stack-orchestrator/shred-relay-lab/test.sh

#!/usr/bin/env bash
# Test procedure for shred-relay containerlab topology.
#
# Prerequisites:
#   sudo containerlab deploy -t topology.yml
#
# This script configures the alpine containers and runs the end-to-end
# redirect test. Run from the shred-relay-lab/ directory.

set -euo pipefail

LAB_PREFIX="clab-shred-relay"

echo "=== Configuring biscayne ==="
sudo docker exec "$LAB_PREFIX-biscayne" sh -c '
  ip addr add 172.16.1.189/31 dev eth1
  ip addr add 186.233.184.235/32 dev lo
  ip route add default via 172.16.1.188
'

echo "=== Configuring turbine-src ==="
sudo docker exec "$LAB_PREFIX-turbine-src" sh -c '
  ip addr add 10.0.1.2/24 dev eth1
  ip route add default via 64.92.84.81
'

echo "=== Starting UDP listener on biscayne:20000 ==="
sudo docker exec -d "$LAB_PREFIX-biscayne" sh -c '
  nc -ul -p 20000 > /tmp/received.txt &
'
sleep 1

echo "=== Sending test shred from turbine-src to 64.92.84.81:20000 ==="
sudo docker exec "$LAB_PREFIX-turbine-src" sh -c '
  echo "SHRED_PAYLOAD_TEST" | nc -u -w1 64.92.84.81 20000
'
sleep 2

echo "=== Checking biscayne received the payload ==="
RECEIVED=$(sudo docker exec "$LAB_PREFIX-biscayne" cat /tmp/received.txt 2>/dev/null || true)
if echo "$RECEIVED" | grep -q "SHRED_PAYLOAD_TEST"; then
  echo "PASS: biscayne received redirected shred payload"
else
  echo "FAIL: payload not received on biscayne (got: '$RECEIVED')"
fi

echo ""
echo "=== Checking traffic-policy counters on was-sw01 ==="
sudo docker exec "$LAB_PREFIX-was-sw01" Cli -c "show traffic-policy counters" 2>/dev/null || \
  echo "(traffic-policy counters not available on cEOS)"

echo ""
echo "=== Verifying ping still works (non-redirected traffic) ==="
sudo docker exec "$LAB_PREFIX-turbine-src" ping -c 2 -W 2 64.92.84.81 && \
  echo "PASS: ICMP to switch still works" || \
  echo "FAIL: ICMP to switch broken"

echo ""
echo "=== Bonus: DNAT test (64.92.84.81:20000 -> 127.0.0.1:9000) ==="
sudo docker exec "$LAB_PREFIX-biscayne" sh -c '
  apk add --no-cache iptables 2>/dev/null
  iptables -t nat -A PREROUTING -p udp -d 64.92.84.81 --dport 20000 -j DNAT --to-destination 127.0.0.1:9000
  nc -ul -p 9000 > /tmp/dnat-received.txt &
'
sleep 1

sudo docker exec "$LAB_PREFIX-turbine-src" sh -c '
  echo "DNAT_TEST_PAYLOAD" | nc -u -w1 64.92.84.81 20000
'
sleep 2

DNAT_RECEIVED=$(sudo docker exec "$LAB_PREFIX-biscayne" cat /tmp/dnat-received.txt 2>/dev/null || true)
if echo "$DNAT_RECEIVED" | grep -q "DNAT_TEST_PAYLOAD"; then
  echo "PASS: DNAT redirect to localhost:9000 works"
else
  echo "FAIL: DNAT payload not received (got: '$DNAT_RECEIVED')"
fi
chore: add containerlab topologies for relay testing Ashburn relay and shred relay lab configs for local end-to-end testing with cEOS. No secrets — only public IPs and test scripts. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-03-07 22:30:03 +00:00			`#!/usr/bin/env bash`
			`# Test procedure for shred-relay containerlab topology.`
			`#`
			`# Prerequisites:`
			`# sudo containerlab deploy -t topology.yml`
			`#`
			`# This script configures the alpine containers and runs the end-to-end`
			`# redirect test. Run from the shred-relay-lab/ directory.`

			`set -euo pipefail`

			`LAB_PREFIX="clab-shred-relay"`

			`echo "=== Configuring biscayne ==="`
			`sudo docker exec "$LAB_PREFIX-biscayne" sh -c '`
			`ip addr add 172.16.1.189/31 dev eth1`
			`ip addr add 186.233.184.235/32 dev lo`
			`ip route add default via 172.16.1.188`
			`'`

			`echo "=== Configuring turbine-src ==="`
			`sudo docker exec "$LAB_PREFIX-turbine-src" sh -c '`
			`ip addr add 10.0.1.2/24 dev eth1`
			`ip route add default via 64.92.84.81`
			`'`

			`echo "=== Starting UDP listener on biscayne:20000 ==="`
			`sudo docker exec -d "$LAB_PREFIX-biscayne" sh -c '`
			`nc -ul -p 20000 > /tmp/received.txt &`
			`'`
			`sleep 1`

			`echo "=== Sending test shred from turbine-src to 64.92.84.81:20000 ==="`
			`sudo docker exec "$LAB_PREFIX-turbine-src" sh -c '`
			`echo "SHRED_PAYLOAD_TEST" \| nc -u -w1 64.92.84.81 20000`
			`'`
			`sleep 2`

			`echo "=== Checking biscayne received the payload ==="`
			`RECEIVED=$(sudo docker exec "$LAB_PREFIX-biscayne" cat /tmp/received.txt 2>/dev/null \|\| true)`
			`if echo "$RECEIVED" \| grep -q "SHRED_PAYLOAD_TEST"; then`
			`echo "PASS: biscayne received redirected shred payload"`
			`else`
			`echo "FAIL: payload not received on biscayne (got: '$RECEIVED')"`
			`fi`

			`echo ""`
			`echo "=== Checking traffic-policy counters on was-sw01 ==="`
			`sudo docker exec "$LAB_PREFIX-was-sw01" Cli -c "show traffic-policy counters" 2>/dev/null \|\| \`
			`echo "(traffic-policy counters not available on cEOS)"`

			`echo ""`
			`echo "=== Verifying ping still works (non-redirected traffic) ==="`
			`sudo docker exec "$LAB_PREFIX-turbine-src" ping -c 2 -W 2 64.92.84.81 && \`
			`echo "PASS: ICMP to switch still works" \|\| \`
			`echo "FAIL: ICMP to switch broken"`

			`echo ""`
			`echo "=== Bonus: DNAT test (64.92.84.81:20000 -> 127.0.0.1:9000) ==="`
			`sudo docker exec "$LAB_PREFIX-biscayne" sh -c '`
			`apk add --no-cache iptables 2>/dev/null`
			`iptables -t nat -A PREROUTING -p udp -d 64.92.84.81 --dport 20000 -j DNAT --to-destination 127.0.0.1:9000`
			`nc -ul -p 9000 > /tmp/dnat-received.txt &`
			`'`
			`sleep 1`

			`sudo docker exec "$LAB_PREFIX-turbine-src" sh -c '`
			`echo "DNAT_TEST_PAYLOAD" \| nc -u -w1 64.92.84.81 20000`
			`'`
			`sleep 2`

			`DNAT_RECEIVED=$(sudo docker exec "$LAB_PREFIX-biscayne" cat /tmp/dnat-received.txt 2>/dev/null \|\| true)`
			`if echo "$DNAT_RECEIVED" \| grep -q "DNAT_TEST_PAYLOAD"; then`
			`echo "PASS: DNAT redirect to localhost:9000 works"`
			`else`
			`echo "FAIL: DNAT payload not received (got: '$DNAT_RECEIVED')"`
			`fi`