xref: /dpdk/examples/ipsec-secgw/test/common_defs.sh (revision 2d7a5922aecadb9eee7de7f314a6dee36f3b1aa3) 
1#! /bin/bash
2# SPDX-License-Identifier: BSD-3-Clause
3
4# check ETH_DEV
5if [[ -z "${ETH_DEV}" ]]; then
6	echo "ETH_DEV is invalid"
7	exit 127
8fi
9
10# check that REMOTE_HOST is reachable
11ssh ${REMOTE_HOST} echo
12st=$?
13if [[ $st -ne 0 ]]; then
14	echo "host ${REMOTE_HOST} is not reachable"
15	exit $st
16fi
17
18# get ether addr of REMOTE_HOST
19REMOTE_MAC=`ssh ${REMOTE_HOST} ip addr show dev ${REMOTE_IFACE}`
20st=$?
21REMOTE_MAC=`echo ${REMOTE_MAC} | sed -e 's/^.*ether //' -e 's/ brd.*$//'`
22if [[ $st -ne 0 || -z "${REMOTE_MAC}" ]]; then
23	echo "couldn't retrieve ether addr from ${REMOTE_IFACE}"
24	exit 127
25fi
26
27LOCAL_IFACE=dtap0
28
29LOCAL_MAC="02:64:74:61:70:30"
30
31REMOTE_IPV4=192.168.31.14
32LOCAL_IPV4=192.168.31.92
33
34REMOTE_IPV6=fd12:3456:789a:0031:0000:0000:0000:0014
35LOCAL_IPV6=fd12:3456:789a:0031:0000:0000:0000:0092
36
37DPDK_PATH=${PWD}
38DPDK_BUILD="build"
39DPDK_VARS=""
40
41# by default ipsec-secgw can't deal with multi-segment packets
42# make sure our local/remote host wouldn't generate fragmented packets
43# if reassembly option is not enabled
44DEF_MTU_LEN=1400
45DEF_PING_LEN=1200
46
47# set operation mode based on environment variables values
48select_mode()
49{
50	echo "Test environment configuration:"
51	# check which mode to be enabled (library/legacy)
52	if [[ -n "${SGW_MODE}" && "${SGW_MODE}" == "library" ]]; then
53		DPDK_MODE="-w 300 -l"
54		echo "[enabled]  library mode"
55	else
56		DPDK_MODE=""
57		echo "[enabled]  legacy mode"
58	fi
59
60	# check if esn is demanded
61	if [[ -n "${SGW_ESN}" && "${SGW_ESN}" == "esn-on" ]]; then
62		DPDK_VARS="${DPDK_VARS} -e"
63		XFRM_ESN="flag esn"
64		echo "[enabled]  extended sequence number"
65	else
66		XFRM_ESN=""
67		echo "[disabled] extended sequence number"
68	fi
69
70	# check if atom is demanded
71	if [[ -n "${SGW_ATOM}" && "${SGW_ATOM}" == "atom-on" ]]; then
72		DPDK_VARS="${DPDK_VARS} -a"
73		echo "[enabled]  sequence number atomic behavior"
74	else
75		echo "[disabled] sequence number atomic behavior"
76	fi
77
78	# check if inline should be enabled
79	if [[ -n "${SGW_CRYPTO}" && "${SGW_CRYPTO}" == "inline" ]]; then
80		CRYPTO_DEV='--vdev="crypto_null0"'
81		SGW_CFG_XPRM_IN="port_id 0 type inline-crypto-offload"
82		SGW_CFG_XPRM_OUT="port_id 0 type inline-crypto-offload"
83		echo "[enabled]  inline crypto mode"
84	else
85		SGW_CFG_XPRM_IN=""
86		SGW_CFG_XPRM_OUT=""
87		echo "[disabled] inline crypto mode"
88	fi
89
90	# check if fallback should be enabled
91	if [[ -n "${SGW_CRYPTO_FLBK}" ]] && [[ -n ${SGW_CFG_XPRM_IN} ]] \
92	&& [[ "${SGW_MODE}" == "library" ]] \
93	&& [[ "${SGW_CRYPTO_FLBK}" == "cpu-crypto" \
94	|| "${SGW_CRYPTO_FLBK}" == "lookaside-none" ]]; then
95		CRYPTO_DEV=""
96		SGW_CFG_XPRM_IN="${SGW_CFG_XPRM_IN} fallback ${SGW_CRYPTO_FLBK}"
97		SGW_CFG_XPRM_OUT=""
98		echo "[enabled]  crypto fallback ${SGW_CRYPTO_FLBK} mode"
99	else
100		if [[ -n "${SGW_CRYPTO_FLBK}" \
101		&& "${SGW_CRYPTO}" != "inline" ]]; then
102			echo "SGW_CRYPTO variable needs to be set to \
103\"inline\" for ${SGW_CRYPTO_FLBK} fallback setting"
104			exit 127
105		elif [[ -n "${SGW_CRYPTO_FLBK}" \
106		&& "${SGW_MODE}" != "library" ]]; then
107			echo "SGW_MODE variable needs to be set to \
108\"library\" for ${SGW_CRYPTO_FLBK} fallback setting"
109			exit 127
110		fi
111		echo "[disabled] crypto fallback mode"
112	fi
113
114	# select sync/async mode
115	if [[ -n "${CRYPTO_PRIM_TYPE}" && -n "${DPDK_MODE}" ]]; then
116		echo "[enabled]  crypto primary type - ${CRYPTO_PRIM_TYPE}"
117		SGW_CFG_XPRM_IN="${SGW_CFG_XPRM_IN} type ${CRYPTO_PRIM_TYPE}"
118		SGW_CFG_XPRM_OUT="${SGW_CFG_XPRM_OUT} type ${CRYPTO_PRIM_TYPE}"
119	else
120		if [[ -n "${CRYPTO_PRIM_TYPE}" \
121		&& "${SGW_MODE}" != "library" ]]; then
122			echo "SGW_MODE variable needs to be set to \
123\"library\" for ${CRYPTO_PRIM_TYPE} crypto primary type setting"
124			exit 127
125		fi
126	fi
127
128
129	# make linux to generate fragmented packets
130	if [[ -n "${SGW_MULTI_SEG}" && -n "${DPDK_MODE}" ]]; then
131		echo -e "[enabled]  multi-segment test is enabled\n"
132		SGW_CMD_XPRM="--reassemble ${SGW_MULTI_SEG}"
133		PING_LEN=5000
134		MTU_LEN=1500
135	else
136		if [[ -z "${SGW_MULTI_SEG}" \
137		&& "${SGW_CFG_XPRM_IN}" == *fallback* ]]; then
138			echo "SGW_MULTI_SEG environment variable needs \
139to be set for ${SGW_CRYPTO_FLBK} fallback test"
140			exit 127
141		elif [[ -n "${SGW_MULTI_SEG}" \
142		&& "${SGW_MODE}" != "library" ]]; then
143			echo "SGW_MODE variable needs to be set to \
144\"library\" for multiple segment reassemble setting"
145		exit 127
146		fi
147
148		echo -e "[disabled] multi-segment test\n"
149		PING_LEN=${DEF_PING_LEN}
150		MTU_LEN=${DEF_MTU_LEN}
151	fi
152}
153
154# setup mtu on local iface
155set_local_mtu()
156{
157	mtu=$1
158	ifconfig ${LOCAL_IFACE} mtu ${mtu}
159	sysctl -w net.ipv6.conf.${LOCAL_IFACE}.mtu=${mtu}
160}
161
162# configure local host/ifaces
163config_local_iface()
164{
165	ifconfig ${LOCAL_IFACE} ${LOCAL_IPV4}/24 up
166	ifconfig ${LOCAL_IFACE}
167
168	ip neigh flush dev ${LOCAL_IFACE}
169	ip neigh add ${REMOTE_IPV4} dev ${LOCAL_IFACE} lladdr ${REMOTE_MAC}
170	ip neigh show dev ${LOCAL_IFACE}
171}
172
173config6_local_iface()
174{
175	config_local_iface
176
177	sysctl -w net.ipv6.conf.${LOCAL_IFACE}.disable_ipv6=0
178	ip addr add  ${LOCAL_IPV6}/64 dev ${LOCAL_IFACE}
179
180	ip -6 neigh add ${REMOTE_IPV6} dev ${LOCAL_IFACE} lladdr ${REMOTE_MAC}
181	ip neigh show dev ${LOCAL_IFACE}
182}
183
184# configure remote host/iface
185config_remote_iface()
186{
187	ssh ${REMOTE_HOST} ifconfig ${REMOTE_IFACE} down
188	ssh ${REMOTE_HOST} ifconfig ${REMOTE_IFACE} ${REMOTE_IPV4}/24 up
189	ssh ${REMOTE_HOST} ifconfig ${REMOTE_IFACE}
190
191	ssh ${REMOTE_HOST} ip neigh flush dev ${REMOTE_IFACE}
192
193	ssh ${REMOTE_HOST} ip neigh add ${LOCAL_IPV4} \
194		dev ${REMOTE_IFACE} lladdr ${LOCAL_MAC}
195	ssh ${REMOTE_HOST} ip neigh show dev ${REMOTE_IFACE}
196
197	ssh ${REMOTE_HOST} iptables --flush
198}
199
200config6_remote_iface()
201{
202	config_remote_iface
203
204	ssh ${REMOTE_HOST} sysctl -w \
205		net.ipv6.conf.${REMOTE_IFACE}.disable_ipv6=0
206	ssh ${REMOTE_HOST} ip addr add  ${REMOTE_IPV6}/64 dev ${REMOTE_IFACE}
207
208	ssh ${REMOTE_HOST} ip -6 neigh add ${LOCAL_IPV6} \
209		dev ${REMOTE_IFACE} lladdr ${LOCAL_MAC}
210	ssh ${REMOTE_HOST} ip neigh show dev ${REMOTE_IFACE}
211
212	ssh ${REMOTE_HOST} ip6tables --flush
213}
214
215# configure remote and local host/iface
216config_iface()
217{
218	config_local_iface
219	config_remote_iface
220}
221
222config6_iface()
223{
224	config6_local_iface
225	config6_remote_iface
226}
227
228# secgw application parameters setup
229SGW_PORT_CFG="--vdev=\"net_tap0,mac=fixed\" ${ETH_DEV}"
230SGW_WAIT_DEV="${LOCAL_IFACE}"
231. ${DIR}/common_defs_secgw.sh
232