2597) 		show_hint "Should fail 'Connection refused'"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2598) 		run_cmd nettest -6 -d ${NSA_DEV} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2599) 		log_test_addr ${a} $? 1 "No server, device client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2600) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2601) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2602) 	ipv6_tcp_md5_novrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2603) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2604) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2605) ipv6_tcp_vrf()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2606) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2607) 	local a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2608) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2609) 	# disable global server
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2610) 	log_subsection "Global server disabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2611) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2612) 	set_sysctl net.ipv4.tcp_l3mdev_accept=0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2613) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2614) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2615) 	# server tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2616) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2617) 	for a in ${NSA_IP6} ${VRF_IP6} ${NSA_LINKIP6}%${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2618) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2619) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2620) 		show_hint "Should fail 'Connection refused' since global server with VRF is disabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2621) 		run_cmd nettest -6 -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2622) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2623) 		run_cmd_nsb nettest -6 -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2624) 		log_test_addr ${a} $? 1 "Global server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2625) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2626) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2627) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2628) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2629) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2630) 		run_cmd nettest -6 -s -d ${VRF} -2 ${VRF} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2631) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2632) 		run_cmd_nsb nettest -6 -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2633) 		log_test_addr ${a} $? 0 "VRF server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2634) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2635) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2636) 	# link local is always bound to ingress device
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2637) 	a=${NSA_LINKIP6}%${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2638) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2639) 	run_cmd nettest -6 -s -d ${VRF} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2640) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2641) 	run_cmd_nsb nettest -6 -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2642) 	log_test_addr ${a} $? 0 "VRF server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2643) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2644) 	for a in ${NSA_IP6} ${VRF_IP6} ${NSA_LINKIP6}%${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2645) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2646) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2647) 		run_cmd nettest -6 -s -d ${NSA_DEV} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2648) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2649) 		run_cmd_nsb nettest -6 -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2650) 		log_test_addr ${a} $? 0 "Device server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2651) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2652) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2653) 	# verify TCP reset received
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2654) 	for a in ${NSA_IP6} ${VRF_IP6} ${NSA_LINKIP6}%${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2655) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2656) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2657) 		show_hint "Should fail 'Connection refused'"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2658) 		run_cmd_nsb nettest -6 -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2659) 		log_test_addr ${a} $? 1 "No server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2660) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2661) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2662) 	# local address tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2663) 	a=${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2664) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2665) 	show_hint "Should fail 'Connection refused' since global server with VRF is disabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2666) 	run_cmd nettest -6 -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2667) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2668) 	run_cmd nettest -6 -r ${a} -d ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2669) 	log_test_addr ${a} $? 1 "Global server, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2670) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2671) 	# run MD5 tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2672) 	setup_vrf_dup
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2673) 	ipv6_tcp_md5
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2674) 	cleanup_vrf_dup
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2675) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2676) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2677) 	# enable VRF global server
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2678) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2679) 	log_subsection "VRF Global server enabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2680) 	set_sysctl net.ipv4.tcp_l3mdev_accept=1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2681) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2682) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2683) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2684) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2685) 		run_cmd nettest -6 -s -2 ${VRF} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2686) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2687) 		run_cmd_nsb nettest -6 -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2688) 		log_test_addr ${a} $? 0 "Global server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2689) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2690) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2691) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2692) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2693) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2694) 		run_cmd nettest -6 -s -d ${VRF} -2 ${VRF} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2695) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2696) 		run_cmd_nsb nettest -6 -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2697) 		log_test_addr ${a} $? 0 "VRF server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2698) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2699) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2700) 	# For LLA, child socket is bound to device
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2701) 	a=${NSA_LINKIP6}%${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2702) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2703) 	run_cmd nettest -6 -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2704) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2705) 	run_cmd_nsb nettest -6 -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2706) 	log_test_addr ${a} $? 0 "Global server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2707) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2708) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2709) 	run_cmd nettest -6 -s -d ${VRF} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2710) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2711) 	run_cmd_nsb nettest -6 -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2712) 	log_test_addr ${a} $? 0 "VRF server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2713) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2714) 	for a in ${NSA_IP6} ${NSA_LINKIP6}%${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2715) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2716) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2717) 		run_cmd nettest -6 -s -d ${NSA_DEV} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2718) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2719) 		run_cmd_nsb nettest -6 -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2720) 		log_test_addr ${a} $? 0 "Device server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2721) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2722) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2723) 	# verify TCP reset received
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2724) 	for a in ${NSA_IP6} ${VRF_IP6} ${NSA_LINKIP6}%${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2725) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2726) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2727) 		show_hint "Should fail 'Connection refused'"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2728) 		run_cmd_nsb nettest -6 -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2729) 		log_test_addr ${a} $? 1 "No server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2730) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2731) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2732) 	# local address tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2733) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2734) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2735) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2736) 		show_hint "Fails 'Connection refused' since client is not in VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2737) 		run_cmd nettest -6 -s -d ${VRF} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2738) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2739) 		run_cmd nettest -6 -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2740) 		log_test_addr ${a} $? 1 "Global server, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2741) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2742) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2743) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2744) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2745) 	# client
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2746) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2747) 	for a in ${NSB_IP6} ${NSB_LO_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2748) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2749) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2750) 		run_cmd_nsb nettest -6 -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2751) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2752) 		run_cmd nettest -6 -r ${a} -d ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2753) 		log_test_addr ${a} $? 0 "Client, VRF bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2754) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2755) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2756) 	a=${NSB_LINKIP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2757) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2758) 	show_hint "Fails since VRF device does not allow linklocal addresses"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2759) 	run_cmd_nsb nettest -6 -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2760) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2761) 	run_cmd nettest -6 -r ${a} -d ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2762) 	log_test_addr ${a} $? 1 "Client, VRF bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2763) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2764) 	for a in ${NSB_IP6} ${NSB_LO_IP6} ${NSB_LINKIP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2765) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2766) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2767) 		run_cmd_nsb nettest -6 -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2768) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2769) 		run_cmd nettest -6 -r ${a} -d ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2770) 		log_test_addr ${a} $? 0 "Client, device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2771) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2772) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2773) 	for a in ${NSB_IP6} ${NSB_LO_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2774) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2775) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2776) 		show_hint "Should fail 'Connection refused'"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2777) 		run_cmd nettest -6 -r ${a} -d ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2778) 		log_test_addr ${a} $? 1 "No server, VRF client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2779) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2780) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2781) 	for a in ${NSB_IP6} ${NSB_LO_IP6} ${NSB_LINKIP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2782) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2783) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2784) 		show_hint "Should fail 'Connection refused'"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2785) 		run_cmd nettest -6 -r ${a} -d ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2786) 		log_test_addr ${a} $? 1 "No server, device client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2787) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2788) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2789) 	for a in ${NSA_IP6} ${VRF_IP6} ::1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2790) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2791) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2792) 		run_cmd nettest -6 -s -d ${VRF} -2 ${VRF} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2793) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2794) 		run_cmd nettest -6 -r ${a} -d ${VRF} -0 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2795) 		log_test_addr ${a} $? 0 "VRF server, VRF client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2796) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2797) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2798) 	a=${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2799) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2800) 	run_cmd nettest -6 -s -d ${VRF} -2 ${VRF} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2801) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2802) 	run_cmd nettest -6 -r ${a} -d ${NSA_DEV} -0 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2803) 	log_test_addr ${a} $? 0 "VRF server, device client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2804) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2805) 	a=${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2806) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2807) 	show_hint "Should fail since unbound client is out of VRF scope"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2808) 	run_cmd nettest -6 -s -d ${VRF} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2809) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2810) 	run_cmd nettest -6 -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2811) 	log_test_addr ${a} $? 1 "VRF server, unbound client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2812) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2813) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2814) 	run_cmd nettest -6 -s -d ${NSA_DEV} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2815) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2816) 	run_cmd nettest -6 -r ${a} -d ${VRF} -0 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2817) 	log_test_addr ${a} $? 0 "Device server, VRF client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2818) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2819) 	for a in ${NSA_IP6} ${NSA_LINKIP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2820) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2821) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2822) 		run_cmd nettest -6 -s -d ${NSA_DEV} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2823) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2824) 		run_cmd nettest -6 -r ${a} -d ${NSA_DEV} -0 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2825) 		log_test_addr ${a} $? 0 "Device server, device client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2826) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2827) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2828) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2829) ipv6_tcp()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2830) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2831) 	log_section "IPv6/TCP"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2832) 	log_subsection "No VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2833) 	setup
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2834) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2835) 	# tcp_l3mdev_accept should have no affect without VRF;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2836) 	# run tests with it enabled and disabled to verify
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2837) 	log_subsection "tcp_l3mdev_accept disabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2838) 	set_sysctl net.ipv4.tcp_l3mdev_accept=0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2839) 	ipv6_tcp_novrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2840) 	log_subsection "tcp_l3mdev_accept enabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2841) 	set_sysctl net.ipv4.tcp_l3mdev_accept=1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2842) 	ipv6_tcp_novrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2843) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2844) 	log_subsection "With VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2845) 	setup "yes"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2846) 	ipv6_tcp_vrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2847) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2848) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2849) ################################################################################
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2850) # IPv6 UDP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2851) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2852) ipv6_udp_novrf()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2853) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2854) 	local a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2855) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2856) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2857) 	# server tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2858) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2859) 	for a in ${NSA_IP6} ${NSA_LINKIP6}%${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2860) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2861) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2862) 		run_cmd nettest -6 -D -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2863) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2864) 		run_cmd_nsb nettest -6 -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2865) 		log_test_addr ${a} $? 0 "Global server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2866) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2867) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2868) 		run_cmd nettest -6 -D -d ${NSA_DEV} -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2869) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2870) 		run_cmd_nsb nettest -6 -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2871) 		log_test_addr ${a} $? 0 "Device server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2872) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2873) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2874) 	a=${NSA_LO_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2875) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2876) 	run_cmd nettest -6 -D -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2877) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2878) 	run_cmd_nsb nettest -6 -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2879) 	log_test_addr ${a} $? 0 "Global server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2880) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2881) 	# should fail since loopback address is out of scope for a device
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2882) 	# bound server, but it does not - hence this is more documenting
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2883) 	# behavior.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2884) 	#log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2885) 	#show_hint "Should fail since loopback address is out of scope"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2886) 	#run_cmd nettest -6 -D -d ${NSA_DEV} -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2887) 	#sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2888) 	#run_cmd_nsb nettest -6 -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2889) 	#log_test_addr ${a} $? 1 "Device server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2890) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2891) 	# negative test - should fail
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2892) 	for a in ${NSA_IP6} ${NSA_LO_IP6} ${NSA_LINKIP6}%${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2893) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2894) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2895) 		show_hint "Should fail 'Connection refused' since there is no server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2896) 		run_cmd_nsb nettest -6 -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2897) 		log_test_addr ${a} $? 1 "No server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2898) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2899) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2900) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2901) 	# client
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2902) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2903) 	for a in ${NSB_IP6} ${NSB_LO_IP6} ${NSB_LINKIP6}%${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2904) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2905) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2906) 		run_cmd_nsb nettest -6 -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2907) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2908) 		run_cmd nettest -6 -D -r ${a} -0 ${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2909) 		log_test_addr ${a} $? 0 "Client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2910) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2911) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2912) 		run_cmd_nsb nettest -6 -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2913) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2914) 		run_cmd nettest -6 -D -r ${a} -d ${NSA_DEV} -0 ${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2915) 		log_test_addr ${a} $? 0 "Client, device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2916) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2917) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2918) 		run_cmd_nsb nettest -6 -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2919) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2920) 		run_cmd nettest -6 -D -r ${a} -d ${NSA_DEV} -C -0 ${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2921) 		log_test_addr ${a} $? 0 "Client, device send via cmsg"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2922) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2923) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2924) 		run_cmd_nsb nettest -6 -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2925) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2926) 		run_cmd nettest -6 -D -r ${a} -d ${NSA_DEV} -S -0 ${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2927) 		log_test_addr ${a} $? 0 "Client, device bind via IPV6_UNICAST_IF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2928) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2929) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2930) 		show_hint "Should fail 'Connection refused'"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2931) 		run_cmd nettest -6 -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2932) 		log_test_addr ${a} $? 1 "No server, unbound client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2933) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2934) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2935) 		show_hint "Should fail 'Connection refused'"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2936) 		run_cmd nettest -6 -D -r ${a} -d ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2937) 		log_test_addr ${a} $? 1 "No server, device client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2938) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2939) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2940) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2941) 	# local address tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2942) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2943) 	for a in ${NSA_IP6} ${NSA_LO_IP6} ::1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2944) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2945) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2946) 		run_cmd nettest -6 -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2947) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2948) 		run_cmd nettest -6 -D -r ${a} -0 ${a} -1 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2949) 		log_test_addr ${a} $? 0 "Global server, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2950) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2951) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2952) 	a=${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2953) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2954) 	run_cmd nettest -6 -s -D -d ${NSA_DEV} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2955) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2956) 	run_cmd nettest -6 -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2957) 	log_test_addr ${a} $? 0 "Device server, unbound client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2958) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2959) 	for a in ${NSA_LO_IP6} ::1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2960) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2961) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2962) 		show_hint "Should fail 'Connection refused' since address is out of device scope"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2963) 		run_cmd nettest -6 -s -D -d ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2964) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2965) 		run_cmd nettest -6 -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2966) 		log_test_addr ${a} $? 1 "Device server, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2967) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2968) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2969) 	a=${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2970) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2971) 	run_cmd nettest -6 -s -D &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2972) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2973) 	run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2974) 	log_test_addr ${a} $? 0 "Global server, device client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2975) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2976) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2977) 	run_cmd nettest -6 -s -D &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2978) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2979) 	run_cmd nettest -6 -D -d ${NSA_DEV} -C -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2980) 	log_test_addr ${a} $? 0 "Global server, device send via cmsg, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2981) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2982) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2983) 	run_cmd nettest -6 -s -D &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2984) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2985) 	run_cmd nettest -6 -D -d ${NSA_DEV} -S -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2986) 	log_test_addr ${a} $? 0 "Global server, device client via IPV6_UNICAST_IF, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2987) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2988) 	for a in ${NSA_LO_IP6} ::1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2989) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2990) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2991) 		show_hint "Should fail 'No route to host' since addresses on loopback are out of device scope"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2992) 		run_cmd nettest -6 -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2993) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2994) 		run_cmd nettest -6 -D -r ${a} -d ${NSA_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2995) 		log_test_addr ${a} $? 1 "Global server, device client, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2996) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2997) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2998) 		show_hint "Should fail 'No route to host' since addresses on loopback are out of device scope"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2999) 		run_cmd nettest -6 -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3000) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3001) 		run_cmd nettest -6 -D -r ${a} -d ${NSA_DEV} -C
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3002) 		log_test_addr ${a} $? 1 "Global server, device send via cmsg, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3003) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3004) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3005) 		show_hint "Should fail 'No route to host' since addresses on loopback are out of device scope"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3006) 		run_cmd nettest -6 -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3007) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3008) 		run_cmd nettest -6 -D -r ${a} -d ${NSA_DEV} -S
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3009) 		log_test_addr ${a} $? 1 "Global server, device client via IP_UNICAST_IF, local connection"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3010) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3011) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3012) 	a=${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3013) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3014) 	run_cmd nettest -6 -D -s -d ${NSA_DEV} -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3015) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3016) 	run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a} -0 ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3017) 	log_test_addr ${a} $? 0 "Device server, device client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3018) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3019) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3020) 	show_hint "Should fail 'Connection refused'"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3021) 	run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3022) 	log_test_addr ${a} $? 1 "No server, device client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3023) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3024) 	# LLA to GUA
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3025) 	run_cmd_nsb ip -6 addr del ${NSB_IP6}/64 dev ${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3026) 	run_cmd_nsb ip -6 ro add ${NSA_IP6}/128 dev ${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3027) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3028) 	run_cmd nettest -6 -s -D &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3029) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3030) 	run_cmd_nsb nettest -6 -D -r ${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3031) 	log_test $? 0 "UDP in - LLA to GUA"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3032) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3033) 	run_cmd_nsb ip -6 ro del ${NSA_IP6}/128 dev ${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3034) 	run_cmd_nsb ip -6 addr add ${NSB_IP6}/64 dev ${NSB_DEV} nodad
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3035) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3036) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3037) ipv6_udp_vrf()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3038) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3039) 	local a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3040) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3041) 	# disable global server
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3042) 	log_subsection "Global server disabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3043) 	set_sysctl net.ipv4.udp_l3mdev_accept=0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3044) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3045) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3046) 	# server tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3047) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3048) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3049) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3050) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3051) 		show_hint "Should fail 'Connection refused' since global server is disabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3052) 		run_cmd nettest -6 -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3053) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3054) 		run_cmd_nsb nettest -6 -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3055) 		log_test_addr ${a} $? 1 "Global server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3056) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3057) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3058) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3059) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3060) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3061) 		run_cmd nettest -6 -D -d ${VRF} -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3062) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3063) 		run_cmd_nsb nettest -6 -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3064) 		log_test_addr ${a} $? 0 "VRF server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3065) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3066) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3067) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3068) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3069) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3070) 		run_cmd nettest -6 -D -d ${NSA_DEV} -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3071) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3072) 		run_cmd_nsb nettest -6 -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3073) 		log_test_addr ${a} $? 0 "Enslaved device server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3074) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3075) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3076) 	# negative test - should fail
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3077) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3078) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3079) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3080) 		show_hint "Should fail 'Connection refused' since there is no server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3081) 		run_cmd_nsb nettest -6 -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3082) 		log_test_addr ${a} $? 1 "No server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3083) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3084) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3085) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3086) 	# local address tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3087) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3088) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3089) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3090) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3091) 		show_hint "Should fail 'Connection refused' since global server is disabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3092) 		run_cmd nettest -6 -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3093) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3094) 		run_cmd nettest -6 -D -d ${VRF} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3095) 		log_test_addr ${a} $? 1 "Global server, VRF client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3096) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3097) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3098) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3099) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3100) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3101) 		run_cmd nettest -6 -D -d ${VRF} -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3102) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3103) 		run_cmd nettest -6 -D -d ${VRF} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3104) 		log_test_addr ${a} $? 0 "VRF server, VRF client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3105) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3106) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3107) 	a=${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3108) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3109) 	show_hint "Should fail 'Connection refused' since global server is disabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3110) 	run_cmd nettest -6 -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3111) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3112) 	run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3113) 	log_test_addr ${a} $? 1 "Global server, device client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3114) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3115) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3116) 	run_cmd nettest -6 -D -d ${VRF} -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3117) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3118) 	run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3119) 	log_test_addr ${a} $? 0 "VRF server, device client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3120) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3121) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3122) 	run_cmd nettest -6 -D -d ${NSA_DEV} -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3123) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3124) 	run_cmd nettest -6 -D -d ${VRF} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3125) 	log_test_addr ${a} $? 0 "Enslaved device server, VRF client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3126) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3127) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3128) 	run_cmd nettest -6 -D -d ${NSA_DEV} -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3129) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3130) 	run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3131) 	log_test_addr ${a} $? 0 "Enslaved device server, device client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3132) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3133) 	# disable global server
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3134) 	log_subsection "Global server enabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3135) 	set_sysctl net.ipv4.udp_l3mdev_accept=1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3136) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3137) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3138) 	# server tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3139) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3140) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3141) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3142) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3143) 		run_cmd nettest -6 -D -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3144) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3145) 		run_cmd_nsb nettest -6 -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3146) 		log_test_addr ${a} $? 0 "Global server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3147) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3148) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3149) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3150) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3151) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3152) 		run_cmd nettest -6 -D -d ${VRF} -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3153) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3154) 		run_cmd_nsb nettest -6 -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3155) 		log_test_addr ${a} $? 0 "VRF server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3156) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3157) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3158) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3159) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3160) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3161) 		run_cmd nettest -6 -D -d ${NSA_DEV} -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3162) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3163) 		run_cmd_nsb nettest -6 -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3164) 		log_test_addr ${a} $? 0 "Enslaved device server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3165) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3166) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3167) 	# negative test - should fail
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3168) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3169) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3170) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3171) 		run_cmd_nsb nettest -6 -D -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3172) 		log_test_addr ${a} $? 1 "No server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3173) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3174) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3175) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3176) 	# client tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3177) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3178) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3179) 	run_cmd_nsb nettest -6 -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3180) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3181) 	run_cmd nettest -6 -D -d ${VRF} -r ${NSB_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3182) 	log_test $? 0 "VRF client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3183) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3184) 	# negative test - should fail
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3185) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3186) 	run_cmd nettest -6 -D -d ${VRF} -r ${NSB_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3187) 	log_test $? 1 "No server, VRF client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3188) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3189) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3190) 	run_cmd_nsb nettest -6 -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3191) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3192) 	run_cmd nettest -6 -D -d ${NSA_DEV} -r ${NSB_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3193) 	log_test $? 0 "Enslaved device client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3194) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3195) 	# negative test - should fail
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3196) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3197) 	run_cmd nettest -6 -D -d ${NSA_DEV} -r ${NSB_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3198) 	log_test $? 1 "No server, enslaved device client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3199) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3200) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3201) 	# local address tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3202) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3203) 	a=${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3204) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3205) 	run_cmd nettest -6 -D -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3206) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3207) 	run_cmd nettest -6 -D -d ${VRF} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3208) 	log_test_addr ${a} $? 0 "Global server, VRF client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3209) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3210) 	#log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3211) 	run_cmd nettest -6 -D -d ${VRF} -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3212) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3213) 	run_cmd nettest -6 -D -d ${VRF} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3214) 	log_test_addr ${a} $? 0 "VRF server, VRF client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3215) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3216) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3217) 	a=${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3218) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3219) 	run_cmd nettest -6 -D -s -2 ${VRF} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3220) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3221) 	run_cmd nettest -6 -D -d ${VRF} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3222) 	log_test_addr ${a} $? 0 "Global server, VRF client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3223) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3224) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3225) 	run_cmd nettest -6 -D -d ${VRF} -s -2 ${VRF} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3226) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3227) 	run_cmd nettest -6 -D -d ${VRF} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3228) 	log_test_addr ${a} $? 0 "VRF server, VRF client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3229) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3230) 	# negative test - should fail
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3231) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3232) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3233) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3234) 		run_cmd nettest -6 -D -d ${VRF} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3235) 		log_test_addr ${a} $? 1 "No server, VRF client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3236) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3237) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3238) 	# device to global IP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3239) 	a=${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3240) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3241) 	run_cmd nettest -6 -D -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3242) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3243) 	run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3244) 	log_test_addr ${a} $? 0 "Global server, device client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3245) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3246) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3247) 	run_cmd nettest -6 -D -d ${VRF} -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3248) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3249) 	run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3250) 	log_test_addr ${a} $? 0 "VRF server, device client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3251) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3252) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3253) 	run_cmd nettest -6 -D -d ${NSA_DEV} -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3254) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3255) 	run_cmd nettest -6 -D -d ${VRF} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3256) 	log_test_addr ${a} $? 0 "Device server, VRF client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3257) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3258) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3259) 	run_cmd nettest -6 -D -d ${NSA_DEV} -s -2 ${NSA_DEV} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3260) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3261) 	run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3262) 	log_test_addr ${a} $? 0 "Device server, device client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3263) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3264) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3265) 	run_cmd nettest -6 -D -d ${NSA_DEV} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3266) 	log_test_addr ${a} $? 1 "No server, device client, local conn"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3267) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3268) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3269) 	# link local addresses
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3270) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3271) 	run_cmd nettest -6 -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3272) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3273) 	run_cmd_nsb nettest -6 -D -d ${NSB_DEV} -r ${NSA_LINKIP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3274) 	log_test $? 0 "Global server, linklocal IP"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3275) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3276) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3277) 	run_cmd_nsb nettest -6 -D -d ${NSB_DEV} -r ${NSA_LINKIP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3278) 	log_test $? 1 "No server, linklocal IP"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3279) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3280) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3281) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3282) 	run_cmd_nsb nettest -6 -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3283) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3284) 	run_cmd nettest -6 -D -d ${NSA_DEV} -r ${NSB_LINKIP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3285) 	log_test $? 0 "Enslaved device client, linklocal IP"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3286) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3287) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3288) 	run_cmd nettest -6 -D -d ${NSA_DEV} -r ${NSB_LINKIP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3289) 	log_test $? 1 "No server, device client, peer linklocal IP"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3290) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3291) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3292) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3293) 	run_cmd nettest -6 -D -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3294) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3295) 	run_cmd nettest -6 -D -d ${NSA_DEV} -r ${NSA_LINKIP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3296) 	log_test $? 0 "Enslaved device client, local conn - linklocal IP"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3297) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3298) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3299) 	run_cmd nettest -6 -D -d ${NSA_DEV} -r ${NSA_LINKIP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3300) 	log_test $? 1 "No server, device client, local conn  - linklocal IP"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3301) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3302) 	# LLA to GUA
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3303) 	run_cmd_nsb ip -6 addr del ${NSB_IP6}/64 dev ${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3304) 	run_cmd_nsb ip -6 ro add ${NSA_IP6}/128 dev ${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3305) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3306) 	run_cmd nettest -6 -s -D &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3307) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3308) 	run_cmd_nsb nettest -6 -D -r ${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3309) 	log_test $? 0 "UDP in - LLA to GUA"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3310) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3311) 	run_cmd_nsb ip -6 ro del ${NSA_IP6}/128 dev ${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3312) 	run_cmd_nsb ip -6 addr add ${NSB_IP6}/64 dev ${NSB_DEV} nodad
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3313) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3314) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3315) ipv6_udp()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3316) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3317)         # should not matter, but set to known state
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3318)         set_sysctl net.ipv4.udp_early_demux=1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3319) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3320)         log_section "IPv6/UDP"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3321)         log_subsection "No VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3322)         setup
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3323) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3324)         # udp_l3mdev_accept should have no affect without VRF;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3325)         # run tests with it enabled and disabled to verify
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3326)         log_subsection "udp_l3mdev_accept disabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3327)         set_sysctl net.ipv4.udp_l3mdev_accept=0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3328)         ipv6_udp_novrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3329)         log_subsection "udp_l3mdev_accept enabled"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3330)         set_sysctl net.ipv4.udp_l3mdev_accept=1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3331)         ipv6_udp_novrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3332) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3333)         log_subsection "With VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3334)         setup "yes"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3335)         ipv6_udp_vrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3336) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3337) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3338) ################################################################################
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3339) # IPv6 address bind
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3340) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3341) ipv6_addr_bind_novrf()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3342) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3343) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3344) 	# raw socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3345) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3346) 	for a in ${NSA_IP6} ${NSA_LO_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3347) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3348) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3349) 		run_cmd nettest -6 -s -R -P ipv6-icmp -l ${a} -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3350) 		log_test_addr ${a} $? 0 "Raw socket bind to local address"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3351) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3352) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3353) 		run_cmd nettest -6 -s -R -P ipv6-icmp -l ${a} -d ${NSA_DEV} -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3354) 		log_test_addr ${a} $? 0 "Raw socket bind to local address after device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3355) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3356) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3357) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3358) 	# tcp sockets
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3359) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3360) 	a=${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3361) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3362) 	run_cmd nettest -6 -s -l ${a} -t1 -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3363) 	log_test_addr ${a} $? 0 "TCP socket bind to local address"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3364) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3365) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3366) 	run_cmd nettest -6 -s -l ${a} -d ${NSA_DEV} -t1 -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3367) 	log_test_addr ${a} $? 0 "TCP socket bind to local address after device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3368) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3369) 	# Sadly, the kernel allows binding a socket to a device and then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3370) 	# binding to an address not on the device. So this test passes
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3371) 	# when it really should not
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3372) 	a=${NSA_LO_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3373) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3374) 	show_hint "Tecnically should fail since address is not on device but kernel allows"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3375) 	run_cmd nettest -6 -s -l ${a} -I ${NSA_DEV} -t1 -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3376) 	log_test_addr ${a} $? 0 "TCP socket bind to out of scope local address"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3377) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3378) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3379) ipv6_addr_bind_vrf()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3380) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3381) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3382) 	# raw socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3383) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3384) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3385) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3386) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3387) 		run_cmd nettest -6 -s -R -P ipv6-icmp -l ${a} -d ${VRF} -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3388) 		log_test_addr ${a} $? 0 "Raw socket bind to local address after vrf bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3389) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3390) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3391) 		run_cmd nettest -6 -s -R -P ipv6-icmp -l ${a} -d ${NSA_DEV} -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3392) 		log_test_addr ${a} $? 0 "Raw socket bind to local address after device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3393) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3394) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3395) 	a=${NSA_LO_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3396) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3397) 	show_hint "Address on loopback is out of VRF scope"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3398) 	run_cmd nettest -6 -s -R -P ipv6-icmp -l ${a} -d ${VRF} -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3399) 	log_test_addr ${a} $? 1 "Raw socket bind to invalid local address after vrf bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3400) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3401) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3402) 	# tcp sockets
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3403) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3404) 	# address on enslaved device is valid for the VRF or device in a VRF
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3405) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3406) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3407) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3408) 		run_cmd nettest -6 -s -l ${a} -d ${VRF} -t1 -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3409) 		log_test_addr ${a} $? 0 "TCP socket bind to local address with VRF bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3410) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3411) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3412) 	a=${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3413) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3414) 	run_cmd nettest -6 -s -l ${a} -d ${NSA_DEV} -t1 -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3415) 	log_test_addr ${a} $? 0 "TCP socket bind to local address with device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3416) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3417) 	# Sadly, the kernel allows binding a socket to a device and then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3418) 	# binding to an address not on the device. The only restriction
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3419) 	# is that the address is valid in the L3 domain. So this test
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3420) 	# passes when it really should not
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3421) 	a=${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3422) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3423) 	show_hint "Tecnically should fail since address is not on device but kernel allows"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3424) 	run_cmd nettest -6 -s -l ${a} -I ${NSA_DEV} -t1 -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3425) 	log_test_addr ${a} $? 0 "TCP socket bind to VRF address with device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3426) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3427) 	a=${NSA_LO_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3428) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3429) 	show_hint "Address on loopback out of scope for VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3430) 	run_cmd nettest -6 -s -l ${a} -d ${VRF} -t1 -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3431) 	log_test_addr ${a} $? 1 "TCP socket bind to invalid local address for VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3432) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3433) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3434) 	show_hint "Address on loopback out of scope for device in VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3435) 	run_cmd nettest -6 -s -l ${a} -d ${NSA_DEV} -t1 -b
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3436) 	log_test_addr ${a} $? 1 "TCP socket bind to invalid local address for device bind"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3437) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3438) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3439) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3440) ipv6_addr_bind()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3441) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3442) 	log_section "IPv6 address binds"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3443) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3444) 	log_subsection "No VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3445) 	setup
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3446) 	ipv6_addr_bind_novrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3447) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3448) 	log_subsection "With VRF"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3449) 	setup "yes"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3450) 	ipv6_addr_bind_vrf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3451) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3452) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3453) ################################################################################
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3454) # IPv6 runtime tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3455) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3456) ipv6_rt()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3457) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3458) 	local desc="$1"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3459) 	local varg="-6 $2"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3460) 	local with_vrf="yes"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3461) 	local a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3462) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3463) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3464) 	# server tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3465) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3466) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3467) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3468) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3469) 		run_cmd nettest ${varg} -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3470) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3471) 		run_cmd_nsb nettest ${varg} -r ${a} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3472) 		sleep 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3473) 		run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3474) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3475) 		log_test_addr ${a} 0 0 "${desc}, global server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3476) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3477) 		setup ${with_vrf}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3478) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3479) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3480) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3481) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3482) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3483) 		run_cmd nettest ${varg} -d ${VRF} -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3484) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3485) 		run_cmd_nsb nettest ${varg} -r ${a} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3486) 		sleep 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3487) 		run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3488) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3489) 		log_test_addr ${a} 0 0 "${desc}, VRF server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3490) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3491) 		setup ${with_vrf}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3492) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3493) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3494) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3495) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3496) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3497) 		run_cmd nettest ${varg} -d ${NSA_DEV} -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3498) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3499) 		run_cmd_nsb nettest ${varg} -r ${a} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3500) 		sleep 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3501) 		run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3502) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3503) 		log_test_addr ${a} 0 0 "${desc}, enslaved device server"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3504) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3505) 		setup ${with_vrf}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3506) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3507) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3508) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3509) 	# client test
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3510) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3511) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3512) 	run_cmd_nsb nettest ${varg} -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3513) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3514) 	run_cmd nettest ${varg} -d ${VRF} -r ${NSB_IP6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3515) 	sleep 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3516) 	run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3517) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3518) 	log_test  0 0 "${desc}, VRF client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3519) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3520) 	setup ${with_vrf}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3521) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3522) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3523) 	run_cmd_nsb nettest ${varg} -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3524) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3525) 	run_cmd nettest ${varg} -d ${NSA_DEV} -r ${NSB_IP6} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3526) 	sleep 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3527) 	run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3528) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3529) 	log_test  0 0 "${desc}, enslaved device client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3530) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3531) 	setup ${with_vrf}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3532) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3533) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3534) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3535) 	# local address tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3536) 	#
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3537) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3538) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3539) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3540) 		run_cmd nettest ${varg} -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3541) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3542) 		run_cmd nettest ${varg} -d ${VRF} -r ${a} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3543) 		sleep 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3544) 		run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3545) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3546) 		log_test_addr ${a} 0 0 "${desc}, global server, VRF client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3547) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3548) 		setup ${with_vrf}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3549) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3550) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3551) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3552) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3553) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3554) 		run_cmd nettest ${varg} -d ${VRF} -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3555) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3556) 		run_cmd nettest ${varg} -d ${VRF} -r ${a} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3557) 		sleep 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3558) 		run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3559) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3560) 		log_test_addr ${a} 0 0 "${desc}, VRF server and client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3561) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3562) 		setup ${with_vrf}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3563) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3564) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3565) 	a=${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3566) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3567) 	run_cmd nettest ${varg} -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3568) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3569) 	run_cmd nettest ${varg} -d ${NSA_DEV} -r ${a} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3570) 	sleep 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3571) 	run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3572) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3573) 	log_test_addr ${a} 0 0 "${desc}, global server, device client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3574) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3575) 	setup ${with_vrf}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3576) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3577) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3578) 	run_cmd nettest ${varg} -d ${VRF} -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3579) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3580) 	run_cmd nettest ${varg} -d ${NSA_DEV} -r ${a} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3581) 	sleep 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3582) 	run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3583) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3584) 	log_test_addr ${a} 0 0 "${desc}, VRF server, device client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3585) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3586) 	setup ${with_vrf}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3587) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3588) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3589) 	run_cmd nettest ${varg} -d ${NSA_DEV} -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3590) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3591) 	run_cmd nettest ${varg} -d ${NSA_DEV} -r ${a} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3592) 	sleep 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3593) 	run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3594) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3595) 	log_test_addr ${a} 0 0 "${desc}, device server, device client"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3596) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3597) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3598) ipv6_ping_rt()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3599) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3600) 	local with_vrf="yes"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3601) 	local a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3602) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3603) 	a=${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3604) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3605) 	run_cmd_nsb ${ping6} -f ${a} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3606) 	sleep 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3607) 	run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3608) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3609) 	log_test_addr ${a} 0 0 "Device delete with active traffic - ping in"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3610) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3611) 	setup ${with_vrf}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3612) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3613) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3614) 	run_cmd ${ping6} -f ${NSB_IP6} -I ${VRF} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3615) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3616) 	run_cmd ip link del ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3617) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3618) 	log_test_addr ${a} 0 0 "Device delete with active traffic - ping out"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3619) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3620) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3621) ipv6_runtime()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3622) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3623) 	log_section "Run time tests - ipv6"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3624) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3625) 	setup "yes"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3626) 	ipv6_ping_rt
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3627) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3628) 	setup "yes"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3629) 	ipv6_rt "TCP active socket"  "-n -1"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3630) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3631) 	setup "yes"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3632) 	ipv6_rt "TCP passive socket" "-i"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3633) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3634) 	setup "yes"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3635) 	ipv6_rt "UDP active socket"  "-D -n -1"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3636) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3637) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3638) ################################################################################
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3639) # netfilter blocking connections
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3640) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3641) netfilter_tcp_reset()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3642) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3643) 	local a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3644) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3645) 	for a in ${NSA_IP} ${VRF_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3646) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3647) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3648) 		run_cmd nettest -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3649) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3650) 		run_cmd_nsb nettest -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3651) 		log_test_addr ${a} $? 1 "Global server, reject with TCP-reset on Rx"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3652) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3653) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3654) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3655) netfilter_icmp()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3656) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3657) 	local stype="$1"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3658) 	local arg
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3659) 	local a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3660) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3661) 	[ "${stype}" = "UDP" ] && arg="-D"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3662) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3663) 	for a in ${NSA_IP} ${VRF_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3664) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3665) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3666) 		run_cmd nettest ${arg} -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3667) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3668) 		run_cmd_nsb nettest ${arg} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3669) 		log_test_addr ${a} $? 1 "Global ${stype} server, Rx reject icmp-port-unreach"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3670) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3671) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3672) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3673) ipv4_netfilter()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3674) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3675) 	log_section "IPv4 Netfilter"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3676) 	log_subsection "TCP reset"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3677) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3678) 	setup "yes"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3679) 	run_cmd iptables -A INPUT -p tcp --dport 12345 -j REJECT --reject-with tcp-reset
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3680) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3681) 	netfilter_tcp_reset
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3682) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3683) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3684) 	log_subsection "ICMP unreachable"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3685) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3686) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3687) 	run_cmd iptables -F
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3688) 	run_cmd iptables -A INPUT -p tcp --dport 12345 -j REJECT --reject-with icmp-port-unreachable
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3689) 	run_cmd iptables -A INPUT -p udp --dport 12345 -j REJECT --reject-with icmp-port-unreachable
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3690) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3691) 	netfilter_icmp "TCP"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3692) 	netfilter_icmp "UDP"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3693) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3694) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3695) 	iptables -F
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3696) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3697) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3698) netfilter_tcp6_reset()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3699) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3700) 	local a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3701) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3702) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3703) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3704) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3705) 		run_cmd nettest -6 -s &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3706) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3707) 		run_cmd_nsb nettest -6 -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3708) 		log_test_addr ${a} $? 1 "Global server, reject with TCP-reset on Rx"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3709) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3710) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3711) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3712) netfilter_icmp6()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3713) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3714) 	local stype="$1"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3715) 	local arg
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3716) 	local a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3717) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3718) 	[ "${stype}" = "UDP" ] && arg="$arg -D"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3719) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3720) 	for a in ${NSA_IP6} ${VRF_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3721) 	do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3722) 		log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3723) 		run_cmd nettest -6 -s ${arg} &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3724) 		sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3725) 		run_cmd_nsb nettest -6 ${arg} -r ${a}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3726) 		log_test_addr ${a} $? 1 "Global ${stype} server, Rx reject icmp-port-unreach"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3727) 	done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3728) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3729) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3730) ipv6_netfilter()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3731) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3732) 	log_section "IPv6 Netfilter"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3733) 	log_subsection "TCP reset"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3734) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3735) 	setup "yes"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3736) 	run_cmd ip6tables -A INPUT -p tcp --dport 12345 -j REJECT --reject-with tcp-reset
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3737) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3738) 	netfilter_tcp6_reset
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3739) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3740) 	log_subsection "ICMP unreachable"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3741) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3742) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3743) 	run_cmd ip6tables -F
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3744) 	run_cmd ip6tables -A INPUT -p tcp --dport 12345 -j REJECT --reject-with icmp6-port-unreachable
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3745) 	run_cmd ip6tables -A INPUT -p udp --dport 12345 -j REJECT --reject-with icmp6-port-unreachable
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3746) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3747) 	netfilter_icmp6 "TCP"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3748) 	netfilter_icmp6 "UDP"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3749) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3750) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3751) 	ip6tables -F
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3752) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3753) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3754) ################################################################################
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3755) # specific use cases
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3756) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3757) # VRF only.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3758) # ns-A device enslaved to bridge. Verify traffic with and without
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3759) # br_netfilter module loaded. Repeat with SVI on bridge.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3760) use_case_br()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3761) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3762) 	setup "yes"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3763) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3764) 	setup_cmd ip link set ${NSA_DEV} down
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3765) 	setup_cmd ip addr del dev ${NSA_DEV} ${NSA_IP}/24
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3766) 	setup_cmd ip -6 addr del dev ${NSA_DEV} ${NSA_IP6}/64
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3767) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3768) 	setup_cmd ip link add br0 type bridge
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3769) 	setup_cmd ip addr add dev br0 ${NSA_IP}/24
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3770) 	setup_cmd ip -6 addr add dev br0 ${NSA_IP6}/64 nodad
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3771) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3772) 	setup_cmd ip li set ${NSA_DEV} master br0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3773) 	setup_cmd ip li set ${NSA_DEV} up
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3774) 	setup_cmd ip li set br0 up
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3775) 	setup_cmd ip li set br0 vrf ${VRF}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3776) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3777) 	rmmod br_netfilter 2>/dev/null
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3778) 	sleep 5 # DAD
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3779) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3780) 	run_cmd ip neigh flush all
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3781) 	run_cmd ping -c1 -w1 -I br0 ${NSB_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3782) 	log_test $? 0 "Bridge into VRF - IPv4 ping out"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3783) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3784) 	run_cmd ip neigh flush all
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3785) 	run_cmd ${ping6} -c1 -w1 -I br0 ${NSB_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3786) 	log_test $? 0 "Bridge into VRF - IPv6 ping out"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3787) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3788) 	run_cmd ip neigh flush all
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3789) 	run_cmd_nsb ping -c1 -w1 ${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3790) 	log_test $? 0 "Bridge into VRF - IPv4 ping in"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3791) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3792) 	run_cmd ip neigh flush all
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3793) 	run_cmd_nsb ${ping6} -c1 -w1 ${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3794) 	log_test $? 0 "Bridge into VRF - IPv6 ping in"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3795) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3796) 	modprobe br_netfilter
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3797) 	if [ $? -eq 0 ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3798) 		run_cmd ip neigh flush all
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3799) 		run_cmd ping -c1 -w1 -I br0 ${NSB_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3800) 		log_test $? 0 "Bridge into VRF with br_netfilter - IPv4 ping out"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3801) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3802) 		run_cmd ip neigh flush all
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3803) 		run_cmd ${ping6} -c1 -w1 -I br0 ${NSB_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3804) 		log_test $? 0 "Bridge into VRF with br_netfilter - IPv6 ping out"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3805) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3806) 		run_cmd ip neigh flush all
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3807) 		run_cmd_nsb ping -c1 -w1 ${NSA_IP}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3808) 		log_test $? 0 "Bridge into VRF with br_netfilter - IPv4 ping in"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3809) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3810) 		run_cmd ip neigh flush all
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3811) 		run_cmd_nsb ${ping6} -c1 -w1 ${NSA_IP6}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3812) 		log_test $? 0 "Bridge into VRF with br_netfilter - IPv6 ping in"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3813) 	fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3814) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3815) 	setup_cmd ip li set br0 nomaster
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3816) 	setup_cmd ip li add br0.100 link br0 type vlan id 100
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3817) 	setup_cmd ip li set br0.100 vrf ${VRF} up
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3818) 	setup_cmd ip    addr add dev br0.100 172.16.101.1/24
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3819) 	setup_cmd ip -6 addr add dev br0.100 2001:db8:101::1/64 nodad
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3820) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3821) 	setup_cmd_nsb ip li add vlan100 link ${NSB_DEV} type vlan id 100
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3822) 	setup_cmd_nsb ip addr add dev vlan100 172.16.101.2/24
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3823) 	setup_cmd_nsb ip -6 addr add dev vlan100 2001:db8:101::2/64 nodad
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3824) 	setup_cmd_nsb ip li set vlan100 up
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3825) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3826) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3827) 	rmmod br_netfilter 2>/dev/null
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3828) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3829) 	run_cmd ip neigh flush all
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3830) 	run_cmd ping -c1 -w1 -I br0.100 172.16.101.2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3831) 	log_test $? 0 "Bridge vlan into VRF - IPv4 ping out"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3832) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3833) 	run_cmd ip neigh flush all
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3834) 	run_cmd ${ping6} -c1 -w1 -I br0.100 2001:db8:101::2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3835) 	log_test $? 0 "Bridge vlan into VRF - IPv6 ping out"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3836) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3837) 	run_cmd ip neigh flush all
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3838) 	run_cmd_nsb ping -c1 -w1 172.16.101.1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3839) 	log_test $? 0 "Bridge vlan into VRF - IPv4 ping in"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3840) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3841) 	run_cmd ip neigh flush all
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3842) 	run_cmd_nsb ${ping6} -c1 -w1 2001:db8:101::1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3843) 	log_test $? 0 "Bridge vlan into VRF - IPv6 ping in"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3844) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3845) 	modprobe br_netfilter
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3846) 	if [ $? -eq 0 ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3847) 		run_cmd ip neigh flush all
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3848) 		run_cmd ping -c1 -w1 -I br0.100 172.16.101.2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3849) 		log_test $? 0 "Bridge vlan into VRF with br_netfilter - IPv4 ping out"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3850) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3851) 		run_cmd ip neigh flush all
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3852) 		run_cmd ${ping6} -c1 -w1 -I br0.100 2001:db8:101::2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3853) 		log_test $? 0 "Bridge vlan into VRF with br_netfilter - IPv6 ping out"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3854) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3855) 		run_cmd ip neigh flush all
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3856) 		run_cmd_nsb ping -c1 -w1 172.16.101.1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3857) 		log_test $? 0 "Bridge vlan into VRF - IPv4 ping in"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3858) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3859) 		run_cmd ip neigh flush all
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3860) 		run_cmd_nsb ${ping6} -c1 -w1 2001:db8:101::1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3861) 		log_test $? 0 "Bridge vlan into VRF - IPv6 ping in"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3862) 	fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3863) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3864) 	setup_cmd ip li del br0 2>/dev/null
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3865) 	setup_cmd_nsb ip li del vlan100 2>/dev/null
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3866) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3867) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3868) # VRF only.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3869) # ns-A device is connected to both ns-B and ns-C on a single VRF but only has
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3870) # LLA on the interfaces
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3871) use_case_ping_lla_multi()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3872) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3873) 	setup_lla_only
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3874) 	# only want reply from ns-A
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3875) 	setup_cmd_nsb sysctl -qw net.ipv6.icmp.echo_ignore_multicast=1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3876) 	setup_cmd_nsc sysctl -qw net.ipv6.icmp.echo_ignore_multicast=1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3877) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3878) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3879) 	run_cmd_nsb ping -c1 -w1 ${MCAST}%${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3880) 	log_test_addr ${MCAST}%${NSB_DEV} $? 0 "Pre cycle, ping out ns-B"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3881) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3882) 	run_cmd_nsc ping -c1 -w1 ${MCAST}%${NSC_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3883) 	log_test_addr ${MCAST}%${NSC_DEV} $? 0 "Pre cycle, ping out ns-C"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3884) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3885) 	# cycle/flap the first ns-A interface
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3886) 	setup_cmd ip link set ${NSA_DEV} down
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3887) 	setup_cmd ip link set ${NSA_DEV} up
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3888) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3889) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3890) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3891) 	run_cmd_nsb ping -c1 -w1 ${MCAST}%${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3892) 	log_test_addr ${MCAST}%${NSB_DEV} $? 0 "Post cycle ${NSA} ${NSA_DEV}, ping out ns-B"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3893) 	run_cmd_nsc ping -c1 -w1 ${MCAST}%${NSC_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3894) 	log_test_addr ${MCAST}%${NSC_DEV} $? 0 "Post cycle ${NSA} ${NSA_DEV}, ping out ns-C"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3895) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3896) 	# cycle/flap the second ns-A interface
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3897) 	setup_cmd ip link set ${NSA_DEV2} down
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3898) 	setup_cmd ip link set ${NSA_DEV2} up
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3899) 	sleep 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3900) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3901) 	log_start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3902) 	run_cmd_nsb ping -c1 -w1 ${MCAST}%${NSB_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3903) 	log_test_addr ${MCAST}%${NSB_DEV} $? 0 "Post cycle ${NSA} ${NSA_DEV2}, ping out ns-B"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3904) 	run_cmd_nsc ping -c1 -w1 ${MCAST}%${NSC_DEV}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3905) 	log_test_addr ${MCAST}%${NSC_DEV} $? 0 "Post cycle ${NSA} ${NSA_DEV2}, ping out ns-C"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3906) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3907) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3908) use_cases()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3909) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3910) 	log_section "Use cases"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3911) 	log_subsection "Device enslaved to bridge"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3912) 	use_case_br
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3913) 	log_subsection "Ping LLA with multiple interfaces"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3914) 	use_case_ping_lla_multi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3915) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3916) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3917) ################################################################################
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3918) # usage
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3919) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3920) usage()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3921) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3922) 	cat <<EOF
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3923) usage: ${0##*/} OPTS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3924) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3925) 	-4          IPv4 tests only
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3926) 	-6          IPv6 tests only
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3927) 	-t <test>   Test name/set to run
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3928) 	-p          Pause on fail
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3929) 	-P          Pause after each test
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3930) 	-v          Be verbose
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3931) EOF
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3932) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3933) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3934) ################################################################################
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3935) # main
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3936) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3937) TESTS_IPV4="ipv4_ping ipv4_tcp ipv4_udp ipv4_bind ipv4_runtime ipv4_netfilter"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3938) TESTS_IPV6="ipv6_ping ipv6_tcp ipv6_udp ipv6_bind ipv6_runtime ipv6_netfilter"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3939) TESTS_OTHER="use_cases"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3940) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3941) PAUSE_ON_FAIL=no
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3942) PAUSE=no
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3943) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3944) while getopts :46t:pPvh o
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3945) do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3946) 	case $o in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3947) 		4) TESTS=ipv4;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3948) 		6) TESTS=ipv6;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3949) 		t) TESTS=$OPTARG;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3950) 		p) PAUSE_ON_FAIL=yes;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3951) 		P) PAUSE=yes;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3952) 		v) VERBOSE=1;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3953) 		h) usage; exit 0;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3954) 		*) usage; exit 1;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3955) 	esac
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3956) done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3957) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3958) # make sure we don't pause twice
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3959) [ "${PAUSE}" = "yes" ] && PAUSE_ON_FAIL=no
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3960) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3961) #
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3962) # show user test config
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3963) #
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3964) if [ -z "$TESTS" ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3965) 	TESTS="$TESTS_IPV4 $TESTS_IPV6 $TESTS_OTHER"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3966) elif [ "$TESTS" = "ipv4" ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3967) 	TESTS="$TESTS_IPV4"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3968) elif [ "$TESTS" = "ipv6" ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3969) 	TESTS="$TESTS_IPV6"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3970) fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3971) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3972) which nettest >/dev/null
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3973) if [ $? -ne 0 ]; then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3974) 	echo "'nettest' command not found; skipping tests"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3975) 	exit 0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3976) fi
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3977) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3978) declare -i nfail=0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3979) declare -i nsuccess=0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3980) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3981) for t in $TESTS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3982) do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3983) 	case $t in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3984) 	ipv4_ping|ping)  ipv4_ping;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3985) 	ipv4_tcp|tcp)    ipv4_tcp;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3986) 	ipv4_udp|udp)    ipv4_udp;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3987) 	ipv4_bind|bind)  ipv4_addr_bind;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3988) 	ipv4_runtime)    ipv4_runtime;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3989) 	ipv4_netfilter)  ipv4_netfilter;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3990) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3991) 	ipv6_ping|ping6) ipv6_ping;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3992) 	ipv6_tcp|tcp6)   ipv6_tcp;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3993) 	ipv6_udp|udp6)   ipv6_udp;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3994) 	ipv6_bind|bind6) ipv6_addr_bind;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3995) 	ipv6_runtime)    ipv6_runtime;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3996) 	ipv6_netfilter)  ipv6_netfilter;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3997) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3998) 	use_cases)       use_cases;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3999) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4000) 	# setup namespaces and config, but do not run any tests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4001) 	setup)		 setup; exit 0;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4002) 	vrf_setup)	 setup "yes"; exit 0;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4003) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4004) 	help)            echo "Test names: $TESTS"; exit 0;;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4005) 	esac
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4006) done
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4007) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4008) cleanup 2>/dev/null
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4009) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4010) printf "\nTests passed: %3d\n" ${nsuccess}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4011) printf "Tests failed: %3d\n"   ${nfail}