Thread (23 messages) 23 messages, 2 authors, 2025-12-02

Re: [PATCH net-next 12/12] selftests: net: selftest for ipvlan-macnat mode

From: Paolo Abeni <pabeni@redhat.com>
Date: 2025-11-25 14:40:08
Also in: linux-kselftest, lkml

On 11/20/25 6:49 PM, Dmitry Skorodumov wrote:
quoted hunk ↗ jump to hunk
diff --git a/tools/testing/selftests/net/ipvtap_macnat_bridge.py b/tools/testing/selftests/net/ipvtap_macnat_bridge.py
new file mode 100755
index 000000000000..7dc4a626e5bb
--- /dev/null
+++ b/tools/testing/selftests/net/ipvtap_macnat_bridge.py
[...]
+    TAP = sys.argv[1]
+    IPVTAP = sys.argv[2]
+
+    print(f"Starting TAP bridge between {TAP} and {IPVTAP} in {ns_name}")
+    bridge = TapBridge(TAP, IPVTAP)
+    bridge.run()
This is not a complete review, but you need to add CONFIG_IPVTAP and
CONFIG_TAP to tools/testing/selftests/net/config.
quoted hunk ↗ jump to hunk
diff --git a/tools/testing/selftests/net/ipvtap_macnat_test.sh b/tools/testing/selftests/net/ipvtap_macnat_test.sh
new file mode 100755
index 000000000000..927d75af776b
--- /dev/null
+++ b/tools/testing/selftests/net/ipvtap_macnat_test.sh
@@ -0,0 +1,333 @@
+#!/bin/bash
+# SPDX-License-Identifier: GPL-2.0
+#
+# Tests for ipvtap in macnat mode
+
+NS_TST0=ipvlan-tst-0
+NS_TST1=ipvlan-tst-1
+NS_PHY=ipvlan-tst-phy
Please use lib.sh / setup_ns instead, to avoid netns name conflicts and
leverage automatic cleanup
+
+IP_HOST=172.25.0.1
+IP_PHY=172.25.0.2
+IP_TST0=172.25.0.10
+IP_TST1=172.25.0.30
+
+IP_OK0=("172.25.0.10" "172.25.0.11" "172.25.0.12" "172.25.0.13")
+IP6_OK0=("fc00::10" "fc00::11" "fc00::12" "fc00::13" )
+
+IP_OVFL0="172.25.0.14"
+IP6_OVFL0="fc00::14"
+
+IP6_HOST=fc00::1
+IP6_PHY=fc00::2
+IP6_TST0=fc00::10
+IP6_TST1=fc00::30
+
+MAC_HOST="92:3a:00:00:00:01"
+MAC_PHY="92:3a:00:00:00:02"
+MAC_TST0="92:3a:00:00:00:10"
+MAC_TST1="92:3a:00:00:00:30"
+
+VETH_HOST=vethtst
+VETH_PHY=vethtst.p
+
+#
+# The testing environment looks this way:
+#
+# |------HOST------|     |------PHY-------|
+# |      veth<----------------->veth      |
+# |------|--|------|     |----------------|
+#        |  |
+#        |  |            |-----TST0-------|
+#        |  |------------|----ipvtap      |
+#        |               |----------------|
+#        |
+#        |               |-----TST1-------|
+#        |---------------|----ivtap       |
+#                        |----------------|
+#
+# The macnat mode is for virtual machines, so ipvtap-interface is supposed
+# to be used only for traffic monitoring and doesn't have ip-address.
+#
+# To simulate a virtual machine on ipvtap, we create TAP-interfaces
+# in TST environments and assing IP-addresses to them.
+# TAP and IPVTAP are connected with simple python script.
+#
+
+ns_run() {
+	ns=$1
+	shift
+	if [[ "$ns" == "default" ]]; then
+		"$@" >/dev/null
+	else
+		ip netns exec "$ns" "$@" >/dev/null
+	fi
+}
+
+configure_ns() {
+	local ns=$1
+	local n=$2
+	local ip=$3
+	local ip6=$4
+	local mac=$5
+
+	ns_run "$ns" ip link set lo up
+
+	if ! ip link add netns "$ns" name "ipvtap0.$n" link $VETH_HOST \
+	    type ipvtap mode l2macnat bridge; then
+		exit_error "FAIL: Failed to configure ipvtap link."
+	fi
+	ns_run "$ns" ip link set "ipvtap0.$n" up
+
+	ns_run "$ns" ip tuntap add mode tap "tap0.$n"
+	ns_run "$ns" ip link set dev "tap0.$n" address "$mac"
+	# disable dad
+	ns_run "$ns" sysctl -w "net/ipv6/conf/tap0.$n/accept_dad"=0
+	ns_run "$ns" ip link set "tap0.$n" up
+	ns_run "$ns" ip a a "$ip/24" dev "tap0.$n"
+	ns_run "$ns" ip a a "$ip6/64" dev "tap0.$n"
+}
+
+start_macnat_bridge() {
+	local ns=$1
+	local n=$2
+	ip netns exec "$ns" python3 ipvtap_macnat_bridge.py \
+		"tap0.$n" "ipvtap0.$n" &
+}
+
+configure_veth() {
+	local ns=$1
+	local veth=$2
+	local ip=$3
+	local ip6=$4
+	local mac=$5
+
+	ns_run "$ns" ip link set lo up
+	ns_run "$ns" ethtool -K "$veth" tx off rx off
+	ns_run "$ns" ip link set dev "$veth" address "$mac"
+	ns_run "$ns" ip link set "$veth" up
+	ns_run "$ns" ip a a "$ip/24" dev "$veth"
+	ns_run "$ns" ip a a "$ip6/64" dev "$veth"
+}
+
+setup_env() {
+	ip netns add $NS_TST0
+	ip netns add $NS_TST1
+	ip netns add $NS_PHY
+
+	# setup simulated other-host (phy) and host itself
+	ip link add $VETH_HOST type veth peer name $VETH_PHY \
+	    netns $NS_PHY >/dev/null
+
+	# host config
+	configure_veth default $VETH_HOST $IP_HOST $IP6_HOST $MAC_HOST
+	configure_veth $NS_PHY $VETH_PHY $IP_PHY $IP6_PHY $MAC_PHY
+
+	# TST namespaces config
+	configure_ns $NS_TST0 0 $IP_TST0 $IP6_TST0 $MAC_TST0
+	configure_ns $NS_TST1 1 $IP_TST1 $IP6_TST1 $MAC_TST1
+}
+
+ping_all() {
+	# This will learn MAC/IP addresses on ipvtap
+	local ns=$1
+
+	ns_run "$ns" ping -c 1 $IP_TST0
+	ns_run "$ns" ping -c 1 $IP6_TST0
+
+	ns_run "$ns" ping -c 1 $IP_TST1
+	ns_run "$ns" ping -c 1 $IP6_TST1
+
+	ns_run "$ns" ping -c 1 $IP_HOST
+	ns_run "$ns" ping -c 1 $IP6_HOST
+
+	ns_run "$ns" ping -c 1 $IP_PHY
+	ns_run "$ns" ping -c 1 $IP6_PHY
+}
+
+check_mac_eq() {
+	# Ensure IP corresponds to MAC.
+	local ns=$1
+	local ip=$2
+	local mac=$3
+	local dev=$4
+
+	if [[ "$ns" == "default" ]]; then
+		out=$(
+			ip neigh show "$ip" dev "$dev" \
+			| grep "$ip" \
+			| grep "$mac"
+		)
+	else
+		out=$(
+			ip netns exec "$ns" \
+			ip neigh show "$ip" dev "$dev" \
+			| grep "$ip" \
+			| grep "$mac"
+		)
+	fi
+
+	if [[ $out'X' == "X" ]]; then
+		exit_error "FAIL: '$ip' is not '$mac'"
+	fi
+}
+
+cleanup_env() {
+	ip link del $VETH_HOST
+	ip netns del $NS_TST0
+	ip netns del $NS_TST1
+	ip netns del $NS_PHY
+}
+
+exit_error() {
+	echo "$1"
+	exit 1
It would be better to try to run all the test-cases and return a single
fail/success code. lib.sh can help with that. too.

/P
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help