diff options
author | pennae <82953136+pennae@users.noreply.github.com> | 2022-03-18 15:43:03 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-03-18 15:43:03 +0000 |
commit | e8bfc4d4a85b0432c44e91dd5cb5c49a60aa0870 (patch) | |
tree | d982a33dc2feef524ef63668233c320229860779 | |
parent | 4585fc03be78c9f45598209d7938456437b8ead3 (diff) | |
parent | 0a62de4cd5b82357b308231897f070706ffdfd4e (diff) | |
download | nixpkgs-e8bfc4d4a85b0432c44e91dd5cb5c49a60aa0870.tar nixpkgs-e8bfc4d4a85b0432c44e91dd5cb5c49a60aa0870.tar.gz nixpkgs-e8bfc4d4a85b0432c44e91dd5cb5c49a60aa0870.tar.bz2 nixpkgs-e8bfc4d4a85b0432c44e91dd5cb5c49a60aa0870.tar.lz nixpkgs-e8bfc4d4a85b0432c44e91dd5cb5c49a60aa0870.tar.xz nixpkgs-e8bfc4d4a85b0432c44e91dd5cb5c49a60aa0870.tar.zst nixpkgs-e8bfc4d4a85b0432c44e91dd5cb5c49a60aa0870.zip |
Merge pull request #164367 from jpathy/patch-2
networking.greTunnels: support ip6gre*
-rw-r--r-- | nixos/modules/tasks/network-interfaces.nix | 15 | ||||
-rw-r--r-- | nixos/tests/networking.nix | 33 |
2 files changed, 44 insertions, 4 deletions
diff --git a/nixos/modules/tasks/network-interfaces.nix b/nixos/modules/tasks/network-interfaces.nix index 06117ab451d..01980b80f1c 100644 --- a/nixos/modules/tasks/network-interfaces.nix +++ b/nixos/modules/tasks/network-interfaces.nix @@ -1021,6 +1021,12 @@ in dev = "enp4s0f0"; type = "tap"; }; + gre6Tunnel = { + remote = "fd7a:5634::1"; + local = "fd7a:5634::2"; + dev = "enp4s0f0"; + type = "tun6"; + }; } ''; description = '' @@ -1058,10 +1064,15 @@ in }; type = mkOption { - type = with types; enum [ "tun" "tap" ]; + type = with types; enum [ "tun" "tap" "tun6" "tap6" ]; default = "tap"; example = "tap"; - apply = v: if v == "tun" then "gre" else "gretap"; + apply = v: { + tun = "gre"; + tap = "gretap"; + tun6 = "ip6gre"; + tap6 = "ip6gretap"; + }.${v}; description = '' Whether the tunnel routes layer 2 (tap) or layer 3 (tun) traffic. ''; diff --git a/nixos/tests/networking.nix b/nixos/tests/networking.nix index 8c9df19f2d5..b763cbd4665 100644 --- a/nixos/tests/networking.nix +++ b/nixos/tests/networking.nix @@ -498,6 +498,7 @@ let networking = { useNetworkd = networkd; useDHCP = false; + firewall.extraCommands = "ip6tables -A nixos-fw -p gre -j nixos-fw-accept"; }; }; in { @@ -506,7 +507,7 @@ let mkMerge [ (node args) { - virtualisation.vlans = [ 1 2 ]; + virtualisation.vlans = [ 1 2 4 ]; networking = { greTunnels = { greTunnel = { @@ -515,12 +516,24 @@ let dev = "eth2"; type = "tap"; }; + gre6Tunnel = { + local = "fd00:1234:5678:4::1"; + remote = "fd00:1234:5678:4::2"; + dev = "eth3"; + type = "tun6"; + }; }; bridges.bridge.interfaces = [ "greTunnel" "eth1" ]; interfaces.eth1.ipv4.addresses = mkOverride 0 []; interfaces.bridge.ipv4.addresses = mkOverride 0 [ { address = "192.168.1.1"; prefixLength = 24; } ]; + interfaces.eth3.ipv6.addresses = [ + { address = "fd00:1234:5678:4::1"; prefixLength = 64; } + ]; + interfaces.gre6Tunnel.ipv6.addresses = mkOverride 0 [ + { address = "fc00::1"; prefixLength = 64; } + ]; }; } ]; @@ -528,7 +541,7 @@ let mkMerge [ (node args) { - virtualisation.vlans = [ 2 3 ]; + virtualisation.vlans = [ 2 3 4 ]; networking = { greTunnels = { greTunnel = { @@ -537,12 +550,24 @@ let dev = "eth1"; type = "tap"; }; + gre6Tunnel = { + local = "fd00:1234:5678:4::2"; + remote = "fd00:1234:5678:4::1"; + dev = "eth3"; + type = "tun6"; + }; }; bridges.bridge.interfaces = [ "greTunnel" "eth2" ]; interfaces.eth2.ipv4.addresses = mkOverride 0 []; interfaces.bridge.ipv4.addresses = mkOverride 0 [ { address = "192.168.1.2"; prefixLength = 24; } ]; + interfaces.eth3.ipv6.addresses = [ + { address = "fd00:1234:5678:4::2"; prefixLength = 64; } + ]; + interfaces.gre6Tunnel.ipv6.addresses = mkOverride 0 [ + { address = "fc00::2"; prefixLength = 64; } + ]; }; } ]; @@ -562,6 +587,10 @@ let client1.wait_until_succeeds("ping -c 1 192.168.1.2") client2.wait_until_succeeds("ping -c 1 192.168.1.1") + + client1.wait_until_succeeds("ping -c 1 fc00::2") + + client2.wait_until_succeeds("ping -c 1 fc00::1") ''; }; vlan = let |