2 # SPDX-License-Identifier: BSD-3-Clause
5 if [[ -z "${ETH_DEV}" ]]; then
6 echo "ETH_DEV is invalid"
10 # check that REMOTE_HOST is reachable
11 ssh ${REMOTE_HOST} echo
13 if [[ $st -ne 0 ]]; then
14 echo "host ${REMOTE_HOST} is not reachable"
18 # get ether addr of REMOTE_HOST
19 REMOTE_MAC=`ssh ${REMOTE_HOST} ip addr show dev ${REMOTE_IFACE}`
21 REMOTE_MAC=`echo ${REMOTE_MAC} | sed -e 's/^.*ether //' -e 's/ brd.*$//'`
22 if [[ $st -ne 0 || -z "${REMOTE_MAC}" ]]; then
23 echo "coouldn't retrieve ether addr from ${REMOTE_IFACE}"
29 LOCAL_MAC="00:64:74:61:70:30"
31 REMOTE_IPV4=192.168.31.14
32 LOCAL_IPV4=192.168.31.92
34 REMOTE_IPV6=fd12:3456:789a:0031:0000:0000:0000:0014
35 LOCAL_IPV6=fd12:3456:789a:0031:0000:0000:0000:0092
37 DPDK_PATH=${RTE_SDK:-${PWD}}
38 DPDK_BUILD=${RTE_TARGET:-x86_64-native-linux-gcc}
41 # by default ipsec-secgw can't deal with multi-segment packets
42 # make sure our local/remote host wouldn't generate fragmented packets
43 # if reassmebly option is not enabled
47 # set operation mode based on environment variables values
50 echo "Test environment configuration:"
51 # check which mode to be enabled (library/legacy)
52 if [[ -n "${SGW_MODE}" && "${SGW_MODE}" == "library" ]]; then
54 echo "[enabled] library mode"
57 echo "[enabled] legacy mode"
60 # check if esn is demanded
61 if [[ -n "${SGW_ESN}" && "${SGW_ESN}" == "esn-on" ]]; then
62 DPDK_VARS="${DPDK_VARS} -e"
64 echo "[enabled] extended sequence number"
67 echo "[disabled] extended sequence number"
70 # check if atom is demanded
71 if [[ -n "${SGW_ATOM}" && "${SGW_ATOM}" == "atom-on" ]]; then
72 DPDK_VARS="${DPDK_VARS} -a"
73 echo "[enabled] sequence number atomic behavior"
75 echo "[disabled] sequence number atomic behavior"
78 # check if inline should be enabled
79 if [[ -n "${SGW_CRYPTO}" && "${SGW_CRYPTO}" == "inline" ]]; then
80 CRYPTO_DEV='--vdev="crypto_null0"'
81 SGW_CFG_XPRM_IN="port_id 0 type inline-crypto-offload"
82 SGW_CFG_XPRM_OUT="port_id 0 type inline-crypto-offload"
83 echo "[enabled] inline crypto mode"
87 echo "[disabled] inline crypto mode"
90 # check if fallback should be enabled
91 if [[ -n "${SGW_CRYPTO_FLBK}" ]] && [[ -n ${SGW_CFG_XPRM_IN} ]] \
92 && [[ "${SGW_MODE}" == "library" ]] \
93 && [[ "${SGW_CRYPTO_FLBK}" == "cpu-crypto" \
94 || "${SGW_CRYPTO_FLBK}" == "lookaside-none" ]]; then
96 SGW_CFG_XPRM_IN="${SGW_CFG_XPRM_IN} fallback ${SGW_CRYPTO_FLBK}"
98 echo "[enabled] crypto fallback ${SGW_CRYPTO_FLBK} mode"
100 if [[ -n "${SGW_CRYPTO_FLBK}" \
101 && "${SGW_CRYPTO}" != "inline" ]]; then
102 echo "SGW_CRYPTO variable needs to be set to \
103 \"inline\" for ${SGW_CRYPTO_FLBK} fallback setting"
105 elif [[ -n "${SGW_CRYPTO_FLBK}" \
106 && "${SGW_MODE}" != "library" ]]; then
107 echo "SGW_MODE variable needs to be set to \
108 \"library\" for ${SGW_CRYPTO_FLBK} fallback setting"
111 echo "[disabled] crypto fallback mode"
114 # select sync/async mode
115 if [[ -n "${CRYPTO_PRIM_TYPE}" && -n "${DPDK_MODE}" ]]; then
116 echo "[enabled] crypto primary type - ${CRYPTO_PRIM_TYPE}"
117 SGW_CFG_XPRM_IN="${SGW_CFG_XPRM_IN} type ${CRYPTO_PRIM_TYPE}"
118 SGW_CFG_XPRM_OUT="${SGW_CFG_XPRM_OUT} type ${CRYPTO_PRIM_TYPE}"
120 if [[ -n "${CRYPTO_PRIM_TYPE}" \
121 && "${SGW_MODE}" != "library" ]]; then
122 echo "SGW_MODE variable needs to be set to \
123 \"library\" for ${CRYPTO_PRIM_TYPE} crypto primary type setting"
129 # make linux to generate fragmented packets
130 if [[ -n "${SGW_MULTI_SEG}" && -n "${DPDK_MODE}" ]]; then
131 echo -e "[enabled] multi-segment test is enabled\n"
132 SGW_CMD_XPRM="--reassemble ${SGW_MULTI_SEG}"
136 if [[ -z "${SGW_MULTI_SEG}" \
137 && "${SGW_CFG_XPRM_IN}" == *fallback* ]]; then
138 echo "SGW_MULTI_SEG environment variable needs \
139 to be set for ${SGW_CRYPTO_FLBK} fallback test"
141 elif [[ -n "${SGW_MULTI_SEG}" \
142 && "${SGW_MODE}" != "library" ]]; then
143 echo "SGW_MODE variable needs to be set to \
144 \"library\" for multiple segment reassemble setting"
148 echo -e "[disabled] multi-segment test\n"
149 PING_LEN=${DEF_PING_LEN}
150 MTU_LEN=${DEF_MTU_LEN}
154 # setup mtu on local iface
158 ifconfig ${LOCAL_IFACE} mtu ${mtu}
159 sysctl -w net.ipv6.conf.${LOCAL_IFACE}.mtu=${mtu}
162 # configure local host/ifaces
165 ifconfig ${LOCAL_IFACE} ${LOCAL_IPV4}/24 up
166 ifconfig ${LOCAL_IFACE}
168 ip neigh flush dev ${LOCAL_IFACE}
169 ip neigh add ${REMOTE_IPV4} dev ${LOCAL_IFACE} lladdr ${REMOTE_MAC}
170 ip neigh show dev ${LOCAL_IFACE}
173 config6_local_iface()
177 sysctl -w net.ipv6.conf.${LOCAL_IFACE}.disable_ipv6=0
178 ip addr add ${LOCAL_IPV6}/64 dev ${LOCAL_IFACE}
180 ip -6 neigh add ${REMOTE_IPV6} dev ${LOCAL_IFACE} lladdr ${REMOTE_MAC}
181 ip neigh show dev ${LOCAL_IFACE}
184 # configure remote host/iface
185 config_remote_iface()
187 ssh ${REMOTE_HOST} ifconfig ${REMOTE_IFACE} down
188 ssh ${REMOTE_HOST} ifconfig ${REMOTE_IFACE} ${REMOTE_IPV4}/24 up
189 ssh ${REMOTE_HOST} ifconfig ${REMOTE_IFACE}
191 ssh ${REMOTE_HOST} ip neigh flush dev ${REMOTE_IFACE}
193 ssh ${REMOTE_HOST} ip neigh add ${LOCAL_IPV4} \
194 dev ${REMOTE_IFACE} lladdr ${LOCAL_MAC}
195 ssh ${REMOTE_HOST} ip neigh show dev ${REMOTE_IFACE}
197 ssh ${REMOTE_HOST} iptables --flush
200 config6_remote_iface()
204 ssh ${REMOTE_HOST} sysctl -w \
205 net.ipv6.conf.${REMOTE_IFACE}.disable_ipv6=0
206 ssh ${REMOTE_HOST} ip addr add ${REMOTE_IPV6}/64 dev ${REMOTE_IFACE}
208 ssh ${REMOTE_HOST} ip -6 neigh add ${LOCAL_IPV6} \
209 dev ${REMOTE_IFACE} lladdr ${LOCAL_MAC}
210 ssh ${REMOTE_HOST} ip neigh show dev ${REMOTE_IFACE}
212 ssh ${REMOTE_HOST} ip6tables --flush
215 # configure remote and local host/iface
228 # secgw application parameters setup
229 SGW_PORT_CFG="--vdev=\"net_tap0,mac=fixed\" ${ETH_DEV}"
230 SGW_WAIT_DEV="${LOCAL_IFACE}"
231 . ${DIR}/common_defs_secgw.sh