Почетна Преглед Помоћ
Пријавите се
phreedom2600net
/
linux-libre
Прати 2
Волим 0
Креирај огранак 0
Датотеке Дискусије 0 Захтеви за спајање 0 Вики
Грана: audiocape
Гране Ознаке
linux-libre
/
samples
/
bpf
/
test_tunnel_bpf.sh

test_tunnel_bpf.sh 4.2 KB
Пермалинк Историја Датотека

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168 
  1. #!/bin/bash
    2. 

  2. # In Namespace 0 (at_ns0) using native tunnel
    3. 

  3. # Overlay IP: 10.1.1.100
    4. 

  4. # local 192.16.1.100 remote 192.16.1.200
    5. 

  5. # veth0 IP: 172.16.1.100, tunnel dev <type>00
    6. 

  6. 

  7. # Out of Namespace using BPF set/get on lwtunnel
    8. 

  8. # Overlay IP: 10.1.1.200
    9. 

  9. # local 172.16.1.200 remote 172.16.1.100
    10. 

  10. # veth1 IP: 172.16.1.200, tunnel dev <type>11
    11. 

  11. 

  12. function config_device {
    13. 

  13. 	ip netns add at_ns0
    14. 

  14. 	ip link add veth0 type veth peer name veth1
    15. 

  15. 	ip link set veth0 netns at_ns0
    16. 

  16. 	ip netns exec at_ns0 ip addr add 172.16.1.100/24 dev veth0
    17. 

  17. 	ip netns exec at_ns0 ip link set dev veth0 up
    18. 

  18. 	ip link set dev veth1 up mtu 1500
    19. 

  19. 	ip addr add dev veth1 172.16.1.200/24
    20. 

  20. }
    21. 

  21. 

  22. function add_gre_tunnel {
    23. 

  23. 	# in namespace
    24. 

  24. 	ip netns exec at_ns0 \
    25. 

  25. 		ip link add dev $DEV_NS type $TYPE key 2 local 172.16.1.100 remote 172.16.1.200
    26. 

  26. 	ip netns exec at_ns0 ip link set dev $DEV_NS up
    27. 

  27. 	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
    28. 

  28. 

  29. 	# out of namespace
    30. 

  30. 	ip link add dev $DEV type $TYPE key 2 external
    31. 

  31. 	ip link set dev $DEV up
    32. 

  32. 	ip addr add dev $DEV 10.1.1.200/24
    33. 

  33. }
    34. 

  34. 

  35. function add_vxlan_tunnel {
    36. 

  36. 	# Set static ARP entry here because iptables set-mark works
    37. 

  37. 	# on L3 packet, as a result not applying to ARP packets,
    38. 

  38. 	# causing errors at get_tunnel_{key/opt}.
    39. 

  39. 

  40. 	# in namespace
    41. 

  41. 	ip netns exec at_ns0 \
    42. 

  42. 		ip link add dev $DEV_NS type $TYPE id 2 dstport 4789 gbp remote 172.16.1.200
    43. 

  43. 	ip netns exec at_ns0 ip link set dev $DEV_NS address 52:54:00:d9:01:00 up
    44. 

  44. 	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
    45. 

  45. 	ip netns exec at_ns0 arp -s 10.1.1.200 52:54:00:d9:02:00
    46. 

  46. 	ip netns exec at_ns0 iptables -A OUTPUT -j MARK --set-mark 0x800FF
    47. 

  47. 

  48. 	# out of namespace
    49. 

  49. 	ip link add dev $DEV type $TYPE external gbp dstport 4789
    50. 

  50. 	ip link set dev $DEV address 52:54:00:d9:02:00 up
    51. 

  51. 	ip addr add dev $DEV 10.1.1.200/24
    52. 

  52. 	arp -s 10.1.1.100 52:54:00:d9:01:00
    53. 

  53. }
    54. 

  54. 

  55. function add_geneve_tunnel {
    56. 

  56. 	# in namespace
    57. 

  57. 	ip netns exec at_ns0 \
    58. 

  58. 		ip link add dev $DEV_NS type $TYPE id 2 dstport 6081 remote 172.16.1.200
    59. 

  59. 	ip netns exec at_ns0 ip link set dev $DEV_NS up
    60. 

  60. 	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
    61. 

  61. 

  62. 	# out of namespace
    63. 

  63. 	ip link add dev $DEV type $TYPE dstport 6081 external
    64. 

  64. 	ip link set dev $DEV up
    65. 

  65. 	ip addr add dev $DEV 10.1.1.200/24
    66. 

  66. }
    67. 

  67. 

  68. function add_ipip_tunnel {
    69. 

  69. 	# in namespace
    70. 

  70. 	ip netns exec at_ns0 \
    71. 

  71. 		ip link add dev $DEV_NS type $TYPE local 172.16.1.100 remote 172.16.1.200
    72. 

  72. 	ip netns exec at_ns0 ip link set dev $DEV_NS up
    73. 

  73. 	ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24
    74. 

  74. 

  75. 	# out of namespace
    76. 

  76. 	ip link add dev $DEV type $TYPE external
    77. 

  77. 	ip link set dev $DEV up
    78. 

  78. 	ip addr add dev $DEV 10.1.1.200/24
    79. 

  79. }
    80. 

  80. 

  81. function attach_bpf {
    82. 

  82. 	DEV=$1
    83. 

  83. 	SET_TUNNEL=$2
    84. 

  84. 	GET_TUNNEL=$3
    85. 

  85. 	tc qdisc add dev $DEV clsact
    86. 

  86. 	tc filter add dev $DEV egress bpf da obj tcbpf2_kern.o sec $SET_TUNNEL
    87. 

  87. 	tc filter add dev $DEV ingress bpf da obj tcbpf2_kern.o sec $GET_TUNNEL
    88. 

  88. }
    89. 

  89. 

  90. function test_gre {
    91. 

  91. 	TYPE=gretap
    92. 

  92. 	DEV_NS=gretap00
    93. 

  93. 	DEV=gretap11
    94. 

  94. 	config_device
    95. 

  95. 	add_gre_tunnel
    96. 

  96. 	attach_bpf $DEV gre_set_tunnel gre_get_tunnel
    97. 

  97. 	ping -c 1 10.1.1.100
    98. 

  98. 	ip netns exec at_ns0 ping -c 1 10.1.1.200
    99. 

  99. 	cleanup
    100. 

  100. }
    101. 

  101. 

  102. function test_vxlan {
    103. 

  103. 	TYPE=vxlan
    104. 

  104. 	DEV_NS=vxlan00
    105. 

  105. 	DEV=vxlan11
    106. 

  106. 	config_device
    107. 

  107. 	add_vxlan_tunnel
    108. 

  108. 	attach_bpf $DEV vxlan_set_tunnel vxlan_get_tunnel
    109. 

  109. 	ping -c 1 10.1.1.100
    110. 

  110. 	ip netns exec at_ns0 ping -c 1 10.1.1.200
    111. 

  111. 	cleanup
    112. 

  112. }
    113. 

  113. 

  114. function test_geneve {
    115. 

  115. 	TYPE=geneve
    116. 

  116. 	DEV_NS=geneve00
    117. 

  117. 	DEV=geneve11
    118. 

  118. 	config_device
    119. 

  119. 	add_geneve_tunnel
    120. 

  120. 	attach_bpf $DEV geneve_set_tunnel geneve_get_tunnel
    121. 

  121. 	ping -c 1 10.1.1.100
    122. 

  122. 	ip netns exec at_ns0 ping -c 1 10.1.1.200
    123. 

  123. 	cleanup
    124. 

  124. }
    125. 

  125. 

  126. function test_ipip {
    127. 

  127. 	TYPE=ipip
    128. 

  128. 	DEV_NS=ipip00
    129. 

  129. 	DEV=ipip11
    130. 

  130. 	config_device
    131. 

  131. 	tcpdump -nei veth1 &
    132. 

  132. 	cat /sys/kernel/debug/tracing/trace_pipe &
    133. 

  133. 	add_ipip_tunnel
    134. 

  134. 	ethtool -K veth1 gso off gro off rx off tx off
    135. 

  135. 	ip link set dev veth1 mtu 1500
    136. 

  136. 	attach_bpf $DEV ipip_set_tunnel ipip_get_tunnel
    137. 

  137. 	ping -c 1 10.1.1.100
    138. 

  138. 	ip netns exec at_ns0 ping -c 1 10.1.1.200
    139. 

  139. 	ip netns exec at_ns0 iperf -sD -p 5200 > /dev/null
    140. 

  140. 	sleep 0.2
    141. 

  141. 	iperf -c 10.1.1.100 -n 5k -p 5200
    142. 

  142. 	cleanup
    143. 

  143. }
    144. 

  144. 

  145. function cleanup {
    146. 

  146. 	set +ex
    147. 

  147. 	pkill iperf
    148. 

  148. 	ip netns delete at_ns0
    149. 

  149. 	ip link del veth1
    150. 

  150. 	ip link del ipip11
    151. 

  151. 	ip link del gretap11
    152. 

  152. 	ip link del geneve11
    153. 

  153. 	pkill tcpdump
    154. 

  154. 	pkill cat
    155. 

  155. 	set -ex
    156. 

  156. }
    157. 

  157. 

  158. cleanup
    159. 

  159. echo "Testing GRE tunnel..."
    160. 

  160. test_gre
    161. 

  161. echo "Testing VXLAN tunnel..."
    162. 

  162. test_vxlan
    163. 

  163. echo "Testing GENEVE tunnel..."
    164. 

  164. test_geneve
    165. 

  165. echo "Testing IPIP tunnel..."
    166. 

  166. test_ipip
    167. 

  167. echo "*** PASS ***"
    168. 

  168.