2 # SPDX-License-Identifier: GPL-2.0
4 # This test is for checking IPv4 and IPv6 FIB behavior in response to
8 # Kselftest framework requirement - SKIP code is 4.
11 # all tests in this script. Can be overridden with -t option
12 TESTS="unregister down carrier nexthop suppress ipv6_rt ipv4_rt ipv6_addr_metric ipv4_addr_metric ipv6_route_metrics ipv4_route_metrics ipv4_route_v6_gw rp_filter ipv4_del_addr ipv4_mangle ipv6_mangle"
18 NS_EXEC="ip netns exec ns1"
20 which ping6 > /dev/null 2>&1 && ping6=$(which ping6) || ping6=$(which ping)
28 if [ ${rc} -eq ${expected} ]; then
29 printf " TEST: %-60s [ OK ]\n" "${msg}"
30 nsuccess=$((nsuccess+1))
34 printf " TEST: %-60s [FAIL]\n" "${msg}"
35 if [ "${PAUSE_ON_FAIL}" = "yes" ]; then
37 echo "hit enter to continue, 'q' to quit"
39 [ "$a" = "q" ] && exit 1
43 if [ "${PAUSE}" = "yes" ]; then
45 echo "hit enter to continue, 'q' to quit"
47 [ "$a" = "q" ] && exit 1
56 $IP link set dev lo up
57 ip netns exec ns1 sysctl -qw net.ipv4.ip_forward=1
58 ip netns exec ns1 sysctl -qw net.ipv6.conf.all.forwarding=1
60 $IP link add dummy0 type dummy
61 $IP link set dev dummy0 up
62 $IP address add 198.51.100.1/24 dev dummy0
63 $IP -6 address add 2001:db8:1::1/64 dev dummy0
70 $IP link del dev dummy0 &> /dev/null
72 ip netns del ns2 &> /dev/null
80 addr=$($IP -6 -br addr show dev ${dev} | \
82 for (i = 3; i <= NF; ++i) {
90 [ -z "$addr" ] && return 1
97 fib_unreg_unicast_test()
100 echo "Single path route test"
105 $IP route get fibmatch 198.51.100.2 &> /dev/null
106 log_test $? 0 "IPv4 fibmatch"
107 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
108 log_test $? 0 "IPv6 fibmatch"
111 $IP link del dev dummy0
114 echo " Nexthop device deleted"
115 $IP route get fibmatch 198.51.100.2 &> /dev/null
116 log_test $? 2 "IPv4 fibmatch - no route"
117 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
118 log_test $? 2 "IPv6 fibmatch - no route"
123 fib_unreg_multipath_test()
127 echo "Multipath route test"
132 $IP link add dummy1 type dummy
133 $IP link set dev dummy1 up
134 $IP address add 192.0.2.1/24 dev dummy1
135 $IP -6 address add 2001:db8:2::1/64 dev dummy1
137 $IP route add 203.0.113.0/24 \
138 nexthop via 198.51.100.2 dev dummy0 \
139 nexthop via 192.0.2.2 dev dummy1
140 $IP -6 route add 2001:db8:3::/64 \
141 nexthop via 2001:db8:1::2 dev dummy0 \
142 nexthop via 2001:db8:2::2 dev dummy1
146 $IP route get fibmatch 203.0.113.1 &> /dev/null
147 log_test $? 0 "IPv4 fibmatch"
148 $IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null
149 log_test $? 0 "IPv6 fibmatch"
152 $IP link del dev dummy0
155 echo " One nexthop device deleted"
156 $IP route get fibmatch 203.0.113.1 &> /dev/null
157 log_test $? 2 "IPv4 - multipath route removed on delete"
159 $IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null
160 # In IPv6 we do not flush the entire multipath route.
161 log_test $? 0 "IPv6 - multipath down to single path"
164 $IP link del dev dummy1
167 echo " Second nexthop device deleted"
168 $IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null
169 log_test $? 2 "IPv6 - no route"
176 fib_unreg_unicast_test
177 fib_unreg_multipath_test
180 fib_down_unicast_test()
183 echo "Single path, admin down"
188 $IP route get fibmatch 198.51.100.2 &> /dev/null
189 log_test $? 0 "IPv4 fibmatch"
190 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
191 log_test $? 0 "IPv6 fibmatch"
194 $IP link set dev dummy0 down
197 echo " Route deleted on down"
198 $IP route get fibmatch 198.51.100.2 &> /dev/null
199 log_test $? 2 "IPv4 fibmatch"
200 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
201 log_test $? 2 "IPv6 fibmatch"
206 fib_down_multipath_test_do()
211 $IP route get fibmatch 203.0.113.1 \
212 oif $down_dev &> /dev/null
213 log_test $? 2 "IPv4 fibmatch on down device"
214 $IP -6 route get fibmatch 2001:db8:3::1 \
215 oif $down_dev &> /dev/null
216 log_test $? 2 "IPv6 fibmatch on down device"
218 $IP route get fibmatch 203.0.113.1 \
219 oif $up_dev &> /dev/null
220 log_test $? 0 "IPv4 fibmatch on up device"
221 $IP -6 route get fibmatch 2001:db8:3::1 \
222 oif $up_dev &> /dev/null
223 log_test $? 0 "IPv6 fibmatch on up device"
225 $IP route get fibmatch 203.0.113.1 | \
226 grep $down_dev | grep -q "dead linkdown"
227 log_test $? 0 "IPv4 flags on down device"
228 $IP -6 route get fibmatch 2001:db8:3::1 | \
229 grep $down_dev | grep -q "dead linkdown"
230 log_test $? 0 "IPv6 flags on down device"
232 $IP route get fibmatch 203.0.113.1 | \
233 grep $up_dev | grep -q "dead linkdown"
234 log_test $? 1 "IPv4 flags on up device"
235 $IP -6 route get fibmatch 2001:db8:3::1 | \
236 grep $up_dev | grep -q "dead linkdown"
237 log_test $? 1 "IPv6 flags on up device"
240 fib_down_multipath_test()
243 echo "Admin down multipath"
248 $IP link add dummy1 type dummy
249 $IP link set dev dummy1 up
251 $IP address add 192.0.2.1/24 dev dummy1
252 $IP -6 address add 2001:db8:2::1/64 dev dummy1
254 $IP route add 203.0.113.0/24 \
255 nexthop via 198.51.100.2 dev dummy0 \
256 nexthop via 192.0.2.2 dev dummy1
257 $IP -6 route add 2001:db8:3::/64 \
258 nexthop via 2001:db8:1::2 dev dummy0 \
259 nexthop via 2001:db8:2::2 dev dummy1
262 echo " Verify start point"
263 $IP route get fibmatch 203.0.113.1 &> /dev/null
264 log_test $? 0 "IPv4 fibmatch"
266 $IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null
267 log_test $? 0 "IPv6 fibmatch"
270 $IP link set dev dummy0 down
273 echo " One device down, one up"
274 fib_down_multipath_test_do "dummy0" "dummy1"
277 $IP link set dev dummy0 up
278 $IP link set dev dummy1 down
281 echo " Other device down and up"
282 fib_down_multipath_test_do "dummy1" "dummy0"
285 $IP link set dev dummy0 down
288 echo " Both devices down"
289 $IP route get fibmatch 203.0.113.1 &> /dev/null
290 log_test $? 2 "IPv4 fibmatch"
291 $IP -6 route get fibmatch 2001:db8:3::1 &> /dev/null
292 log_test $? 2 "IPv6 fibmatch"
294 $IP link del dev dummy1
300 fib_down_unicast_test
301 fib_down_multipath_test
304 # Local routes should not be affected when carrier changes.
305 fib_carrier_local_test()
308 echo "Local carrier tests - single path"
313 $IP link set dev dummy0 carrier on
317 $IP route get fibmatch 198.51.100.1 &> /dev/null
318 log_test $? 0 "IPv4 fibmatch"
319 $IP -6 route get fibmatch 2001:db8:1::1 &> /dev/null
320 log_test $? 0 "IPv6 fibmatch"
322 $IP route get fibmatch 198.51.100.1 | \
324 log_test $? 1 "IPv4 - no linkdown flag"
325 $IP -6 route get fibmatch 2001:db8:1::1 | \
327 log_test $? 1 "IPv6 - no linkdown flag"
330 $IP link set dev dummy0 carrier off
334 echo " Carrier off on nexthop"
335 $IP route get fibmatch 198.51.100.1 &> /dev/null
336 log_test $? 0 "IPv4 fibmatch"
337 $IP -6 route get fibmatch 2001:db8:1::1 &> /dev/null
338 log_test $? 0 "IPv6 fibmatch"
340 $IP route get fibmatch 198.51.100.1 | \
342 log_test $? 1 "IPv4 - linkdown flag set"
343 $IP -6 route get fibmatch 2001:db8:1::1 | \
345 log_test $? 1 "IPv6 - linkdown flag set"
348 $IP address add 192.0.2.1/24 dev dummy0
349 $IP -6 address add 2001:db8:2::1/64 dev dummy0
352 echo " Route to local address with carrier down"
353 $IP route get fibmatch 192.0.2.1 &> /dev/null
354 log_test $? 0 "IPv4 fibmatch"
355 $IP -6 route get fibmatch 2001:db8:2::1 &> /dev/null
356 log_test $? 0 "IPv6 fibmatch"
358 $IP route get fibmatch 192.0.2.1 | \
360 log_test $? 1 "IPv4 linkdown flag set"
361 $IP -6 route get fibmatch 2001:db8:2::1 | \
363 log_test $? 1 "IPv6 linkdown flag set"
368 fib_carrier_unicast_test()
373 echo "Single path route carrier test"
378 $IP link set dev dummy0 carrier on
382 $IP route get fibmatch 198.51.100.2 &> /dev/null
383 log_test $? 0 "IPv4 fibmatch"
384 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
385 log_test $? 0 "IPv6 fibmatch"
387 $IP route get fibmatch 198.51.100.2 | \
389 log_test $? 1 "IPv4 no linkdown flag"
390 $IP -6 route get fibmatch 2001:db8:1::2 | \
392 log_test $? 1 "IPv6 no linkdown flag"
395 $IP link set dev dummy0 carrier off
400 $IP route get fibmatch 198.51.100.2 &> /dev/null
401 log_test $? 0 "IPv4 fibmatch"
402 $IP -6 route get fibmatch 2001:db8:1::2 &> /dev/null
403 log_test $? 0 "IPv6 fibmatch"
405 $IP route get fibmatch 198.51.100.2 | \
407 log_test $? 0 "IPv4 linkdown flag set"
408 $IP -6 route get fibmatch 2001:db8:1::2 | \
410 log_test $? 0 "IPv6 linkdown flag set"
413 $IP address add 192.0.2.1/24 dev dummy0
414 $IP -6 address add 2001:db8:2::1/64 dev dummy0
417 echo " Second address added with carrier down"
418 $IP route get fibmatch 192.0.2.2 &> /dev/null
419 log_test $? 0 "IPv4 fibmatch"
420 $IP -6 route get fibmatch 2001:db8:2::2 &> /dev/null
421 log_test $? 0 "IPv6 fibmatch"
423 $IP route get fibmatch 192.0.2.2 | \
425 log_test $? 0 "IPv4 linkdown flag set"
426 $IP -6 route get fibmatch 2001:db8:2::2 | \
428 log_test $? 0 "IPv6 linkdown flag set"
435 fib_carrier_local_test
436 fib_carrier_unicast_test
442 echo "IPv4 rp_filter tests"
447 $IP link set dev lo address 52:54:00:6a:c7:5e
448 $IP link set dummy0 address 52:54:00:6a:c7:5e
449 $IP link add dummy1 type dummy
450 $IP link set dummy1 address 52:54:00:6a:c7:5e
451 $IP link set dev dummy1 up
452 $NS_EXEC sysctl -qw net.ipv4.conf.all.rp_filter=1
453 $NS_EXEC sysctl -qw net.ipv4.conf.all.accept_local=1
454 $NS_EXEC sysctl -qw net.ipv4.conf.all.route_localnet=1
456 $NS_EXEC tc qd add dev dummy1 parent root handle 1: fq_codel
457 $NS_EXEC tc filter add dev dummy1 parent 1: protocol arp basic action mirred egress redirect dev lo
458 $NS_EXEC tc filter add dev dummy1 parent 1: protocol ip basic action mirred egress redirect dev lo
461 run_cmd "ip netns exec ns1 ping -I dummy1 -w1 -c1 198.51.100.1"
462 log_test $? 0 "rp_filter passes local packets"
464 run_cmd "ip netns exec ns1 ping -I dummy1 -w1 -c1 127.0.0.1"
465 log_test $? 0 "rp_filter passes loopback packets"
470 ################################################################################
471 # Tests on nexthop spec
473 # run 'ip route add' with given spec
484 [ "$vrf" = "-" ] && vrf="default"
485 [ -n "$gw" ] && gw="via $gw"
486 [ -n "$dev" ] && dev="dev $dev"
488 cmd="$IP route add vrf $vrf $pfx $gw $dev"
489 if [ "$VERBOSE" = "1" ]; then
490 printf "\n COMMAND: $cmd\n"
493 out=$(eval $cmd 2>&1)
495 if [ "$VERBOSE" = "1" -a -n "$out" ]; then
498 log_test $rc $erc "$desc"
504 echo "IPv4 nexthop tests"
506 echo "<<< write me >>>"
511 local lldummy=$(get_linklocal dummy0)
512 local llv1=$(get_linklocal dummy0)
514 if [ -z "$lldummy" ]; then
515 echo "Failed to get linklocal address for dummy0"
518 if [ -z "$llv1" ]; then
519 echo "Failed to get linklocal address for veth1"
524 echo "IPv6 nexthop tests"
526 add_rt "Directly connected nexthop, unicast address" 0 \
527 - 2001:db8:101::/64 2001:db8:1::2
528 add_rt "Directly connected nexthop, unicast address with device" 0 \
529 - 2001:db8:102::/64 2001:db8:1::2 "dummy0"
530 add_rt "Gateway is linklocal address" 0 \
531 - 2001:db8:103::1/64 $llv1 "veth0"
533 # fails because LL address requires a device
534 add_rt "Gateway is linklocal address, no device" 2 \
535 - 2001:db8:104::1/64 $llv1
537 # local address can not be a gateway
538 add_rt "Gateway can not be local unicast address" 2 \
539 - 2001:db8:105::/64 2001:db8:1::1
540 add_rt "Gateway can not be local unicast address, with device" 2 \
541 - 2001:db8:106::/64 2001:db8:1::1 "dummy0"
542 add_rt "Gateway can not be a local linklocal address" 2 \
543 - 2001:db8:107::1/64 $lldummy "dummy0"
546 add_rt "Gateway can be local address in a VRF" 0 \
547 - 2001:db8:108::/64 2001:db8:51::2
548 add_rt "Gateway can be local address in a VRF, with device" 0 \
549 - 2001:db8:109::/64 2001:db8:51::2 "veth0"
550 add_rt "Gateway can be local linklocal address in a VRF" 0 \
551 - 2001:db8:110::1/64 $llv1 "veth0"
553 add_rt "Redirect to VRF lookup" 0 \
554 - 2001:db8:111::/64 "" "red"
556 add_rt "VRF route, gateway can be local address in default VRF" 0 \
557 red 2001:db8:112::/64 2001:db8:51::1
559 # local address in same VRF fails
560 add_rt "VRF route, gateway can not be a local address" 2 \
561 red 2001:db8:113::1/64 2001:db8:2::1
562 add_rt "VRF route, gateway can not be a local addr with device" 2 \
563 red 2001:db8:114::1/64 2001:db8:2::1 "dummy1"
567 # dummy0 - 198.51.100.1/24 2001:db8:1::1/64
568 # veth0 - 192.0.2.1/24 2001:db8:51::1/64
571 # dummy1 - 192.168.2.1/24 2001:db8:2::1/64
572 # veth1 - 192.0.2.2/24 2001:db8:51::2/64
574 # [ dummy0 veth0 ]--[ veth1 dummy1 ]
582 $IP -4 rule add pref 32765 table local
583 $IP -4 rule del pref 0
584 $IP -6 rule add pref 32765 table local
585 $IP -6 rule del pref 0
587 $IP link add red type vrf table 1
589 $IP -4 route add vrf red unreachable default metric 4278198272
590 $IP -6 route add vrf red unreachable default metric 4278198272
592 $IP link add veth0 type veth peer name veth1
593 $IP link set dev veth0 up
594 $IP address add 192.0.2.1/24 dev veth0
595 $IP -6 address add 2001:db8:51::1/64 dev veth0
597 $IP link set dev veth1 vrf red up
598 $IP address add 192.0.2.2/24 dev veth1
599 $IP -6 address add 2001:db8:51::2/64 dev veth1
601 $IP link add dummy1 type dummy
602 $IP link set dev dummy1 vrf red up
603 $IP address add 192.168.2.1/24 dev dummy1
604 $IP -6 address add 2001:db8:2::1/64 dev dummy1
612 $IP link del dev dummy1
622 echo "FIB rule with suppress_prefixlength"
625 $IP link add dummy1 type dummy
626 $IP link set dummy1 up
627 $IP -6 route add default dev dummy1
628 $IP -6 rule add table main suppress_prefixlength 0
629 ping -f -c 1000 -W 1 1234::1 >/dev/null 2>&1
630 $IP -6 rule del table main suppress_prefixlength 0
633 # If we got here without crashing, we're good.
634 log_test 0 0 "FIB rule suppress test"
639 ################################################################################
640 # Tests on route add and replace
646 local stderr="2>/dev/null"
648 if [ "$VERBOSE" = "1" ]; then
649 printf " COMMAND: $cmd\n"
653 out=$(eval $cmd $stderr)
655 if [ "$VERBOSE" = "1" -a -n "$out" ]; then
659 [ "$VERBOSE" = "1" ] && echo
670 [ "${out}" = "${expected}" ] && return 0
672 if [ -z "${out}" ]; then
673 if [ "$VERBOSE" = "1" ]; then
674 printf "\nNo route entry found\n"
676 printf " ${expected}\n"
681 # tricky way to convert output to 1-line without ip's
682 # messy '\'; this drops all extra white space
684 if [ "${out}" != "${expected}" ]; then
686 if [ "${VERBOSE}" = "1" ]; then
687 printf " Unexpected route entry. Have:\n"
689 printf " Expected:\n"
690 printf " ${expected}\n\n"
697 # add route for a prefix, flushing any existing routes first
698 # expected to be the first step of a test
705 if [ "$VERBOSE" = "1" ]; then
707 echo " ##################################################"
711 run_cmd "$IP -6 ro flush ${pfx}"
712 [ $? -ne 0 ] && exit 1
714 out=$($IP -6 ro ls match ${pfx})
715 if [ -n "$out" ]; then
716 echo "Failed to flush routes for prefix used for tests."
720 run_cmd "$IP -6 ro add ${pfx} ${nh}"
721 if [ $? -ne 0 ]; then
722 echo "Failed to add initial route for test."
727 # add initial route - used in replace route tests
730 add_route6 "2001:db8:104::/64" "$1"
743 out=$($IP -6 ro ls match ${pfx} | sed -e 's/ pref medium//')
744 check_expected "${out}" "${expected}"
749 $IP li del red 2>/dev/null
750 $IP li del dummy1 2>/dev/null
751 $IP li del veth1 2>/dev/null
752 $IP li del veth3 2>/dev/null
762 [ "${VERBOSE}" = "1" ] && set -x
766 ip netns set ns2 auto
767 ip -netns ns2 link set dev lo up
768 ip netns exec ns2 sysctl -qw net.ipv4.ip_forward=1
769 ip netns exec ns2 sysctl -qw net.ipv6.conf.all.forwarding=1
771 $IP li add veth1 type veth peer name veth2
772 $IP li add veth3 type veth peer name veth4
776 $IP li set veth2 netns ns2 up
777 $IP li set veth4 netns ns2 up
778 ip -netns ns2 li add dummy1 type dummy
779 ip -netns ns2 li set dummy1 up
781 $IP -6 addr add 2001:db8:101::1/64 dev veth1 nodad
782 $IP -6 addr add 2001:db8:103::1/64 dev veth3 nodad
783 $IP addr add 172.16.101.1/24 dev veth1
784 $IP addr add 172.16.103.1/24 dev veth3
786 ip -netns ns2 -6 addr add 2001:db8:101::2/64 dev veth2 nodad
787 ip -netns ns2 -6 addr add 2001:db8:103::2/64 dev veth4 nodad
788 ip -netns ns2 -6 addr add 2001:db8:104::1/64 dev dummy1 nodad
790 ip -netns ns2 addr add 172.16.101.2/24 dev veth2
791 ip -netns ns2 addr add 172.16.103.2/24 dev veth4
792 ip -netns ns2 addr add 172.16.104.1/24 dev dummy1
797 # assumption is that basic add of a single path route works
798 # otherwise just adding an address on an interface is broken
804 echo "IPv6 route add / append tests"
806 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
807 add_route6 "2001:db8:104::/64" "via 2001:db8:101::2"
808 run_cmd "$IP -6 ro add 2001:db8:104::/64 via 2001:db8:103::2"
809 log_test $? 2 "Attempt to add duplicate route - gw"
811 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
812 add_route6 "2001:db8:104::/64" "via 2001:db8:101::2"
813 run_cmd "$IP -6 ro add 2001:db8:104::/64 dev veth3"
814 log_test $? 2 "Attempt to add duplicate route - dev only"
816 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
817 add_route6 "2001:db8:104::/64" "via 2001:db8:101::2"
818 run_cmd "$IP -6 ro add unreachable 2001:db8:104::/64"
819 log_test $? 2 "Attempt to add duplicate route - reject route"
821 # route append with same prefix adds a new route
822 # - iproute2 sets NLM_F_CREATE | NLM_F_APPEND
823 add_route6 "2001:db8:104::/64" "via 2001:db8:101::2"
824 run_cmd "$IP -6 ro append 2001:db8:104::/64 via 2001:db8:103::2"
825 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
826 log_test $? 0 "Append nexthop to existing route - gw"
828 # insert mpath directly
829 add_route6 "2001:db8:104::/64" "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
830 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
831 log_test $? 0 "Add multipath route"
833 add_route6 "2001:db8:104::/64" "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
834 run_cmd "$IP -6 ro add 2001:db8:104::/64 nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
835 log_test $? 2 "Attempt to add duplicate multipath route"
837 # insert of a second route without append but different metric
838 add_route6 "2001:db8:104::/64" "via 2001:db8:101::2"
839 run_cmd "$IP -6 ro add 2001:db8:104::/64 via 2001:db8:103::2 metric 512"
841 if [ $rc -eq 0 ]; then
842 run_cmd "$IP -6 ro add 2001:db8:104::/64 via 2001:db8:103::3 metric 256"
845 log_test $rc 0 "Route add with different metrics"
847 run_cmd "$IP -6 ro del 2001:db8:104::/64 metric 512"
849 if [ $rc -eq 0 ]; then
850 check_route6 "2001:db8:104::/64 via 2001:db8:103::3 dev veth3 metric 256 2001:db8:104::/64 via 2001:db8:101::2 dev veth1 metric 1024"
853 log_test $rc 0 "Route delete with metric"
856 ipv6_rt_replace_single()
858 # single path with single path
860 add_initial_route6 "via 2001:db8:101::2"
861 run_cmd "$IP -6 ro replace 2001:db8:104::/64 via 2001:db8:103::2"
862 check_route6 "2001:db8:104::/64 via 2001:db8:103::2 dev veth3 metric 1024"
863 log_test $? 0 "Single path with single path"
865 # single path with multipath
867 add_initial_route6 "nexthop via 2001:db8:101::2"
868 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:103::2"
869 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::3 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
870 log_test $? 0 "Single path with multipath"
872 # single path with single path using MULTIPATH attribute
874 add_initial_route6 "via 2001:db8:101::2"
875 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:103::2"
876 check_route6 "2001:db8:104::/64 via 2001:db8:103::2 dev veth3 metric 1024"
877 log_test $? 0 "Single path with single path via multipath attribute"
879 # route replace fails - invalid nexthop
880 add_initial_route6 "via 2001:db8:101::2"
881 run_cmd "$IP -6 ro replace 2001:db8:104::/64 via 2001:db8:104::2"
882 if [ $? -eq 0 ]; then
883 # previous command is expected to fail so if it returns 0
884 # that means the test failed.
885 log_test 0 1 "Invalid nexthop"
887 check_route6 "2001:db8:104::/64 via 2001:db8:101::2 dev veth1 metric 1024"
888 log_test $? 0 "Invalid nexthop"
891 # replace non-existent route
892 # - note use of change versus replace since ip adds NLM_F_CREATE
894 add_initial_route6 "via 2001:db8:101::2"
895 run_cmd "$IP -6 ro change 2001:db8:105::/64 via 2001:db8:101::2"
896 log_test $? 2 "Single path - replace of non-existent route"
899 ipv6_rt_replace_mpath()
901 # multipath with multipath
902 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
903 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:103::3"
904 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::3 dev veth1 weight 1 nexthop via 2001:db8:103::3 dev veth3 weight 1"
905 log_test $? 0 "Multipath with multipath"
907 # multipath with single
908 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
909 run_cmd "$IP -6 ro replace 2001:db8:104::/64 via 2001:db8:101::3"
910 check_route6 "2001:db8:104::/64 via 2001:db8:101::3 dev veth1 metric 1024"
911 log_test $? 0 "Multipath with single path"
913 # multipath with single
914 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
915 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3"
916 check_route6 "2001:db8:104::/64 via 2001:db8:101::3 dev veth1 metric 1024"
917 log_test $? 0 "Multipath with single path via multipath attribute"
919 # multipath with dev-only
920 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
921 run_cmd "$IP -6 ro replace 2001:db8:104::/64 dev veth1"
922 check_route6 "2001:db8:104::/64 dev veth1 metric 1024"
923 log_test $? 0 "Multipath with dev-only"
925 # route replace fails - invalid nexthop 1
926 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
927 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:111::3 nexthop via 2001:db8:103::3"
928 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
929 log_test $? 0 "Multipath - invalid first nexthop"
931 # route replace fails - invalid nexthop 2
932 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
933 run_cmd "$IP -6 ro replace 2001:db8:104::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:113::3"
934 check_route6 "2001:db8:104::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
935 log_test $? 0 "Multipath - invalid second nexthop"
937 # multipath non-existent route
938 add_initial_route6 "nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
939 run_cmd "$IP -6 ro change 2001:db8:105::/64 nexthop via 2001:db8:101::3 nexthop via 2001:db8:103::3"
940 log_test $? 2 "Multipath - replace of non-existent route"
946 echo "IPv6 route replace tests"
948 ipv6_rt_replace_single
949 ipv6_rt_replace_mpath
962 ip_addr_metric_check()
964 ip addr help 2>&1 | grep -q metric
965 if [ $? -ne 0 ]; then
966 echo "iproute2 command does not support metric for addresses. Skipping test"
973 ipv6_addr_metric_test()
978 echo "IPv6 prefix route tests"
980 ip_addr_metric_check || return 1
985 $IP li add dummy1 type dummy
986 $IP li add dummy2 type dummy
990 # default entry is metric 256
991 run_cmd "$IP -6 addr add dev dummy1 2001:db8:104::1/64"
992 run_cmd "$IP -6 addr add dev dummy2 2001:db8:104::2/64"
995 check_route6 "2001:db8:104::/64 dev dummy1 proto kernel metric 256 2001:db8:104::/64 dev dummy2 proto kernel metric 256"
996 log_test $? 0 "Default metric"
999 run_cmd "$IP -6 addr flush dev dummy1"
1000 run_cmd "$IP -6 addr add dev dummy1 2001:db8:104::1/64 metric 257"
1003 check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 256 2001:db8:104::/64 dev dummy1 proto kernel metric 257"
1004 log_test $? 0 "User specified metric on first device"
1007 run_cmd "$IP -6 addr flush dev dummy2"
1008 run_cmd "$IP -6 addr add dev dummy2 2001:db8:104::2/64 metric 258"
1011 check_route6 "2001:db8:104::/64 dev dummy1 proto kernel metric 257 2001:db8:104::/64 dev dummy2 proto kernel metric 258"
1012 log_test $? 0 "User specified metric on second device"
1014 run_cmd "$IP -6 addr del dev dummy1 2001:db8:104::1/64 metric 257"
1016 if [ $rc -eq 0 ]; then
1017 check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 258"
1020 log_test $rc 0 "Delete of address on first device"
1022 run_cmd "$IP -6 addr change dev dummy2 2001:db8:104::2/64 metric 259"
1024 if [ $rc -eq 0 ]; then
1025 check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 259"
1028 log_test $rc 0 "Modify metric of address"
1030 # verify prefix route removed on down
1031 run_cmd "ip netns exec ns1 sysctl -qw net.ipv6.conf.all.keep_addr_on_down=1"
1032 run_cmd "$IP li set dev dummy2 down"
1034 if [ $rc -eq 0 ]; then
1035 out=$($IP -6 ro ls match 2001:db8:104::/64)
1036 check_expected "${out}" ""
1039 log_test $rc 0 "Prefix route removed on link down"
1041 # verify prefix route re-inserted with assigned metric
1042 run_cmd "$IP li set dev dummy2 up"
1044 if [ $rc -eq 0 ]; then
1045 check_route6 "2001:db8:104::/64 dev dummy2 proto kernel metric 259"
1048 log_test $rc 0 "Prefix route with metric on link up"
1050 # verify peer metric added correctly
1052 run_cmd "$IP -6 addr flush dev dummy2"
1053 run_cmd "$IP -6 addr add dev dummy2 2001:db8:104::1 peer 2001:db8:104::2 metric 260"
1056 check_route6 "2001:db8:104::1 dev dummy2 proto kernel metric 260"
1057 log_test $? 0 "Set metric with peer route on local side"
1058 check_route6 "2001:db8:104::2 dev dummy2 proto kernel metric 260"
1059 log_test $? 0 "Set metric with peer route on peer side"
1062 run_cmd "$IP -6 addr change dev dummy2 2001:db8:104::1 peer 2001:db8:104::3 metric 261"
1065 check_route6 "2001:db8:104::1 dev dummy2 proto kernel metric 261"
1066 log_test $? 0 "Modify metric and peer address on local side"
1067 check_route6 "2001:db8:104::3 dev dummy2 proto kernel metric 261"
1068 log_test $? 0 "Modify metric and peer address on peer side"
1075 ipv6_route_metrics_test()
1080 echo "IPv6 routes with metrics"
1085 # single path with metrics
1087 run_cmd "$IP -6 ro add 2001:db8:111::/64 via 2001:db8:101::2 mtu 1400"
1089 if [ $rc -eq 0 ]; then
1090 check_route6 "2001:db8:111::/64 via 2001:db8:101::2 dev veth1 metric 1024 mtu 1400"
1093 log_test $rc 0 "Single path route with mtu metric"
1097 # multipath via separate routes with metrics
1099 run_cmd "$IP -6 ro add 2001:db8:112::/64 via 2001:db8:101::2 mtu 1400"
1100 run_cmd "$IP -6 ro append 2001:db8:112::/64 via 2001:db8:103::2"
1102 if [ $rc -eq 0 ]; then
1103 check_route6 "2001:db8:112::/64 metric 1024 mtu 1400 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
1106 log_test $rc 0 "Multipath route via 2 single routes with mtu metric on first"
1108 # second route is coalesced to first to make a multipath route.
1109 # MTU of the second path is hidden from display!
1110 run_cmd "$IP -6 ro add 2001:db8:113::/64 via 2001:db8:101::2"
1111 run_cmd "$IP -6 ro append 2001:db8:113::/64 via 2001:db8:103::2 mtu 1400"
1113 if [ $rc -eq 0 ]; then
1114 check_route6 "2001:db8:113::/64 metric 1024 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
1117 log_test $rc 0 "Multipath route via 2 single routes with mtu metric on 2nd"
1119 run_cmd "$IP -6 ro del 2001:db8:113::/64 via 2001:db8:101::2"
1120 if [ $? -eq 0 ]; then
1121 check_route6 "2001:db8:113::/64 via 2001:db8:103::2 dev veth3 metric 1024 mtu 1400"
1122 log_test $? 0 " MTU of second leg"
1126 # multipath with metrics
1128 run_cmd "$IP -6 ro add 2001:db8:115::/64 mtu 1400 nexthop via 2001:db8:101::2 nexthop via 2001:db8:103::2"
1130 if [ $rc -eq 0 ]; then
1131 check_route6 "2001:db8:115::/64 metric 1024 mtu 1400 nexthop via 2001:db8:101::2 dev veth1 weight 1 nexthop via 2001:db8:103::2 dev veth3 weight 1"
1134 log_test $rc 0 "Multipath route with mtu metric"
1136 $IP -6 ro add 2001:db8:104::/64 via 2001:db8:101::2 mtu 1300
1137 run_cmd "ip netns exec ns1 ${ping6} -w1 -c1 -s 1500 2001:db8:104::1"
1138 log_test $? 0 "Using route with mtu metric"
1140 run_cmd "$IP -6 ro add 2001:db8:114::/64 via 2001:db8:101::2 congctl lock foo"
1141 log_test $? 2 "Invalid metric (fails metric_convert)"
1146 # add route for a prefix, flushing any existing routes first
1147 # expected to be the first step of a test
1154 if [ "$VERBOSE" = "1" ]; then
1156 echo " ##################################################"
1160 run_cmd "$IP ro flush ${pfx}"
1161 [ $? -ne 0 ] && exit 1
1163 out=$($IP ro ls match ${pfx})
1164 if [ -n "$out" ]; then
1165 echo "Failed to flush routes for prefix used for tests."
1169 run_cmd "$IP ro add ${pfx} ${nh}"
1170 if [ $? -ne 0 ]; then
1171 echo "Failed to add initial route for test."
1176 # add initial route - used in replace route tests
1179 add_route "172.16.104.0/24" "$1"
1190 [ "${pfx}" = "unreachable" ] && pfx=$2
1192 out=$($IP ro ls match ${pfx})
1193 check_expected "${out}" "${expected}"
1196 # assumption is that basic add of a single path route works
1197 # otherwise just adding an address on an interface is broken
1203 echo "IPv4 route add / append tests"
1205 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
1206 add_route "172.16.104.0/24" "via 172.16.101.2"
1207 run_cmd "$IP ro add 172.16.104.0/24 via 172.16.103.2"
1208 log_test $? 2 "Attempt to add duplicate route - gw"
1210 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
1211 add_route "172.16.104.0/24" "via 172.16.101.2"
1212 run_cmd "$IP ro add 172.16.104.0/24 dev veth3"
1213 log_test $? 2 "Attempt to add duplicate route - dev only"
1215 # route add same prefix - fails with EEXISTS b/c ip adds NLM_F_EXCL
1216 add_route "172.16.104.0/24" "via 172.16.101.2"
1217 run_cmd "$IP ro add unreachable 172.16.104.0/24"
1218 log_test $? 2 "Attempt to add duplicate route - reject route"
1220 # iproute2 prepend only sets NLM_F_CREATE
1221 # - adds a new route; does NOT convert existing route to ECMP
1222 add_route "172.16.104.0/24" "via 172.16.101.2"
1223 run_cmd "$IP ro prepend 172.16.104.0/24 via 172.16.103.2"
1224 check_route "172.16.104.0/24 via 172.16.103.2 dev veth3 172.16.104.0/24 via 172.16.101.2 dev veth1"
1225 log_test $? 0 "Add new nexthop for existing prefix"
1227 # route append with same prefix adds a new route
1228 # - iproute2 sets NLM_F_CREATE | NLM_F_APPEND
1229 add_route "172.16.104.0/24" "via 172.16.101.2"
1230 run_cmd "$IP ro append 172.16.104.0/24 via 172.16.103.2"
1231 check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 172.16.104.0/24 via 172.16.103.2 dev veth3"
1232 log_test $? 0 "Append nexthop to existing route - gw"
1234 add_route "172.16.104.0/24" "via 172.16.101.2"
1235 run_cmd "$IP ro append 172.16.104.0/24 dev veth3"
1236 check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 172.16.104.0/24 dev veth3 scope link"
1237 log_test $? 0 "Append nexthop to existing route - dev only"
1239 add_route "172.16.104.0/24" "via 172.16.101.2"
1240 run_cmd "$IP ro append unreachable 172.16.104.0/24"
1241 check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 unreachable 172.16.104.0/24"
1242 log_test $? 0 "Append nexthop to existing route - reject route"
1244 run_cmd "$IP ro flush 172.16.104.0/24"
1245 run_cmd "$IP ro add unreachable 172.16.104.0/24"
1246 run_cmd "$IP ro append 172.16.104.0/24 via 172.16.103.2"
1247 check_route "unreachable 172.16.104.0/24 172.16.104.0/24 via 172.16.103.2 dev veth3"
1248 log_test $? 0 "Append nexthop to existing reject route - gw"
1250 run_cmd "$IP ro flush 172.16.104.0/24"
1251 run_cmd "$IP ro add unreachable 172.16.104.0/24"
1252 run_cmd "$IP ro append 172.16.104.0/24 dev veth3"
1253 check_route "unreachable 172.16.104.0/24 172.16.104.0/24 dev veth3 scope link"
1254 log_test $? 0 "Append nexthop to existing reject route - dev only"
1256 # insert mpath directly
1257 add_route "172.16.104.0/24" "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1258 check_route "172.16.104.0/24 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
1259 log_test $? 0 "add multipath route"
1261 add_route "172.16.104.0/24" "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1262 run_cmd "$IP ro add 172.16.104.0/24 nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1263 log_test $? 2 "Attempt to add duplicate multipath route"
1265 # insert of a second route without append but different metric
1266 add_route "172.16.104.0/24" "via 172.16.101.2"
1267 run_cmd "$IP ro add 172.16.104.0/24 via 172.16.103.2 metric 512"
1269 if [ $rc -eq 0 ]; then
1270 run_cmd "$IP ro add 172.16.104.0/24 via 172.16.103.3 metric 256"
1273 log_test $rc 0 "Route add with different metrics"
1275 run_cmd "$IP ro del 172.16.104.0/24 metric 512"
1277 if [ $rc -eq 0 ]; then
1278 check_route "172.16.104.0/24 via 172.16.101.2 dev veth1 172.16.104.0/24 via 172.16.103.3 dev veth3 metric 256"
1281 log_test $rc 0 "Route delete with metric"
1284 ipv4_rt_replace_single()
1286 # single path with single path
1288 add_initial_route "via 172.16.101.2"
1289 run_cmd "$IP ro replace 172.16.104.0/24 via 172.16.103.2"
1290 check_route "172.16.104.0/24 via 172.16.103.2 dev veth3"
1291 log_test $? 0 "Single path with single path"
1293 # single path with multipath
1295 add_initial_route "nexthop via 172.16.101.2"
1296 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3 nexthop via 172.16.103.2"
1297 check_route "172.16.104.0/24 nexthop via 172.16.101.3 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
1298 log_test $? 0 "Single path with multipath"
1300 # single path with reject
1302 add_initial_route "nexthop via 172.16.101.2"
1303 run_cmd "$IP ro replace unreachable 172.16.104.0/24"
1304 check_route "unreachable 172.16.104.0/24"
1305 log_test $? 0 "Single path with reject route"
1307 # single path with single path using MULTIPATH attribute
1309 add_initial_route "via 172.16.101.2"
1310 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.103.2"
1311 check_route "172.16.104.0/24 via 172.16.103.2 dev veth3"
1312 log_test $? 0 "Single path with single path via multipath attribute"
1314 # route replace fails - invalid nexthop
1315 add_initial_route "via 172.16.101.2"
1316 run_cmd "$IP ro replace 172.16.104.0/24 via 2001:db8:104::2"
1317 if [ $? -eq 0 ]; then
1318 # previous command is expected to fail so if it returns 0
1319 # that means the test failed.
1320 log_test 0 1 "Invalid nexthop"
1322 check_route "172.16.104.0/24 via 172.16.101.2 dev veth1"
1323 log_test $? 0 "Invalid nexthop"
1326 # replace non-existent route
1327 # - note use of change versus replace since ip adds NLM_F_CREATE
1329 add_initial_route "via 172.16.101.2"
1330 run_cmd "$IP ro change 172.16.105.0/24 via 172.16.101.2"
1331 log_test $? 2 "Single path - replace of non-existent route"
1334 ipv4_rt_replace_mpath()
1336 # multipath with multipath
1337 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1338 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3 nexthop via 172.16.103.3"
1339 check_route "172.16.104.0/24 nexthop via 172.16.101.3 dev veth1 weight 1 nexthop via 172.16.103.3 dev veth3 weight 1"
1340 log_test $? 0 "Multipath with multipath"
1342 # multipath with single
1343 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1344 run_cmd "$IP ro replace 172.16.104.0/24 via 172.16.101.3"
1345 check_route "172.16.104.0/24 via 172.16.101.3 dev veth1"
1346 log_test $? 0 "Multipath with single path"
1348 # multipath with single
1349 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1350 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3"
1351 check_route "172.16.104.0/24 via 172.16.101.3 dev veth1"
1352 log_test $? 0 "Multipath with single path via multipath attribute"
1354 # multipath with reject
1355 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1356 run_cmd "$IP ro replace unreachable 172.16.104.0/24"
1357 check_route "unreachable 172.16.104.0/24"
1358 log_test $? 0 "Multipath with reject route"
1360 # route replace fails - invalid nexthop 1
1361 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1362 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.111.3 nexthop via 172.16.103.3"
1363 check_route "172.16.104.0/24 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
1364 log_test $? 0 "Multipath - invalid first nexthop"
1366 # route replace fails - invalid nexthop 2
1367 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1368 run_cmd "$IP ro replace 172.16.104.0/24 nexthop via 172.16.101.3 nexthop via 172.16.113.3"
1369 check_route "172.16.104.0/24 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
1370 log_test $? 0 "Multipath - invalid second nexthop"
1372 # multipath non-existent route
1373 add_initial_route "nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1374 run_cmd "$IP ro change 172.16.105.0/24 nexthop via 172.16.101.3 nexthop via 172.16.103.3"
1375 log_test $? 2 "Multipath - replace of non-existent route"
1381 echo "IPv4 route replace tests"
1383 ipv4_rt_replace_single
1384 ipv4_rt_replace_mpath
1397 ipv4_addr_metric_test()
1402 echo "IPv4 prefix route tests"
1404 ip_addr_metric_check || return 1
1409 $IP li add dummy1 type dummy
1410 $IP li add dummy2 type dummy
1411 $IP li set dummy1 up
1412 $IP li set dummy2 up
1414 # default entry is metric 256
1415 run_cmd "$IP addr add dev dummy1 172.16.104.1/24"
1416 run_cmd "$IP addr add dev dummy2 172.16.104.2/24"
1419 check_route "172.16.104.0/24 dev dummy1 proto kernel scope link src 172.16.104.1 172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2"
1420 log_test $? 0 "Default metric"
1423 run_cmd "$IP addr flush dev dummy1"
1424 run_cmd "$IP addr add dev dummy1 172.16.104.1/24 metric 257"
1427 check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 172.16.104.0/24 dev dummy1 proto kernel scope link src 172.16.104.1 metric 257"
1428 log_test $? 0 "User specified metric on first device"
1431 run_cmd "$IP addr flush dev dummy2"
1432 run_cmd "$IP addr add dev dummy2 172.16.104.2/24 metric 258"
1435 check_route "172.16.104.0/24 dev dummy1 proto kernel scope link src 172.16.104.1 metric 257 172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 258"
1436 log_test $? 0 "User specified metric on second device"
1438 run_cmd "$IP addr del dev dummy1 172.16.104.1/24 metric 257"
1440 if [ $rc -eq 0 ]; then
1441 check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 258"
1444 log_test $rc 0 "Delete of address on first device"
1446 run_cmd "$IP addr change dev dummy2 172.16.104.2/24 metric 259"
1448 if [ $rc -eq 0 ]; then
1449 check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 259"
1452 log_test $rc 0 "Modify metric of address"
1454 # verify prefix route removed on down
1455 run_cmd "$IP li set dev dummy2 down"
1457 if [ $rc -eq 0 ]; then
1458 out=$($IP ro ls match 172.16.104.0/24)
1459 check_expected "${out}" ""
1462 log_test $rc 0 "Prefix route removed on link down"
1464 # verify prefix route re-inserted with assigned metric
1465 run_cmd "$IP li set dev dummy2 up"
1467 if [ $rc -eq 0 ]; then
1468 check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.2 metric 259"
1471 log_test $rc 0 "Prefix route with metric on link up"
1473 # explicitly check for metric changes on edge scenarios
1474 run_cmd "$IP addr flush dev dummy2"
1475 run_cmd "$IP addr add dev dummy2 172.16.104.0/24 metric 259"
1476 run_cmd "$IP addr change dev dummy2 172.16.104.0/24 metric 260"
1478 if [ $rc -eq 0 ]; then
1479 check_route "172.16.104.0/24 dev dummy2 proto kernel scope link src 172.16.104.0 metric 260"
1482 log_test $rc 0 "Modify metric of .0/24 address"
1484 run_cmd "$IP addr flush dev dummy2"
1485 run_cmd "$IP addr add dev dummy2 172.16.104.1/32 peer 172.16.104.2 metric 260"
1487 if [ $rc -eq 0 ]; then
1488 check_route "172.16.104.2 dev dummy2 proto kernel scope link src 172.16.104.1 metric 260"
1491 log_test $rc 0 "Set metric of address with peer route"
1493 run_cmd "$IP addr change dev dummy2 172.16.104.1/32 peer 172.16.104.3 metric 261"
1495 if [ $rc -eq 0 ]; then
1496 check_route "172.16.104.3 dev dummy2 proto kernel scope link src 172.16.104.1 metric 261"
1499 log_test $rc 0 "Modify metric and peer address for peer route"
1506 ipv4_route_metrics_test()
1511 echo "IPv4 route add / append tests"
1515 run_cmd "$IP ro add 172.16.111.0/24 via 172.16.101.2 mtu 1400"
1517 if [ $rc -eq 0 ]; then
1518 check_route "172.16.111.0/24 via 172.16.101.2 dev veth1 mtu 1400"
1521 log_test $rc 0 "Single path route with mtu metric"
1524 run_cmd "$IP ro add 172.16.112.0/24 mtu 1400 nexthop via 172.16.101.2 nexthop via 172.16.103.2"
1526 if [ $rc -eq 0 ]; then
1527 check_route "172.16.112.0/24 mtu 1400 nexthop via 172.16.101.2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
1530 log_test $rc 0 "Multipath route with mtu metric"
1532 $IP ro add 172.16.104.0/24 via 172.16.101.2 mtu 1300
1533 run_cmd "ip netns exec ns1 ping -w1 -c1 -s 1500 172.16.104.1"
1534 log_test $? 0 "Using route with mtu metric"
1536 run_cmd "$IP ro add 172.16.111.0/24 via 172.16.101.2 congctl lock foo"
1537 log_test $? 2 "Invalid metric (fails metric_convert)"
1542 ipv4_del_addr_test()
1545 echo "IPv4 delete address route tests"
1550 $IP li add dummy1 type dummy
1551 $IP li set dummy1 up
1552 $IP li add dummy2 type dummy
1553 $IP li set dummy2 up
1554 $IP li add red type vrf table 1111
1556 $IP ro add vrf red unreachable default
1557 $IP li set dummy2 vrf red
1559 $IP addr add dev dummy1 172.16.104.1/24
1560 $IP addr add dev dummy1 172.16.104.11/24
1561 $IP addr add dev dummy2 172.16.104.1/24
1562 $IP addr add dev dummy2 172.16.104.11/24
1563 $IP route add 172.16.105.0/24 via 172.16.104.2 src 172.16.104.11
1564 $IP route add vrf red 172.16.105.0/24 via 172.16.104.2 src 172.16.104.11
1567 # removing address from device in vrf should only remove route from vrf table
1568 $IP addr del dev dummy2 172.16.104.11/24
1569 $IP ro ls vrf red | grep -q 172.16.105.0/24
1570 log_test $? 1 "Route removed from VRF when source address deleted"
1572 $IP ro ls | grep -q 172.16.105.0/24
1573 log_test $? 0 "Route in default VRF not removed"
1575 $IP addr add dev dummy2 172.16.104.11/24
1576 $IP route add vrf red 172.16.105.0/24 via 172.16.104.2 src 172.16.104.11
1578 $IP addr del dev dummy1 172.16.104.11/24
1579 $IP ro ls | grep -q 172.16.105.0/24
1580 log_test $? 1 "Route removed in default VRF when source address deleted"
1582 $IP ro ls vrf red | grep -q 172.16.105.0/24
1583 log_test $? 0 "Route in VRF is not removed by address delete"
1591 ipv4_route_v6_gw_test()
1596 echo "IPv4 route with IPv6 gateway tests"
1604 run_cmd "$IP ro add 172.16.104.0/24 via inet6 2001:db8:101::2"
1606 log_test $rc 0 "Single path route with IPv6 gateway"
1607 if [ $rc -eq 0 ]; then
1608 check_route "172.16.104.0/24 via inet6 2001:db8:101::2 dev veth1"
1611 run_cmd "ip netns exec ns1 ping -w1 -c1 172.16.104.1"
1612 log_test $rc 0 "Single path route with IPv6 gateway - ping"
1614 run_cmd "$IP ro del 172.16.104.0/24 via inet6 2001:db8:101::2"
1616 log_test $rc 0 "Single path route delete"
1617 if [ $rc -eq 0 ]; then
1618 check_route "172.16.112.0/24"
1622 # multipath - v6 then v4
1624 run_cmd "$IP ro add 172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 nexthop via 172.16.103.2 dev veth3"
1626 log_test $rc 0 "Multipath route add - v6 nexthop then v4"
1627 if [ $rc -eq 0 ]; then
1628 check_route "172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 weight 1 nexthop via 172.16.103.2 dev veth3 weight 1"
1631 run_cmd "$IP ro del 172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 nexthop via inet6 2001:db8:101::2 dev veth1"
1632 log_test $? 2 " Multipath route delete - nexthops in wrong order"
1634 run_cmd "$IP ro del 172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 nexthop via 172.16.103.2 dev veth3"
1635 log_test $? 0 " Multipath route delete exact match"
1638 # multipath - v4 then v6
1640 run_cmd "$IP ro add 172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 nexthop via inet6 2001:db8:101::2 dev veth1"
1642 log_test $rc 0 "Multipath route add - v4 nexthop then v6"
1643 if [ $rc -eq 0 ]; then
1644 check_route "172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 weight 1 nexthop via inet6 2001:db8:101::2 dev veth1 weight 1"
1647 run_cmd "$IP ro del 172.16.104.0/24 nexthop via inet6 2001:db8:101::2 dev veth1 nexthop via 172.16.103.2 dev veth3"
1648 log_test $? 2 " Multipath route delete - nexthops in wrong order"
1650 run_cmd "$IP ro del 172.16.104.0/24 nexthop via 172.16.103.2 dev veth3 nexthop via inet6 2001:db8:101::2 dev veth1"
1651 log_test $? 0 " Multipath route delete exact match"
1658 if [ ! -x "$(command -v socat)" ]; then
1659 echo "socat command not found. Skipping test"
1668 iptables -t mangle -L OUTPUT &> /dev/null
1669 if [ $? -ne 0 ]; then
1670 echo "iptables configuration not supported. Skipping test"
1679 ip6tables -t mangle -L OUTPUT &> /dev/null
1680 if [ $? -ne 0 ]; then
1681 echo "ip6tables configuration not supported. Skipping test"
1693 echo "IPv4 mangling tests"
1695 socat_check || return 1
1696 iptables_check || return 1
1701 local tmp_file=$(mktemp)
1702 ip netns exec ns2 socat UDP4-LISTEN:54321,fork $tmp_file &
1704 # Add a FIB rule and a route that will direct our connection to the
1706 $IP rule add pref 100 ipproto udp sport 12345 dport 54321 table 123
1707 $IP route add table 123 172.16.101.0/24 dev veth1
1709 # Add an unreachable route to the main table that will block our
1710 # connection in case the FIB rule is not hit.
1711 $IP route add unreachable 172.16.101.2/32
1713 run_cmd "echo a | $NS_EXEC socat STDIN UDP4:172.16.101.2:54321,sourceport=12345"
1714 log_test $? 0 " Connection with correct parameters"
1716 run_cmd "echo a | $NS_EXEC socat STDIN UDP4:172.16.101.2:54321,sourceport=11111"
1717 log_test $? 1 " Connection with incorrect parameters"
1719 # Add a mangling rule and make sure connection is still successful.
1720 $NS_EXEC iptables -t mangle -A OUTPUT -j MARK --set-mark 1
1722 run_cmd "echo a | $NS_EXEC socat STDIN UDP4:172.16.101.2:54321,sourceport=12345"
1723 log_test $? 0 " Connection with correct parameters - mangling"
1725 # Delete the mangling rule and make sure connection is still
1727 $NS_EXEC iptables -t mangle -D OUTPUT -j MARK --set-mark 1
1729 run_cmd "echo a | $NS_EXEC socat STDIN UDP4:172.16.101.2:54321,sourceport=12345"
1730 log_test $? 0 " Connection with correct parameters - no mangling"
1732 # Verify connections were indeed successful on server side.
1733 [[ $(cat $tmp_file | wc -l) -eq 3 ]]
1734 log_test $? 0 " Connection check - server side"
1736 $IP route del unreachable 172.16.101.2/32
1737 $IP route del table 123 172.16.101.0/24 dev veth1
1738 $IP rule del pref 100
1740 { kill %% && wait %%; } 2>/dev/null
1751 echo "IPv6 mangling tests"
1753 socat_check || return 1
1754 ip6tables_check || return 1
1759 local tmp_file=$(mktemp)
1760 ip netns exec ns2 socat UDP6-LISTEN:54321,fork $tmp_file &
1762 # Add a FIB rule and a route that will direct our connection to the
1764 $IP -6 rule add pref 100 ipproto udp sport 12345 dport 54321 table 123
1765 $IP -6 route add table 123 2001:db8:101::/64 dev veth1
1767 # Add an unreachable route to the main table that will block our
1768 # connection in case the FIB rule is not hit.
1769 $IP -6 route add unreachable 2001:db8:101::2/128
1771 run_cmd "echo a | $NS_EXEC socat STDIN UDP6:[2001:db8:101::2]:54321,sourceport=12345"
1772 log_test $? 0 " Connection with correct parameters"
1774 run_cmd "echo a | $NS_EXEC socat STDIN UDP6:[2001:db8:101::2]:54321,sourceport=11111"
1775 log_test $? 1 " Connection with incorrect parameters"
1777 # Add a mangling rule and make sure connection is still successful.
1778 $NS_EXEC ip6tables -t mangle -A OUTPUT -j MARK --set-mark 1
1780 run_cmd "echo a | $NS_EXEC socat STDIN UDP6:[2001:db8:101::2]:54321,sourceport=12345"
1781 log_test $? 0 " Connection with correct parameters - mangling"
1783 # Delete the mangling rule and make sure connection is still
1785 $NS_EXEC ip6tables -t mangle -D OUTPUT -j MARK --set-mark 1
1787 run_cmd "echo a | $NS_EXEC socat STDIN UDP6:[2001:db8:101::2]:54321,sourceport=12345"
1788 log_test $? 0 " Connection with correct parameters - no mangling"
1790 # Verify connections were indeed successful on server side.
1791 [[ $(cat $tmp_file | wc -l) -eq 3 ]]
1792 log_test $? 0 " Connection check - server side"
1794 $IP -6 route del unreachable 2001:db8:101::2/128
1795 $IP -6 route del table 123 2001:db8:101::/64 dev veth1
1796 $IP -6 rule del pref 100
1798 { kill %% && wait %%; } 2>/dev/null
1804 ################################################################################
1810 usage: ${0##*/} OPTS
1812 -t <test> Test(s) to run (default: all)
1815 -P Pause after each test before cleanup
1816 -v verbose mode (show commands and output)
1820 ################################################################################
1823 while getopts :t:pPhv o
1827 p) PAUSE_ON_FAIL=yes;;
1829 v) VERBOSE=$(($VERBOSE + 1));;
1835 PEER_CMD="ip netns exec ${PEER_NS}"
1837 # make sure we don't pause twice
1838 [ "${PAUSE}" = "yes" ] && PAUSE_ON_FAIL=no
1840 if [ "$(id -u)" -ne 0 ];then
1841 echo "SKIP: Need root privileges"
1845 if [ ! -x "$(command -v ip)" ]; then
1846 echo "SKIP: Could not run test without ip tool"
1850 ip route help 2>&1 | grep -q fibmatch
1851 if [ $? -ne 0 ]; then
1852 echo "SKIP: iproute2 too old, missing fibmatch"
1857 cleanup &> /dev/null
1862 fib_unreg_test|unregister) fib_unreg_test;;
1863 fib_down_test|down) fib_down_test;;
1864 fib_carrier_test|carrier) fib_carrier_test;;
1865 fib_rp_filter_test|rp_filter) fib_rp_filter_test;;
1866 fib_nexthop_test|nexthop) fib_nexthop_test;;
1867 fib_suppress_test|suppress) fib_suppress_test;;
1868 ipv6_route_test|ipv6_rt) ipv6_route_test;;
1869 ipv4_route_test|ipv4_rt) ipv4_route_test;;
1870 ipv6_addr_metric) ipv6_addr_metric_test;;
1871 ipv4_addr_metric) ipv4_addr_metric_test;;
1872 ipv4_del_addr) ipv4_del_addr_test;;
1873 ipv6_route_metrics) ipv6_route_metrics_test;;
1874 ipv4_route_metrics) ipv4_route_metrics_test;;
1875 ipv4_route_v6_gw) ipv4_route_v6_gw_test;;
1876 ipv4_mangle) ipv4_mangle_test;;
1877 ipv6_mangle) ipv6_mangle_test;;
1879 help) echo "Test names: $TESTS"; exit 0;;
1883 if [ "$TESTS" != "none" ]; then
1884 printf "\nTests passed: %3d\n" ${nsuccess}
1885 printf "Tests failed: %3d\n" ${nfail}