ceph/src/seastar/dpdk/examples/ipsec-secgw/test/common_defs.sh

   1 #! /bin/bash
   2
   3 #check that env vars are properly defined
   4
   5 #check SGW_PATH
   6 if [[ -z "${SGW_PATH}" || ! -x ${SGW_PATH} ]]; then
   7         echo "SGW_PATH is invalid"
   8         exit 127
   9 fi
  10
  11 #check ETH_DEV
  12 if [[ -z "${ETH_DEV}" ]]; then
  13         echo "ETH_DEV is invalid"
  14         exit 127
  15 fi
  16
  17 #setup SGW_LCORE
  18 SGW_LCORE=${SGW_LCORE:-0}
  19
  20 #check that REMOTE_HOST is reachable
  21 ssh ${REMOTE_HOST} echo
  22 st=$?
  23 if [[ $st -ne 0 ]]; then
  24         echo "host ${REMOTE_HOST} is not reachable"
  25         exit $st
  26 fi
  27
  28 #get ether addr of REMOTE_HOST
  29 REMOTE_MAC=`ssh ${REMOTE_HOST} ip addr show dev ${REMOTE_IFACE}`
  30 st=$?
  31 REMOTE_MAC=`echo ${REMOTE_MAC} | sed -e 's/^.*ether //' -e 's/ brd.*$//'`
  32 if [[ $st -ne 0 || -z "${REMOTE_MAC}" ]]; then
  33         echo "coouldn't retrieve ether addr from ${REMOTE_IFACE}"
  34         exit 127
  35 fi
  36
  37 LOCAL_IFACE=dtap0
  38
  39 LOCAL_MAC="00:64:74:61:70:30"
  40
  41 REMOTE_IPV4=192.168.31.14
  42 LOCAL_IPV4=192.168.31.92
  43
  44 REMOTE_IPV6=fd12:3456:789a:0031:0000:0000:0000:0014
  45 LOCAL_IPV6=fd12:3456:789a:0031:0000:0000:0000:0092
  46
  47 DPDK_PATH=${RTE_SDK:-${PWD}}
  48 DPDK_BUILD=${RTE_TARGET:-x86_64-native-linux-gcc}
  49
  50 SGW_OUT_FILE=./ipsec-secgw.out1
  51
  52 SGW_CMD_EAL_PRM="--lcores=${SGW_LCORE} -n 4 ${ETH_DEV}"
  53 SGW_CMD_CFG="(0,0,${SGW_LCORE}),(1,0,${SGW_LCORE})"
  54 SGW_CMD_PRM="-p 0x3 -u 1 -P --config=\"${SGW_CMD_CFG}\""
  55
  56 SGW_CFG_FILE=$(mktemp)
  57
  58 # configure local host/ifaces
  59 config_local_iface()
  60 {
  61         ifconfig ${LOCAL_IFACE} ${LOCAL_IPV4}/24 mtu 1400 up
  62         ifconfig ${LOCAL_IFACE}
  63
  64         ip neigh flush dev ${LOCAL_IFACE}
  65         ip neigh add ${REMOTE_IPV4} dev ${LOCAL_IFACE} lladdr ${REMOTE_MAC}
  66         ip neigh show dev ${LOCAL_IFACE}
  67 }
  68
  69 config6_local_iface()
  70 {
  71         config_local_iface
  72
  73         sysctl -w net.ipv6.conf.${LOCAL_IFACE}.disable_ipv6=0
  74         ip addr add  ${LOCAL_IPV6}/64 dev ${LOCAL_IFACE}
  75
  76         sysctl -w net.ipv6.conf.${LOCAL_IFACE}.mtu=1300
  77
  78         ip -6 neigh add ${REMOTE_IPV6} dev ${LOCAL_IFACE} lladdr ${REMOTE_MAC}
  79         ip neigh show dev ${LOCAL_IFACE}
  80 }
  81
  82 #configure remote host/iface
  83 config_remote_iface()
  84 {
  85         ssh ${REMOTE_HOST} ifconfig ${REMOTE_IFACE} down
  86         ssh ${REMOTE_HOST} ifconfig ${REMOTE_IFACE} ${REMOTE_IPV4}/24 up
  87         ssh ${REMOTE_HOST} ifconfig ${REMOTE_IFACE}
  88
  89         ssh ${REMOTE_HOST} ip neigh flush dev ${REMOTE_IFACE}
  90
  91         # by some reason following ip neigh doesn't work for me here properly:
  92         #ssh ${REMOTE_HOST} ip neigh add ${LOCAL_IPV4} \
  93         #               dev ${REMOTE_IFACE} lladr ${LOCAL_MAC}
  94         # so used arp instead.
  95         ssh ${REMOTE_HOST} arp -i ${REMOTE_IFACE} -s ${LOCAL_IPV4} ${LOCAL_MAC}
  96         ssh ${REMOTE_HOST} ip neigh show dev ${REMOTE_IFACE}
  97
  98         ssh ${REMOTE_HOST} iptables --flush
  99 }
 100
 101 config6_remote_iface()
 102 {
 103         config_remote_iface
 104
 105         ssh ${REMOTE_HOST} sysctl -w \
 106                 net.ipv6.conf.${REMOTE_IFACE}.disable_ipv6=0
 107         ssh ${REMOTE_HOST} ip addr add  ${REMOTE_IPV6}/64 dev ${REMOTE_IFACE}
 108
 109         ssh ${REMOTE_HOST} ip -6 neigh add ${LOCAL_IPV6} \
 110                 dev ${REMOTE_IFACE} lladdr ${LOCAL_MAC}
 111         ssh ${REMOTE_HOST} ip neigh show dev ${REMOTE_IFACE}
 112
 113         ssh ${REMOTE_HOST} ip6tables --flush
 114 }
 115
 116 #configure remote and local host/iface
 117 config_iface()
 118 {
 119         config_local_iface
 120         config_remote_iface
 121 }
 122
 123 config6_iface()
 124 {
 125         config6_local_iface
 126         config6_remote_iface
 127 }
 128
 129 #start ipsec-secgw
 130 secgw_start()
 131 {
 132         SGW_EXEC_FILE=$(mktemp)
 133         cat <<EOF > ${SGW_EXEC_FILE}
 134 ${SGW_PATH} ${SGW_CMD_EAL_PRM} ${CRYPTO_DEV} \
 135 --vdev="net_tap0,mac=fixed" \
 136 -- ${SGW_CMD_PRM} ${SGW_CMD_XPRM} -f ${SGW_CFG_FILE} > \
 137 ${SGW_OUT_FILE} 2>&1 &
 138 p=\$!
 139 echo \$p
 140 EOF
 141
 142         cat ${SGW_EXEC_FILE}
 143         SGW_PID=`/bin/bash -x ${SGW_EXEC_FILE}`
 144
 145         # wait till ipsec-secgw start properly
 146         i=0
 147         st=1
 148         while [[ $i -ne 10 && st -ne 0 ]]; do
 149                 sleep 1
 150                 ifconfig ${LOCAL_IFACE}
 151                 st=$?
 152                 let i++
 153         done
 154 }
 155
 156 #stop ipsec-secgw and cleanup
 157 secgw_stop()
 158 {
 159         kill ${SGW_PID}
 160         rm -f ${SGW_EXEC_FILE}
 161         rm -f ${SGW_CFG_FILE}
 162 }