diff options
| author | Stefano Brivio <sbrivio@redhat.com> | 2018-03-16 21:31:44 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2018-03-17 20:15:14 -0400 |
| commit | 5e84430bb83e8241c485ccce728ff5e5e80789eb (patch) | |
| tree | 48b43eb9341bbe997b8cc2e135f1bed26277bdf1 /tools | |
| parent | 35b49424b8a49edb6de6e7ec54bd8edb568031c2 (diff) | |
selftests: pmtu: Add test_pmtu_vti4_exception test
This test checks that PMTU exceptions are created only when
needed on IPv4 routes with vti and xfrm, and their PMTU value is
checked as well.
We can't adopt the same approach as test_pmtu_vti6_exception()
here, because on IPv4 administrative MTU changes won't be
reflected directly on PMTU.
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'tools')
| -rwxr-xr-x | tools/testing/selftests/net/pmtu.sh | 80 |
1 files changed, 70 insertions, 10 deletions
diff --git a/tools/testing/selftests/net/pmtu.sh b/tools/testing/selftests/net/pmtu.sh index 5d9af22b360a..ba11433d17d8 100755 --- a/tools/testing/selftests/net/pmtu.sh +++ b/tools/testing/selftests/net/pmtu.sh | |||
| @@ -6,6 +6,14 @@ | |||
| 6 | # | 6 | # |
| 7 | # Tests currently implemented: | 7 | # Tests currently implemented: |
| 8 | # | 8 | # |
| 9 | # - pmtu_vti4_exception | ||
| 10 | # Set up vti tunnel on top of veth, with xfrm states and policies, in two | ||
| 11 | # namespaces with matching endpoints. Check that route exception is not | ||
| 12 | # created if link layer MTU is not exceeded, then exceed it and check that | ||
| 13 | # exception is created with the expected PMTU. The approach described | ||
| 14 | # below for IPv6 doesn't apply here, because, on IPv4, administrative MTU | ||
| 15 | # changes alone won't affect PMTU | ||
| 16 | # | ||
| 9 | # - pmtu_vti6_exception | 17 | # - pmtu_vti6_exception |
| 10 | # Set up vti6 tunnel on top of veth, with xfrm states and policies, in two | 18 | # Set up vti6 tunnel on top of veth, with xfrm states and policies, in two |
| 11 | # namespaces with matching endpoints. Check that route exception is | 19 | # namespaces with matching endpoints. Check that route exception is |
| @@ -24,6 +32,7 @@ | |||
| 24 | 32 | ||
| 25 | tests=" | 33 | tests=" |
| 26 | pmtu_vti6_exception vti6: PMTU exceptions | 34 | pmtu_vti6_exception vti6: PMTU exceptions |
| 35 | pmtu_vti4_exception vti4: PMTU exceptions | ||
| 27 | pmtu_vti4_default_mtu vti4: default MTU assignment | 36 | pmtu_vti4_default_mtu vti4: default MTU assignment |
| 28 | pmtu_vti6_default_mtu vti6: default MTU assignment" | 37 | pmtu_vti6_default_mtu vti6: default MTU assignment" |
| 29 | 38 | ||
| @@ -109,15 +118,27 @@ setup_vti6() { | |||
| 109 | } | 118 | } |
| 110 | 119 | ||
| 111 | setup_xfrm() { | 120 | setup_xfrm() { |
| 112 | ${ns_a} ip -6 xfrm state add src ${veth6_a_addr} dst ${veth6_b_addr} spi 0x1000 proto esp aead "rfc4106(gcm(aes))" 0x0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f 128 mode tunnel || return 1 | 121 | proto=${1} |
| 113 | ${ns_a} ip -6 xfrm state add src ${veth6_b_addr} dst ${veth6_a_addr} spi 0x1001 proto esp aead "rfc4106(gcm(aes))" 0x0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f 128 mode tunnel | 122 | veth_a_addr="${2}" |
| 114 | ${ns_a} ip -6 xfrm policy add dir out mark 10 tmpl src ${veth6_a_addr} dst ${veth6_b_addr} proto esp mode tunnel | 123 | veth_b_addr="${3}" |
| 115 | ${ns_a} ip -6 xfrm policy add dir in mark 10 tmpl src ${veth6_b_addr} dst ${veth6_a_addr} proto esp mode tunnel | 124 | |
| 116 | 125 | ${ns_a} ip -${proto} xfrm state add src ${veth_a_addr} dst ${veth_b_addr} spi 0x1000 proto esp aead "rfc4106(gcm(aes))" 0x0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f 128 mode tunnel || return 1 | |
| 117 | ${ns_b} ip -6 xfrm state add src ${veth6_a_addr} dst ${veth6_b_addr} spi 0x1000 proto esp aead "rfc4106(gcm(aes))" 0x0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f 128 mode tunnel | 126 | ${ns_a} ip -${proto} xfrm state add src ${veth_b_addr} dst ${veth_a_addr} spi 0x1001 proto esp aead "rfc4106(gcm(aes))" 0x0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f 128 mode tunnel |
| 118 | ${ns_b} ip -6 xfrm state add src ${veth6_b_addr} dst ${veth6_a_addr} spi 0x1001 proto esp aead "rfc4106(gcm(aes))" 0x0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f 128 mode tunnel | 127 | ${ns_a} ip -${proto} xfrm policy add dir out mark 10 tmpl src ${veth_a_addr} dst ${veth_b_addr} proto esp mode tunnel |
| 119 | ${ns_b} ip -6 xfrm policy add dir out mark 10 tmpl src ${veth6_b_addr} dst ${veth6_a_addr} proto esp mode tunnel | 128 | ${ns_a} ip -${proto} xfrm policy add dir in mark 10 tmpl src ${veth_b_addr} dst ${veth_a_addr} proto esp mode tunnel |
| 120 | ${ns_b} ip -6 xfrm policy add dir in mark 10 tmpl src ${veth6_a_addr} dst ${veth6_b_addr} proto esp mode tunnel | 129 | |
| 130 | ${ns_b} ip -${proto} xfrm state add src ${veth_a_addr} dst ${veth_b_addr} spi 0x1000 proto esp aead "rfc4106(gcm(aes))" 0x0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f 128 mode tunnel | ||
| 131 | ${ns_b} ip -${proto} xfrm state add src ${veth_b_addr} dst ${veth_a_addr} spi 0x1001 proto esp aead "rfc4106(gcm(aes))" 0x0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f 128 mode tunnel | ||
| 132 | ${ns_b} ip -${proto} xfrm policy add dir out mark 10 tmpl src ${veth_b_addr} dst ${veth_a_addr} proto esp mode tunnel | ||
| 133 | ${ns_b} ip -${proto} xfrm policy add dir in mark 10 tmpl src ${veth_a_addr} dst ${veth_b_addr} proto esp mode tunnel | ||
| 134 | } | ||
| 135 | |||
| 136 | setup_xfrm4() { | ||
| 137 | setup_xfrm 4 ${veth4_a_addr} ${veth4_b_addr} | ||
| 138 | } | ||
| 139 | |||
| 140 | setup_xfrm6() { | ||
| 141 | setup_xfrm 6 ${veth6_a_addr} ${veth6_b_addr} | ||
| 121 | } | 142 | } |
| 122 | 143 | ||
| 123 | setup() { | 144 | setup() { |
| @@ -182,8 +203,47 @@ route_get_dst_pmtu_from_exception() { | |||
| 182 | mtu_parse "$(route_get_dst_exception "${ns_cmd}" ${dst})" | 203 | mtu_parse "$(route_get_dst_exception "${ns_cmd}" ${dst})" |
| 183 | } | 204 | } |
| 184 | 205 | ||
| 206 | test_pmtu_vti4_exception() { | ||
| 207 | setup namespaces veth vti4 xfrm4 || return 2 | ||
| 208 | |||
| 209 | veth_mtu=1500 | ||
| 210 | vti_mtu=$((veth_mtu - 20)) | ||
| 211 | |||
| 212 | # SPI SN IV ICV pad length next header | ||
| 213 | esp_payload_rfc4106=$((vti_mtu - 4 - 4 - 8 - 16 - 1 - 1)) | ||
| 214 | ping_payload=$((esp_payload_rfc4106 - 28)) | ||
| 215 | |||
| 216 | mtu "${ns_a}" veth_a ${veth_mtu} | ||
| 217 | mtu "${ns_b}" veth_b ${veth_mtu} | ||
| 218 | mtu "${ns_a}" vti4_a ${vti_mtu} | ||
| 219 | mtu "${ns_b}" vti4_b ${vti_mtu} | ||
| 220 | |||
| 221 | # Send DF packet without exceeding link layer MTU, check that no | ||
| 222 | # exception is created | ||
| 223 | ${ns_a} ping -q -M want -i 0.1 -w 2 -s ${ping_payload} ${vti4_b_addr} > /dev/null | ||
| 224 | pmtu="$(route_get_dst_pmtu_from_exception "${ns_a}" ${vti4_b_addr})" | ||
| 225 | if [ "${pmtu}" != "" ]; then | ||
| 226 | err " unexpected exception created with PMTU ${pmtu} for IP payload length ${esp_payload_rfc4106}" | ||
| 227 | return 1 | ||
| 228 | fi | ||
| 229 | |||
| 230 | # Now exceed link layer MTU by one byte, check that exception is created | ||
| 231 | ${ns_a} ping -q -M want -i 0.1 -w 2 -s $((ping_payload + 1)) ${vti4_b_addr} > /dev/null | ||
| 232 | pmtu="$(route_get_dst_pmtu_from_exception "${ns_a}" ${vti4_b_addr})" | ||
| 233 | if [ "${pmtu}" = "" ]; then | ||
| 234 | err " exception not created for IP payload length $((esp_payload_rfc4106 + 1))" | ||
| 235 | return 1 | ||
| 236 | fi | ||
| 237 | |||
| 238 | # ...with the right PMTU value | ||
| 239 | if [ ${pmtu} -ne ${esp_payload_rfc4106} ]; then | ||
| 240 | err " wrong PMTU ${pmtu} in exception, expected: ${esp_payload_rfc4106}" | ||
| 241 | return 1 | ||
| 242 | fi | ||
| 243 | } | ||
| 244 | |||
| 185 | test_pmtu_vti6_exception() { | 245 | test_pmtu_vti6_exception() { |
| 186 | setup namespaces veth vti6 xfrm || return 2 | 246 | setup namespaces veth vti6 xfrm6 || return 2 |
| 187 | fail=0 | 247 | fail=0 |
| 188 | 248 | ||
| 189 | # Create route exception by exceeding link layer MTU | 249 | # Create route exception by exceeding link layer MTU |