···

       
12
       
12
       
 
       
follows:

     

       
13
       
13
       
 
       


     

       
14
       
14
       
 
       
<programlisting>

     

       
15
       
15
       
-
       
networking.interfaces.eth0.ip4 = [ { address = "192.168.1.2"; prefixLength = 24; } ];

     

       
15
       
15
       
+
       
networking.interfaces.eth0.ipv4.addresses = [ { address = "192.168.1.2"; prefixLength = 24; } ];

     

       
16
       
16
       
 
       
</programlisting>

     

       
17
       
17
       
 
       


     

       
18
       
18
       
 
       
Typically you’ll also want to set a default gateway and set of name

     

···

       
26
       
26
       
 
       
DHCPv6. You can configure an interface manually:

     

       
27
       
27
       
 
       


     

       
28
       
28
       
 
       
<programlisting>

     

       
29
       
29
       
-
       
networking.interfaces.eth0.ip6 = [ { address = "fe00:aa:bb:cc::2"; prefixLength = 64; } ];

     

       
29
       
29
       
+
       
networking.interfaces.eth0.ipv6.addresses = [ { address = "fe00:aa:bb:cc::2"; prefixLength = 64; } ];

     

       
30
       
30
       
 
       
</programlisting>

     

       
31
       
31
       
 
       
</para>

     

       
32
       
32
       
 
       


     

···

       
261
       
261
       
 
       
  </listitem>

     

       
262
       
262
       
 
       
  <listitem>

     

       
263
       
263
       
 
       
    <para>

     

       
264
       
264
       
-
       
      The option <option>services.xserver.desktopManager.default</option> is now <literal>none</literal> by default.

     

       
265
       
265
       
-
       
      An assertion failure is thrown if WM's and DM's default are <literal>none</literal>.

     

       
266
       
266
       
-
       
      To explicitly run a plain X session without and DM or WM, the newly introduced option <option>services.xserver.plainX</option>

     

       
267
       
267
       
-
       
      must be set to true.

     

       
264
       
264
       
+
       
      In the module <option>networking.interfaces.&lt;name&gt;</option> the

     

       
265
       
265
       
+
       
      following options have been removed:

     

       
266
       
266
       
+
       
      <itemizedlist>

     

       
267
       
267
       
+
       
        <listitem>

     

       
268
       
268
       
+
       
          <para><option>ipAddress</option></para>

     

       
269
       
269
       
+
       
        </listitem>

     

       
270
       
270
       
+
       
        <listitem>

     

       
271
       
271
       
+
       
          <para><option>ipv6Address</option></para>

     

       
272
       
272
       
+
       
        </listitem>

     

       
273
       
273
       
+
       
        <listitem>

     

       
274
       
274
       
+
       
          <para><option>prefixLength</option></para>

     

       
275
       
275
       
+
       
        </listitem>

     

       
276
       
276
       
+
       
        <listitem>

     

       
277
       
277
       
+
       
          <para><option>ipv6PrefixLength</option></para>

     

       
278
       
278
       
+
       
        </listitem>

     

       
279
       
279
       
+
       
        <listitem>

     

       
280
       
280
       
+
       
          <para><option>subnetMask</option></para>

     

       
281
       
281
       
+
       
        </listitem>

     

       
282
       
282
       
+
       
      </itemizedlist>

     

       
283
       
283
       
+
       
      To assign static addresses to an interface the options

     

       
284
       
284
       
+
       
      <option>ipv4.addresses</option> and <option>ipv6.addresses</option>

     

       
285
       
285
       
+
       
      should be used instead.

     

       
286
       
286
       
+
       
      The options <option>ip4</option> and <option>ip6</option> have been

     

       
287
       
287
       
+
       
      renamed to <option>ipv4.addresses</option> <option>ipv6.addresses</option>

     

       
288
       
288
       
+
       
      respectively.

     

       
289
       
289
       
+
       
      The new options <option>ipv4.routes</option> and <option>ipv6.routes</option>

     

       
290
       
290
       
+
       
      have been added to set up static routing.

     

       
291
       
291
       
+
       
    </para>

     

       
292
       
292
       
+
       
  </listitem>

     

       
293
       
293
       
+
       
  <listitem>

     

       
294
       
294
       
+
       
    <para>

     

       
295
       
295
       
+
       
      The option <option>services.xserver.desktopManager.default</option> is now

     

       
296
       
296
       
+
       
      <literal>none</literal> by default. An assertion failure is thrown if WM's

     

       
297
       
297
       
+
       
      and DM's default are <literal>none</literal>.

     

       
298
       
298
       
+
       
      To explicitly run a plain X session without and DM or WM, the newly

     

       
299
       
299
       
+
       
      introduced option <option>services.xserver.plainX</option> must be set to true.

     

       
268
       
300
       
 
       
    </para>

     

       
269
       
301
       
 
       
  </listitem>

     

       
270
       
302
       
 
       
  <listitem>

     

···

       
51
       
51
       
 
       
            let

     

       
52
       
52
       
 
       
              interfacesNumbered = zipLists config.virtualisation.vlans (range 1 255);

     

       
53
       
53
       
 
       
              interfaces = flip map interfacesNumbered ({ fst, snd }:

     

       
54
       
54
       
-
       
                nameValuePair "eth${toString snd}" { ip4 =

     

       
54
       
54
       
+
       
                nameValuePair "eth${toString snd}" { ipv4.addresses =

     

       
55
       
55
       
 
       
                  [ { address = "192.168.${toString fst}.${toString m.snd}";

     

       
56
       
56
       
 
       
                      prefixLength = 24;

     

       
57
       
57
       
 
       
                  } ];

     
···

       
64
       
64
       
 
       
                  networking.interfaces = listToAttrs interfaces;

     

       
65
       
65
       
 
       


     

       
66
       
66
       
 
       
                  networking.primaryIPAddress =

     

       
67
       
67
       
-
       
                    optionalString (interfaces != []) (head (head interfaces).value.ip4).address;

     

       
67
       
67
       
+
       
                    optionalString (interfaces != []) (head (head interfaces).value.ipv4.addresses).address;

     

       
68
       
68
       
 
       


     

       
69
       
69
       
 
       
                  # Put the IP addresses of all VMs in this machine's

     

       
70
       
70
       
 
       
                  # /etc/hosts file.  If a machine has multiple

     

···

       
16
       
16
       
 
       
  # Don't start dhcpcd on explicitly configured interfaces or on

     

       
17
       
17
       
 
       
  # interfaces that are part of a bridge, bond or sit device.

     

       
18
       
18
       
 
       
  ignoredInterfaces =

     

       
19
       
19
       
-
       
    map (i: i.name) (filter (i: if i.useDHCP != null then !i.useDHCP else i.ip4 != [ ] || i.ipAddress != null) interfaces)

     

       
19
       
19
       
+
       
    map (i: i.name) (filter (i: if i.useDHCP != null then !i.useDHCP else i.ipv4.addresses != [ ]) interfaces)

     

       
20
       
20
       
 
       
    ++ mapAttrsToList (i: _: i) config.networking.sits

     

       
21
       
21
       
 
       
    ++ concatLists (attrValues (mapAttrs (n: v: v.interfaces) config.networking.bridges))

     

       
22
       
22
       
 
       
    ++ concatLists (attrValues (mapAttrs (n: v: v.interfaces) config.networking.vswitches))

     

···

       
35
       
35
       
 
       
  config = mkIf cfg.enable {

     

       
36
       
36
       
 
       
    boot.kernelModules = [ "dummy" ];

     

       
37
       
37
       
 
       


     

       
38
       
38
       
-
       
    networking.interfaces.dummy0 = {

     

       
39
       
39
       
-
       
      ipAddress = "169.254.169.254";

     

       
40
       
40
       
-
       
      prefixLength = 32;

     

       
41
       
41
       
-
       
    };

     

       
38
       
38
       
+
       
    networking.interfaces.dummy0.ipv4.addresses = [

     

       
39
       
39
       
+
       
      { address = "169.254.169.254"; prefixLength = 32; }

     

       
40
       
40
       
+
       
    ];

     

       
42
       
41
       
 
       


     

       
43
       
42
       
 
       
    systemd.services.hologram-agent = {

     

       
44
       
43
       
 
       
      description = "Provide EC2 instance credentials to machines outside of EC2";

     

···

       
20
       
20
       
 
       
    "sys-subsystem-net-devices-${escapeSystemdPath interface}.device";

     

       
21
       
21
       
 
       


     

       
22
       
22
       
 
       
  interfaceIps = i:

     

       
23
       
23
       
-
       
    i.ip4 ++ optionals cfg.enableIPv6 i.ip6

     

       
24
       
24
       
-
       
    ++ optional (i.ipAddress != null) {

     

       
25
       
25
       
-
       
      address = i.ipAddress;

     

       
26
       
26
       
-
       
      prefixLength = i.prefixLength;

     

       
27
       
27
       
-
       
    } ++ optional (cfg.enableIPv6 && i.ipv6Address != null) {

     

       
28
       
28
       
-
       
      address = i.ipv6Address;

     

       
29
       
29
       
-
       
      prefixLength = i.ipv6PrefixLength;

     

       
30
       
30
       
-
       
    };

     

       
23
       
23
       
+
       
    i.ipv4.addresses

     

       
24
       
24
       
+
       
    ++ optionals cfg.enableIPv6 i.ipv6.addresses;

     

       
31
       
25
       
 
       


     

       
32
       
26
       
 
       
  destroyBond = i: ''

     

       
33
       
27
       
 
       
    while true; do

     
···

       
185
       
179
       
 
       
            path = [ pkgs.iproute ];

     

       
186
       
180
       
 
       
            script =

     

       
187
       
181
       
 
       
              ''

     

       
188
       
188
       
-
       
                # FIXME: shouldn't this be done in network-link?

     

       
189
       
189
       
-
       
                echo "bringing up interface..."

     

       
190
       
190
       
-
       
                ip link set "${i.name}" up

     

       
191
       
191
       
-
       


     

       
192
       
182
       
 
       
                state="/run/nixos/network/addresses/${i.name}"

     

       
183
       
183
       
+
       
                mkdir -p $(dirname "$state")

     

       
193
       
184
       
 
       


     

       
185
       
185
       
+
       
                ${flip concatMapStrings ips (ip:

     

       
186
       
186
       
+
       
                  let

     

       
187
       
187
       
+
       
                    cidr = "${ip.address}/${toString ip.prefixLength}";

     

       
188
       
188
       
+
       
                  in

     

       
189
       
189
       
+
       
                  ''

     

       
190
       
190
       
+
       
                    echo "${cidr}" >> $state

     

       
191
       
191
       
+
       
                    echo -n "adding address ${cidr}... "

     

       
192
       
192
       
+
       
                    if out=$(ip addr add "${cidr}" dev "${i.name}" 2>&1); then

     

       
193
       
193
       
+
       
                      echo "done"

     

       
194
       
194
       
+
       
                    elif ! echo "$out" | grep "File exists" >/dev/null 2>&1; then

     

       
195
       
195
       
+
       
                      echo "failed"

     

       
196
       
196
       
+
       
                      exit 1

     

       
197
       
197
       
+
       
                    fi

     

       
198
       
198
       
+
       
                  ''

     

       
199
       
199
       
+
       
                )}

     

       
200
       
200
       
+
       


     

       
201
       
201
       
+
       
                state="/run/nixos/network/routes/${i.name}"

     

       
194
       
202
       
 
       
                mkdir -p $(dirname "$state")

     

       
195
       
203
       
 
       


     

       
196
       
196
       
-
       
              '' + flip concatMapStrings (ips) (ip:

     

       
197
       
197
       
-
       
                let

     

       
198
       
198
       
-
       
                  address = "${ip.address}/${toString ip.prefixLength}";

     

       
199
       
199
       
-
       
                in

     

       
200
       
200
       
-
       
                ''

     

       
201
       
201
       
-
       
                  echo "${address}" >> $state

     

       
202
       
202
       
-
       
                  if out=$(ip addr add "${address}" dev "${i.name}" 2>&1); then

     

       
203
       
203
       
-
       
                    echo "added ip ${address}"

     

       
204
       
204
       
-
       
                  elif ! echo "$out" | grep "File exists" >/dev/null 2>&1; then

     

       
205
       
205
       
-
       
                    echo "failed to add ${address}"

     

       
206
       
206
       
-
       
                    exit 1

     

       
207
       
207
       
-
       
                  fi

     

       
208
       
208
       
-
       
                '');

     

       
204
       
204
       
+
       
                ${flip concatMapStrings (i.ipv4.routes ++ i.ipv6.routes) (route:

     

       
205
       
205
       
+
       
                  let

     

       
206
       
206
       
+
       
                    cidr = "${route.address}/${toString route.prefixLength}";

     

       
207
       
207
       
+
       
                    via = optionalString (route.via != null) ''via "${route.via}"'';

     

       
208
       
208
       
+
       
                    options = concatStrings (mapAttrsToList (name: val: "${name} ${val} ") route.options);

     

       
209
       
209
       
+
       
                  in

     

       
210
       
210
       
+
       
                  ''

     

       
211
       
211
       
+
       
                     echo "${cidr}" >> $state

     

       
212
       
212
       
+
       
                     echo -n "adding route ${cidr}... "

     

       
213
       
213
       
+
       
                     if out=$(ip route add "${cidr}" ${options} ${via} dev "${i.name}" 2>&1); then

     

       
214
       
214
       
+
       
                       echo "done"

     

       
215
       
215
       
+
       
                     elif ! echo "$out" | grep "File exists" >/dev/null 2>&1; then

     

       
216
       
216
       
+
       
                       echo "failed"

     

       
217
       
217
       
+
       
                       exit 1

     

       
218
       
218
       
+
       
                     fi

     

       
219
       
219
       
+
       
                  ''

     

       
220
       
220
       
+
       
                )}

     

       
221
       
221
       
+
       
              '';

     

       
209
       
222
       
 
       
            preStop = ''

     

       
223
       
223
       
+
       
              state="/run/nixos/network/routes/${i.name}"

     

       
224
       
224
       
+
       
              while read cidr; do

     

       
225
       
225
       
+
       
                echo -n "deleting route $cidr... "

     

       
226
       
226
       
+
       
                ip route del "$cidr" dev "${i.name}" >/dev/null 2>&1 && echo "done" || echo "failed"

     

       
227
       
227
       
+
       
              done < "$state"

     

       
228
       
228
       
+
       
              rm -f "$state"

     

       
229
       
229
       
+
       


     

       
210
       
230
       
 
       
              state="/run/nixos/network/addresses/${i.name}"

     

       
211
       
211
       
-
       
              while read address; do

     

       
212
       
212
       
-
       
                echo -n "deleting $address..."

     

       
213
       
213
       
-
       
                ip addr del "$address" dev "${i.name}" >/dev/null 2>&1 || echo -n " Failed"

     

       
214
       
214
       
-
       
                echo ""

     

       
231
       
231
       
+
       
              while read cidr; do

     

       
232
       
232
       
+
       
                echo -n "deleting address $cidr... "

     

       
233
       
233
       
+
       
                ip addr del "$cidr" dev "${i.name}" >/dev/null 2>&1 && echo "done" || echo "failed"

     

       
215
       
234
       
 
       
              done < "$state"

     

       
216
       
235
       
 
       
              rm -f "$state"

     

       
217
       
236
       
 
       
            '';

     

···

       
9
       
9
       
 
       
  interfaces = attrValues cfg.interfaces;

     

       
10
       
10
       
 
       


     

       
11
       
11
       
 
       
  interfaceIps = i:

     

       
12
       
12
       
-
       
    i.ip4 ++ optionals cfg.enableIPv6 i.ip6

     

       
13
       
13
       
-
       
    ++ optional (i.ipAddress != null) {

     

       
14
       
14
       
-
       
      address = i.ipAddress;

     

       
15
       
15
       
-
       
      prefixLength = i.prefixLength;

     

       
16
       
16
       
-
       
    } ++ optional (cfg.enableIPv6 && i.ipv6Address != null) {

     

       
17
       
17
       
-
       
      address = i.ipv6Address;

     

       
18
       
18
       
-
       
      prefixLength = i.ipv6PrefixLength;

     

       
19
       
19
       
-
       
    };

     

       
12
       
12
       
+
       
    i.ipv4.addresses

     

       
13
       
13
       
+
       
    ++ optionals cfg.enableIPv6 i.ipv6.addresses;

     

       
20
       
14
       
 
       


     

       
21
       
15
       
 
       
  dhcpStr = useDHCP: if useDHCP == true || useDHCP == null then "both" else "none";

     

       
22
       
16
       
 
       


     

···

       
1
       
1
       
-
       
{ config, lib, pkgs, utils, stdenv, ... }:

     

       
1
       
1
       
+
       
{ config, options, lib, pkgs, utils, stdenv, ... }:

     

       
2
       
2
       
 
       


     

       
3
       
3
       
 
       
with lib;

     

       
4
       
4
       
 
       
with utils;

     
···

       
101
       
101
       
 
       
        address = mkOption {

     

       
102
       
102
       
 
       
          type = types.str;

     

       
103
       
103
       
 
       
          description = ''

     

       
104
       
104
       
-
       
            IPv${toString v} address of the interface.  Leave empty to configure the

     

       
104
       
104
       
+
       
            IPv${toString v} address of the interface. Leave empty to configure the

     

       
105
       
105
       
 
       
            interface using DHCP.

     

       
106
       
106
       
 
       
          '';

     

       
107
       
107
       
 
       
        };

     
···

       
116
       
116
       
 
       
      };

     

       
117
       
117
       
 
       
    };

     

       
118
       
118
       
 
       


     

       
119
       
119
       
+
       
  routeOpts = v:

     

       
120
       
120
       
+
       
  { options = {

     

       
121
       
121
       
+
       
      address = mkOption {

     

       
122
       
122
       
+
       
        type = types.str;

     

       
123
       
123
       
+
       
        description = "IPv${toString v} address of the network.";

     

       
124
       
124
       
+
       
      };

     

       
125
       
125
       
+
       


     

       
126
       
126
       
+
       
      prefixLength = mkOption {

     

       
127
       
127
       
+
       
        type = types.addCheck types.int (n: n >= 0 && n <= (if v == 4 then 32 else 128));

     

       
128
       
128
       
+
       
        description = ''

     

       
129
       
129
       
+
       
          Subnet mask of the network, specified as the number of

     

       
130
       
130
       
+
       
          bits in the prefix (<literal>${if v == 4 then "24" else "64"}</literal>).

     

       
131
       
131
       
+
       
        '';

     

       
132
       
132
       
+
       
      };

     

       
133
       
133
       
+
       


     

       
134
       
134
       
+
       
      via = mkOption {

     

       
135
       
135
       
+
       
        type = types.nullOr types.str;

     

       
136
       
136
       
+
       
        default = null;

     

       
137
       
137
       
+
       
        description = "IPv${toString v} address of the next hop.";

     

       
138
       
138
       
+
       
      };

     

       
139
       
139
       
+
       


     

       
140
       
140
       
+
       
      options = mkOption {

     

       
141
       
141
       
+
       
        type = types.attrsOf types.str;

     

       
142
       
142
       
+
       
        default = { };

     

       
143
       
143
       
+
       
        example = { mtu = "1492"; window = "524288"; };

     

       
144
       
144
       
+
       
        description = ''

     

       
145
       
145
       
+
       
          Other route options. See the symbol <literal>OPTION</literal>

     

       
146
       
146
       
+
       
          in the <literal>ip-route(8)</literal> manual page for the details.

     

       
147
       
147
       
+
       
        '';

     

       
148
       
148
       
+
       
      };

     

       
149
       
149
       
+
       


     

       
150
       
150
       
+
       
    };

     

       
151
       
151
       
+
       
  };

     

       
152
       
152
       
+
       


     

       
119
       
153
       
 
       
  gatewayCoerce = address: { inherit address; };

     

       
120
       
154
       
 
       


     

       
121
       
155
       
 
       
  gatewayOpts = { ... }: {

     
···

       
148
       
182
       
 
       
  interfaceOpts = { name, ... }: {

     

       
149
       
183
       
 
       


     

       
150
       
184
       
 
       
    options = {

     

       
151
       
151
       
-
       


     

       
152
       
185
       
 
       
      name = mkOption {

     

       
153
       
186
       
 
       
        example = "eth0";

     

       
154
       
187
       
 
       
        type = types.str;

     
···

       
175
       
208
       
 
       
        '';

     

       
176
       
209
       
 
       
      };

     

       
177
       
210
       
 
       


     

       
178
       
178
       
-
       
      ip4 = mkOption {

     

       
211
       
211
       
+
       
      ipv4.addresses = mkOption {

     

       
179
       
212
       
 
       
        default = [ ];

     

       
180
       
213
       
 
       
        example = [

     

       
181
       
214
       
 
       
          { address = "10.0.0.1"; prefixLength = 16; }

     
···

       
187
       
220
       
 
       
        '';

     

       
188
       
221
       
 
       
      };

     

       
189
       
222
       
 
       


     

       
190
       
190
       
-
       
      ip6 = mkOption {

     

       
223
       
223
       
+
       
      ipv6.addresses = mkOption {

     

       
191
       
224
       
 
       
        default = [ ];

     

       
192
       
225
       
 
       
        example = [

     

       
193
       
226
       
 
       
          { address = "fdfd:b3f0:482::1"; prefixLength = 48; }

     
···

       
199
       
232
       
 
       
        '';

     

       
200
       
233
       
 
       
      };

     

       
201
       
234
       
 
       


     

       
202
       
202
       
-
       
      ipAddress = mkOption {

     

       
203
       
203
       
-
       
        default = null;

     

       
204
       
204
       
-
       
        example = "10.0.0.1";

     

       
205
       
205
       
-
       
        type = types.nullOr types.str;

     

       
206
       
206
       
-
       
        description = ''

     

       
207
       
207
       
-
       
          IP address of the interface.  Leave empty to configure the

     

       
208
       
208
       
-
       
          interface using DHCP.

     

       
209
       
209
       
-
       
        '';

     

       
210
       
210
       
-
       
      };

     

       
211
       
211
       
-
       


     

       
212
       
212
       
-
       
      prefixLength = mkOption {

     

       
213
       
213
       
-
       
        default = null;

     

       
214
       
214
       
-
       
        example = 24;

     

       
215
       
215
       
-
       
        type = types.nullOr types.int;

     

       
216
       
216
       
-
       
        description = ''

     

       
217
       
217
       
-
       
          Subnet mask of the interface, specified as the number of

     

       
218
       
218
       
-
       
          bits in the prefix (<literal>24</literal>).

     

       
219
       
219
       
-
       
        '';

     

       
220
       
220
       
-
       
      };

     

       
221
       
221
       
-
       


     

       
222
       
222
       
-
       
      subnetMask = mkOption {

     

       
223
       
223
       
-
       
        default = null;

     

       
224
       
224
       
-
       
        description = ''

     

       
225
       
225
       
-
       
          Defunct, supply the prefix length instead.

     

       
226
       
226
       
-
       
        '';

     

       
227
       
227
       
-
       
      };

     

       
228
       
228
       
-
       


     

       
229
       
229
       
-
       
      ipv6Address = mkOption {

     

       
230
       
230
       
-
       
        default = null;

     

       
231
       
231
       
-
       
        example = "2001:1470:fffd:2098::e006";

     

       
232
       
232
       
-
       
        type = types.nullOr types.str;

     

       
235
       
235
       
+
       
      ipv4.routes = mkOption {

     

       
236
       
236
       
+
       
        default = [];

     

       
237
       
237
       
+
       
        example = [

     

       
238
       
238
       
+
       
          { address = "10.0.0.0"; prefixLength = 16; }

     

       
239
       
239
       
+
       
          { address = "192.168.2.0"; prefixLength = 24; via = "192.168.1.1"; }

     

       
240
       
240
       
+
       
        ];

     

       
241
       
241
       
+
       
        type = with types; listOf (submodule (routeOpts 4));

     

       
233
       
242
       
 
       
        description = ''

     

       
234
       
234
       
-
       
          IPv6 address of the interface.  Leave empty to configure the

     

       
235
       
235
       
-
       
          interface using NDP.

     

       
243
       
243
       
+
       
          List of extra IPv4 static routes that will be assigned to the interface.

     

       
236
       
244
       
 
       
        '';

     

       
237
       
245
       
 
       
      };

     

       
238
       
246
       
 
       


     

       
239
       
239
       
-
       
      ipv6PrefixLength = mkOption {

     

       
240
       
240
       
-
       
        default = 64;

     

       
241
       
241
       
-
       
        example = 64;

     

       
242
       
242
       
-
       
        type = types.int;

     

       
247
       
247
       
+
       
      ipv6.routes = mkOption {

     

       
248
       
248
       
+
       
        default = [];

     

       
249
       
249
       
+
       
        example = [

     

       
250
       
250
       
+
       
          { address = "fdfd:b3f0::"; prefixLength = 48; }

     

       
251
       
251
       
+
       
          { address = "2001:1470:fffd:2098::"; prefixLength = 64; via = "fdfd:b3f0::1"; }

     

       
252
       
252
       
+
       
        ];

     

       
253
       
253
       
+
       
        type = with types; listOf (submodule (routeOpts 6));

     

       
243
       
254
       
 
       
        description = ''

     

       
244
       
244
       
-
       
          Subnet mask of the interface, specified as the number of

     

       
245
       
245
       
-
       
          bits in the prefix (<literal>64</literal>).

     

       
255
       
255
       
+
       
          List of extra IPv6 static routes that will be assigned to the interface.

     

       
246
       
256
       
 
       
        '';

     

       
247
       
257
       
 
       
      };

     

       
248
       
258
       
 
       


     
···

       
316
       
326
       
 
       
    config = {

     

       
317
       
327
       
 
       
      name = mkDefault name;

     

       
318
       
328
       
 
       
    };

     

       
329
       
329
       
+
       


     

       
330
       
330
       
+
       
    # Renamed or removed options

     

       
331
       
331
       
+
       
    imports =

     

       
332
       
332
       
+
       
      let

     

       
333
       
333
       
+
       
        defined = x: x != "_mkMergedOptionModule";

     

       
334
       
334
       
+
       
      in [

     

       
335
       
335
       
+
       
        (mkRenamedOptionModule [ "ip4" ] [ "ipv4" "addresses"])

     

       
336
       
336
       
+
       
        (mkRenamedOptionModule [ "ip6" ] [ "ipv6" "addresses"])

     

       
337
       
337
       
+
       
        (mkRemovedOptionModule [ "subnetMask" ] ''

     

       
338
       
338
       
+
       
          Supply a prefix length instead; use option

     

       
339
       
339
       
+
       
          networking.interfaces.<name>.ipv{4,6}.addresses'')

     

       
340
       
340
       
+
       
        (mkMergedOptionModule

     

       
341
       
341
       
+
       
          [ [ "ipAddress" ] [ "prefixLength" ] ]

     

       
342
       
342
       
+
       
          [ "ipv4" "addresses" ]

     

       
343
       
343
       
+
       
          (cfg: with cfg;

     

       
344
       
344
       
+
       
            optional (defined ipAddress && defined prefixLength)

     

       
345
       
345
       
+
       
            { address = ipAddress; prefixLength = prefixLength; }))

     

       
346
       
346
       
+
       
        (mkMergedOptionModule

     

       
347
       
347
       
+
       
          [ [ "ipv6Address" ] [ "ipv6PrefixLength" ] ]

     

       
348
       
348
       
+
       
          [ "ipv6" "addresses" ]

     

       
349
       
349
       
+
       
          (cfg: with cfg;

     

       
350
       
350
       
+
       
            optional (defined ipv6Address && defined ipv6PrefixLength)

     

       
351
       
351
       
+
       
            { address = ipv6Address; prefixLength = ipv6PrefixLength; }))

     

       
352
       
352
       
+
       


     

       
353
       
353
       
+
       
        ({ options.warnings = options.warnings; })

     

       
354
       
354
       
+
       
      ];

     

       
319
       
355
       
 
       


     

       
320
       
356
       
 
       
  };

     

       
321
       
357
       
 
       


     
···

       
453
       
489
       
 
       
    networking.interfaces = mkOption {

     

       
454
       
490
       
 
       
      default = {};

     

       
455
       
491
       
 
       
      example =

     

       
456
       
456
       
-
       
        { eth0.ip4 = [ {

     

       
492
       
492
       
+
       
        { eth0.ipv4 = [ {

     

       
457
       
493
       
 
       
            address = "131.211.84.78";

     

       
458
       
494
       
 
       
            prefixLength = 25;

     

       
459
       
495
       
 
       
          } ];

     
···

       
932
       
968
       
 
       


     

       
933
       
969
       
 
       
  config = {

     

       
934
       
970
       
 
       


     

       
971
       
971
       
+
       
    warnings = concatMap (i: i.warnings) interfaces;

     

       
972
       
972
       
+
       


     

       
935
       
973
       
 
       
    assertions =

     

       
936
       
974
       
 
       
      (flip map interfaces (i: {

     

       
937
       
937
       
-
       
        assertion = i.subnetMask == null;

     

       
938
       
938
       
-
       
        message = ''

     

       
939
       
939
       
-
       
          The networking.interfaces."${i.name}".subnetMask option is defunct. Use prefixLength instead.

     

       
940
       
940
       
-
       
        '';

     

       
941
       
941
       
-
       
      })) ++ (flip map interfaces (i: {

     

       
942
       
975
       
 
       
        # With the linux kernel, interface name length is limited by IFNAMSIZ

     

       
943
       
976
       
 
       
        # to 16 bytes, including the trailing null byte.

     

       
944
       
977
       
 
       
        # See include/linux/if.h in the kernel sources

     
···

       
947
       
980
       
 
       
          The name of networking.interfaces."${i.name}" is too long, it needs to be less than 16 characters.

     

       
948
       
981
       
 
       
        '';

     

       
949
       
982
       
 
       
      })) ++ (flip map slaveIfs (i: {

     

       
950
       
950
       
-
       
        assertion = i.ip4 == [ ] && i.ipAddress == null && i.ip6 == [ ] && i.ipv6Address == null;

     

       
983
       
983
       
+
       
        assertion = i.ipv4.addresses == [ ] && i.ipv6.addresses == [ ];

     

       
951
       
984
       
 
       
        message = ''

     

       
952
       
985
       
 
       
          The networking.interfaces."${i.name}" must not have any defined ips when it is a slave.

     

       
953
       
986
       
 
       
        '';

     
···

       
1089
       
1122
       
 
       
          '' + optionalString (i.mtu != null) ''

     

       
1090
       
1123
       
 
       
            echo "setting MTU to ${toString i.mtu}..."

     

       
1091
       
1124
       
 
       
            ip link set "${i.name}" mtu "${toString i.mtu}"

     

       
1125
       
1125
       
+
       
          '' + ''

     

       
1126
       
1126
       
+
       
            echo -n "bringing up interface... "

     

       
1127
       
1127
       
+
       
            ip link set "${i.name}" up && echo "done" || (echo "failed"; exit 1)

     

       
1092
       
1128
       
 
       
          '';

     

       
1093
       
1129
       
 
       
      })));

     

       
1094
       
1130
       
 
       


     

···

       
124
       
124
       
 
       
          '';

     

       
125
       
125
       
 
       
      };

     

       
126
       
126
       
 
       


     

       
127
       
127
       
-
       
    networking.interfaces.vboxnet0.ip4 = [ { address = "192.168.56.1"; prefixLength = 24; } ];

     

       
127
       
127
       
+
       
    networking.interfaces.vboxnet0.ipv4.addresses = { address = "192.168.56.1"; prefixLength = 24; };

     

       
128
       
128
       
 
       
    # Make sure NetworkManager won't assume this interface being up

     

       
129
       
129
       
 
       
    # means we have internet access.

     

       
130
       
130
       
 
       
    networking.networkmanager.unmanaged = ["vboxnet0"];

     

···

       
16
       
16
       
 
       
  miniupnpdConf = nodes: pkgs.writeText "miniupnpd.conf"

     

       
17
       
17
       
 
       
    ''

     

       
18
       
18
       
 
       
      ext_ifname=eth1

     

       
19
       
19
       
-
       
      listening_ip=${(pkgs.lib.head nodes.router.config.networking.interfaces.eth2.ip4).address}/24

     

       
19
       
19
       
+
       
      listening_ip=${(pkgs.lib.head nodes.router.config.networking.interfaces.eth2.ipv4.addresses).address}/24

     

       
20
       
20
       
 
       
      allow 1024-65535 192.168.2.0/24 1024-65535

     

       
21
       
21
       
 
       
    '';

     

       
22
       
22
       
 
       


     
···

       
56
       
56
       
 
       
        { environment.systemPackages = [ pkgs.transmission ];

     

       
57
       
57
       
 
       
          virtualisation.vlans = [ 2 ];

     

       
58
       
58
       
 
       
          networking.defaultGateway =

     

       
59
       
59
       
-
       
            (pkgs.lib.head nodes.router.config.networking.interfaces.eth2.ip4).address;

     

       
59
       
59
       
+
       
            (pkgs.lib.head nodes.router.config.networking.interfaces.eth2.ipv4.addresses).address;

     

       
60
       
60
       
 
       
          networking.firewall.enable = false;

     

       
61
       
61
       
 
       
        };

     

       
62
       
62
       
 
       


     
···

       
84
       
84
       
 
       
      # Create the torrent.

     

       
85
       
85
       
 
       
      $tracker->succeed("mkdir /tmp/data");

     

       
86
       
86
       
 
       
      $tracker->succeed("cp ${file} /tmp/data/test.tar.bz2");

     

       
87
       
87
       
-
       
      $tracker->succeed("transmission-create /tmp/data/test.tar.bz2 -p -t http://${(pkgs.lib.head nodes.tracker.config.networking.interfaces.eth1.ip4).address}:6969/announce -o /tmp/test.torrent");

     

       
87
       
87
       
+
       
      $tracker->succeed("transmission-create /tmp/data/test.tar.bz2 -p -t http://${(pkgs.lib.head nodes.tracker.config.networking.interfaces.eth1.ipv4.addresses).address}:6969/announce -o /tmp/test.torrent");

     

       
88
       
88
       
 
       
      $tracker->succeed("chmod 644 /tmp/test.torrent");

     

       
89
       
89
       
 
       


     

       
90
       
90
       
 
       
      # Start the tracker.  !!! use a less crappy tracker

     

···

       
12
       
12
       
 
       
      # the sequence of address assignment less stochastic.

     

       
13
       
13
       
 
       
      networking.useDHCP = false;

     

       
14
       
14
       
 
       


     

       
15
       
15
       
-
       
      networking.interfaces.eth1.prefixLength = 24;

     

       
16
       
15
       
 
       
      # CJDNS output is incompatible with the XML log.

     

       
17
       
16
       
 
       
      systemd.services.cjdns.serviceConfig.StandardOutput = "null";

     

       
18
       
17
       
 
       
      #networking.firewall.enable = true;

     
···

       
49
       
48
       
 
       


     

       
50
       
49
       
 
       
          { imports = [ basicConfig ];

     

       
51
       
50
       
 
       


     

       
52
       
52
       
-
       
          networking.interfaces.eth1.ipAddress = "192.168.0.2";

     

       
51
       
51
       
+
       
          networking.interfaces.eth1.ipv4.addresses = [

     

       
52
       
52
       
+
       
            { address = "192.168.0.2"; prefixLength = 24; }

     

       
53
       
53
       
+
       
          ];

     

       
53
       
54
       
 
       


     

       
54
       
55
       
 
       
          services.cjdns =

     

       
55
       
56
       
 
       
            { UDPInterface =

     
···

       
76
       
77
       
 
       
            CJDNS_ADMIN_PASSWORD=FOOBAR

     

       
77
       
78
       
 
       
          '';

     

       
78
       
79
       
 
       


     

       
79
       
79
       
-
       
          networking.interfaces.eth1.ipAddress = "192.168.0.1";

     

       
80
       
80
       
+
       
          networking.interfaces.eth1.ipv4.addresses = [

     

       
81
       
81
       
+
       
            { address = "192.168.0.1"; prefixLength = 24; }

     

       
82
       
82
       
+
       
          ];

     

       
80
       
83
       
 
       


     

       
81
       
84
       
 
       
          services.cjdns =

     

       
82
       
85
       
 
       
            { authorizedPasswords = [ carolPassword ];

     

···

       
26
       
26
       
 
       
      };

     

       
27
       
27
       
 
       
      networking.interfaces = {

     

       
28
       
28
       
 
       
        br0 = {

     

       
29
       
29
       
-
       
          ip4 = [{ address = hostIp; prefixLength = 24; }];

     

       
30
       
30
       
-
       
          ip6 = [{ address = hostIp6; prefixLength = 7; }];

     

       
29
       
29
       
+
       
          ipv4.addresses = [{ address = hostIp; prefixLength = 24; }];

     

       
30
       
30
       
+
       
          ipv6.addresses = [{ address = hostIp6; prefixLength = 7; }];

     

       
31
       
31
       
 
       
        };

     

       
32
       
32
       
 
       
      };

     

       
33
       
33
       
 
       


     

···

       
21
       
21
       
 
       
      };

     

       
22
       
22
       
 
       
      networking.interfaces = {

     

       
23
       
23
       
 
       
        br0 = {

     

       
24
       
24
       
-
       
          ip4 = [{ address = "192.168.0.1"; prefixLength = 24; }];

     

       
25
       
25
       
-
       
          ip6 = [{ address = "fc00::1"; prefixLength = 7; }];

     

       
24
       
24
       
+
       
          ipv4.addresses = [{ address = "192.168.0.1"; prefixLength = 24; }];

     

       
25
       
25
       
+
       
          ipv6.addresses = [{ address = "fc00::1"; prefixLength = 7; }];

     

       
26
       
26
       
 
       
        };

     

       
27
       
27
       
 
       
        br1 = {

     

       
28
       
28
       
-
       
          ip4 = [{ address = "192.168.1.1"; prefixLength = 24; }];

     

       
28
       
28
       
+
       
          ipv4.addresses = [{ address = "192.168.1.1"; prefixLength = 24; }];

     

       
29
       
29
       
 
       
        };

     

       
30
       
30
       
 
       
      };

     

       
31
       
31
       
 
       


     

···

       
13
       
13
       
 
       
      virtualisation.vlans = [];

     

       
14
       
14
       
 
       


     

       
15
       
15
       
 
       
      networking.bridges.br0.interfaces = [];

     

       
16
       
16
       
-
       
      networking.interfaces.br0 = {

     

       
17
       
17
       
-
       
        ip4 = [ { address = "10.11.0.254"; prefixLength = 24; } ];

     

       
18
       
18
       
-
       
      };

     

       
16
       
16
       
+
       
      networking.interfaces.br0.ipv4.addresses = [

     

       
17
       
17
       
+
       
        { address = "10.11.0.254"; prefixLength = 24; }

     

       
18
       
18
       
+
       
      ];

     

       
19
       
19
       
 
       


     

       
20
       
20
       
 
       
      # Force /etc/hosts to be the only source for host name resolution

     

       
21
       
21
       
 
       
      environment.etc."nsswitch.conf".text = lib.mkForce ''

     

···

       
26
       
26
       
 
       
          interface = "eth1";

     

       
27
       
27
       
 
       
          mode = "bridge";

     

       
28
       
28
       
 
       
        };

     

       
29
       
29
       
-
       
        networking.interfaces.eth1.ip4 = lib.mkForce [];

     

       
29
       
29
       
+
       
        networking.interfaces.eth1.ipv4.addresses = lib.mkForce [];

     

       
30
       
30
       
 
       
        networking.interfaces.mv-eth1-host = {

     

       
31
       
31
       
-
       
          ip4 = [ { address = "192.168.1.1"; prefixLength = 24; } ];

     

       
31
       
31
       
+
       
          ipv4.addresses = [ { address = "192.168.1.1"; prefixLength = 24; } ];

     

       
32
       
32
       
 
       
        };

     

       
33
       
33
       
 
       


     

       
34
       
34
       
 
       
        containers.test1 = {

     
···

       
37
       
37
       
 
       


     

       
38
       
38
       
 
       
          config = {

     

       
39
       
39
       
 
       
            networking.interfaces.mv-eth1 = {

     

       
40
       
40
       
-
       
              ip4 = [ { address = containerIp1; prefixLength = 24; } ];

     

       
40
       
40
       
+
       
              ipv4.addresses = [ { address = containerIp1; prefixLength = 24; } ];

     

       
41
       
41
       
 
       
            };

     

       
42
       
42
       
 
       
          };

     

       
43
       
43
       
 
       
        };

     
···

       
48
       
48
       
 
       


     

       
49
       
49
       
 
       
          config = {

     

       
50
       
50
       
 
       
            networking.interfaces.mv-eth1 = {

     

       
51
       
51
       
-
       
              ip4 = [ { address = containerIp2; prefixLength = 24; } ];

     

       
51
       
51
       
+
       
              ipv4.addresses = [ { address = containerIp2; prefixLength = 24; } ];

     

       
52
       
52
       
 
       
            };

     

       
53
       
53
       
 
       
          };

     

       
54
       
54
       
 
       
        };

     

···

       
16
       
16
       
 
       
          interfaces = [ "eth1" ];

     

       
17
       
17
       
 
       


     

       
18
       
18
       
 
       
          config = {

     

       
19
       
19
       
-
       
            networking.interfaces.eth1 = {

     

       
20
       
20
       
-
       
              ip4 = [ { address = "10.10.0.1"; prefixLength = 24; } ];

     

       
21
       
21
       
-
       
            };

     

       
19
       
19
       
+
       
            networking.interfaces.eth1.ipv4.addresses = [

     

       
20
       
20
       
+
       
              { address = "10.10.0.1"; prefixLength = 24; }

     

       
21
       
21
       
+
       
            ];

     

       
22
       
22
       
 
       
            networking.firewall.enable = false;

     

       
23
       
23
       
 
       
          };

     

       
24
       
24
       
 
       
        };

     
···

       
33
       
33
       
 
       


     

       
34
       
34
       
 
       
        config = {

     

       
35
       
35
       
 
       
          networking.bridges.br0.interfaces = [ "eth1" ];

     

       
36
       
36
       
-
       
          networking.interfaces.br0 = {

     

       
37
       
37
       
-
       
            ip4 = [ { address = "10.10.0.2"; prefixLength = 24; } ];

     

       
38
       
38
       
-
       
          };

     

       
36
       
36
       
+
       
          networking.interfaces.br0.ipv4.addresses = [

     

       
37
       
37
       
+
       
            { address = "10.10.0.2"; prefixLength = 24; }

     

       
38
       
38
       
+
       
          ];

     

       
39
       
39
       
 
       
          networking.firewall.enable = false;

     

       
40
       
40
       
 
       
        };

     

       
41
       
41
       
 
       
      };

     
···

       
54
       
54
       
 
       
            interfaces = [ "eth1" ];

     

       
55
       
55
       
 
       
            mode = "active-backup";

     

       
56
       
56
       
 
       
          };

     

       
57
       
57
       
-
       
          networking.interfaces.bond0 = {

     

       
58
       
58
       
-
       
            ip4 = [ { address = "10.10.0.3"; prefixLength = 24; } ];

     

       
59
       
59
       
-
       
          };

     

       
57
       
57
       
+
       
          networking.interfaces.bond0.ipv4.addresses = [

     

       
58
       
58
       
+
       
            { address = "10.10.0.3"; prefixLength = 24; }

     

       
59
       
59
       
+
       
          ];

     

       
60
       
60
       
 
       
          networking.firewall.enable = false;

     

       
61
       
61
       
 
       
        };

     

       
62
       
62
       
 
       
      };

     
···

       
76
       
76
       
 
       
            mode = "active-backup";

     

       
77
       
77
       
 
       
          };

     

       
78
       
78
       
 
       
          networking.bridges.br0.interfaces = [ "bond0" ];

     

       
79
       
79
       
-
       
          networking.interfaces.br0 = {

     

       
80
       
80
       
-
       
            ip4 = [ { address = "10.10.0.4"; prefixLength = 24; } ];

     

       
81
       
81
       
-
       
          };

     

       
79
       
79
       
+
       
          networking.interfaces.br0.ipv4.addresses = [

     

       
80
       
80
       
+
       
            { address = "10.10.0.4"; prefixLength = 24; }

     

       
81
       
81
       
+
       
          ];

     

       
82
       
82
       
 
       
          networking.firewall.enable = false;

     

       
83
       
83
       
 
       
        };

     

       
84
       
84
       
 
       
      };

     

···

       
11
       
11
       
 
       


     

       
12
       
12
       
 
       
    # prevent make-test.nix to change IP

     

       
13
       
13
       
 
       
    networking.interfaces = {

     

       
14
       
14
       
-
       
      eth1.ip4 = lib.mkOverride 0 [ ];

     

       
14
       
14
       
+
       
      eth1.ipv4.addresses = lib.mkOverride 0 [ ];

     

       
15
       
15
       
 
       
    };

     

       
16
       
16
       
 
       
  };

     

       
17
       
17
       
 
       
in {

     

···

       
11
       
11
       
 
       
      config = {

     

       
12
       
12
       
 
       
        networking.firewall.enable = false;

     

       
13
       
13
       
 
       
        networking.firewall.allowPing = true;

     

       
14
       
14
       
-
       
        networking.interfaces.eth0.ip4 = [

     

       
14
       
14
       
+
       
        networking.interfaces.eth0.ipv4.addresses = [

     

       
15
       
15
       
 
       
          { address = "192.168.1.122"; prefixLength = 24; }

     

       
16
       
16
       
 
       
        ];

     

       
17
       
17
       
 
       
      };

     
···

       
33
       
33
       
 
       
        rstp = false;

     

       
34
       
34
       
 
       
      };

     

       
35
       
35
       
 
       
      networking.interfaces = {

     

       
36
       
36
       
-
       
        eth1.ip4 = lib.mkOverride 0 [ ];

     

       
37
       
37
       
-
       
        br0.ip4 = [{ address = "192.168.1.1"; prefixLength = 24; }];

     

       
36
       
36
       
+
       
        eth1.ipv4.addresses = lib.mkOverride 0 [ ];

     

       
37
       
37
       
+
       
        br0.ipv4.addresses = [ { address = "192.168.1.1"; prefixLength = 24; } ];

     

       
38
       
38
       
 
       
      };

     

       
39
       
39
       
 
       


     

       
40
       
40
       
 
       
    };

     
···

       
44
       
44
       
 
       
        rstp = false;

     

       
45
       
45
       
 
       
      };

     

       
46
       
46
       
 
       
      networking.interfaces = {

     

       
47
       
47
       
-
       
        eth1.ip4 = lib.mkOverride 0 [ ];

     

       
48
       
48
       
-
       
        br0.ip4 = [{ address = "192.168.1.2"; prefixLength = 24; }];

     

       
47
       
47
       
+
       
        eth1.ipv4.addresses = lib.mkOverride 0 [ ];

     

       
48
       
48
       
+
       
        br0.ipv4.addresses = [ { address = "192.168.1.2"; prefixLength = 24; } ];

     

       
49
       
49
       
 
       
      };

     

       
50
       
50
       
 
       
    };

     

       
51
       
51
       
 
       
    client_eth1_rstp = { lib, pkgs, ... }: client_base // {

     
···

       
54
       
54
       
 
       
        rstp = true;

     

       
55
       
55
       
 
       
      };

     

       
56
       
56
       
 
       
      networking.interfaces = {

     

       
57
       
57
       
-
       
        eth1.ip4 = lib.mkOverride 0 [ ];

     

       
58
       
58
       
-
       
        br0.ip4 = [{ address = "192.168.1.2"; prefixLength = 24; }];

     

       
57
       
57
       
+
       
        eth1.ipv4.addresses = lib.mkOverride 0 [ ];

     

       
58
       
58
       
+
       
        br0.ipv4.addresses =  [ { address = "192.168.1.2"; prefixLength = 24; } ];

     

       
59
       
59
       
 
       
      };

     

       
60
       
60
       
 
       
    };

     

       
61
       
61
       
 
       
  };

     

···

       
11
       
11
       
 
       
        with pkgs.lib;

     

       
12
       
12
       
 
       
        {

     

       
13
       
13
       
 
       
          networking = {

     

       
14
       
14
       
-
       
            interfaces.eth1.ip6 = mkOverride 0 [ { address = "fd00::2"; prefixLength = 64; } ];

     

       
15
       
15
       
-
       
            interfaces.eth1.ip4 = mkOverride 0 [ { address = "192.168.1.2"; prefixLength = 24; } ];

     

       
14
       
14
       
+
       
            interfaces.eth1.ipv6.addresses = mkOverride 0 [ { address = "fd00::2"; prefixLength = 64; } ];

     

       
15
       
15
       
+
       
            interfaces.eth1.ipv4.addresses = mkOverride 0 [ { address = "192.168.1.2"; prefixLength = 24; } ];

     

       
16
       
16
       
 
       
          };

     

       
17
       
17
       
 
       
      };

     

       
18
       
18
       
 
       
      server =

     
···

       
20
       
20
       
 
       
        with pkgs.lib;

     

       
21
       
21
       
 
       
        {

     

       
22
       
22
       
 
       
          networking = {

     

       
23
       
23
       
-
       
            interfaces.eth1.ip6 = mkOverride 0 [ { address = "fd00::1"; prefixLength = 64; } ];

     

       
24
       
24
       
-
       
            interfaces.eth1.ip4 = mkOverride 0 [ { address = "192.168.1.1"; prefixLength = 24; } ];

     

       
23
       
23
       
+
       
            interfaces.eth1.ipv6.addresses = mkOverride 0 [ { address = "fd00::1"; prefixLength = 64; } ];

     

       
24
       
24
       
+
       
            interfaces.eth1.ipv4.addresses = mkOverride 0 [ { address = "192.168.1.1"; prefixLength = 24; } ];

     

       
25
       
25
       
 
       
          };

     

       
26
       
26
       
 
       


     

       
27
       
27
       
 
       
          services = {

     

···

       
11
       
11
       
 
       
      { config, pkgs, ... }:

     

       
12
       
12
       
 
       
      {

     

       
13
       
13
       
 
       
        boot.kernelParams = [

     

       
14
       
14
       
-
       
          "ip=${

     

       
15
       
15
       
-
       
            (head config.networking.interfaces.eth1.ip4).address

     

       
16
       
16
       
-
       
          }:::255.255.255.0::eth1:none"

     

       
14
       
14
       
+
       
          "ip=${config.networking.primaryIPAddress}:::255.255.255.0::eth1:none"

     

       
17
       
15
       
 
       
        ];

     

       
18
       
16
       
 
       
        boot.initrd.network = {

     

       
19
       
17
       
 
       
          enable = true;

     

···

       
35
       
35
       
 
       
            { virtualisation.vlans = [ 1 ];

     

       
36
       
36
       
 
       
              networking.firewall.allowPing = true;

     

       
37
       
37
       
 
       
              networking.defaultGateway =

     

       
38
       
38
       
-
       
                (pkgs.lib.head nodes.router.config.networking.interfaces.eth2.ip4).address;

     

       
38
       
38
       
+
       
                (pkgs.lib.head nodes.router.config.networking.interfaces.eth2.ipv4.addresses).address;

     

       
39
       
39
       
 
       
            }

     

       
40
       
40
       
 
       
            (lib.optionalAttrs withConntrackHelpers {

     

       
41
       
41
       
 
       
              networking.firewall.connectionTrackingModules = [ "ftp" ];

     

···

       
21
       
21
       
 
       
        firewall.allowedUDPPorts = [ 547 ];

     

       
22
       
22
       
 
       
        interfaces = mkOverride 0 (listToAttrs (flip map vlanIfs (n:

     

       
23
       
23
       
 
       
          nameValuePair "eth${toString n}" {

     

       
24
       
24
       
-
       
            ipAddress = "192.168.${toString n}.1";

     

       
25
       
25
       
-
       
            prefixLength = 24;

     

       
26
       
26
       
-
       
            ipv6Address = "fd00:1234:5678:${toString n}::1";

     

       
27
       
27
       
-
       
            ipv6PrefixLength = 64;

     

       
24
       
24
       
+
       
            ipv4.addresses = [ { address = "192.168.${toString n}.1"; prefixLength = 24; } ];

     

       
25
       
25
       
+
       
            ipv6.addresses = [ { address = "fd00:1234:5678:${toString n}::1"; prefixLength = 64; } ];

     

       
28
       
26
       
 
       
          })));

     

       
29
       
27
       
 
       
      };

     

       
30
       
28
       
 
       
      services.dhcpd4 = {

     
···

       
90
       
88
       
 
       
          firewall.allowPing = true;

     

       
91
       
89
       
 
       
          useDHCP = false;

     

       
92
       
90
       
 
       
          defaultGateway = "192.168.1.1";

     

       
93
       
93
       
-
       
          interfaces.eth1.ip4 = mkOverride 0 [

     

       
91
       
91
       
+
       
          interfaces.eth1.ipv4.addresses = mkOverride 0 [

     

       
94
       
92
       
 
       
            { address = "192.168.1.2"; prefixLength = 24; }

     

       
95
       
93
       
 
       
            { address = "192.168.1.3"; prefixLength = 32; }

     

       
96
       
94
       
 
       
            { address = "192.168.1.10"; prefixLength = 32; }

     

       
97
       
95
       
 
       
          ];

     

       
98
       
98
       
-
       
          interfaces.eth2.ip4 = mkOverride 0 [

     

       
96
       
96
       
+
       
          interfaces.eth2.ipv4.addresses = mkOverride 0 [

     

       
99
       
97
       
 
       
            { address = "192.168.2.2"; prefixLength = 24; }

     

       
100
       
98
       
 
       
          ];

     

       
101
       
99
       
 
       
        };

     
···

       
143
       
141
       
 
       
          firewall.allowPing = true;

     

       
144
       
142
       
 
       
          useDHCP = true;

     

       
145
       
143
       
 
       
          interfaces.eth1 = {

     

       
146
       
146
       
-
       
            ip4 = mkOverride 0 [ ];

     

       
147
       
147
       
-
       
            ip6 = mkOverride 0 [ ];

     

       
144
       
144
       
+
       
            ipv4.addresses = mkOverride 0 [ ];

     

       
145
       
145
       
+
       
            ipv6.addresses = mkOverride 0 [ ];

     

       
148
       
146
       
 
       
          };

     

       
149
       
147
       
 
       
          interfaces.eth2 = {

     

       
150
       
150
       
-
       
            ip4 = mkOverride 0 [ ];

     

       
151
       
151
       
-
       
            ip6 = mkOverride 0 [ ];

     

       
148
       
148
       
+
       
            ipv4.addresses = mkOverride 0 [ ];

     

       
149
       
149
       
+
       
            ipv6.addresses = mkOverride 0 [ ];

     

       
152
       
150
       
 
       
          };

     

       
153
       
151
       
 
       
        };

     

       
154
       
152
       
 
       
      };

     
···

       
198
       
196
       
 
       
          firewall.allowPing = true;

     

       
199
       
197
       
 
       
          useDHCP = false;

     

       
200
       
198
       
 
       
          interfaces.eth1 = {

     

       
201
       
201
       
-
       
            ip4 = mkOverride 0 [ ];

     

       
199
       
199
       
+
       
            ipv4.addresses = mkOverride 0 [ ];

     

       
202
       
200
       
 
       
            useDHCP = true;

     

       
203
       
201
       
 
       
          };

     

       
204
       
204
       
-
       
          interfaces.eth2.ip4 = mkOverride 0 [ ];

     

       
202
       
202
       
+
       
          interfaces.eth2.ipv4.addresses = mkOverride 0 [ ];

     

       
205
       
203
       
 
       
        };

     

       
206
       
204
       
 
       
      };

     

       
207
       
205
       
 
       
      testScript = { nodes, ... }:

     
···

       
241
       
239
       
 
       
            interfaces = [ "eth1" "eth2" ];

     

       
242
       
240
       
 
       
            driverOptions.mode = "balance-rr";

     

       
243
       
241
       
 
       
          };

     

       
244
       
244
       
-
       
          interfaces.eth1.ip4 = mkOverride 0 [ ];

     

       
245
       
245
       
-
       
          interfaces.eth2.ip4 = mkOverride 0 [ ];

     

       
246
       
246
       
-
       
          interfaces.bond.ip4 = mkOverride 0

     

       
242
       
242
       
+
       
          interfaces.eth1.ipv4.addresses = mkOverride 0 [ ];

     

       
243
       
243
       
+
       
          interfaces.eth2.ipv4.addresses = mkOverride 0 [ ];

     

       
244
       
244
       
+
       
          interfaces.bond.ipv4.addresses = mkOverride 0

     

       
247
       
245
       
 
       
            [ { inherit address; prefixLength = 30; } ];

     

       
248
       
246
       
 
       
        };

     

       
249
       
247
       
 
       
      };

     
···

       
274
       
272
       
 
       
          useNetworkd = networkd;

     

       
275
       
273
       
 
       
          firewall.allowPing = true;

     

       
276
       
274
       
 
       
          useDHCP = false;

     

       
277
       
277
       
-
       
          interfaces.eth1.ip4 = mkOverride 0

     

       
275
       
275
       
+
       
          interfaces.eth1.ipv4.addresses = mkOverride 0

     

       
278
       
276
       
 
       
            [ { inherit address; prefixLength = 24; } ];

     

       
279
       
277
       
 
       
        };

     

       
280
       
278
       
 
       
      };

     
···

       
289
       
287
       
 
       
          firewall.allowPing = true;

     

       
290
       
288
       
 
       
          useDHCP = false;

     

       
291
       
289
       
 
       
          bridges.bridge.interfaces = [ "eth1" "eth2" ];

     

       
292
       
292
       
-
       
          interfaces.eth1.ip4 = mkOverride 0 [ ];

     

       
293
       
293
       
-
       
          interfaces.eth2.ip4 = mkOverride 0 [ ];

     

       
294
       
294
       
-
       
          interfaces.bridge.ip4 = mkOverride 0

     

       
290
       
290
       
+
       
          interfaces.eth1.ipv4.addresses = mkOverride 0 [ ];

     

       
291
       
291
       
+
       
          interfaces.eth2.ipv4.addresses = mkOverride 0 [ ];

     

       
292
       
292
       
+
       
          interfaces.bridge.ipv4.addresses = mkOverride 0

     

       
295
       
293
       
 
       
            [ { address = "192.168.1.1"; prefixLength = 24; } ];

     

       
296
       
294
       
 
       
        };

     

       
297
       
295
       
 
       
      };

     
···

       
328
       
326
       
 
       
          firewall.allowPing = true;

     

       
329
       
327
       
 
       
          useDHCP = true;

     

       
330
       
328
       
 
       
          macvlans.macvlan.interface = "eth1";

     

       
331
       
331
       
-
       
          interfaces.eth1.ip4 = mkOverride 0 [ ];

     

       
329
       
329
       
+
       
          interfaces.eth1.ipv4.addresses = mkOverride 0 [ ];

     

       
332
       
330
       
 
       
        };

     

       
333
       
331
       
 
       
      };

     

       
334
       
332
       
 
       
      testScript = { nodes, ... }:

     
···

       
369
       
367
       
 
       
            local = address4;

     

       
370
       
368
       
 
       
            dev = "eth1";

     

       
371
       
369
       
 
       
          };

     

       
372
       
372
       
-
       
          interfaces.eth1.ip4 = mkOverride 0

     

       
370
       
370
       
+
       
          interfaces.eth1.ipv4.addresses = mkOverride 0

     

       
373
       
371
       
 
       
            [ { address = address4; prefixLength = 24; } ];

     

       
374
       
374
       
-
       
          interfaces.sit.ip6 = mkOverride 0

     

       
372
       
372
       
+
       
          interfaces.sit.ipv6.addresses = mkOverride 0

     

       
375
       
373
       
 
       
            [ { address = address6; prefixLength = 64; } ];

     

       
376
       
374
       
 
       
        };

     

       
377
       
375
       
 
       
      };

     
···

       
410
       
408
       
 
       
            id = 1;

     

       
411
       
409
       
 
       
            interface = "eth0";

     

       
412
       
410
       
 
       
          };

     

       
413
       
413
       
-
       
          interfaces.eth0.ip4 = mkOverride 0 [ ];

     

       
414
       
414
       
-
       
          interfaces.eth1.ip4 = mkOverride 0 [ ];

     

       
415
       
415
       
-
       
          interfaces.vlan.ip4 = mkOverride 0

     

       
411
       
411
       
+
       
          interfaces.eth0.ipv4.addresses = mkOverride 0 [ ];

     

       
412
       
412
       
+
       
          interfaces.eth1.ipv4.addresses = mkOverride 0 [ ];

     

       
413
       
413
       
+
       
          interfaces.vlan.ipv4.addresses = mkOverride 0

     

       
416
       
414
       
 
       
            [ { inherit address; prefixLength = 24; } ];

     

       
417
       
415
       
 
       
        };

     

       
418
       
416
       
 
       
      };

     
···

       
437
       
435
       
 
       
      name = "Virtual";

     

       
438
       
436
       
 
       
      machine = {

     

       
439
       
437
       
 
       
        networking.interfaces."tap0" = {

     

       
440
       
440
       
-
       
          ip4 = [ { address = "192.168.1.1"; prefixLength = 24; } ];

     

       
441
       
441
       
-
       
          ip6 = [ { address = "2001:1470:fffd:2096::"; prefixLength = 64; } ];

     

       
438
       
438
       
+
       
          ipv4.addresses = [ { address = "192.168.1.1"; prefixLength = 24; } ];

     

       
439
       
439
       
+
       
          ipv6.addresses = [ { address = "2001:1470:fffd:2096::"; prefixLength = 64; } ];

     

       
442
       
440
       
 
       
          virtual = true;

     

       
443
       
441
       
 
       
        };

     

       
444
       
442
       
 
       
        networking.interfaces."tun0" = {

     

       
445
       
445
       
-
       
          ip4 = [ { address = "192.168.1.2"; prefixLength = 24; } ];

     

       
446
       
446
       
-
       
          ip6 = [ { address = "2001:1470:fffd:2097::"; prefixLength = 64; } ];

     

       
443
       
443
       
+
       
          ipv4.addresses = [ { address = "192.168.1.2"; prefixLength = 24; } ];

     

       
444
       
444
       
+
       
          ipv6.addresses = [ { address = "2001:1470:fffd:2097::"; prefixLength = 64; } ];

     

       
447
       
445
       
 
       
          virtual = true;

     

       
448
       
446
       
 
       
        };

     

       
449
       
447
       
 
       
      };

     
···

       
483
       
481
       
 
       
        boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = true;

     

       
484
       
482
       
 
       
        networking = {

     

       
485
       
483
       
 
       
          useNetworkd = networkd;

     

       
486
       
486
       
-
       
          interfaces.eth1 = {

     

       
487
       
487
       
-
       
            ipv6Address = "fd00:1234:5678:1::1";

     

       
488
       
488
       
-
       
            ipv6PrefixLength = 64;

     

       
484
       
484
       
+
       
          interfaces.eth1.ipv6.addresses = singleton {

     

       
485
       
485
       
+
       
            address = "fd00:1234:5678:1::1";

     

       
486
       
486
       
+
       
            prefixLength = 64;

     

       
489
       
487
       
 
       
          };

     

       
490
       
488
       
 
       
        };

     

       
491
       
489
       
 
       
        services.radvd = {

     
···

       
511
       
509
       
 
       
          useDHCP = true;

     

       
512
       
510
       
 
       
          interfaces.eth1 = {

     

       
513
       
511
       
 
       
            preferTempAddress = true;

     

       
514
       
514
       
-
       
            ip4 = mkOverride 0 [ ];

     

       
515
       
515
       
-
       
            ip6 = mkOverride 0 [ ];

     

       
512
       
512
       
+
       
            ipv4.addresses = mkOverride 0 [ ];

     

       
513
       
513
       
+
       
            ipv6.addresses = mkOverride 0 [ ];

     

       
516
       
514
       
 
       
          };

     

       
517
       
515
       
 
       
        };

     

       
518
       
516
       
 
       
      };

     
···

       
532
       
530
       
 
       
          # Test address used is temporary

     

       
533
       
531
       
 
       
          $client->waitUntilSucceeds("! ip route get fd00:1234:5678:1::1 | grep -q ':[a-f0-9]*ff:fe[a-f0-9]*:'");

     

       
534
       
532
       
 
       
        '';

     

       
533
       
533
       
+
       
    };

     

       
534
       
534
       
+
       
    routes = {

     

       
535
       
535
       
+
       
      name = "routes";

     

       
536
       
536
       
+
       
      machine = {

     

       
537
       
537
       
+
       
        networking.useDHCP = false;

     

       
538
       
538
       
+
       
        networking.interfaces."eth0" = {

     

       
539
       
539
       
+
       
          ipv4.addresses = [ { address = "192.168.1.2"; prefixLength = 24; } ];

     

       
540
       
540
       
+
       
          ipv6.addresses = [ { address = "2001:1470:fffd:2097::"; prefixLength = 64; } ];

     

       
541
       
541
       
+
       
          ipv6.routes = [

     

       
542
       
542
       
+
       
            { address = "fdfd:b3f0::"; prefixLength = 48; }

     

       
543
       
543
       
+
       
            { address = "2001:1470:fffd:2098::"; prefixLength = 64; via = "fdfd:b3f0::1"; }

     

       
544
       
544
       
+
       
          ];

     

       
545
       
545
       
+
       
          ipv4.routes = [

     

       
546
       
546
       
+
       
            { address = "10.0.0.0"; prefixLength = 16; options = { mtu = "1500"; }; }

     

       
547
       
547
       
+
       
            { address = "192.168.2.0"; prefixLength = 24; via = "192.168.1.1"; }

     

       
548
       
548
       
+
       
          ];

     

       
549
       
549
       
+
       
        };

     

       
550
       
550
       
+
       
        virtualisation.vlans = [ ];

     

       
551
       
551
       
+
       
      };

     

       
552
       
552
       
+
       


     

       
553
       
553
       
+
       
      testScript = ''

     

       
554
       
554
       
+
       
        my $targetIPv4Table = <<'END';

     

       
555
       
555
       
+
       
        10.0.0.0/16 scope link mtu 1500 

     

       
556
       
556
       
+
       
        192.168.1.0/24 proto kernel scope link src 192.168.1.2 

     

       
557
       
557
       
+
       
        192.168.2.0/24 via 192.168.1.1 

     

       
558
       
558
       
+
       
        END

     

       
559
       
559
       
+
       


     

       
560
       
560
       
+
       
        my $targetIPv6Table = <<'END';

     

       
561
       
561
       
+
       
        2001:1470:fffd:2097::/64 proto kernel metric 256 pref medium

     

       
562
       
562
       
+
       
        2001:1470:fffd:2098::/64 via fdfd:b3f0::1 metric 1024 pref medium

     

       
563
       
563
       
+
       
        fdfd:b3f0::/48 metric 1024 pref medium

     

       
564
       
564
       
+
       
        END

     

       
565
       
565
       
+
       


     

       
566
       
566
       
+
       
        $machine->start;

     

       
567
       
567
       
+
       
        $machine->waitForUnit("network.target");

     

       
568
       
568
       
+
       


     

       
569
       
569
       
+
       
        # test routing tables

     

       
570
       
570
       
+
       
        my $ipv4Table = $machine->succeed("ip -4 route list dev eth0 | head -n3");

     

       
571
       
571
       
+
       
        my $ipv6Table = $machine->succeed("ip -6 route list dev eth0 | head -n3");

     

       
572
       
572
       
+
       
        "$ipv4Table" eq "$targetIPv4Table" or die(

     

       
573
       
573
       
+
       
          "The IPv4 routing table does not match the expected one:\n",

     

       
574
       
574
       
+
       
          "Result:\n", "$ipv4Table\n",

     

       
575
       
575
       
+
       
          "Expected:\n", "$targetIPv4Table\n"

     

       
576
       
576
       
+
       
        );

     

       
577
       
577
       
+
       
        "$ipv6Table" eq "$targetIPv6Table" or die(

     

       
578
       
578
       
+
       
          "The IPv6 routing table does not match the expected one:\n",

     

       
579
       
579
       
+
       
          "Result:\n", "$ipv6Table\n",

     

       
580
       
580
       
+
       
          "Expected:\n", "$targetIPv6Table\n"

     

       
581
       
581
       
+
       
        );

     

       
582
       
582
       
+
       


     

       
583
       
583
       
+
       
        # test clean-up of the tables

     

       
584
       
584
       
+
       
        $machine->succeed("systemctl stop network-addresses-eth0");

     

       
585
       
585
       
+
       
        my $ipv4Residue = $machine->succeed("ip -4 route list dev eth0 | head -n-3");

     

       
586
       
586
       
+
       
        my $ipv6Residue = $machine->succeed("ip -6 route list dev eth0 | head -n-3");

     

       
587
       
587
       
+
       
        $ipv4Residue eq "" or die(

     

       
588
       
588
       
+
       
          "The IPv4 routing table has not been properly cleaned:\n",

     

       
589
       
589
       
+
       
          "$ipv4Residue\n"

     

       
590
       
590
       
+
       
        );

     

       
591
       
591
       
+
       
        $ipv6Residue eq "" or die(

     

       
592
       
592
       
+
       
          "The IPv6 routing table has not been properly cleaned:\n",

     

       
593
       
593
       
+
       
          "$ipv6Residue\n"

     

       
594
       
594
       
+
       
        );

     

       
595
       
595
       
+
       
      '';

     

       
535
       
596
       
 
       
    };

     

       
536
       
597
       
 
       
  };

     

       
537
       
598
       
 
       


     

···

       
15
       
15
       
 
       
    clientv4 = { lib, nodes, ... }: {

     

       
16
       
16
       
 
       
      imports = [ common ];

     

       
17
       
17
       
 
       
      networking.nameservers = lib.mkForce [

     

       
18
       
18
       
-
       
        nodes.server.config.networking.interfaces.eth1.ipAddress

     

       
18
       
18
       
+
       
        (lib.head nodes.server.config.networking.interfaces.eth1.ipv4.addresses).address

     

       
19
       
19
       
 
       
      ];

     

       
20
       
20
       
-
       
      networking.interfaces.eth1.ipAddress = "192.168.0.2";

     

       
21
       
21
       
-
       
      networking.interfaces.eth1.prefixLength = 24;

     

       
20
       
20
       
+
       
      networking.interfaces.eth1.ipv4.addresses = [

     

       
21
       
21
       
+
       
        { address = "192.168.0.2"; prefixLength = 24; }

     

       
22
       
22
       
+
       
      ];

     

       
22
       
23
       
 
       
    };

     

       
23
       
24
       
 
       


     

       
24
       
25
       
 
       
    clientv6 = { lib, nodes, ... }: {

     

       
25
       
26
       
 
       
      imports = [ common ];

     

       
26
       
27
       
 
       
      networking.nameservers = lib.mkForce [

     

       
27
       
27
       
-
       
        nodes.server.config.networking.interfaces.eth1.ipv6Address

     

       
28
       
28
       
+
       
        (lib.head nodes.server.config.networking.interfaces.eth1.ipv6.addresses).address

     

       
28
       
29
       
 
       
      ];

     

       
29
       
29
       
-
       
      networking.interfaces.eth1.ipv6Address = "dead:beef::2";

     

       
30
       
30
       
+
       
      networking.interfaces.eth1.ipv4.addresses = [

     

       
31
       
31
       
+
       
        { address = "dead:beef::2"; prefixLength = 24; }

     

       
32
       
32
       
+
       
      ];

     

       
30
       
33
       
 
       
    };

     

       
31
       
34
       
 
       


     

       
32
       
35
       
 
       
    server = { lib, ... }: {

     

       
33
       
36
       
 
       
      imports = [ common ];

     

       
34
       
34
       
-
       
      networking.interfaces.eth1.ipAddress = "192.168.0.1";

     

       
35
       
35
       
-
       
      networking.interfaces.eth1.prefixLength = 24;

     

       
36
       
36
       
-
       
      networking.interfaces.eth1.ipv6Address = "dead:beef::1";

     

       
37
       
37
       
+
       
      networking.interfaces.eth1.ipv4.addresses = [

     

       
38
       
38
       
+
       
        { address = "192.168.0.1"; prefixLength = 24; }

     

       
39
       
39
       
+
       
      ];

     

       
40
       
40
       
+
       
      networking.interfaces.eth1.ipv6.addresses = [

     

       
41
       
41
       
+
       
        { address = "dead:beef::1"; prefixLength = 64; }

     

       
42
       
42
       
+
       
      ];

     

       
37
       
43
       
 
       
      services.nsd.enable = true;

     

       
38
       
44
       
 
       
      services.nsd.interfaces = lib.mkForce [];

     

       
39
       
45
       
 
       
      services.nsd.zones."example.com.".data = ''

     

···

       
8
       
8
       
 
       
import ./make-test.nix ({ pkgs, ... }:

     

       
9
       
9
       
 
       
  let

     

       
10
       
10
       
 
       


     

       
11
       
11
       
-
       
    ifAddr = node: iface: (pkgs.lib.head node.config.networking.interfaces.${iface}.ip4).address;

     

       
11
       
11
       
+
       
    ifAddr = node: iface: (pkgs.lib.head node.config.networking.interfaces.${iface}.ipv4.addresses).address;

     

       
12
       
12
       
 
       


     

       
13
       
13
       
 
       
    ospfConf = ''

     

       
14
       
14
       
 
       
      interface eth2