[LTP] [PATCH 4/5] network/virt: add wireguard01

Alexey Kodanev alexey.kodanev@oracle.com
Mon Oct 26 14:40:45 CET 2020 

On 26.10.2020 11:49, Petr Vorel wrote:
> Hi Alexey,
> 
>> * performance tests with TCP traffic
> 
>> * invalid configuration with allowed IPs, public key
> 
>> * emulation of the lossy link for the underlying interface.
> 
> Thanks a lot for supporting wireguard!
> 
> Reviewed-by: Petr Vorel <pvorel@suse.cz>
> 
> ...
>> +TST_NEEDS_TMPDIR=1
>> +TST_NEEDS_CMDS="$TST_NEEDS_CMDS wg"
>> +TST_TESTFUNC=${TST_TESTFUNC:-virt_netperf_msg_sizes}
>> +TST_SETUP=${TST_SETUP:-wireguard_lib_setup}
>> +TST_CLEANUP=${TST_CLEANUP:-wireguard_lib_cleanup}
>> +TST_NEEDS_DRIVERS="wireguard"
>> +VIRT_PERF_THRESHOLD_MIN=${VIRT_PERF_THRESHOLD_MIN:-200}
>> +
>> +virt_type="wireguard"
>> +. virt_lib.sh
>> +
>> +# Usage: wireguard_lib_setup [TYPE]
>> +# TYPE: [ default | invalid_allowed_ips | invalid_pub_keys ]
>> +wireguard_lib_setup()
>> +{
>> +	local type="${1:-default}"
>> +	local pub_key0="$(wg genkey | tee wg0.key | wg pubkey)"
>> +	local pub_key1="$(wg genkey | tee wg1.key | wg pubkey)"
>> +
>> +	local port_loc="$(tst_get_unused_port ipv${TST_IPVER} dgram)"
>> +	local port_rmt=$(tst_rhost_run -c "tst_get_unused_port ipv${TST_IPVER} dgram")
>> +
>> +	# copy private key to remote host
>> +	tst_rhost_run -s -c "echo '$(cat wg1.key)' > wg1.key"
>> +
>> +	tst_res TINFO "setup wireguard UDPv${TST_IPVER} tunnel, port $port_loc/$port_rmt"
>> +	tst_res TINFO "lhost[$(tst_ipaddr)] <-> rhost[$(tst_ipaddr rhost)]"
>> +
>> +	virt_setup
>> +
>> +	local ka_opt="persistent-keepalive 1"
>> +	local allow_ip_loc="${ip_virt_local}/32,${ip6_virt_local}/128"
>> +	local allow_ip_rmt="${ip_virt_remote}/32,${ip6_virt_remote}/128"
>> +
>> +	case $type in
>> +	invalid_allowed_ips)
>> +		allow_ip_loc="${ip_virt_remote}/32,${ip6_virt_remote}/128"
>> +		allow_ip_rmt="${ip_virt_local}/32,${ip6_virt_local}/128"
>> +		tst_res TINFO "Allowed IPs are source IPs only"
>> +		;;
>> +	invalid_pub_keys)
>> +		pub_key0="$(wg genkey | wg pubkey)"
>> +		tst_res TINFO "Invalid peer public key of lhost"
>> +		;;
>> +	esac
>> +
>> +	ROD wg set ltp_v0 listen-port $port_loc private-key wg0.key
>> +	ROD wg set ltp_v0 peer $pub_key1 endpoint \
>> +		$(tst_ipaddr rhost):$port_rmt $ka_opt \
>> +		allowed-ips $allow_ip_rmt
>> +
>> +	tst_rhost_run -s -c \
>> +		"wg set ltp_v0 listen-port $port_rmt private-key wg1.key"
>> +	tst_rhost_run -s -c "wg set ltp_v0 peer $pub_key0 \
>> +		endpoint $(tst_ipaddr):$port_loc $ka_opt \
>> +		allowed-ips $allow_ip_loc"
>> +
>> +	tst_net_run -s "ip route add 128.0.0.0/1 dev ltp_v0"
> Out of curiosity: why is IPv4 enough? (we test also IPv6)

Hi Petr,

Looks like no need for additional route table setup, and overriding
default route... tst_netload() uses addresses of wireguard device.
Will remove it.

> 
>> +}
>> +
>> +wireguard_lib_cleanup()
>> +{
>> +	virt_cleanup
>> +}
> 
> Why not use just virt_cleanup() ?

Yes, it's just a wrapper, but it is used in wirguard01/02 tests.
In case we need additional setup/cleanup we would have to change
both tests too.

> 
> Kind regards,
> Petr
>

More information about the ltp mailing list