[LTP] [PATCH 4/5] network/virt: add wireguard01

public inbox for ltp@lists.linux.it
 help / color / mirror / Atom feed

From: Petr Vorel <pvorel@suse.cz>
To: ltp@lists.linux.it
Subject: [LTP] [PATCH 4/5] network/virt: add wireguard01
Date: Mon, 26 Oct 2020 09:49:39 +0100	[thread overview]
Message-ID: <20201026084939.GE21306@dell5510> (raw)
In-Reply-To: <20201015122056.20715-4-alexey.kodanev@oracle.com>

Hi Alexey,

> * performance tests with TCP traffic

> * invalid configuration with allowed IPs, public key

> * emulation of the lossy link for the underlying interface.

Thanks a lot for supporting wireguard!

Reviewed-by: Petr Vorel <pvorel@suse.cz>

...
> +TST_NEEDS_TMPDIR=1
> +TST_NEEDS_CMDS="$TST_NEEDS_CMDS wg"
> +TST_TESTFUNC=${TST_TESTFUNC:-virt_netperf_msg_sizes}
> +TST_SETUP=${TST_SETUP:-wireguard_lib_setup}
> +TST_CLEANUP=${TST_CLEANUP:-wireguard_lib_cleanup}
> +TST_NEEDS_DRIVERS="wireguard"
> +VIRT_PERF_THRESHOLD_MIN=${VIRT_PERF_THRESHOLD_MIN:-200}
> +
> +virt_type="wireguard"
> +. virt_lib.sh
> +
> +# Usage: wireguard_lib_setup [TYPE]
> +# TYPE: [ default | invalid_allowed_ips | invalid_pub_keys ]
> +wireguard_lib_setup()
> +{
> +	local type="${1:-default}"
> +	local pub_key0="$(wg genkey | tee wg0.key | wg pubkey)"
> +	local pub_key1="$(wg genkey | tee wg1.key | wg pubkey)"
> +
> +	local port_loc="$(tst_get_unused_port ipv${TST_IPVER} dgram)"
> +	local port_rmt=$(tst_rhost_run -c "tst_get_unused_port ipv${TST_IPVER} dgram")
> +
> +	# copy private key to remote host
> +	tst_rhost_run -s -c "echo '$(cat wg1.key)' > wg1.key"
> +
> +	tst_res TINFO "setup wireguard UDPv${TST_IPVER} tunnel, port $port_loc/$port_rmt"
> +	tst_res TINFO "lhost[$(tst_ipaddr)] <-> rhost[$(tst_ipaddr rhost)]"
> +
> +	virt_setup
> +
> +	local ka_opt="persistent-keepalive 1"
> +	local allow_ip_loc="${ip_virt_local}/32,${ip6_virt_local}/128"
> +	local allow_ip_rmt="${ip_virt_remote}/32,${ip6_virt_remote}/128"
> +
> +	case $type in
> +	invalid_allowed_ips)
> +		allow_ip_loc="${ip_virt_remote}/32,${ip6_virt_remote}/128"
> +		allow_ip_rmt="${ip_virt_local}/32,${ip6_virt_local}/128"
> +		tst_res TINFO "Allowed IPs are source IPs only"
> +		;;
> +	invalid_pub_keys)
> +		pub_key0="$(wg genkey | wg pubkey)"
> +		tst_res TINFO "Invalid peer public key of lhost"
> +		;;
> +	esac
> +
> +	ROD wg set ltp_v0 listen-port $port_loc private-key wg0.key
> +	ROD wg set ltp_v0 peer $pub_key1 endpoint \
> +		$(tst_ipaddr rhost):$port_rmt $ka_opt \
> +		allowed-ips $allow_ip_rmt
> +
> +	tst_rhost_run -s -c \
> +		"wg set ltp_v0 listen-port $port_rmt private-key wg1.key"
> +	tst_rhost_run -s -c "wg set ltp_v0 peer $pub_key0 \
> +		endpoint $(tst_ipaddr):$port_loc $ka_opt \
> +		allowed-ips $allow_ip_loc"
> +
> +	tst_net_run -s "ip route add 128.0.0.0/1 dev ltp_v0"
Out of curiosity: why is IPv4 enough? (we test also IPv6)

> +}
> +
> +wireguard_lib_cleanup()
> +{
> +	virt_cleanup
> +}

Why not use just virt_cleanup() ?

Kind regards,
Petr

next prev parent reply	other threads:[~2020-10-26  8:49 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-10-15 12:20 [LTP] [PATCH 1/5] lib/tst_net: add generic tst_netload_compare() Alexey Kodanev
2020-10-15 12:20 ` [LTP] [PATCH 2/5] lib/tst_net: calc mean in tst_netload() Alexey Kodanev
2020-10-20 14:39   ` Petr Vorel
2020-10-21  9:56     ` Alexey Kodanev
2020-10-26  6:46       ` Petr Vorel
2020-10-15 12:20 ` [LTP] [PATCH 3/5] network/virt: skip setting neighbour table if tunnel doesn't have hwaddr Alexey Kodanev
2020-10-26  7:06   ` Petr Vorel
2020-10-15 12:20 ` [LTP] [PATCH 4/5] network/virt: add wireguard01 Alexey Kodanev
2020-10-26  8:49   ` Petr Vorel [this message]
2020-10-26 13:40     ` Alexey Kodanev
2020-10-26 13:45       ` Petr Vorel
2020-10-15 12:20 ` [LTP] [PATCH 5/5] network/virt: add wireguard02: ipsec vs wireguard Alexey Kodanev
2020-10-26  8:53   ` Petr Vorel
2020-10-30 15:20     ` Alexey Kodanev
2020-10-20 13:52 ` [LTP] [PATCH 1/5] lib/tst_net: add generic tst_netload_compare() Petr Vorel
2020-10-21  9:18   ` Alexey Kodanev

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20201026084939.GE21306@dell5510 \
    --to=pvorel@suse.cz \
    --cc=ltp@lists.linux.it \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox