Commit 044011fd authored by Ido Schimmel's avatar Ido Schimmel Committed by David S. Miller

selftests: mlxsw: vxlan_flooding: Prevent flooding of unwanted packets

The test verifies that packets are correctly flooded by the bridge and
the VXLAN device by matching on the encapsulated packets at the other
end. However, if packets other than those generated by the test also
ingress the bridge (e.g., MLD packets), they will be flooded as well and
interfere with the expected count.

Make the test more robust by making sure that only the packets generated
by the test can ingress the bridge. Drop all the rest using tc filters
on the egress of 'br0' and 'h1'.

In the software data path, the problem can be solved by matching on the
inner destination MAC or dropping unwanted packets at the egress of the
VXLAN device, but this is not currently supported by mlxsw.

Fixes: 94d302de ("selftests: mlxsw: Add a test for VxLAN flooding")
Signed-off-by: default avatarIdo Schimmel <idosch@nvidia.com>
Reviewed-by: default avatarAmit Cohen <amcohen@nvidia.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent c5d0fc54
......@@ -172,6 +172,17 @@ flooding_filters_add()
local lsb
local i
# Prevent unwanted packets from entering the bridge and interfering
# with the test.
tc qdisc add dev br0 clsact
tc filter add dev br0 egress protocol all pref 1 handle 1 \
matchall skip_hw action drop
tc qdisc add dev $h1 clsact
tc filter add dev $h1 egress protocol all pref 1 handle 1 \
flower skip_hw dst_mac de:ad:be:ef:13:37 action pass
tc filter add dev $h1 egress protocol all pref 2 handle 2 \
matchall skip_hw action drop
tc qdisc add dev $rp2 clsact
for i in $(eval echo {1..$num_remotes}); do
......@@ -194,6 +205,12 @@ flooding_filters_del()
done
tc qdisc del dev $rp2 clsact
tc filter del dev $h1 egress protocol all pref 2 handle 2 matchall
tc filter del dev $h1 egress protocol all pref 1 handle 1 flower
tc qdisc del dev $h1 clsact
tc filter del dev br0 egress protocol all pref 1 handle 1 matchall
tc qdisc del dev br0 clsact
}
flooding_check_packets()
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment