From: Mattias Forsblad <mattias.forsblad@gmail.com>
To: netdev@vger.kernel.org
Cc: "David S . Miller" <davem@davemloft.net>,
Jakub Kicinski <kuba@kernel.org>, Andrew Lunn <andrew@lunn.ch>,
Florian Fainelli <f.fainelli@gmail.com>,
Vivien Didelot <vivien.didelot@gmail.com>,
Roopa Prabhu <roopa@nvidia.com>,
Tobias Waldekranz <tobias@waldekranz.com>,
Mattias Forsblad <mattias.forsblad+netdev@gmail.com>
Subject: [PATCH v2 net-next 5/5] selftest: Add bridge flood flag tests
Date: Wed, 16 Mar 2022 16:30:59 +0100 [thread overview]
Message-ID: <20220316153059.2503153-6-mattias.forsblad+netdev@gmail.com> (raw)
In-Reply-To: <20220316153059.2503153-1-mattias.forsblad+netdev@gmail.com>
Add test to check that the bridge flood flags works correctly.
When the bridge flag {flood,mcast_flood,bcast_flood} are cleared
no packets of the corresponding type should be flooded to the
bridge.
Signed-off-by: Mattias Forsblad <mattias.forsblad+netdev@gmail.com>
---
.../testing/selftests/net/forwarding/Makefile | 1 +
.../selftests/net/forwarding/bridge_flood.sh | 169 ++++++++++++++++++
tools/testing/selftests/net/forwarding/lib.sh | 8 +
3 files changed, 178 insertions(+)
create mode 100755 tools/testing/selftests/net/forwarding/bridge_flood.sh
diff --git a/tools/testing/selftests/net/forwarding/Makefile b/tools/testing/selftests/net/forwarding/Makefile
index 8fa97ae9af9e..24ca6a333edd 100644
--- a/tools/testing/selftests/net/forwarding/Makefile
+++ b/tools/testing/selftests/net/forwarding/Makefile
@@ -1,6 +1,7 @@
# SPDX-License-Identifier: GPL-2.0+ OR MIT
TEST_PROGS = bridge_igmp.sh \
+ bridge_flood.sh \
bridge_locked_port.sh \
bridge_port_isolation.sh \
bridge_sticky_fdb.sh \
diff --git a/tools/testing/selftests/net/forwarding/bridge_flood.sh b/tools/testing/selftests/net/forwarding/bridge_flood.sh
new file mode 100755
index 000000000000..ea3e7da139aa
--- /dev/null
+++ b/tools/testing/selftests/net/forwarding/bridge_flood.sh
@@ -0,0 +1,169 @@
+#!/bin/bash
+# SPDX-License-Identifier: GPL-2.0
+
+ALL_TESTS="ping_test bridge_flood"
+NUM_NETIFS=4
+CHECK_TC="no"
+source lib.sh
+bridge=br3
+
+h1_create()
+{
+ simple_if_init $h1 192.0.2.1/24 2001:db8:1::1/64
+}
+
+h1_destroy()
+{
+ simple_if_fini $h1 192.0.2.1/24 2001:db8:1::1/64
+}
+
+h2_create()
+{
+ simple_if_init $h2 192.0.2.2/24 2001:db8:1::2/64
+}
+
+h2_destroy()
+{
+ simple_if_fini $h2 192.0.2.2/24 2001:db8:1::2/64
+}
+
+switch_create()
+{
+ ip link add dev $bridge type bridge
+
+ ip link set dev $swp1 master $bridge
+ ip link set dev $swp2 master $bridge
+ ip link set dev $swp1 type bridge_slave learning off
+ ip link set dev $swp2 type bridge_slave learning off
+
+ ip link set dev $bridge type bridge flood 0 mcast_flood 0 bcast_flood 0
+ check_err $? "Can't set bridge flooding off on $bridge"
+
+ ip link set dev $bridge up
+ ip link set dev $bridge promisc on
+ ip link set dev $swp1 up
+ ip link set dev $swp2 up
+}
+
+switch_destroy()
+{
+ ip link set dev $swp2 down
+ ip link set dev $swp1 down
+
+ ip link del dev $bridge
+}
+
+setup_prepare()
+{
+ h1=${NETIFS[p1]}
+ swp1=${NETIFS[p2]}
+
+ swp2=${NETIFS[p3]}
+ h2=${NETIFS[p4]}
+
+ vrf_prepare
+
+ h1_create
+ h2_create
+
+ switch_create
+}
+
+ping_test()
+{
+ echo "Check connectivity /w ping"
+ ping_do $h1 192.0.2.2
+ check_err $? "ping fail"
+ log_test "ping test"
+}
+
+cleanup()
+{
+ pre_cleanup
+
+ switch_destroy
+
+ h2_destroy
+ h1_destroy
+
+ vrf_cleanup
+}
+
+bridge_flood_test_do()
+{
+ local should_flood=$1
+ local mac=$2
+ local ip=$3
+ local host1_if=$4
+ local err=0
+ local vrf_name
+
+
+ # Add an ACL on `host2_if` which will tell us whether the packet
+ # was flooded to it or not.
+ tc qdisc add dev $bridge ingress
+ tc filter add dev $bridge ingress protocol ip pref 1 handle 101 \
+ flower dst_mac $mac action drop
+
+ vrf_name=$(master_name_get $host1_if)
+ ip vrf exec $vrf_name \
+ $MZ $host1_if -c 1 -p 64 -b $mac -B $ip -t ip -q
+ sleep 1
+
+ tc -j -s filter show dev $bridge ingress \
+ | jq -e ".[] | select(.options.handle == 101) \
+ | select(.options.actions[0].stats.packets == 1)" &> /dev/null
+ if [[ $? -ne 0 && $should_flood == "true" || \
+ $? -eq 0 && $should_flood == "false" ]]; then
+ err=1
+ fi
+
+ tc filter del dev $bridge ingress protocol ip pref 1 handle 101 flower
+ tc qdisc del dev $bridge ingress
+
+ return $err
+}
+
+bridge_flood_test()
+{
+ local mac=$1
+ local ip=$2
+ local flag=$3
+
+ RET=0
+
+ ip link set dev $bridge type bridge $flag 0
+
+ bridge_flood_test_do false $mac $ip $h1 $bridge
+ check_err $? "Packet flooded when should not"
+ log_test "Bridge test flag $flag disabled"
+
+ ip link set dev $bridge type bridge $flag 1
+
+ bridge_flood_test_do true $mac $ip $h1 $bridge
+ check_err $? "Packet was not flooded when should"
+
+ log_test "Bridge test flag $flag enabled"
+}
+
+bridge_flood()
+{
+ RET=0
+
+ check_bridge_flood_support $bridge || return 0
+
+ bridge_flood_test de:ad:be:ef:13:37 192.0.2.100 flood
+
+ bridge_flood_test 01:00:5e:00:00:01 239.0.0.1 mcast_flood
+
+ bridge_flood_test ff:ff:ff:ff:ff:ff 192.0.2.100 bcast_flood
+}
+
+trap cleanup EXIT
+
+setup_prepare
+setup_wait
+
+tests_run
+
+exit $EXIT_STATUS
diff --git a/tools/testing/selftests/net/forwarding/lib.sh b/tools/testing/selftests/net/forwarding/lib.sh
index 664b9ecaf228..12e69837374e 100644
--- a/tools/testing/selftests/net/forwarding/lib.sh
+++ b/tools/testing/selftests/net/forwarding/lib.sh
@@ -134,6 +134,14 @@ check_locked_port_support()
fi
}
+check_bridge_flood_support()
+{
+ if ! ip -d link show dev $1 | grep -q " flood"; then
+ echo "SKIP: iproute2 too old; Bridge flood feature not supported."
+ return $ksft_skip
+ fi
+}
+
if [[ "$(id -u)" -ne 0 ]]; then
echo "SKIP: need root privileges"
exit $ksft_skip
--
2.25.1
prev parent reply other threads:[~2022-03-16 15:31 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-16 15:30 [PATCH v2 net-next 0/5] bridge: dsa: switchdev: mv88e6xxx: Implement bridge flood flags Mattias Forsblad
2022-03-16 15:30 ` [PATCH v2 net-next 1/5] switchdev: Add local_receive attribute Mattias Forsblad
2022-03-16 15:30 ` [PATCH v2 net-next 2/5] net: bridge: Implement bridge flood flag Mattias Forsblad
2022-03-16 20:06 ` Jakub Kicinski
2022-03-16 20:49 ` kernel test robot
2022-03-16 15:30 ` [PATCH v2 net-next 3/5] dsa: Handle the flood flag in the DSA layer Mattias Forsblad
2022-03-16 15:30 ` [PATCH v2 net-next 4/5] mv88e6xxx: Offload the flood flag Mattias Forsblad
2022-03-16 15:30 ` Mattias Forsblad [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220316153059.2503153-6-mattias.forsblad+netdev@gmail.com \
--to=mattias.forsblad@gmail.com \
--cc=andrew@lunn.ch \
--cc=davem@davemloft.net \
--cc=f.fainelli@gmail.com \
--cc=kuba@kernel.org \
--cc=mattias.forsblad+netdev@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=roopa@nvidia.com \
--cc=tobias@waldekranz.com \
--cc=vivien.didelot@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.