tools/testing/selftests/net/ipv6_force_forwarding.sh


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105

#!/bin/bash
# SPDX-License-Identifier: GPL-2.0
#
# Test IPv6 force_forwarding interface property
#
# This test verifies that the force_forwarding property works correctly:
# - When global forwarding is disabled, packets are not forwarded normally
# - When force_forwarding is enabled on an interface, packets are forwarded
#   regardless of the global forwarding setting

source lib.sh

cleanup() {
    cleanup_ns $ns1 $ns2 $ns3
}

trap cleanup EXIT

setup_test() {
    # Create three namespaces: sender, router, receiver
    setup_ns ns1 ns2 ns3

    # Create veth pairs: ns1 <-> ns2 <-> ns3
    ip link add name veth12 type veth peer name veth21
    ip link add name veth23 type veth peer name veth32

    # Move interfaces to namespaces
    ip link set veth12 netns $ns1
    ip link set veth21 netns $ns2
    ip link set veth23 netns $ns2
    ip link set veth32 netns $ns3

    # Configure interfaces
    ip -n $ns1 addr add 2001:db8:1::1/64 dev veth12 nodad
    ip -n $ns2 addr add 2001:db8:1::2/64 dev veth21 nodad
    ip -n $ns2 addr add 2001:db8:2::1/64 dev veth23 nodad
    ip -n $ns3 addr add 2001:db8:2::2/64 dev veth32 nodad

    # Bring up interfaces
    ip -n $ns1 link set veth12 up
    ip -n $ns2 link set veth21 up
    ip -n $ns2 link set veth23 up
    ip -n $ns3 link set veth32 up

    # Add routes
    ip -n $ns1 route add 2001:db8:2::/64 via 2001:db8:1::2
    ip -n $ns3 route add 2001:db8:1::/64 via 2001:db8:2::1

    # Disable global forwarding
    ip netns exec $ns2 sysctl -qw net.ipv6.conf.all.forwarding=0
}

test_force_forwarding() {
    local ret=0

    echo "TEST: force_forwarding functionality"

    # Check if force_forwarding sysctl exists
    if ! ip netns exec $ns2 test -f /proc/sys/net/ipv6/conf/veth21/force_forwarding; then
        echo "SKIP: force_forwarding not available"
        return $ksft_skip
    fi

    # Test 1: Without force_forwarding, ping should fail
    ip netns exec $ns2 sysctl -qw net.ipv6.conf.veth21.force_forwarding=0
    ip netns exec $ns2 sysctl -qw net.ipv6.conf.veth23.force_forwarding=0

    if ip netns exec $ns1 ping -6 -c 1 -W 2 2001:db8:2::2 &>/dev/null; then
        echo "FAIL: ping succeeded when forwarding disabled"
        ret=1
    else
        echo "PASS: forwarding disabled correctly"
    fi

    # Test 2: With force_forwarding enabled, ping should succeed
    ip netns exec $ns2 sysctl -qw net.ipv6.conf.veth21.force_forwarding=1
    ip netns exec $ns2 sysctl -qw net.ipv6.conf.veth23.force_forwarding=1

    if ip netns exec $ns1 ping -6 -c 1 -W 2 2001:db8:2::2 &>/dev/null; then
        echo "PASS: force_forwarding enabled forwarding"
    else
        echo "FAIL: ping failed with force_forwarding enabled"
        ret=1
    fi

    return $ret
}

echo "IPv6 force_forwarding test"
echo "=========================="

setup_test
test_force_forwarding
ret=$?

if [ $ret -eq 0 ]; then
    echo "OK"
    exit 0
elif [ $ret -eq $ksft_skip ]; then
    echo "SKIP"
    exit $ksft_skip
else
    echo "FAIL"
    exit 1
fi