Re: [PATCH net-next v7 2/2] selftests: openvswitch: add pop_vlan test

The Linux Kernel Mailing List
 help / color / mirror / Atom feed

From: Aaron Conole <aconole@redhat.com>
To: Minxi Hou <houminxi@gmail.com>
Cc: netdev@vger.kernel.org,  echaudro@redhat.com,
	 i.maximets@ovn.org, davem@davemloft.net,  edumazet@google.com,
	 kuba@kernel.org, pabeni@redhat.com,  horms@kernel.org,
	 shuah@kernel.org, dev@openvswitch.org,
	 linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH net-next v7 2/2] selftests: openvswitch: add pop_vlan test
Date: Fri, 08 May 2026 08:40:50 -0400	[thread overview]
Message-ID: <f7th5oirs4t.fsf@redhat.com> (raw)
In-Reply-To: <20260507131541.2331771-3-houminxi@gmail.com> (Minxi Hou's message of "Thu, 7 May 2026 21:15:41 +0800")

Minxi Hou <houminxi@gmail.com> writes:

> Add test_pop_vlan() to verify OVS kernel datapath pop_vlan action
> correctly strips 802.1Q VLAN tags from frames.
>
> Test structure:
> - Baseline: untagged forwarding validates basic connectivity.
> - Negative: forward without pop_vlan, tagged frame is invisible
>   to ns2 (no VLAN sub-interface), ping fails.
> - Positive: pop_vlan strips tag on forward path, push_vlan
>   restores tag on return path, ping succeeds.
>
> Use static ARP entries to avoid VLAN-tagged ARP complexity.
> Rely on ping success/failure for verification -- no tcpdump or
> pcap files needed.
>
> Signed-off-by: Minxi Hou <houminxi@gmail.com>
> ---
>  .../selftests/net/openvswitch/openvswitch.sh  | 73 +++++++++++++++++++
>  1 file changed, 73 insertions(+)
>
> diff --git a/tools/testing/selftests/net/openvswitch/openvswitch.sh b/tools/testing/selftests/net/openvswitch/openvswitch.sh
> index b327d3061ed5..6d13ee8c2baf 100755
> --- a/tools/testing/selftests/net/openvswitch/openvswitch.sh
> +++ b/tools/testing/selftests/net/openvswitch/openvswitch.sh
> @@ -27,6 +27,7 @@ tests="
>  	upcall_interfaces			ovs: test the upcall interfaces
>  	tunnel_metadata				ovs: test extraction of tunnel metadata
>  	drop_reason				drop: test drop reasons are emitted
> +	pop_vlan				vlan: POP_VLAN action strips tag
>  	psample					psample: Sampling packets with psample"
>  
>  info() {
> @@ -830,6 +831,78 @@ test_tunnel_metadata() {
>  	return 0
>  }
>  
> +test_pop_vlan() {
> +	local sbx="test_pop_vlan"
> +	sbx_add "$sbx" || return $?
> +	ovs_add_dp "$sbx" vlandp || return 1
> +
> +	ovs_add_netns_and_veths "$sbx" vlandp \
> +		ns1 veth1 ns1veth 192.0.2.1/24 || return 1
> +	ovs_add_netns_and_veths "$sbx" vlandp \
> +		ns2 veth2 ns2veth 192.0.2.2/24 || return 1
> +
> +	# Baseline: untagged bidirectional forwarding
> +	ovs_add_flow "$sbx" vlandp \
> +		'in_port(1),eth(),eth_type(0x0806),arp()' '2' || return 1
> +	ovs_add_flow "$sbx" vlandp \
> +		'in_port(2),eth(),eth_type(0x0806),arp()' '1' || return 1
> +	ovs_add_flow "$sbx" vlandp \
> +		'in_port(1),eth(),eth_type(0x0800),ipv4()' '2' || return 1
> +	ovs_add_flow "$sbx" vlandp \
> +		'in_port(2),eth(),eth_type(0x0800),ipv4()' '1' || return 1
> +	ovs_sbx "$sbx" ip netns exec ns1 ping -c 3 -W 2 \
> +		192.0.2.2 || return 1
> +
> +	# VLAN topology: ns1 uses VLAN sub-interface, ns2 is plain
> +	ip -n ns1 link add link ns1veth name ns1veth.10 \
> +		type vlan id 10 || return 1
> +	on_exit "ip -n ns1 link del ns1veth.10 2>/dev/null"
> +	ip -n ns1 addr add 198.51.100.1/24 dev ns1veth.10 || return 1
> +	ip -n ns1 link set ns1veth.10 up || return 1
> +	ip -n ns2 addr add 198.51.100.2/24 dev ns2veth || return 1
> +
> +	ovs_del_flows "$sbx" vlandp
> +
> +	# Static ARP: avoids VLAN-tagged ARP complexity
> +	local ns1veth10mac ns2mac
> +	ns1veth10mac=$(ip -n ns1 link show ns1veth.10 \
> +		| awk '/link\/ether/ {print $2}')

We might add a check here (as a just in case):

  [ -z "$ns1veth10mac" ] && \
    { info "failed to get ns1veth10mac"; return 1; }

Same with the ns2mac.   The commands after will fail anyway (because the
empty string will be an issue for the syntax), so it's more like helping
to debug when things go wrong.

With that:

Reviewed-by: Aaron Conole <aconole@redhat.com>

> +	ns2mac=$(ip -n ns2 link show ns2veth \
> +		| awk '/link\/ether/ {print $2}')
> +	ip -n ns1 neigh replace 198.51.100.2 lladdr "$ns2mac" \
> +		dev ns1veth.10 nud permanent || return 1
> +	ip -n ns2 neigh replace 198.51.100.1 \
> +		lladdr "$ns1veth10mac" \
> +		dev ns2veth nud permanent || return 1
> +
> +	local vlan_match='in_port(1),eth(),eth_type(0x8100),'
> +	vlan_match+='vlan(vid=10),'
> +	vlan_match+='encap(eth_type(0x0800),'
> +	vlan_match+='ipv4(src=198.51.100.1,proto=1),icmp())'
> +
> +	# Negative: forward without pop_vlan -- tagged frame
> +	# is invisible to ns2 (no VLAN sub-interface), ping fails
> +	ovs_add_flow "$sbx" vlandp "$vlan_match" '2' || return 1
> +	ovs_sbx "$sbx" ip netns exec ns1 ping -I ns1veth.10 \
> +		-c 3 -W 1 198.51.100.2 >/dev/null 2>&1 \
> +		&& { info "FAIL: ping should fail without pop_vlan"
> +		     return 1; }
> +
> +	ovs_del_flows "$sbx" vlandp
> +
> +	# Positive: pop_vlan strips tag on forward path,
> +	# push_vlan restores tag on return path -- ping succeeds
> +	ovs_add_flow "$sbx" vlandp \
> +		"$vlan_match" 'pop_vlan,2' || return 1
> +	ovs_add_flow "$sbx" vlandp \
> +		'in_port(2),eth(),eth_type(0x0800),ipv4()' \
> +		'push_vlan(vid=10,pcp=0,tpid=0x8100),1' || return 1
> +	ovs_sbx "$sbx" ip netns exec ns1 ping -I ns1veth.10 \
> +		-c 3 -W 2 198.51.100.2 || return 1
> +
> +	return 0
> +}
> +
>  run_test() {
>  	(
>  	tname="$1"

     prev parent reply	other threads:[~2026-05-08 12:41 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-05-07 13:15 [PATCH net-next v7 0/2] selftests: openvswitch: add pop_vlan test Minxi Hou
2026-05-07 13:15 ` [PATCH net-next v7 1/2] selftests: openvswitch: add vlan() and encap() flow string parsing Minxi Hou
2026-05-08 12:36   ` Aaron Conole
2026-05-07 13:15 ` [PATCH net-next v7 2/2] selftests: openvswitch: add pop_vlan test Minxi Hou
2026-05-08 12:40   ` Aaron Conole [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=f7th5oirs4t.fsf@redhat.com \
    --to=aconole@redhat.com \
    --cc=davem@davemloft.net \
    --cc=dev@openvswitch.org \
    --cc=echaudro@redhat.com \
    --cc=edumazet@google.com \
    --cc=horms@kernel.org \
    --cc=houminxi@gmail.com \
    --cc=i.maximets@ovn.org \
    --cc=kuba@kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-kselftest@vger.kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=pabeni@redhat.com \
    --cc=shuah@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox