networking test: test IPv6 with RA and DHCPv6

author: Nikolay Amiantov <ab@fmap.me> 2017-01-14 19:01:46 +0300
committer: Nikolay Amiantov <ab@fmap.me> 2017-01-15 19:53:17 +0300
commit: 86755d923b201e2e450cf08af0ec8260d00b39a9 (patch)
tree: 4237146c78bc0095d19b6a0db22eee1710cb6d9a /nixos
parent: 820b4cd067c3965f219b135adf773e3ea334774d (diff)
download: nixpkgs-86755d923b201e2e450cf08af0ec8260d00b39a9.tar
nixpkgs-86755d923b201e2e450cf08af0ec8260d00b39a9.tar.gz
nixpkgs-86755d923b201e2e450cf08af0ec8260d00b39a9.tar.bz2
nixpkgs-86755d923b201e2e450cf08af0ec8260d00b39a9.tar.lz
nixpkgs-86755d923b201e2e450cf08af0ec8260d00b39a9.tar.xz
nixpkgs-86755d923b201e2e450cf08af0ec8260d00b39a9.tar.zst
nixpkgs-86755d923b201e2e450cf08af0ec8260d00b39a9.zip
1 files changed, 53 insertions, 5 deletions
diff --git a/nixos/tests/networking.nix b/nixos/tests/networking.nix
index 17d4a878d3a..83103f35d48 100644
--- a/nixos/tests/networking.nix
+++ b/nixos/tests/networking.nix
@@ -10,29 +10,61 @@ let
       vlanIfs = range 1 (length config.virtualisation.vlans);
     in {
       virtualisation.vlans = [ 1 2 3 ];
+      boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = true;
       networking = {
         useDHCP = false;
         useNetworkd = networkd;
         firewall.allowPing = true;
+        firewall.checkReversePath = true;
+        firewall.allowedUDPPorts = [ 547 ];
         interfaces = mkOverride 0 (listToAttrs (flip map vlanIfs (n:
           nameValuePair "eth${toString n}" {
             ipAddress = "192.168.${toString n}.1";
             prefixLength = 24;
+            ipv6Address = "fd00:1234:5678:${toString n}::1";
+            ipv6PrefixLength = 64;
           })));
       };
-      services.dhcpd = {
+      services.dhcpd4 = {
         enable = true;
         interfaces = map (n: "eth${toString n}") vlanIfs;
         extraConfig = ''
-          option subnet-mask 255.255.255.0;
+          authoritative;
         '' + flip concatMapStrings vlanIfs (n: ''
           subnet 192.168.${toString n}.0 netmask 255.255.255.0 {
-            option broadcast-address 192.168.${toString n}.255;
             option routers 192.168.${toString n}.1;
+            # XXX: technically it's _not guaranteed_ that IP addresses will be
+            # issued from the first item in range onwards! We assume that in
+            # our tests however.
             range 192.168.${toString n}.2 192.168.${toString n}.254;
           }
         '');
       };
+      services.radvd = {
+        enable = true;
+        config = flip concatMapStrings vlanIfs (n: ''
+          interface eth${toString n} {
+            AdvSendAdvert on;
+            AdvManagedFlag on;
+            AdvOtherConfigFlag on;
+
+            prefix fd00:1234:5678:${toString n}::/64 {
+              AdvAutonomous off;
+            };
+          };
+        '');
+      };
+      services.dhcpd6 = {
+        enable = true;
+        interfaces = map (n: "eth${toString n}") vlanIfs;
+        extraConfig = ''
+          authoritative;
+        '' + flip concatMapStrings vlanIfs (n: ''
+          subnet6 fd00:1234:5678:${toString n}::/64 {
+            range6 fd00:1234:5678:${toString n}::2 fd00:1234:5678:${toString n}::2;
+          }
+        '');
+      };
     };
 
   testCases = {
@@ -108,8 +140,14 @@ let
           useNetworkd = networkd;
           firewall.allowPing = true;
           useDHCP = true;
-          interfaces.eth1.ip4 = mkOverride 0 [ ];
-          interfaces.eth2.ip4 = mkOverride 0 [ ];
+          interfaces.eth1 = {
+            ip4 = mkOverride 0 [ ];
+            ip6 = mkOverride 0 [ ];
+          };
+          interfaces.eth2 = {
+            ip4 = mkOverride 0 [ ];
+            ip6 = mkOverride 0 [ ];
+          };
         };
       };
       testScript = { nodes, ... }:
@@ -121,21 +159,31 @@ let
 
           # Wait until we have an ip address on each interface
           $client->waitUntilSucceeds("ip addr show dev eth1 | grep -q '192.168.1'");
+          $client->waitUntilSucceeds("ip addr show dev eth1 | grep -q 'fd00:1234:5678:1:'");
           $client->waitUntilSucceeds("ip addr show dev eth2 | grep -q '192.168.2'");
+          $client->waitUntilSucceeds("ip addr show dev eth2 | grep -q 'fd00:1234:5678:2:'");
 
           # Test vlan 1
           $client->waitUntilSucceeds("ping -c 1 192.168.1.1");
           $client->waitUntilSucceeds("ping -c 1 192.168.1.2");
+          $client->waitUntilSucceeds("ping6 -c 1 fd00:1234:5678:1::1");
+          $client->waitUntilSucceeds("ping6 -c 1 fd00:1234:5678:1::2");
 
           $router->waitUntilSucceeds("ping -c 1 192.168.1.1");
           $router->waitUntilSucceeds("ping -c 1 192.168.1.2");
+          $router->waitUntilSucceeds("ping6 -c 1 fd00:1234:5678:1::1");
+          $router->waitUntilSucceeds("ping6 -c 1 fd00:1234:5678:1::2");
 
           # Test vlan 2
           $client->waitUntilSucceeds("ping -c 1 192.168.2.1");
           $client->waitUntilSucceeds("ping -c 1 192.168.2.2");
+          $client->waitUntilSucceeds("ping6 -c 1 fd00:1234:5678:2::1");
+          $client->waitUntilSucceeds("ping6 -c 1 fd00:1234:5678:2::2");
 
           $router->waitUntilSucceeds("ping -c 1 192.168.2.1");
           $router->waitUntilSucceeds("ping -c 1 192.168.2.2");
+          $router->waitUntilSucceeds("ping6 -c 1 fd00:1234:5678:2::1");
+          $router->waitUntilSucceeds("ping6 -c 1 fd00:1234:5678:2::2");
         '';
     };
     dhcpOneIf = {
author	Nikolay Amiantov <ab@fmap.me>	2017-01-14 19:01:46 +0300
committer	Nikolay Amiantov <ab@fmap.me>	2017-01-15 19:53:17 +0300
commit	86755d923b201e2e450cf08af0ec8260d00b39a9 (patch)
tree	4237146c78bc0095d19b6a0db22eee1710cb6d9a /nixos
parent	820b4cd067c3965f219b135adf773e3ea334774d (diff)
download	nixpkgs-86755d923b201e2e450cf08af0ec8260d00b39a9.tar nixpkgs-86755d923b201e2e450cf08af0ec8260d00b39a9.tar.gz nixpkgs-86755d923b201e2e450cf08af0ec8260d00b39a9.tar.bz2 nixpkgs-86755d923b201e2e450cf08af0ec8260d00b39a9.tar.lz nixpkgs-86755d923b201e2e450cf08af0ec8260d00b39a9.tar.xz nixpkgs-86755d923b201e2e450cf08af0ec8260d00b39a9.tar.zst nixpkgs-86755d923b201e2e450cf08af0ec8260d00b39a9.zip