@@ -174,6 +174,7 @@ ovpn_setup_ns() {
ip -n "${peer}" link set mtu ${3} dev tun${1}
fi
ip -n "${peer}" link set tun${1} up
+ ip -n "${peer}" addr add fe80::$(( ${1} + 1 ))/64 dev tun${1} scope link
}
ovpn_build_capture_filter() {
@@ -56,6 +56,59 @@ ovpn_prepare_network() {
done
}
+ovpn_run_mbcast_tests() {
+ local p
+ local peer_ns
+ local -a pids=()
+
+ ovpn_log "Testing broadcast:"
+ for p in $(seq 1 "${OVPN_NUM_PEERS}"); do
+ peer_ns="ovpn_peer${p}"
+ timeout 3 ip netns exec "${peer_ns}" \
+ tcpdump --immediate-mode -p -ni "tun${p}" -c 1 \
+ 'icmp and dst host 5.5.5.255' >/dev/null 2>&1 &
+ pids+=($!)
+ done
+ sleep 0.5
+ ovpn_cmd_mayfail "send broadcast ping from peer0" \
+ ip netns exec ovpn_peer0 ping -qbc 1 -w 3 -I tun0 5.5.5.255
+ for pid in "${pids[@]}"; do
+ wait "${pid}" || return 1
+ done
+ pids=()
+
+ ovpn_log "Testing multicast IPv4:"
+ for p in $(seq 1 "${OVPN_NUM_PEERS}"); do
+ peer_ns="ovpn_peer${p}"
+ timeout 3 ip netns exec "${peer_ns}" \
+ tcpdump --immediate-mode -p -ni "tun${p}" -c 1 \
+ 'icmp and dst host 224.0.0.1' >/dev/null 2>&1 &
+ pids+=($!)
+ done
+ sleep 0.5
+ ovpn_cmd_mayfail "send IPv4 multicast ping from peer0" \
+ ip netns exec ovpn_peer0 ping -qc 1 -w 3 -I tun0 224.0.0.1
+ for pid in "${pids[@]}"; do
+ wait "${pid}" || return 1
+ done
+ pids=()
+
+ ovpn_log "Testing multicast IPv6:"
+ for p in $(seq 1 "${OVPN_NUM_PEERS}"); do
+ peer_ns="ovpn_peer${p}"
+ timeout 3 ip netns exec "${peer_ns}" \
+ tcpdump --immediate-mode -p -ni "tun${p}" -c 1 \
+ 'icmp6 and dst host ff02::1' >/dev/null 2>&1 &
+ pids+=($!)
+ done
+ sleep 0.5
+ ovpn_cmd_mayfail "send IPv6 multicast ping from peer0" \
+ ip netns exec ovpn_peer0 ping -6 -qc 1 -w 3 -I tun0 ff02::1
+ for pid in "${pids[@]}"; do
+ wait "${pid}" || return 1
+ done
+}
+
ovpn_run_basic_traffic() {
local p
local header1
@@ -293,9 +346,9 @@ trap ovpn_stage_err ERR
ktap_print_header
if [ "${OVPN_FLOAT}" == "1" ]; then
- ktap_set_plan 13
+ ktap_set_plan 14
else
- ktap_set_plan 12
+ ktap_set_plan 13
fi
ovpn_cleanup
@@ -303,6 +356,7 @@ modprobe -q ovpn || true
ovpn_run_stage "setup network topology" ovpn_prepare_network
ovpn_run_stage "run baseline data traffic" ovpn_run_basic_traffic
+ovpn_run_stage "run multi/broadcast traffic" ovpn_run_mbcast_tests
ovpn_run_stage "run LAN traffic behind peer1" ovpn_run_lan_traffic
[ "${OVPN_FLOAT}" == "1" ] && ovpn_run_stage "run floating peer checks" \
ovpn_run_float_mode
Add a test stage that verifies the ovpn module forwards broadcast (IPv4) and multicast (IPv4/v6) packets to all active peers. For each mode we start tcpdump on every client peer, send a single ping from peer0 to the broadcast/multicast address, and verify all peers captured the packet. IPv6 link-local addresses are assigned to TUN interfaces so that ping to ff02::1 can select a valid source address. Signed-off-by: Marco Baffo <marco@mandelbit.com> --- tools/testing/selftests/net/ovpn/common.sh | 1 + tools/testing/selftests/net/ovpn/test.sh | 58 +++++++++++++++++++++- 2 files changed, 57 insertions(+), 2 deletions(-)