From 0ae4e97b381318284c208bd9bae8f7286356f2e7 Mon Sep 17 00:00:00 2001 From: claudio Date: Mon, 16 Oct 2023 10:26:51 +0000 Subject: [PATCH] Add regress test to verify that IPv6 link-local addresses work --- .../usr.sbin/bgpd/integrationtests/Makefile | 12 +- .../bgpd.lladdr.rdomain1.conf | 23 ++++ .../bgpd.lladdr.rdomain2.conf | 23 ++++ .../bgpd/integrationtests/lladdr.rdomain1.ok | 36 ++++++ .../bgpd/integrationtests/lladdr.rdomain2.ok | 36 ++++++ .../usr.sbin/bgpd/integrationtests/lladdr.sh | 109 ++++++++++++++++++ 6 files changed, 235 insertions(+), 4 deletions(-) create mode 100644 regress/usr.sbin/bgpd/integrationtests/bgpd.lladdr.rdomain1.conf create mode 100644 regress/usr.sbin/bgpd/integrationtests/bgpd.lladdr.rdomain2.conf create mode 100644 regress/usr.sbin/bgpd/integrationtests/lladdr.rdomain1.ok create mode 100644 regress/usr.sbin/bgpd/integrationtests/lladdr.rdomain2.ok create mode 100644 regress/usr.sbin/bgpd/integrationtests/lladdr.sh diff --git a/regress/usr.sbin/bgpd/integrationtests/Makefile b/regress/usr.sbin/bgpd/integrationtests/Makefile index bc0b9810cb2..10e36ac401a 100644 --- a/regress/usr.sbin/bgpd/integrationtests/Makefile +++ b/regress/usr.sbin/bgpd/integrationtests/Makefile @@ -1,8 +1,9 @@ -# $OpenBSD: Makefile,v 1.22 2023/10/12 09:18:56 claudio Exp $ +# $OpenBSD: Makefile,v 1.23 2023/10/16 10:26:51 claudio Exp $ -REGRESS_TARGETS = network_statement md5 ovs mrt pftable \ - maxprefix maxprefixout maxcomm \ - as0 med eval_all policy l3vpn attr ixp +REGRESS_TARGETS = network_statement md5 ovs policy pftable \ + mrt maxprefix maxprefixout maxcomm l3vpn \ + ixp lladdr \ + as0 med eval_all attr BGPD ?= /usr/sbin/bgpd @@ -44,6 +45,9 @@ l3vpn: ixp: ${SUDO} ksh ${.CURDIR}/$@.sh ${BGPD} ${.CURDIR} 11 12 pair11 pair12 +lladdr: + ${SUDO} ksh ${.CURDIR}/$@.sh ${BGPD} ${.CURDIR} 11 12 pair11 pair12 + .if ! exists(/usr/local/bin/exabgp) as0: # install exabgp from ports for additional tests diff --git a/regress/usr.sbin/bgpd/integrationtests/bgpd.lladdr.rdomain1.conf b/regress/usr.sbin/bgpd/integrationtests/bgpd.lladdr.rdomain1.conf new file mode 100644 index 00000000000..91d5c03855b --- /dev/null +++ b/regress/usr.sbin/bgpd/integrationtests/bgpd.lladdr.rdomain1.conf @@ -0,0 +1,23 @@ +AS 4200000001 +router-id 42.0.0.1 +fib-update yes + +network 2001:db8:1::/48 set community 0:1 +network 2001:db8:11::/48 set community 0:11 + +neighbor fe80::c0fe:2%pair11 { + descr "RDOMAIN2" + remote-as 4200000002 + local-address fe80::c0fe:1%pair11 +} +neighbor fe80::beef:2%gif11 { + descr "RDOMAIN2_2" + remote-as 4200000002 + local-address fe80::beef:1%gif11 +} + + +allow from any +deny to any +allow to fe80::c0fe:2%pair11 community 0:1 +allow to fe80::beef:2%gif11 community 0:11 diff --git a/regress/usr.sbin/bgpd/integrationtests/bgpd.lladdr.rdomain2.conf b/regress/usr.sbin/bgpd/integrationtests/bgpd.lladdr.rdomain2.conf new file mode 100644 index 00000000000..c40fdb48282 --- /dev/null +++ b/regress/usr.sbin/bgpd/integrationtests/bgpd.lladdr.rdomain2.conf @@ -0,0 +1,23 @@ +AS 4200000002 +router-id 42.0.0.2 +fib-update yes + +network 2001:db8:2::/48 set community 0:1 +network 2001:db8:12::/48 set community 0:11 + +neighbor fe80::c0fe:1%pair12 { + descr "RDOMAIN1" + remote-as 4200000001 + local-address fe80::c0fe:2%pair12 +} + +neighbor fe80::beef:1%gif12 { + descr "RDOMAIN1_2" + remote-as 4200000001 + local-address fe80::beef:2%gif12 +} + +allow from any +deny to any +allow to fe80::c0fe:1%pair12 community 0:1 +allow to fe80::beef:1%gif12 community 0:11 diff --git a/regress/usr.sbin/bgpd/integrationtests/lladdr.rdomain1.ok b/regress/usr.sbin/bgpd/integrationtests/lladdr.rdomain1.ok new file mode 100644 index 00000000000..bb90aab04bc --- /dev/null +++ b/regress/usr.sbin/bgpd/integrationtests/lladdr.rdomain1.ok @@ -0,0 +1,36 @@ +flags: * = Valid, > = Selected, I = via IBGP, A = Announced, + S = Stale, E = Error +origin validation state: N = not-found, V = valid, ! = invalid +aspa validation state: ? = unknown, V = valid, ! = invalid +origin: i = IGP, e = EGP, ? = Incomplete + +flags vs destination gateway lpref med aspath origin +AI*> N-? 2001:db8:1::/48 :: 100 0 i +*> N-? 2001:db8:2::/48 fe80::c0fe:2%pair11 100 0 4200000002 i +AI*> N-? 2001:db8:11::/48 :: 100 0 i +*> N-? 2001:db8:12::/48 fe80::beef:2%gif11 100 0 4200000002 i +flags: B = BGP, C = Connected, S = Static + N = BGP Nexthop reachable via this route + r = reject route, b = blackhole route + +flags prio destination gateway +B 48 2001:db8:2::/48 fe80::c0fe:2%pair11 +B 48 2001:db8:12::/48 fe80::beef:2%gif11 + route to: 2001:db8:2:: +destination: 2001:db8:2:: + mask: ffff:ffff:ffff:: + gateway: fe80::c0fe:2%pair11 + interface: pair11 + priority: 48 (bgp) + flags: + use mtu expire + 0 0 0 + route to: 2001:db8:12:: +destination: 2001:db8:12:: + mask: ffff:ffff:ffff:: + gateway: fe80::beef:2%gif11 + interface: gif11 + priority: 48 (bgp) + flags: + use mtu expire + 0 0 0 diff --git a/regress/usr.sbin/bgpd/integrationtests/lladdr.rdomain2.ok b/regress/usr.sbin/bgpd/integrationtests/lladdr.rdomain2.ok new file mode 100644 index 00000000000..f92a39f0788 --- /dev/null +++ b/regress/usr.sbin/bgpd/integrationtests/lladdr.rdomain2.ok @@ -0,0 +1,36 @@ +flags: * = Valid, > = Selected, I = via IBGP, A = Announced, + S = Stale, E = Error +origin validation state: N = not-found, V = valid, ! = invalid +aspa validation state: ? = unknown, V = valid, ! = invalid +origin: i = IGP, e = EGP, ? = Incomplete + +flags vs destination gateway lpref med aspath origin +*> N-? 2001:db8:1::/48 fe80::c0fe:1%pair12 100 0 4200000001 i +AI*> N-? 2001:db8:2::/48 :: 100 0 i +*> N-? 2001:db8:11::/48 fe80::beef:1%gif12 100 0 4200000001 i +AI*> N-? 2001:db8:12::/48 :: 100 0 i +flags: B = BGP, C = Connected, S = Static + N = BGP Nexthop reachable via this route + r = reject route, b = blackhole route + +flags prio destination gateway +B 48 2001:db8:1::/48 fe80::c0fe:1%pair12 +B 48 2001:db8:11::/48 fe80::beef:1%gif12 + route to: 2001:db8:1:: +destination: 2001:db8:1:: + mask: ffff:ffff:ffff:: + gateway: fe80::c0fe:1%pair12 + interface: pair12 + priority: 48 (bgp) + flags: + use mtu expire + 0 0 0 + route to: 2001:db8:11:: +destination: 2001:db8:11:: + mask: ffff:ffff:ffff:: + gateway: fe80::beef:1%gif12 + interface: gif12 + priority: 48 (bgp) + flags: + use mtu expire + 0 0 0 diff --git a/regress/usr.sbin/bgpd/integrationtests/lladdr.sh b/regress/usr.sbin/bgpd/integrationtests/lladdr.sh new file mode 100644 index 00000000000..f91eb9989dc --- /dev/null +++ b/regress/usr.sbin/bgpd/integrationtests/lladdr.sh @@ -0,0 +1,109 @@ +#!/bin/ksh +# $OpenBSD: lladdr.sh,v 1.1 2023/10/16 10:26:51 claudio Exp $ + +set -e + +BGPD=$1 +BGPDCONFIGDIR=$2 +RDOMAIN1=$3 +RDOMAIN2=$4 +PAIR1=$5 +PAIR2=$6 +GIF1=gif${RDOMAIN1} +GIF2=gif${RDOMAIN2} + +RDOMAINS="${RDOMAIN1} ${RDOMAIN2}" +IFACES="${PAIR1} ${PAIR2} ${GIF1} ${GIF2}" +PAIR1IP6=fe80::c0fe:1 +PAIR2IP6=fe80::c0fe:2 +GIF1IP6=fe80::beef:1 +GIF2IP6=fe80::beef:2 + +error_notify() { + set -x + echo cleanup + pfctl -q -t bgpd_integ_test -T kill + pkill -T ${RDOMAIN1} bgpd || true + pkill -T ${RDOMAIN2} bgpd || true + sleep 1 + ifconfig ${GIF1} destroy || true + ifconfig ${GIF2} destroy || true + ifconfig ${PAIR1} destroy || true + ifconfig ${PAIR2} destroy || true + route -qn -T ${RDOMAIN1} flush || true + route -qn -T ${RDOMAIN2} flush || true + ifconfig lo${RDOMAIN1} destroy || true + ifconfig lo${RDOMAIN2} destroy || true + if [ $1 -ne 0 ]; then + echo FAILED + exit 1 + else + echo SUCCESS + fi +} + +if [ "$(id -u)" -ne 0 ]; then + echo need root privileges >&2 + exit 1 +fi + +trap 'error_notify $?' EXIT + +echo check if rdomains are busy +for n in ${RDOMAINS}; do + if /sbin/ifconfig | grep -v "^lo${n}:" | grep " rdomain ${n} "; then + echo routing domain ${n} is already used >&2 + exit 1 + fi +done + +echo check if interfaces are busy +for n in ${IFACES}; do + /sbin/ifconfig "${n}" >/dev/null 2>&1 && \ + ( echo interface ${n} is already used >&2; exit 1 ) +done + +set -x + +echo setup +ifconfig ${PAIR1} rdomain ${RDOMAIN1} up +ifconfig ${PAIR2} rdomain ${RDOMAIN2} up +ifconfig ${PAIR1} inet6 ${PAIR1IP6}/64 +ifconfig ${PAIR2} inet6 ${PAIR2IP6}/64 +ifconfig ${PAIR1} patch ${PAIR2} +ifconfig ${GIF1} rdomain ${RDOMAIN1} tunneldomain ${RDOMAIN1} +ifconfig ${GIF2} rdomain ${RDOMAIN2} tunneldomain ${RDOMAIN2} +ifconfig ${GIF1} tunnel ${PAIR1IP6}%${PAIR1} ${PAIR2IP6}%${PAIR1} +ifconfig ${GIF2} tunnel ${PAIR2IP6}%${PAIR2} ${PAIR1IP6}%${PAIR2} +ifconfig ${GIF1} inet6 ${GIF1IP6}/128 ${GIF2IP6} +ifconfig ${GIF2} inet6 ${GIF2IP6}/128 ${GIF1IP6} + +echo run bgpds +route -T ${RDOMAIN1} exec ${BGPD} \ + -v -f ${BGPDCONFIGDIR}/bgpd.lladdr.rdomain1.conf +route -T ${RDOMAIN2} exec ${BGPD} \ + -v -f ${BGPDCONFIGDIR}/bgpd.lladdr.rdomain2.conf + +sleep 1 + +route -T11 exec bgpctl nei RDOMAIN2 up +route -T11 exec bgpctl nei RDOMAIN2_2 up + +sleep 2 + +route -T11 exec bgpctl show rib | tee lladdr.rdomain1.out +route -T11 exec bgpctl show fib | grep -v 'link#' | tee -a lladdr.rdomain1.out +route -T11 get 2001:db8:2::/48 | grep -v "if address" | tee -a lladdr.rdomain1.out +route -T11 get 2001:db8:12::/48 | grep -v "if address" | tee -a lladdr.rdomain1.out + +route -T12 exec bgpctl show rib | tee lladdr.rdomain2.out +route -T12 exec bgpctl show fib | grep -v 'link#' | tee -a lladdr.rdomain2.out +route -T12 get 2001:db8:1::/48 | grep -v "if address" | tee -a lladdr.rdomain2.out +route -T12 get 2001:db8:11::/48 | grep -v "if address" | tee -a lladdr.rdomain2.out + +sleep .2 +diff -u ${BGPDCONFIGDIR}/lladdr.rdomain1.ok lladdr.rdomain1.out +diff -u ${BGPDCONFIGDIR}/lladdr.rdomain2.ok lladdr.rdomain2.out +echo OK + +exit 0 -- 2.20.1