···
# bool: whether to use networkd in the tests
7
-
with import ../lib/testing-python.nix { inherit system pkgs; };
7
+
with import ../../lib/testing-python.nix { inherit system pkgs; };
11
-
qemu-common = import ../lib/qemu-common.nix { inherit (pkgs) lib pkgs; };
13
-
router = { config, pkgs, lib, ... }:
16
-
vlanIfs = range 1 (length config.virtualisation.vlans);
18
-
environment.systemPackages = [ pkgs.iptables ]; # to debug firewall rules
19
-
virtualisation.vlans = [ 1 2 3 ];
20
-
boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = true;
23
-
useNetworkd = networkd;
24
-
firewall.checkReversePath = true;
25
-
firewall.allowedUDPPorts = [ 547 ];
26
-
interfaces = mkOverride 0 (listToAttrs (forEach vlanIfs (n:
27
-
nameValuePair "eth${toString n}" {
28
-
ipv4.addresses = [ { address = "192.168.${toString n}.1"; prefixLength = 24; } ];
29
-
ipv6.addresses = [ { address = "fd00:1234:5678:${toString n}::1"; prefixLength = 64; } ];
36
-
interfaces-config = {
37
-
interfaces = map (n: "eth${toString n}") vlanIfs;
38
-
dhcp-socket-type = "raw";
39
-
service-sockets-require-all = true;
40
-
service-sockets-max-retries = 5;
41
-
service-sockets-retry-wait-time = 2500;
45
-
subnet = "192.168.${toString n}.0/24";
46
-
pools = [{ pool = "192.168.${toString n}.3 - 192.168.${toString n}.254"; }];
47
-
option-data = [{ name = "routers"; data = "192.168.${toString n}.1"; }];
50
-
hw-address = qemu-common.qemuNicMac n 1;
51
-
hostname = "client${toString n}";
52
-
ip-address = "192.168.${toString n}.2";
60
-
interfaces-config = {
61
-
interfaces = map (n: "eth${toString n}") vlanIfs;
62
-
service-sockets-require-all = true;
63
-
service-sockets-max-retries = 5;
64
-
service-sockets-retry-wait-time = 2500;
69
-
subnet = "fd00:1234:5678:${toString n}::/64";
70
-
interface = "eth${toString n}";
71
-
pools = [{ pool = "fd00:1234:5678:${toString n}::2-fd00:1234:5678:${toString n}::2"; }];
78
-
config = flip concatMapStrings vlanIfs (n: ''
79
-
interface eth${toString n} {
82
-
AdvOtherConfigFlag on;
84
-
prefix fd00:1234:5678:${toString n}::/64 {
11
+
router = import ./router.nix { inherit networkd; };
12
+
clientConfig = extraConfig: lib.recursiveUpdate {
13
+
networking.useDHCP = false;
14
+
networking.useNetworkd = networkd;
95
-
nodes.client = { pkgs, ... }: with pkgs.lib; {
96
-
networking.useDHCP = false;
97
-
networking.useNetworkd = networkd;
19
+
nodes.client = clientConfig {};
client.wait_for_unit("network.target")
···
110
-
nodes.client = { pkgs, ... }: with pkgs.lib; {
31
+
nodes.client = clientConfig {
virtualisation.interfaces.enp1s0.vlan = 1;
virtualisation.interfaces.enp2s0.vlan = 2;
114
-
useNetworkd = networkd;
defaultGateway = { address = "192.168.1.1"; interface = "enp1s0"; };
defaultGateway6 = { address = "fd00:1234:5678:1::1"; interface = "enp1s0"; };
interfaces.enp1s0.ipv4.addresses = [
···
128
-
testScript = { ... }:
client.wait_for_unit("network.target")
···
with subtest("Test vlan 1"):
client.wait_until_succeeds("ping -c 1 192.168.1.1")
142
-
client.wait_until_succeeds("ping -c 1 192.168.1.2")
143
-
client.wait_until_succeeds("ping -c 1 192.168.1.3")
144
-
client.wait_until_succeeds("ping -c 1 192.168.1.10")
146
-
router.wait_until_succeeds("ping -c 1 192.168.1.1")
router.wait_until_succeeds("ping -c 1 192.168.1.2")
router.wait_until_succeeds("ping -c 1 192.168.1.3")
router.wait_until_succeeds("ping -c 1 192.168.1.10")
with subtest("Test vlan 2"):
client.wait_until_succeeds("ping -c 1 192.168.2.1")
153
-
client.wait_until_succeeds("ping -c 1 192.168.2.2")
155
-
router.wait_until_succeeds("ping -c 1 192.168.2.1")
router.wait_until_succeeds("ping -c 1 192.168.2.2")
with subtest("Test default gateway"):
159
-
router.wait_until_succeeds("ping -c 1 192.168.3.1")
client.wait_until_succeeds("ping -c 1 192.168.3.1")
161
-
router.wait_until_succeeds("ping -c 1 fd00:1234:5678:3::1")
client.wait_until_succeeds("ping -c 1 fd00:1234:5678:3::1")
167
-
nodes.client = { pkgs, ... }: with pkgs.lib; {
75
+
nodes.client = clientConfig {
170
-
useNetworkd = networkd;
interfaces.eth1.ipv4.routes = [{
address = "192.168.1.127";
···
name = "useDHCP-by-default";
187
-
nodes.client = { lib, ... }: {
# Disable test driver default config
networking.interfaces = lib.mkForce {
# Make sure DHCP defaults correctly even when some unrelated config
···
client.wait_for_unit("multi-user.target")
client.wait_until_succeeds("ip addr show dev enp1s0 | grep '192.168.1'")
201
-
client.shell_interact()
202
-
client.succeed("ping -c 1 192.168.1.1")
router.succeed("ping -c 1 192.168.1.1")
204
-
router.succeed("ping -c 1 192.168.1.2")
client.succeed("ping -c 1 192.168.1.2")
211
-
nodes.client = { pkgs, ... }: with pkgs.lib; {
114
+
nodes.client = clientConfig {
virtualisation.interfaces.enp1s0.vlan = 1;
virtualisation.interfaces.enp2s0.vlan = 2;
215
-
useNetworkd = networkd;
interfaces.enp1s0.useDHCP = true;
interfaces.enp2s0.useDHCP = true;
221
-
testScript = { ... }:
client.wait_for_unit("network.target")
···
with subtest("Test vlan 1"):
client.wait_until_succeeds("ping -c 1 192.168.1.1")
237
-
client.wait_until_succeeds("ping -c 1 192.168.1.2")
client.wait_until_succeeds("ping -c 1 fd00:1234:5678:1::1")
239
-
client.wait_until_succeeds("ping -c 1 fd00:1234:5678:1::2")
241
-
router.wait_until_succeeds("ping -c 1 192.168.1.1")
router.wait_until_succeeds("ping -c 1 192.168.1.2")
243
-
router.wait_until_succeeds("ping -c 1 fd00:1234:5678:1::1")
router.wait_until_succeeds("ping -c 1 fd00:1234:5678:1::2")
with subtest("Test vlan 2"):
client.wait_until_succeeds("ping -c 1 192.168.2.1")
248
-
client.wait_until_succeeds("ping -c 1 192.168.2.2")
client.wait_until_succeeds("ping -c 1 fd00:1234:5678:2::1")
250
-
client.wait_until_succeeds("ping -c 1 fd00:1234:5678:2::2")
252
-
router.wait_until_succeeds("ping -c 1 192.168.2.1")
router.wait_until_succeeds("ping -c 1 192.168.2.2")
254
-
router.wait_until_succeeds("ping -c 1 fd00:1234:5678:2::1")
router.wait_until_succeeds("ping -c 1 fd00:1234:5678:2::2")
name = "OneInterfaceDHCP";
261
-
nodes.client = { pkgs, ... }: with pkgs.lib; {
151
+
nodes.client = clientConfig {
virtualisation.interfaces.enp1s0.vlan = 1;
virtualisation.interfaces.enp2s0.vlan = 2;
265
-
useNetworkd = networkd;
273
-
testScript = { ... }:
with subtest("Wait for networking to come up"):
···
with subtest("Test vlan 1"):
client.wait_until_succeeds("ping -c 1 192.168.1.1")
289
-
client.wait_until_succeeds("ping -c 1 192.168.1.2")
291
-
router.wait_until_succeeds("ping -c 1 192.168.1.1")
router.wait_until_succeeds("ping -c 1 192.168.1.2")
with subtest("Test vlan 2"):
···
303
-
node = address: { pkgs, ... }: with pkgs.lib; {
187
+
node = address: clientConfig {
virtualisation.interfaces.enp1s0.vlan = 1;
virtualisation.interfaces.enp2s0.vlan = 2;
307
-
useNetworkd = networkd;
interfaces = [ "enp1s0" "enp2s0" ];
driverOptions.mode = "802.3ad";
313
-
interfaces.bond0.ipv4.addresses = mkOverride 0
195
+
interfaces.bond0.ipv4.addresses = lib.mkOverride 0
[ { inherit address; prefixLength = 30; } ];
···
nodes.client1 = node "192.168.1.1";
nodes.client2 = node "192.168.1.2";
321
-
testScript = { ... }:
with subtest("Wait for networking to come up"):
···
342
-
node = { address, vlan }: { pkgs, ... }: with pkgs.lib; {
223
+
node = { address, vlan }: { pkgs, ... }: {
virtualisation.interfaces.enp1s0.vlan = vlan;
···
nodes.client1 = node { address = "192.168.1.2"; vlan = 1; };
nodes.client2 = node { address = "192.168.1.3"; vlan = 2; };
354
-
nodes.router = { pkgs, ... }: with pkgs.lib; {
virtualisation.interfaces.enp1s0.vlan = 1;
virtualisation.interfaces.enp2s0.vlan = 2;
bridges.bridge.interfaces = [ "enp1s0" "enp2s0" ];
361
-
interfaces.eth1.ipv4.addresses = mkOverride 0 [ ];
362
-
interfaces.eth2.ipv4.addresses = mkOverride 0 [ ];
363
-
interfaces.bridge.ipv4.addresses = mkOverride 0
242
+
interfaces.eth1.ipv4.addresses = lib.mkOverride 0 [ ];
243
+
interfaces.eth2.ipv4.addresses = lib.mkOverride 0 [ ];
244
+
interfaces.bridge.ipv4.addresses = lib.mkOverride 0
[ { address = "192.168.1.1"; prefixLength = 24; } ];
367
-
testScript = { ... }:
with subtest("Wait for networking to come up"):
···
392
-
nodes.client = { pkgs, ... }: with pkgs.lib; {
272
+
nodes.client = { pkgs, ... }: {
environment.systemPackages = [ pkgs.iptables ]; # to debug firewall rules
virtualisation.interfaces.enp1s0.vlan = 1;
···
interfaces.macvlan.useDHCP = true;
407
-
testScript = { ... }:
with subtest("Wait for networking to come up"):
···
442
-
nodes.machine = { ... }: {
321
+
nodes.machine = clientConfig {
virtualisation.interfaces.enp1s0.vlan = 1;
445
-
useNetworkd = networkd;
interfaces.enp1s0.ipv4.addresses = [ { address = "192.168.1.1"; prefixLength = 24; } ];
fou2 = { port = 9002; protocol = 41; };
451
-
fou3 = mkIf (!networkd)
328
+
fou3 = lib.mkIf (!networkd)
{ port = 9003; local.address = "192.168.1.1"; };
453
-
fou4 = mkIf (!networkd)
330
+
fou4 = lib.mkIf (!networkd)
{ port = 9004; local = { address = "192.168.1.1"; dev = "enp1s0"; }; };
458
-
fou3-fou-encap.after = optional (!networkd) "network-addresses-enp1s0.service";
335
+
fou3-fou-encap.after = lib.optional (!networkd) "network-addresses-enp1s0.service";
461
-
testScript = { ... }:
machine.wait_for_unit("network.target")
fous = json.loads(machine.succeed("ip -json fou show"))
assert {"port": 9001, "gue": None, "family": "inet"} in fous, "fou1 exists"
assert {"port": 9002, "ipproto": 41, "family": "inet"} in fous, "fou2 exists"
469
-
'' + optionalString (!networkd) ''
345
+
'' + lib.optionalString (!networkd) ''
···
486
-
node = { address4, remote, address6 }: { pkgs, ... }: with pkgs.lib; {
362
+
node = { address4, remote, address6 }: { pkgs, ... }: {
virtualisation.interfaces.enp1s0.vlan = 1;
···
496
-
interfaces.enp1s0.ipv4.addresses = mkOverride 0
372
+
interfaces.enp1s0.ipv4.addresses = lib.mkOverride 0
[ { address = address4; prefixLength = 24; } ];
498
-
interfaces.sit.ipv6.addresses = mkOverride 0
374
+
interfaces.sit.ipv6.addresses = lib.mkOverride 0
[ { address = address6; prefixLength = 64; } ];
···
# client2 does the reverse, sending in proto-41 and accepting only UDP incoming.
# that way we'll notice when either SIT itself or FOU breaks.
nodes.client1 = args@{ pkgs, ... }:
(node { address4 = "192.168.1.1"; remote = "192.168.1.2"; address6 = "fc00::1"; } args)
···
nodes.client2 = args@{ pkgs, ... }:
(node { address4 = "192.168.1.2"; remote = "192.168.1.1"; address6 = "fc00::2"; } args)
···
528
-
testScript = { ... }:
with subtest("Wait for networking to be configured"):
···
549
-
node = { pkgs, ... }: with pkgs.lib; {
···
nodes.client1 = args@{ pkgs, ... }:
virtualisation.vlans = [ 1 2 4 ];
···
bridges.bridge.interfaces = [ "greTunnel" "eth1" ];
581
-
interfaces.eth1.ipv4.addresses = mkOverride 0 [];
582
-
interfaces.bridge.ipv4.addresses = mkOverride 0 [
456
+
interfaces.eth1.ipv4.addresses = lib.mkOverride 0 [];
457
+
interfaces.bridge.ipv4.addresses = lib.mkOverride 0 [
{ address = "192.168.1.1"; prefixLength = 24; }
interfaces.eth3.ipv6.addresses = [
{ address = "fd00:1234:5678:4::1"; prefixLength = 64; }
588
-
interfaces.gre6Tunnel.ipv6.addresses = mkOverride 0 [
463
+
interfaces.gre6Tunnel.ipv6.addresses = lib.mkOverride 0 [
{ address = "fc00::1"; prefixLength = 64; }
nodes.client2 = args@{ pkgs, ... }:
virtualisation.vlans = [ 2 3 4 ];
···
bridges.bridge.interfaces = [ "greTunnel" "eth2" ];
617
-
interfaces.eth2.ipv4.addresses = mkOverride 0 [];
618
-
interfaces.bridge.ipv4.addresses = mkOverride 0 [
492
+
interfaces.eth2.ipv4.addresses = lib.mkOverride 0 [];
493
+
interfaces.bridge.ipv4.addresses = lib.mkOverride 0 [
{ address = "192.168.1.2"; prefixLength = 24; }
interfaces.eth3.ipv6.addresses = [
{ address = "fd00:1234:5678:4::2"; prefixLength = 64; }
624
-
interfaces.gre6Tunnel.ipv6.addresses = mkOverride 0 [
499
+
interfaces.gre6Tunnel.ipv6.addresses = lib.mkOverride 0 [
{ address = "fc00::2"; prefixLength = 64; }
630
-
testScript = { ... }:
···
661
-
node = address: { pkgs, ... }: with pkgs.lib; {
662
-
#virtualisation.vlans = [ 1 ];
···
670
-
interfaces.eth0.ipv4.addresses = mkOverride 0 [ ];
671
-
interfaces.eth1.ipv4.addresses = mkOverride 0 [ ];
672
-
interfaces.vlan.ipv4.addresses = mkOverride 0
543
+
interfaces.eth0.ipv4.addresses = lib.mkOverride 0 [ ];
544
+
interfaces.eth1.ipv4.addresses = lib.mkOverride 0 [ ];
545
+
interfaces.vlan.ipv4.addresses = lib.mkOverride 0
[ { inherit address; prefixLength = 24; } ];
···
nodes.client1 = node "192.168.1.1";
nodes.client2 = node "192.168.1.2";
680
-
testScript = { ... }:
with subtest("Wait for networking to be configured"):
···
vlanIP = number: "10.1.1.${number}";
baseInterface = "enp1s0";
vlanInterface = "vlan42";
698
-
node = number: {pkgs, ... }: with pkgs.lib; {
virtualisation.interfaces.enp1s0.vlan = 1;
vlans.${vlanInterface} = { id = 42; interface = baseInterface; };
704
-
interfaces.${baseInterface}.ipv4.addresses = mkOverride 0 [{ address = baseIP number; prefixLength = 24; }];
705
-
interfaces.${vlanInterface}.ipv4.addresses = mkOverride 0 [{ address = vlanIP number; prefixLength = 24; }];
576
+
interfaces.${baseInterface}.ipv4.addresses = lib.mkOverride 0 [{ address = baseIP number; prefixLength = 24; }];
577
+
interfaces.${vlanInterface}.ipv4.addresses = lib.mkOverride 0 [{ address = vlanIP number; prefixLength = 24; }];
···
nodes.server = node serverNodeNum;
nodes.client = node clientNodeNum;
716
-
testScript = { ... }:
with subtest("Wait for networking to be configured"):
···
machine.wait_until_succeeds("ip link show dev tun0 | grep 'mtu 1343'")
assert "02:de:ad:be:ef:01" in machine.succeed("ip link show dev tap0")
'' # network-addresses-* only exist in scripted networking
781
-
+ optionalString (!networkd) ''
652
+
+ lib.optionalString (!networkd) ''
with subtest("Test interfaces clean up"):
machine.succeed("systemctl stop network-addresses-tap0")
···
795
-
nodes.router = { ... }: {
virtualisation.interfaces.enp1s0.vlan = 1;
boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = true;
801
-
interfaces.enp1s0.ipv6.addresses = singleton {
672
+
interfaces.enp1s0.ipv6.addresses = lib.singleton {
address = "fd00:1234:5678:1::1";
···
822
-
nodes.client_with_privacy = { pkgs, ... }: with pkgs.lib; {
693
+
nodes.client_with_privacy = {
virtualisation.interfaces.enp1s0.vlan = 1;
829
-
ipv4.addresses = mkOverride 0 [ ];
830
-
ipv6.addresses = mkOverride 0 [ ];
700
+
ipv4.addresses = lib.mkOverride 0 [ ];
701
+
ipv6.addresses = lib.mkOverride 0 [ ];
835
-
nodes.client = { pkgs, ... }: with pkgs.lib; {
virtualisation.interfaces.enp1s0.vlan = 1;
842
-
ipv4.addresses = mkOverride 0 [ ];
843
-
ipv6.addresses = mkOverride 0 [ ];
713
+
ipv4.addresses = lib.mkOverride 0 [ ];
714
+
ipv6.addresses = lib.mkOverride 0 [ ];
848
-
testScript = { ... }:
client.wait_for_unit("network.target")
···
ipv6Table, targetIPv6Table
946
-
'' + optionalString (!networkd) ''
816
+
'' + lib.optionalString (!networkd) ''
with subtest("test clean-up of the tables"):
machine.succeed("systemctl stop network-addresses-eth0")
ipv4Residue = machine.succeed("ip -4 route list dev eth0 | head -n-3").strip()
···
rename = if networkd then {
name = "RenameInterface";
961
-
nodes.machine = { pkgs, ... }: {
virtualisation.vlans = [ 1 ];
···
# (as it's handled by udev, not networkd)
985
-
nodes.client = { pkgs, ... }: {
virtualisation.vlans = [ 1 ];
···
testMac = "06:00:00:00:02:00";
1010
-
nodes.machine = { pkgs, ... }: {
boot.kernelModules = [ "mac80211_hwsim" ];
networking.wlanInterfaces = {
wlan0 = { device = "wlan0"; };
···
name = "naughtyInterfaceNames";
1036
-
nodes.machine = { pkgs, ... }: {
networking.useNetworkd = networkd;
1038
-
networking.bridges = listToAttrs
908
+
networking.bridges = lib.listToAttrs
909
+
(lib.flip builtins.map ifnames
(name: { inherit name; value.interfaces = []; }));
···
caseSensitiveRenaming = {
name = "CaseSensitiveRenaming";
1051
-
nodes.machine = { pkgs, ... }: {
virtualisation.interfaces.enCustom.vlan = 11;
···
1066
-
in mapAttrs (const (attrs: makeTest (attrs // {
936
+
in lib.mapAttrs (lib.const (attrs: makeTest (attrs // {
name = "${attrs.name}-Networking-${if networkd then "Networkd" else "Scripted"}";
pyrox.dev