On 3/18/24 04:35, Hangbin Liu wrote:
On Sun, Mar 17, 2024 at 12:19:12AM +0100, Mirsad Todorovac wrote:
Hi,
While running kselftest on vanilla torvalds tree kernel commit v6.8-11167-g4438a810f396, the test suite reported a number of errors.
I was using the latest iproute2-next suite on an Ubuntu 22.04 LTS box.
# Tests passed: 558 # Tests failed: 84 not ok 90 selftests: net: test_vxlan_mdb.sh # exit=1
FYI, I tested with 6.8 kernel with net tree. All passed.
Data path: MDB torture test - IPv6 overlay / IPv6 underlay
TEST: Torture test [ OK ]
Tests passed: 642 Tests failed: 0
# uname -r 6.8.0-virtme
Thanks Hangbin
Hi, Hangbin,
I am running an Ubuntu 22.04 LTS configuration.
I tried it again with 6.8.0-net-next-05204-g237bb5f7f7f5 and iproute2-next from this repo: https://git.kernel.org/pub/scm/network/iproute2/iproute2-next.git
RESULTS:
# Data path: MDB torture test - IPv6 overlay / IPv6 underlay # ---------------------------------------------------------- # TEST: Torture test [ OK ] # # Tests passed: 558 # Tests failed: 84 not ok 90 selftests: net: test_vxlan_mdb.sh # exit=1
David said there may be something in sysctl.conf:
# # /etc/sysctl.conf - Configuration file for setting system variables # See /etc/sysctl.d/ for additional system variables. # See sysctl.conf (5) for information. #
#kernel.domainname = example.com
# Uncomment the following to stop low-level messages on console #kernel.printk = 3 4 1 3
################################################################### # Functions previously found in netbase #
# Uncomment the next two lines to enable Spoof protection (reverse-path filter) # Turn on Source Address Verification in all interfaces to # prevent some spoofing attacks #net.ipv4.conf.default.rp_filter=1 #net.ipv4.conf.all.rp_filter=1
# Uncomment the next line to enable TCP/IP SYN cookies # See http://lwn.net/Articles/277146/ # Note: This may impact IPv6 TCP sessions too #net.ipv4.tcp_syncookies=1
# Uncomment the next line to enable packet forwarding for IPv4 net.ipv4.ip_forward=1
# Uncomment the next line to enable packet forwarding for IPv6 # Enabling this option disables Stateless Address Autoconfiguration # based on Router Advertisements for this host #net.ipv6.conf.all.forwarding=1
net.ipv4.conf.default.rp_filter = 0 net.ipv4.conf.all.rp_filter = 0
################################################################### # Additional settings - these settings can improve the network # security of the host and prevent against some network attacks # including spoofing attacks and man in the middle attacks through # redirection. Some network environments, however, require that these # settings are disabled so review and enable them as needed. # # Do not accept ICMP redirects (prevent MITM attacks) net.ipv4.conf.all.accept_redirects = 0 net.ipv6.conf.all.accept_redirects = 0 net.ipv4.conf.default.accept_redirects = 0 net.ipv6.conf.default.accept_redirects = 0 # _or_ # Accept ICMP redirects only for gateways listed in our default # gateway list (enabled by default) # net.ipv4.conf.all.secure_redirects = 1 # # Do not send ICMP redirects (we are not a router) net.ipv4.conf.all.send_redirects = 0 net.ipv4.conf.default.send_redirects = 0 net.ipv4.icmp_ignore_bogus_error_responses = 1 # # Do not accept IP source route packets (we are not a router) net.ipv4.conf.all.accept_source_route = 0 net.ipv6.conf.all.accept_source_route = 0 # # Log Martian Packets net.ipv4.conf.all.log_martians = 0 net.ipv4.conf.default.log_martians = 0 #
################################################################### # Magic system request Key # 0=disable, 1=enable all, >1 bitmask of sysrq functions # See https://www.kernel.org/doc/html/latest/admin-guide/sysrq.html # for what other values do #kernel.sysrq=438
Best regards, Mirsad