[PATCH net-next 0/9] Test mirror-to-gretap with bridge in UL

List overview All Threads
Download

newer

older

[PATCH bpf-next v4 0/5] fix...

[PATCH v2 1/2] selftests/powerpc:...

Petr Machata

31 May 2018 31 May '18

5:51 p.m.

This patchset adds more tests to the mirror-to-gretap suite where bridge is present in the underlay. Specifically it adds tests for bridge VLAN handling, FDB, and bridge port STP status.

In patches #1-#3, the codebase is refactored to support the new tests.

In patch #4, an STP test is added to the mirroring library, that will later be called from bridge tests.

In patches #5-#8, the test for mirror-to-gretap with an 802.1q bridge in underlay is adapted and more tests are added.

In patch #9, an STP test is added to the test suite for mirror-to-gretap with an 802.1d bridge in underlay.

Petr Machata (9): selftests: forwarding: lib: Move here vlan_capture_{,un}install() selftests: forwarding: mirror_lib: Move here do_test_span_vlan_dir_ips() selftests: forwarding: mirror_lib: skip_hw the VLAN capture selftests: forwarding: mirror_gre_lib: Add STP test selftests: forwarding: mirror_gre_vlan_bridge_1q: Fix tunnel name selftests: forwarding: mirror_gre_vlan_bridge_1q: Test final config selftests: forwarding: mirror_gre_vlan_bridge_1q: Rename two tests selftests: forwarding: mirror_gre_vlan_bridge_1q: Add more tests selftests: forwarding: mirror_gre_bridge_1d_vlan: Add STP test

tools/testing/selftests/net/forwarding/lib.sh | 23 ++++ .../net/forwarding/mirror_gre_bridge_1d_vlan.sh | 12 ++ .../selftests/net/forwarding/mirror_gre_lib.sh | 32 +++++ .../net/forwarding/mirror_gre_vlan_bridge_1q.sh | 148 +++++++++++++++++++-- .../testing/selftests/net/forwarding/mirror_lib.sh | 38 ++++++ .../selftests/net/forwarding/mirror_vlan.sh | 38 ------ 6 files changed, 244 insertions(+), 47 deletions(-)

-- 2.4.11 -- To unsubscribe from this list: send the line "unsubscribe linux-kselftest" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html

Show replies by date

Petr Machata

31 May 31 May

5:52 p.m.

New subject: [PATCH net-next 1/9] selftests: forwarding: lib: Move here vlan_capture_{,un}install()

Move vlan_capture_install() and vlan_capture_uninstall() from mirror_vlan.sh test to lib.sh so that it can be reused in other tests.

Signed-off-by: Petr Machata petrm@mellanox.com --- tools/testing/selftests/net/forwarding/lib.sh | 23 ++++++++++++++++++++++ .../selftests/net/forwarding/mirror_vlan.sh | 23 ---------------------- 2 files changed, 23 insertions(+), 23 deletions(-)

diff --git a/tools/testing/selftests/net/forwarding/lib.sh b/tools/testing/selftests/net/forwarding/lib.sh index 89ba4cd..7b18a53 100644 --- a/tools/testing/selftests/net/forwarding/lib.sh +++ b/tools/testing/selftests/net/forwarding/lib.sh @@ -514,6 +514,29 @@ icmp6_capture_uninstall() __icmp_capture_add_del del 100 v6 "$@" }

+__vlan_capture_add_del() +{ + local add_del=$1; shift + local pref=$1; shift + local dev=$1; shift + local filter=$1; shift + + tc filter $add_del dev "$dev" ingress \ + proto 802.1q pref $pref \ + flower $filter \ + action pass +} + +vlan_capture_install() +{ + __vlan_capture_add_del add 100 "$@" +} + +vlan_capture_uninstall() +{ + __vlan_capture_add_del del 100 "$@" +} + matchall_sink_create() { local dev=$1; shift diff --git a/tools/testing/selftests/net/forwarding/mirror_vlan.sh b/tools/testing/selftests/net/forwarding/mirror_vlan.sh index 1e10520..758b6d0 100755 --- a/tools/testing/selftests/net/forwarding/mirror_vlan.sh +++ b/tools/testing/selftests/net/forwarding/mirror_vlan.sh @@ -76,29 +76,6 @@ test_vlan() test_vlan_dir egress 0 8 }

-vlan_capture_add_del() -{ - local add_del=$1; shift - local pref=$1; shift - local dev=$1; shift - local filter=$1; shift - - tc filter $add_del dev "$dev" ingress \ - proto 802.1q pref $pref \ - flower $filter \ - action pass -} - -vlan_capture_install() -{ - vlan_capture_add_del add 100 "$@" -} - -vlan_capture_uninstall() -{ - vlan_capture_add_del del 100 "$@" -} - do_test_span_vlan_dir_ips() { local expect=$1; shift

Petr Machata

5:52 p.m.

New subject: [PATCH net-next 2/9] selftests: forwarding: mirror_lib: Move here do_test_span_vlan_dir_ips()

Move the function do_test_span_vlan_dir_ips() from mirror_vlan.sh test to a library file mirror_lib.sh to allow reuse. Fill in other entry points similar to other testing functions in mirror_lib.sh, they will be useful in following patches.

Signed-off-by: Petr Machata petrm@mellanox.com --- .../testing/selftests/net/forwarding/mirror_lib.sh | 35 ++++++++++++++++++++++ .../selftests/net/forwarding/mirror_vlan.sh | 15 ---------- 2 files changed, 35 insertions(+), 15 deletions(-)

diff --git a/tools/testing/selftests/net/forwarding/mirror_lib.sh b/tools/testing/selftests/net/forwarding/mirror_lib.sh index 04cbc38..67efe25 100644 --- a/tools/testing/selftests/net/forwarding/mirror_lib.sh +++ b/tools/testing/selftests/net/forwarding/mirror_lib.sh @@ -92,3 +92,38 @@ test_span_dir() { test_span_dir_ips "$@" 192.0.2.1 192.0.2.2 } + +do_test_span_vlan_dir_ips() +{ + local expect=$1; shift + local dev=$1; shift + local vid=$1; shift + local direction=$1; shift + local ip1=$1; shift + local ip2=$1; shift + + vlan_capture_install $dev "vlan_id $vid" + mirror_test v$h1 $ip1 $ip2 $dev 100 $expect + mirror_test v$h2 $ip2 $ip1 $dev 100 $expect + vlan_capture_uninstall $dev +} + +quick_test_span_vlan_dir_ips() +{ + do_test_span_vlan_dir_ips 10 "$@" +} + +fail_test_span_vlan_dir_ips() +{ + do_test_span_vlan_dir_ips 0 "$@" +} + +quick_test_span_vlan_dir() +{ + quick_test_span_vlan_dir_ips "$@" 192.0.2.1 192.0.2.2 +} + +fail_test_span_vlan_dir() +{ + fail_test_span_vlan_dir_ips "$@" 192.0.2.1 192.0.2.2 +} diff --git a/tools/testing/selftests/net/forwarding/mirror_vlan.sh b/tools/testing/selftests/net/forwarding/mirror_vlan.sh index 758b6d0..20b37a5 100755 --- a/tools/testing/selftests/net/forwarding/mirror_vlan.sh +++ b/tools/testing/selftests/net/forwarding/mirror_vlan.sh @@ -76,21 +76,6 @@ test_vlan() test_vlan_dir egress 0 8 }

-do_test_span_vlan_dir_ips() -{ - local expect=$1; shift - local dev=$1; shift - local vid=$1; shift - local direction=$1; shift - local ip1=$1; shift - local ip2=$1; shift - - vlan_capture_install $dev "vlan_id $vid" - mirror_test v$h1 $ip1 $ip2 $dev 100 $expect - mirror_test v$h2 $ip2 $ip1 $dev 100 $expect - vlan_capture_uninstall $dev -} - test_tagged_vlan_dir() { local direction=$1; shift

Petr Machata

5:52 p.m.

New subject: [PATCH net-next 3/9] selftests: forwarding: mirror_lib: skip_hw the VLAN capture

When the VLAN capture is installed on a front panel device and not a soft device, the packets are counted twice: once in fast path, and once after they are trapped to the kernel. Resolve the problem by passing skip_hw flag to vlan_capture_install().

Signed-off-by: Petr Machata petrm@mellanox.com --- tools/testing/selftests/net/forwarding/mirror_lib.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/tools/testing/selftests/net/forwarding/mirror_lib.sh b/tools/testing/selftests/net/forwarding/mirror_lib.sh index 67efe25..d36dc26 100644 --- a/tools/testing/selftests/net/forwarding/mirror_lib.sh +++ b/tools/testing/selftests/net/forwarding/mirror_lib.sh @@ -102,7 +102,10 @@ do_test_span_vlan_dir_ips() local ip1=$1; shift local ip2=$1; shift

- vlan_capture_install $dev "vlan_id $vid" + # Install the capture as skip_hw to avoid double-counting of packets. + # The traffic is meant for local box anyway, so will be trapped to + # kernel. + vlan_capture_install $dev "skip_hw vlan_id $vid" mirror_test v$h1 $ip1 $ip2 $dev 100 $expect mirror_test v$h2 $ip2 $ip1 $dev 100 $expect vlan_capture_uninstall $dev

Petr Machata

5:52 p.m.

New subject: [PATCH net-next 4/9] selftests: forwarding: mirror_gre_lib: Add STP test

Add a reusable full test that toggles STP state of a given bridge port and checks that the mirroring reacts appropriately. The test will be used by bridge tests in follow-up patches.

Signed-off-by: Petr Machata petrm@mellanox.com --- .../selftests/net/forwarding/mirror_gre_lib.sh | 32 ++++++++++++++++++++++ 1 file changed, 32 insertions(+)

diff --git a/tools/testing/selftests/net/forwarding/mirror_gre_lib.sh b/tools/testing/selftests/net/forwarding/mirror_gre_lib.sh index 92ef6dd..619b469 100644 --- a/tools/testing/selftests/net/forwarding/mirror_gre_lib.sh +++ b/tools/testing/selftests/net/forwarding/mirror_gre_lib.sh @@ -96,3 +96,35 @@ full_test_span_gre_dir_vlan() { full_test_span_gre_dir_vlan_ips "$@" 192.0.2.1 192.0.2.2 } + +full_test_span_gre_stp_ips() +{ + local tundev=$1; shift + local nbpdev=$1; shift + local what=$1; shift + local ip1=$1; shift + local ip2=$1; shift + local h3mac=$(mac_get $h3) + + RET=0 + + mirror_install $swp1 ingress $tundev "matchall $tcflags" + quick_test_span_gre_dir_ips $tundev ingress $ip1 $ip2 + + bridge link set dev $nbpdev state disabled + sleep 1 + fail_test_span_gre_dir_ips $tundev ingress $ip1 $ip2 + + bridge link set dev $nbpdev state forwarding + sleep 1 + quick_test_span_gre_dir_ips $tundev ingress $ip1 $ip2 + + mirror_uninstall $swp1 ingress + + log_test "$what: STP state ($tcflags)" +} + +full_test_span_gre_stp() +{ + full_test_span_gre_stp_ips "$@" 192.0.2.1 192.0.2.2 +}

Petr Machata

5:52 p.m.

New subject: [PATCH net-next 5/9] selftests: forwarding: mirror_gre_vlan_bridge_1q: Fix tunnel name

The "ip6gretap" in the test name refers to the tunnel device type that the test is supposed to be testing. However test_ip6gretap_forbidden() tests, due to a typo, a gretap tunnel. Fix the typo.

Signed-off-by: Petr Machata petrm@mellanox.com --- tools/testing/selftests/net/forwarding/mirror_gre_vlan_bridge_1q.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

test_ip6gretap_forbidden() { - test_span_gre_forbidden gt4 "mirror to ip6gretap" + test_span_gre_forbidden gt6 "mirror to ip6gretap" }

test_all()

Petr Machata

5:52 p.m.

New subject: [PATCH net-next 6/9] selftests: forwarding: mirror_gre_vlan_bridge_1q: Test final config

After the final change reestablishes the original configuration, make sure the traffic flows again as it should.

Signed-off-by: Petr Machata petrm@mellanox.com --- tools/testing/selftests/net/forwarding/mirror_gre_vlan_bridge_1q.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/tools/testing/selftests/net/forwarding/mirror_gre_vlan_bridge_1q.sh b/tools/testing/selftests/net/forwarding/mirror_gre_vlan_bridge_1q.sh index 29fde73..0a3bac9 100755 --- a/tools/testing/selftests/net/forwarding/mirror_gre_vlan_bridge_1q.sh +++ b/tools/testing/selftests/net/forwarding/mirror_gre_vlan_bridge_1q.sh @@ -91,12 +91,13 @@ test_span_gre_forbidden() # Now forbid the VLAN at the bridge and see it fail. bridge vlan del dev br1 vid 555 self sleep 1 - fail_test_span_gre_dir $tundev ingress - mirror_uninstall $swp1 ingress

bridge vlan add dev br1 vid 555 self sleep 1 + quick_test_span_gre_dir $tundev ingress + + mirror_uninstall $swp1 ingress

log_test "$what: vlan forbidden at a bridge ($tcflags)" }

Petr Machata

5:52 p.m.

New subject: [PATCH net-next 7/9] selftests: forwarding: mirror_gre_vlan_bridge_1q: Rename two tests

Rename test_gretap_forbidden() and test_ip6gretap_forbidden() to a more specific test_gretap_forbidden_cpu() and test_ip6gretap_forbidden_cpu(). This will make it clearer which is which when further down a patch is introduced that forbids a VLAN on regular bridge port.

Signed-off-by: Petr Machata petrm@mellanox.com --- .../selftests/net/forwarding/mirror_gre_vlan_bridge_1q.sh | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/tools/testing/selftests/net/forwarding/mirror_gre_vlan_bridge_1q.sh b/tools/testing/selftests/net/forwarding/mirror_gre_vlan_bridge_1q.sh index 0a3bac9..d91b347 100755 --- a/tools/testing/selftests/net/forwarding/mirror_gre_vlan_bridge_1q.sh +++ b/tools/testing/selftests/net/forwarding/mirror_gre_vlan_bridge_1q.sh @@ -10,8 +10,8 @@ ALL_TESTS=" test_gretap test_ip6gretap - test_gretap_forbidden - test_ip6gretap_forbidden + test_gretap_forbidden_cpu + test_ip6gretap_forbidden_cpu "

NUM_NETIFS=6 @@ -77,7 +77,7 @@ test_ip6gretap() test_vlan_match gt6 'vlan_id 555 vlan_ethtype ipv6' "mirror to ip6gretap" }

-test_span_gre_forbidden() +test_span_gre_forbidden_cpu() { local tundev=$1; shift local what=$1; shift @@ -102,14 +102,14 @@ test_span_gre_forbidden() log_test "$what: vlan forbidden at a bridge ($tcflags)" }

-test_gretap_forbidden() +test_gretap_forbidden_cpu() { - test_span_gre_forbidden gt4 "mirror to gretap" + test_span_gre_forbidden_cpu gt4 "mirror to gretap" }

-test_ip6gretap_forbidden() +test_ip6gretap_forbidden_cpu() { - test_span_gre_forbidden gt6 "mirror to ip6gretap" + test_span_gre_forbidden_cpu gt6 "mirror to ip6gretap" }

test_all()

Petr Machata

5:52 p.m.

New subject: [PATCH net-next 8/9] selftests: forwarding: mirror_gre_vlan_bridge_1q: Add more tests

Offloading of mirror-to-gretap in mlxsw is tricky especially in cases when the gretap underlay involves bridges. Add more tests that exercise the bridge handling code:

- forbidden_egress tests that check vlan removal on bridge port in the underlay packet path - untagged_egress tests that similarly check "egress untagged" - fdb_roaming tests that check whether learning FDB on a different port is reflected - stp tests for handling port STP status of bridge egress port

Signed-off-by: Petr Machata petrm@mellanox.com --- .../net/forwarding/mirror_gre_vlan_bridge_1q.sh | 129 +++++++++++++++++++++ 1 file changed, 129 insertions(+)

diff --git a/tools/testing/selftests/net/forwarding/mirror_gre_vlan_bridge_1q.sh b/tools/testing/selftests/net/forwarding/mirror_gre_vlan_bridge_1q.sh index d91b347..5dbc7a0 100755 --- a/tools/testing/selftests/net/forwarding/mirror_gre_vlan_bridge_1q.sh +++ b/tools/testing/selftests/net/forwarding/mirror_gre_vlan_bridge_1q.sh @@ -12,6 +12,14 @@ ALL_TESTS=" test_ip6gretap test_gretap_forbidden_cpu test_ip6gretap_forbidden_cpu + test_gretap_forbidden_egress + test_ip6gretap_forbidden_egress + test_gretap_untagged_egress + test_ip6gretap_untagged_egress + test_gretap_fdb_roaming + test_ip6gretap_fdb_roaming + test_gretap_stp + test_ip6gretap_stp "

NUM_NETIFS=6 @@ -43,12 +51,14 @@ setup_prepare()

ip link set dev $swp3 master br1 bridge vlan add dev $swp3 vid 555 + bridge vlan add dev $swp2 vid 555 }

cleanup() { pre_cleanup

+ ip link set dev $swp2 nomaster ip link set dev $swp3 nomaster vlan_destroy $h3 555 vlan_destroy br1 555 @@ -112,6 +122,125 @@ test_ip6gretap_forbidden_cpu() test_span_gre_forbidden_cpu gt6 "mirror to ip6gretap" }

+test_span_gre_forbidden_egress() +{ + local tundev=$1; shift + local what=$1; shift + + RET=0 + + mirror_install $swp1 ingress $tundev "matchall $tcflags" + quick_test_span_gre_dir $tundev ingress + + bridge vlan del dev $swp3 vid 555 + sleep 1 + fail_test_span_gre_dir $tundev ingress + + bridge vlan add dev $swp3 vid 555 + # Re-prime FDB + arping -I br1.555 192.0.2.130 -fqc 1 + sleep 1 + quick_test_span_gre_dir $tundev ingress + + mirror_uninstall $swp1 ingress + + log_test "$what: vlan forbidden at a bridge egress ($tcflags)" +} + +test_gretap_forbidden_egress() +{ + test_span_gre_forbidden_egress gt4 "mirror to gretap" +} + +test_ip6gretap_forbidden_egress() +{ + test_span_gre_forbidden_egress gt6 "mirror to ip6gretap" +} + +test_span_gre_untagged_egress() +{ + local tundev=$1; shift + local what=$1; shift + + RET=0 + + mirror_install $swp1 ingress $tundev "matchall $tcflags" + + quick_test_span_gre_dir $tundev ingress + quick_test_span_vlan_dir $h3 555 ingress + + bridge vlan add dev $swp3 vid 555 pvid untagged + sleep 1 + quick_test_span_gre_dir $tundev ingress + fail_test_span_vlan_dir $h3 555 ingress + + bridge vlan add dev $swp3 vid 555 + sleep 1 + quick_test_span_gre_dir $tundev ingress + quick_test_span_vlan_dir $h3 555 ingress + + mirror_uninstall $swp1 ingress + + log_test "$what: vlan untagged at a bridge egress ($tcflags)" +} + +test_gretap_untagged_egress() +{ + test_span_gre_untagged_egress gt4 "mirror to gretap" +} + +test_ip6gretap_untagged_egress() +{ + test_span_gre_untagged_egress gt6 "mirror to ip6gretap" +} + +test_span_gre_fdb_roaming() +{ + local tundev=$1; shift + local what=$1; shift + local h3mac=$(mac_get $h3) + + RET=0 + + mirror_install $swp1 ingress $tundev "matchall $tcflags" + quick_test_span_gre_dir $tundev ingress + + bridge fdb del dev $swp3 $h3mac vlan 555 master + bridge fdb add dev $swp2 $h3mac vlan 555 master + sleep 1 + fail_test_span_gre_dir $tundev ingress + + bridge fdb del dev $swp2 $h3mac vlan 555 master + # Re-prime FDB + arping -I br1.555 192.0.2.130 -fqc 1 + sleep 1 + quick_test_span_gre_dir $tundev ingress + + mirror_uninstall $swp1 ingress + + log_test "$what: MAC roaming ($tcflags)" +} + +test_gretap_fdb_roaming() +{ + test_span_gre_fdb_roaming gt4 "mirror to gretap" +} + +test_ip6gretap_fdb_roaming() +{ + test_span_gre_fdb_roaming gt6 "mirror to ip6gretap" +} + +test_gretap_stp() +{ + full_test_span_gre_stp gt4 $swp3 "mirror to gretap" +} + +test_ip6gretap_stp() +{ + full_test_span_gre_stp gt6 $swp3 "mirror to ip6gretap" +} + test_all() { slow_path_trap_install $swp1 ingress

Petr Machata

5:52 p.m.

New subject: [PATCH net-next 9/9] selftests: forwarding: mirror_gre_bridge_1d_vlan: Add STP test

To test offloading of mirror-to-gretap in mlxsw for cases that a VLAN-unaware bridge is in underlay packet path, test that the STP status of bridge egress port is reflected.

Signed-off-by: Petr Machata petrm@mellanox.com --- .../selftests/net/forwarding/mirror_gre_bridge_1d_vlan.sh | 12 ++++++++++++ 1 file changed, 12 insertions(+)

diff --git a/tools/testing/selftests/net/forwarding/mirror_gre_bridge_1d_vlan.sh b/tools/testing/selftests/net/forwarding/mirror_gre_bridge_1d_vlan.sh index 3d47afc..3bb4c2b 100755 --- a/tools/testing/selftests/net/forwarding/mirror_gre_bridge_1d_vlan.sh +++ b/tools/testing/selftests/net/forwarding/mirror_gre_bridge_1d_vlan.sh @@ -11,6 +11,8 @@ ALL_TESTS=" test_gretap test_ip6gretap + test_gretap_stp + test_ip6gretap_stp "

NUM_NETIFS=6 @@ -80,6 +82,16 @@ test_ip6gretap() test_vlan_match gt6 'vlan_id 555 vlan_ethtype ipv6' "mirror to ip6gretap" }

+test_gretap_stp() +{ + full_test_span_gre_stp gt4 $swp3.555 "mirror to gretap" +} + +test_ip6gretap_stp() +{ + full_test_span_gre_stp gt6 $swp3.555 "mirror to ip6gretap" +} + test_all() { slow_path_trap_install $swp1 ingress

David Miller

1 Jun 1 Jun

6:11 p.m.

From: Petr Machata petrm@mellanox.com Date: Thu, 31 May 2018 19:51:56 +0200

...

This patchset adds more tests to the mirror-to-gretap suite where bridge is present in the underlay. Specifically it adds tests for bridge VLAN handling, FDB, and bridge port STP status.

In patches #1-#3, the codebase is refactored to support the new tests.

In patch #4, an STP test is added to the mirroring library, that will later be called from bridge tests.

In patches #5-#8, the test for mirror-to-gretap with an 802.1q bridge in underlay is adapted and more tests are added.

In patch #9, an STP test is added to the test suite for mirror-to-gretap with an 802.1d bridge in underlay.

Series applied, thanks. -- To unsubscribe from this list: send the line "unsubscribe linux-kselftest" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html

2395

days inactive

2396

days old

linux-kselftest-mirror@lists.linaro.org

10 comments

participants

tags (0)

participants (2)

David Miller
Petr Machata