2 # SPDX-License-Identifier: GPL-2.0
4 # Testing For SCTP COLLISION SCENARIO as Below:
6 # 14:35:47.655279 IP CLIENT_IP.PORT > SERVER_IP.PORT: sctp (1) [INIT] [init tag: 2017837359]
7 # 14:35:48.353250 IP SERVER_IP.PORT > CLIENT_IP.PORT: sctp (1) [INIT] [init tag: 1187206187]
8 # 14:35:48.353275 IP CLIENT_IP.PORT > SERVER_IP.PORT: sctp (1) [INIT ACK] [init tag: 2017837359]
9 # 14:35:48.353283 IP SERVER_IP.PORT > CLIENT_IP.PORT: sctp (1) [COOKIE ECHO]
10 # 14:35:48.353977 IP CLIENT_IP.PORT > SERVER_IP.PORT: sctp (1) [COOKIE ACK]
11 # 14:35:48.855335 IP SERVER_IP.PORT > CLIENT_IP.PORT: sctp (1) [INIT ACK] [init tag: 164579970]
13 # TOPO: SERVER_NS (link0)<--->(link1) ROUTER_NS (link2)<--->(link3) CLIENT_NS
15 CLIENT_NS
=$
(mktemp
-u client-XXXXXXXX
)
16 CLIENT_IP
="198.51.200.1"
19 SERVER_NS
=$
(mktemp
-u server-XXXXXXXX
)
20 SERVER_IP
="198.51.100.1"
23 ROUTER_NS
=$
(mktemp
-u router-XXXXXXXX
)
24 CLIENT_GW
="198.51.200.2"
25 SERVER_GW
="198.51.100.2"
32 ip
-n $SERVER_NS link add link0
type veth peer name link1 netns
$ROUTER_NS
33 ip
-n $CLIENT_NS link add link3
type veth peer name link2 netns
$ROUTER_NS
35 ip
-n $SERVER_NS link
set link0 up
36 ip
-n $SERVER_NS addr add
$SERVER_IP/24 dev link0
37 ip
-n $SERVER_NS route add
$CLIENT_IP dev link0 via
$SERVER_GW
39 ip
-n $ROUTER_NS link
set link1 up
40 ip
-n $ROUTER_NS link
set link2 up
41 ip
-n $ROUTER_NS addr add
$SERVER_GW/24 dev link1
42 ip
-n $ROUTER_NS addr add
$CLIENT_GW/24 dev link2
43 ip net
exec $ROUTER_NS sysctl
-wq net.ipv4.ip_forward
=1
45 ip
-n $CLIENT_NS link
set link3 up
46 ip
-n $CLIENT_NS addr add
$CLIENT_IP/24 dev link3
47 ip
-n $CLIENT_NS route add
$SERVER_IP dev link3 via
$CLIENT_GW
49 # simulate the delay on OVS upcall by setting up a delay for INIT_ACK with
50 # tc on $SERVER_NS side
51 tc
-n $SERVER_NS qdisc add dev link0 root handle
1: htb
52 tc
-n $SERVER_NS class add dev link0 parent
1: classid
1:1 htb rate
100mbit
53 tc
-n $SERVER_NS filter add dev link0 parent
1: protocol ip u32 match ip protocol
132 \
54 0xff match u8
2 0xff at 32 flowid
1:1
55 tc
-n $SERVER_NS qdisc add dev link0 parent
1:1 handle
10: netem delay
1200ms
57 # simulate the ctstate check on OVS nf_conntrack
58 ip net
exec $ROUTER_NS iptables
-A FORWARD
-m state
--state INVALID
,UNTRACKED
-j DROP
59 ip net
exec $ROUTER_NS iptables
-A INPUT
-p sctp
-j DROP
61 # use a smaller number for assoc's max_retrans to reproduce the issue
63 ip net
exec $CLIENT_NS sysctl
-wq net.sctp.association_max_retrans
=3
67 ip net
exec $CLIENT_NS pkill sctp_collision
2>&1 >/dev
/null
68 ip net
exec $SERVER_NS pkill sctp_collision
2>&1 >/dev
/null
69 ip net del
"$CLIENT_NS"
70 ip net del
"$SERVER_NS"
71 ip net del
"$ROUTER_NS"
75 ip net
exec $SERVER_NS .
/sctp_collision server \
76 $SERVER_IP $SERVER_PORT $CLIENT_IP $CLIENT_PORT &
77 ip net
exec $CLIENT_NS .
/sctp_collision client \
78 $CLIENT_IP $CLIENT_PORT $SERVER_IP $SERVER_PORT
81 # NOTE: one way to work around the issue is set a smaller hb_interval
82 # ip net exec $CLIENT_NS sysctl -wq net.sctp.hb_interval=3500
87 echo "Test for SCTP Collision in nf_conntrack:" && \
88 do_test
&& echo "PASS!"