diff options
author | Ido Schimmel <idosch@nvidia.com> | 2024-08-14 14:10:05 +0300 |
---|---|---|
committer | Jakub Kicinski <kuba@kernel.org> | 2024-08-16 11:04:52 -0700 |
commit | 5f1b4f1be2d2b8d85dd07352b097cfc7064ad2e5 (patch) | |
tree | ec2cdf7525b5a1631f6ba71fdc4d499da3c19b5a /tools/testing/selftests | |
parent | 53f88ed85bdd194b8a30605a264692b28a3ee665 (diff) |
selftests: fib_rule_tests: Test TOS matching with input routes
The TOS value reaches the FIB rule core via different call paths when an
input route is looked up compared to an output route.
Re-test TOS matching with input routes to exercise these code paths.
Pass the 'iif' and 'from' selectors separately from the 'get{,no}match'
variables as otherwise the test name is too long to be printed without
misalignments.
Signed-off-by: Ido Schimmel <idosch@nvidia.com>
Link: https://patch.msgid.link/20240814111005.955359-6-idosch@nvidia.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Diffstat (limited to 'tools/testing/selftests')
-rwxr-xr-x | tools/testing/selftests/net/fib_rule_tests.sh | 31 |
1 files changed, 28 insertions, 3 deletions
diff --git a/tools/testing/selftests/net/fib_rule_tests.sh b/tools/testing/selftests/net/fib_rule_tests.sh index a3b2c833f050..89034c5b69dc 100755 --- a/tools/testing/selftests/net/fib_rule_tests.sh +++ b/tools/testing/selftests/net/fib_rule_tests.sh @@ -245,6 +245,19 @@ fib_rule6_test() "$getnomatch no redirect to table" done + # Re-test TOS matching, but with input routes since they are handled + # differently from output routes. + match="tos 0x10" + for cnt in "0x10" "0x11" "0x12" "0x13"; do + getmatch="tos $cnt" + getnomatch="tos 0x20" + fib_rule6_test_match_n_redirect "$match" \ + "from $SRC_IP6 iif $DEV $getmatch" \ + "from $SRC_IP6 iif $DEV $getnomatch" \ + "iif $getmatch redirect to table" \ + "iif $getnomatch no redirect to table" + done + match="fwmark 0x64" getmatch="mark 0x64" getnomatch="mark 0x63" @@ -403,15 +416,14 @@ fib_rule4_test() fib_rule4_test_match_n_redirect "$match" "$match" "$getnomatch" \ "oif redirect to table" "oif no redirect to table" - # need enable forwarding and disable rp_filter temporarily as all the - # addresses are in the same subnet and egress device == ingress device. + # Enable forwarding and disable rp_filter as all the addresses are in + # the same subnet and egress device == ingress device. ip netns exec $testns sysctl -qw net.ipv4.ip_forward=1 ip netns exec $testns sysctl -qw net.ipv4.conf.$DEV.rp_filter=0 match="from $SRC_IP iif $DEV" getnomatch="from $SRC_IP iif lo" fib_rule4_test_match_n_redirect "$match" "$match" "$getnomatch" \ "iif redirect to table" "iif no redirect to table" - ip netns exec $testns sysctl -qw net.ipv4.ip_forward=0 # Reject dsfield (tos) options which have ECN bits set for cnt in $(seq 1 3); do @@ -431,6 +443,19 @@ fib_rule4_test() "$getnomatch no redirect to table" done + # Re-test TOS matching, but with input routes since they are handled + # differently from output routes. + match="tos 0x10" + for cnt in "0x10" "0x11" "0x12" "0x13"; do + getmatch="tos $cnt" + getnomatch="tos 0x20" + fib_rule4_test_match_n_redirect "$match" \ + "from $SRC_IP iif $DEV $getmatch" \ + "from $SRC_IP iif $DEV $getnomatch" \ + "iif $getmatch redirect to table" \ + "iif $getnomatch no redirect to table" + done + match="fwmark 0x64" getmatch="mark 0x64" getnomatch="mark 0x63" |