3 # This test is for checking rtnetlink callpaths, and get as much coverage as possible.
10 # set global exit status, but never reset nonzero one.
13 if [ $ret -eq 0 ]; then
18 # same but inverted -- used when command must fail for test to pass
28 ip link add name "$devdummy" type dummy
30 ip link set "$devdummy" up
36 ip link del dev "$devdummy"
45 ip netconf show dev "$dev" > /dev/null
49 ip -$f netconf show dev "$dev" > /dev/null
53 if [ $ret -ne 0 ] ;then
54 echo "FAIL: ip netconf show $dev"
55 test $r -eq 0 && ret=0
60 # add a bridge with vlans on top
64 vlandev="testbr-vlan1"
67 ip link add name "$devbr" type bridge
70 ip link set dev "$devdummy" master "$devbr"
73 ip link set "$devbr" up
76 ip link add link "$devbr" name "$vlandev" type vlan id 1
78 ip addr add dev "$vlandev" 10.200.7.23/30
80 ip -6 addr add dev "$vlandev" dead:42::1234/64
82 ip -d link > /dev/null
84 ip r s t all > /dev/null
87 for name in "$devbr" "$vlandev" "$devdummy" ; do
88 kci_test_netconf "$name"
91 ip -6 addr del dev "$vlandev" dead:42::1234/64
94 ip link del dev "$vlandev"
96 ip link del dev "$devbr"
99 if [ $ret -ne 0 ];then
100 echo "FAIL: bridge setup"
103 echo "PASS: bridge setup"
114 ip tunnel add $gredev mode gre remote $rem local $loc ttl 1
116 ip link set $gredev up
118 ip addr add 10.23.7.10 dev $gredev
120 ip route add 10.23.8.0/30 dev $gredev
122 ip addr add dev "$devdummy" 10.23.7.11/24
129 kci_test_netconf "$gredev"
131 ip addr del dev "$devdummy" 10.23.7.11/24
137 if [ $ret -ne 0 ];then
138 echo "FAIL: gre tunnel endpoint"
141 echo "PASS: gre tunnel endpoint"
144 # tc uses rtnetlink too, for full tc testing
145 # please see tools/testing/selftests/tc-testing.
151 tc qdisc add dev "$dev" root handle 1: htb
153 tc class add dev "$dev" parent 1: classid 1:10 htb rate 1mbit
155 tc filter add dev "$dev" parent 1:0 prio 5 handle ffe: protocol ip u32 divisor 256
157 tc filter add dev "$dev" parent 1:0 prio 5 handle ffd: protocol ip u32 divisor 256
159 tc filter add dev "$dev" parent 1:0 prio 5 handle ffc: protocol ip u32 divisor 256
161 tc filter add dev "$dev" protocol ip parent 1: prio 5 handle ffe:2:3 u32 ht ffe:2: match ip src 10.0.0.3 flowid 1:10
163 tc filter add dev "$dev" protocol ip parent 1: prio 5 handle ffe:2:2 u32 ht ffe:2: match ip src 10.0.0.2 flowid 1:10
165 tc filter show dev "$dev" parent 1:0 > /dev/null
167 tc filter del dev "$dev" protocol ip parent 1: prio 5 handle ffe:2:3 u32
169 tc filter show dev "$dev" parent 1:0 > /dev/null
171 tc qdisc del dev "$dev" root handle 1: htb
174 if [ $ret -ne 0 ];then
175 echo "FAIL: tc htb hierarchy"
178 echo "PASS: tc htb hierarchy"
182 kci_test_polrouting()
185 ip rule add fwmark 1 lookup 100
187 ip route add local 0.0.0.0/0 dev lo table 100
189 ip r s t all > /dev/null
191 ip rule del fwmark 1 lookup 100
193 ip route del local 0.0.0.0/0 dev lo table 100
196 if [ $ret -ne 0 ];then
197 echo "FAIL: policy route test"
200 echo "PASS: policy routing"
207 ip route get 127.0.0.1 > /dev/null
209 ip route get 127.0.0.1 dev "$devdummy" > /dev/null
211 ip route get ::1 > /dev/null
213 ip route get fe80::1 dev "$devdummy" > /dev/null
215 ip route get 127.0.0.1 from 127.0.0.1 oif lo tos 0x1 mark 0x1 > /dev/null
217 ip route get ::1 from ::1 iif lo oif lo tos 0x1 mark 0x1 > /dev/null
219 ip addr add dev "$devdummy" 10.23.7.11/24
221 ip route get 10.23.7.11 from 10.23.7.12 iif "$devdummy" > /dev/null
223 ip addr del dev "$devdummy" 10.23.7.11/24
226 if [ $ret -ne 0 ];then
227 echo "FAIL: route get"
231 echo "PASS: route get"
238 ip addrlabel add prefix dead::/64 dev lo label 1
241 ip addrlabel list |grep -q "prefix dead::/64 dev lo label 1"
244 ip addrlabel del prefix dead::/64 dev lo label 1 2> /dev/null
247 ip addrlabel add prefix dead::/64 label 1 2> /dev/null
250 ip addrlabel del prefix dead::/64 label 1 2> /dev/null
253 # concurrent add/delete
254 for i in $(seq 1 1000); do
255 ip addrlabel add prefix 1c3::/64 label 12345 2>/dev/null
258 for i in $(seq 1 1000); do
259 ip addrlabel del prefix 1c3::/64 label 12345 2>/dev/null
264 ip addrlabel del prefix 1c3::/64 label 12345 2>/dev/null
266 if [ $ret -ne 0 ];then
267 echo "FAIL: ipv6 addrlabel"
271 echo "PASS: ipv6 addrlabel"
278 syspathname="/sys/class/net/$devdummy/ifalias"
280 ip link set dev "$devdummy" alias "$namewant"
283 if [ $ret -ne 0 ]; then
284 echo "FAIL: cannot set interface alias of $devdummy to $namewant"
288 ip link show "$devdummy" | grep -q "alias $namewant"
291 if [ -r "$syspathname" ] ; then
292 read namehave < "$syspathname"
293 if [ "$namewant" != "$namehave" ]; then
294 echo "FAIL: did set ifalias $namewant but got $namehave"
299 echo "$namewant" > "$syspathname"
300 ip link show "$devdummy" | grep -q "alias $namewant"
303 # sysfs interface allows to delete alias again
304 echo "" > "$syspathname"
306 ip link show "$devdummy" | grep -q "alias $namewant"
309 for i in $(seq 1 100); do
310 uuidgen > "$syspathname" &
315 # re-add the alias -- kernel should free mem when dummy dev is removed
316 ip link set dev "$devdummy" alias "$namewant"
320 if [ $ret -ne 0 ]; then
321 echo "FAIL: set interface alias $devdummy to $namewant"
325 echo "PASS: set ifalias $namewant for $devdummy"
333 ip link show type vrf 2>/dev/null
334 if [ $? -ne 0 ]; then
335 echo "SKIP: vrf: iproute2 too old"
339 ip link add "$vrfname" type vrf table 10
341 if [ $ret -ne 0 ];then
342 echo "FAIL: can't add vrf interface, skipping test"
346 ip -br link show type vrf | grep -q "$vrfname"
348 if [ $ret -ne 0 ];then
349 echo "FAIL: created vrf device not found"
353 ip link set dev "$vrfname" up
356 ip link set dev "$devdummy" master "$vrfname"
358 ip link del dev "$vrfname"
361 if [ $ret -ne 0 ];then
369 kci_test_encap_vxlan()
376 ip netns exec "$testns" ip link add "$vxlan" type vxlan id 42 group 239.1.1.1 \
377 dev "$devdummy" dstport 4789 2>/dev/null
378 if [ $? -ne 0 ]; then
379 echo "FAIL: can't add vxlan interface, skipping test"
384 ip netns exec "$testns" ip addr add 10.2.11.49/24 dev "$vxlan"
387 ip netns exec "$testns" ip link set up dev "$vxlan"
390 ip netns exec "$testns" ip link add link "$vxlan" name "$vlan" type vlan id 1
393 ip netns exec "$testns" ip link del "$vxlan"
396 if [ $ret -ne 0 ]; then
409 ip fou help 2>&1 |grep -q 'Usage: ip fou'
411 echo "SKIP: fou: iproute2 too old"
415 ip netns exec "$testns" ip fou add port 7777 ipproto 47 2>/dev/null
417 echo "FAIL: can't add fou port 7777, skipping test"
421 ip netns exec "$testns" ip fou add port 8888 ipproto 4
424 ip netns exec "$testns" ip fou del port 9999 2>/dev/null
427 ip netns exec "$testns" ip fou del port 7777
430 if [ $ret -ne 0 ]; then
438 # test various encap methods, use netns to avoid unwanted interference
444 ip netns add "$testns"
445 if [ $? -ne 0 ]; then
446 echo "SKIP encap tests: cannot add net namespace $testns"
450 ip netns exec "$testns" ip link set lo up
453 ip netns exec "$testns" ip link add name "$devdummy" type dummy
455 ip netns exec "$testns" ip link set "$devdummy" up
458 kci_test_encap_vxlan "$testns"
459 kci_test_encap_fou "$testns"
461 ip netns del "$testns"
466 msname="test_macsec0"
469 ip macsec help 2>&1 | grep -q "^Usage: ip macsec"
470 if [ $? -ne 0 ]; then
471 echo "SKIP: macsec: iproute2 too old"
475 ip link add link "$devdummy" "$msname" type macsec port 42 encrypt on
477 if [ $ret -ne 0 ];then
478 echo "FAIL: can't add macsec interface, skipping test"
482 ip macsec add "$msname" tx sa 0 pn 1024 on key 01 12345678901234567890123456789012
485 ip macsec add "$msname" rx port 1234 address "1c:ed:de:ad:be:ef"
488 ip macsec add "$msname" rx port 1234 address "1c:ed:de:ad:be:ef" sa 0 pn 1 on key 00 0123456789abcdef0123456789abcdef
491 ip macsec show > /dev/null
494 ip link del dev "$msname"
497 if [ $ret -ne 0 ];then
505 #-------------------------------------------------------------------
507 # ip x s add proto esp src 14.0.0.52 dst 14.0.0.70 \
508 # spi 0x07 mode transport reqid 0x07 replay-window 32 \
509 # aead 'rfc4106(gcm(aes))' 1234567890123456dcba 128 \
510 # sel src 14.0.0.52/24 dst 14.0.0.70/24
511 # ip x p add dir out src 14.0.0.52/24 dst 14.0.0.70/24 \
512 # tmpl proto esp src 14.0.0.52 dst 14.0.0.70 \
513 # spi 0x07 mode transport reqid 0x07
515 # Subcommands not tested
522 #-------------------------------------------------------------------
527 algo="aead rfc4106(gcm(aes)) 0x3132333435363738393031323334353664636261 128"
529 # flush to be sure there's nothing configured
530 ip x s flush ; ip x p flush
533 # start the monitor in the background
534 tmpfile=`mktemp ipsectestXXX`
539 ipsecid="proto esp src $srcip dst $dstip spi 0x07"
540 ip x s add $ipsecid \
541 mode transport reqid 0x07 replay-window 32 \
542 $algo sel src $srcip/24 dst $dstip/24
545 lines=`ip x s list | grep $srcip | grep $dstip | wc -l`
549 ip x s count | grep -q "SAD count 1"
552 lines=`ip x s get $ipsecid | grep $srcip | grep $dstip | wc -l`
556 ip x s delete $ipsecid
559 lines=`ip x s list | wc -l`
563 ipsecsel="dir out src $srcip/24 dst $dstip/24"
564 ip x p add $ipsecsel \
565 tmpl proto esp src $srcip dst $dstip \
566 spi 0x07 mode transport reqid 0x07
569 lines=`ip x p list | grep $srcip | grep $dstip | wc -l`
573 ip x p count | grep -q "SPD IN 0 OUT 1 FWD 0"
576 lines=`ip x p get $ipsecsel | grep $srcip | grep $dstip | wc -l`
580 ip x p delete $ipsecsel
583 lines=`ip x p list | wc -l`
587 # check the monitor results
589 lines=`wc -l $tmpfile | cut "-d " -f1`
594 # clean up any leftovers
600 if [ $ret -ne 0 ]; then
613 ip netns add "$testns"
614 if [ $? -ne 0 ]; then
615 echo "SKIP gretap tests: cannot add net namespace $testns"
619 ip link help gretap 2>&1 | grep -q "^Usage:"
621 echo "SKIP: gretap: iproute2 too old"
622 ip netns del "$testns"
627 ip netns exec "$testns" ip link add dev "$DEV_NS" type gretap seq \
628 key 102 local 172.16.1.100 remote 172.16.1.200
631 ip netns exec "$testns" ip addr add dev "$DEV_NS" 10.1.1.100/24
634 ip netns exec "$testns" ip link set dev $DEV_NS up
637 ip netns exec "$testns" ip link del "$DEV_NS"
641 ip netns exec "$testns" ip link add dev "$DEV_NS" type gretap external
644 ip netns exec "$testns" ip link del "$DEV_NS"
647 if [ $ret -ne 0 ]; then
649 ip netns del "$testns"
654 ip netns del "$testns"
663 ip netns add "$testns"
664 if [ $? -ne 0 ]; then
665 echo "SKIP ip6gretap tests: cannot add net namespace $testns"
669 ip link help ip6gretap 2>&1 | grep -q "^Usage:"
671 echo "SKIP: ip6gretap: iproute2 too old"
672 ip netns del "$testns"
677 ip netns exec "$testns" ip link add dev "$DEV_NS" type ip6gretap seq \
678 key 102 local fc00:100::1 remote fc00:100::2
681 ip netns exec "$testns" ip addr add dev "$DEV_NS" fc00:200::1/96
684 ip netns exec "$testns" ip link set dev $DEV_NS up
687 ip netns exec "$testns" ip link del "$DEV_NS"
691 ip netns exec "$testns" ip link add dev "$DEV_NS" type ip6gretap external
694 ip netns exec "$testns" ip link del "$DEV_NS"
697 if [ $ret -ne 0 ]; then
698 echo "FAIL: ip6gretap"
699 ip netns del "$testns"
702 echo "PASS: ip6gretap"
704 ip netns del "$testns"
713 ip link help erspan 2>&1 | grep -q "^Usage:"
715 echo "SKIP: erspan: iproute2 too old"
719 ip netns add "$testns"
720 if [ $? -ne 0 ]; then
721 echo "SKIP erspan tests: cannot add net namespace $testns"
725 # test native tunnel erspan v1
726 ip netns exec "$testns" ip link add dev "$DEV_NS" type erspan seq \
727 key 102 local 172.16.1.100 remote 172.16.1.200 \
728 erspan_ver 1 erspan 488
731 ip netns exec "$testns" ip addr add dev "$DEV_NS" 10.1.1.100/24
734 ip netns exec "$testns" ip link set dev $DEV_NS up
737 ip netns exec "$testns" ip link del "$DEV_NS"
740 # test native tunnel erspan v2
741 ip netns exec "$testns" ip link add dev "$DEV_NS" type erspan seq \
742 key 102 local 172.16.1.100 remote 172.16.1.200 \
743 erspan_ver 2 erspan_dir ingress erspan_hwid 7
746 ip netns exec "$testns" ip addr add dev "$DEV_NS" 10.1.1.100/24
749 ip netns exec "$testns" ip link set dev $DEV_NS up
752 ip netns exec "$testns" ip link del "$DEV_NS"
756 ip netns exec "$testns" ip link add dev "$DEV_NS" type erspan external
759 ip netns exec "$testns" ip link del "$DEV_NS"
762 if [ $ret -ne 0 ]; then
764 ip netns del "$testns"
769 ip netns del "$testns"
778 ip link help ip6erspan 2>&1 | grep -q "^Usage:"
780 echo "SKIP: ip6erspan: iproute2 too old"
784 ip netns add "$testns"
785 if [ $? -ne 0 ]; then
786 echo "SKIP ip6erspan tests: cannot add net namespace $testns"
790 # test native tunnel ip6erspan v1
791 ip netns exec "$testns" ip link add dev "$DEV_NS" type ip6erspan seq \
792 key 102 local fc00:100::1 remote fc00:100::2 \
793 erspan_ver 1 erspan 488
796 ip netns exec "$testns" ip addr add dev "$DEV_NS" 10.1.1.100/24
799 ip netns exec "$testns" ip link set dev $DEV_NS up
802 ip netns exec "$testns" ip link del "$DEV_NS"
805 # test native tunnel ip6erspan v2
806 ip netns exec "$testns" ip link add dev "$DEV_NS" type ip6erspan seq \
807 key 102 local fc00:100::1 remote fc00:100::2 \
808 erspan_ver 2 erspan_dir ingress erspan_hwid 7
811 ip netns exec "$testns" ip addr add dev "$DEV_NS" 10.1.1.100/24
814 ip netns exec "$testns" ip link set dev $DEV_NS up
817 ip netns exec "$testns" ip link del "$DEV_NS"
821 ip netns exec "$testns" ip link add dev "$DEV_NS" \
822 type ip6erspan external
825 ip netns exec "$testns" ip link del "$DEV_NS"
828 if [ $ret -ne 0 ]; then
829 echo "FAIL: ip6erspan"
830 ip netns del "$testns"
833 echo "PASS: ip6erspan"
835 ip netns del "$testns"
841 if [ $ret -ne 0 ];then
842 echo "FAIL: cannot add dummy interface"
865 #check for needed privileges
866 if [ "$(id -u)" -ne 0 ];then
867 echo "SKIP: Need root privileges"
872 $x -Version 2>/dev/null >/dev/null
874 echo "SKIP: Could not run test without the $x tool"