···
1
-
{ system ? builtins.currentSystem,
3
-
pkgs ? import ../.. { inherit system config; }
6
-
with import ../lib/testing-python.nix { inherit system pkgs; };
···
description = "Mock webserver";
wants = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
26
-
serviceConfig.Restart = "always";
···
# This test simulates the setup described in [1] with two IPv6 and
# IPv4-only devices on different subnets communicating through a border
# relay running Jool in SIIT mode.
···
meta.maintainers = with lib.maintainers; [ rnhmjoj ];
52
-
nodes.relay = { ... }: {
53
-
imports = [ ../modules/profiles/minimal.nix ];
virtualisation.vlans = [ 1 2 ];
···
eth2.ipv4.addresses = [ { address = "192.0.2.1"; prefixLength = 24; } ];
71
-
siit.config.global.pool6 = "fd::/96";
61
+
networking.jool.enable = true;
62
+
networking.jool.siit.default.global.pool6 = "fd::/96";
76
-
nodes.alice = { ... }: {
78
-
../modules/profiles/minimal.nix
80
-
(webserver 6 "Hello, Bob!")
67
+
imports = [ ipv6Only (webserver 6 "Hello, Bob!") ];
virtualisation.vlans = [ 1 ];
networking.interfaces.eth1.ipv6 = {
···
92
-
nodes.bob = { ... }: {
94
-
../modules/profiles/minimal.nix
96
-
(webserver 4 "Hello, Alice!")
79
+
imports = [ ipv4Only (webserver 4 "Hello, Alice!") ];
virtualisation.vlans = [ 2 ];
networking.interfaces.eth1.ipv4 = {
···
110
-
relay.wait_for_unit("jool-siit.service")
92
+
relay.wait_for_unit("jool-siit-default.service")
alice.wait_for_unit("network-addresses-eth1.service")
bob.wait_for_unit("network-addresses-eth1.service")
with subtest("Alice and Bob can't ping each other"):
115
-
relay.systemctl("stop jool-siit.service")
97
+
relay.systemctl("stop jool-siit-default.service")
alice.fail("ping -c1 fd::192.0.2.16")
bob.fail("ping -c1 198.51.100.8")
with subtest("Alice and Bob can ping using the relay"):
120
-
relay.systemctl("start jool-siit.service")
102
+
relay.systemctl("start jool-siit-default.service")
alice.wait_until_succeeds("ping -c1 fd::192.0.2.16")
bob.wait_until_succeeds("ping -c1 198.51.100.8")
···
# This test simulates the setup described in [1] with two IPv6-only nodes
# (a client and a homeserver) on the LAN subnet and an IPv4 node on the WAN.
# The router runs Jool in stateful NAT64 mode, masquarading the LAN and
···
meta.maintainers = with lib.maintainers; [ rnhmjoj ];
145
-
nodes.router = { ... }: {
146
-
imports = [ ../modules/profiles/minimal.nix ];
virtualisation.vlans = [ 1 2 ];
···
eth2.ipv4.addresses = [ { address = "203.0.113.1"; prefixLength = 24; } ];
161
-
networking.jool = {
163
-
nat64.enable = true;
166
-
{ # forward HTTP 203.0.113.1 (router) → 2001:db8::9 (homeserver)
167
-
"protocol" = "TCP";
168
-
"ipv4 address" = "203.0.113.1#80";
169
-
"ipv6 address" = "2001:db8::9#80";
173
-
# Ports for dynamic translation
174
-
{ protocol = "TCP"; prefix = "203.0.113.1/32"; "port range" = "40001-65535"; }
175
-
{ protocol = "UDP"; prefix = "203.0.113.1/32"; "port range" = "40001-65535"; }
176
-
{ protocol = "ICMP"; prefix = "203.0.113.1/32"; "port range" = "40001-65535"; }
177
-
# Ports for static BIB entries
178
-
{ protocol = "TCP"; prefix = "203.0.113.1/32"; "port range" = "80"; }
142
+
networking.jool.enable = true;
143
+
networking.jool.nat64.default = {
145
+
{ # forward HTTP 203.0.113.1 (router) → 2001:db8::9 (homeserver)
146
+
"protocol" = "TCP";
147
+
"ipv4 address" = "203.0.113.1#80";
148
+
"ipv6 address" = "2001:db8::9#80";
152
+
# Ports for dynamic translation
153
+
{ protocol = "TCP"; prefix = "203.0.113.1/32"; "port range" = "40001-65535"; }
154
+
{ protocol = "UDP"; prefix = "203.0.113.1/32"; "port range" = "40001-65535"; }
155
+
{ protocol = "ICMP"; prefix = "203.0.113.1/32"; "port range" = "40001-65535"; }
156
+
# Ports for static BIB entries
157
+
{ protocol = "TCP"; prefix = "203.0.113.1/32"; "port range" = "80"; }
185
-
nodes.client = { ... }: {
186
-
imports = [ ../modules/profiles/minimal.nix ipv6Only ];
164
+
imports = [ ipv6Only ];
virtualisation.vlans = [ 1 ];
networking.interfaces.eth1.ipv6 = {
···
197
-
nodes.homeserver = { ... }: {
199
-
../modules/profiles/minimal.nix
201
-
(webserver 6 "Hello from IPv6!")
175
+
nodes.homeserver = {
176
+
imports = [ ipv6Only (webserver 6 "Hello from IPv6!") ];
virtualisation.vlans = [ 1 ];
networking.interfaces.eth1.ipv6 = {
···
213
-
nodes.server = { ... }: {
215
-
../modules/profiles/minimal.nix
217
-
(webserver 4 "Hello from IPv4!")
188
+
imports = [ ipv4Only (webserver 4 "Hello from IPv4!") ];
virtualisation.vlans = [ 2 ];
networking.interfaces.eth1.ipv4.addresses =
···
node.wait_for_unit("network-addresses-eth1.service")
with subtest("Client can ping the WAN server"):
232
-
router.wait_for_unit("jool-nat64.service")
202
+
router.wait_for_unit("jool-nat64-default.service")
client.succeed("ping -c1 64:ff9b::203.0.113.16")
with subtest("Client can connect to the WAN webserver"):
pyrox.dev