nixos/tests: add babeld

author: Martin Weinelt <hexa@darmstadt.ccc.de> 2019-10-12 01:30:55 +0200
committer: Martin Weinelt <hexa@darmstadt.ccc.de> 2019-10-12 15:35:53 +0200
commit: 97d29590286349570d87df0bd0dfd0775c0dc349 (patch)
tree: 8cb7298ff2931fbc5e43a9370983182114eb18fa /nixos/tests/babeld.nix
parent: 1c165f5d4a6faf552c084b364d3e33b9c5e54ecd (diff)
1 files changed, 148 insertions, 0 deletions
diff --git a/nixos/tests/babeld.nix b/nixos/tests/babeld.nix
new file mode 100644
index 000000000000..5242cf395d70
--- /dev/null
+++ b/nixos/tests/babeld.nix
@@ -0,0 +1,148 @@
+
+import ./make-test.nix ({ pkgs, lib, ...} : {
+  name = "babeld";
+  meta = with pkgs.stdenv.lib.maintainers; {
+    maintainers = [ hexa ];
+  };
+
+  nodes =
+    { client = { pkgs, lib, ... }:
+      {
+        virtualisation.vlans = [ 10 ];
+
+        networking = {
+          useDHCP = false;
+          interfaces."eth1" = {
+            ipv4.addresses = lib.mkForce [ { address = "192.168.10.2"; prefixLength = 24; } ];
+            ipv4.routes = lib.mkForce [ { address = "0.0.0.0"; prefixLength = 0; via = "192.168.10.1"; } ];
+            ipv6.addresses = lib.mkForce [ { address = "2001:db8:10::2"; prefixLength = 64; } ];
+            ipv6.routes = lib.mkForce [ { address = "::"; prefixLength = 0; via = "2001:db8:10::1"; } ];
+          };
+        };
+      };
+
+      localRouter = { pkgs, lib, ... }:
+      {
+        virtualisation.vlans = [ 10 20 ];
+
+        boot.kernel.sysctl."net.ipv4.conf.all.forwarding" = 1;
+        boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
+
+        networking = {
+          useDHCP = false;
+          firewall.enable = false;
+
+          interfaces."eth1" = {
+            ipv4.addresses = lib.mkForce [ { address = "192.168.10.1"; prefixLength = 24; } ];
+            ipv6.addresses = lib.mkForce [ { address = "2001:db8:10::1"; prefixLength = 64; } ];
+          };
+
+          interfaces."eth2" = {
+            ipv4.addresses = lib.mkForce [ { address = "192.168.20.1"; prefixLength = 24; } ];
+            ipv6.addresses = lib.mkForce [ { address = "2001:db8:20::1"; prefixLength = 64; } ];
+          };
+        };
+
+        services.babeld = {
+          enable = true;
+          interfaces.eth2 = {
+            hello-interval = 1;
+            type = "wired";
+          };
+          extraConfig = ''
+            local-port-readwrite 33123
+
+            import-table 254 # main
+            export-table 254 # main
+
+            in ip 192.168.10.0/24 deny
+            in ip 192.168.20.0/24 deny
+            in ip 2001:db8:10::/64 deny
+            in ip 2001:db8:20::/64 deny
+
+            in ip 192.168.30.0/24 allow
+            in ip 2001:db8:30::/64 allow
+
+            in deny
+
+            redistribute local proto 2
+            redistribute local deny
+          '';
+        };
+      };
+      remoteRouter = { pkgs, lib, ... }:
+      {
+        virtualisation.vlans = [ 20 30 ];
+
+        boot.kernel.sysctl."net.ipv4.conf.all.forwarding" = 1;
+        boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
+
+        networking = {
+          useDHCP = false;
+          firewall.enable = false;
+
+          interfaces."eth1" = {
+            ipv4.addresses = lib.mkForce [ { address = "192.168.20.2"; prefixLength = 24; } ];
+            ipv6.addresses = lib.mkForce [ { address = "2001:db8:20::2"; prefixLength = 64; } ];
+          };
+
+          interfaces."eth2" = {
+            ipv4.addresses = lib.mkForce [ { address = "192.168.30.1"; prefixLength = 24; } ];
+            ipv6.addresses = lib.mkForce [ { address = "2001:db8:30::1"; prefixLength = 64; } ];
+          };
+        };
+
+        services.babeld = {
+          enable = true;
+          interfaces.eth1 = {
+            hello-interval = 1;
+            type = "wired";
+          };
+          extraConfig = ''
+            local-port-readwrite 33123
+
+            import-table 254 # main
+            export-table 254 # main
+
+            in ip 192.168.20.0/24 deny
+            in ip 192.168.30.0/24 deny
+            in ip 2001:db8:20::/64 deny
+            in ip 2001:db8:30::/64 deny
+
+            in ip 192.168.10.0/24 allow
+            in ip 2001:db8:10::/64 allow
+
+            in deny
+
+            redistribute local proto 2
+            redistribute local deny
+          '';
+        };
+
+      };
+    };
+
+  testScript =
+    ''
+      startAll;
+
+      $client->waitForUnit("network-online.target");
+      $localRouter->waitForUnit("network-online.target");
+      $remoteRouter->waitForUnit("network-online.target");
+
+      $localRouter->waitForUnit("babeld.service");
+      $remoteRouter->waitForUnit("babeld.service");
+
+      $localRouter->waitUntilSucceeds("ip route get 192.168.30.1");
+      $localRouter->waitUntilSucceeds("ip route get 2001:db8:30::1");
+
+      $remoteRouter->waitUntilSucceeds("ip route get 192.168.10.1");
+      $remoteRouter->waitUntilSucceeds("ip route get 2001:db8:10::1");
+
+      $client->succeed("ping -c1 192.168.30.1");
+      $client->succeed("ping -c1 2001:db8:30::1");
+
+      $remoteRouter->succeed("ping -c1 192.168.10.2");
+      $remoteRouter->succeed("ping -c1 2001:db8:10::2");
+    '';
+})
author	Martin Weinelt <hexa@darmstadt.ccc.de>	2019-10-12 01:30:55 +0200
committer	Martin Weinelt <hexa@darmstadt.ccc.de>	2019-10-12 15:35:53 +0200
commit	97d29590286349570d87df0bd0dfd0775c0dc349 (patch)
tree	8cb7298ff2931fbc5e43a9370983182114eb18fa /nixos/tests/babeld.nix
parent	1c165f5d4a6faf552c084b364d3e33b9c5e54ecd (diff)