2 # SPDX-License-Identifier: GPL-2.0
4 # This test is for the accept_untracked_na feature to
5 # enable RFC9131 behaviour. The following is the test-matrix.
6 # drop accept fwding behaviour
7 # ---- ------ ------ ----------------------------------------------
8 # 1 X X Don't update NC
9 # 0 0 X Don't update NC
10 # 0 1 0 Don't update NC
11 # 0 1 1 Add a STALE NC entry
14 # Kselftest framework requirement - SKIP code is 4.
24 ROUTER_INTF="veth-router"
26 ROUTER_ADDR="2000:20::1"
27 HOST_ADDR="2000:20::2"
29 ROUTER_ADDR_WITH_MASK="${ROUTER_ADDR}/${SUBNET_WIDTH}"
30 HOST_ADDR_WITH_MASK="${HOST_ADDR}/${SUBNET_WIDTH}"
32 IP_HOST="ip -6 -netns ${HOST_NS}"
33 IP_HOST_EXEC="ip netns exec ${HOST_NS}"
34 IP_ROUTER="ip -6 -netns ${ROUTER_NS}"
35 IP_ROUTER_EXEC="ip netns exec ${ROUTER_NS}"
46 if [ ${rc} -eq ${expected} ]; then
47 printf " TEST: %-60s [ OK ]\n" "${msg}"
48 nsuccess=$((nsuccess+1))
52 printf " TEST: %-60s [FAIL]\n" "${msg}"
53 if [ "${PAUSE_ON_FAIL}" = "yes" ]; then
55 echo "hit enter to continue, 'q' to quit"
57 [ "$a" = "q" ] && exit 1
61 if [ "${PAUSE}" = "yes" ]; then
63 echo "hit enter to continue, 'q' to quit"
65 [ "$a" = "q" ] && exit 1
73 local drop_unsolicited_na=$1
74 local accept_untracked_na=$2
77 # Setup two namespaces and a veth tunnel across them.
78 # On end of the tunnel is a router and the other end is a host.
79 ip netns add ${HOST_NS}
80 ip netns add ${ROUTER_NS}
81 ${IP_ROUTER} link add ${ROUTER_INTF} type veth \
82 peer name ${HOST_INTF} netns ${HOST_NS}
84 # Enable IPv6 on both router and host, and configure static addresses.
85 # The router here is the DUT
86 # Setup router configuration as specified by the arguments.
87 # forwarding=0 case is to check that a non-router
88 # doesn't add neighbour entries.
89 ROUTER_CONF=net.ipv6.conf.${ROUTER_INTF}
90 ${IP_ROUTER_EXEC} sysctl -qw \
91 ${ROUTER_CONF}.forwarding=${forwarding}
92 ${IP_ROUTER_EXEC} sysctl -qw \
93 ${ROUTER_CONF}.drop_unsolicited_na=${drop_unsolicited_na}
94 ${IP_ROUTER_EXEC} sysctl -qw \
95 ${ROUTER_CONF}.accept_untracked_na=${accept_untracked_na}
96 ${IP_ROUTER_EXEC} sysctl -qw ${ROUTER_CONF}.disable_ipv6=0
97 ${IP_ROUTER} addr add ${ROUTER_ADDR_WITH_MASK} dev ${ROUTER_INTF}
99 # Turn on ndisc_notify on host interface so that
100 # the host sends unsolicited NAs.
101 HOST_CONF=net.ipv6.conf.${HOST_INTF}
102 ${IP_HOST_EXEC} sysctl -qw ${HOST_CONF}.ndisc_notify=1
103 ${IP_HOST_EXEC} sysctl -qw ${HOST_CONF}.disable_ipv6=0
104 ${IP_HOST} addr add ${HOST_ADDR_WITH_MASK} dev ${HOST_INTF}
111 tcpdump_stdout=`mktemp`
112 tcpdump_stderr=`mktemp`
113 ${IP_ROUTER_EXEC} timeout 15s \
114 tcpdump --immediate-mode -tpni ${ROUTER_INTF} -c 1 \
115 "icmp6 && icmp6[0] == 136 && src ${HOST_ADDR}" \
116 > ${tcpdump_stdout} 2> /dev/null
123 [[ ! -z ${tcpdump_stdout} ]] && rm -f ${tcpdump_stdout}
124 [[ ! -z ${tcpdump_stderr} ]] && rm -f ${tcpdump_stderr}
133 ip netns del ${HOST_NS}
134 ip netns del ${ROUTER_NS}
139 ${IP_ROUTER} link set dev ${ROUTER_INTF} up
140 ${IP_HOST} link set dev ${HOST_INTF} up
145 local drop_unsolicited_na=$1
146 local accept_untracked_na=$2
149 neigh_show_output=$(${IP_ROUTER} neigh show \
150 to ${HOST_ADDR} dev ${ROUTER_INTF} nud stale)
151 if [ ${drop_unsolicited_na} -eq 0 ] && \
152 [ ${accept_untracked_na} -eq 1 ] && \
153 [ ${forwarding} -eq 1 ]; then
154 # Neighbour entry expected to be present for 011 case
155 [[ ${neigh_show_output} ]]
157 # Neighbour entry expected to be absent for all other cases
158 [[ -z ${neigh_show_output} ]]
162 test_unsolicited_na_common()
164 # Setup the test bed, but keep links down
167 # Bring the link up, wait for the NA,
168 # and add a delay to ensure neighbour processing is done.
172 # Verify the neighbour table
173 verify_ndisc $1 $2 $3
177 test_unsolicited_na_combination() {
178 test_unsolicited_na_common $1 $2 $3
179 test_msg=("test_unsolicited_na: "
180 "drop_unsolicited_na=$1 "
181 "accept_untracked_na=$2 "
183 log_test $? 0 "${test_msg[*]}"
187 test_unsolicited_na_combinations() {
188 # Args: drop_unsolicited_na accept_untracked_na forwarding
191 test_unsolicited_na_combination 0 1 1
194 test_unsolicited_na_combination 0 0 0
195 test_unsolicited_na_combination 0 0 1
196 test_unsolicited_na_combination 0 1 0
197 test_unsolicited_na_combination 1 0 0
198 test_unsolicited_na_combination 1 0 1
199 test_unsolicited_na_combination 1 1 0
200 test_unsolicited_na_combination 1 1 1
203 ###############################################################################
211 -P Pause after each test before cleanup
215 ###############################################################################
221 p) PAUSE_ON_FAIL=yes;;
228 # make sure we don't pause twice
229 [ "${PAUSE}" = "yes" ] && PAUSE_ON_FAIL=no
231 if [ "$(id -u)" -ne 0 ];then
232 echo "SKIP: Need root privileges"
236 if [ ! -x "$(command -v ip)" ]; then
237 echo "SKIP: Could not run test without ip tool"
241 if [ ! -x "$(command -v tcpdump)" ]; then
242 echo "SKIP: Could not run test without tcpdump tool"
249 test_unsolicited_na_combinations
251 printf "\nTests passed: %3d\n" ${nsuccess}
252 printf "Tests failed: %3d\n" ${nfail}