Re: [PATCH] selftests: Add VRF icmp error route lookup test
- On Aug 11, 2020, at 3:14 PM, David Ahern dsah...@gmail.com wrote: > On 8/11/20 1:11 PM, Mathieu Desnoyers wrote: >> One thing I am missing before this series can be considered for upstreaming >> is an Acked-by of the 2 fixes for ipv4 and ipv6 from you, as maintainer >> of l3mdev, if you think the approach I am taking with those fixes makes >> sense. > > Send the set, and I will review as vrf/l3mdev maintainer. I need working > tests and patches to see the before and after. Allright, I'm rebasing on the net tree as we speak, and the patches will be on their way shortly. Thanks, Mathieu -- Mathieu Desnoyers EfficiOS Inc. http://www.efficios.com
Re: [PATCH] selftests: Add VRF icmp error route lookup test
On 8/11/20 1:11 PM, Mathieu Desnoyers wrote: > One thing I am missing before this series can be considered for upstreaming > is an Acked-by of the 2 fixes for ipv4 and ipv6 from you, as maintainer > of l3mdev, if you think the approach I am taking with those fixes makes sense. Send the set, and I will review as vrf/l3mdev maintainer. I need working tests and patches to see the before and after.
Re: [PATCH] selftests: Add VRF icmp error route lookup test
- On Aug 11, 2020, at 2:57 PM, David Ahern dsah...@gmail.com wrote: > On 8/11/20 11:28 AM, David Miller wrote: >> From: Michael Jeanson >> Date: Thu, 6 Aug 2020 14:51:21 -0400 >> >>> The objective is to check that the incoming vrf routing table is selected >>> to send an ICMP error back to the source when the ttl of a packet reaches 1 >>> while it is forwarded between different vrfs. >>> >>> The first test sends a ping with a ttl of 1 from h1 to h2 and parses the >>> output of the command to check that a ttl expired error is received. >>> >>> [This may be flaky, I'm open to suggestions of a more robust approch.] >>> >>> The second test runs traceroute from h1 to h2 and parses the output to >>> check for a hop on r1. >>> >>> Signed-off-by: Michael Jeanson >> >> This patch does not apply cleanly to the current net tree. >> > > It is also out of context since the tests fail on current net and net-next. > > The tests along with the patches that fix the problem should be sent > together. One thing I am missing before this series can be considered for upstreaming is an Acked-by of the 2 fixes for ipv4 and ipv6 from you, as maintainer of l3mdev, if you think the approach I am taking with those fixes makes sense. Thanks, Mathieu -- Mathieu Desnoyers EfficiOS Inc. http://www.efficios.com
Re: [PATCH] selftests: Add VRF icmp error route lookup test
On 8/11/20 11:28 AM, David Miller wrote: > From: Michael Jeanson > Date: Thu, 6 Aug 2020 14:51:21 -0400 > >> The objective is to check that the incoming vrf routing table is selected >> to send an ICMP error back to the source when the ttl of a packet reaches 1 >> while it is forwarded between different vrfs. >> >> The first test sends a ping with a ttl of 1 from h1 to h2 and parses the >> output of the command to check that a ttl expired error is received. >> >> [This may be flaky, I'm open to suggestions of a more robust approch.] >> >> The second test runs traceroute from h1 to h2 and parses the output to >> check for a hop on r1. >> >> Signed-off-by: Michael Jeanson > > This patch does not apply cleanly to the current net tree. > It is also out of context since the tests fail on current net and net-next. The tests along with the patches that fix the problem should be sent together.
Re: [PATCH] selftests: Add VRF icmp error route lookup test
From: Michael Jeanson Date: Thu, 6 Aug 2020 14:51:21 -0400 > The objective is to check that the incoming vrf routing table is selected > to send an ICMP error back to the source when the ttl of a packet reaches 1 > while it is forwarded between different vrfs. > > The first test sends a ping with a ttl of 1 from h1 to h2 and parses the > output of the command to check that a ttl expired error is received. > > [This may be flaky, I'm open to suggestions of a more robust approch.] > > The second test runs traceroute from h1 to h2 and parses the output to > check for a hop on r1. > > Signed-off-by: Michael Jeanson This patch does not apply cleanly to the current net tree.
[PATCH] selftests: Add VRF icmp error route lookup test
The objective is to check that the incoming vrf routing table is selected
to send an ICMP error back to the source when the ttl of a packet reaches 1
while it is forwarded between different vrfs.
The first test sends a ping with a ttl of 1 from h1 to h2 and parses the
output of the command to check that a ttl expired error is received.
[This may be flaky, I'm open to suggestions of a more robust approch.]
The second test runs traceroute from h1 to h2 and parses the output to
check for a hop on r1.
Signed-off-by: Michael Jeanson
Cc: David Ahern
Cc: David S. Miller
Cc: net...@vger.kernel.org
---
tools/testing/selftests/net/Makefile | 1 +
.../selftests/net/vrf_icmp_error_route.sh | 429 ++
2 files changed, 430 insertions(+)
create mode 100755 tools/testing/selftests/net/vrf_icmp_error_route.sh
diff --git a/tools/testing/selftests/net/Makefile
b/tools/testing/selftests/net/Makefile
index 895ec992b2f1..2fc72bc2908c 100644
--- a/tools/testing/selftests/net/Makefile
+++ b/tools/testing/selftests/net/Makefile
@@ -17,6 +17,7 @@ TEST_PROGS += route_localnet.sh
TEST_PROGS += reuseaddr_ports_exhausted.sh
TEST_PROGS += txtimestamp.sh
TEST_PROGS += vrf-xfrm-tests.sh
+TEST_PROGS += vrf_icmp_error_route.sh
TEST_PROGS_EXTENDED := in_netns.sh
TEST_GEN_FILES = socket nettest
TEST_GEN_FILES += psock_fanout psock_tpacket msg_zerocopy reuseport_addr_any
diff --git a/tools/testing/selftests/net/vrf_icmp_error_route.sh
b/tools/testing/selftests/net/vrf_icmp_error_route.sh
new file mode 100755
index ..0b15a886bf5b
--- /dev/null
+++ b/tools/testing/selftests/net/vrf_icmp_error_route.sh
@@ -0,0 +1,429 @@
+#!/bin/bash
+# SPDX-License-Identifier: GPL-2.0
+#
+# Copyright (c) 2019 David Ahern . All rights reserved.
+# Copyright (c) 2020 Michael Jeanson . All rights
reserved.
+#
+# blue red
+# .253 ++ .253
+# +| r1 |+
+# |++|
+# ++ | | ++
+# | h1 |--+ +--| h2 |
+# ++ .1 | | .2 ++
+# 172.16.1/24 |++| 172.16.2/24
+#2001:db8:16:1/64 +| r2 |+ 2001:db8:16:2/64
+# .254 ++ .254
+#
+#
+# Route from h1 to h2 goes through r1, incoming vrf blue has a route to the
+# outgoing vrf red for the n2 network but red doesn't have a route back to n1.
+# Route from h2 to h1 goes through r2.
+#
+# The objective is to check that the incoming vrf routing table is selected
+# to send an ICMP error back to the source when the ttl of a packet reaches 1
+# while it is forwarded between different vrfs.
+#
+# The first test sends a ping with a ttl of 1 from h1 to h2 and parses the
+# output of the command to check that a ttl expired error is received.
+#
+# The second test runs traceroute from h1 to h2 and parses the output to check
+# for a hop on r1.
+#
+# Requires CONFIG_NET_VRF, CONFIG_VETH, CONFIG_BRIDGE and CONFIG_NET_NS.
+
+VERBOSE=0
+PAUSE_ON_FAIL=no
+
+H1_N1_IP=172.16.1.1
+R1_N1_IP=172.16.1.253
+R2_N1_IP=172.16.1.254
+
+H1_N1_IP6=2001:db8:16:1::1
+R1_N1_IP6=2001:db8:16:1::253
+R2_N1_IP6=2001:db8:16:1::254
+
+H2_N2=172.16.2.0/24
+H2_N2_6=2001:db8:16:2::/64
+
+H2_N2_IP=172.16.2.2
+R1_N2_IP=172.16.2.253
+R2_N2_IP=172.16.2.254
+
+H2_N2_IP6=2001:db8:16:2::2
+R1_N2_IP6=2001:db8:16:2::253
+R2_N2_IP6=2001:db8:16:2::254
+
+
+# helpers
+
+log_section()
+{
+ echo
+ echo
"###"
+ echo "$*"
+ echo
"###"
+ echo
+}
+
+log_test()
+{
+ local rc=$1
+ local expected=$2
+ local msg="$3"
+
+ if [ "${rc}" -eq "${expected}" ]; then
+ printf "TEST: %-60s [ OK ]\n" "${msg}"
+ nsuccess=$((nsuccess+1))
+ else
+ ret=1
+ nfail=$((nfail+1))
+ printf "TEST: %-60s [FAIL]\n" "${msg}"
+ if [ "${PAUSE_ON_FAIL}" = "yes" ]; then
+ echo
+ echo "hit enter to continue, 'q' to quit"
+ read -r a
+ [ "$a" = "q" ] && exit 1
+ fi
+ fi
+}
+
+run_cmd()
+{
+ local cmd="$*"
+ local out
+ local rc
+
+ if [ "$VERBOSE" = "1" ]; then
+ echo "COMMAND: $cmd"
+ fi
+
+ out=$(eval $cmd 2>&1)
+ rc=$?
+ if [ "$VERBOSE" = "1" ] && [ -n "$out" ]; then
+ echo "$out"
+ fi
+
+ [ "$VERBOSE" = "1" ] && echo
+
+ return $rc
+}
+
+
+# setup and teardown
+
+cleanup()
+{
+ local ns
+
+ setup=0
+
+ for ns in h1 h2 r1 r2;
