mirror of
https://github.com/systemd/systemd.git
synced 2024-12-25 01:34:28 +03:00
cb386795c2
Same as the DHCPv4 test.
8247 lines
366 KiB
Python
Executable File
8247 lines
366 KiB
Python
Executable File
#!/usr/bin/env python3
|
|
# SPDX-License-Identifier: LGPL-2.1-or-later
|
|
# systemd-networkd tests
|
|
|
|
# These tests can be executed in the systemd mkosi image when booted in QEMU. After booting the QEMU VM,
|
|
# simply run this file which can be found in the VM at /usr/lib/systemd/tests/testdata/test-network/systemd-networkd-tests.py.
|
|
#
|
|
# To run an individual test, specify it as a command line argument in the form
|
|
# of <class>.<test_function>. E.g. the NetworkdMTUTests class has a test
|
|
# function called test_ipv6_mtu(). To run just that test use:
|
|
#
|
|
# sudo ./systemd-networkd-tests.py NetworkdMTUTests.test_ipv6_mtu
|
|
#
|
|
# Similarly, other individual tests can be run, eg.:
|
|
#
|
|
# sudo ./systemd-networkd-tests.py NetworkdNetworkTests.test_ipv6_neigh_retrans_time
|
|
|
|
import argparse
|
|
import datetime
|
|
import enum
|
|
import errno
|
|
import itertools
|
|
import ipaddress
|
|
import json
|
|
import os
|
|
import pathlib
|
|
import random
|
|
import re
|
|
import shutil
|
|
import signal
|
|
import socket
|
|
import struct
|
|
import subprocess
|
|
import sys
|
|
import time
|
|
import unittest
|
|
|
|
import psutil
|
|
|
|
network_unit_dir = '/run/systemd/network'
|
|
networkd_conf_dropin_dir = '/run/systemd/networkd.conf.d'
|
|
networkd_ci_temp_dir = '/run/networkd-ci'
|
|
udev_rules_dir = '/run/udev/rules.d'
|
|
credstore_dir = '/run/credstore'
|
|
|
|
dnsmasq_pid_file = '/run/networkd-ci/test-dnsmasq.pid'
|
|
dnsmasq_log_file = '/run/networkd-ci/test-dnsmasq.log'
|
|
dnsmasq_lease_file = '/run/networkd-ci/test-dnsmasq.lease'
|
|
|
|
isc_dhcpd_pid_file = '/run/networkd-ci/test-isc-dhcpd.pid'
|
|
isc_dhcpd_lease_file = '/run/networkd-ci/test-isc-dhcpd.lease'
|
|
|
|
radvd_pid_file = '/run/networkd-ci/test-radvd.pid'
|
|
|
|
systemd_lib_paths = ['/usr/lib/systemd', '/lib/systemd']
|
|
which_paths = ':'.join(systemd_lib_paths + os.getenv('PATH', os.defpath).lstrip(':').split(':'))
|
|
|
|
networkd_bin = shutil.which('systemd-networkd', path=which_paths)
|
|
resolved_bin = shutil.which('systemd-resolved', path=which_paths)
|
|
timesyncd_bin = shutil.which('systemd-timesyncd', path=which_paths)
|
|
wait_online_bin = shutil.which('systemd-networkd-wait-online', path=which_paths)
|
|
networkctl_bin = shutil.which('networkctl', path=which_paths)
|
|
resolvectl_bin = shutil.which('resolvectl', path=which_paths)
|
|
timedatectl_bin = shutil.which('timedatectl', path=which_paths)
|
|
udevadm_bin = shutil.which('udevadm', path=which_paths)
|
|
test_ndisc_send = None
|
|
build_dir = None
|
|
source_dir = None
|
|
|
|
use_valgrind = False
|
|
valgrind_cmd = ''
|
|
enable_debug = True
|
|
env = {}
|
|
wait_online_env = {}
|
|
asan_options = None
|
|
lsan_options = None
|
|
ubsan_options = None
|
|
with_coverage = False
|
|
show_journal = True # When true, show journal on stopping networkd.
|
|
|
|
active_units = []
|
|
protected_links = {
|
|
'erspan0',
|
|
'gre0',
|
|
'gretap0',
|
|
'ifb0',
|
|
'ifb1',
|
|
'ip6_vti0',
|
|
'ip6gre0',
|
|
'ip6tnl0',
|
|
'ip_vti0',
|
|
'lo',
|
|
'sit0',
|
|
'tunl0',
|
|
}
|
|
saved_routes = None
|
|
saved_ipv4_rules = None
|
|
saved_ipv6_rules = None
|
|
saved_timezone = None
|
|
|
|
def rm_f(path):
|
|
if os.path.exists(path):
|
|
os.remove(path)
|
|
|
|
def rm_rf(path):
|
|
shutil.rmtree(path, ignore_errors=True)
|
|
|
|
def cp(src, dst):
|
|
shutil.copy(src, dst)
|
|
|
|
def cp_r(src, dst):
|
|
shutil.copytree(src, dst, copy_function=shutil.copy, dirs_exist_ok=True)
|
|
|
|
def mkdir_p(path):
|
|
os.makedirs(path, exist_ok=True)
|
|
|
|
def touch(path):
|
|
pathlib.Path(path).touch()
|
|
|
|
# pylint: disable=R1710
|
|
def check_output(*command, **kwargs):
|
|
# This checks the result and returns stdout (and stderr) on success.
|
|
command = command[0].split() + list(command[1:])
|
|
ret = subprocess.run(command, check=False, universal_newlines=True, stdout=subprocess.PIPE, stderr=subprocess.STDOUT, **kwargs)
|
|
if ret.returncode == 0:
|
|
return ret.stdout.rstrip()
|
|
# When returncode != 0, print stdout and stderr, then trigger CalledProcessError.
|
|
print(ret.stdout)
|
|
ret.check_returncode()
|
|
|
|
def call(*command, **kwargs):
|
|
# This returns returncode. stdout and stderr are merged and shown in console
|
|
command = command[0].split() + list(command[1:])
|
|
return subprocess.run(command, check=False, universal_newlines=True, stderr=subprocess.STDOUT, **kwargs).returncode
|
|
|
|
def call_check(*command, **kwargs):
|
|
# Same as call() above, but it triggers CalledProcessError if rc != 0
|
|
command = command[0].split() + list(command[1:])
|
|
return subprocess.run(command, check=False, universal_newlines=True, stderr=subprocess.STDOUT, **kwargs).check_returncode()
|
|
|
|
def call_quiet(*command, **kwargs):
|
|
command = command[0].split() + list(command[1:])
|
|
return subprocess.run(command, check=False, universal_newlines=True, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL, **kwargs).returncode
|
|
|
|
def run(*command, **kwargs):
|
|
# This returns CompletedProcess instance.
|
|
command = command[0].split() + list(command[1:])
|
|
return subprocess.run(command, check=False, universal_newlines=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, **kwargs)
|
|
|
|
def check_json(string):
|
|
try:
|
|
json.loads(string)
|
|
except json.JSONDecodeError:
|
|
print(f"String is not a valid JSON: '{string}'")
|
|
raise
|
|
|
|
def is_module_available(*module_names):
|
|
for module_name in module_names:
|
|
lsmod_output = check_output('lsmod')
|
|
module_re = re.compile(rf'^{re.escape(module_name)}\b', re.MULTILINE)
|
|
if not module_re.search(lsmod_output) and call_quiet('modprobe', module_name) != 0:
|
|
return False
|
|
return True
|
|
|
|
def expectedFailureIfModuleIsNotAvailable(*module_names):
|
|
def f(func):
|
|
return func if is_module_available(*module_names) else unittest.expectedFailure(func)
|
|
|
|
return f
|
|
|
|
def expectedFailureIfERSPANv0IsNotSupported():
|
|
# erspan version 0 is supported since f989d546a2d5a9f001f6f8be49d98c10ab9b1897 (v5.8)
|
|
def f(func):
|
|
rc = call_quiet('ip link add dev erspan99 type erspan seq key 30 local 192.168.1.4 remote 192.168.1.1 erspan_ver 0')
|
|
remove_link('erspan99')
|
|
return func if rc == 0 else unittest.expectedFailure(func)
|
|
|
|
return f
|
|
|
|
def expectedFailureIfERSPANv2IsNotSupported():
|
|
# erspan version 2 is supported since f551c91de262ba36b20c3ac19538afb4f4507441 (v4.16)
|
|
def f(func):
|
|
rc = call_quiet('ip link add dev erspan99 type erspan seq key 30 local 192.168.1.4 remote 192.168.1.1 erspan_ver 2')
|
|
remove_link('erspan99')
|
|
return func if rc == 0 else unittest.expectedFailure(func)
|
|
|
|
return f
|
|
|
|
def expectedFailureIfRoutingPolicyPortRangeIsNotAvailable():
|
|
def f(func):
|
|
rc = call_quiet('ip rule add from 192.168.100.19 sport 1123-1150 dport 3224-3290 table 7')
|
|
call_quiet('ip rule del from 192.168.100.19 sport 1123-1150 dport 3224-3290 table 7')
|
|
return func if rc == 0 else unittest.expectedFailure(func)
|
|
|
|
return f
|
|
|
|
def expectedFailureIfRoutingPolicyIPProtoIsNotAvailable():
|
|
def f(func):
|
|
# IP protocol name is parsed by getprotobyname(), and it requires /etc/protocols.
|
|
# Hence. here we use explicit number: 6 == tcp.
|
|
rc = call_quiet('ip rule add not from 192.168.100.19 ipproto 6 table 7')
|
|
call_quiet('ip rule del not from 192.168.100.19 ipproto 6 table 7')
|
|
return func if rc == 0 else unittest.expectedFailure(func)
|
|
|
|
return f
|
|
|
|
def expectedFailureIfRoutingPolicyUIDRangeIsNotAvailable():
|
|
def f(func):
|
|
supported = False
|
|
if call_quiet('ip rule add from 192.168.100.19 table 7 uidrange 200-300') == 0:
|
|
ret = run('ip rule list from 192.168.100.19 table 7')
|
|
supported = ret.returncode == 0 and 'uidrange 200-300' in ret.stdout
|
|
call_quiet('ip rule del from 192.168.100.19 table 7 uidrange 200-300')
|
|
return func if supported else unittest.expectedFailure(func)
|
|
|
|
return f
|
|
|
|
def expectedFailureIfRoutingPolicyL3MasterDeviceIsNotAvailable():
|
|
def f(func):
|
|
rc = call_quiet('ip rule add not from 192.168.100.19 l3mdev')
|
|
call_quiet('ip rule del not from 192.168.100.19 l3mdev')
|
|
return func if rc == 0 else unittest.expectedFailure(func)
|
|
|
|
return f
|
|
|
|
def expectedFailureIfNexthopIsNotAvailable():
|
|
def f(func):
|
|
rc = call_quiet('ip nexthop list')
|
|
return func if rc == 0 else unittest.expectedFailure(func)
|
|
|
|
return f
|
|
|
|
def expectedFailureIfRTA_VIAIsNotSupported():
|
|
def f(func):
|
|
call_quiet('ip link add dummy98 type dummy')
|
|
call_quiet('ip link set up dev dummy98')
|
|
call_quiet('ip route add 2001:1234:5:8fff:ff:ff:ff:fe/128 dev dummy98')
|
|
rc = call_quiet('ip route add 10.10.10.10 via inet6 2001:1234:5:8fff:ff:ff:ff:fe dev dummy98')
|
|
remove_link('dummy98')
|
|
return func if rc == 0 else unittest.expectedFailure(func)
|
|
|
|
return f
|
|
|
|
def expectedFailureIfAlternativeNameIsNotAvailable():
|
|
def f(func):
|
|
call_quiet('ip link add dummy98 type dummy')
|
|
supported = \
|
|
call_quiet('ip link prop add dev dummy98 altname hogehogehogehogehoge') == 0 and \
|
|
call_quiet('ip link show dev hogehogehogehogehoge') == 0
|
|
remove_link('dummy98')
|
|
return func if supported else unittest.expectedFailure(func)
|
|
|
|
return f
|
|
|
|
def expectedFailureIfNetdevsimWithSRIOVIsNotAvailable():
|
|
def f(func):
|
|
def finalize(func, supported):
|
|
call_quiet('rmmod netdevsim')
|
|
return func if supported else unittest.expectedFailure(func)
|
|
|
|
call_quiet('rmmod netdevsim')
|
|
if call_quiet('modprobe netdevsim') != 0:
|
|
return finalize(func, False)
|
|
|
|
try:
|
|
with open('/sys/bus/netdevsim/new_device', mode='w', encoding='utf-8') as f:
|
|
f.write('99 1')
|
|
except OSError:
|
|
return finalize(func, False)
|
|
|
|
return finalize(func, os.path.exists('/sys/bus/netdevsim/devices/netdevsim99/sriov_numvfs'))
|
|
|
|
return f
|
|
|
|
def expectedFailureIfKernelReturnsInvalidFlags():
|
|
'''
|
|
This checks the kernel bug caused by 3ddc2231c8108302a8229d3c5849ee792a63230d (v6.9),
|
|
fixed by 1af7f88af269c4e06a4dc3bc920ff6cdf7471124 (v6.10, backported to 6.9.3).
|
|
'''
|
|
def f(func):
|
|
call_quiet('ip link add dummy98 type dummy')
|
|
call_quiet('ip link set up dev dummy98')
|
|
call_quiet('ip address add 192.0.2.1/24 dev dummy98 noprefixroute')
|
|
output = check_output('ip address show dev dummy98')
|
|
remove_link('dummy98')
|
|
return func if 'noprefixroute' in output else unittest.expectedFailure(func)
|
|
|
|
return f
|
|
|
|
# pylint: disable=C0415
|
|
def compare_kernel_version(min_kernel_version):
|
|
try:
|
|
import platform
|
|
from packaging import version
|
|
except ImportError:
|
|
print('Failed to import either platform or packaging module, assuming the comparison failed')
|
|
return False
|
|
|
|
# Get only the actual kernel version without any build/distro/arch stuff
|
|
# e.g. '5.18.5-200.fc36.x86_64' -> '5.18.5'
|
|
kver = platform.release().split('-')[0]
|
|
# Get also rid of '+'
|
|
kver = kver.split('+')[0]
|
|
|
|
return version.parse(kver) >= version.parse(min_kernel_version)
|
|
|
|
def copy_network_unit(*units, copy_dropins=True):
|
|
"""
|
|
Copy networkd unit files into the testbed.
|
|
|
|
Any networkd unit file type can be specified, as well as drop-in files.
|
|
|
|
By default, all drop-ins for a specified unit file are copied in;
|
|
to avoid that specify dropins=False.
|
|
|
|
When a drop-in file is specified, its unit file is also copied in automatically.
|
|
"""
|
|
has_link = False
|
|
mkdir_p(network_unit_dir)
|
|
for unit in units:
|
|
if copy_dropins and os.path.exists(os.path.join(networkd_ci_temp_dir, unit + '.d')):
|
|
cp_r(os.path.join(networkd_ci_temp_dir, unit + '.d'), os.path.join(network_unit_dir, unit + '.d'))
|
|
|
|
if unit.endswith('.conf'):
|
|
dropin = unit
|
|
unit = os.path.dirname(dropin).rstrip('.d')
|
|
dropindir = os.path.join(network_unit_dir, unit + '.d')
|
|
mkdir_p(dropindir)
|
|
cp(os.path.join(networkd_ci_temp_dir, dropin), dropindir)
|
|
|
|
cp(os.path.join(networkd_ci_temp_dir, unit), network_unit_dir)
|
|
|
|
if unit.endswith('.link'):
|
|
has_link = True
|
|
|
|
if has_link:
|
|
udevadm_reload()
|
|
|
|
def copy_credential(src, target):
|
|
mkdir_p(credstore_dir)
|
|
cp(os.path.join(networkd_ci_temp_dir, src),
|
|
os.path.join(credstore_dir, target))
|
|
|
|
def remove_network_unit(*units):
|
|
"""
|
|
Remove previously copied unit files from the testbed.
|
|
|
|
Drop-ins will be removed automatically.
|
|
"""
|
|
has_link = False
|
|
for unit in units:
|
|
rm_f(os.path.join(network_unit_dir, unit))
|
|
rm_rf(os.path.join(network_unit_dir, unit + '.d'))
|
|
|
|
if unit.endswith('.link') or unit.endswith('.link.d'):
|
|
has_link = True
|
|
|
|
if has_link:
|
|
udevadm_reload()
|
|
|
|
def clear_network_units():
|
|
has_link = False
|
|
if os.path.exists(network_unit_dir):
|
|
units = os.listdir(network_unit_dir)
|
|
for unit in units:
|
|
if unit.endswith('.link') or unit.endswith('.link.d'):
|
|
has_link = True
|
|
|
|
rm_rf(network_unit_dir)
|
|
|
|
if has_link:
|
|
udevadm_reload()
|
|
|
|
def copy_networkd_conf_dropin(*dropins):
|
|
"""Copy networkd.conf dropin files into the testbed."""
|
|
mkdir_p(networkd_conf_dropin_dir)
|
|
for dropin in dropins:
|
|
cp(os.path.join(networkd_ci_temp_dir, dropin), networkd_conf_dropin_dir)
|
|
|
|
def remove_networkd_conf_dropin(*dropins):
|
|
"""Remove previously copied networkd.conf dropin files from the testbed."""
|
|
for dropin in dropins:
|
|
rm_f(os.path.join(networkd_conf_dropin_dir, dropin))
|
|
|
|
def clear_networkd_conf_dropins():
|
|
rm_rf(networkd_conf_dropin_dir)
|
|
|
|
def setup_systemd_udev_rules():
|
|
if not build_dir and not source_dir:
|
|
return
|
|
|
|
mkdir_p(udev_rules_dir)
|
|
|
|
for path in [build_dir, source_dir]:
|
|
if not path:
|
|
continue
|
|
|
|
path = os.path.join(path, "rules.d")
|
|
print(f"Copying udev rules from {path} to {udev_rules_dir}")
|
|
|
|
for rule in os.listdir(path):
|
|
if not rule.endswith(".rules"):
|
|
continue
|
|
cp(os.path.join(path, rule), udev_rules_dir)
|
|
|
|
def clear_networkd_state_files():
|
|
rm_rf('/var/lib/systemd/network/')
|
|
|
|
def copy_udev_rule(*rules):
|
|
"""Copy udev rules"""
|
|
mkdir_p(udev_rules_dir)
|
|
for rule in rules:
|
|
cp(os.path.join(networkd_ci_temp_dir, rule), udev_rules_dir)
|
|
|
|
def remove_udev_rule(*rules):
|
|
"""Remove previously copied udev rules"""
|
|
for rule in rules:
|
|
rm_f(os.path.join(udev_rules_dir, rule))
|
|
|
|
def clear_udev_rules():
|
|
rm_rf(udev_rules_dir)
|
|
|
|
def save_active_units():
|
|
for u in ['systemd-networkd.socket', 'systemd-networkd.service',
|
|
'systemd-resolved.service', 'systemd-timesyncd.service',
|
|
'firewalld.service']:
|
|
if call(f'systemctl is-active --quiet {u}') == 0:
|
|
call(f'systemctl stop {u}')
|
|
active_units.append(u)
|
|
|
|
def restore_active_units():
|
|
if 'systemd-networkd.socket' in active_units:
|
|
call('systemctl stop systemd-networkd.socket systemd-networkd.service')
|
|
for u in active_units:
|
|
call(f'systemctl restart {u}')
|
|
|
|
def create_unit_dropin(unit, contents):
|
|
mkdir_p(f'/run/systemd/system/{unit}.d')
|
|
with open(f'/run/systemd/system/{unit}.d/00-override.conf', mode='w', encoding='utf-8') as f:
|
|
f.write('\n'.join(contents))
|
|
|
|
def create_service_dropin(service, command, additional_settings=None):
|
|
drop_in = ['[Service]']
|
|
if command:
|
|
drop_in += [
|
|
'ExecStart=',
|
|
f'ExecStart=!!{valgrind_cmd}{command}',
|
|
]
|
|
if enable_debug:
|
|
drop_in += ['Environment=SYSTEMD_LOG_LEVEL=debug']
|
|
if asan_options:
|
|
drop_in += [f'Environment=ASAN_OPTIONS="{asan_options}"']
|
|
if lsan_options:
|
|
drop_in += [f'Environment=LSAN_OPTIONS="{lsan_options}"']
|
|
if ubsan_options:
|
|
drop_in += [f'Environment=UBSAN_OPTIONS="{ubsan_options}"']
|
|
if asan_options or lsan_options or ubsan_options:
|
|
drop_in += ['SystemCallFilter=']
|
|
if use_valgrind or asan_options or lsan_options or ubsan_options:
|
|
drop_in += ['MemoryDenyWriteExecute=no']
|
|
if use_valgrind:
|
|
drop_in += [
|
|
'Environment=SYSTEMD_MEMPOOL=0',
|
|
'PrivateTmp=yes',
|
|
]
|
|
if with_coverage:
|
|
drop_in += [
|
|
'ProtectSystem=no',
|
|
'ProtectHome=no',
|
|
]
|
|
if additional_settings:
|
|
drop_in += additional_settings
|
|
|
|
create_unit_dropin(f'{service}.service', drop_in)
|
|
|
|
def setup_system_units():
|
|
if build_dir or source_dir:
|
|
mkdir_p('/run/systemd/system/')
|
|
|
|
for unit in [
|
|
'systemd-networkd.service',
|
|
'systemd-networkd.socket',
|
|
'systemd-networkd-persistent-storage.service',
|
|
'systemd-resolved.service',
|
|
'systemd-timesyncd.service',
|
|
'systemd-udevd.service',
|
|
]:
|
|
for path in [build_dir, source_dir]:
|
|
if not path:
|
|
continue
|
|
|
|
fullpath = os.path.join(os.path.join(path, "units"), unit)
|
|
if os.path.exists(fullpath):
|
|
print(f"Copying unit file from {fullpath} to /run/systemd/system/")
|
|
cp(fullpath, '/run/systemd/system/')
|
|
break
|
|
|
|
create_service_dropin('systemd-networkd', networkd_bin,
|
|
['[Service]',
|
|
'Restart=no',
|
|
'Environment=SYSTEMD_NETWORK_TEST_MODE=yes',
|
|
'[Unit]',
|
|
'StartLimitIntervalSec=0'])
|
|
create_service_dropin('systemd-resolved', resolved_bin)
|
|
create_service_dropin('systemd-timesyncd', timesyncd_bin)
|
|
|
|
# TODO: also run udevd with sanitizers, valgrind, or coverage
|
|
create_unit_dropin(
|
|
'systemd-udevd.service',
|
|
[
|
|
'[Service]',
|
|
'ExecStart=',
|
|
f'ExecStart=!!@{udevadm_bin} systemd-udevd',
|
|
]
|
|
)
|
|
create_unit_dropin(
|
|
'systemd-networkd.socket',
|
|
[
|
|
'[Unit]',
|
|
'StartLimitIntervalSec=0',
|
|
]
|
|
)
|
|
create_unit_dropin(
|
|
'systemd-networkd-persistent-storage.service',
|
|
[
|
|
'[Unit]',
|
|
'StartLimitIntervalSec=0',
|
|
'[Service]',
|
|
'ExecStart=',
|
|
f'ExecStart={networkctl_bin} persistent-storage yes',
|
|
'ExecStop=',
|
|
f'ExecStop={networkctl_bin} persistent-storage no',
|
|
'Environment=SYSTEMD_LOG_LEVEL=debug' if enable_debug else '',
|
|
]
|
|
)
|
|
|
|
check_output('systemctl daemon-reload')
|
|
print(check_output('systemctl cat systemd-networkd.service'))
|
|
print(check_output('systemctl cat systemd-networkd-persistent-storage.service'))
|
|
print(check_output('systemctl cat systemd-resolved.service'))
|
|
print(check_output('systemctl cat systemd-timesyncd.service'))
|
|
print(check_output('systemctl cat systemd-udevd.service'))
|
|
check_output('systemctl restart systemd-resolved.service')
|
|
check_output('systemctl restart systemd-timesyncd.service')
|
|
check_output('systemctl restart systemd-udevd.service')
|
|
|
|
def clear_system_units():
|
|
def rm_unit(name):
|
|
rm_f(f'/run/systemd/system/{name}')
|
|
rm_rf(f'/run/systemd/system/{name}.d')
|
|
|
|
rm_unit('systemd-networkd.service')
|
|
rm_unit('systemd-networkd.socket')
|
|
rm_unit('systemd-networkd-persistent-storage.service')
|
|
rm_unit('systemd-resolved.service')
|
|
rm_unit('systemd-timesyncd.service')
|
|
rm_unit('systemd-udevd.service')
|
|
check_output('systemctl daemon-reload')
|
|
check_output('systemctl restart systemd-udevd.service')
|
|
|
|
def link_exists(*links):
|
|
for link in links:
|
|
if call_quiet(f'ip link show {link}') != 0:
|
|
return False
|
|
return True
|
|
|
|
def link_resolve(link):
|
|
return check_output(f'ip link show {link}').split(':')[1].strip().split('@')[0]
|
|
|
|
def remove_link(*links, protect=False):
|
|
for link in links:
|
|
if protect and link in protected_links:
|
|
continue
|
|
if link_exists(link):
|
|
call(f'ip link del dev {link}')
|
|
|
|
def save_existing_links():
|
|
links = os.listdir('/sys/class/net')
|
|
for link in links:
|
|
if link_exists(link):
|
|
protected_links.add(link)
|
|
|
|
print('### The following links will be protected:')
|
|
print(', '.join(sorted(list(protected_links))))
|
|
|
|
def unmanage_existing_links():
|
|
mkdir_p(network_unit_dir)
|
|
|
|
with open(os.path.join(network_unit_dir, '00-unmanaged.network'), mode='w', encoding='utf-8') as f:
|
|
f.write('[Match]\n')
|
|
for link in protected_links:
|
|
f.write(f'Name={link}\n')
|
|
f.write('\n[Link]\nUnmanaged=yes\n')
|
|
|
|
def flush_links():
|
|
links = os.listdir('/sys/class/net')
|
|
remove_link(*links, protect=True)
|
|
|
|
def flush_nexthops():
|
|
# Currently, the 'ip nexthop' command does not have 'save' and 'restore'.
|
|
# Hence, we cannot restore nexthops in a simple way.
|
|
# Let's assume there is no nexthop used in the system
|
|
call_quiet('ip nexthop flush')
|
|
|
|
def save_routes():
|
|
# pylint: disable=global-statement
|
|
global saved_routes
|
|
saved_routes = check_output('ip route show table all')
|
|
print('### The following routes will be protected:')
|
|
print(saved_routes)
|
|
|
|
def flush_routes():
|
|
have = False
|
|
output = check_output('ip route show table all')
|
|
for line in output.splitlines():
|
|
if line in saved_routes:
|
|
continue
|
|
if 'proto kernel' in line:
|
|
continue
|
|
if ' dev ' in line and not ' dev lo ' in line:
|
|
continue
|
|
if not have:
|
|
have = True
|
|
print('### Removing routes that did not exist when the test started.')
|
|
print(f'# {line}')
|
|
call(f'ip route del {line}')
|
|
|
|
def save_routing_policy_rules():
|
|
# pylint: disable=global-statement
|
|
global saved_ipv4_rules, saved_ipv6_rules
|
|
def save(ipv):
|
|
output = check_output(f'ip -{ipv} rule show')
|
|
print(f'### The following IPv{ipv} routing policy rules will be protected:')
|
|
print(output)
|
|
return output
|
|
|
|
saved_ipv4_rules = save(4)
|
|
saved_ipv6_rules = save(6)
|
|
|
|
def flush_routing_policy_rules():
|
|
def flush(ipv, saved_rules):
|
|
have = False
|
|
output = check_output(f'ip -{ipv} rule show')
|
|
for line in output.splitlines():
|
|
if line in saved_rules:
|
|
continue
|
|
if not have:
|
|
have = True
|
|
print(f'### Removing IPv{ipv} routing policy rules that did not exist when the test started.')
|
|
print(f'# {line}')
|
|
words = line.replace('lookup [l3mdev-table]', 'l3mdev').replace('[detached]', '').split()
|
|
priority = words[0].rstrip(':')
|
|
call(f'ip -{ipv} rule del priority {priority} ' + ' '.join(words[1:]))
|
|
|
|
flush(4, saved_ipv4_rules)
|
|
flush(6, saved_ipv6_rules)
|
|
|
|
def flush_fou_ports():
|
|
ret = run('ip fou show')
|
|
if ret.returncode != 0:
|
|
return # fou may not be supported
|
|
for line in ret.stdout.splitlines():
|
|
port = line.split()[1]
|
|
call(f'ip fou del port {port}')
|
|
|
|
def flush_l2tp_tunnels():
|
|
tids = []
|
|
ret = run('ip l2tp show tunnel')
|
|
if ret.returncode != 0:
|
|
return # l2tp may not be supported
|
|
for line in ret.stdout.splitlines():
|
|
words = line.split()
|
|
if words[0] == 'Tunnel':
|
|
tid = words[1].rstrip(',')
|
|
call(f'ip l2tp del tunnel tunnel_id {tid}')
|
|
tids.append(tid)
|
|
|
|
# Removing L2TP tunnel is asynchronous and slightly takes a time.
|
|
for tid in tids:
|
|
for _ in range(50):
|
|
r = run(f'ip l2tp show tunnel tunnel_id {tid}')
|
|
if r.returncode != 0 or len(r.stdout.rstrip()) == 0:
|
|
break
|
|
time.sleep(.2)
|
|
else:
|
|
print(f'Cannot remove L2TP tunnel {tid}, ignoring.')
|
|
|
|
def save_timezone():
|
|
# pylint: disable=global-statement
|
|
global saved_timezone
|
|
r = run(*timedatectl_cmd, 'show', '--value', '--property', 'Timezone', env=env)
|
|
if r.returncode == 0:
|
|
saved_timezone = r.stdout.rstrip()
|
|
print(f'### Saved timezone: {saved_timezone}')
|
|
|
|
def restore_timezone():
|
|
if saved_timezone:
|
|
call(*timedatectl_cmd, 'set-timezone', f'{saved_timezone}', env=env)
|
|
|
|
def read_link_attr(*args):
|
|
with open(os.path.join('/sys/class/net', *args), encoding='utf-8') as f:
|
|
return f.readline().strip()
|
|
|
|
def read_manager_state_file():
|
|
with open('/run/systemd/netif/state', encoding='utf-8') as f:
|
|
return f.read()
|
|
|
|
def read_link_state_file(link):
|
|
ifindex = read_link_attr(link, 'ifindex')
|
|
path = os.path.join('/run/systemd/netif/links', ifindex)
|
|
with open(path, encoding='utf-8') as f:
|
|
return f.read()
|
|
|
|
def read_ip_sysctl_attr(link, attribute, ipv):
|
|
with open(os.path.join('/proc/sys/net', ipv, 'conf', link, attribute), encoding='utf-8') as f:
|
|
return f.readline().strip()
|
|
|
|
def read_ip_neigh_sysctl_attr(link, attribute, ipv):
|
|
with open(os.path.join('/proc/sys/net', ipv, 'neigh', link, attribute), encoding='utf-8') as f:
|
|
return f.readline().strip()
|
|
|
|
def read_ipv6_sysctl_attr(link, attribute):
|
|
return read_ip_sysctl_attr(link, attribute, 'ipv6')
|
|
|
|
def read_ipv6_neigh_sysctl_attr(link, attribute):
|
|
return read_ip_neigh_sysctl_attr(link, attribute, 'ipv6')
|
|
|
|
def read_ipv4_sysctl_attr(link, attribute):
|
|
return read_ip_sysctl_attr(link, attribute, 'ipv4')
|
|
|
|
def stop_by_pid_file(pid_file):
|
|
if not os.path.exists(pid_file):
|
|
return
|
|
with open(pid_file, 'r', encoding='utf-8') as f:
|
|
pid = f.read().rstrip(' \t\r\n\0')
|
|
os.kill(int(pid), signal.SIGTERM)
|
|
for _ in range(25):
|
|
try:
|
|
os.kill(int(pid), 0)
|
|
print(f"PID {pid} is still alive, waiting...")
|
|
time.sleep(.2)
|
|
except OSError as e:
|
|
if e.errno == errno.ESRCH:
|
|
break
|
|
print(f"Unexpected exception when waiting for {pid} to die: {e.errno}")
|
|
rm_f(pid_file)
|
|
|
|
def dnr_v4_instance_data(adn, addrs=None, prio=1, alpns=("dot",), dohpath=None):
|
|
b = bytes()
|
|
pack = lambda c, w=1: struct.pack('>' + "_BH_I"[w], len(c)) + c
|
|
pyton = lambda n, w=2: struct.pack('>' + "_BH_I"[w], n)
|
|
ipv4 = ipaddress.IPv4Address
|
|
class SvcParam(enum.Enum):
|
|
ALPN = 1
|
|
DOHPATH = 7
|
|
|
|
data = pyton(prio)
|
|
|
|
adn = adn.rstrip('.') + '.'
|
|
data += pack(b.join(pack(label.encode('ascii')) for label in adn.split('.')))
|
|
|
|
if not addrs: # adn-only mode
|
|
return pack(data, 2)
|
|
|
|
data += pack(b.join(ipv4(addr).packed for addr in addrs))
|
|
data += pyton(SvcParam.ALPN.value) + pack(b.join(pack(alpn.encode('ascii')) for alpn in alpns), 2)
|
|
if dohpath is not None:
|
|
data += pyton(SvcParam.DOHPATH.value) + pack(dohpath.encode('utf-8'), 2)
|
|
|
|
return pack(data, 2)
|
|
|
|
def dnr_v6_instance_data(adn, addrs=None, prio=1, alpns=("dot",), dohpath=None):
|
|
b = bytes()
|
|
pack = lambda c, w=1: struct.pack('>' + "_BH_I"[w], len(c)) + c
|
|
pyton = lambda n, w=2: struct.pack('>' + "_BH_I"[w], n)
|
|
ipv6 = ipaddress.IPv6Address
|
|
class SvcParam(enum.Enum):
|
|
ALPN = 1
|
|
DOHPATH = 7
|
|
|
|
data = pyton(prio)
|
|
|
|
adn = adn.rstrip('.') + '.'
|
|
data += pack(b.join(pack(label.encode('ascii')) for label in adn.split('.')), 2)
|
|
|
|
if not addrs: # adn-only mode
|
|
return data
|
|
|
|
data += pack(b.join(ipv6(addr).packed for addr in addrs), 2)
|
|
data += pyton(SvcParam.ALPN.value) + pack(b.join(pack(alpn.encode('ascii')) for alpn in alpns), 2)
|
|
if dohpath is not None:
|
|
data += pyton(SvcParam.DOHPATH.value) + pack(dohpath.encode('utf-8'), 2)
|
|
|
|
return data
|
|
|
|
def start_dnsmasq(*additional_options, interface='veth-peer', ra_mode=None, ipv4_range='192.168.5.10,192.168.5.200', ipv4_router='192.168.5.1', ipv6_range='2600::10,2600::20'):
|
|
if ra_mode:
|
|
ra_mode = f',{ra_mode}'
|
|
else:
|
|
ra_mode = ''
|
|
|
|
command = (
|
|
'dnsmasq',
|
|
f'--log-facility={dnsmasq_log_file}',
|
|
'--log-queries=extra',
|
|
'--log-dhcp',
|
|
f'--pid-file={dnsmasq_pid_file}',
|
|
'--conf-file=/dev/null',
|
|
'--bind-interfaces',
|
|
f'--interface={interface}',
|
|
f'--dhcp-leasefile={dnsmasq_lease_file}',
|
|
'--enable-ra',
|
|
f'--dhcp-range={ipv6_range}{ra_mode},2m',
|
|
f'--dhcp-range={ipv4_range},2m',
|
|
'--dhcp-option=option:mtu,1492',
|
|
f'--dhcp-option=option:router,{ipv4_router}',
|
|
'--port=0',
|
|
'--no-resolv',
|
|
) + additional_options
|
|
check_output(*command)
|
|
|
|
def stop_dnsmasq():
|
|
stop_by_pid_file(dnsmasq_pid_file)
|
|
rm_f(dnsmasq_lease_file)
|
|
rm_f(dnsmasq_log_file)
|
|
|
|
def read_dnsmasq_log_file():
|
|
with open(dnsmasq_log_file, encoding='utf-8') as f:
|
|
return f.read()
|
|
|
|
def start_isc_dhcpd(conf_file, ipv, interface='veth-peer'):
|
|
conf_file_path = os.path.join(networkd_ci_temp_dir, conf_file)
|
|
isc_dhcpd_command = f'dhcpd {ipv} -cf {conf_file_path} -lf {isc_dhcpd_lease_file} -pf {isc_dhcpd_pid_file} {interface}'
|
|
touch(isc_dhcpd_lease_file)
|
|
check_output(isc_dhcpd_command)
|
|
|
|
def stop_isc_dhcpd():
|
|
stop_by_pid_file(isc_dhcpd_pid_file)
|
|
rm_f(isc_dhcpd_lease_file)
|
|
|
|
def get_dbus_link_path(link):
|
|
out = subprocess.check_output(['busctl', 'call', 'org.freedesktop.network1',
|
|
'/org/freedesktop/network1', 'org.freedesktop.network1.Manager',
|
|
'GetLinkByName', 's', link])
|
|
|
|
assert out.startswith(b'io ')
|
|
out = out.strip()
|
|
assert out.endswith(b'"')
|
|
out = out.decode()
|
|
return out[:-1].split('"')[1]
|
|
|
|
def get_dhcp_client_state(link, family):
|
|
link_path = get_dbus_link_path(link)
|
|
|
|
out = subprocess.check_output(['busctl', 'get-property', 'org.freedesktop.network1',
|
|
link_path, f'org.freedesktop.network1.DHCPv{family}Client', 'State'])
|
|
assert out.startswith(b's "')
|
|
out = out.strip()
|
|
assert out.endswith(b'"')
|
|
return out[3:-1].decode()
|
|
|
|
def get_dhcp4_client_state(link):
|
|
return get_dhcp_client_state(link, '4')
|
|
|
|
def get_dhcp6_client_state(link):
|
|
return get_dhcp_client_state(link, '6')
|
|
|
|
def get_link_description(link):
|
|
link_path = get_dbus_link_path(link)
|
|
|
|
out = subprocess.check_output(['busctl', 'call', 'org.freedesktop.network1',
|
|
link_path, 'org.freedesktop.network1.Link', 'Describe'])
|
|
assert out.startswith(b's "')
|
|
out = out.strip()
|
|
assert out.endswith(b'"')
|
|
json_raw = out[2:].decode()
|
|
check_json(json_raw)
|
|
description = json.loads(json_raw) # Convert from escaped sequences to json
|
|
check_json(description)
|
|
return json.loads(description) # Now parse the json
|
|
|
|
def start_radvd(*additional_options, config_file):
|
|
config_file_path = os.path.join(networkd_ci_temp_dir, 'radvd', config_file)
|
|
command = (
|
|
'radvd',
|
|
f'--pidfile={radvd_pid_file}',
|
|
f'--config={config_file_path}',
|
|
'--logmethod=stderr',
|
|
) + additional_options
|
|
check_output(*command)
|
|
|
|
def stop_radvd():
|
|
stop_by_pid_file(radvd_pid_file)
|
|
|
|
def radvd_check_config(config_file):
|
|
if not shutil.which('radvd'):
|
|
print('radvd is not installed, assuming the config check failed')
|
|
return False
|
|
|
|
# Note: can't use networkd_ci_temp_dir here, as this command may run before that dir is
|
|
# set up (one instance is @unittest.skipX())
|
|
config_file_path = os.path.join(os.path.dirname(os.path.abspath(__file__)), 'conf/radvd', config_file)
|
|
return call(f'radvd --config={config_file_path} --configtest') == 0
|
|
|
|
def networkd_invocation_id():
|
|
return check_output('systemctl show --value -p InvocationID systemd-networkd.service')
|
|
|
|
def networkd_pid():
|
|
return check_output('systemctl show --value -p MainPID systemd-networkd.service')
|
|
|
|
def read_networkd_log(invocation_id=None, since=None):
|
|
if not invocation_id:
|
|
invocation_id = networkd_invocation_id()
|
|
command = [
|
|
'journalctl',
|
|
'--no-hostname',
|
|
'--output=short-monotonic',
|
|
f'_SYSTEMD_INVOCATION_ID={invocation_id}',
|
|
]
|
|
if since:
|
|
command.append(f'--since={since}')
|
|
check_output('journalctl --sync')
|
|
return check_output(*command)
|
|
|
|
def networkd_is_failed():
|
|
return call_quiet('systemctl is-failed -q systemd-networkd.service') != 1
|
|
|
|
def stop_networkd(show_logs=True):
|
|
global show_journal
|
|
show_logs = show_logs and show_journal
|
|
if show_logs:
|
|
invocation_id = networkd_invocation_id()
|
|
check_output('systemctl stop systemd-networkd.socket')
|
|
check_output('systemctl stop systemd-networkd.service')
|
|
if show_logs:
|
|
print(read_networkd_log(invocation_id))
|
|
# Check if networkd exits cleanly.
|
|
assert not networkd_is_failed()
|
|
|
|
def start_networkd():
|
|
check_output('systemctl start systemd-networkd')
|
|
invocation_id = networkd_invocation_id()
|
|
pid = networkd_pid()
|
|
print(f'Started systemd-networkd.service: PID={pid}, Invocation ID={invocation_id}')
|
|
|
|
def restart_networkd(show_logs=True):
|
|
global show_journal
|
|
show_logs = show_logs and show_journal
|
|
if show_logs:
|
|
invocation_id = networkd_invocation_id()
|
|
check_output('systemctl restart systemd-networkd.service')
|
|
if show_logs:
|
|
print(read_networkd_log(invocation_id))
|
|
|
|
invocation_id = networkd_invocation_id()
|
|
pid = networkd_pid()
|
|
print(f'Restarted systemd-networkd.service: PID={pid}, Invocation ID={invocation_id}')
|
|
|
|
def networkd_pid():
|
|
return int(check_output('systemctl show --value -p MainPID systemd-networkd.service'))
|
|
|
|
def networkctl(*args):
|
|
# Do not call networkctl if networkd is in failed state.
|
|
# Otherwise, networkd may be restarted and we may get wrong results.
|
|
assert not networkd_is_failed()
|
|
return check_output(*(networkctl_cmd + list(args)), env=env)
|
|
|
|
def networkctl_status(*args):
|
|
return networkctl('-n', '0', 'status', *args)
|
|
|
|
def networkctl_json(*args):
|
|
return networkctl('--json=short', 'status', *args)
|
|
|
|
def networkctl_reconfigure(*links):
|
|
networkctl('reconfigure', *links)
|
|
|
|
def networkctl_reload():
|
|
networkctl('reload')
|
|
|
|
def resolvectl(*args):
|
|
return check_output(*(resolvectl_cmd + list(args)), env=env)
|
|
|
|
def timedatectl(*args):
|
|
return check_output(*(timedatectl_cmd + list(args)), env=env)
|
|
|
|
def udevadm(*args):
|
|
return check_output(*(udevadm_cmd + list(args)))
|
|
|
|
def udevadm_reload():
|
|
udevadm('control', '--reload')
|
|
|
|
def udevadm_trigger(*args, action='add'):
|
|
udevadm('trigger', '--settle', f'--action={action}', *args)
|
|
|
|
def setup_common():
|
|
# Protect existing links
|
|
unmanage_existing_links()
|
|
|
|
# We usually show something in each test. So, let's break line to make the title of a test and output
|
|
# from the test mixed. Then, flush stream buffer and journals.
|
|
print()
|
|
sys.stdout.flush()
|
|
check_output('journalctl --sync')
|
|
|
|
def tear_down_common():
|
|
# 1. stop DHCP/RA servers
|
|
stop_dnsmasq()
|
|
stop_isc_dhcpd()
|
|
stop_radvd()
|
|
|
|
# 2. remove modules
|
|
call_quiet('rmmod netdevsim')
|
|
call_quiet('rmmod sch_teql')
|
|
|
|
# 3. remove network namespace
|
|
call_quiet('ip netns del ns99')
|
|
|
|
# 4. remove links
|
|
flush_l2tp_tunnels()
|
|
flush_links()
|
|
|
|
# 5. stop networkd
|
|
stop_networkd()
|
|
|
|
# 6. remove configs
|
|
clear_network_units()
|
|
clear_networkd_conf_dropins()
|
|
clear_networkd_state_files()
|
|
|
|
# 7. flush settings
|
|
flush_fou_ports()
|
|
flush_nexthops()
|
|
flush_routing_policy_rules()
|
|
flush_routes()
|
|
|
|
# 8. flush stream buffer and journals to make not any output from the test with the next one
|
|
sys.stdout.flush()
|
|
check_output('journalctl --sync')
|
|
|
|
def setUpModule():
|
|
rm_rf(networkd_ci_temp_dir)
|
|
cp_r(os.path.join(os.path.dirname(os.path.abspath(__file__)), 'conf'), networkd_ci_temp_dir)
|
|
|
|
clear_network_units()
|
|
clear_networkd_conf_dropins()
|
|
clear_networkd_state_files()
|
|
clear_udev_rules()
|
|
|
|
setup_systemd_udev_rules()
|
|
copy_udev_rule('00-debug-net.rules')
|
|
|
|
# Save current state
|
|
save_active_units()
|
|
save_existing_links()
|
|
save_routes()
|
|
save_routing_policy_rules()
|
|
save_timezone()
|
|
|
|
setup_system_units()
|
|
|
|
def tearDownModule():
|
|
rm_rf(networkd_ci_temp_dir)
|
|
clear_udev_rules()
|
|
clear_network_units()
|
|
clear_networkd_conf_dropins()
|
|
clear_networkd_state_files()
|
|
|
|
restore_timezone()
|
|
|
|
clear_system_units()
|
|
restore_active_units()
|
|
|
|
# Flush stream buffer and journals before showing the test summary.
|
|
sys.stdout.flush()
|
|
check_output('journalctl --sync')
|
|
|
|
class Utilities():
|
|
# pylint: disable=no-member
|
|
|
|
def check_link_exists(self, *link, expected=True):
|
|
if expected:
|
|
self.assertTrue(link_exists(*link))
|
|
else:
|
|
self.assertFalse(link_exists(*link))
|
|
|
|
def check_link_attr(self, *args):
|
|
self.assertEqual(read_link_attr(*args[:-1]), args[-1])
|
|
|
|
def check_bridge_port_attr(self, master, port, attribute, expected, allow_enoent=False):
|
|
path = os.path.join('/sys/devices/virtual/net', master, 'lower_' + port, 'brport', attribute)
|
|
if allow_enoent and not os.path.exists(path):
|
|
return
|
|
with open(path, encoding='utf-8') as f:
|
|
self.assertEqual(f.readline().strip(), expected)
|
|
|
|
def check_ipv4_sysctl_attr(self, link, attribute, expected):
|
|
self.assertEqual(read_ipv4_sysctl_attr(link, attribute), expected)
|
|
|
|
def check_ipv6_sysctl_attr(self, link, attribute, expected):
|
|
self.assertEqual(read_ipv6_sysctl_attr(link, attribute), expected)
|
|
|
|
def check_ipv6_neigh_sysctl_attr(self, link, attribute, expected):
|
|
self.assertEqual(read_ipv6_neigh_sysctl_attr(link, attribute), expected)
|
|
|
|
def wait_links(self, *links, trial=40):
|
|
for _ in range(trial):
|
|
if link_exists(*links):
|
|
break
|
|
time.sleep(0.5)
|
|
else:
|
|
self.fail('Timed out waiting for all links to be created: ' + ', '.join(list(links)))
|
|
|
|
def wait_activated(self, link, state='down', trial=40):
|
|
# wait for the interface is activated.
|
|
needle = f'{link}: Bringing link {state}'
|
|
flag = state.upper()
|
|
self.wait_links(link, trial=trial)
|
|
self.check_networkd_log(needle, trial=trial)
|
|
for _ in range(trial):
|
|
if flag in check_output(f'ip link show {link}'):
|
|
break
|
|
time.sleep(0.5)
|
|
else:
|
|
self.fail(f'Timed out waiting for {link} activated.')
|
|
|
|
def wait_operstate(self, link, operstate='degraded', setup_state='configured', setup_timeout=5, fail_assert=True):
|
|
"""Wait for the link to reach the specified operstate and/or setup state.
|
|
|
|
Specify None or '' for either operstate or setup_state to ignore that state.
|
|
This will recheck until the state conditions are met or the timeout expires.
|
|
|
|
If the link successfully matches the requested state, this returns True.
|
|
If this times out waiting for the link to match, the behavior depends on the
|
|
'fail_assert' parameter; if True, this causes a test assertion failure,
|
|
otherwise this returns False. The default is to cause assertion failure.
|
|
|
|
Note that this function matches on *exactly* the given operstate and setup_state.
|
|
To wait for a link to reach *or exceed* a given operstate, use wait_online().
|
|
"""
|
|
if not operstate:
|
|
operstate = r'\S+'
|
|
if not setup_state:
|
|
setup_state = r'\S+'
|
|
|
|
for _ in range(setup_timeout * 2):
|
|
if not link_exists(link):
|
|
time.sleep(0.5)
|
|
continue
|
|
output = networkctl_status(link)
|
|
if re.search(rf'(?m)^\s*State:\s+{operstate}\s+\({setup_state}\)\s*$', output):
|
|
return True
|
|
time.sleep(0.5)
|
|
|
|
if fail_assert:
|
|
self.fail(f'Timed out waiting for {link} to reach state {operstate}/{setup_state}')
|
|
return False
|
|
|
|
def wait_online(self, *links_with_operstate, timeout='20s', bool_any=False, ipv4=False, ipv6=False, setup_state='configured', setup_timeout=5):
|
|
"""Wait for the links to reach the specified operstate and/or setup state.
|
|
|
|
This is similar to wait_operstate() but can be used for multiple links,
|
|
and it also calls systemd-networkd-wait-online to wait for the given operstate.
|
|
The operstate should be specified in the link name, like 'eth0:degraded'.
|
|
If just a link name is provided, wait-online's default operstate to wait for is degraded.
|
|
|
|
The 'timeout' parameter controls the systemd-networkd-wait-online timeout, and the
|
|
'setup_timeout' controls the per-link timeout waiting for the setup_state.
|
|
|
|
Set 'bool_any' to True to wait for any (instead of all) of the given links.
|
|
If this is set, no setup_state checks are done.
|
|
|
|
Set 'ipv4' or 'ipv6' to True to wait for IPv4 address or IPv6 address, respectively, of each of the given links.
|
|
This is applied only for the operational state 'degraded' or above.
|
|
|
|
Note that this function waits for the links to reach *or exceed* the given operstate.
|
|
However, the setup_state, if specified, must be matched *exactly*.
|
|
|
|
This returns if the links reached the requested operstate/setup_state; otherwise it
|
|
raises CalledProcessError or fails test assertion.
|
|
"""
|
|
args = wait_online_cmd + [f'--timeout={timeout}'] + [f'--interface={link}' for link in links_with_operstate] + [f'--ignore={link}' for link in protected_links]
|
|
if bool_any:
|
|
args += ['--any']
|
|
if ipv4:
|
|
args += ['--ipv4']
|
|
if ipv6:
|
|
args += ['--ipv6']
|
|
try:
|
|
check_output(*args, env=wait_online_env)
|
|
except subprocess.CalledProcessError:
|
|
if networkd_is_failed():
|
|
print('!!!!! systemd-networkd.service is failed !!!!!')
|
|
call('systemctl status systemd-networkd.service')
|
|
else:
|
|
# show detailed status on failure
|
|
for link in links_with_operstate:
|
|
name = link.split(':')[0]
|
|
if link_exists(name):
|
|
print(networkctl_status(name))
|
|
else:
|
|
print(f'Interface {name} not found.')
|
|
raise
|
|
if not bool_any and setup_state:
|
|
for link in links_with_operstate:
|
|
self.wait_operstate(link.split(':')[0], None, setup_state, setup_timeout)
|
|
|
|
def wait_address(self, link, address_regex, scope='global', ipv='', timeout_sec=100):
|
|
for _ in range(timeout_sec * 2):
|
|
output = check_output(f'ip {ipv} address show dev {link} scope {scope}')
|
|
if re.search(address_regex, output) and 'tentative' not in output:
|
|
break
|
|
time.sleep(0.5)
|
|
|
|
self.assertRegex(output, address_regex)
|
|
|
|
def wait_address_dropped(self, link, address_regex, scope='global', ipv='', timeout_sec=100):
|
|
for _ in range(timeout_sec * 2):
|
|
output = check_output(f'ip {ipv} address show dev {link} scope {scope}')
|
|
if not re.search(address_regex, output):
|
|
break
|
|
time.sleep(0.5)
|
|
|
|
self.assertNotRegex(output, address_regex)
|
|
|
|
def wait_route(self, link, route_regex, table='main', ipv='', timeout_sec=100):
|
|
for _ in range(timeout_sec * 2):
|
|
output = check_output(f'ip {ipv} route show dev {link} table {table}')
|
|
if re.search(route_regex, output):
|
|
break
|
|
time.sleep(0.5)
|
|
|
|
self.assertRegex(output, route_regex)
|
|
|
|
def wait_route_dropped(self, link, route_regex, table='main', ipv='', timeout_sec=100):
|
|
for _ in range(timeout_sec * 2):
|
|
output = check_output(f'ip {ipv} route show dev {link} table {table}')
|
|
if not re.search(route_regex, output):
|
|
break
|
|
time.sleep(0.5)
|
|
|
|
self.assertNotRegex(output, route_regex)
|
|
|
|
def check_netlabel(self, interface, address, label='system_u:object_r:root_t:s0'):
|
|
if not shutil.which('selinuxenabled'):
|
|
print('## Checking NetLabel skipped: selinuxenabled command not found.')
|
|
elif call_quiet('selinuxenabled') != 0:
|
|
print('## Checking NetLabel skipped: SELinux disabled.')
|
|
elif not shutil.which('netlabelctl'): # not packaged by all distros
|
|
print('## Checking NetLabel skipped: netlabelctl command not found.')
|
|
else:
|
|
output = check_output('netlabelctl unlbl list')
|
|
print(output)
|
|
self.assertRegex(output, f'interface:{interface},address:{address},label:"{label}"')
|
|
|
|
def setup_nftset(self, filter_name, filter_type, flags=''):
|
|
if not shutil.which('nft'):
|
|
print('## Setting up NFT sets skipped: nft command not found.')
|
|
else:
|
|
if call(f'nft add table inet sd_test') != 0:
|
|
print('## Setting up NFT table failed.')
|
|
self.fail()
|
|
if call(f'nft add set inet sd_test {filter_name} {{ type {filter_type}; {flags} }}') != 0:
|
|
print('## Setting up NFT sets failed.')
|
|
self.fail()
|
|
|
|
def teardown_nftset(self, *filters):
|
|
if not shutil.which('nft'):
|
|
print('## Tearing down NFT sets skipped: nft command not found.')
|
|
else:
|
|
for filter_name in filters:
|
|
if call(f'nft delete set inet sd_test {filter_name}') != 0:
|
|
print('## Tearing down NFT sets failed.')
|
|
self.fail()
|
|
if call(f'nft delete table inet sd_test') != 0:
|
|
print('## Tearing down NFT table failed.')
|
|
self.fail()
|
|
|
|
def check_nftset(self, filter_name, contents):
|
|
if not shutil.which('nft'):
|
|
print('## Checking NFT sets skipped: nft command not found.')
|
|
else:
|
|
output = check_output(f'nft list set inet sd_test {filter_name}')
|
|
print(output)
|
|
self.assertRegex(output, r'.*elements = { [^}]*' + contents + r'[^}]* }.*')
|
|
|
|
def check_networkd_log(self, contents, since=None, trial=20):
|
|
for _ in range(trial):
|
|
if contents in read_networkd_log(since=since):
|
|
break
|
|
time.sleep(0.5)
|
|
else:
|
|
self.fail(f'"{contents}" not found in journal.')
|
|
|
|
def networkctl_check_unit(self, ifname, netdev_file=None, network_file=None, link_file=None):
|
|
output = networkctl_status(ifname)
|
|
print(output)
|
|
if netdev_file:
|
|
self.assertRegex(output, rf'NetDev File: .*/{netdev_file}\.netdev')
|
|
else:
|
|
self.assertNotIn('NetDev File:', output)
|
|
if network_file:
|
|
self.assertRegex(output, rf'Network File: .*/{network_file}\.network')
|
|
else:
|
|
self.assertIn('Network File: n/a', output)
|
|
if link_file:
|
|
self.assertRegex(output, rf'Link File: .*/{link_file}\.link')
|
|
|
|
class NetworkctlTests(unittest.TestCase, Utilities):
|
|
|
|
def setUp(self):
|
|
setup_common()
|
|
|
|
def tearDown(self):
|
|
tear_down_common()
|
|
|
|
@expectedFailureIfAlternativeNameIsNotAvailable()
|
|
def test_altname(self):
|
|
copy_network_unit('26-netdev-link-local-addressing-yes.network', '12-dummy.netdev', '12-dummy.link')
|
|
start_networkd()
|
|
self.wait_online('dummy98:degraded')
|
|
|
|
output = networkctl_status('dummy98')
|
|
self.assertRegex(output, 'hogehogehogehogehogehoge')
|
|
|
|
@expectedFailureIfAlternativeNameIsNotAvailable()
|
|
def test_rename_to_altname(self):
|
|
copy_network_unit('26-netdev-link-local-addressing-yes.network',
|
|
'12-dummy.netdev', '12-dummy-rename-to-altname.link')
|
|
start_networkd()
|
|
self.wait_online('dummyalt:degraded')
|
|
|
|
output = networkctl_status('dummyalt')
|
|
self.assertIn('hogehogehogehogehogehoge', output)
|
|
self.assertNotIn('dummy98', output)
|
|
|
|
def test_reconfigure(self):
|
|
copy_network_unit('25-address-static.network', '12-dummy.netdev', copy_dropins=False)
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('ip -4 address show dev dummy98')
|
|
print(output)
|
|
self.assertIn('inet 10.1.2.3/16 brd 10.1.255.255 scope global dummy98', output)
|
|
self.assertIn('inet 10.1.2.4/16 brd 10.1.255.255 scope global secondary dummy98', output)
|
|
self.assertIn('inet 10.2.2.4/16 brd 10.2.255.255 scope global dummy98', output)
|
|
|
|
check_output('ip address del 10.1.2.3/16 dev dummy98')
|
|
check_output('ip address del 10.1.2.4/16 dev dummy98')
|
|
check_output('ip address del 10.2.2.4/16 dev dummy98')
|
|
|
|
networkctl_reconfigure('dummy98')
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('ip -4 address show dev dummy98')
|
|
print(output)
|
|
self.assertIn('inet 10.1.2.3/16 brd 10.1.255.255 scope global dummy98', output)
|
|
self.assertIn('inet 10.1.2.4/16 brd 10.1.255.255 scope global secondary dummy98', output)
|
|
self.assertIn('inet 10.2.2.4/16 brd 10.2.255.255 scope global dummy98', output)
|
|
|
|
remove_network_unit('25-address-static.network')
|
|
|
|
networkctl_reload()
|
|
self.wait_operstate('dummy98', 'degraded', setup_state='unmanaged')
|
|
|
|
output = check_output('ip -4 address show dev dummy98')
|
|
print(output)
|
|
self.assertNotIn('inet 10.1.2.3/16 brd 10.1.255.255 scope global dummy98', output)
|
|
self.assertNotIn('inet 10.1.2.4/16 brd 10.1.255.255 scope global secondary dummy98', output)
|
|
self.assertNotIn('inet 10.2.2.4/16 brd 10.2.255.255 scope global dummy98', output)
|
|
|
|
copy_network_unit('25-address-static.network', copy_dropins=False)
|
|
networkctl_reload()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('ip -4 address show dev dummy98')
|
|
print(output)
|
|
self.assertIn('inet 10.1.2.3/16 brd 10.1.255.255 scope global dummy98', output)
|
|
self.assertIn('inet 10.1.2.4/16 brd 10.1.255.255 scope global secondary dummy98', output)
|
|
self.assertIn('inet 10.2.2.4/16 brd 10.2.255.255 scope global dummy98', output)
|
|
|
|
def test_renew(self):
|
|
def check():
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
output = networkctl_status('veth99')
|
|
print(output)
|
|
self.assertRegex(output, r'Address: 192.168.5.[0-9]* \(DHCPv4 via 192.168.5.1\)')
|
|
self.assertIn('Gateway: 192.168.5.3', output)
|
|
self.assertRegex(output, 'DNS: 192.168.5.1\n *192.168.5.10')
|
|
self.assertRegex(output, 'NTP: 192.168.5.1\n *192.168.5.11')
|
|
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-client.network', '25-dhcp-server.network')
|
|
start_networkd()
|
|
check()
|
|
check_json(networkctl_json('--lines=0', '--stats', '--all', '--full'))
|
|
|
|
for verb in ['renew', 'forcerenew']:
|
|
networkctl(verb, 'veth99')
|
|
check()
|
|
networkctl(verb, 'veth99', 'veth99', 'veth99')
|
|
check()
|
|
|
|
def test_up_down(self):
|
|
copy_network_unit('25-address-static.network', '12-dummy.netdev', copy_dropins=False)
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
networkctl('down', 'dummy98')
|
|
self.wait_online('dummy98:off')
|
|
networkctl('up', 'dummy98')
|
|
self.wait_online('dummy98:routable')
|
|
networkctl('down', 'dummy98', 'dummy98', 'dummy98')
|
|
self.wait_online('dummy98:off')
|
|
networkctl('up', 'dummy98', 'dummy98', 'dummy98')
|
|
self.wait_online('dummy98:routable')
|
|
|
|
def test_reload(self):
|
|
start_networkd()
|
|
|
|
copy_network_unit('11-dummy.netdev')
|
|
networkctl_reload()
|
|
self.wait_operstate('test1', 'off', setup_state='unmanaged')
|
|
|
|
copy_network_unit('11-dummy.network')
|
|
networkctl_reload()
|
|
self.wait_online('test1:degraded')
|
|
|
|
remove_network_unit('11-dummy.network')
|
|
networkctl_reload()
|
|
self.wait_operstate('test1', 'degraded', setup_state='unmanaged')
|
|
|
|
remove_network_unit('11-dummy.netdev')
|
|
networkctl_reload()
|
|
self.wait_operstate('test1', 'degraded', setup_state='unmanaged')
|
|
|
|
copy_network_unit('11-dummy.netdev', '11-dummy.network')
|
|
networkctl_reload()
|
|
self.wait_operstate('test1', 'degraded')
|
|
|
|
def test_glob(self):
|
|
copy_network_unit('11-dummy.netdev', '11-dummy.network')
|
|
start_networkd()
|
|
|
|
self.wait_online('test1:degraded')
|
|
|
|
output = networkctl('list')
|
|
self.assertRegex(output, '1 lo ')
|
|
self.assertRegex(output, 'test1')
|
|
|
|
output = networkctl('list', 'test1')
|
|
self.assertNotRegex(output, '1 lo ')
|
|
self.assertRegex(output, 'test1')
|
|
|
|
output = networkctl('list', 'te*')
|
|
self.assertNotRegex(output, '1 lo ')
|
|
self.assertRegex(output, 'test1')
|
|
|
|
output = networkctl_status('te*')
|
|
self.assertNotRegex(output, '1: lo ')
|
|
self.assertRegex(output, 'test1')
|
|
|
|
output = networkctl_status('tes[a-z][0-9]')
|
|
self.assertNotRegex(output, '1: lo ')
|
|
self.assertRegex(output, 'test1')
|
|
|
|
def test_mtu(self):
|
|
copy_network_unit('11-dummy-mtu.netdev', '11-dummy.network')
|
|
start_networkd()
|
|
|
|
self.wait_online('test1:degraded')
|
|
|
|
output = networkctl_status('test1')
|
|
self.assertRegex(output, 'MTU: 1600')
|
|
|
|
def test_type(self):
|
|
copy_network_unit('11-dummy.netdev', '11-dummy.network')
|
|
start_networkd()
|
|
self.wait_online('test1:degraded')
|
|
|
|
output = networkctl_status('test1')
|
|
print(output)
|
|
self.assertRegex(output, 'Type: ether')
|
|
|
|
output = networkctl_status('lo')
|
|
print(output)
|
|
self.assertRegex(output, 'Type: loopback')
|
|
|
|
def test_unit_file(self):
|
|
copy_network_unit('11-test-unit-file.netdev', '11-test-unit-file.network', '11-test-unit-file.link')
|
|
start_networkd()
|
|
self.wait_online('test1:degraded')
|
|
|
|
output = networkctl_status('test1')
|
|
print(output)
|
|
self.assertIn('Link File: /run/systemd/network/11-test-unit-file.link', output)
|
|
self.assertIn('/run/systemd/network/11-test-unit-file.link.d/dropin.conf', output)
|
|
self.assertIn('Network File: /run/systemd/network/11-test-unit-file.network', output)
|
|
self.assertIn('/run/systemd/network/11-test-unit-file.network.d/dropin.conf', output)
|
|
|
|
self.check_networkd_log('test1: Configuring with /run/systemd/network/11-test-unit-file.network (dropins: /run/systemd/network/11-test-unit-file.network.d/dropin.conf).')
|
|
|
|
# This test may be run on the system that has older udevd than 70f32a260b5ebb68c19ecadf5d69b3844896ba55 (v249).
|
|
# In that case, the udev DB for the loopback network interface may already have ID_NET_LINK_FILE property.
|
|
# Let's reprocess the interface and drop the property.
|
|
udevadm_trigger('/sys/class/net/lo')
|
|
output = networkctl_status('lo')
|
|
print(output)
|
|
self.assertIn('Link File: n/a', output)
|
|
self.assertIn('Network File: n/a', output)
|
|
|
|
def test_delete_links(self):
|
|
copy_network_unit('11-dummy.netdev', '25-veth.netdev')
|
|
start_networkd()
|
|
self.wait_links('test1', 'veth99', 'veth-peer')
|
|
networkctl('delete', 'test1', 'veth99')
|
|
self.check_link_exists('test1', 'veth99', 'veth-peer', expected=False)
|
|
|
|
def test_label(self):
|
|
networkctl('label')
|
|
|
|
class NetworkdMatchTests(unittest.TestCase, Utilities):
|
|
|
|
def setUp(self):
|
|
setup_common()
|
|
|
|
def tearDown(self):
|
|
tear_down_common()
|
|
|
|
@expectedFailureIfAlternativeNameIsNotAvailable()
|
|
def test_match(self):
|
|
copy_network_unit('12-dummy-mac.netdev',
|
|
'12-dummy-match-mac-01.network',
|
|
'12-dummy-match-mac-02.network',
|
|
'12-dummy-match-renamed.network',
|
|
'12-dummy-match-altname.network',
|
|
'12-dummy-altname.link')
|
|
start_networkd()
|
|
|
|
self.wait_online('dummy98:routable')
|
|
output = networkctl_status('dummy98')
|
|
self.assertIn('Network File: /run/systemd/network/12-dummy-match-mac-01.network', output)
|
|
output = check_output('ip -4 address show dev dummy98')
|
|
self.assertIn('10.0.0.1/16', output)
|
|
|
|
check_output('ip link set dev dummy98 down')
|
|
check_output('ip link set dev dummy98 address 12:34:56:78:9a:02')
|
|
|
|
self.wait_address('dummy98', '10.0.0.2/16', ipv='-4', timeout_sec=10)
|
|
self.wait_online('dummy98:routable')
|
|
output = networkctl_status('dummy98')
|
|
self.assertIn('Network File: /run/systemd/network/12-dummy-match-mac-02.network', output)
|
|
|
|
check_output('ip link set dev dummy98 down')
|
|
check_output('ip link set dev dummy98 name dummy98-1')
|
|
|
|
self.wait_address('dummy98-1', '10.0.1.2/16', ipv='-4', timeout_sec=10)
|
|
self.wait_online('dummy98-1:routable')
|
|
output = networkctl_status('dummy98-1')
|
|
self.assertIn('Network File: /run/systemd/network/12-dummy-match-renamed.network', output)
|
|
|
|
check_output('ip link set dev dummy98-1 down')
|
|
check_output('ip link set dev dummy98-1 name dummy98-2')
|
|
udevadm_trigger('/sys/class/net/dummy98-2')
|
|
|
|
self.wait_address('dummy98-2', '10.0.2.2/16', ipv='-4', timeout_sec=10)
|
|
self.wait_online('dummy98-2:routable')
|
|
output = networkctl_status('dummy98-2')
|
|
self.assertIn('Network File: /run/systemd/network/12-dummy-match-altname.network', output)
|
|
|
|
def test_match_udev_property(self):
|
|
copy_network_unit('12-dummy.netdev', '13-not-match-udev-property.network', '14-match-udev-property.network')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = networkctl_status('dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'Network File: /run/systemd/network/14-match-udev-property')
|
|
|
|
class WaitOnlineTests(unittest.TestCase, Utilities):
|
|
|
|
def setUp(self):
|
|
setup_common()
|
|
|
|
def tearDown(self):
|
|
tear_down_common()
|
|
|
|
def test_wait_online_any(self):
|
|
copy_network_unit('25-bridge.netdev', '25-bridge.network', '11-dummy.netdev', '11-dummy.network')
|
|
start_networkd()
|
|
|
|
self.wait_online('bridge99', 'test1:degraded', bool_any=True)
|
|
|
|
self.wait_operstate('bridge99', '(off|no-carrier)', setup_state='configuring')
|
|
self.wait_operstate('test1', 'degraded')
|
|
|
|
class NetworkdNetDevTests(unittest.TestCase, Utilities):
|
|
|
|
def setUp(self):
|
|
setup_common()
|
|
|
|
def tearDown(self):
|
|
tear_down_common()
|
|
|
|
def test_dropin_and_name_conflict(self):
|
|
copy_network_unit('10-dropin-test.netdev', '15-name-conflict-test.netdev')
|
|
start_networkd()
|
|
|
|
self.wait_online('dropin-test:off', setup_state='unmanaged')
|
|
|
|
output = check_output('ip link show dropin-test')
|
|
print(output)
|
|
self.assertRegex(output, '00:50:56:c0:00:28')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('bareudp')
|
|
def test_bareudp(self):
|
|
copy_network_unit('25-bareudp.netdev', '26-netdev-link-local-addressing-yes.network')
|
|
start_networkd()
|
|
|
|
self.wait_online('bareudp99:degraded')
|
|
self.networkctl_check_unit('bareudp99', '25-bareudp', '26-netdev-link-local-addressing-yes')
|
|
|
|
output = check_output('ip -d link show bareudp99')
|
|
print(output)
|
|
self.assertRegex(output, 'dstport 1000 ')
|
|
self.assertRegex(output, 'ethertype ip ')
|
|
self.assertRegex(output, 'srcportmin 1001 ')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('batman-adv')
|
|
def test_batadv(self):
|
|
copy_network_unit('25-batadv.netdev', '26-netdev-link-local-addressing-yes.network')
|
|
start_networkd()
|
|
|
|
self.wait_online('batadv99:degraded')
|
|
self.networkctl_check_unit('batadv99', '25-batadv', '26-netdev-link-local-addressing-yes')
|
|
|
|
output = check_output('ip -d link show batadv99')
|
|
print(output)
|
|
self.assertRegex(output, 'batadv')
|
|
|
|
def test_bridge(self):
|
|
copy_network_unit('25-bridge.netdev', '25-bridge-configure-without-carrier.network')
|
|
start_networkd()
|
|
|
|
self.wait_online('bridge99:no-carrier')
|
|
self.networkctl_check_unit('bridge99', '25-bridge', '25-bridge-configure-without-carrier')
|
|
|
|
tick = os.sysconf('SC_CLK_TCK')
|
|
self.assertEqual(9, round(float(read_link_attr('bridge99', 'bridge', 'hello_time')) / tick))
|
|
self.assertEqual(9, round(float(read_link_attr('bridge99', 'bridge', 'max_age')) / tick))
|
|
self.assertEqual(9, round(float(read_link_attr('bridge99', 'bridge', 'forward_delay')) / tick))
|
|
self.assertEqual(9, round(float(read_link_attr('bridge99', 'bridge', 'ageing_time')) / tick))
|
|
self.assertEqual(9, int(read_link_attr('bridge99', 'bridge', 'priority')))
|
|
self.assertEqual(1, int(read_link_attr('bridge99', 'bridge', 'multicast_querier')))
|
|
self.assertEqual(1, int(read_link_attr('bridge99', 'bridge', 'multicast_snooping')))
|
|
self.assertEqual(1, int(read_link_attr('bridge99', 'bridge', 'stp_state')))
|
|
self.assertEqual(3, int(read_link_attr('bridge99', 'bridge', 'multicast_igmp_version')))
|
|
|
|
output = networkctl_status('bridge99')
|
|
print(output)
|
|
self.assertRegex(output, 'Priority: 9')
|
|
self.assertRegex(output, 'STP: yes')
|
|
self.assertRegex(output, 'Multicast IGMP Version: 3')
|
|
if 'FDB Max Learned' in output:
|
|
self.assertRegex(output, 'FDB Max Learned: 4')
|
|
|
|
output = check_output('ip -d link show bridge99')
|
|
print(output)
|
|
self.assertIn('vlan_filtering 1 ', output)
|
|
self.assertIn('vlan_protocol 802.1ad ', output)
|
|
self.assertIn('vlan_default_pvid 9 ', output)
|
|
if 'fdb_max_learned' in output:
|
|
self.assertIn('fdb_max_learned 4 ', output)
|
|
|
|
def test_bond(self):
|
|
copy_network_unit('25-bond.netdev', '25-bond-balanced-tlb.netdev', '25-bond-property.netdev')
|
|
start_networkd()
|
|
|
|
self.wait_online('bond99:off', 'bond98:off', 'bond97:off', setup_state='unmanaged')
|
|
self.networkctl_check_unit('bond99', '25-bond')
|
|
self.networkctl_check_unit('bond98', '25-bond-balanced-tlb')
|
|
self.networkctl_check_unit('bond97', '25-bond-property')
|
|
|
|
self.check_link_attr('bond99', 'bonding', 'mode', '802.3ad 4')
|
|
self.check_link_attr('bond99', 'bonding', 'xmit_hash_policy', 'layer3+4 1')
|
|
self.check_link_attr('bond99', 'bonding', 'miimon', '1000')
|
|
self.check_link_attr('bond99', 'bonding', 'lacp_rate', 'fast 1')
|
|
self.check_link_attr('bond99', 'bonding', 'updelay', '2000')
|
|
self.check_link_attr('bond99', 'bonding', 'downdelay', '2000')
|
|
self.check_link_attr('bond99', 'bonding', 'resend_igmp', '4')
|
|
self.check_link_attr('bond99', 'bonding', 'min_links', '1')
|
|
self.check_link_attr('bond99', 'bonding', 'ad_actor_sys_prio', '1218')
|
|
self.check_link_attr('bond99', 'bonding', 'ad_user_port_key', '811')
|
|
self.check_link_attr('bond99', 'bonding', 'ad_actor_system', '00:11:22:33:44:55')
|
|
|
|
self.check_link_attr('bond98', 'bonding', 'mode', 'balance-tlb 5')
|
|
self.check_link_attr('bond98', 'bonding', 'tlb_dynamic_lb', '1')
|
|
|
|
output = networkctl_status('bond99')
|
|
print(output)
|
|
self.assertIn('Mode: 802.3ad', output)
|
|
self.assertIn('Miimon: 1s', output)
|
|
self.assertIn('Updelay: 2s', output)
|
|
self.assertIn('Downdelay: 2s', output)
|
|
|
|
output = networkctl_status('bond98')
|
|
print(output)
|
|
self.assertIn('Mode: balance-tlb', output)
|
|
|
|
output = networkctl_status('bond97')
|
|
print(output)
|
|
|
|
self.check_link_attr('bond97', 'bonding', 'arp_missed_max', '10')
|
|
self.check_link_attr('bond97', 'bonding', 'peer_notif_delay', '300000')
|
|
|
|
def test_vlan(self):
|
|
copy_network_unit('21-vlan.netdev', '11-dummy.netdev',
|
|
'21-vlan.network', '21-vlan-test1.network')
|
|
start_networkd()
|
|
|
|
self.wait_online('test1:degraded', 'vlan99:routable')
|
|
self.networkctl_check_unit('vlan99', '21-vlan', '21-vlan')
|
|
self.networkctl_check_unit('test1', '11-dummy', '21-vlan-test1')
|
|
|
|
output = check_output('ip -d link show test1')
|
|
print(output)
|
|
self.assertRegex(output, ' mtu 2000 ')
|
|
|
|
output = check_output('ip -d link show vlan99')
|
|
print(output)
|
|
self.assertIn(' mtu 2000 ', output)
|
|
self.assertIn('REORDER_HDR', output)
|
|
self.assertIn('LOOSE_BINDING', output)
|
|
self.assertIn('GVRP', output)
|
|
self.assertIn('MVRP', output)
|
|
self.assertIn(' id 99 ', output)
|
|
self.assertIn('ingress-qos-map { 4:100 7:13 }', output)
|
|
self.assertIn('egress-qos-map { 0:1 1:3 6:6 7:7 10:3 }', output)
|
|
|
|
output = check_output('ip -4 address show dev test1')
|
|
print(output)
|
|
self.assertRegex(output, 'inet 192.168.24.5/24 brd 192.168.24.255 scope global test1')
|
|
self.assertRegex(output, 'inet 192.168.25.5/24 brd 192.168.25.255 scope global test1')
|
|
|
|
output = check_output('ip -4 address show dev vlan99')
|
|
print(output)
|
|
self.assertRegex(output, 'inet 192.168.23.5/24 brd 192.168.23.255 scope global vlan99')
|
|
|
|
def test_vlan_on_bond(self):
|
|
# For issue #24377 (https://github.com/systemd/systemd/issues/24377),
|
|
# which is fixed by b05e52000b4eee764b383cc3031da0a3739e996e (PR#24020).
|
|
|
|
copy_network_unit('21-bond-802.3ad.netdev', '21-bond-802.3ad.network',
|
|
'21-vlan-on-bond.netdev', '21-vlan-on-bond.network')
|
|
start_networkd()
|
|
self.wait_online('bond99:off')
|
|
self.wait_operstate('vlan99', operstate='off', setup_state='configuring', setup_timeout=10)
|
|
self.networkctl_check_unit('vlan99', '21-vlan-on-bond', '21-vlan-on-bond')
|
|
self.networkctl_check_unit('bond99', '21-bond-802.3ad', '21-bond-802.3ad')
|
|
|
|
self.check_networkd_log('vlan99: Could not bring up interface, ignoring: Network is down')
|
|
|
|
copy_network_unit('11-dummy.netdev', '12-dummy.netdev', '21-dummy-bond-slave.network')
|
|
networkctl_reload()
|
|
self.wait_online('test1:enslaved', 'dummy98:enslaved', 'bond99:carrier', 'vlan99:routable')
|
|
|
|
def test_macvtap(self):
|
|
first = True
|
|
for mode in ['private', 'vepa', 'bridge', 'passthru']:
|
|
if first:
|
|
first = False
|
|
else:
|
|
self.tearDown()
|
|
|
|
print(f'### test_macvtap(mode={mode})')
|
|
with self.subTest(mode=mode):
|
|
copy_network_unit('21-macvtap.netdev', '26-netdev-link-local-addressing-yes.network',
|
|
'11-dummy.netdev', '25-macvtap.network')
|
|
with open(os.path.join(network_unit_dir, '21-macvtap.netdev'), mode='a', encoding='utf-8') as f:
|
|
f.write('[MACVTAP]\nMode=' + mode)
|
|
start_networkd()
|
|
|
|
self.wait_online('macvtap99:degraded',
|
|
'test1:carrier' if mode == 'passthru' else 'test1:degraded')
|
|
self.networkctl_check_unit('macvtap99', '21-macvtap', '26-netdev-link-local-addressing-yes')
|
|
self.networkctl_check_unit('test1', '11-dummy', '25-macvtap')
|
|
|
|
output = check_output('ip -d link show macvtap99')
|
|
print(output)
|
|
self.assertRegex(output, 'macvtap mode ' + mode + ' ')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('macvlan')
|
|
def test_macvlan(self):
|
|
first = True
|
|
for mode in ['private', 'vepa', 'bridge', 'passthru']:
|
|
if first:
|
|
first = False
|
|
else:
|
|
self.tearDown()
|
|
|
|
print(f'### test_macvlan(mode={mode})')
|
|
with self.subTest(mode=mode):
|
|
copy_network_unit('21-macvlan.netdev', '26-netdev-link-local-addressing-yes.network',
|
|
'11-dummy.netdev', '25-macvlan.network')
|
|
with open(os.path.join(network_unit_dir, '21-macvlan.netdev'), mode='a', encoding='utf-8') as f:
|
|
f.write('[MACVLAN]\nMode=' + mode)
|
|
start_networkd()
|
|
|
|
self.wait_online('macvlan99:degraded',
|
|
'test1:carrier' if mode == 'passthru' else 'test1:degraded')
|
|
self.networkctl_check_unit('macvlan99', '21-macvlan', '26-netdev-link-local-addressing-yes')
|
|
self.networkctl_check_unit('test1', '11-dummy', '25-macvlan')
|
|
|
|
output = check_output('ip -d link show test1')
|
|
print(output)
|
|
self.assertIn(' mtu 2000 ', output)
|
|
|
|
output = check_output('ip -d link show macvlan99')
|
|
print(output)
|
|
self.assertIn(' mtu 2000 ', output)
|
|
self.assertIn(f' macvlan mode {mode} ', output)
|
|
|
|
remove_link('test1')
|
|
time.sleep(1)
|
|
|
|
check_output("ip link add test1 type dummy")
|
|
self.wait_online('macvlan99:degraded',
|
|
'test1:carrier' if mode == 'passthru' else 'test1:degraded')
|
|
|
|
output = check_output('ip -d link show test1')
|
|
print(output)
|
|
self.assertIn(' mtu 2000 ', output)
|
|
|
|
output = check_output('ip -d link show macvlan99')
|
|
print(output)
|
|
self.assertIn(' mtu 2000 ', output)
|
|
self.assertIn(f' macvlan mode {mode} ', output)
|
|
self.assertIn(' bcqueuelen 1234 ', output)
|
|
if ' bclim ' in output: # This is new in kernel and iproute2 v6.4
|
|
self.assertIn(' bclim 2147483647 ', output)
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('ipvlan')
|
|
def test_ipvlan(self):
|
|
first = True
|
|
for mode, flag in [['L2', 'private'], ['L3', 'vepa'], ['L3S', 'bridge']]:
|
|
if first:
|
|
first = False
|
|
else:
|
|
self.tearDown()
|
|
|
|
print(f'### test_ipvlan(mode={mode}, flag={flag})')
|
|
with self.subTest(mode=mode, flag=flag):
|
|
copy_network_unit('25-ipvlan.netdev', '26-netdev-link-local-addressing-yes.network',
|
|
'11-dummy.netdev', '25-ipvlan.network')
|
|
with open(os.path.join(network_unit_dir, '25-ipvlan.netdev'), mode='a', encoding='utf-8') as f:
|
|
f.write('[IPVLAN]\nMode=' + mode + '\nFlags=' + flag)
|
|
|
|
start_networkd()
|
|
self.wait_online('ipvlan99:degraded', 'test1:degraded')
|
|
self.networkctl_check_unit('ipvlan99', '25-ipvlan', '26-netdev-link-local-addressing-yes')
|
|
self.networkctl_check_unit('test1', '11-dummy', '25-ipvlan')
|
|
|
|
output = check_output('ip -d link show ipvlan99')
|
|
print(output)
|
|
self.assertRegex(output, 'ipvlan *mode ' + mode.lower() + ' ' + flag)
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('ipvtap')
|
|
def test_ipvtap(self):
|
|
first = True
|
|
for mode, flag in [['L2', 'private'], ['L3', 'vepa'], ['L3S', 'bridge']]:
|
|
if first:
|
|
first = False
|
|
else:
|
|
self.tearDown()
|
|
|
|
print(f'### test_ipvtap(mode={mode}, flag={flag})')
|
|
with self.subTest(mode=mode, flag=flag):
|
|
copy_network_unit('25-ipvtap.netdev', '26-netdev-link-local-addressing-yes.network',
|
|
'11-dummy.netdev', '25-ipvtap.network')
|
|
with open(os.path.join(network_unit_dir, '25-ipvtap.netdev'), mode='a', encoding='utf-8') as f:
|
|
f.write('[IPVTAP]\nMode=' + mode + '\nFlags=' + flag)
|
|
|
|
start_networkd()
|
|
self.wait_online('ipvtap99:degraded', 'test1:degraded')
|
|
self.networkctl_check_unit('ipvtap99', '25-ipvtap', '26-netdev-link-local-addressing-yes')
|
|
self.networkctl_check_unit('test1', '11-dummy', '25-ipvtap')
|
|
|
|
output = check_output('ip -d link show ipvtap99')
|
|
print(output)
|
|
self.assertRegex(output, 'ipvtap *mode ' + mode.lower() + ' ' + flag)
|
|
|
|
def test_veth(self):
|
|
copy_network_unit('25-veth.netdev', '26-netdev-link-local-addressing-yes.network',
|
|
'25-veth-mtu.netdev')
|
|
start_networkd()
|
|
|
|
self.wait_online('veth99:degraded', 'veth-peer:degraded', 'veth-mtu:degraded', 'veth-mtu-peer:degraded')
|
|
self.networkctl_check_unit('veth99', '25-veth', '26-netdev-link-local-addressing-yes')
|
|
self.networkctl_check_unit('veth-peer', '25-veth', '26-netdev-link-local-addressing-yes')
|
|
self.networkctl_check_unit('veth-mtu', '25-veth-mtu', '26-netdev-link-local-addressing-yes')
|
|
self.networkctl_check_unit('veth-mtu-peer', '25-veth-mtu', '26-netdev-link-local-addressing-yes')
|
|
|
|
output = check_output('ip -d link show veth99')
|
|
print(output)
|
|
self.assertRegex(output, 'link/ether 12:34:56:78:9a:bc')
|
|
output = check_output('ip -d link show veth-peer')
|
|
print(output)
|
|
self.assertRegex(output, 'link/ether 12:34:56:78:9a:bd')
|
|
|
|
output = check_output('ip -d link show veth-mtu')
|
|
print(output)
|
|
self.assertRegex(output, 'link/ether 12:34:56:78:9a:be')
|
|
self.assertRegex(output, 'mtu 1800')
|
|
output = check_output('ip -d link show veth-mtu-peer')
|
|
print(output)
|
|
self.assertRegex(output, 'link/ether 12:34:56:78:9a:bf')
|
|
self.assertRegex(output, 'mtu 1800')
|
|
|
|
def check_tuntap(self, attached):
|
|
pid = networkd_pid()
|
|
name = psutil.Process(pid).name()[:15]
|
|
|
|
output = check_output('ip -d -oneline tuntap show')
|
|
print(output)
|
|
self.assertRegex(output, r'testtap99: tap pi (multi_queue |)vnet_hdr persist filter.*\tAttached to processes:')
|
|
self.assertRegex(output, r'testtun99: tun pi (multi_queue |)vnet_hdr persist filter.*\tAttached to processes:')
|
|
|
|
if attached:
|
|
self.assertRegex(output, fr'testtap99: .*{name}\({pid}\)')
|
|
self.assertRegex(output, fr'testtun99: .*{name}\({pid}\)')
|
|
self.assertRegex(output, r'testtap99: .*systemd\(1\)')
|
|
self.assertRegex(output, r'testtun99: .*systemd\(1\)')
|
|
|
|
output = check_output('ip -d link show testtun99')
|
|
print(output)
|
|
# Old ip command does not support IFF_ flags
|
|
self.assertRegex(output, 'tun (type tun pi on vnet_hdr on multi_queue|addrgenmode) ')
|
|
self.assertIn('UP,LOWER_UP', output)
|
|
|
|
output = check_output('ip -d link show testtap99')
|
|
print(output)
|
|
self.assertRegex(output, 'tun (type tap pi on vnet_hdr on multi_queue|addrgenmode) ')
|
|
self.assertIn('UP,LOWER_UP', output)
|
|
|
|
else:
|
|
self.assertNotIn(f'{name}({pid})', output)
|
|
self.assertNotIn('systemd(1)', output)
|
|
|
|
for _ in range(20):
|
|
output = check_output('ip -d link show testtun99')
|
|
print(output)
|
|
self.assertRegex(output, 'tun (type tun pi on vnet_hdr on multi_queue|addrgenmode) ')
|
|
if 'NO-CARRIER' in output:
|
|
break
|
|
time.sleep(0.5)
|
|
else:
|
|
self.fail()
|
|
|
|
for _ in range(20):
|
|
output = check_output('ip -d link show testtap99')
|
|
print(output)
|
|
self.assertRegex(output, 'tun (type tap pi on vnet_hdr on multi_queue|addrgenmode) ')
|
|
if 'NO-CARRIER' in output:
|
|
break
|
|
time.sleep(0.5)
|
|
else:
|
|
self.fail()
|
|
|
|
def test_tuntap(self):
|
|
copy_network_unit('25-tun.netdev', '25-tap.netdev', '26-netdev-link-local-addressing-yes.network')
|
|
start_networkd()
|
|
self.wait_online('testtun99:degraded', 'testtap99:degraded')
|
|
self.networkctl_check_unit('testtap99', '25-tap', '26-netdev-link-local-addressing-yes')
|
|
self.networkctl_check_unit('testtun99', '25-tun', '26-netdev-link-local-addressing-yes')
|
|
|
|
self.check_tuntap(True)
|
|
|
|
remove_network_unit('26-netdev-link-local-addressing-yes.network')
|
|
restart_networkd()
|
|
self.wait_online('testtun99:degraded', 'testtap99:degraded', setup_state='unmanaged')
|
|
self.networkctl_check_unit('testtap99', '25-tap')
|
|
self.networkctl_check_unit('testtun99', '25-tun')
|
|
|
|
self.check_tuntap(True)
|
|
|
|
clear_network_units()
|
|
unmanage_existing_links()
|
|
restart_networkd()
|
|
self.wait_online('testtun99:off', 'testtap99:off', setup_state='unmanaged')
|
|
self.networkctl_check_unit('testtap99')
|
|
self.networkctl_check_unit('testtun99')
|
|
|
|
self.check_tuntap(False)
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('vrf')
|
|
def test_vrf(self):
|
|
copy_network_unit('25-vrf.netdev', '26-netdev-link-local-addressing-yes.network')
|
|
start_networkd()
|
|
|
|
self.wait_online('vrf99:carrier')
|
|
self.networkctl_check_unit('vrf99', '25-vrf', '26-netdev-link-local-addressing-yes')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('vcan')
|
|
def test_vcan(self):
|
|
copy_network_unit('25-vcan.netdev', '26-netdev-link-local-addressing-yes.network',
|
|
'25-vcan98.netdev', '25-vcan98.network')
|
|
start_networkd()
|
|
|
|
self.wait_online('vcan99:carrier', 'vcan98:carrier')
|
|
# For can devices, 'carrier' is the default required operational state.
|
|
self.wait_online('vcan99', 'vcan98')
|
|
self.networkctl_check_unit('vcan99', '25-vcan', '26-netdev-link-local-addressing-yes')
|
|
self.networkctl_check_unit('vcan98', '25-vcan98', '25-vcan98')
|
|
|
|
# https://github.com/systemd/systemd/issues/30140
|
|
output = check_output('ip -d link show vcan99')
|
|
print(output)
|
|
self.assertIn('mtu 16 ', output)
|
|
|
|
output = check_output('ip -d link show vcan98')
|
|
print(output)
|
|
self.assertIn('mtu 16 ', output)
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('vxcan')
|
|
def test_vxcan(self):
|
|
copy_network_unit('25-vxcan.netdev', '26-netdev-link-local-addressing-yes.network')
|
|
start_networkd()
|
|
|
|
self.wait_online('vxcan99:carrier', 'vxcan-peer:carrier')
|
|
# For can devices, 'carrier' is the default required operational state.
|
|
self.wait_online('vxcan99', 'vxcan-peer')
|
|
self.networkctl_check_unit('vxcan99', '25-vxcan', '26-netdev-link-local-addressing-yes')
|
|
self.networkctl_check_unit('vxcan-peer', '25-vxcan', '26-netdev-link-local-addressing-yes')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('wireguard')
|
|
def test_wireguard(self):
|
|
copy_credential('25-wireguard-endpoint-peer0-cred.txt', 'network.wireguard.peer0.endpoint')
|
|
copy_credential('25-wireguard-preshared-key-peer2-cred.txt', 'network.wireguard.peer2.psk')
|
|
copy_credential('25-wireguard-no-peer-private-key-cred.txt', 'network.wireguard.private.25-wireguard-no-peer')
|
|
|
|
copy_network_unit('25-wireguard.netdev', '25-wireguard.network',
|
|
'25-wireguard-23-peers.netdev', '25-wireguard-23-peers.network',
|
|
'25-wireguard-public-key.txt', '25-wireguard-preshared-key.txt', '25-wireguard-private-key.txt',
|
|
'25-wireguard-no-peer.netdev', '25-wireguard-no-peer.network')
|
|
start_networkd()
|
|
self.wait_online('wg99:routable', 'wg98:routable', 'wg97:carrier')
|
|
self.networkctl_check_unit('wg99', '25-wireguard', '25-wireguard')
|
|
self.networkctl_check_unit('wg98', '25-wireguard-23-peers', '25-wireguard-23-peers')
|
|
self.networkctl_check_unit('wg97', '25-wireguard-no-peer', '25-wireguard-no-peer')
|
|
|
|
output = check_output('ip -4 address show dev wg99')
|
|
print(output)
|
|
self.assertIn('inet 192.168.124.1/24 scope global wg99', output)
|
|
|
|
output = check_output('ip -4 address show dev wg99')
|
|
print(output)
|
|
self.assertIn('inet 169.254.11.1/24 scope link wg99', output)
|
|
|
|
output = check_output('ip -6 address show dev wg99')
|
|
print(output)
|
|
self.assertIn('inet6 fe80::1/64 scope link', output)
|
|
|
|
output = check_output('ip -4 address show dev wg98')
|
|
print(output)
|
|
self.assertIn('inet 192.168.123.123/24 scope global wg98', output)
|
|
|
|
output = check_output('ip -6 address show dev wg98')
|
|
print(output)
|
|
self.assertIn('inet6 fd8d:4d6d:3ccb:500::1/64 scope global', output)
|
|
|
|
output = check_output('ip -4 route show dev wg99 table 1234')
|
|
print(output)
|
|
self.assertIn('192.168.26.0/24 proto static scope link metric 123', output)
|
|
|
|
output = check_output('ip -6 route show dev wg99 table 1234')
|
|
print(output)
|
|
self.assertIn('fd31:bf08:57cb::/48 proto static metric 123 pref medium', output)
|
|
|
|
output = check_output('ip -6 route show dev wg98 table 1234')
|
|
print(output)
|
|
self.assertIn('fd8d:4d6d:3ccb:500:c79:2339:edce:ece1 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:500:1dbf:ca8a:32d3:dd81 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:500:1e54:1415:35d0:a47c proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:500:270d:b5dd:4a3f:8909 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:500:5660:679d:3532:94d8 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:500:6825:573f:30f3:9472 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:500:6f2e:6888:c6fd:dfb9 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:500:8d4d:bab:7280:a09a proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:500:900c:d437:ec27:8822 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:500:9742:9931:5217:18d5 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:500:9c11:d820:2e96:9be0 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:500:a072:80da:de4f:add1 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:500:a3f3:df38:19b0:721 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:500:a94b:cd6a:a32d:90e6 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:500:b39c:9cdc:755a:ead3 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:500:b684:4f81:2e3e:132e proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:500:bad5:495d:8e9c:3427 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:500:bfe5:c3c3:5d77:fcb proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:500:c624:6bf7:4c09:3b59 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:500:d4f9:5dc:9296:a1a proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:500:dcdd:d33b:90c9:6088 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:500:e2e1:ae15:103f:f376 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:500:f349:c4f0:10c1:6b4 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:c79:2339:edce::/96 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:1dbf:ca8a:32d3::/96 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:1e54:1415:35d0::/96 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:270d:b5dd:4a3f::/96 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:5660:679d:3532::/96 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:6825:573f:30f3::/96 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:6f2e:6888:c6fd::/96 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:8d4d:bab:7280::/96 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:900c:d437:ec27::/96 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:9742:9931:5217::/96 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:9c11:d820:2e96::/96 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:a072:80da:de4f::/96 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:a3f3:df38:19b0::/96 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:a94b:cd6a:a32d::/96 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:b39c:9cdc:755a::/96 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:b684:4f81:2e3e::/96 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:bad5:495d:8e9c::/96 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:bfe5:c3c3:5d77::/96 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:c624:6bf7:4c09::/96 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:d4f9:5dc:9296::/96 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:dcdd:d33b:90c9::/96 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:e2e1:ae15:103f::/96 proto static metric 123 pref medium', output)
|
|
self.assertIn('fd8d:4d6d:3ccb:f349:c4f0:10c1::/96 proto static metric 123 pref medium', output)
|
|
|
|
if shutil.which('wg'):
|
|
call('wg')
|
|
|
|
output = check_output('wg show wg99 listen-port')
|
|
self.assertEqual(output, '51820')
|
|
output = check_output('wg show wg99 fwmark')
|
|
self.assertEqual(output, '0x4d2')
|
|
output = check_output('wg show wg99 private-key')
|
|
self.assertEqual(output, 'EEGlnEPYJV//kbvvIqxKkQwOiS+UENyPncC4bF46ong=')
|
|
output = check_output('wg show wg99 allowed-ips')
|
|
self.assertIn('9uioxkGzjvGjkse3V35I9AhorWfIjBcrf3UPMS0bw2c=\t192.168.124.3/32', output)
|
|
self.assertIn('TTiCUpCxS7zDn/ax4p5W6Evg41r8hOrnWQw2Sq6Nh10=\t192.168.124.2/32', output)
|
|
self.assertIn('lsDtM3AbjxNlauRKzHEPfgS1Zp7cp/VX5Use/P4PQSc=\tfdbc:bae2:7871:e1fe:793:8636::/96 fdbc:bae2:7871:500:e1fe:793:8636:dad1/128', output)
|
|
self.assertIn('RDf+LSpeEre7YEIKaxg+wbpsNV7du+ktR99uBEtIiCA=\t192.168.26.0/24 fd31:bf08:57cb::/48', output)
|
|
output = check_output('wg show wg99 persistent-keepalive')
|
|
self.assertIn('9uioxkGzjvGjkse3V35I9AhorWfIjBcrf3UPMS0bw2c=\toff', output)
|
|
self.assertIn('TTiCUpCxS7zDn/ax4p5W6Evg41r8hOrnWQw2Sq6Nh10=\toff', output)
|
|
self.assertIn('lsDtM3AbjxNlauRKzHEPfgS1Zp7cp/VX5Use/P4PQSc=\toff', output)
|
|
self.assertIn('RDf+LSpeEre7YEIKaxg+wbpsNV7du+ktR99uBEtIiCA=\t20', output)
|
|
output = check_output('wg show wg99 endpoints')
|
|
self.assertIn('9uioxkGzjvGjkse3V35I9AhorWfIjBcrf3UPMS0bw2c=\t(none)', output)
|
|
self.assertIn('TTiCUpCxS7zDn/ax4p5W6Evg41r8hOrnWQw2Sq6Nh10=\t(none)', output)
|
|
self.assertIn('lsDtM3AbjxNlauRKzHEPfgS1Zp7cp/VX5Use/P4PQSc=\t(none)', output)
|
|
self.assertIn('RDf+LSpeEre7YEIKaxg+wbpsNV7du+ktR99uBEtIiCA=\t192.168.27.3:51820', output)
|
|
output = check_output('wg show wg99 preshared-keys')
|
|
self.assertIn('9uioxkGzjvGjkse3V35I9AhorWfIjBcrf3UPMS0bw2c=\t6Fsg8XN0DE6aPQgAX4r2oazEYJOGqyHUz3QRH/jCB+I=', output)
|
|
self.assertIn('TTiCUpCxS7zDn/ax4p5W6Evg41r8hOrnWQw2Sq6Nh10=\tit7nd33chCT/tKT2ZZWfYyp43Zs+6oif72hexnSNMqA=', output)
|
|
self.assertIn('lsDtM3AbjxNlauRKzHEPfgS1Zp7cp/VX5Use/P4PQSc=\tcPLOy1YUrEI0EMMIycPJmOo0aTu3RZnw8bL5meVD6m0=', output)
|
|
self.assertIn('RDf+LSpeEre7YEIKaxg+wbpsNV7du+ktR99uBEtIiCA=\tIIWIV17wutHv7t4cR6pOT91z6NSz/T8Arh0yaywhw3M=', output)
|
|
|
|
output = check_output('wg show wg98 private-key')
|
|
self.assertEqual(output, 'CJQUtcS9emY2fLYqDlpSZiE/QJyHkPWr+WHtZLZ90FU=')
|
|
|
|
output = check_output('wg show wg97 listen-port')
|
|
self.assertEqual(output, '51821')
|
|
output = check_output('wg show wg97 fwmark')
|
|
self.assertEqual(output, '0x4d3')
|
|
|
|
def test_geneve(self):
|
|
copy_network_unit('25-geneve.netdev', '26-netdev-link-local-addressing-yes.network')
|
|
start_networkd()
|
|
|
|
self.wait_online('geneve99:degraded')
|
|
self.networkctl_check_unit('geneve99', '25-geneve', '26-netdev-link-local-addressing-yes')
|
|
|
|
output = check_output('ip -d link show geneve99')
|
|
print(output)
|
|
self.assertRegex(output, '192.168.22.1')
|
|
self.assertRegex(output, '6082')
|
|
self.assertRegex(output, 'udpcsum')
|
|
self.assertRegex(output, 'udp6zerocsumrx')
|
|
|
|
def test_ipip_tunnel(self):
|
|
copy_network_unit('12-dummy.netdev', '25-ipip.network',
|
|
'25-ipip-tunnel.netdev', '25-tunnel.network',
|
|
'25-ipip-tunnel-local-any.netdev', '25-tunnel-local-any.network',
|
|
'25-ipip-tunnel-remote-any.netdev', '25-tunnel-remote-any.network',
|
|
'25-ipip-tunnel-any-any.netdev', '25-tunnel-any-any.network')
|
|
start_networkd()
|
|
self.wait_online('ipiptun99:routable', 'ipiptun98:routable', 'ipiptun97:routable', 'ipiptun96:routable', 'dummy98:degraded')
|
|
|
|
output = check_output('ip -d link show ipiptun99')
|
|
print(output)
|
|
self.assertRegex(output, 'ipip (ipip )?remote 192.169.224.239 local 192.168.223.238 dev dummy98')
|
|
output = check_output('ip -d link show ipiptun98')
|
|
print(output)
|
|
self.assertRegex(output, 'ipip (ipip )?remote 192.169.224.239 local any dev dummy98')
|
|
output = check_output('ip -d link show ipiptun97')
|
|
print(output)
|
|
self.assertRegex(output, 'ipip (ipip )?remote any local 192.168.223.238 dev dummy98')
|
|
output = check_output('ip -d link show ipiptun96')
|
|
print(output)
|
|
self.assertRegex(output, 'ipip (ipip )?remote any local any dev dummy98')
|
|
|
|
def test_gre_tunnel(self):
|
|
copy_network_unit('12-dummy.netdev', '25-gretun.network',
|
|
'25-gre-tunnel.netdev', '25-tunnel.network',
|
|
'25-gre-tunnel-local-any.netdev', '25-tunnel-local-any.network',
|
|
'25-gre-tunnel-remote-any.netdev', '25-tunnel-remote-any.network',
|
|
'25-gre-tunnel-any-any.netdev', '25-tunnel-any-any.network')
|
|
start_networkd()
|
|
self.wait_online('gretun99:routable', 'gretun98:routable', 'gretun97:routable', 'gretun96:routable', 'dummy98:degraded')
|
|
self.networkctl_check_unit('gretun99', '25-gre-tunnel', '25-tunnel')
|
|
self.networkctl_check_unit('gretun98', '25-gre-tunnel-local-any', '25-tunnel-local-any')
|
|
self.networkctl_check_unit('gretun97', '25-gre-tunnel-remote-any', '25-tunnel-remote-any')
|
|
self.networkctl_check_unit('gretun96', '25-gre-tunnel-any-any', '25-tunnel-any-any')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '25-gretun')
|
|
|
|
output = check_output('ip -d link show gretun99')
|
|
print(output)
|
|
self.assertRegex(output, 'gre remote 10.65.223.239 local 10.65.223.238 dev dummy98')
|
|
self.assertRegex(output, 'ikey 1.2.3.103')
|
|
self.assertRegex(output, 'okey 1.2.4.103')
|
|
self.assertRegex(output, 'iseq')
|
|
self.assertRegex(output, 'oseq')
|
|
output = check_output('ip -d link show gretun98')
|
|
print(output)
|
|
self.assertRegex(output, 'gre remote 10.65.223.239 local any dev dummy98')
|
|
self.assertRegex(output, 'ikey 0.0.0.104')
|
|
self.assertRegex(output, 'okey 0.0.0.104')
|
|
self.assertNotRegex(output, 'iseq')
|
|
self.assertNotRegex(output, 'oseq')
|
|
output = check_output('ip -d link show gretun97')
|
|
print(output)
|
|
self.assertRegex(output, 'gre remote any local 10.65.223.238 dev dummy98')
|
|
self.assertRegex(output, 'ikey 0.0.0.105')
|
|
self.assertRegex(output, 'okey 0.0.0.105')
|
|
self.assertNotRegex(output, 'iseq')
|
|
self.assertNotRegex(output, 'oseq')
|
|
output = check_output('ip -d link show gretun96')
|
|
print(output)
|
|
self.assertRegex(output, 'gre remote any local any dev dummy98')
|
|
self.assertRegex(output, 'ikey 0.0.0.106')
|
|
self.assertRegex(output, 'okey 0.0.0.106')
|
|
self.assertNotRegex(output, 'iseq')
|
|
self.assertNotRegex(output, 'oseq')
|
|
|
|
def test_ip6gre_tunnel(self):
|
|
copy_network_unit('12-dummy.netdev', '25-ip6gretun.network',
|
|
'25-ip6gre-tunnel.netdev', '25-tunnel.network',
|
|
'25-ip6gre-tunnel-local-any.netdev', '25-tunnel-local-any.network',
|
|
'25-ip6gre-tunnel-remote-any.netdev', '25-tunnel-remote-any.network',
|
|
'25-ip6gre-tunnel-any-any.netdev', '25-tunnel-any-any.network')
|
|
start_networkd()
|
|
|
|
# Old kernels seem not to support IPv6LL address on ip6gre tunnel, So please do not use wait_online() here.
|
|
|
|
self.wait_links('dummy98', 'ip6gretun99', 'ip6gretun98', 'ip6gretun97', 'ip6gretun96')
|
|
|
|
output = check_output('ip -d link show ip6gretun99')
|
|
print(output)
|
|
self.assertRegex(output, 'ip6gre remote 2001:473:fece:cafe::5179 local 2a00:ffde:4567:edde::4987 dev dummy98')
|
|
output = check_output('ip -d link show ip6gretun98')
|
|
print(output)
|
|
self.assertRegex(output, 'ip6gre remote 2001:473:fece:cafe::5179 local any dev dummy98')
|
|
output = check_output('ip -d link show ip6gretun97')
|
|
print(output)
|
|
self.assertRegex(output, 'ip6gre remote any local 2a00:ffde:4567:edde::4987 dev dummy98')
|
|
output = check_output('ip -d link show ip6gretun96')
|
|
print(output)
|
|
self.assertRegex(output, 'ip6gre remote any local any dev dummy98')
|
|
|
|
def test_gretap_tunnel(self):
|
|
copy_network_unit('12-dummy.netdev', '25-gretap.network',
|
|
'25-gretap-tunnel.netdev', '25-tunnel.network',
|
|
'25-gretap-tunnel-local-any.netdev', '25-tunnel-local-any.network')
|
|
start_networkd()
|
|
self.wait_online('gretap99:routable', 'gretap98:routable', 'dummy98:degraded')
|
|
self.networkctl_check_unit('gretap99', '25-gretap-tunnel', '25-tunnel')
|
|
self.networkctl_check_unit('gretap98', '25-gretap-tunnel-local-any', '25-tunnel-local-any')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '25-gretap')
|
|
|
|
output = check_output('ip -d link show gretap99')
|
|
print(output)
|
|
self.assertRegex(output, 'gretap remote 10.65.223.239 local 10.65.223.238 dev dummy98')
|
|
self.assertRegex(output, 'ikey 0.0.0.106')
|
|
self.assertRegex(output, 'okey 0.0.0.106')
|
|
self.assertRegex(output, 'iseq')
|
|
self.assertRegex(output, 'oseq')
|
|
self.assertIn('nopmtudisc', output)
|
|
self.assertIn('ignore-df', output)
|
|
output = check_output('ip -d link show gretap98')
|
|
print(output)
|
|
self.assertRegex(output, 'gretap remote 10.65.223.239 local any dev dummy98')
|
|
self.assertRegex(output, 'ikey 0.0.0.107')
|
|
self.assertRegex(output, 'okey 0.0.0.107')
|
|
self.assertRegex(output, 'iseq')
|
|
self.assertRegex(output, 'oseq')
|
|
|
|
def test_ip6gretap_tunnel(self):
|
|
copy_network_unit('12-dummy.netdev', '25-ip6gretap.network',
|
|
'25-ip6gretap-tunnel.netdev', '25-tunnel.network',
|
|
'25-ip6gretap-tunnel-local-any.netdev', '25-tunnel-local-any.network')
|
|
start_networkd()
|
|
self.wait_online('ip6gretap99:routable', 'ip6gretap98:routable', 'dummy98:degraded')
|
|
self.networkctl_check_unit('ip6gretap99', '25-ip6gretap-tunnel', '25-tunnel')
|
|
self.networkctl_check_unit('ip6gretap98', '25-ip6gretap-tunnel-local-any', '25-tunnel-local-any')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '25-ip6gretap')
|
|
|
|
output = check_output('ip -d link show ip6gretap99')
|
|
print(output)
|
|
self.assertRegex(output, 'ip6gretap remote 2001:473:fece:cafe::5179 local 2a00:ffde:4567:edde::4987 dev dummy98')
|
|
output = check_output('ip -d link show ip6gretap98')
|
|
print(output)
|
|
self.assertRegex(output, 'ip6gretap remote 2001:473:fece:cafe::5179 local any dev dummy98')
|
|
|
|
def test_vti_tunnel(self):
|
|
copy_network_unit('12-dummy.netdev', '25-vti.network',
|
|
'25-vti-tunnel.netdev', '25-tunnel.network',
|
|
'25-vti-tunnel-local-any.netdev', '25-tunnel-local-any.network',
|
|
'25-vti-tunnel-remote-any.netdev', '25-tunnel-remote-any.network',
|
|
'25-vti-tunnel-any-any.netdev', '25-tunnel-any-any.network')
|
|
start_networkd()
|
|
self.wait_online('vtitun99:routable', 'vtitun98:routable', 'vtitun97:routable', 'vtitun96:routable', 'dummy98:degraded')
|
|
self.networkctl_check_unit('vtitun99', '25-vti-tunnel', '25-tunnel')
|
|
self.networkctl_check_unit('vtitun98', '25-vti-tunnel-local-any', '25-tunnel-local-any')
|
|
self.networkctl_check_unit('vtitun97', '25-vti-tunnel-remote-any', '25-tunnel-remote-any')
|
|
self.networkctl_check_unit('vtitun96', '25-vti-tunnel-any-any', '25-tunnel-any-any')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '25-vti')
|
|
|
|
output = check_output('ip -d link show vtitun99')
|
|
print(output)
|
|
self.assertRegex(output, 'vti remote 10.65.223.239 local 10.65.223.238 dev dummy98')
|
|
output = check_output('ip -d link show vtitun98')
|
|
print(output)
|
|
self.assertRegex(output, 'vti remote 10.65.223.239 local any dev dummy98')
|
|
output = check_output('ip -d link show vtitun97')
|
|
print(output)
|
|
self.assertRegex(output, 'vti remote any local 10.65.223.238 dev dummy98')
|
|
output = check_output('ip -d link show vtitun96')
|
|
print(output)
|
|
self.assertRegex(output, 'vti remote any local any dev dummy98')
|
|
|
|
def test_vti6_tunnel(self):
|
|
copy_network_unit('12-dummy.netdev', '25-vti6.network',
|
|
'25-vti6-tunnel.netdev', '25-tunnel.network',
|
|
'25-vti6-tunnel-local-any.netdev', '25-tunnel-local-any.network',
|
|
'25-vti6-tunnel-remote-any.netdev', '25-tunnel-remote-any.network')
|
|
start_networkd()
|
|
self.wait_online('vti6tun99:routable', 'vti6tun98:routable', 'vti6tun97:routable', 'dummy98:degraded')
|
|
self.networkctl_check_unit('vti6tun99', '25-vti6-tunnel', '25-tunnel')
|
|
self.networkctl_check_unit('vti6tun98', '25-vti6-tunnel-local-any', '25-tunnel-local-any')
|
|
self.networkctl_check_unit('vti6tun97', '25-vti6-tunnel-remote-any', '25-tunnel-remote-any')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '25-vti6')
|
|
|
|
output = check_output('ip -d link show vti6tun99')
|
|
print(output)
|
|
self.assertRegex(output, 'vti6 remote 2001:473:fece:cafe::5179 local 2a00:ffde:4567:edde::4987 dev dummy98')
|
|
output = check_output('ip -d link show vti6tun98')
|
|
print(output)
|
|
self.assertRegex(output, 'vti6 remote 2001:473:fece:cafe::5179 local (any|::) dev dummy98')
|
|
output = check_output('ip -d link show vti6tun97')
|
|
print(output)
|
|
self.assertRegex(output, 'vti6 remote (any|::) local 2a00:ffde:4567:edde::4987 dev dummy98')
|
|
|
|
def test_ip6tnl_tunnel(self):
|
|
copy_network_unit('12-dummy.netdev', '25-ip6tnl.network',
|
|
'25-ip6tnl-tunnel.netdev', '25-tunnel.network',
|
|
'25-ip6tnl-tunnel-local-any.netdev', '25-tunnel-local-any.network',
|
|
'25-ip6tnl-tunnel-remote-any.netdev', '25-tunnel-remote-any.network',
|
|
'25-veth.netdev', '25-ip6tnl-slaac.network', '25-ipv6-prefix.network',
|
|
'25-ip6tnl-tunnel-local-slaac.netdev', '25-ip6tnl-tunnel-local-slaac.network',
|
|
'25-ip6tnl-tunnel-external.netdev', '26-netdev-link-local-addressing-yes.network')
|
|
start_networkd()
|
|
self.wait_online('ip6tnl99:routable', 'ip6tnl98:routable', 'ip6tnl97:routable',
|
|
'ip6tnl-slaac:degraded', 'ip6tnl-external:degraded',
|
|
'dummy98:degraded', 'veth99:routable', 'veth-peer:degraded')
|
|
self.networkctl_check_unit('ip6tnl99', '25-ip6tnl-tunnel', '25-tunnel')
|
|
self.networkctl_check_unit('ip6tnl98', '25-ip6tnl-tunnel-local-any', '25-tunnel-local-any')
|
|
self.networkctl_check_unit('ip6tnl97', '25-ip6tnl-tunnel-remote-any', '25-tunnel-remote-any')
|
|
self.networkctl_check_unit('ip6tnl-slaac', '25-ip6tnl-tunnel-local-slaac', '25-ip6tnl-tunnel-local-slaac')
|
|
self.networkctl_check_unit('ip6tnl-external', '25-ip6tnl-tunnel-external', '26-netdev-link-local-addressing-yes')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '25-ip6tnl')
|
|
self.networkctl_check_unit('veth99', '25-veth', '25-ip6tnl-slaac')
|
|
self.networkctl_check_unit('veth-peer', '25-veth', '25-ipv6-prefix')
|
|
|
|
output = check_output('ip -d link show ip6tnl99')
|
|
print(output)
|
|
self.assertIn('ip6tnl ip6ip6 remote 2001:473:fece:cafe::5179 local 2a00:ffde:4567:edde::4987 dev dummy98', output)
|
|
output = check_output('ip -d link show ip6tnl98')
|
|
print(output)
|
|
self.assertRegex(output, 'ip6tnl ip6ip6 remote 2001:473:fece:cafe::5179 local (any|::) dev dummy98')
|
|
output = check_output('ip -d link show ip6tnl97')
|
|
print(output)
|
|
self.assertRegex(output, 'ip6tnl ip6ip6 remote (any|::) local 2a00:ffde:4567:edde::4987 dev dummy98')
|
|
output = check_output('ip -d link show ip6tnl-external')
|
|
print(output)
|
|
self.assertIn('ip6tnl-external@NONE:', output)
|
|
self.assertIn('ip6tnl external ', output)
|
|
output = check_output('ip -d link show ip6tnl-slaac')
|
|
print(output)
|
|
self.assertIn('ip6tnl ip6ip6 remote 2001:473:fece:cafe::5179 local 2002:da8:1:0:1034:56ff:fe78:9abc dev veth99', output)
|
|
|
|
output = check_output('ip -6 address show veth99')
|
|
print(output)
|
|
self.assertIn('inet6 2002:da8:1:0:1034:56ff:fe78:9abc/64 scope global dynamic', output)
|
|
|
|
output = check_output('ip -4 route show default')
|
|
print(output)
|
|
self.assertIn('default dev ip6tnl-slaac proto static', output)
|
|
|
|
def test_sit_tunnel(self):
|
|
copy_network_unit('12-dummy.netdev', '25-sit.network',
|
|
'25-sit-tunnel.netdev', '25-tunnel.network',
|
|
'25-sit-tunnel-local-any.netdev', '25-tunnel-local-any.network',
|
|
'25-sit-tunnel-remote-any.netdev', '25-tunnel-remote-any.network',
|
|
'25-sit-tunnel-any-any.netdev', '25-tunnel-any-any.network')
|
|
start_networkd()
|
|
self.wait_online('sittun99:routable', 'sittun98:routable', 'sittun97:routable', 'sittun96:routable', 'dummy98:degraded')
|
|
self.networkctl_check_unit('sittun99', '25-sit-tunnel', '25-tunnel')
|
|
self.networkctl_check_unit('sittun98', '25-sit-tunnel-local-any', '25-tunnel-local-any')
|
|
self.networkctl_check_unit('sittun97', '25-sit-tunnel-remote-any', '25-tunnel-remote-any')
|
|
self.networkctl_check_unit('sittun96', '25-sit-tunnel-any-any', '25-tunnel-any-any')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '25-sit')
|
|
|
|
output = check_output('ip -d link show sittun99')
|
|
print(output)
|
|
self.assertRegex(output, "sit (ip6ip )?remote 10.65.223.239 local 10.65.223.238 dev dummy98")
|
|
output = check_output('ip -d link show sittun98')
|
|
print(output)
|
|
self.assertRegex(output, "sit (ip6ip )?remote 10.65.223.239 local any dev dummy98")
|
|
output = check_output('ip -d link show sittun97')
|
|
print(output)
|
|
self.assertRegex(output, "sit (ip6ip )?remote any local 10.65.223.238 dev dummy98")
|
|
output = check_output('ip -d link show sittun96')
|
|
print(output)
|
|
self.assertRegex(output, "sit (ip6ip )?remote any local any dev dummy98")
|
|
|
|
def test_isatap_tunnel(self):
|
|
copy_network_unit('12-dummy.netdev', '25-isatap.network',
|
|
'25-isatap-tunnel.netdev', '25-tunnel.network')
|
|
start_networkd()
|
|
self.wait_online('isataptun99:routable', 'dummy98:degraded')
|
|
self.networkctl_check_unit('isataptun99', '25-isatap-tunnel', '25-tunnel')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '25-isatap')
|
|
|
|
output = check_output('ip -d link show isataptun99')
|
|
print(output)
|
|
self.assertRegex(output, "isatap ")
|
|
|
|
def test_6rd_tunnel(self):
|
|
copy_network_unit('12-dummy.netdev', '25-6rd.network',
|
|
'25-6rd-tunnel.netdev', '25-tunnel.network')
|
|
start_networkd()
|
|
self.wait_online('sittun99:routable', 'dummy98:degraded')
|
|
self.networkctl_check_unit('sittun99', '25-6rd-tunnel', '25-tunnel')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '25-6rd')
|
|
|
|
output = check_output('ip -d link show sittun99')
|
|
print(output)
|
|
self.assertRegex(output, '6rd-prefix 2602::/24')
|
|
|
|
@expectedFailureIfERSPANv0IsNotSupported()
|
|
def test_erspan_tunnel_v0(self):
|
|
copy_network_unit('12-dummy.netdev', '25-erspan.network',
|
|
'25-erspan0-tunnel.netdev', '25-tunnel.network',
|
|
'25-erspan0-tunnel-local-any.netdev', '25-tunnel-local-any.network')
|
|
start_networkd()
|
|
self.wait_online('erspan99:routable', 'erspan98:routable', 'dummy98:degraded')
|
|
self.networkctl_check_unit('erspan99', '25-erspan0-tunnel', '25-tunnel')
|
|
self.networkctl_check_unit('erspan98', '25-erspan0-tunnel-local-any', '25-tunnel-local-any')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '25-erspan')
|
|
|
|
output = check_output('ip -d link show erspan99')
|
|
print(output)
|
|
self.assertIn('erspan remote 172.16.1.100 local 172.16.1.200', output)
|
|
self.assertIn('erspan_ver 0', output)
|
|
self.assertNotIn('erspan_index 123', output)
|
|
self.assertNotIn('erspan_dir ingress', output)
|
|
self.assertNotIn('erspan_hwid 1f', output)
|
|
self.assertIn('ikey 0.0.0.101', output)
|
|
self.assertIn('iseq', output)
|
|
self.assertIn('nopmtudisc', output)
|
|
self.assertIn('ignore-df', output)
|
|
output = check_output('ip -d link show erspan98')
|
|
print(output)
|
|
self.assertIn('erspan remote 172.16.1.100 local any', output)
|
|
self.assertIn('erspan_ver 0', output)
|
|
self.assertNotIn('erspan_index 124', output)
|
|
self.assertNotIn('erspan_dir egress', output)
|
|
self.assertNotIn('erspan_hwid 2f', output)
|
|
self.assertIn('ikey 0.0.0.102', output)
|
|
self.assertIn('iseq', output)
|
|
|
|
def test_erspan_tunnel_v1(self):
|
|
copy_network_unit('12-dummy.netdev', '25-erspan.network',
|
|
'25-erspan1-tunnel.netdev', '25-tunnel.network',
|
|
'25-erspan1-tunnel-local-any.netdev', '25-tunnel-local-any.network')
|
|
start_networkd()
|
|
self.wait_online('erspan99:routable', 'erspan98:routable', 'dummy98:degraded')
|
|
self.networkctl_check_unit('erspan99', '25-erspan1-tunnel', '25-tunnel')
|
|
self.networkctl_check_unit('erspan98', '25-erspan1-tunnel-local-any', '25-tunnel-local-any')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '25-erspan')
|
|
|
|
output = check_output('ip -d link show erspan99')
|
|
print(output)
|
|
self.assertIn('erspan remote 172.16.1.100 local 172.16.1.200', output)
|
|
self.assertIn('erspan_ver 1', output)
|
|
self.assertIn('erspan_index 123', output)
|
|
self.assertNotIn('erspan_dir ingress', output)
|
|
self.assertNotIn('erspan_hwid 1f', output)
|
|
self.assertIn('ikey 0.0.0.101', output)
|
|
self.assertIn('okey 0.0.0.101', output)
|
|
self.assertIn('iseq', output)
|
|
self.assertIn('oseq', output)
|
|
output = check_output('ip -d link show erspan98')
|
|
print(output)
|
|
self.assertIn('erspan remote 172.16.1.100 local any', output)
|
|
self.assertIn('erspan_ver 1', output)
|
|
self.assertIn('erspan_index 124', output)
|
|
self.assertNotIn('erspan_dir egress', output)
|
|
self.assertNotIn('erspan_hwid 2f', output)
|
|
self.assertIn('ikey 0.0.0.102', output)
|
|
self.assertIn('okey 0.0.0.102', output)
|
|
self.assertIn('iseq', output)
|
|
self.assertIn('oseq', output)
|
|
|
|
@expectedFailureIfERSPANv2IsNotSupported()
|
|
def test_erspan_tunnel_v2(self):
|
|
copy_network_unit('12-dummy.netdev', '25-erspan.network',
|
|
'25-erspan2-tunnel.netdev', '25-tunnel.network',
|
|
'25-erspan2-tunnel-local-any.netdev', '25-tunnel-local-any.network')
|
|
start_networkd()
|
|
self.wait_online('erspan99:routable', 'erspan98:routable', 'dummy98:degraded')
|
|
self.networkctl_check_unit('erspan99', '25-erspan2-tunnel', '25-tunnel')
|
|
self.networkctl_check_unit('erspan98', '25-erspan2-tunnel-local-any', '25-tunnel-local-any')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '25-erspan')
|
|
|
|
output = check_output('ip -d link show erspan99')
|
|
print(output)
|
|
self.assertIn('erspan remote 172.16.1.100 local 172.16.1.200', output)
|
|
self.assertIn('erspan_ver 2', output)
|
|
self.assertNotIn('erspan_index 123', output)
|
|
self.assertIn('erspan_dir ingress', output)
|
|
self.assertIn('erspan_hwid 0x1f', output)
|
|
self.assertIn('ikey 0.0.0.101', output)
|
|
self.assertIn('okey 0.0.0.101', output)
|
|
self.assertIn('iseq', output)
|
|
self.assertIn('oseq', output)
|
|
output = check_output('ip -d link show erspan98')
|
|
print(output)
|
|
self.assertIn('erspan remote 172.16.1.100 local any', output)
|
|
self.assertIn('erspan_ver 2', output)
|
|
self.assertNotIn('erspan_index 124', output)
|
|
self.assertIn('erspan_dir egress', output)
|
|
self.assertIn('erspan_hwid 0x2f', output)
|
|
self.assertIn('ikey 0.0.0.102', output)
|
|
self.assertIn('okey 0.0.0.102', output)
|
|
self.assertIn('iseq', output)
|
|
self.assertIn('oseq', output)
|
|
|
|
def test_tunnel_independent(self):
|
|
copy_network_unit('25-ipip-tunnel-independent.netdev', '26-netdev-link-local-addressing-yes.network')
|
|
start_networkd()
|
|
|
|
self.wait_online('ipiptun99:carrier')
|
|
self.networkctl_check_unit('ipiptun99', '25-ipip-tunnel-independent', '26-netdev-link-local-addressing-yes')
|
|
|
|
def test_tunnel_independent_loopback(self):
|
|
copy_network_unit('25-ipip-tunnel-independent-loopback.netdev', '26-netdev-link-local-addressing-yes.network')
|
|
start_networkd()
|
|
|
|
self.wait_online('ipiptun99:carrier')
|
|
self.networkctl_check_unit('ipiptun99', '25-ipip-tunnel-independent-loopback', '26-netdev-link-local-addressing-yes')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('xfrm_interface')
|
|
def test_xfrm(self):
|
|
copy_network_unit('12-dummy.netdev', '25-xfrm.network',
|
|
'25-xfrm.netdev', '25-xfrm-independent.netdev',
|
|
'26-netdev-link-local-addressing-yes.network')
|
|
start_networkd()
|
|
|
|
self.wait_online('dummy98:degraded', 'xfrm98:degraded', 'xfrm99:degraded')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '25-xfrm')
|
|
self.networkctl_check_unit('xfrm98', '25-xfrm', '26-netdev-link-local-addressing-yes')
|
|
self.networkctl_check_unit('xfrm99', '25-xfrm-independent', '26-netdev-link-local-addressing-yes')
|
|
|
|
output = check_output('ip -d link show dev xfrm98')
|
|
print(output)
|
|
self.assertIn('xfrm98@dummy98:', output)
|
|
self.assertIn('xfrm if_id 0x98 ', output)
|
|
|
|
output = check_output('ip -d link show dev xfrm99')
|
|
print(output)
|
|
self.assertIn('xfrm99@lo:', output)
|
|
self.assertIn('xfrm if_id 0x99 ', output)
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('fou')
|
|
def test_fou(self):
|
|
# The following redundant check is necessary for CentOS CI.
|
|
# Maybe, error handling in lookup_id() in sd-netlink/generic-netlink.c needs to be updated.
|
|
self.assertTrue(is_module_available('fou'))
|
|
|
|
copy_network_unit('25-fou-ipproto-ipip.netdev', '25-fou-ipproto-gre.netdev',
|
|
'25-fou-ipip.netdev', '25-fou-sit.netdev',
|
|
'25-fou-gre.netdev', '25-fou-gretap.netdev')
|
|
start_networkd()
|
|
|
|
self.wait_online('ipiptun96:off', 'sittun96:off', 'gretun96:off', 'gretap96:off', setup_state='unmanaged')
|
|
self.networkctl_check_unit('ipiptun96', '25-fou-ipip')
|
|
self.networkctl_check_unit('sittun96', '25-fou-sit')
|
|
self.networkctl_check_unit('gretun96', '25-fou-gre')
|
|
self.networkctl_check_unit('gretap96', '25-fou-gretap')
|
|
|
|
output = check_output('ip fou show')
|
|
print(output)
|
|
self.assertRegex(output, 'port 55555 ipproto 4')
|
|
self.assertRegex(output, 'port 55556 ipproto 47')
|
|
|
|
output = check_output('ip -d link show ipiptun96')
|
|
print(output)
|
|
self.assertRegex(output, 'encap fou encap-sport auto encap-dport 55555')
|
|
output = check_output('ip -d link show sittun96')
|
|
print(output)
|
|
self.assertRegex(output, 'encap fou encap-sport auto encap-dport 55555')
|
|
output = check_output('ip -d link show gretun96')
|
|
print(output)
|
|
self.assertRegex(output, 'encap fou encap-sport 1001 encap-dport 55556')
|
|
output = check_output('ip -d link show gretap96')
|
|
print(output)
|
|
self.assertRegex(output, 'encap fou encap-sport auto encap-dport 55556')
|
|
|
|
def test_vxlan(self):
|
|
copy_network_unit('11-dummy.netdev', '25-vxlan-test1.network',
|
|
'25-vxlan.netdev', '25-vxlan.network',
|
|
'25-vxlan-ipv6.netdev', '25-vxlan-ipv6.network',
|
|
'25-vxlan-independent.netdev', '26-netdev-link-local-addressing-yes.network',
|
|
'25-veth.netdev', '25-vxlan-veth99.network', '25-ipv6-prefix.network',
|
|
'25-vxlan-local-slaac.netdev', '25-vxlan-local-slaac.network')
|
|
start_networkd()
|
|
|
|
self.wait_online('test1:degraded', 'veth99:routable', 'veth-peer:degraded',
|
|
'vxlan99:degraded', 'vxlan98:degraded', 'vxlan97:degraded', 'vxlan-slaac:degraded')
|
|
self.networkctl_check_unit('test1', '11-dummy', '25-vxlan-test1')
|
|
self.networkctl_check_unit('veth99', '25-veth', '25-vxlan-veth99')
|
|
self.networkctl_check_unit('veth-peer', '25-veth', '25-ipv6-prefix')
|
|
self.networkctl_check_unit('vxlan99', '25-vxlan', '25-vxlan')
|
|
self.networkctl_check_unit('vxlan98', '25-vxlan-independent', '26-netdev-link-local-addressing-yes')
|
|
self.networkctl_check_unit('vxlan97', '25-vxlan-ipv6', '25-vxlan-ipv6')
|
|
self.networkctl_check_unit('vxlan-slaac', '25-vxlan-local-slaac', '25-vxlan-local-slaac')
|
|
|
|
output = check_output('ip -d -d link show vxlan99')
|
|
print(output)
|
|
self.assertIn('999', output)
|
|
self.assertIn('5555', output)
|
|
self.assertIn('l2miss', output)
|
|
self.assertIn('l3miss', output)
|
|
self.assertIn('gbp', output)
|
|
# Since [0] some of the options use slightly different names and some
|
|
# options with default values are shown only if the -d(etails) setting
|
|
# is repeated
|
|
# [0] https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=1215e9d3862387353d8672296cb4c6c16e8cbb72
|
|
self.assertRegex(output, '(udpcsum|udp_csum)')
|
|
self.assertRegex(output, '(udp6zerocsumtx|udp_zero_csum6_tx)')
|
|
self.assertRegex(output, '(udp6zerocsumrx|udp_zero_csum6_rx)')
|
|
self.assertRegex(output, '(remcsumtx|remcsum_tx)')
|
|
self.assertRegex(output, '(remcsumrx|remcsum_rx)')
|
|
|
|
output = check_output('bridge fdb show dev vxlan99')
|
|
print(output)
|
|
self.assertIn('00:11:22:33:44:55 dst 10.0.0.5 self permanent', output)
|
|
self.assertIn('00:11:22:33:44:66 dst 10.0.0.6 self permanent', output)
|
|
self.assertIn('00:11:22:33:44:77 dst 10.0.0.7 via test1 self permanent', output)
|
|
|
|
output = networkctl_status('vxlan99')
|
|
print(output)
|
|
self.assertIn('VNI: 999', output)
|
|
self.assertIn('Destination Port: 5555', output)
|
|
self.assertIn('Underlying Device: test1', output)
|
|
|
|
output = check_output('bridge fdb show dev vxlan97')
|
|
print(output)
|
|
self.assertIn('00:00:00:00:00:00 dst fe80::23b:d2ff:fe95:967f via test1 self permanent', output)
|
|
self.assertIn('00:00:00:00:00:00 dst fe80::27c:16ff:fec0:6c74 via test1 self permanent', output)
|
|
self.assertIn('00:00:00:00:00:00 dst fe80::2a2:e4ff:fef9:2269 via test1 self permanent', output)
|
|
|
|
output = check_output('ip -d link show vxlan-slaac')
|
|
print(output)
|
|
self.assertIn('vxlan id 4831584 local 2002:da8:1:0:1034:56ff:fe78:9abc dev veth99', output)
|
|
|
|
output = check_output('ip -6 address show veth99')
|
|
print(output)
|
|
self.assertIn('inet6 2002:da8:1:0:1034:56ff:fe78:9abc/64 scope global dynamic', output)
|
|
|
|
@unittest.skipUnless(compare_kernel_version("6"), reason="Causes kernel panic on unpatched kernels: https://bugzilla.kernel.org/show_bug.cgi?id=208315")
|
|
def test_macsec(self):
|
|
copy_network_unit('25-macsec.netdev', '25-macsec.network', '25-macsec.key',
|
|
'26-macsec.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
|
|
self.wait_online('dummy98:degraded', 'macsec99:routable')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '26-macsec')
|
|
self.networkctl_check_unit('macsec99', '25-macsec', '25-macsec')
|
|
|
|
output = check_output('ip -d link show macsec99')
|
|
print(output)
|
|
self.assertRegex(output, 'macsec99@dummy98')
|
|
self.assertRegex(output, 'macsec sci [0-9a-f]*000b')
|
|
self.assertRegex(output, 'encrypt on')
|
|
|
|
output = check_output('ip macsec show macsec99')
|
|
print(output)
|
|
self.assertRegex(output, 'encrypt on')
|
|
self.assertRegex(output, 'TXSC: [0-9a-f]*000b on SA 1')
|
|
self.assertRegex(output, '0: PN [0-9]*, state on, key 01000000000000000000000000000000')
|
|
self.assertRegex(output, '1: PN [0-9]*, state on, key 02030000000000000000000000000000')
|
|
self.assertRegex(output, 'RXSC: c619528fe6a00100, state on')
|
|
self.assertRegex(output, '0: PN [0-9]*, state on, key 02030405000000000000000000000000')
|
|
self.assertRegex(output, '1: PN [0-9]*, state on, key 02030405060000000000000000000000')
|
|
self.assertRegex(output, '2: PN [0-9]*, state off, key 02030405060700000000000000000000')
|
|
self.assertRegex(output, '3: PN [0-9]*, state off, key 02030405060708000000000000000000')
|
|
self.assertNotRegex(output, 'key 02030405067080900000000000000000')
|
|
self.assertRegex(output, 'RXSC: 8c16456c83a90002, state on')
|
|
self.assertRegex(output, '0: PN [0-9]*, state off, key 02030400000000000000000000000000')
|
|
|
|
def test_nlmon(self):
|
|
copy_network_unit('25-nlmon.netdev', '26-netdev-link-local-addressing-yes.network')
|
|
start_networkd()
|
|
|
|
self.wait_online('nlmon99:carrier')
|
|
self.networkctl_check_unit('nlmon99', '25-nlmon', '26-netdev-link-local-addressing-yes')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('ifb')
|
|
def test_ifb(self):
|
|
copy_network_unit('25-ifb.netdev', '26-netdev-link-local-addressing-yes.network')
|
|
start_networkd()
|
|
|
|
self.wait_online('ifb99:degraded')
|
|
self.networkctl_check_unit('ifb99', '25-ifb', '26-netdev-link-local-addressing-yes')
|
|
|
|
@unittest.skipUnless(os.cpu_count() >= 2, reason="CPU count should be >= 2 to pass this test")
|
|
def test_rps_cpu_1(self):
|
|
copy_network_unit('12-dummy.netdev', '12-dummy.network', '25-rps-cpu-1.link')
|
|
start_networkd()
|
|
|
|
self.wait_online('dummy98:carrier')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '12-dummy', '25-rps-cpu-1')
|
|
|
|
output = check_output('cat /sys/class/net/dummy98/queues/rx-0/rps_cpus')
|
|
print(output)
|
|
self.assertEqual(int(output.replace(',', ''), base=16), 2)
|
|
|
|
@unittest.skipUnless(os.cpu_count() >= 2, reason="CPU count should be >= 2 to pass this test")
|
|
def test_rps_cpu_0_1(self):
|
|
copy_network_unit('12-dummy.netdev', '12-dummy.network', '25-rps-cpu-0-1.link')
|
|
start_networkd()
|
|
|
|
self.wait_online('dummy98:carrier')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '12-dummy', '25-rps-cpu-0-1')
|
|
|
|
output = check_output('cat /sys/class/net/dummy98/queues/rx-0/rps_cpus')
|
|
print(output)
|
|
self.assertEqual(int(output.replace(',', ''), base=16), 3)
|
|
|
|
@unittest.skipUnless(os.cpu_count() >= 4, reason="CPU count should be >= 4 to pass this test")
|
|
def test_rps_cpu_multi(self):
|
|
copy_network_unit('12-dummy.netdev', '12-dummy.network', '25-rps-cpu-multi.link')
|
|
start_networkd()
|
|
|
|
self.wait_online('dummy98:carrier')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '12-dummy', '25-rps-cpu-multi')
|
|
|
|
output = check_output('cat /sys/class/net/dummy98/queues/rx-0/rps_cpus')
|
|
print(output)
|
|
self.assertEqual(int(output.replace(',', ''), base=16), 15)
|
|
|
|
def test_rps_cpu(self):
|
|
cpu_count = os.cpu_count()
|
|
|
|
copy_network_unit('12-dummy.netdev', '12-dummy.network')
|
|
start_networkd()
|
|
|
|
self.wait_online('dummy98:carrier')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '12-dummy')
|
|
|
|
# 0
|
|
copy_network_unit('25-rps-cpu-0.link')
|
|
udevadm_trigger('/sys/class/net/dummy98')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '12-dummy', '25-rps-cpu-0')
|
|
output = check_output('cat /sys/class/net/dummy98/queues/rx-0/rps_cpus')
|
|
print(output)
|
|
self.assertEqual(int(output.replace(',', ''), base=16), 1)
|
|
remove_network_unit('25-rps-cpu-0.link')
|
|
|
|
# all
|
|
copy_network_unit('25-rps-cpu-all.link')
|
|
udevadm_trigger('/sys/class/net/dummy98')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '12-dummy', '25-rps-cpu-all')
|
|
output = check_output('cat /sys/class/net/dummy98/queues/rx-0/rps_cpus')
|
|
print(output)
|
|
self.assertEqual(f"{int(output.replace(',', ''), base=16):x}", f'{(1 << cpu_count) - 1:x}')
|
|
remove_network_unit('25-rps-cpu-all.link')
|
|
|
|
# disable
|
|
copy_network_unit('24-rps-cpu-disable.link')
|
|
udevadm_trigger('/sys/class/net/dummy98')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '12-dummy', '24-rps-cpu-disable')
|
|
output = check_output('cat /sys/class/net/dummy98/queues/rx-0/rps_cpus')
|
|
print(output)
|
|
self.assertEqual(int(output.replace(',', ''), base=16), 0)
|
|
remove_network_unit('24-rps-cpu-disable.link')
|
|
|
|
# set all again
|
|
copy_network_unit('25-rps-cpu-all.link')
|
|
udevadm_trigger('/sys/class/net/dummy98')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '12-dummy', '25-rps-cpu-all')
|
|
output = check_output('cat /sys/class/net/dummy98/queues/rx-0/rps_cpus')
|
|
print(output)
|
|
self.assertEqual(f"{int(output.replace(',', ''), base=16):x}", f'{(1 << cpu_count) - 1:x}')
|
|
remove_network_unit('25-rps-cpu-all.link')
|
|
|
|
# empty -> unchanged
|
|
copy_network_unit('24-rps-cpu-empty.link')
|
|
udevadm_trigger('/sys/class/net/dummy98')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '12-dummy', '24-rps-cpu-empty')
|
|
output = check_output('cat /sys/class/net/dummy98/queues/rx-0/rps_cpus')
|
|
print(output)
|
|
self.assertEqual(f"{int(output.replace(',', ''), base=16):x}", f'{(1 << cpu_count) - 1:x}')
|
|
remove_network_unit('24-rps-cpu-empty.link')
|
|
|
|
# 0, then empty -> unchanged
|
|
copy_network_unit('25-rps-cpu-0-empty.link')
|
|
udevadm_trigger('/sys/class/net/dummy98')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '12-dummy', '25-rps-cpu-0-empty')
|
|
output = check_output('cat /sys/class/net/dummy98/queues/rx-0/rps_cpus')
|
|
print(output)
|
|
self.assertEqual(f"{int(output.replace(',', ''), base=16):x}", f'{(1 << cpu_count) - 1:x}')
|
|
remove_network_unit('25-rps-cpu-0-empty.link')
|
|
|
|
# 0, then invalid -> 0
|
|
copy_network_unit('25-rps-cpu-0-invalid.link')
|
|
udevadm_trigger('/sys/class/net/dummy98')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '12-dummy', '25-rps-cpu-0-invalid')
|
|
output = check_output('cat /sys/class/net/dummy98/queues/rx-0/rps_cpus')
|
|
print(output)
|
|
self.assertEqual(int(output.replace(',', ''), base=16), 1)
|
|
remove_network_unit('25-rps-cpu-0-invalid.link')
|
|
|
|
# invalid -> unchanged
|
|
copy_network_unit('24-rps-cpu-invalid.link')
|
|
udevadm_trigger('/sys/class/net/dummy98')
|
|
self.networkctl_check_unit('dummy98', '12-dummy', '12-dummy', '24-rps-cpu-invalid')
|
|
output = check_output('cat /sys/class/net/dummy98/queues/rx-0/rps_cpus')
|
|
print(output)
|
|
self.assertEqual(int(output.replace(',', ''), base=16), 1)
|
|
remove_network_unit('24-rps-cpu-invalid.link')
|
|
|
|
class NetworkdL2TPTests(unittest.TestCase, Utilities):
|
|
|
|
def setUp(self):
|
|
setup_common()
|
|
|
|
def tearDown(self):
|
|
tear_down_common()
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('l2tp_eth', 'l2tp_netlink')
|
|
def test_l2tp_udp(self):
|
|
copy_network_unit('11-dummy.netdev', '25-l2tp-dummy.network',
|
|
'25-l2tp-udp.netdev', '25-l2tp.network')
|
|
start_networkd()
|
|
|
|
self.wait_online('test1:routable', 'l2tp-ses1:degraded', 'l2tp-ses2:degraded')
|
|
self.networkctl_check_unit('test1', '11-dummy', '25-l2tp-dummy')
|
|
self.networkctl_check_unit('l2tp-ses1', '25-l2tp-udp', '25-l2tp')
|
|
self.networkctl_check_unit('l2tp-ses2', '25-l2tp-udp', '25-l2tp')
|
|
|
|
output = check_output('ip l2tp show tunnel tunnel_id 10')
|
|
print(output)
|
|
self.assertRegex(output, "Tunnel 10, encap UDP")
|
|
self.assertRegex(output, "From 192.168.30.100 to 192.168.30.101")
|
|
self.assertRegex(output, "Peer tunnel 11")
|
|
self.assertRegex(output, "UDP source / dest ports: 3000/4000")
|
|
self.assertRegex(output, "UDP checksum: enabled")
|
|
|
|
output = check_output('ip l2tp show session tid 10 session_id 15')
|
|
print(output)
|
|
self.assertRegex(output, "Session 15 in tunnel 10")
|
|
self.assertRegex(output, "Peer session 16, tunnel 11")
|
|
self.assertRegex(output, "interface name: l2tp-ses1")
|
|
|
|
output = check_output('ip l2tp show session tid 10 session_id 17')
|
|
print(output)
|
|
self.assertRegex(output, "Session 17 in tunnel 10")
|
|
self.assertRegex(output, "Peer session 18, tunnel 11")
|
|
self.assertRegex(output, "interface name: l2tp-ses2")
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('l2tp_eth', 'l2tp_ip', 'l2tp_netlink')
|
|
def test_l2tp_ip(self):
|
|
copy_network_unit('11-dummy.netdev', '25-l2tp-dummy.network',
|
|
'25-l2tp-ip.netdev', '25-l2tp.network')
|
|
start_networkd()
|
|
|
|
self.wait_online('test1:routable', 'l2tp-ses3:degraded', 'l2tp-ses4:degraded')
|
|
self.networkctl_check_unit('test1', '11-dummy', '25-l2tp-dummy')
|
|
self.networkctl_check_unit('l2tp-ses3', '25-l2tp-ip', '25-l2tp')
|
|
self.networkctl_check_unit('l2tp-ses4', '25-l2tp-ip', '25-l2tp')
|
|
|
|
output = check_output('ip l2tp show tunnel tunnel_id 10')
|
|
print(output)
|
|
self.assertRegex(output, "Tunnel 10, encap IP")
|
|
self.assertRegex(output, "From 192.168.30.100 to 192.168.30.101")
|
|
self.assertRegex(output, "Peer tunnel 12")
|
|
|
|
output = check_output('ip l2tp show session tid 10 session_id 25')
|
|
print(output)
|
|
self.assertRegex(output, "Session 25 in tunnel 10")
|
|
self.assertRegex(output, "Peer session 26, tunnel 12")
|
|
self.assertRegex(output, "interface name: l2tp-ses3")
|
|
|
|
output = check_output('ip l2tp show session tid 10 session_id 27')
|
|
print(output)
|
|
self.assertRegex(output, "Session 27 in tunnel 10")
|
|
self.assertRegex(output, "Peer session 28, tunnel 12")
|
|
self.assertRegex(output, "interface name: l2tp-ses4")
|
|
|
|
class NetworkdNetworkTests(unittest.TestCase, Utilities):
|
|
|
|
def setUp(self):
|
|
setup_common()
|
|
|
|
def tearDown(self):
|
|
tear_down_common()
|
|
|
|
def verify_address_static(
|
|
self,
|
|
label1: str,
|
|
label2: str,
|
|
label3: str,
|
|
broadcast1: str,
|
|
broadcast2: str,
|
|
broadcast3: str,
|
|
peer1: str,
|
|
peer2: str,
|
|
peer3: str,
|
|
peer4: str,
|
|
peer5: str,
|
|
peer6: str,
|
|
scope1: str,
|
|
scope2: str,
|
|
deprecated1: str,
|
|
deprecated2: str,
|
|
deprecated3: str,
|
|
deprecated4: str,
|
|
route_metric: int,
|
|
flag1: str,
|
|
flag2: str,
|
|
flag3: str,
|
|
flag4: str,
|
|
ip4_null_16: str,
|
|
ip4_null_24: str,
|
|
ip6_null_73: str,
|
|
ip6_null_74: str,
|
|
):
|
|
output = check_output('ip address show dev dummy98')
|
|
print(output)
|
|
|
|
# simple settings
|
|
self.assertIn('inet 10.1.2.3/16 brd 10.1.255.255 scope global dummy98', output)
|
|
self.assertIn('inet 10.1.2.4/16 brd 10.1.255.255 scope global secondary dummy98', output)
|
|
self.assertIn('inet 10.2.2.4/16 brd 10.2.255.255 scope global dummy98', output)
|
|
self.assertIn('inet6 2001:db8:0:f101::15/64 scope global', output)
|
|
self.assertIn('inet6 2001:db8:0:f101::16/64 scope global', output)
|
|
self.assertIn('inet6 2001:db8:0:f102::15/64 scope global', output)
|
|
|
|
# label
|
|
self.assertIn(f'inet 10.3.1.1/24 brd 10.3.1.255 scope global {label1}', output)
|
|
self.assertIn(f'inet 10.3.2.1/24 brd 10.3.2.255 scope global {label2}', output)
|
|
self.assertIn(f'inet 10.3.3.1/24 brd 10.3.3.255 scope global {label3}', output)
|
|
|
|
# broadcast
|
|
self.assertIn(f'inet 10.4.1.1/24{broadcast1} scope global dummy98', output)
|
|
self.assertIn(f'inet 10.4.2.1/24{broadcast2} scope global dummy98', output)
|
|
self.assertIn(f'inet 10.4.3.1/24{broadcast3} scope global dummy98', output)
|
|
|
|
# peer
|
|
self.assertIn(f'inet 10.5.1.1{peer1} scope global dummy98', output)
|
|
self.assertIn(f'inet 10.5.2.1{peer2} scope global dummy98', output)
|
|
self.assertIn(f'inet 10.5.3.1{peer3} scope global dummy98', output)
|
|
self.assertIn(f'inet6 2001:db8:0:f103::1{peer4} scope global', output)
|
|
self.assertIn(f'inet6 2001:db8:0:f103::2{peer5} scope global', output)
|
|
self.assertIn(f'inet6 2001:db8:0:f103::3{peer6} scope global', output)
|
|
|
|
# scope
|
|
self.assertIn(f'inet 10.6.1.1/24 brd 10.6.1.255 scope {scope1} dummy98', output)
|
|
self.assertIn(f'inet 10.6.2.1/24 brd 10.6.2.255 scope {scope2} dummy98', output)
|
|
|
|
# lifetime
|
|
self.assertIn(f'inet 10.7.1.1/24 brd 10.7.1.255 scope global{deprecated1} dummy98', output)
|
|
self.assertIn(f'inet 10.7.2.1/24 brd 10.7.2.255 scope global{deprecated2} dummy98', output)
|
|
self.assertIn(f'inet6 2001:db8:0:f104::1/64 scope global{deprecated3}', output)
|
|
self.assertIn(f'inet6 2001:db8:0:f104::2/64 scope global{deprecated4}', output)
|
|
|
|
# route metric
|
|
self.assertRegex(output, rf'inet 10.8.1.1/24 (metric {route_metric} |)brd 10.8.1.255 scope global dummy98')
|
|
self.assertRegex(output, rf'inet6 2001:db8:0:f105::1/64 (metric {route_metric} |)scope global')
|
|
|
|
output_route = check_output('ip -4 route show dev dummy98 10.8.1.0/24')
|
|
print(output_route)
|
|
self.assertIn(f'10.8.1.0/24 proto kernel scope link src 10.8.1.1 metric {route_metric}', output_route)
|
|
|
|
output_route = check_output('ip -6 route show dev dummy98 2001:db8:0:f105::/64')
|
|
print(output_route)
|
|
self.assertIn(f'2001:db8:0:f105::/64 proto kernel metric {route_metric}', output_route)
|
|
|
|
# flags
|
|
self.assertIn(f'inet 10.9.1.1/24 brd 10.9.1.255 scope global{flag1} dummy98', output)
|
|
self.assertIn(f'inet 10.9.2.1/24 brd 10.9.2.255 scope global{flag2} dummy98', output)
|
|
self.assertIn(f'inet6 2001:db8:0:f106::1/64 scope global{flag3}', output)
|
|
self.assertIn(f'inet6 2001:db8:0:f106::2/64 scope global{flag4}', output)
|
|
|
|
# null address
|
|
self.assertTrue(ip4_null_16.endswith('.0.1'))
|
|
prefix16 = ip4_null_16[:-len('.0.1')]
|
|
self.assertTrue(ip4_null_24.endswith('.1'))
|
|
prefix24 = ip4_null_24[:-len('.1')]
|
|
self.assertIn(f'inet {ip4_null_16}/16 brd {prefix16}.255.255 scope global subnet16', output)
|
|
self.assertIn(f'inet {ip4_null_24}/24 brd {prefix24}.255 scope global subnet24', output)
|
|
self.assertIn(f'inet6 {ip6_null_73}/73 scope global', output)
|
|
self.assertIn(f'inet6 {ip6_null_74}/74 scope global', output)
|
|
|
|
# invalid sections
|
|
self.assertNotIn('10.4.4.1', output)
|
|
self.assertNotIn('10.5.4.1', output)
|
|
self.assertNotIn('10.5.5.1', output)
|
|
self.assertNotIn('10.8.2.1', output)
|
|
self.assertNotIn('10.9.3.1', output)
|
|
self.assertNotIn('2001:db8:0:f101::2', output)
|
|
self.assertNotIn('2001:db8:0:f103::4', output)
|
|
|
|
# netlabel
|
|
self.check_netlabel('dummy98', r'10\.10\.1\.0/24')
|
|
|
|
check_json(networkctl_json())
|
|
|
|
@expectedFailureIfKernelReturnsInvalidFlags()
|
|
def test_address_static(self):
|
|
copy_network_unit('25-address-static.network', '12-dummy.netdev', copy_dropins=False)
|
|
self.setup_nftset('addr4', 'ipv4_addr')
|
|
self.setup_nftset('network4', 'ipv4_addr', 'flags interval;')
|
|
self.setup_nftset('ifindex', 'iface_index')
|
|
start_networkd()
|
|
|
|
self.wait_online('dummy98:routable')
|
|
|
|
ip4_null_16 = None
|
|
ip4_null_24 = None
|
|
output = check_output('ip -4 --json address show dev dummy98')
|
|
for i in json.loads(output)[0]['addr_info']:
|
|
if i['label'] == 'subnet16':
|
|
ip4_null_16 = i['local']
|
|
elif i['label'] == 'subnet24':
|
|
ip4_null_24 = i['local']
|
|
self.assertTrue(ip4_null_16.endswith('.0.1'))
|
|
self.assertTrue(ip4_null_24.endswith('.1'))
|
|
|
|
ip6_null_73 = None
|
|
ip6_null_74 = None
|
|
output = check_output('ip -6 --json address show dev dummy98')
|
|
for i in json.loads(output)[0]['addr_info']:
|
|
if i['prefixlen'] == 73:
|
|
ip6_null_73 = i['local']
|
|
elif i['prefixlen'] == 74:
|
|
ip6_null_74 = i['local']
|
|
self.assertTrue(ip6_null_73.endswith(':1'))
|
|
self.assertTrue(ip6_null_74.endswith(':1'))
|
|
|
|
self.verify_address_static(
|
|
label1='label1',
|
|
label2='label2',
|
|
label3='dummy98',
|
|
broadcast1='',
|
|
broadcast2=' brd 10.4.2.255',
|
|
broadcast3=' brd 10.4.3.63',
|
|
peer1=' peer 10.5.1.101/24',
|
|
peer2=' peer 10.5.2.101/24',
|
|
peer3='/24 brd 10.5.3.255',
|
|
peer4=' peer 2001:db8:0:f103::101/128',
|
|
peer5=' peer 2001:db8:0:f103::102/128',
|
|
peer6='/128',
|
|
scope1='global',
|
|
scope2='link',
|
|
deprecated1='',
|
|
deprecated2=' deprecated',
|
|
deprecated3='',
|
|
deprecated4=' deprecated',
|
|
route_metric=128,
|
|
flag1=' noprefixroute',
|
|
flag2='',
|
|
flag3=' noprefixroute',
|
|
flag4=' home mngtmpaddr',
|
|
ip4_null_16=ip4_null_16,
|
|
ip4_null_24=ip4_null_24,
|
|
ip6_null_73=ip6_null_73,
|
|
ip6_null_74=ip6_null_74,
|
|
)
|
|
# nft set
|
|
self.check_nftset('addr4', r'10\.10\.1\.1')
|
|
self.check_nftset('network4', r'10\.10\.1\.0/24')
|
|
self.check_nftset('ifindex', 'dummy98')
|
|
|
|
self.teardown_nftset('addr4', 'network4', 'ifindex')
|
|
|
|
copy_network_unit('25-address-static.network.d/10-override.conf')
|
|
networkctl_reload()
|
|
self.wait_online('dummy98:routable')
|
|
self.verify_address_static(
|
|
label1='new-label1',
|
|
label2='dummy98',
|
|
label3='new-label3',
|
|
broadcast1=' brd 10.4.1.255',
|
|
broadcast2='',
|
|
broadcast3=' brd 10.4.3.31',
|
|
peer1=' peer 10.5.1.102/24',
|
|
peer2='/24 brd 10.5.2.255',
|
|
peer3=' peer 10.5.3.102/24',
|
|
peer4=' peer 2001:db8:0:f103::201/128',
|
|
peer5='/128',
|
|
peer6=' peer 2001:db8:0:f103::203/128',
|
|
scope1='link',
|
|
scope2='global',
|
|
deprecated1=' deprecated',
|
|
deprecated2='',
|
|
deprecated3=' deprecated',
|
|
deprecated4='',
|
|
route_metric=256,
|
|
flag1='',
|
|
flag2=' noprefixroute',
|
|
flag3=' home mngtmpaddr',
|
|
flag4=' noprefixroute',
|
|
ip4_null_16=ip4_null_16,
|
|
ip4_null_24=ip4_null_24,
|
|
ip6_null_73=ip6_null_73,
|
|
ip6_null_74=ip6_null_74,
|
|
)
|
|
|
|
networkctl_reconfigure('dummy98')
|
|
self.wait_online('dummy98:routable')
|
|
self.verify_address_static(
|
|
label1='new-label1',
|
|
label2='dummy98',
|
|
label3='new-label3',
|
|
broadcast1=' brd 10.4.1.255',
|
|
broadcast2='',
|
|
broadcast3=' brd 10.4.3.31',
|
|
peer1=' peer 10.5.1.102/24',
|
|
peer2='/24 brd 10.5.2.255',
|
|
peer3=' peer 10.5.3.102/24',
|
|
peer4=' peer 2001:db8:0:f103::201/128',
|
|
peer5='/128',
|
|
peer6=' peer 2001:db8:0:f103::203/128',
|
|
scope1='link',
|
|
scope2='global',
|
|
deprecated1=' deprecated',
|
|
deprecated2='',
|
|
deprecated3=' deprecated',
|
|
deprecated4='',
|
|
route_metric=256,
|
|
flag1='',
|
|
flag2=' noprefixroute',
|
|
flag3=' home mngtmpaddr',
|
|
flag4=' noprefixroute',
|
|
ip4_null_16=ip4_null_16,
|
|
ip4_null_24=ip4_null_24,
|
|
ip6_null_73=ip6_null_73,
|
|
ip6_null_74=ip6_null_74,
|
|
)
|
|
|
|
# Tests for #20891.
|
|
# 1. set preferred lifetime forever to drop the deprecated flag for testing #20891.
|
|
check_output('ip address change 10.7.1.1/24 dev dummy98 preferred_lft forever')
|
|
check_output('ip address change 2001:db8:0:f104::1/64 dev dummy98 preferred_lft forever')
|
|
output = check_output('ip address show dev dummy98')
|
|
print(output)
|
|
self.assertNotRegex(output, '10.7.1.1/24 .* deprecated')
|
|
self.assertNotRegex(output, '2001:db8:0:f104::1/64 .* deprecated')
|
|
|
|
# 2. reconfigure the interface, and check the deprecated flag is set again
|
|
networkctl_reconfigure('dummy98')
|
|
self.wait_online('dummy98:routable')
|
|
self.verify_address_static(
|
|
label1='new-label1',
|
|
label2='dummy98',
|
|
label3='new-label3',
|
|
broadcast1=' brd 10.4.1.255',
|
|
broadcast2='',
|
|
broadcast3=' brd 10.4.3.31',
|
|
peer1=' peer 10.5.1.102/24',
|
|
peer2='/24 brd 10.5.2.255',
|
|
peer3=' peer 10.5.3.102/24',
|
|
peer4=' peer 2001:db8:0:f103::201/128',
|
|
peer5='/128',
|
|
peer6=' peer 2001:db8:0:f103::203/128',
|
|
scope1='link',
|
|
scope2='global',
|
|
deprecated1=' deprecated',
|
|
deprecated2='',
|
|
deprecated3=' deprecated',
|
|
deprecated4='',
|
|
route_metric=256,
|
|
flag1='',
|
|
flag2=' noprefixroute',
|
|
flag3=' home mngtmpaddr',
|
|
flag4=' noprefixroute',
|
|
ip4_null_16=ip4_null_16,
|
|
ip4_null_24=ip4_null_24,
|
|
ip6_null_73=ip6_null_73,
|
|
ip6_null_74=ip6_null_74,
|
|
)
|
|
|
|
# test for ENOBUFS issue #17012 (with reload)
|
|
copy_network_unit('25-address-static.network.d/10-many-address.conf')
|
|
networkctl_reload()
|
|
self.wait_online('dummy98:routable')
|
|
output = check_output('ip -4 address show dev dummy98')
|
|
for i in range(1, 254):
|
|
self.assertIn(f'inet 10.3.3.{i}/16 brd 10.3.255.255', output)
|
|
|
|
# (with reconfigure)
|
|
networkctl_reconfigure('dummy98')
|
|
self.wait_online('dummy98:routable')
|
|
output = check_output('ip -4 address show dev dummy98')
|
|
for i in range(1, 254):
|
|
self.assertIn(f'inet 10.3.3.{i}/16 brd 10.3.255.255', output)
|
|
|
|
# test for an empty string assignment for Address= in [Network]
|
|
copy_network_unit('25-address-static.network.d/20-clear-addresses.conf')
|
|
networkctl_reload()
|
|
self.wait_online('dummy98:routable')
|
|
output = check_output('ip -4 address show dev dummy98')
|
|
for i in range(1, 254):
|
|
self.assertNotIn(f'inet 10.3.3.{i}/16 brd 10.3.255.255', output)
|
|
self.assertIn('inet 10.4.0.1/16 brd 10.4.255.255', output)
|
|
|
|
def test_address_ipv4acd(self):
|
|
check_output('ip netns add ns99')
|
|
check_output('ip link add veth99 type veth peer veth-peer')
|
|
check_output('ip link set veth-peer netns ns99')
|
|
check_output('ip link set veth99 up')
|
|
check_output('ip netns exec ns99 ip link set veth-peer up')
|
|
check_output('ip netns exec ns99 ip address add 192.168.100.10/24 dev veth-peer')
|
|
|
|
copy_network_unit('25-address-ipv4acd-veth99.network', copy_dropins=False)
|
|
start_networkd()
|
|
self.wait_online('veth99:routable')
|
|
|
|
output = check_output('ip -4 address show dev veth99')
|
|
print(output)
|
|
self.assertNotIn('192.168.100.10/24', output)
|
|
self.assertIn('192.168.100.11/24', output)
|
|
|
|
copy_network_unit('25-address-ipv4acd-veth99.network.d/conflict-address.conf')
|
|
networkctl_reload()
|
|
self.wait_operstate('veth99', operstate='routable', setup_state='configuring', setup_timeout=10)
|
|
|
|
output = check_output('ip -4 address show dev veth99')
|
|
print(output)
|
|
self.assertNotIn('192.168.100.10/24', output)
|
|
self.assertIn('192.168.100.11/24', output)
|
|
|
|
def test_address_peer_ipv4(self):
|
|
# test for issue #17304
|
|
copy_network_unit('25-address-peer-ipv4.network', '12-dummy.netdev')
|
|
|
|
for trial in range(2):
|
|
if trial == 0:
|
|
start_networkd()
|
|
else:
|
|
restart_networkd()
|
|
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('ip -4 address show dev dummy98')
|
|
self.assertIn('inet 100.64.0.1 peer 100.64.0.2/32 scope global', output)
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('vrf')
|
|
def test_prefix_route(self):
|
|
copy_network_unit('25-prefix-route-with-vrf.network', '12-dummy.netdev',
|
|
'25-prefix-route-without-vrf.network', '11-dummy.netdev',
|
|
'25-vrf.netdev', '25-vrf.network')
|
|
for trial in range(2):
|
|
if trial == 0:
|
|
start_networkd()
|
|
else:
|
|
restart_networkd()
|
|
|
|
self.wait_online('dummy98:routable', 'test1:routable', 'vrf99:carrier')
|
|
|
|
output = check_output('ip route show table 42 dev dummy98')
|
|
print('### ip route show table 42 dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'local 10.20.22.1 proto kernel scope host src 10.20.22.1')
|
|
self.assertRegex(output, '10.20.33.0/24 proto kernel scope link src 10.20.33.1')
|
|
self.assertRegex(output, 'local 10.20.33.1 proto kernel scope host src 10.20.33.1')
|
|
self.assertRegex(output, 'broadcast 10.20.33.255 proto kernel scope link src 10.20.33.1')
|
|
self.assertRegex(output, 'local 10.20.44.1 proto kernel scope host src 10.20.44.1')
|
|
self.assertRegex(output, 'local 10.20.55.1 proto kernel scope host src 10.20.55.1')
|
|
self.assertRegex(output, 'broadcast 10.20.55.255 proto kernel scope link src 10.20.55.1')
|
|
output = check_output('ip -6 route show table 42 dev dummy98')
|
|
print('### ip -6 route show table 42 dev dummy98')
|
|
print(output)
|
|
if trial == 0:
|
|
# Kernel's bug?
|
|
self.assertRegex(output, 'local fdde:11:22::1 proto kernel metric 0 pref medium')
|
|
#self.assertRegex(output, 'fdde:11:22::1 proto kernel metric 256 pref medium')
|
|
self.assertRegex(output, 'local fdde:11:33::1 proto kernel metric 0 pref medium')
|
|
self.assertRegex(output, 'fdde:11:33::/64 proto kernel metric 256 pref medium')
|
|
self.assertRegex(output, 'local fdde:11:44::1 proto kernel metric 0 pref medium')
|
|
self.assertRegex(output, 'local fdde:11:55::1 proto kernel metric 0 pref medium')
|
|
self.assertRegex(output, 'fe80::/64 proto kernel metric 256 pref medium')
|
|
self.assertRegex(output, 'ff00::/8 (proto kernel )?metric 256 (linkdown )?pref medium')
|
|
|
|
print()
|
|
|
|
output = check_output('ip route show dev test1')
|
|
print('### ip route show dev test1')
|
|
print(output)
|
|
self.assertRegex(output, '10.21.33.0/24 proto kernel scope link src 10.21.33.1')
|
|
output = check_output('ip route show table local dev test1')
|
|
print('### ip route show table local dev test1')
|
|
print(output)
|
|
self.assertRegex(output, 'local 10.21.22.1 proto kernel scope host src 10.21.22.1')
|
|
self.assertRegex(output, 'local 10.21.33.1 proto kernel scope host src 10.21.33.1')
|
|
self.assertRegex(output, 'broadcast 10.21.33.255 proto kernel scope link src 10.21.33.1')
|
|
self.assertRegex(output, 'local 10.21.44.1 proto kernel scope host src 10.21.44.1')
|
|
self.assertRegex(output, 'local 10.21.55.1 proto kernel scope host src 10.21.55.1')
|
|
self.assertRegex(output, 'broadcast 10.21.55.255 proto kernel scope link src 10.21.55.1')
|
|
output = check_output('ip -6 route show dev test1')
|
|
print('### ip -6 route show dev test1')
|
|
print(output)
|
|
self.assertRegex(output, 'fdde:12:22::1 proto kernel metric 256 pref medium')
|
|
self.assertRegex(output, 'fdde:12:33::/64 proto kernel metric 256 pref medium')
|
|
self.assertRegex(output, 'fe80::/64 proto kernel metric 256 pref medium')
|
|
output = check_output('ip -6 route show table local dev test1')
|
|
print('### ip -6 route show table local dev test1')
|
|
print(output)
|
|
self.assertRegex(output, 'local fdde:12:22::1 proto kernel metric 0 pref medium')
|
|
self.assertRegex(output, 'local fdde:12:33::1 proto kernel metric 0 pref medium')
|
|
self.assertRegex(output, 'local fdde:12:44::1 proto kernel metric 0 pref medium')
|
|
self.assertRegex(output, 'local fdde:12:55::1 proto kernel metric 0 pref medium')
|
|
self.assertRegex(output, 'ff00::/8 (proto kernel )?metric 256 (linkdown )?pref medium')
|
|
|
|
def test_configure_without_carrier(self):
|
|
copy_network_unit('11-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_operstate('test1', 'off', '')
|
|
check_output('ip link set dev test1 up carrier off')
|
|
|
|
copy_network_unit('25-test1.network.d/configure-without-carrier.conf', copy_dropins=False)
|
|
restart_networkd()
|
|
self.wait_online('test1:no-carrier')
|
|
|
|
carrier_map = {'on': '1', 'off': '0'}
|
|
routable_map = {'on': 'routable', 'off': 'no-carrier'}
|
|
for carrier in ['off', 'on', 'off']:
|
|
with self.subTest(carrier=carrier):
|
|
if carrier_map[carrier] != read_link_attr('test1', 'carrier'):
|
|
check_output(f'ip link set dev test1 carrier {carrier}')
|
|
self.wait_online(f'test1:{routable_map[carrier]}:{routable_map[carrier]}')
|
|
|
|
output = networkctl_status('test1')
|
|
print(output)
|
|
self.assertRegex(output, '192.168.0.15')
|
|
self.assertRegex(output, '192.168.0.1')
|
|
self.assertRegex(output, routable_map[carrier])
|
|
|
|
def test_configure_without_carrier_yes_ignore_carrier_loss_no(self):
|
|
copy_network_unit('11-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_operstate('test1', 'off', '')
|
|
check_output('ip link set dev test1 up carrier off')
|
|
|
|
copy_network_unit('25-test1.network')
|
|
restart_networkd()
|
|
self.wait_online('test1:no-carrier')
|
|
|
|
carrier_map = {'on': '1', 'off': '0'}
|
|
routable_map = {'on': 'routable', 'off': 'no-carrier'}
|
|
for (carrier, have_config) in [('off', True), ('on', True), ('off', False)]:
|
|
with self.subTest(carrier=carrier, have_config=have_config):
|
|
if carrier_map[carrier] != read_link_attr('test1', 'carrier'):
|
|
check_output(f'ip link set dev test1 carrier {carrier}')
|
|
self.wait_online(f'test1:{routable_map[carrier]}:{routable_map[carrier]}')
|
|
|
|
output = networkctl_status('test1')
|
|
print(output)
|
|
if have_config:
|
|
self.assertRegex(output, '192.168.0.15')
|
|
self.assertRegex(output, '192.168.0.1')
|
|
else:
|
|
self.assertNotRegex(output, '192.168.0.15')
|
|
self.assertNotRegex(output, '192.168.0.1')
|
|
self.assertRegex(output, routable_map[carrier])
|
|
|
|
def check_routing_policy_rule_test1(self):
|
|
print('### Checking routing policy rules requested by test1')
|
|
|
|
output = check_output('ip rule list iif test1 priority 111')
|
|
print(output)
|
|
self.assertRegex(output, r'111: from 192.168.100.18 tos (0x08|throughput) iif test1 oif test1 lookup 7')
|
|
|
|
output = check_output('ip -6 rule list iif test1 priority 100')
|
|
print(output)
|
|
self.assertIn('100: from all iif test1 lookup 8', output)
|
|
|
|
output = check_output('ip rule list iif test1 priority 101')
|
|
print(output)
|
|
self.assertIn('101: from all iif test1 lookup 9', output)
|
|
|
|
output = check_output('ip -6 rule list iif test1 priority 101')
|
|
print(output)
|
|
self.assertIn('101: from all iif test1 lookup 9', output)
|
|
|
|
output = check_output('ip rule list iif test1 priority 102')
|
|
print(output)
|
|
self.assertIn('102: from 0.0.0.0/8 iif test1 lookup 10', output)
|
|
|
|
output = check_output('ip rule list iif test1 priority 103')
|
|
print(output)
|
|
self.assertIn('103: from 10.0.0.0/16 iif test1 lookup 11 goto 111', output)
|
|
|
|
output = check_output('ip rule list iif test1 priority 104')
|
|
print(output)
|
|
self.assertIn('104: from 10.1.0.0/16 iif test1 lookup 12 nop', output)
|
|
|
|
def check_routing_policy_rule_dummy98(self):
|
|
print('### Checking routing policy rules requested by dummy98')
|
|
|
|
output = check_output('ip rule list priority 112')
|
|
print(output)
|
|
self.assertRegex(output, r'112: from 192.168.101.18 tos (0x08|throughput) iif dummy98 oif dummy98 lookup 8')
|
|
|
|
def _test_routing_policy_rule(self, manage_foreign_routes):
|
|
if not manage_foreign_routes:
|
|
copy_networkd_conf_dropin('networkd-manage-foreign-rules-no.conf')
|
|
copy_network_unit('25-routing-policy-rule-test1.network', '11-dummy.netdev')
|
|
|
|
stop_networkd()
|
|
|
|
check_output('ip -4 rule add priority 20001 table 9999 from 10.10.0.0/16')
|
|
check_output('ip -6 rule add priority 20001 table 9999 from 2001:db8:0:1::/64')
|
|
|
|
start_networkd()
|
|
self.wait_online('test1:degraded')
|
|
|
|
self.check_routing_policy_rule_test1()
|
|
check_json(networkctl_json())
|
|
|
|
output = check_output('ip -4 rule list priority 20001 table 9999 from 10.10.0.0/16')
|
|
print(output)
|
|
if manage_foreign_routes:
|
|
self.assertEqual(output, '')
|
|
else:
|
|
self.assertIn(output, '20001: from 10.10.0.0/16 lookup 9999')
|
|
check_output('ip -4 rule del priority 20001 table 9999 from 10.10.0.0/16')
|
|
|
|
output = check_output('ip -6 rule list priority 20001 table 9999 from 2001:db8:0:1::/64')
|
|
print(output)
|
|
if manage_foreign_routes:
|
|
self.assertEqual(output, '')
|
|
else:
|
|
self.assertIn(output, '20001: from 2001:db8:0:1::/64 lookup 9999')
|
|
check_output('ip -6 rule del priority 20001 table 9999 from 2001:db8:0:1::/64')
|
|
|
|
def test_routing_policy_rule(self):
|
|
first = True
|
|
for manage_foreign_routes in [True, False]:
|
|
if first:
|
|
first = False
|
|
else:
|
|
self.tearDown()
|
|
|
|
print(f'### test_routing_policy_rule(manage_foreign_routes={manage_foreign_routes})')
|
|
with self.subTest(manage_foreign_routes=manage_foreign_routes):
|
|
self._test_routing_policy_rule(manage_foreign_routes)
|
|
|
|
def test_routing_policy_rule_restart_and_reconfigure(self):
|
|
copy_network_unit('25-routing-policy-rule-test1.network', '11-dummy.netdev',
|
|
'25-routing-policy-rule-dummy98.network', '12-dummy.netdev')
|
|
|
|
# For #11280 and #34068.
|
|
|
|
for trial in range(3):
|
|
restart_networkd(show_logs=(trial > 0))
|
|
self.wait_online('test1:degraded', 'dummy98:degraded')
|
|
|
|
self.check_routing_policy_rule_test1()
|
|
self.check_routing_policy_rule_dummy98()
|
|
|
|
networkctl_reconfigure('test1')
|
|
self.wait_online('test1:degraded')
|
|
|
|
self.check_routing_policy_rule_test1()
|
|
self.check_routing_policy_rule_dummy98()
|
|
|
|
networkctl_reconfigure('dummy98')
|
|
self.wait_online('dummy98:degraded')
|
|
|
|
self.check_routing_policy_rule_test1()
|
|
self.check_routing_policy_rule_dummy98()
|
|
|
|
def test_routing_policy_rule_reconfigure(self):
|
|
copy_network_unit('25-routing-policy-rule-reconfigure2.network', '11-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('test1:degraded')
|
|
|
|
output = check_output('ip rule list table 1011')
|
|
print(output)
|
|
self.assertIn('10111: from all fwmark 0x3f3 lookup 1011', output)
|
|
self.assertIn('10112: from all oif test1 lookup 1011', output)
|
|
self.assertIn('10113: from all iif test1 lookup 1011', output)
|
|
self.assertIn('10114: from 192.168.8.254 lookup 1011', output)
|
|
|
|
output = check_output('ip -6 rule list table 1011')
|
|
print(output)
|
|
self.assertIn('10112: from all oif test1 lookup 1011', output)
|
|
|
|
copy_network_unit('25-routing-policy-rule-reconfigure1.network', '11-dummy.netdev')
|
|
networkctl_reload()
|
|
self.wait_online('test1:degraded')
|
|
|
|
output = check_output('ip rule list table 1011')
|
|
print(output)
|
|
self.assertIn('10111: from all fwmark 0x3f3 lookup 1011', output)
|
|
self.assertIn('10112: from all oif test1 lookup 1011', output)
|
|
self.assertIn('10113: from all iif test1 lookup 1011', output)
|
|
self.assertIn('10114: from 192.168.8.254 lookup 1011', output)
|
|
|
|
output = check_output('ip -6 rule list table 1011')
|
|
print(output)
|
|
self.assertNotIn('10112: from all oif test1 lookup 1011', output)
|
|
self.assertIn('10113: from all iif test1 lookup 1011', output)
|
|
|
|
call('ip rule delete priority 10111')
|
|
call('ip rule delete priority 10112')
|
|
call('ip rule delete priority 10113')
|
|
call('ip rule delete priority 10114')
|
|
call('ip -6 rule delete priority 10113')
|
|
|
|
output = check_output('ip rule list table 1011')
|
|
print(output)
|
|
self.assertEqual(output, '')
|
|
|
|
output = check_output('ip -6 rule list table 1011')
|
|
print(output)
|
|
self.assertEqual(output, '')
|
|
|
|
networkctl_reconfigure('test1')
|
|
self.wait_online('test1:degraded')
|
|
|
|
output = check_output('ip rule list table 1011')
|
|
print(output)
|
|
self.assertIn('10111: from all fwmark 0x3f3 lookup 1011', output)
|
|
self.assertIn('10112: from all oif test1 lookup 1011', output)
|
|
self.assertIn('10113: from all iif test1 lookup 1011', output)
|
|
self.assertIn('10114: from 192.168.8.254 lookup 1011', output)
|
|
|
|
output = check_output('ip -6 rule list table 1011')
|
|
print(output)
|
|
self.assertIn('10113: from all iif test1 lookup 1011', output)
|
|
|
|
@expectedFailureIfRoutingPolicyPortRangeIsNotAvailable()
|
|
def test_routing_policy_rule_port_range(self):
|
|
copy_network_unit('25-fibrule-port-range.network', '11-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('test1:degraded')
|
|
|
|
output = check_output('ip rule')
|
|
print(output)
|
|
self.assertIn('111:', output)
|
|
self.assertIn('from 192.168.100.18 ', output)
|
|
self.assertIn('sport 1123-1150 ', output)
|
|
self.assertIn('dport 3224-3290 ', output)
|
|
self.assertRegex(output, 'ipproto (tcp|ipproto-6) ')
|
|
self.assertIn('lookup 7 ', output)
|
|
|
|
@expectedFailureIfRoutingPolicyIPProtoIsNotAvailable()
|
|
def test_routing_policy_rule_invert(self):
|
|
copy_network_unit('25-fibrule-invert.network', '11-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('test1:degraded')
|
|
|
|
output = check_output('ip rule')
|
|
print(output)
|
|
self.assertIn('111:', output)
|
|
self.assertIn('not ', output)
|
|
self.assertIn('from 192.168.100.18 ', output)
|
|
self.assertRegex(output, 'ipproto (tcp|ipproto-6) ')
|
|
self.assertIn('lookup 7 ', output)
|
|
|
|
@expectedFailureIfRoutingPolicyL3MasterDeviceIsNotAvailable()
|
|
def test_routing_policy_rule_l3mdev(self):
|
|
copy_network_unit('25-fibrule-l3mdev.network', '11-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('test1:degraded')
|
|
|
|
output = check_output('ip rule')
|
|
print(output)
|
|
self.assertIn('1500: from all lookup [l3mdev-table]', output)
|
|
self.assertIn('2000: from all lookup [l3mdev-table] unreachable', output)
|
|
|
|
@expectedFailureIfRoutingPolicyUIDRangeIsNotAvailable()
|
|
def test_routing_policy_rule_uidrange(self):
|
|
copy_network_unit('25-fibrule-uidrange.network', '11-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('test1:degraded')
|
|
|
|
output = check_output('ip rule')
|
|
print(output)
|
|
self.assertIn('111:', output)
|
|
self.assertIn('from 192.168.100.18 ', output)
|
|
self.assertIn('lookup 7 ', output)
|
|
self.assertIn('uidrange 100-200 ', output)
|
|
|
|
def _test_route_static(self, manage_foreign_routes):
|
|
if not manage_foreign_routes:
|
|
copy_networkd_conf_dropin('networkd-manage-foreign-routes-no.conf')
|
|
|
|
copy_network_unit('25-route-static.network', '12-dummy.netdev',
|
|
'25-route-static-test1.network', '11-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = networkctl_status('dummy98')
|
|
print(output)
|
|
|
|
print('### ip -6 route show dev dummy98')
|
|
output = check_output('ip -6 route show dev dummy98')
|
|
print(output)
|
|
self.assertIn('2001:1234:5:8fff:ff:ff:ff:ff proto static', output)
|
|
self.assertIn('2001:1234:5:8f63::1 proto kernel', output)
|
|
self.assertIn('2001:1234:5:afff:ff:ff:ff:ff via fe80:0:222:4dff:ff:ff:ff:ff proto static', output)
|
|
|
|
print('### ip -6 route show default')
|
|
output = check_output('ip -6 route show default')
|
|
print(output)
|
|
self.assertIn('default', output)
|
|
self.assertIn('via 2001:1234:5:8fff:ff:ff:ff:ff', output)
|
|
|
|
print('### ip -4 route show dev dummy98')
|
|
output = check_output('ip -4 route show dev dummy98')
|
|
print(output)
|
|
self.assertIn('149.10.124.48/28 proto kernel scope link src 149.10.124.58', output)
|
|
self.assertIn('149.10.124.64 proto static scope link', output)
|
|
self.assertIn('169.254.0.0/16 proto static scope link metric 2048', output)
|
|
self.assertIn('192.168.1.1 proto static scope link initcwnd 20', output)
|
|
self.assertIn('192.168.1.2 proto static scope link initrwnd 30', output)
|
|
self.assertIn('192.168.1.3 proto static scope link advmss 30', output)
|
|
self.assertIn('192.168.1.4 proto static scope link hoplimit 122', output)
|
|
self.assertIn('multicast 149.10.123.4 proto static', output)
|
|
|
|
print('### ip -4 route show dev dummy98 default')
|
|
output = check_output('ip -4 route show dev dummy98 default')
|
|
print(output)
|
|
self.assertIn('default via 149.10.125.65 proto static onlink', output)
|
|
self.assertIn('default via 149.10.124.64 proto static', output)
|
|
self.assertIn('default proto static', output)
|
|
self.assertIn('default via 1.1.8.104 proto static', output)
|
|
|
|
print('### ip -4 route show table local dev dummy98')
|
|
output = check_output('ip -4 route show table local dev dummy98')
|
|
print(output)
|
|
self.assertIn('local 149.10.123.1 proto static scope host', output)
|
|
self.assertIn('anycast 149.10.123.2 proto static scope link', output)
|
|
self.assertIn('broadcast 149.10.123.3 proto static scope link', output)
|
|
|
|
print('### ip -4 route show type blackhole')
|
|
output = check_output('ip -4 route show type blackhole')
|
|
print(output)
|
|
self.assertIn('blackhole 202.54.1.2 proto static', output)
|
|
|
|
print('### ip -4 route show type unreachable')
|
|
output = check_output('ip -4 route show type unreachable')
|
|
print(output)
|
|
self.assertIn('unreachable 202.54.1.3 proto static', output)
|
|
|
|
print('### ip -4 route show type prohibit')
|
|
output = check_output('ip -4 route show type prohibit')
|
|
print(output)
|
|
self.assertIn('prohibit 202.54.1.4 proto static', output)
|
|
|
|
print('### ip -6 route show type blackhole')
|
|
output = check_output('ip -6 route show type blackhole')
|
|
print(output)
|
|
self.assertIn('blackhole 2001:1234:5678::2 dev lo proto static', output)
|
|
|
|
print('### ip -6 route show type unreachable')
|
|
output = check_output('ip -6 route show type unreachable')
|
|
print(output)
|
|
self.assertIn('unreachable 2001:1234:5678::3 dev lo proto static', output)
|
|
|
|
print('### ip -6 route show type prohibit')
|
|
output = check_output('ip -6 route show type prohibit')
|
|
print(output)
|
|
self.assertIn('prohibit 2001:1234:5678::4 dev lo proto static', output)
|
|
|
|
print('### ip route show 192.168.10.1')
|
|
output = check_output('ip route show 192.168.10.1')
|
|
print(output)
|
|
self.assertIn('192.168.10.1 proto static', output)
|
|
self.assertIn('nexthop via 149.10.123.59 dev test1 weight 20', output)
|
|
self.assertIn('nexthop via 149.10.123.60 dev test1 weight 30', output)
|
|
self.assertIn('nexthop via 149.10.124.59 dev dummy98 weight 10', output)
|
|
self.assertIn('nexthop via 149.10.124.60 dev dummy98 weight 5', output)
|
|
|
|
print('### ip route show 192.168.10.2')
|
|
output = check_output('ip route show 192.168.10.2')
|
|
print(output)
|
|
# old ip command does not show IPv6 gateways...
|
|
self.assertIn('192.168.10.2 proto static', output)
|
|
self.assertIn('nexthop', output)
|
|
self.assertIn('dev test1 weight 20', output)
|
|
self.assertIn('dev test1 weight 30', output)
|
|
self.assertIn('dev dummy98 weight 10', output)
|
|
self.assertIn('dev dummy98 weight 5', output)
|
|
|
|
print('### ip -6 route show 2001:1234:5:bfff:ff:ff:ff:ff')
|
|
output = check_output('ip -6 route show 2001:1234:5:bfff:ff:ff:ff:ff')
|
|
print(output)
|
|
# old ip command does not show 'nexthop' keyword and weight...
|
|
self.assertIn('2001:1234:5:bfff:ff:ff:ff:ff', output)
|
|
self.assertIn('via 2001:1234:5:6fff:ff:ff:ff:ff dev test1', output)
|
|
self.assertIn('via 2001:1234:5:7fff:ff:ff:ff:ff dev test1', output)
|
|
self.assertIn('via 2001:1234:5:8fff:ff:ff:ff:ff dev dummy98', output)
|
|
self.assertIn('via 2001:1234:5:9fff:ff:ff:ff:ff dev dummy98', output)
|
|
|
|
check_json(networkctl_json())
|
|
|
|
copy_network_unit('25-address-static.network', copy_dropins=False)
|
|
networkctl_reload()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
# check all routes managed by Manager are removed
|
|
print('### ip -4 route show type blackhole')
|
|
output = check_output('ip -4 route show type blackhole')
|
|
print(output)
|
|
self.assertEqual(output, '')
|
|
|
|
print('### ip -4 route show type unreachable')
|
|
output = check_output('ip -4 route show type unreachable')
|
|
print(output)
|
|
self.assertEqual(output, '')
|
|
|
|
print('### ip -4 route show type prohibit')
|
|
output = check_output('ip -4 route show type prohibit')
|
|
print(output)
|
|
self.assertEqual(output, '')
|
|
|
|
print('### ip -6 route show type blackhole')
|
|
output = check_output('ip -6 route show type blackhole')
|
|
print(output)
|
|
self.assertEqual(output, '')
|
|
|
|
print('### ip -6 route show type unreachable')
|
|
output = check_output('ip -6 route show type unreachable')
|
|
print(output)
|
|
self.assertEqual(output, '')
|
|
|
|
print('### ip -6 route show type prohibit')
|
|
output = check_output('ip -6 route show type prohibit')
|
|
print(output)
|
|
self.assertEqual(output, '')
|
|
|
|
remove_network_unit('25-address-static.network')
|
|
networkctl_reload()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
# check all routes managed by Manager are reconfigured
|
|
print('### ip -4 route show type blackhole')
|
|
output = check_output('ip -4 route show type blackhole')
|
|
print(output)
|
|
self.assertIn('blackhole 202.54.1.2 proto static', output)
|
|
|
|
print('### ip -4 route show type unreachable')
|
|
output = check_output('ip -4 route show type unreachable')
|
|
print(output)
|
|
self.assertIn('unreachable 202.54.1.3 proto static', output)
|
|
|
|
print('### ip -4 route show type prohibit')
|
|
output = check_output('ip -4 route show type prohibit')
|
|
print(output)
|
|
self.assertIn('prohibit 202.54.1.4 proto static', output)
|
|
|
|
print('### ip -6 route show type blackhole')
|
|
output = check_output('ip -6 route show type blackhole')
|
|
print(output)
|
|
self.assertIn('blackhole 2001:1234:5678::2 dev lo proto static', output)
|
|
|
|
print('### ip -6 route show type unreachable')
|
|
output = check_output('ip -6 route show type unreachable')
|
|
print(output)
|
|
self.assertIn('unreachable 2001:1234:5678::3 dev lo proto static', output)
|
|
|
|
print('### ip -6 route show type prohibit')
|
|
output = check_output('ip -6 route show type prohibit')
|
|
print(output)
|
|
self.assertIn('prohibit 2001:1234:5678::4 dev lo proto static', output)
|
|
|
|
remove_link('dummy98')
|
|
time.sleep(2)
|
|
|
|
# check all routes managed by Manager are removed
|
|
print('### ip -4 route show type blackhole')
|
|
output = check_output('ip -4 route show type blackhole')
|
|
print(output)
|
|
self.assertEqual(output, '')
|
|
|
|
print('### ip -4 route show type unreachable')
|
|
output = check_output('ip -4 route show type unreachable')
|
|
print(output)
|
|
self.assertEqual(output, '')
|
|
|
|
print('### ip -4 route show type prohibit')
|
|
output = check_output('ip -4 route show type prohibit')
|
|
print(output)
|
|
self.assertEqual(output, '')
|
|
|
|
print('### ip -6 route show type blackhole')
|
|
output = check_output('ip -6 route show type blackhole')
|
|
print(output)
|
|
self.assertEqual(output, '')
|
|
|
|
print('### ip -6 route show type unreachable')
|
|
output = check_output('ip -6 route show type unreachable')
|
|
print(output)
|
|
self.assertEqual(output, '')
|
|
|
|
print('### ip -6 route show type prohibit')
|
|
output = check_output('ip -6 route show type prohibit')
|
|
print(output)
|
|
self.assertEqual(output, '')
|
|
|
|
def test_route_static(self):
|
|
first = True
|
|
for manage_foreign_routes in [True, False]:
|
|
if first:
|
|
first = False
|
|
else:
|
|
self.tearDown()
|
|
|
|
print(f'### test_route_static(manage_foreign_routes={manage_foreign_routes})')
|
|
with self.subTest(manage_foreign_routes=manage_foreign_routes):
|
|
self._test_route_static(manage_foreign_routes)
|
|
|
|
@expectedFailureIfRTA_VIAIsNotSupported()
|
|
def test_route_via_ipv6(self):
|
|
copy_network_unit('25-route-via-ipv6.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = networkctl_status('dummy98')
|
|
print(output)
|
|
|
|
print('### ip -6 route show dev dummy98')
|
|
output = check_output('ip -6 route show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, '2001:1234:5:8fff:ff:ff:ff:ff proto static')
|
|
self.assertRegex(output, '2001:1234:5:8f63::1 proto kernel')
|
|
|
|
print('### ip -4 route show dev dummy98')
|
|
output = check_output('ip -4 route show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, '149.10.124.48/28 proto kernel scope link src 149.10.124.58')
|
|
self.assertRegex(output, '149.10.124.66 via inet6 2001:1234:5:8fff:ff:ff:ff:ff proto static')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('tcp_dctcp')
|
|
def test_route_congctl(self):
|
|
copy_network_unit('25-route-congctl.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
print('### ip -6 route show dev dummy98 2001:1234:5:8fff:ff:ff:ff:ff')
|
|
output = check_output('ip -6 route show dev dummy98 2001:1234:5:8fff:ff:ff:ff:ff')
|
|
print(output)
|
|
self.assertIn('2001:1234:5:8fff:ff:ff:ff:ff proto static', output)
|
|
self.assertIn('congctl dctcp', output)
|
|
|
|
print('### ip -4 route show dev dummy98 149.10.124.66')
|
|
output = check_output('ip -4 route show dev dummy98 149.10.124.66')
|
|
print(output)
|
|
self.assertIn('149.10.124.66 proto static', output)
|
|
self.assertIn('congctl dctcp', output)
|
|
self.assertIn('rto_min 300s', output)
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('vrf')
|
|
def test_route_vrf(self):
|
|
copy_network_unit('25-route-vrf.network', '12-dummy.netdev',
|
|
'25-vrf.netdev', '25-vrf.network')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable', 'vrf99:carrier')
|
|
|
|
output = check_output('ip route show vrf vrf99')
|
|
print(output)
|
|
self.assertRegex(output, 'default via 192.168.100.1')
|
|
|
|
output = check_output('ip route show')
|
|
print(output)
|
|
self.assertNotRegex(output, 'default via 192.168.100.1')
|
|
|
|
def test_gateway_reconfigure(self):
|
|
copy_network_unit('25-gateway-static.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
print('### ip -4 route show dev dummy98 default')
|
|
output = check_output('ip -4 route show dev dummy98 default')
|
|
print(output)
|
|
self.assertIn('default via 149.10.124.59 proto static', output)
|
|
self.assertNotIn('149.10.124.60', output)
|
|
|
|
remove_network_unit('25-gateway-static.network')
|
|
copy_network_unit('25-gateway-next-static.network')
|
|
networkctl_reload()
|
|
self.wait_online('dummy98:routable')
|
|
print('### ip -4 route show dev dummy98 default')
|
|
output = check_output('ip -4 route show dev dummy98 default')
|
|
print(output)
|
|
self.assertNotIn('149.10.124.59', output)
|
|
self.assertIn('default via 149.10.124.60 proto static', output)
|
|
|
|
def test_ip_route_ipv6_src_route(self):
|
|
# a dummy device does not make the addresses go through tentative state, so we
|
|
# reuse a bond from an earlier test, which does make the addresses go through
|
|
# tentative state, and do our test on that
|
|
copy_network_unit('23-active-slave.network', '25-route-ipv6-src.network', '25-bond-active-backup-slave.netdev', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:enslaved', 'bond199:routable')
|
|
|
|
output = check_output('ip -6 route list dev bond199')
|
|
print(output)
|
|
self.assertIn('abcd::/16 via 2001:1234:56:8f63::1:1 proto static src 2001:1234:56:8f63::2', output)
|
|
|
|
def test_route_preferred_source_with_existing_address(self):
|
|
# See issue #28009.
|
|
copy_network_unit('25-route-preferred-source.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
|
|
for i in range(3):
|
|
if i != 0:
|
|
networkctl_reconfigure('dummy98')
|
|
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('ip -6 route list dev dummy98')
|
|
print(output)
|
|
self.assertIn('abcd::/16 via 2001:1234:56:8f63::1:1 proto static src 2001:1234:56:8f63::1', output)
|
|
|
|
output = check_output('ip -4 route list dev dummy98')
|
|
print(output)
|
|
self.assertIn('10.123.0.0/16 via 192.168.30.1 proto static src 10.10.10.1', output)
|
|
|
|
def test_ip_link_mac_address(self):
|
|
copy_network_unit('25-address-link-section.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:degraded')
|
|
|
|
output = check_output('ip link show dummy98')
|
|
print(output)
|
|
self.assertRegex(output, '00:01:02:aa:bb:cc')
|
|
|
|
def test_ip_link_unmanaged(self):
|
|
copy_network_unit('25-link-section-unmanaged.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
|
|
self.wait_operstate('dummy98', 'off', setup_state='unmanaged')
|
|
|
|
def test_ipv6_address_label(self):
|
|
copy_network_unit('25-ipv6-address-label-section.network', '12-dummy.netdev')
|
|
copy_networkd_conf_dropin('networkd-address-label.conf')
|
|
start_networkd()
|
|
self.wait_online('dummy98:degraded')
|
|
|
|
output = check_output('ip addrlabel list')
|
|
print(output)
|
|
self.assertRegex(output, '2004:da8:1::/64 dev dummy98 label 4444')
|
|
self.assertRegex(output, '2004:da8:2::/64 label 5555')
|
|
|
|
def test_ipv6_proxy_ndp(self):
|
|
copy_network_unit('25-ipv6-proxy-ndp.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('ip neighbor show proxy dev dummy98')
|
|
print(output)
|
|
for i in range(1, 5):
|
|
self.assertRegex(output, f'2607:5300:203:5215:{i}::1 *proxy')
|
|
|
|
def test_ipv6_neigh_retrans_time(self):
|
|
link='test25'
|
|
copy_network_unit('25-dummy.netdev', '25-dummy.network')
|
|
start_networkd()
|
|
|
|
self.wait_online(f'{link}:degraded')
|
|
remove_network_unit('25-dummy.network')
|
|
|
|
# expect retrans_time_ms updated
|
|
copy_network_unit('25-ipv6-neigh-retrans-time-3s.network')
|
|
networkctl_reload()
|
|
self.wait_online(f'{link}:degraded')
|
|
self.check_ipv6_neigh_sysctl_attr(link, 'retrans_time_ms', '3000')
|
|
remove_network_unit('25-ipv6-neigh-retrans-time-3s.network')
|
|
|
|
# expect retrans_time_ms unchanged
|
|
copy_network_unit('25-ipv6-neigh-retrans-time-0s.network')
|
|
networkctl_reload()
|
|
self.wait_online(f'{link}:degraded')
|
|
self.check_ipv6_neigh_sysctl_attr(link, 'retrans_time_ms', '3000')
|
|
remove_network_unit('25-ipv6-neigh-retrans-time-0s.network')
|
|
|
|
# expect retrans_time_ms unchanged
|
|
copy_network_unit('25-ipv6-neigh-retrans-time-toobig.network')
|
|
networkctl_reload()
|
|
self.wait_online(f'{link}:degraded')
|
|
self.check_ipv6_neigh_sysctl_attr(link, 'retrans_time_ms', '3000')
|
|
remove_network_unit('25-ipv6-neigh-retrans-time-toobig.network')
|
|
|
|
# expect retrans_time_ms unchanged
|
|
copy_network_unit('25-ipv6-neigh-retrans-time-infinity.network')
|
|
networkctl_reload()
|
|
self.wait_online(f'{link}:degraded')
|
|
self.check_ipv6_neigh_sysctl_attr(link, 'retrans_time_ms', '3000')
|
|
remove_network_unit('25-ipv6-neigh-retrans-time-infinity.network')
|
|
|
|
# expect retrans_time_ms unchanged
|
|
copy_network_unit('25-ipv6-neigh-retrans-time-invalid.network')
|
|
networkctl_reload()
|
|
self.wait_online(f'{link}:degraded')
|
|
self.check_ipv6_neigh_sysctl_attr(link, 'retrans_time_ms', '3000')
|
|
remove_network_unit('25-ipv6-neigh-retrans-time-invalid.network')
|
|
|
|
# expect retrans_time_ms updated
|
|
copy_network_unit('25-ipv6-neigh-retrans-time-4s.network')
|
|
networkctl_reload()
|
|
self.wait_online(f'{link}:degraded')
|
|
self.check_ipv6_neigh_sysctl_attr(link, 'retrans_time_ms', '4000')
|
|
remove_network_unit('25-ipv6-neigh-retrans-time-4s.network')
|
|
|
|
def test_neighbor(self):
|
|
copy_network_unit('12-dummy.netdev', '25-neighbor-dummy.network', '25-neighbor-dummy.network.d/10-step1.conf',
|
|
'25-gre-tunnel-remote-any.netdev', '25-neighbor-ip.network',
|
|
'25-ip6gre-tunnel-remote-any.netdev', '25-neighbor-ipv6.network',
|
|
copy_dropins=False)
|
|
start_networkd()
|
|
self.wait_online('dummy98:degraded', 'gretun97:routable', 'ip6gretun97:routable')
|
|
|
|
print('### ip neigh list dev gretun97')
|
|
output = check_output('ip neigh list dev gretun97')
|
|
print(output)
|
|
self.assertIn('10.0.0.22 lladdr 10.65.223.239 PERMANENT', output)
|
|
self.assertNotIn('10.0.0.23', output)
|
|
|
|
print('### ip neigh list dev ip6gretun97')
|
|
output = check_output('ip neigh list dev ip6gretun97')
|
|
print(output)
|
|
self.assertRegex(output, '2001:db8:0:f102::17 lladdr 2a:?00:ff:?de:45:?67:ed:?de:[0:]*:49:?88 PERMANENT')
|
|
self.assertNotIn('2001:db8:0:f102::18', output)
|
|
|
|
print('### ip neigh list dev dummy98')
|
|
output = check_output('ip neigh list dev dummy98')
|
|
print(output)
|
|
self.assertIn('192.168.10.1 lladdr 00:00:5e:00:02:65 PERMANENT', output)
|
|
self.assertIn('2004:da8:1::1 lladdr 00:00:5e:00:02:66 PERMANENT', output)
|
|
self.assertNotIn('2004:da8:1:0::2', output)
|
|
self.assertNotIn('192.168.10.2', output)
|
|
self.assertNotIn('00:00:5e:00:02:67', output)
|
|
|
|
check_json(networkctl_json())
|
|
|
|
# Here, 10-step1.conf is intendedly kept, to verify that 10-step2.conf overrides
|
|
# the valid configurations in 10-step1.conf.
|
|
copy_network_unit('25-neighbor-dummy.network.d/10-step2.conf')
|
|
networkctl_reload()
|
|
self.wait_online('dummy98:degraded')
|
|
|
|
print('### ip neigh list dev dummy98')
|
|
output = check_output('ip neigh list dev dummy98')
|
|
print(output)
|
|
self.assertIn('192.168.10.1 lladdr 00:00:5e:00:03:65 PERMANENT', output)
|
|
self.assertIn('2004:da8:1::1 lladdr 00:00:5e:00:03:66 PERMANENT', output)
|
|
self.assertNotIn('2004:da8:1:0::2', output)
|
|
self.assertNotIn('192.168.10.2', output)
|
|
self.assertNotIn('00:00:5e:00:02:67', output)
|
|
|
|
check_json(networkctl_json())
|
|
|
|
remove_network_unit('25-neighbor-dummy.network.d/10-step1.conf',
|
|
'25-neighbor-dummy.network.d/10-step2.conf')
|
|
copy_network_unit('25-neighbor-dummy.network.d/10-step3.conf')
|
|
networkctl_reload()
|
|
self.wait_online('dummy98:degraded')
|
|
|
|
print('### ip neigh list dev dummy98')
|
|
output = check_output('ip neigh list dev dummy98')
|
|
print(output)
|
|
self.assertIn('192.168.10.1 lladdr 00:00:5e:00:03:66 PERMANENT', output)
|
|
self.assertNotIn('00:00:5e:00:02:65', output)
|
|
self.assertNotIn('00:00:5e:00:02:66', output)
|
|
self.assertNotIn('00:00:5e:00:03:65', output)
|
|
self.assertNotIn('2004:da8:1::1', output)
|
|
|
|
def test_link_local_addressing(self):
|
|
copy_network_unit('25-link-local-addressing-yes.network', '11-dummy.netdev',
|
|
'25-link-local-addressing-no.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('test1:degraded', 'dummy98:carrier')
|
|
|
|
output = check_output('ip address show dev test1')
|
|
print(output)
|
|
self.assertRegex(output, 'inet .* scope link')
|
|
self.assertRegex(output, 'inet6 .* scope link')
|
|
|
|
output = check_output('ip address show dev dummy98')
|
|
print(output)
|
|
self.assertNotRegex(output, 'inet6* .* scope link')
|
|
|
|
# Documentation/networking/ip-sysctl.txt
|
|
#
|
|
# addr_gen_mode - INTEGER
|
|
# Defines how link-local and autoconf addresses are generated.
|
|
#
|
|
# 0: generate address based on EUI64 (default)
|
|
# 1: do no generate a link-local address, use EUI64 for addresses generated
|
|
# from autoconf
|
|
# 2: generate stable privacy addresses, using the secret from
|
|
# stable_secret (RFC7217)
|
|
# 3: generate stable privacy addresses, using a random secret if unset
|
|
|
|
self.check_ipv6_sysctl_attr('test1', 'stable_secret', '0123:4567:89ab:cdef:0123:4567:89ab:cdef')
|
|
self.check_ipv6_sysctl_attr('test1', 'addr_gen_mode', '2')
|
|
self.check_ipv6_sysctl_attr('dummy98', 'addr_gen_mode', '1')
|
|
|
|
def test_link_local_addressing_ipv6ll(self):
|
|
copy_network_unit('26-link-local-addressing-ipv6.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:degraded')
|
|
|
|
# An IPv6LL address exists by default.
|
|
output = check_output('ip address show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'inet6 .* scope link')
|
|
|
|
copy_network_unit('25-link-local-addressing-no.network')
|
|
networkctl_reload()
|
|
self.wait_online('dummy98:carrier')
|
|
|
|
# Check if the IPv6LL address is removed.
|
|
output = check_output('ip address show dev dummy98')
|
|
print(output)
|
|
self.assertNotRegex(output, 'inet6 .* scope link')
|
|
|
|
remove_network_unit('25-link-local-addressing-no.network')
|
|
networkctl_reload()
|
|
self.wait_online('dummy98:degraded')
|
|
|
|
# Check if a new IPv6LL address is assigned.
|
|
output = check_output('ip address show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'inet6 .* scope link')
|
|
|
|
def test_sysctl(self):
|
|
copy_networkd_conf_dropin('25-global-ipv6-privacy-extensions.conf')
|
|
copy_network_unit('25-sysctl.network', '12-dummy.netdev', copy_dropins=False)
|
|
start_networkd()
|
|
self.wait_online('dummy98:degraded')
|
|
|
|
self.check_ipv6_sysctl_attr('dummy98', 'forwarding', '1')
|
|
self.check_ipv6_sysctl_attr('dummy98', 'use_tempaddr', '1')
|
|
self.check_ipv6_sysctl_attr('dummy98', 'dad_transmits', '3')
|
|
self.check_ipv6_sysctl_attr('dummy98', 'hop_limit', '5')
|
|
self.check_ipv6_sysctl_attr('dummy98', 'proxy_ndp', '1')
|
|
self.check_ipv4_sysctl_attr('dummy98', 'forwarding', '1')
|
|
self.check_ipv4_sysctl_attr('dummy98', 'proxy_arp', '1')
|
|
self.check_ipv4_sysctl_attr('dummy98', 'proxy_arp_pvlan', '1')
|
|
self.check_ipv4_sysctl_attr('dummy98', 'accept_local', '1')
|
|
self.check_ipv4_sysctl_attr('dummy98', 'rp_filter', '0')
|
|
|
|
copy_network_unit('25-sysctl.network.d/25-ipv6-privacy-extensions.conf')
|
|
networkctl_reload()
|
|
self.wait_online('dummy98:degraded')
|
|
|
|
self.check_ipv6_sysctl_attr('dummy98', 'use_tempaddr', '2')
|
|
|
|
def test_sysctl_disable_ipv6(self):
|
|
copy_network_unit('25-sysctl-disable-ipv6.network', '12-dummy.netdev')
|
|
|
|
print('## Disable ipv6')
|
|
check_output('sysctl net.ipv6.conf.all.disable_ipv6=1')
|
|
check_output('sysctl net.ipv6.conf.default.disable_ipv6=1')
|
|
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('ip -4 address show dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'inet 10.2.3.4/16 brd 10.2.255.255 scope global dummy98')
|
|
output = check_output('ip -6 address show dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'inet6 2607:5300:203:3906::/64 scope global')
|
|
self.assertRegex(output, 'inet6 .* scope link')
|
|
output = check_output('ip -4 route show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, '10.2.0.0/16 proto kernel scope link src 10.2.3.4')
|
|
output = check_output('ip -6 route show default')
|
|
print(output)
|
|
self.assertRegex(output, 'default')
|
|
self.assertRegex(output, 'via 2607:5300:203:39ff:ff:ff:ff:ff')
|
|
|
|
remove_link('dummy98')
|
|
|
|
print('## Enable ipv6')
|
|
check_output('sysctl net.ipv6.conf.all.disable_ipv6=0')
|
|
check_output('sysctl net.ipv6.conf.default.disable_ipv6=0')
|
|
|
|
restart_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('ip -4 address show dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'inet 10.2.3.4/16 brd 10.2.255.255 scope global dummy98')
|
|
output = check_output('ip -6 address show dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'inet6 2607:5300:203:3906::/64 scope global')
|
|
self.assertRegex(output, 'inet6 .* scope link')
|
|
output = check_output('ip -4 route show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, '10.2.0.0/16 proto kernel scope link src 10.2.3.4')
|
|
output = check_output('ip -6 route show default')
|
|
print(output)
|
|
self.assertRegex(output, 'via 2607:5300:203:39ff:ff:ff:ff:ff')
|
|
|
|
def test_bind_carrier(self):
|
|
copy_network_unit('25-bind-carrier.network', '11-dummy.netdev')
|
|
start_networkd()
|
|
|
|
# no bound interface.
|
|
self.wait_operstate('test1', 'off', setup_state='configuring')
|
|
output = check_output('ip address show test1')
|
|
print(output)
|
|
self.assertNotIn('UP,LOWER_UP', output)
|
|
self.assertIn('DOWN', output)
|
|
self.assertNotIn('192.168.10', output)
|
|
|
|
# add one bound interface. The interface will be up.
|
|
check_output('ip link add dummy98 type dummy')
|
|
check_output('ip link set dummy98 up')
|
|
self.wait_online('test1:routable')
|
|
output = check_output('ip address show test1')
|
|
print(output)
|
|
self.assertIn('UP,LOWER_UP', output)
|
|
self.assertIn('inet 192.168.10.30/24 brd 192.168.10.255 scope global test1', output)
|
|
|
|
# add another bound interface. The interface is still up.
|
|
check_output('ip link add dummy99 type dummy')
|
|
check_output('ip link set dummy99 up')
|
|
self.wait_operstate('dummy99', 'degraded', setup_state='unmanaged')
|
|
output = check_output('ip address show test1')
|
|
print(output)
|
|
self.assertIn('UP,LOWER_UP', output)
|
|
self.assertIn('inet 192.168.10.30/24 brd 192.168.10.255 scope global test1', output)
|
|
|
|
# remove one of the bound interfaces. The interface is still up
|
|
remove_link('dummy98')
|
|
output = check_output('ip address show test1')
|
|
print(output)
|
|
self.assertIn('UP,LOWER_UP', output)
|
|
self.assertIn('inet 192.168.10.30/24 brd 192.168.10.255 scope global test1', output)
|
|
|
|
# bring down the remaining bound interface. The interface will be down.
|
|
check_output('ip link set dummy99 down')
|
|
self.wait_operstate('test1', 'off')
|
|
self.wait_address_dropped('test1', r'192.168.10', ipv='-4', timeout_sec=10)
|
|
output = check_output('ip address show test1')
|
|
print(output)
|
|
self.assertNotIn('UP,LOWER_UP', output)
|
|
self.assertIn('DOWN', output)
|
|
self.assertNotIn('192.168.10', output)
|
|
|
|
# bring up the bound interface. The interface will be up.
|
|
check_output('ip link set dummy99 up')
|
|
self.wait_online('test1:routable')
|
|
output = check_output('ip address show test1')
|
|
print(output)
|
|
self.assertIn('UP,LOWER_UP', output)
|
|
self.assertIn('inet 192.168.10.30/24 brd 192.168.10.255 scope global test1', output)
|
|
|
|
# remove the remaining bound interface. The interface will be down.
|
|
remove_link('dummy99')
|
|
self.wait_operstate('test1', 'off')
|
|
self.wait_address_dropped('test1', r'192.168.10', ipv='-4', timeout_sec=10)
|
|
output = check_output('ip address show test1')
|
|
print(output)
|
|
self.assertNotIn('UP,LOWER_UP', output)
|
|
self.assertIn('DOWN', output)
|
|
self.assertNotIn('192.168.10', output)
|
|
|
|
# re-add one bound interface. The interface will be up.
|
|
check_output('ip link add dummy98 type dummy')
|
|
check_output('ip link set dummy98 up')
|
|
self.wait_online('test1:routable')
|
|
output = check_output('ip address show test1')
|
|
print(output)
|
|
self.assertIn('UP,LOWER_UP', output)
|
|
self.assertIn('inet 192.168.10.30/24 brd 192.168.10.255 scope global test1', output)
|
|
|
|
def _test_activation_policy(self, interface, test):
|
|
conffile = '25-activation-policy.network'
|
|
if test:
|
|
conffile = f'{conffile}.d/{test}.conf'
|
|
if interface == 'vlan99':
|
|
copy_network_unit('21-vlan.netdev', '21-vlan-test1.network')
|
|
copy_network_unit('11-dummy.netdev', conffile, copy_dropins=False)
|
|
start_networkd()
|
|
|
|
always = test.startswith('always')
|
|
initial_up = test != 'manual' and not test.endswith('down') # note: default is up
|
|
expect_up = initial_up
|
|
next_up = not expect_up
|
|
|
|
if test.endswith('down'):
|
|
self.wait_activated(interface)
|
|
|
|
for iteration in range(4):
|
|
with self.subTest(iteration=iteration, expect_up=expect_up):
|
|
operstate = 'routable' if expect_up else 'off'
|
|
setup_state = 'configured' if expect_up else ('configuring' if iteration == 0 else None)
|
|
self.wait_operstate(interface, operstate, setup_state=setup_state, setup_timeout=20)
|
|
|
|
if expect_up:
|
|
self.assertIn('UP', check_output(f'ip link show {interface}'))
|
|
self.assertIn('192.168.10.30/24', check_output(f'ip address show {interface}'))
|
|
self.assertIn('default via 192.168.10.1', check_output(f'ip route show dev {interface}'))
|
|
else:
|
|
self.assertIn('DOWN', check_output(f'ip link show {interface}'))
|
|
|
|
if next_up:
|
|
check_output(f'ip link set dev {interface} up')
|
|
else:
|
|
check_output(f'ip link set dev {interface} down')
|
|
expect_up = initial_up if always else next_up
|
|
next_up = not next_up
|
|
if always:
|
|
time.sleep(1)
|
|
|
|
def test_activation_policy(self):
|
|
first = True
|
|
for interface in ['test1', 'vlan99']:
|
|
for test in ['up', 'always-up', 'manual', 'always-down', 'down', '']:
|
|
if first:
|
|
first = False
|
|
else:
|
|
self.tearDown()
|
|
|
|
print(f'### test_activation_policy(interface={interface}, test={test})')
|
|
with self.subTest(interface=interface, test=test):
|
|
self._test_activation_policy(interface, test)
|
|
|
|
def _test_activation_policy_required_for_online(self, policy, required):
|
|
conffile = '25-activation-policy.network'
|
|
units = ['11-dummy.netdev', '12-dummy.netdev', '12-dummy.network', conffile]
|
|
if policy:
|
|
units += [f'{conffile}.d/{policy}.conf']
|
|
if required:
|
|
units += [f'{conffile}.d/required-{required}.conf']
|
|
copy_network_unit(*units, copy_dropins=False)
|
|
start_networkd()
|
|
|
|
if policy.endswith('down'):
|
|
self.wait_activated('test1')
|
|
|
|
if policy.endswith('down') or policy == 'manual':
|
|
self.wait_operstate('test1', 'off', setup_state='configuring')
|
|
else:
|
|
self.wait_online('test1')
|
|
|
|
if policy == 'always-down':
|
|
# if always-down, required for online is forced to no
|
|
expected = False
|
|
elif required:
|
|
# otherwise if required for online is specified, it should match that
|
|
expected = required == 'yes'
|
|
elif policy:
|
|
# otherwise if only policy specified, required for online defaults to
|
|
# true if policy is up, always-up, or bound
|
|
expected = policy.endswith('up') or policy == 'bound'
|
|
else:
|
|
# default is true, if neither are specified
|
|
expected = True
|
|
|
|
output = networkctl_status('test1')
|
|
print(output)
|
|
|
|
yesno = 'yes' if expected else 'no'
|
|
self.assertRegex(output, f'Required For Online: {yesno}')
|
|
|
|
def test_activation_policy_required_for_online(self):
|
|
first = True
|
|
for policy in ['up', 'always-up', 'manual', 'always-down', 'down', 'bound', '']:
|
|
for required in ['yes', 'no', '']:
|
|
if first:
|
|
first = False
|
|
else:
|
|
self.tearDown()
|
|
|
|
print(f'### test_activation_policy_required_for_online(policy={policy}, required={required})')
|
|
with self.subTest(policy=policy, required=required):
|
|
self._test_activation_policy_required_for_online(policy, required)
|
|
|
|
def test_domain(self):
|
|
copy_network_unit('12-dummy.netdev', '24-search-domain.network')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = networkctl_status('dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'Address: 192.168.42.100')
|
|
self.assertRegex(output, 'DNS: 192.168.42.1')
|
|
self.assertRegex(output, 'Search Domains: one')
|
|
|
|
def test_keep_configuration_static(self):
|
|
check_output('ip link add name dummy98 type dummy')
|
|
check_output('ip address add 10.1.2.3/16 dev dummy98')
|
|
check_output('ip address add 10.2.3.4/16 dev dummy98 valid_lft 600 preferred_lft 500')
|
|
output = check_output('ip address show dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'inet 10.1.2.3/16 scope global dummy98')
|
|
self.assertRegex(output, 'inet 10.2.3.4/16 scope global dynamic dummy98')
|
|
output = check_output('ip route show dev dummy98')
|
|
print(output)
|
|
|
|
copy_network_unit('24-keep-configuration-static.network')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('ip address show dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'inet 10.1.2.3/16 scope global dummy98')
|
|
self.assertNotRegex(output, 'inet 10.2.3.4/16 scope global dynamic dummy98')
|
|
|
|
def check_nexthop(self, manage_foreign_nexthops, first):
|
|
self.wait_online('veth99:routable', 'veth-peer:routable', 'dummy98:routable')
|
|
|
|
output = check_output('ip nexthop list dev veth99')
|
|
print(output)
|
|
if first:
|
|
self.assertIn('id 1 via 192.168.5.1 dev veth99', output)
|
|
self.assertIn('id 2 via 2001:1234:5:8f63::2 dev veth99', output)
|
|
else:
|
|
self.assertIn('id 6 via 192.168.5.1 dev veth99', output)
|
|
self.assertIn('id 7 via 2001:1234:5:8f63::2 dev veth99', output)
|
|
self.assertIn('id 3 dev veth99', output)
|
|
self.assertIn('id 4 dev veth99', output)
|
|
if first:
|
|
self.assertRegex(output, 'id 5 via 192.168.10.1 dev veth99 .*onlink')
|
|
else:
|
|
self.assertIn('id 5 via 192.168.5.3 dev veth99', output)
|
|
self.assertNotRegex(output, 'id 5 via 192.168.5.3 dev veth99 .*onlink')
|
|
self.assertIn('id 8 via fe80:0:222:4dff:ff:ff:ff:ff dev veth99', output)
|
|
if manage_foreign_nexthops:
|
|
self.assertRegex(output, r'id [0-9]* via 192.168.5.2 dev veth99')
|
|
|
|
output = check_output('ip nexthop list dev dummy98')
|
|
print(output)
|
|
if first:
|
|
self.assertIn('id 20 via 192.168.20.1 dev dummy98', output)
|
|
else:
|
|
self.assertIn('id 21 via 192.168.20.1 dev dummy98', output)
|
|
if manage_foreign_nexthops:
|
|
self.assertNotIn('id 42 via 192.168.20.2 dev dummy98', output)
|
|
else:
|
|
self.assertIn('id 42 via 192.168.20.2 dev dummy98', output)
|
|
|
|
# kernel manages blackhole nexthops on lo
|
|
output = check_output('ip nexthop list dev lo')
|
|
print(output)
|
|
if first:
|
|
self.assertIn('id 6 blackhole', output)
|
|
self.assertIn('id 7 blackhole', output)
|
|
else:
|
|
self.assertIn('id 1 blackhole', output)
|
|
self.assertIn('id 2 blackhole', output)
|
|
|
|
# group nexthops are shown with -0 option
|
|
if first:
|
|
output = check_output('ip -0 nexthop list id 21')
|
|
print(output)
|
|
self.assertRegex(output, r'id 21 group (1,3/20|20/1,3)')
|
|
else:
|
|
output = check_output('ip -0 nexthop list id 20')
|
|
print(output)
|
|
self.assertRegex(output, r'id 20 group (5,3/21|21/5,3)')
|
|
|
|
output = check_output('ip route show dev veth99 10.10.10.10')
|
|
print(output)
|
|
if first:
|
|
self.assertEqual('10.10.10.10 nhid 1 via 192.168.5.1 proto static', output)
|
|
else:
|
|
self.assertEqual('10.10.10.10 nhid 6 via 192.168.5.1 proto static', output)
|
|
|
|
output = check_output('ip route show dev veth99 10.10.10.11')
|
|
print(output)
|
|
if first:
|
|
self.assertEqual('10.10.10.11 nhid 2 via inet6 2001:1234:5:8f63::2 proto static', output)
|
|
else:
|
|
self.assertEqual('10.10.10.11 nhid 7 via inet6 2001:1234:5:8f63::2 proto static', output)
|
|
|
|
output = check_output('ip route show dev veth99 10.10.10.12')
|
|
print(output)
|
|
if first:
|
|
self.assertEqual('10.10.10.12 nhid 5 via 192.168.10.1 proto static onlink', output)
|
|
else:
|
|
self.assertEqual('10.10.10.12 nhid 5 via 192.168.5.3 proto static', output)
|
|
|
|
output = check_output('ip -6 route show dev veth99 2001:1234:5:8f62::1')
|
|
print(output)
|
|
if first:
|
|
self.assertEqual('2001:1234:5:8f62::1 nhid 2 via 2001:1234:5:8f63::2 proto static metric 1024 pref medium', output)
|
|
else:
|
|
self.assertEqual('2001:1234:5:8f62::1 nhid 7 via 2001:1234:5:8f63::2 proto static metric 1024 pref medium', output)
|
|
|
|
output = check_output('ip route show 10.10.10.13')
|
|
print(output)
|
|
if first:
|
|
self.assertEqual('blackhole 10.10.10.13 nhid 6 dev lo proto static', output)
|
|
else:
|
|
self.assertEqual('blackhole 10.10.10.13 nhid 1 dev lo proto static', output)
|
|
|
|
output = check_output('ip -6 route show 2001:1234:5:8f62::2')
|
|
print(output)
|
|
if first:
|
|
self.assertEqual('blackhole 2001:1234:5:8f62::2 nhid 7 dev lo proto static metric 1024 pref medium', output)
|
|
else:
|
|
self.assertEqual('blackhole 2001:1234:5:8f62::2 nhid 2 dev lo proto static metric 1024 pref medium', output)
|
|
|
|
output = check_output('ip route show 10.10.10.14')
|
|
print(output)
|
|
if first:
|
|
self.assertIn('10.10.10.14 nhid 21 proto static', output)
|
|
self.assertIn('nexthop via 192.168.5.1 dev veth99 weight 3', output)
|
|
else:
|
|
self.assertIn('10.10.10.14 nhid 20 proto static', output)
|
|
self.assertIn('nexthop via 192.168.5.3 dev veth99 weight 3', output)
|
|
self.assertIn('nexthop via 192.168.20.1 dev dummy98 weight 1', output)
|
|
|
|
output = networkctl_json()
|
|
check_json(output)
|
|
self.assertNotIn('"Destination":[10.10.10.14]', output)
|
|
|
|
def _test_nexthop(self, manage_foreign_nexthops):
|
|
if not manage_foreign_nexthops:
|
|
copy_networkd_conf_dropin('networkd-manage-foreign-nexthops-no.conf')
|
|
|
|
check_output('ip link add dummy98 type dummy')
|
|
check_output('ip link set dummy98 up')
|
|
check_output('ip address add 192.168.20.20/24 dev dummy98')
|
|
check_output('ip nexthop add id 42 via 192.168.20.2 dev dummy98')
|
|
|
|
copy_network_unit('25-nexthop-1.network', '25-veth.netdev', '25-veth-peer.network',
|
|
'12-dummy.netdev', '25-nexthop-dummy-1.network')
|
|
start_networkd()
|
|
|
|
self.check_nexthop(manage_foreign_nexthops, first=True)
|
|
|
|
remove_network_unit('25-nexthop-1.network', '25-nexthop-dummy-1.network')
|
|
copy_network_unit('25-nexthop-2.network', '25-nexthop-dummy-2.network')
|
|
networkctl_reload()
|
|
self.check_nexthop(manage_foreign_nexthops, first=False)
|
|
|
|
remove_network_unit('25-nexthop-2.network')
|
|
copy_network_unit('25-nexthop-nothing.network')
|
|
networkctl_reload()
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
|
|
output = check_output('ip nexthop list dev veth99')
|
|
print(output)
|
|
self.assertEqual(output, '')
|
|
output = check_output('ip nexthop list dev lo')
|
|
print(output)
|
|
self.assertEqual(output, '')
|
|
|
|
remove_network_unit('25-nexthop-nothing.network', '25-nexthop-dummy-2.network')
|
|
copy_network_unit('25-nexthop-1.network', '25-nexthop-dummy-1.network')
|
|
# Of course, networkctl_reconfigure() below is unnecessary in normal operation, but it is intentional
|
|
# here to test reconfiguring with different .network files does not trigger race.
|
|
# See also comments in link_drop_requests().
|
|
networkctl_reconfigure('dummy98') # reconfigured with 25-nexthop-dummy-2.network
|
|
networkctl_reload() # reconfigured with 25-nexthop-dummy-1.network
|
|
|
|
self.check_nexthop(manage_foreign_nexthops, first=True)
|
|
|
|
# Remove nexthop with ID 20
|
|
check_output('ip nexthop del id 20')
|
|
copy_network_unit('11-dummy.netdev', '25-nexthop-test1.network')
|
|
networkctl_reload()
|
|
|
|
# 25-nexthop-test1.network requests a route with nexthop ID 21,
|
|
# which is silently removed by the kernel when nexthop with ID 20 is removed in the above,
|
|
# hence test1 should be stuck in the configuring state.
|
|
self.wait_operstate('test1', operstate='routable', setup_state='configuring')
|
|
|
|
# Wait for a while, and check if the interface is still in the configuring state.
|
|
time.sleep(1)
|
|
output = networkctl_status('test1')
|
|
self.assertIn('State: routable (configuring)', output)
|
|
|
|
# Check if the route which needs nexthop 20 and 21 are forgotten.
|
|
output = networkctl_json()
|
|
check_json(output)
|
|
self.assertNotIn('"Destination":[10.10.10.14]', output)
|
|
|
|
# Reconfigure the interface that has nexthop with ID 20 and 21,
|
|
# then the route requested by test1 can be configured.
|
|
networkctl_reconfigure('dummy98')
|
|
self.wait_online('test1:routable')
|
|
|
|
# Check if the requested route actually configured.
|
|
output = check_output('ip route show 10.10.11.10')
|
|
print(output)
|
|
self.assertIn('10.10.11.10 nhid 21 proto static', output)
|
|
self.assertIn('nexthop via 192.168.5.1 dev veth99 weight 3', output)
|
|
self.assertIn('nexthop via 192.168.20.1 dev dummy98 weight 1', output)
|
|
|
|
remove_link('veth99')
|
|
time.sleep(2)
|
|
|
|
output = check_output('ip nexthop list dev lo')
|
|
print(output)
|
|
self.assertEqual(output, '')
|
|
|
|
@expectedFailureIfNexthopIsNotAvailable()
|
|
def test_nexthop(self):
|
|
first = True
|
|
for manage_foreign_nexthops in [True, False]:
|
|
if first:
|
|
first = False
|
|
else:
|
|
self.tearDown()
|
|
|
|
print(f'### test_nexthop(manage_foreign_nexthops={manage_foreign_nexthops})')
|
|
with self.subTest(manage_foreign_nexthops=manage_foreign_nexthops):
|
|
self._test_nexthop(manage_foreign_nexthops)
|
|
|
|
class NetworkdTCTests(unittest.TestCase, Utilities):
|
|
|
|
def setUp(self):
|
|
setup_common()
|
|
|
|
def tearDown(self):
|
|
tear_down_common()
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('sch_cake')
|
|
def test_qdisc_cake(self):
|
|
copy_network_unit('25-qdisc-cake.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('tc qdisc show dev dummy98')
|
|
print(output)
|
|
self.assertIn('qdisc cake 3a: root', output)
|
|
self.assertIn('bandwidth 500Mbit', output)
|
|
self.assertIn('autorate-ingress', output)
|
|
self.assertIn('diffserv8', output)
|
|
self.assertIn('dual-dsthost', output)
|
|
self.assertIn(' nat', output)
|
|
self.assertIn(' wash', output)
|
|
self.assertIn(' split-gso', output)
|
|
self.assertIn(' raw', output)
|
|
self.assertIn(' atm', output)
|
|
self.assertIn('overhead 128', output)
|
|
self.assertIn('mpu 20', output)
|
|
self.assertIn('fwmark 0xff00', output)
|
|
self.assertIn('rtt 1s', output)
|
|
self.assertIn('ack-filter-aggressive', output)
|
|
|
|
# Test for replacing existing qdisc. See #31226.
|
|
with open(os.path.join(network_unit_dir, '25-qdisc-cake.network'), mode='a', encoding='utf-8') as f:
|
|
f.write('Bandwidth=250M\n')
|
|
|
|
networkctl_reload()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('tc qdisc show dev dummy98')
|
|
print(output)
|
|
self.assertIn('bandwidth 250Mbit', output)
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('sch_codel')
|
|
def test_qdisc_codel(self):
|
|
copy_network_unit('25-qdisc-codel.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('tc qdisc show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'qdisc codel 33: root')
|
|
self.assertRegex(output, 'limit 2000p target 10(.0)?ms ce_threshold 100(.0)?ms interval 50(.0)?ms ecn')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('sch_drr')
|
|
def test_qdisc_drr(self):
|
|
copy_network_unit('25-qdisc-drr.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('tc qdisc show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'qdisc drr 2: root')
|
|
output = check_output('tc class show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'class drr 2:30 root quantum 2000b')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('sch_ets')
|
|
def test_qdisc_ets(self):
|
|
copy_network_unit('25-qdisc-ets.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('tc qdisc show dev dummy98')
|
|
print(output)
|
|
|
|
self.assertRegex(output, 'qdisc ets 3a: root')
|
|
self.assertRegex(output, 'bands 10 strict 3')
|
|
self.assertRegex(output, 'quanta 1 2 3 4 5')
|
|
self.assertRegex(output, 'priomap 3 4 5 6 7')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('sch_fq')
|
|
def test_qdisc_fq(self):
|
|
copy_network_unit('25-qdisc-fq.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('tc qdisc show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'qdisc fq 32: root')
|
|
self.assertRegex(output, 'limit 1000p flow_limit 200p buckets 512 orphan_mask 511')
|
|
self.assertRegex(output, 'quantum 1500')
|
|
self.assertRegex(output, 'initial_quantum 13000')
|
|
self.assertRegex(output, 'maxrate 1Mbit')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('sch_fq_codel')
|
|
def test_qdisc_fq_codel(self):
|
|
copy_network_unit('25-qdisc-fq_codel.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('tc qdisc show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'qdisc fq_codel 34: root')
|
|
self.assertRegex(output, 'limit 20480p flows 2048 quantum 1400 target 10(.0)?ms ce_threshold 100(.0)?ms interval 200(.0)?ms memory_limit 64Mb ecn')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('sch_fq_pie')
|
|
def test_qdisc_fq_pie(self):
|
|
copy_network_unit('25-qdisc-fq_pie.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('tc qdisc show dev dummy98')
|
|
print(output)
|
|
|
|
self.assertRegex(output, 'qdisc fq_pie 3a: root')
|
|
self.assertRegex(output, 'limit 200000p')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('sch_gred')
|
|
def test_qdisc_gred(self):
|
|
copy_network_unit('25-qdisc-gred.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('tc qdisc show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'qdisc gred 38: root')
|
|
self.assertRegex(output, 'vqs 12 default 10 grio')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('sch_hhf')
|
|
def test_qdisc_hhf(self):
|
|
copy_network_unit('25-qdisc-hhf.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('tc qdisc show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'qdisc hhf 3a: root')
|
|
self.assertRegex(output, 'limit 1022p')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('sch_htb')
|
|
def test_qdisc_htb_fifo(self):
|
|
copy_network_unit('25-qdisc-htb-fifo.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('tc qdisc show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'qdisc htb 2: root')
|
|
self.assertRegex(output, r'default (0x30|30)')
|
|
|
|
self.assertRegex(output, 'qdisc pfifo 37: parent 2:37')
|
|
self.assertRegex(output, 'limit 100000p')
|
|
|
|
self.assertRegex(output, 'qdisc bfifo 3a: parent 2:3a')
|
|
self.assertRegex(output, 'limit 1000000')
|
|
|
|
self.assertRegex(output, 'qdisc pfifo_head_drop 3b: parent 2:3b')
|
|
self.assertRegex(output, 'limit 1023p')
|
|
|
|
self.assertRegex(output, 'qdisc pfifo_fast 3c: parent 2:3c')
|
|
|
|
output = check_output('tc -d class show dev dummy98')
|
|
print(output)
|
|
# Here (:|prio) is a workaround for a bug in iproute2 v6.2.0 caused by
|
|
# https://github.com/shemminger/iproute2/commit/010a8388aea11e767ba3a2506728b9ad9760df0e
|
|
# which is fixed in v6.3.0 by
|
|
# https://github.com/shemminger/iproute2/commit/4e0e56e0ef05387f7f5d8ab41fe6ec6a1897b26d
|
|
self.assertRegex(output, 'class htb 2:37 root leaf 37(:|prio) ')
|
|
self.assertRegex(output, 'class htb 2:3a root leaf 3a(:|prio) ')
|
|
self.assertRegex(output, 'class htb 2:3b root leaf 3b(:|prio) ')
|
|
self.assertRegex(output, 'class htb 2:3c root leaf 3c(:|prio) ')
|
|
self.assertRegex(output, 'prio 1 quantum 4000 rate 1Mbit overhead 100 ceil 500Kbit')
|
|
self.assertRegex(output, 'burst 123456')
|
|
self.assertRegex(output, 'cburst 123457')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('sch_ingress')
|
|
def test_qdisc_ingress(self):
|
|
copy_network_unit('25-qdisc-clsact.network', '12-dummy.netdev',
|
|
'25-qdisc-ingress.network', '11-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable', 'test1:routable')
|
|
|
|
output = check_output('tc qdisc show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'qdisc clsact')
|
|
|
|
output = check_output('tc qdisc show dev test1')
|
|
print(output)
|
|
self.assertRegex(output, 'qdisc ingress')
|
|
|
|
def test_qdisc_mq(self):
|
|
copy_network_unit('25-tun.netdev', '25-tap.netdev', '25-qdisc-mq.network')
|
|
start_networkd()
|
|
self.wait_online('testtun99:degraded', 'testtap99:degraded')
|
|
|
|
output = check_output('tc qdisc show dev testtun99')
|
|
print(output)
|
|
self.assertIn('qdisc mq 2: root', output)
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('sch_multiq')
|
|
def test_qdisc_multiq(self):
|
|
copy_network_unit('25-tun.netdev', '25-tap.netdev', '25-qdisc-multiq.network')
|
|
start_networkd()
|
|
self.wait_online('testtun99:degraded', 'testtap99:degraded')
|
|
|
|
output = check_output('tc qdisc show dev testtun99')
|
|
print(output)
|
|
self.assertIn('qdisc multiq 2: root', output)
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('sch_netem')
|
|
def test_qdisc_netem(self):
|
|
copy_network_unit('25-qdisc-netem.network', '12-dummy.netdev',
|
|
'25-qdisc-netem-compat.network', '11-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable', 'test1:routable')
|
|
|
|
output = check_output('tc qdisc show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'qdisc netem 30: root')
|
|
self.assertRegex(output, 'limit 100 delay 50(.0)?ms 10(.0)?ms loss 20%')
|
|
|
|
output = check_output('tc qdisc show dev test1')
|
|
print(output)
|
|
self.assertRegex(output, 'qdisc netem [0-9a-f]*: root')
|
|
self.assertRegex(output, 'limit 100 delay 50(.0)?ms 10(.0)?ms loss 20%')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('sch_pie')
|
|
def test_qdisc_pie(self):
|
|
copy_network_unit('25-qdisc-pie.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('tc qdisc show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'qdisc pie 3a: root')
|
|
self.assertRegex(output, 'limit 200000')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('sch_qfq')
|
|
def test_qdisc_qfq(self):
|
|
copy_network_unit('25-qdisc-qfq.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('tc qdisc show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'qdisc qfq 2: root')
|
|
output = check_output('tc class show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'class qfq 2:30 root weight 2 maxpkt 16000')
|
|
self.assertRegex(output, 'class qfq 2:31 root weight 10 maxpkt 8000')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('sch_sfb')
|
|
def test_qdisc_sfb(self):
|
|
copy_network_unit('25-qdisc-sfb.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('tc qdisc show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'qdisc sfb 39: root')
|
|
self.assertRegex(output, 'limit 200000')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('sch_sfq')
|
|
def test_qdisc_sfq(self):
|
|
copy_network_unit('25-qdisc-sfq.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('tc qdisc show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'qdisc sfq 36: root')
|
|
self.assertRegex(output, 'perturb 5sec')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('sch_tbf')
|
|
def test_qdisc_tbf(self):
|
|
copy_network_unit('25-qdisc-tbf.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('tc qdisc show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'qdisc tbf 35: root')
|
|
self.assertRegex(output, 'rate 1Gbit burst 5000b peakrate 100Gbit minburst 987500b lat 70(.0)?ms')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('sch_teql')
|
|
def test_qdisc_teql(self):
|
|
call_quiet('rmmod sch_teql')
|
|
|
|
copy_network_unit('25-qdisc-teql.network', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_links('dummy98')
|
|
check_output('modprobe sch_teql max_equalizers=2')
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = check_output('tc qdisc show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'qdisc teql1 31: root')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('sch_fq', 'sch_sfq', 'sch_tbf')
|
|
def test_qdisc_drop(self):
|
|
copy_network_unit('12-dummy.netdev', '12-dummy.network')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
# Test case for issue #32247 and #32254.
|
|
for _ in range(20):
|
|
check_output('tc qdisc replace dev dummy98 root fq')
|
|
self.assertFalse(networkd_is_failed())
|
|
check_output('tc qdisc replace dev dummy98 root fq pacing')
|
|
self.assertFalse(networkd_is_failed())
|
|
check_output('tc qdisc replace dev dummy98 handle 10: root tbf rate 0.5mbit burst 5kb latency 70ms peakrate 1mbit minburst 1540')
|
|
self.assertFalse(networkd_is_failed())
|
|
check_output('tc qdisc add dev dummy98 parent 10:1 handle 100: sfq')
|
|
self.assertFalse(networkd_is_failed())
|
|
|
|
class NetworkdStateFileTests(unittest.TestCase, Utilities):
|
|
|
|
def setUp(self):
|
|
setup_common()
|
|
|
|
def tearDown(self):
|
|
tear_down_common()
|
|
|
|
def test_state_file(self):
|
|
copy_network_unit('12-dummy.netdev', '25-state-file-tests.network')
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
|
|
# make link state file updated
|
|
resolvectl('revert', 'dummy98')
|
|
|
|
check_json(networkctl_json())
|
|
|
|
output = read_link_state_file('dummy98')
|
|
print(output)
|
|
self.assertIn('IPV4_ADDRESS_STATE=routable', output)
|
|
self.assertIn('IPV6_ADDRESS_STATE=routable', output)
|
|
self.assertIn('ADMIN_STATE=configured', output)
|
|
self.assertIn('OPER_STATE=routable', output)
|
|
self.assertIn('REQUIRED_FOR_ONLINE=yes', output)
|
|
self.assertIn('REQUIRED_OPER_STATE_FOR_ONLINE=routable', output)
|
|
self.assertIn('REQUIRED_FAMILY_FOR_ONLINE=both', output)
|
|
self.assertIn('ACTIVATION_POLICY=up', output)
|
|
self.assertIn('NETWORK_FILE=/run/systemd/network/25-state-file-tests.network', output)
|
|
self.assertIn('DNS=10.10.10.10#aaa.com 10.10.10.11:1111#bbb.com [1111:2222::3333]:1234#ccc.com', output)
|
|
self.assertIn('NTP=0.fedora.pool.ntp.org 1.fedora.pool.ntp.org', output)
|
|
self.assertIn('DOMAINS=hogehoge', output)
|
|
self.assertIn('ROUTE_DOMAINS=foofoo', output)
|
|
self.assertIn('LLMNR=no', output)
|
|
self.assertIn('MDNS=yes', output)
|
|
self.assertIn('DNSSEC=no', output)
|
|
|
|
resolvectl('dns', 'dummy98', '10.10.10.12#ccc.com', '10.10.10.13', '1111:2222::3333')
|
|
resolvectl('domain', 'dummy98', 'hogehogehoge', '~foofoofoo')
|
|
resolvectl('llmnr', 'dummy98', 'yes')
|
|
resolvectl('mdns', 'dummy98', 'no')
|
|
resolvectl('dnssec', 'dummy98', 'yes')
|
|
timedatectl('ntp-servers', 'dummy98', '2.fedora.pool.ntp.org', '3.fedora.pool.ntp.org')
|
|
|
|
check_json(networkctl_json())
|
|
|
|
output = read_link_state_file('dummy98')
|
|
print(output)
|
|
self.assertIn('DNS=10.10.10.12#ccc.com 10.10.10.13 1111:2222::3333', output)
|
|
self.assertIn('NTP=2.fedora.pool.ntp.org 3.fedora.pool.ntp.org', output)
|
|
self.assertIn('DOMAINS=hogehogehoge', output)
|
|
self.assertIn('ROUTE_DOMAINS=foofoofoo', output)
|
|
self.assertIn('LLMNR=yes', output)
|
|
self.assertIn('MDNS=no', output)
|
|
self.assertIn('DNSSEC=yes', output)
|
|
|
|
timedatectl('revert', 'dummy98')
|
|
|
|
check_json(networkctl_json())
|
|
|
|
output = read_link_state_file('dummy98')
|
|
print(output)
|
|
self.assertIn('DNS=10.10.10.12#ccc.com 10.10.10.13 1111:2222::3333', output)
|
|
self.assertIn('NTP=0.fedora.pool.ntp.org 1.fedora.pool.ntp.org', output)
|
|
self.assertIn('DOMAINS=hogehogehoge', output)
|
|
self.assertIn('ROUTE_DOMAINS=foofoofoo', output)
|
|
self.assertIn('LLMNR=yes', output)
|
|
self.assertIn('MDNS=no', output)
|
|
self.assertIn('DNSSEC=yes', output)
|
|
|
|
resolvectl('revert', 'dummy98')
|
|
|
|
check_json(networkctl_json())
|
|
|
|
output = read_link_state_file('dummy98')
|
|
print(output)
|
|
self.assertIn('DNS=10.10.10.10#aaa.com 10.10.10.11:1111#bbb.com [1111:2222::3333]:1234#ccc.com', output)
|
|
self.assertIn('NTP=0.fedora.pool.ntp.org 1.fedora.pool.ntp.org', output)
|
|
self.assertIn('DOMAINS=hogehoge', output)
|
|
self.assertIn('ROUTE_DOMAINS=foofoo', output)
|
|
self.assertIn('LLMNR=no', output)
|
|
self.assertIn('MDNS=yes', output)
|
|
self.assertIn('DNSSEC=no', output)
|
|
|
|
def test_address_state(self):
|
|
copy_network_unit('12-dummy.netdev', '12-dummy-no-address.network')
|
|
start_networkd()
|
|
|
|
self.wait_online('dummy98:degraded')
|
|
|
|
output = read_link_state_file('dummy98')
|
|
self.assertIn('IPV4_ADDRESS_STATE=off', output)
|
|
self.assertIn('IPV6_ADDRESS_STATE=degraded', output)
|
|
|
|
# with a routable IPv4 address
|
|
check_output('ip address add 10.1.2.3/16 dev dummy98')
|
|
self.wait_online('dummy98:routable', ipv4=True)
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = read_link_state_file('dummy98')
|
|
self.assertIn('IPV4_ADDRESS_STATE=routable', output)
|
|
self.assertIn('IPV6_ADDRESS_STATE=degraded', output)
|
|
|
|
check_output('ip address del 10.1.2.3/16 dev dummy98')
|
|
|
|
# with a routable IPv6 address
|
|
check_output('ip address add 2002:da8:1:0:1034:56ff:fe78:9abc/64 dev dummy98')
|
|
self.wait_online('dummy98:routable', ipv6=True)
|
|
self.wait_online('dummy98:routable')
|
|
|
|
output = read_link_state_file('dummy98')
|
|
self.assertIn('IPV4_ADDRESS_STATE=off', output)
|
|
self.assertIn('IPV6_ADDRESS_STATE=routable', output)
|
|
|
|
class NetworkdBondTests(unittest.TestCase, Utilities):
|
|
|
|
def setUp(self):
|
|
setup_common()
|
|
|
|
def tearDown(self):
|
|
tear_down_common()
|
|
|
|
def test_bond_keep_master(self):
|
|
check_output('ip link add bond199 type bond mode active-backup')
|
|
check_output('ip link add dummy98 type dummy')
|
|
check_output('ip link set dummy98 master bond199')
|
|
|
|
copy_network_unit('23-keep-master.network')
|
|
start_networkd()
|
|
self.wait_online('dummy98:enslaved')
|
|
|
|
output = check_output('ip -d link show bond199')
|
|
print(output)
|
|
self.assertRegex(output, 'active_slave dummy98')
|
|
|
|
output = check_output('ip -d link show dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'master bond199')
|
|
|
|
def test_bond_active_slave(self):
|
|
copy_network_unit('23-active-slave.network', '23-bond199.network', '25-bond-active-backup-slave.netdev', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:enslaved', 'bond199:degraded')
|
|
|
|
output = check_output('ip -d link show bond199')
|
|
print(output)
|
|
self.assertIn('active_slave dummy98', output)
|
|
|
|
# test case for issue #31165.
|
|
since = datetime.datetime.now()
|
|
networkctl_reconfigure('dummy98')
|
|
self.wait_online('dummy98:enslaved', 'bond199:degraded')
|
|
self.assertNotIn('dummy98: Bringing link down', read_networkd_log(since=since))
|
|
|
|
def test_bond_primary_slave(self):
|
|
copy_network_unit('23-primary-slave.network', '23-bond199.network', '25-bond-active-backup-slave.netdev', '12-dummy.netdev')
|
|
start_networkd()
|
|
self.wait_online('dummy98:enslaved', 'bond199:degraded')
|
|
|
|
output = check_output('ip -d link show bond199')
|
|
print(output)
|
|
self.assertIn('primary dummy98', output)
|
|
|
|
# for issue #25627
|
|
mkdir_p(os.path.join(network_unit_dir, '23-bond199.network.d'))
|
|
for mac in ['00:11:22:33:44:55', '00:11:22:33:44:56']:
|
|
with open(os.path.join(network_unit_dir, '23-bond199.network.d/mac.conf'), mode='w', encoding='utf-8') as f:
|
|
f.write(f'[Link]\nMACAddress={mac}\n')
|
|
|
|
networkctl_reload()
|
|
self.wait_online('dummy98:enslaved', 'bond199:degraded')
|
|
|
|
output = check_output('ip -d link show bond199')
|
|
print(output)
|
|
self.assertIn(f'link/ether {mac}', output)
|
|
|
|
def test_bond_operstate(self):
|
|
copy_network_unit('25-bond.netdev', '11-dummy.netdev', '12-dummy.netdev',
|
|
'25-bond99.network', '25-bond-slave.network')
|
|
start_networkd()
|
|
self.wait_online('dummy98:enslaved', 'test1:enslaved', 'bond99:routable')
|
|
|
|
output = check_output('ip -d link show dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'SLAVE,UP,LOWER_UP')
|
|
|
|
output = check_output('ip -d link show test1')
|
|
print(output)
|
|
self.assertRegex(output, 'SLAVE,UP,LOWER_UP')
|
|
|
|
output = check_output('ip -d link show bond99')
|
|
print(output)
|
|
self.assertRegex(output, 'MASTER,UP,LOWER_UP')
|
|
|
|
self.wait_operstate('dummy98', 'enslaved')
|
|
self.wait_operstate('test1', 'enslaved')
|
|
self.wait_operstate('bond99', 'routable')
|
|
|
|
check_output('ip link set dummy98 down')
|
|
|
|
self.wait_operstate('dummy98', 'off')
|
|
self.wait_operstate('test1', 'enslaved')
|
|
self.wait_operstate('bond99', 'routable')
|
|
|
|
check_output('ip link set dummy98 up')
|
|
|
|
self.wait_operstate('dummy98', 'enslaved')
|
|
self.wait_operstate('test1', 'enslaved')
|
|
self.wait_operstate('bond99', 'routable')
|
|
|
|
check_output('ip link set dummy98 down')
|
|
check_output('ip link set test1 down')
|
|
|
|
self.wait_operstate('dummy98', 'off')
|
|
self.wait_operstate('test1', 'off')
|
|
|
|
if not self.wait_operstate('bond99', 'no-carrier', setup_timeout=30, fail_assert=False):
|
|
# Huh? Kernel does not recognize that all slave interfaces are down?
|
|
# Let's confirm that networkd's operstate is consistent with ip's result.
|
|
self.assertNotRegex(output, 'NO-CARRIER')
|
|
|
|
class NetworkdBridgeTests(unittest.TestCase, Utilities):
|
|
|
|
def setUp(self):
|
|
setup_common()
|
|
|
|
def tearDown(self):
|
|
tear_down_common()
|
|
|
|
def test_bridge_mac_none(self):
|
|
copy_network_unit('12-dummy-mac.netdev', '26-bridge-mac-slave.network',
|
|
'26-bridge-mac.netdev', '26-bridge-mac-master.network', '26-bridge-mac.link')
|
|
start_networkd()
|
|
self.wait_online('dummy98:enslaved', 'bridge99:degraded')
|
|
|
|
output = check_output('ip link show dev dummy98')
|
|
print(output)
|
|
self.assertIn('link/ether 12:34:56:78:9a:01', output)
|
|
|
|
output = check_output('ip link show dev bridge99')
|
|
print(output)
|
|
self.assertIn('link/ether 12:34:56:78:9a:01', output)
|
|
|
|
def test_bridge_vlan(self):
|
|
copy_network_unit('11-dummy.netdev', '26-bridge-vlan-slave.network',
|
|
'26-bridge.netdev', '26-bridge-vlan-master.network',
|
|
copy_dropins=False)
|
|
start_networkd()
|
|
self.wait_online('test1:enslaved', 'bridge99:degraded')
|
|
|
|
output = check_output('bridge vlan show dev test1')
|
|
print(output)
|
|
# check if the default VID is removed
|
|
self.assertNotIn('1 Egress Untagged', output)
|
|
for i in range(1000, 3000):
|
|
if i == 1010:
|
|
self.assertIn(f'{i} PVID', output)
|
|
elif i in range(1012, 1016) or i in range(1103, 1109):
|
|
self.assertIn(f'{i} Egress Untagged', output)
|
|
elif i in range(1008, 1014) or i in range(1100, 1111):
|
|
self.assertIn(f'{i}', output)
|
|
else:
|
|
self.assertNotIn(f'{i}', output)
|
|
|
|
output = check_output('bridge vlan show dev bridge99')
|
|
print(output)
|
|
# check if the default VID is removed
|
|
self.assertNotIn('1 Egress Untagged', output)
|
|
for i in range(1000, 3000):
|
|
if i == 1020:
|
|
self.assertIn(f'{i} PVID', output)
|
|
elif i in range(1022, 1026) or i in range(1203, 1209):
|
|
self.assertIn(f'{i} Egress Untagged', output)
|
|
elif i in range(1018, 1024) or i in range(1200, 1211):
|
|
self.assertIn(f'{i}', output)
|
|
else:
|
|
self.assertNotIn(f'{i}', output)
|
|
|
|
# Change vlan IDs
|
|
copy_network_unit('26-bridge-vlan-slave.network.d/10-override.conf',
|
|
'26-bridge-vlan-master.network.d/10-override.conf')
|
|
networkctl_reload()
|
|
self.wait_online('test1:enslaved', 'bridge99:degraded')
|
|
|
|
output = check_output('bridge vlan show dev test1')
|
|
print(output)
|
|
for i in range(1000, 3000):
|
|
if i == 2010:
|
|
self.assertIn(f'{i} PVID', output)
|
|
elif i in range(2012, 2016) or i in range(2103, 2109):
|
|
self.assertIn(f'{i} Egress Untagged', output)
|
|
elif i in range(2008, 2014) or i in range(2100, 2111):
|
|
self.assertIn(f'{i}', output)
|
|
else:
|
|
self.assertNotIn(f'{i}', output)
|
|
|
|
output = check_output('bridge vlan show dev bridge99')
|
|
print(output)
|
|
for i in range(1000, 3000):
|
|
if i == 2020:
|
|
self.assertIn(f'{i} PVID', output)
|
|
elif i in range(2022, 2026) or i in range(2203, 2209):
|
|
self.assertIn(f'{i} Egress Untagged', output)
|
|
elif i in range(2018, 2024) or i in range(2200, 2211):
|
|
self.assertIn(f'{i}', output)
|
|
else:
|
|
self.assertNotIn(f'{i}', output)
|
|
|
|
# Remove several vlan IDs
|
|
copy_network_unit('26-bridge-vlan-slave.network.d/20-override.conf',
|
|
'26-bridge-vlan-master.network.d/20-override.conf')
|
|
networkctl_reload()
|
|
self.wait_online('test1:enslaved', 'bridge99:degraded')
|
|
|
|
output = check_output('bridge vlan show dev test1')
|
|
print(output)
|
|
for i in range(1000, 3000):
|
|
if i == 2010:
|
|
self.assertIn(f'{i} PVID', output)
|
|
elif i in range(2012, 2016):
|
|
self.assertIn(f'{i} Egress Untagged', output)
|
|
elif i in range(2008, 2014):
|
|
self.assertIn(f'{i}', output)
|
|
else:
|
|
self.assertNotIn(f'{i}', output)
|
|
|
|
output = check_output('bridge vlan show dev bridge99')
|
|
print(output)
|
|
for i in range(1000, 3000):
|
|
if i == 2020:
|
|
self.assertIn(f'{i} PVID', output)
|
|
elif i in range(2022, 2026):
|
|
self.assertIn(f'{i} Egress Untagged', output)
|
|
elif i in range(2018, 2024):
|
|
self.assertIn(f'{i}', output)
|
|
else:
|
|
self.assertNotIn(f'{i}', output)
|
|
|
|
# Remove all vlan IDs
|
|
copy_network_unit('26-bridge-vlan-slave.network.d/30-override.conf',
|
|
'26-bridge-vlan-master.network.d/30-override.conf')
|
|
networkctl_reload()
|
|
self.wait_online('test1:enslaved', 'bridge99:degraded')
|
|
|
|
output = check_output('bridge vlan show dev test1')
|
|
print(output)
|
|
self.assertNotIn('PVID', output)
|
|
for i in range(1000, 3000):
|
|
self.assertNotIn(f'{i}', output)
|
|
|
|
output = check_output('bridge vlan show dev bridge99')
|
|
print(output)
|
|
self.assertNotIn('PVID', output)
|
|
for i in range(1000, 3000):
|
|
self.assertNotIn(f'{i}', output)
|
|
|
|
def test_bridge_vlan_issue_20373(self):
|
|
copy_network_unit('11-dummy.netdev', '26-bridge-vlan-slave-issue-20373.network',
|
|
'26-bridge-issue-20373.netdev', '26-bridge-vlan-master-issue-20373.network',
|
|
'21-vlan.netdev', '21-vlan.network')
|
|
start_networkd()
|
|
self.wait_online('test1:enslaved', 'bridge99:degraded', 'vlan99:routable')
|
|
|
|
output = check_output('bridge vlan show dev test1')
|
|
print(output)
|
|
self.assertIn('100 PVID Egress Untagged', output)
|
|
self.assertIn('560', output)
|
|
self.assertIn('600', output)
|
|
|
|
output = check_output('bridge vlan show dev bridge99')
|
|
print(output)
|
|
self.assertIn('1 PVID Egress Untagged', output)
|
|
self.assertIn('100', output)
|
|
self.assertIn('600', output)
|
|
|
|
def test_bridge_mdb(self):
|
|
copy_network_unit('11-dummy.netdev', '26-bridge-mdb-slave.network',
|
|
'26-bridge.netdev', '26-bridge-mdb-master.network')
|
|
start_networkd()
|
|
self.wait_online('test1:enslaved', 'bridge99:degraded')
|
|
|
|
output = check_output('bridge mdb show dev bridge99')
|
|
print(output)
|
|
self.assertRegex(output, 'dev bridge99 port test1 grp ff02:aaaa:fee5::1:3 permanent *vid 4064')
|
|
self.assertRegex(output, 'dev bridge99 port test1 grp 224.0.1.1 permanent *vid 4065')
|
|
|
|
# Old kernel may not support bridge MDB entries on bridge master
|
|
if call_quiet('bridge mdb add dev bridge99 port bridge99 grp 224.0.1.3 temp vid 4068') == 0:
|
|
self.assertRegex(output, 'dev bridge99 port bridge99 grp ff02:aaaa:fee5::1:4 temp *vid 4066')
|
|
self.assertRegex(output, 'dev bridge99 port bridge99 grp 224.0.1.2 temp *vid 4067')
|
|
|
|
# Old kernel may not support L2 bridge MDB entries
|
|
if call_quiet('bridge mdb add dev bridge99 port bridge99 grp 01:80:c2:00:00:0f permanent vid 4070') == 0:
|
|
self.assertRegex(output, 'dev bridge99 port bridge99 grp 01:80:c2:00:00:0e permanent *vid 4069')
|
|
|
|
def test_bridge_keep_master(self):
|
|
check_output('ip link add bridge99 type bridge')
|
|
check_output('ip link set bridge99 up')
|
|
check_output('ip link add dummy98 type dummy')
|
|
check_output('ip link set dummy98 master bridge99')
|
|
|
|
copy_network_unit('23-keep-master.network')
|
|
start_networkd()
|
|
self.wait_online('dummy98:enslaved')
|
|
|
|
output = check_output('ip -d link show dummy98')
|
|
print(output)
|
|
self.assertRegex(output, 'master bridge99')
|
|
self.assertRegex(output, 'bridge')
|
|
|
|
output = check_output('bridge -d link show dummy98')
|
|
print(output)
|
|
self.check_bridge_port_attr('bridge99', 'dummy98', 'path_cost', '400')
|
|
self.check_bridge_port_attr('bridge99', 'dummy98', 'hairpin_mode', '1')
|
|
self.check_bridge_port_attr('bridge99', 'dummy98', 'multicast_fast_leave', '1')
|
|
self.check_bridge_port_attr('bridge99', 'dummy98', 'unicast_flood', '1')
|
|
self.check_bridge_port_attr('bridge99', 'dummy98', 'multicast_flood', '0')
|
|
# CONFIG_BRIDGE_IGMP_SNOOPING=y
|
|
self.check_bridge_port_attr('bridge99', 'dummy98', 'multicast_to_unicast', '1', allow_enoent=True)
|
|
self.check_bridge_port_attr('bridge99', 'dummy98', 'neigh_suppress', '1', allow_enoent=True)
|
|
self.check_bridge_port_attr('bridge99', 'dummy98', 'learning', '0')
|
|
self.check_bridge_port_attr('bridge99', 'dummy98', 'priority', '23')
|
|
self.check_bridge_port_attr('bridge99', 'dummy98', 'bpdu_guard', '0')
|
|
self.check_bridge_port_attr('bridge99', 'dummy98', 'root_block', '0')
|
|
|
|
def test_bridge_property(self):
|
|
copy_network_unit('11-dummy.netdev', '12-dummy.netdev', '26-bridge.netdev',
|
|
'26-bridge-slave-interface-1.network', '26-bridge-slave-interface-2.network',
|
|
'25-bridge99.network')
|
|
start_networkd()
|
|
self.wait_online('dummy98:enslaved', 'test1:enslaved', 'bridge99:routable')
|
|
|
|
output = check_output('ip -d link show bridge99')
|
|
print(output)
|
|
self.assertIn('mtu 9000 ', output)
|
|
|
|
output = check_output('ip -d link show test1')
|
|
print(output)
|
|
self.assertIn('master bridge99 ', output)
|
|
self.assertIn('bridge_slave', output)
|
|
self.assertIn('mtu 9000 ', output)
|
|
|
|
output = check_output('ip -d link show dummy98')
|
|
print(output)
|
|
self.assertIn('master bridge99 ', output)
|
|
self.assertIn('bridge_slave', output)
|
|
self.assertIn('mtu 9000 ', output)
|
|
|
|
output = check_output('ip addr show bridge99')
|
|
print(output)
|
|
self.assertIn('192.168.0.15/24', output)
|
|
|
|
output = check_output('bridge -d link show dummy98')
|
|
print(output)
|
|
self.check_bridge_port_attr('bridge99', 'dummy98', 'path_cost', '400')
|
|
self.check_bridge_port_attr('bridge99', 'dummy98', 'hairpin_mode', '1')
|
|
self.check_bridge_port_attr('bridge99', 'dummy98', 'isolated', '1')
|
|
self.check_bridge_port_attr('bridge99', 'dummy98', 'multicast_fast_leave', '1')
|
|
self.check_bridge_port_attr('bridge99', 'dummy98', 'unicast_flood', '1')
|
|
self.check_bridge_port_attr('bridge99', 'dummy98', 'multicast_flood', '0')
|
|
# CONFIG_BRIDGE_IGMP_SNOOPING=y
|
|
self.check_bridge_port_attr('bridge99', 'dummy98', 'multicast_to_unicast', '1', allow_enoent=True)
|
|
self.check_bridge_port_attr('bridge99', 'dummy98', 'neigh_suppress', '1', allow_enoent=True)
|
|
self.check_bridge_port_attr('bridge99', 'dummy98', 'learning', '0')
|
|
self.check_bridge_port_attr('bridge99', 'dummy98', 'priority', '23')
|
|
self.check_bridge_port_attr('bridge99', 'dummy98', 'bpdu_guard', '0')
|
|
self.check_bridge_port_attr('bridge99', 'dummy98', 'root_block', '0')
|
|
|
|
output = check_output('bridge -d link show test1')
|
|
print(output)
|
|
self.check_bridge_port_attr('bridge99', 'test1', 'priority', '0')
|
|
|
|
check_output('ip address add 192.168.0.16/24 dev bridge99')
|
|
output = check_output('ip addr show bridge99')
|
|
print(output)
|
|
self.assertIn('192.168.0.16/24', output)
|
|
|
|
# for issue #6088
|
|
print('### ip -6 route list table all dev bridge99')
|
|
output = check_output('ip -6 route list table all dev bridge99')
|
|
print(output)
|
|
self.assertRegex(output, 'ff00::/8 table local (proto kernel )?metric 256 (linkdown )?pref medium')
|
|
|
|
remove_link('test1')
|
|
self.wait_operstate('bridge99', 'routable')
|
|
|
|
output = check_output('ip -d link show bridge99')
|
|
print(output)
|
|
self.assertIn('mtu 9000 ', output)
|
|
|
|
output = check_output('ip -d link show dummy98')
|
|
print(output)
|
|
self.assertIn('master bridge99 ', output)
|
|
self.assertIn('bridge_slave', output)
|
|
self.assertIn('mtu 9000 ', output)
|
|
|
|
remove_link('dummy98')
|
|
self.wait_operstate('bridge99', 'no-carrier')
|
|
|
|
output = check_output('ip -d link show bridge99')
|
|
print(output)
|
|
# When no carrier, the kernel may reset the MTU
|
|
self.assertIn('NO-CARRIER', output)
|
|
|
|
output = check_output('ip address show bridge99')
|
|
print(output)
|
|
self.assertNotIn('192.168.0.15/24', output)
|
|
self.assertIn('192.168.0.16/24', output) # foreign address is kept
|
|
|
|
print('### ip -6 route list table all dev bridge99')
|
|
output = check_output('ip -6 route list table all dev bridge99')
|
|
print(output)
|
|
self.assertRegex(output, 'ff00::/8 table local (proto kernel )?metric 256 (linkdown )?pref medium')
|
|
|
|
check_output('ip link add dummy98 type dummy')
|
|
self.wait_online('dummy98:enslaved', 'bridge99:routable')
|
|
|
|
output = check_output('ip -d link show bridge99')
|
|
print(output)
|
|
self.assertIn('mtu 9000 ', output)
|
|
|
|
output = check_output('ip -d link show dummy98')
|
|
print(output)
|
|
self.assertIn('master bridge99 ', output)
|
|
self.assertIn('bridge_slave', output)
|
|
self.assertIn('mtu 9000 ', output)
|
|
|
|
def test_bridge_configure_without_carrier(self):
|
|
copy_network_unit('26-bridge.netdev', '26-bridge-configure-without-carrier.network',
|
|
'11-dummy.netdev')
|
|
start_networkd()
|
|
|
|
# With ConfigureWithoutCarrier=yes, the bridge should remain configured for all these situations
|
|
for test in ['no-slave', 'add-slave', 'slave-up', 'slave-no-carrier', 'slave-carrier', 'slave-down']:
|
|
with self.subTest(test=test):
|
|
if test == 'no-slave':
|
|
# bridge has no slaves; it's up but *might* not have carrier
|
|
self.wait_operstate('bridge99', operstate=r'(no-carrier|routable)', setup_state=None, setup_timeout=30)
|
|
# due to a bug in the kernel, newly-created bridges are brought up
|
|
# *with* carrier, unless they have had any setting changed; e.g.
|
|
# their mac set, priority set, etc. Then, they will lose carrier
|
|
# as soon as a (down) slave interface is added, and regain carrier
|
|
# again once the slave interface is brought up.
|
|
#self.check_link_attr('bridge99', 'carrier', '0')
|
|
elif test == 'add-slave':
|
|
# add slave to bridge, but leave it down; bridge is definitely no-carrier
|
|
self.check_link_attr('test1', 'operstate', 'down')
|
|
check_output('ip link set dev test1 master bridge99')
|
|
self.wait_operstate('bridge99', operstate='no-carrier', setup_state=None)
|
|
self.check_link_attr('bridge99', 'carrier', '0')
|
|
elif test == 'slave-up':
|
|
# bring up slave, which will have carrier; bridge gains carrier
|
|
check_output('ip link set dev test1 up')
|
|
self.wait_online('bridge99:routable')
|
|
self.check_link_attr('bridge99', 'carrier', '1')
|
|
elif test == 'slave-no-carrier':
|
|
# drop slave carrier; bridge loses carrier
|
|
check_output('ip link set dev test1 carrier off')
|
|
self.wait_online('bridge99:no-carrier:no-carrier')
|
|
self.check_link_attr('bridge99', 'carrier', '0')
|
|
elif test == 'slave-carrier':
|
|
# restore slave carrier; bridge gains carrier
|
|
check_output('ip link set dev test1 carrier on')
|
|
self.wait_online('bridge99:routable')
|
|
self.check_link_attr('bridge99', 'carrier', '1')
|
|
elif test == 'slave-down':
|
|
# bring down slave; bridge loses carrier
|
|
check_output('ip link set dev test1 down')
|
|
self.wait_online('bridge99:no-carrier:no-carrier')
|
|
self.check_link_attr('bridge99', 'carrier', '0')
|
|
|
|
output = networkctl_status('bridge99')
|
|
self.assertRegex(output, '10.1.2.3')
|
|
self.assertRegex(output, '10.1.2.1')
|
|
|
|
def test_bridge_ignore_carrier_loss(self):
|
|
copy_network_unit('11-dummy.netdev', '12-dummy.netdev', '26-bridge.netdev',
|
|
'26-bridge-slave-interface-1.network', '26-bridge-slave-interface-2.network',
|
|
'25-bridge99-ignore-carrier-loss.network')
|
|
start_networkd()
|
|
self.wait_online('dummy98:enslaved', 'test1:enslaved', 'bridge99:routable')
|
|
|
|
check_output('ip address add 192.168.0.16/24 dev bridge99')
|
|
remove_link('test1', 'dummy98')
|
|
time.sleep(3)
|
|
|
|
output = check_output('ip address show bridge99')
|
|
print(output)
|
|
self.assertRegex(output, 'NO-CARRIER')
|
|
self.assertRegex(output, 'inet 192.168.0.15/24 brd 192.168.0.255 scope global bridge99')
|
|
self.assertRegex(output, 'inet 192.168.0.16/24 scope global secondary bridge99')
|
|
|
|
def test_bridge_ignore_carrier_loss_frequent_loss_and_gain(self):
|
|
copy_network_unit('26-bridge.netdev', '26-bridge-slave-interface-1.network',
|
|
'25-bridge99-ignore-carrier-loss.network')
|
|
start_networkd()
|
|
self.wait_online('bridge99:no-carrier')
|
|
|
|
for trial in range(4):
|
|
check_output('ip link add dummy98 type dummy')
|
|
check_output('ip link set dummy98 up')
|
|
if trial < 3:
|
|
remove_link('dummy98')
|
|
|
|
self.wait_online('bridge99:routable', 'dummy98:enslaved')
|
|
|
|
output = check_output('ip address show bridge99')
|
|
print(output)
|
|
self.assertRegex(output, 'inet 192.168.0.15/24 brd 192.168.0.255 scope global bridge99')
|
|
|
|
output = check_output('ip rule list table 100')
|
|
print(output)
|
|
self.assertIn('from all to 8.8.8.8 lookup 100', output)
|
|
|
|
class NetworkdSRIOVTests(unittest.TestCase, Utilities):
|
|
|
|
def setUp(self):
|
|
setup_common()
|
|
|
|
def tearDown(self):
|
|
tear_down_common()
|
|
|
|
def setup_netdevsim(self, id=99, num_ports=1, num_vfs=0):
|
|
call('modprobe netdevsim')
|
|
|
|
# Create netdevsim device.
|
|
with open('/sys/bus/netdevsim/new_device', mode='w', encoding='utf-8') as f:
|
|
f.write(f'{id} {num_ports}')
|
|
|
|
# Create VF.
|
|
if num_vfs > 0:
|
|
with open(f'/sys/bus/netdevsim/devices/netdevsim{id}/sriov_numvfs', mode='w', encoding='utf-8') as f:
|
|
f.write(f'{num_vfs}')
|
|
|
|
@expectedFailureIfNetdevsimWithSRIOVIsNotAvailable()
|
|
def test_sriov(self):
|
|
copy_network_unit('25-netdevsim.link', '25-sriov.network')
|
|
|
|
self.setup_netdevsim(num_vfs=3)
|
|
|
|
start_networkd()
|
|
self.wait_online('sim99:routable')
|
|
|
|
output = check_output('ip link show dev sim99')
|
|
print(output)
|
|
self.assertRegex(output,
|
|
'vf 0 .*00:11:22:33:44:55.*vlan 5, qos 1, vlan protocol 802.1ad, spoof checking on, link-state enable, trust on, query_rss on\n *'
|
|
'vf 1 .*00:11:22:33:44:56.*vlan 6, qos 2, spoof checking off, link-state disable, trust off, query_rss off\n *'
|
|
'vf 2 .*00:11:22:33:44:57.*vlan 7, qos 3, spoof checking off, link-state auto, trust off, query_rss off'
|
|
)
|
|
|
|
@expectedFailureIfNetdevsimWithSRIOVIsNotAvailable()
|
|
def test_sriov_udev(self):
|
|
copy_network_unit('25-sriov.link', '25-sriov-udev.network')
|
|
|
|
self.setup_netdevsim()
|
|
|
|
start_networkd()
|
|
self.wait_online('sim99:routable')
|
|
|
|
# The name sim99 is an alternative name, and cannot be used by udevadm below.
|
|
ifname = link_resolve('sim99')
|
|
|
|
output = check_output('ip link show dev sim99')
|
|
print(output)
|
|
self.assertRegex(output,
|
|
'vf 0 .*00:11:22:33:44:55.*vlan 5, qos 1, vlan protocol 802.1ad, spoof checking on, link-state enable, trust on, query_rss on\n *'
|
|
'vf 1 .*00:11:22:33:44:56.*vlan 6, qos 2, spoof checking off, link-state disable, trust off, query_rss off\n *'
|
|
'vf 2 .*00:11:22:33:44:57.*vlan 7, qos 3, spoof checking off, link-state auto, trust off, query_rss off'
|
|
)
|
|
self.assertNotIn('vf 3', output)
|
|
self.assertNotIn('vf 4', output)
|
|
|
|
with open(os.path.join(network_unit_dir, '25-sriov.link'), mode='a', encoding='utf-8') as f:
|
|
f.write('[Link]\nSR-IOVVirtualFunctions=4\n')
|
|
|
|
udevadm_reload()
|
|
udevadm_trigger(f'/sys/devices/netdevsim99/net/{ifname}')
|
|
|
|
output = check_output('ip link show dev sim99')
|
|
print(output)
|
|
self.assertRegex(output,
|
|
'vf 0 .*00:11:22:33:44:55.*vlan 5, qos 1, vlan protocol 802.1ad, spoof checking on, link-state enable, trust on, query_rss on\n *'
|
|
'vf 1 .*00:11:22:33:44:56.*vlan 6, qos 2, spoof checking off, link-state disable, trust off, query_rss off\n *'
|
|
'vf 2 .*00:11:22:33:44:57.*vlan 7, qos 3, spoof checking off, link-state auto, trust off, query_rss off\n *'
|
|
'vf 3'
|
|
)
|
|
self.assertNotIn('vf 4', output)
|
|
|
|
with open(os.path.join(network_unit_dir, '25-sriov.link'), mode='a', encoding='utf-8') as f:
|
|
f.write('[Link]\nSR-IOVVirtualFunctions=\n')
|
|
|
|
udevadm_reload()
|
|
udevadm_trigger(f'/sys/devices/netdevsim99/net/{ifname}')
|
|
|
|
output = check_output('ip link show dev sim99')
|
|
print(output)
|
|
self.assertRegex(output,
|
|
'vf 0 .*00:11:22:33:44:55.*vlan 5, qos 1, vlan protocol 802.1ad, spoof checking on, link-state enable, trust on, query_rss on\n *'
|
|
'vf 1 .*00:11:22:33:44:56.*vlan 6, qos 2, spoof checking off, link-state disable, trust off, query_rss off\n *'
|
|
'vf 2 .*00:11:22:33:44:57.*vlan 7, qos 3, spoof checking off, link-state auto, trust off, query_rss off\n *'
|
|
'vf 3'
|
|
)
|
|
self.assertNotIn('vf 4', output)
|
|
|
|
with open(os.path.join(network_unit_dir, '25-sriov.link'), mode='a', encoding='utf-8') as f:
|
|
f.write('[Link]\nSR-IOVVirtualFunctions=2\n')
|
|
|
|
udevadm_reload()
|
|
udevadm_trigger(f'/sys/devices/netdevsim99/net/{ifname}')
|
|
|
|
output = check_output('ip link show dev sim99')
|
|
print(output)
|
|
self.assertRegex(output,
|
|
'vf 0 .*00:11:22:33:44:55.*vlan 5, qos 1, vlan protocol 802.1ad, spoof checking on, link-state enable, trust on, query_rss on\n *'
|
|
'vf 1 .*00:11:22:33:44:56.*vlan 6, qos 2, spoof checking off, link-state disable, trust off, query_rss off'
|
|
)
|
|
self.assertNotIn('vf 2', output)
|
|
self.assertNotIn('vf 3', output)
|
|
self.assertNotIn('vf 4', output)
|
|
|
|
with open(os.path.join(network_unit_dir, '25-sriov.link'), mode='a', encoding='utf-8') as f:
|
|
f.write('[Link]\nSR-IOVVirtualFunctions=\n')
|
|
|
|
udevadm_reload()
|
|
udevadm_trigger(f'/sys/devices/netdevsim99/net/{ifname}')
|
|
|
|
output = check_output('ip link show dev sim99')
|
|
print(output)
|
|
self.assertRegex(output,
|
|
'vf 0 .*00:11:22:33:44:55.*vlan 5, qos 1, vlan protocol 802.1ad, spoof checking on, link-state enable, trust on, query_rss on\n *'
|
|
'vf 1 .*00:11:22:33:44:56.*vlan 6, qos 2, spoof checking off, link-state disable, trust off, query_rss off\n *'
|
|
'vf 2 .*00:11:22:33:44:57.*vlan 7, qos 3, spoof checking off, link-state auto, trust off, query_rss off'
|
|
)
|
|
self.assertNotIn('vf 3', output)
|
|
self.assertNotIn('vf 4', output)
|
|
|
|
class NetworkdLLDPTests(unittest.TestCase, Utilities):
|
|
|
|
def setUp(self):
|
|
setup_common()
|
|
|
|
def tearDown(self):
|
|
tear_down_common()
|
|
|
|
def test_lldp(self):
|
|
copy_network_unit('23-emit-lldp.network', '24-lldp.network', '25-veth.netdev')
|
|
start_networkd()
|
|
self.wait_online('veth99:degraded', 'veth-peer:degraded')
|
|
|
|
for _ in range(20):
|
|
output = networkctl('lldp')
|
|
print(output)
|
|
if re.search(r'veth99 .* veth-peer .* .......a...', output):
|
|
break
|
|
time.sleep(0.5)
|
|
else:
|
|
self.fail()
|
|
|
|
# With interface name
|
|
output = networkctl('lldp', 'veth99');
|
|
print(output)
|
|
self.assertRegex(output, r'veth99 .* veth-peer .* .......a...')
|
|
|
|
# With interface name pattern
|
|
output = networkctl('lldp', 've*9');
|
|
print(output)
|
|
self.assertRegex(output, r'veth99 .* veth-peer .* .......a...')
|
|
|
|
# json format
|
|
output = networkctl('--json=short', 'lldp')
|
|
print(output)
|
|
self.assertIn('"InterfaceName":"veth99"', output)
|
|
self.assertIn('"PortID":"veth-peer"', output)
|
|
self.assertIn('"EnabledCapabilities":128', output)
|
|
|
|
# json format with interface name
|
|
output = networkctl('--json=short', 'lldp', 'veth99')
|
|
print(output)
|
|
self.assertIn('"InterfaceName":"veth99"', output)
|
|
self.assertIn('"PortID":"veth-peer"', output)
|
|
self.assertIn('"EnabledCapabilities":128', output)
|
|
|
|
# json format with interface name pattern
|
|
output = networkctl('--json=short', 'lldp', 've*9')
|
|
print(output)
|
|
self.assertIn('"InterfaceName":"veth99"', output)
|
|
self.assertIn('"PortID":"veth-peer"', output)
|
|
self.assertIn('"EnabledCapabilities":128', output)
|
|
|
|
# LLDP neighbors in status
|
|
output = networkctl_status('veth99')
|
|
print(output)
|
|
self.assertRegex(output, r'Connected To: .* on port veth-peer')
|
|
|
|
# enable forwarding, to enable the Router flag
|
|
with open(os.path.join(network_unit_dir, '23-emit-lldp.network'), mode='a', encoding='utf-8') as f:
|
|
f.write('[Network]\nIPv4Forwarding=yes\n')
|
|
|
|
networkctl_reload()
|
|
self.wait_online('veth-peer:degraded')
|
|
|
|
for _ in range(20):
|
|
output = networkctl('lldp')
|
|
print(output)
|
|
if re.search(r'veth99 .* veth-peer .* ....r......', output):
|
|
break
|
|
time.sleep(0.5)
|
|
else:
|
|
self.fail()
|
|
|
|
# With interface name
|
|
output = networkctl('lldp', 'veth99');
|
|
print(output)
|
|
self.assertRegex(output, r'veth99 .* veth-peer .* ....r......')
|
|
|
|
# With interface name pattern
|
|
output = networkctl('lldp', 've*9');
|
|
print(output)
|
|
self.assertRegex(output, r'veth99 .* veth-peer .* ....r......')
|
|
|
|
# json format
|
|
output = networkctl('--json=short', 'lldp')
|
|
print(output)
|
|
self.assertIn('"InterfaceName":"veth99"', output)
|
|
self.assertIn('"PortID":"veth-peer"', output)
|
|
self.assertIn('"EnabledCapabilities":16', output)
|
|
|
|
# json format with interface name
|
|
output = networkctl('--json=short', 'lldp', 'veth99')
|
|
print(output)
|
|
self.assertIn('"InterfaceName":"veth99"', output)
|
|
self.assertIn('"PortID":"veth-peer"', output)
|
|
self.assertIn('"EnabledCapabilities":16', output)
|
|
|
|
# json format with interface name pattern
|
|
output = networkctl('--json=short', 'lldp', 've*9')
|
|
print(output)
|
|
self.assertIn('"InterfaceName":"veth99"', output)
|
|
self.assertIn('"PortID":"veth-peer"', output)
|
|
self.assertIn('"EnabledCapabilities":16', output)
|
|
|
|
# LLDP neighbors in status
|
|
output = networkctl_status('veth99')
|
|
print(output)
|
|
self.assertRegex(output, r'Connected To: .* on port veth-peer')
|
|
|
|
class NetworkdRATests(unittest.TestCase, Utilities):
|
|
|
|
def setUp(self):
|
|
setup_common()
|
|
|
|
def tearDown(self):
|
|
tear_down_common()
|
|
|
|
def test_ipv6_prefix_delegation(self):
|
|
copy_network_unit('25-veth.netdev', '25-ipv6-prefix.network', '25-ipv6-prefix-veth.network')
|
|
self.setup_nftset('addr6', 'ipv6_addr')
|
|
self.setup_nftset('network6', 'ipv6_addr', 'flags interval;')
|
|
self.setup_nftset('ifindex', 'iface_index')
|
|
start_networkd()
|
|
self.wait_online('veth99:routable', 'veth-peer:degraded')
|
|
|
|
# IPv6SendRA=yes implies IPv6Forwarding.
|
|
self.check_ipv6_sysctl_attr('veth-peer', 'forwarding', '1')
|
|
|
|
output = resolvectl('dns', 'veth99')
|
|
print(output)
|
|
self.assertRegex(output, 'fe80::')
|
|
self.assertRegex(output, '2002:da8:1::1')
|
|
|
|
output = resolvectl('domain', 'veth99')
|
|
print(output)
|
|
self.assertIn('hogehoge.test', output)
|
|
|
|
output = networkctl_status('veth99')
|
|
print(output)
|
|
self.assertRegex(output, '2002:da8:1:0')
|
|
|
|
self.check_ipv6_neigh_sysctl_attr('veth99', 'base_reachable_time_ms', '42000')
|
|
self.check_ipv6_neigh_sysctl_attr('veth99', 'retrans_time_ms', '500')
|
|
|
|
self.check_netlabel('veth99', '2002:da8:1::/64')
|
|
self.check_netlabel('veth99', '2002:da8:2::/64')
|
|
|
|
self.check_nftset('addr6', '2002:da8:1:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*')
|
|
self.check_nftset('addr6', '2002:da8:2:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*')
|
|
self.check_nftset('network6', '2002:da8:1::/64')
|
|
self.check_nftset('network6', '2002:da8:2::/64')
|
|
self.check_nftset('ifindex', 'veth99')
|
|
|
|
self.teardown_nftset('addr6', 'network6', 'ifindex')
|
|
|
|
def check_ipv6_token_static(self):
|
|
self.wait_online('veth99:routable', 'veth-peer:degraded')
|
|
|
|
output = networkctl_status('veth99')
|
|
print(output)
|
|
self.assertRegex(output, '2002:da8:1:0:1a:2b:3c:4d')
|
|
self.assertRegex(output, '2002:da8:1:0:fa:de:ca:fe')
|
|
self.assertRegex(output, '2002:da8:2:0:1a:2b:3c:4d')
|
|
self.assertRegex(output, '2002:da8:2:0:fa:de:ca:fe')
|
|
|
|
def test_ipv6_token_static(self):
|
|
copy_network_unit('25-veth.netdev', '25-ipv6-prefix.network', '25-ipv6-prefix-veth-token-static.network')
|
|
start_networkd()
|
|
|
|
self.check_ipv6_token_static()
|
|
|
|
for _ in range(20):
|
|
check_output('ip link set veth99 down')
|
|
check_output('ip link set veth99 up')
|
|
|
|
self.check_ipv6_token_static()
|
|
|
|
for _ in range(20):
|
|
check_output('ip link set veth99 down')
|
|
time.sleep(random.uniform(0, 0.1))
|
|
check_output('ip link set veth99 up')
|
|
time.sleep(random.uniform(0, 0.1))
|
|
|
|
self.check_ipv6_token_static()
|
|
|
|
def test_ndisc_redirect(self):
|
|
if not os.path.exists(test_ndisc_send):
|
|
self.skipTest(f"{test_ndisc_send} does not exist.")
|
|
|
|
copy_network_unit('25-veth.netdev', '25-ipv6-prefix.network', '25-ipv6-prefix-veth-token-static.network')
|
|
start_networkd()
|
|
|
|
self.check_ipv6_token_static()
|
|
|
|
# Introduce three redirect routes.
|
|
check_output(f'{test_ndisc_send} --interface veth-peer --type redirect --target-address 2002:da8:1:1:1a:2b:3c:4d --redirect-destination 2002:da8:1:1:1a:2b:3c:4d')
|
|
check_output(f'{test_ndisc_send} --interface veth-peer --type redirect --target-address 2002:da8:1:2:1a:2b:3c:4d --redirect-destination 2002:da8:1:2:1a:2b:3c:4d')
|
|
check_output(f'{test_ndisc_send} --interface veth-peer --type redirect --target-address 2002:da8:1:3:1a:2b:3c:4d --redirect-destination 2002:da8:1:3:1a:2b:3c:4d')
|
|
self.wait_route('veth99', '2002:da8:1:1:1a:2b:3c:4d proto redirect', ipv='-6', timeout_sec=10)
|
|
self.wait_route('veth99', '2002:da8:1:2:1a:2b:3c:4d proto redirect', ipv='-6', timeout_sec=10)
|
|
self.wait_route('veth99', '2002:da8:1:3:1a:2b:3c:4d proto redirect', ipv='-6', timeout_sec=10)
|
|
|
|
# Change the target address of the redirects.
|
|
check_output(f'{test_ndisc_send} --interface veth-peer --type redirect --target-address fe80::1 --redirect-destination 2002:da8:1:1:1a:2b:3c:4d')
|
|
check_output(f'{test_ndisc_send} --interface veth-peer --type redirect --target-address fe80::2 --redirect-destination 2002:da8:1:2:1a:2b:3c:4d')
|
|
self.wait_route_dropped('veth99', '2002:da8:1:1:1a:2b:3c:4d proto redirect', ipv='-6', timeout_sec=10)
|
|
self.wait_route_dropped('veth99', '2002:da8:1:2:1a:2b:3c:4d proto redirect', ipv='-6', timeout_sec=10)
|
|
self.wait_route('veth99', '2002:da8:1:1:1a:2b:3c:4d via fe80::1 proto redirect', ipv='-6', timeout_sec=10)
|
|
self.wait_route('veth99', '2002:da8:1:2:1a:2b:3c:4d via fe80::2 proto redirect', ipv='-6', timeout_sec=10)
|
|
|
|
# Send Neighbor Advertisement without the router flag to announce the default router is not available anymore.
|
|
# Then, verify that all redirect routes and the default route are dropped.
|
|
output = check_output('ip -6 address show dev veth-peer scope link')
|
|
veth_peer_ipv6ll = re.search('fe80:[:0-9a-f]*', output).group()
|
|
print(f'veth-peer IPv6LL address: {veth_peer_ipv6ll}')
|
|
check_output(f'{test_ndisc_send} --interface veth-peer --type neighbor-advertisement --target-address {veth_peer_ipv6ll} --is-router no')
|
|
self.wait_route_dropped('veth99', 'proto ra', ipv='-6', timeout_sec=10)
|
|
self.wait_route_dropped('veth99', 'proto redirect', ipv='-6', timeout_sec=10)
|
|
|
|
# Check if sd-radv refuses RS from the same interface.
|
|
# See https://github.com/systemd/systemd/pull/32267#discussion_r1566721306
|
|
since = datetime.datetime.now()
|
|
check_output(f'{test_ndisc_send} --interface veth-peer --type rs --dest {veth_peer_ipv6ll}')
|
|
self.check_networkd_log('veth-peer: RADV: Received RS from the same interface, ignoring.', since=since)
|
|
|
|
def check_ndisc_mtu(self, mtu):
|
|
for _ in range(20):
|
|
output = read_ipv6_sysctl_attr('veth99', 'mtu')
|
|
if output == f'{mtu}':
|
|
break
|
|
time.sleep(0.5)
|
|
else:
|
|
self.fail(f'IPv6 MTU does not matches: value={output}, expected={mtu}')
|
|
|
|
def test_ndisc_mtu(self):
|
|
if not os.path.exists(test_ndisc_send):
|
|
self.skipTest(f"{test_ndisc_send} does not exist.")
|
|
|
|
copy_network_unit('25-veth.netdev',
|
|
'25-veth-peer-no-address.network',
|
|
'25-ipv6-prefix-veth-token-static.network')
|
|
start_networkd()
|
|
self.wait_online('veth-peer:degraded')
|
|
|
|
self.check_networkd_log('veth99: NDISC: Started IPv6 Router Solicitation client')
|
|
|
|
check_output(f'{test_ndisc_send} --interface veth-peer --type ra --lifetime 1hour --mtu 1400')
|
|
self.check_ndisc_mtu(1400)
|
|
|
|
check_output(f'{test_ndisc_send} --interface veth-peer --type ra --lifetime 1hour --mtu 1410')
|
|
self.check_ndisc_mtu(1410)
|
|
|
|
check_output('ip link set dev veth99 mtu 1600')
|
|
check_output('ip link set dev veth-peer mtu 1600')
|
|
self.check_ndisc_mtu(1410)
|
|
|
|
check_output(f'{test_ndisc_send} --interface veth-peer --type ra --lifetime 1hour --mtu 1700')
|
|
self.check_ndisc_mtu(1600)
|
|
|
|
check_output('ip link set dev veth99 mtu 1800')
|
|
check_output('ip link set dev veth-peer mtu 1800')
|
|
self.check_ndisc_mtu(1700)
|
|
|
|
def test_ipv6_token_prefixstable(self):
|
|
copy_network_unit('25-veth.netdev', '25-ipv6-prefix.network', '25-ipv6-prefix-veth-token-prefixstable.network')
|
|
start_networkd()
|
|
self.wait_online('veth99:routable', 'veth-peer:degraded')
|
|
|
|
output = check_output('ip -6 address show dev veth99')
|
|
print(output)
|
|
self.assertIn('2002:da8:1:0:b47e:7975:fc7a:7d6e/64', output) # the 1st prefixstable
|
|
self.assertIn('2002:da8:2:0:1034:56ff:fe78:9abc/64', output) # EUI64
|
|
|
|
with open(os.path.join(network_unit_dir, '25-ipv6-prefix-veth-token-prefixstable.network'), mode='a', encoding='utf-8') as f:
|
|
f.write('\n[IPv6AcceptRA]\nPrefixAllowList=2002:da8:1:0::/64\n')
|
|
|
|
networkctl_reload()
|
|
self.wait_online('veth99:routable')
|
|
|
|
output = check_output('ip -6 address show dev veth99')
|
|
print(output)
|
|
self.assertIn('2002:da8:1:0:b47e:7975:fc7a:7d6e/64', output) # the 1st prefixstable
|
|
self.assertNotIn('2002:da8:2:0:1034:56ff:fe78:9abc/64', output) # EUI64
|
|
|
|
check_output('ip address del 2002:da8:1:0:b47e:7975:fc7a:7d6e/64 dev veth99')
|
|
check_output('ip address add 2002:da8:1:0:b47e:7975:fc7a:7d6e/64 dev veth-peer nodad')
|
|
|
|
networkctl_reconfigure('veth99')
|
|
self.wait_online('veth99:routable')
|
|
self.wait_address('veth99', '2002:da8:1:0:da5d:e50a:43fd:5d0f/64', ipv='-6', timeout_sec=10) # the 2nd prefixstable
|
|
self.wait_address_dropped('veth99', '2002:da8:1:0:b47e:7975:fc7a:7d6e/64', ipv='-6', timeout_sec=10) # the 1st prefixstable
|
|
|
|
check_output('ip address del 2002:da8:1:0:da5d:e50a:43fd:5d0f/64 dev veth99')
|
|
check_output('ip address add 2002:da8:1:0:da5d:e50a:43fd:5d0f/64 dev veth-peer nodad')
|
|
|
|
networkctl_reconfigure('veth99')
|
|
self.wait_online('veth99:routable')
|
|
self.wait_address('veth99', '2002:da8:1:0:c7e4:77ec:eb31:1b0d/64', ipv='-6', timeout_sec=10) # the 3rd prefixstable
|
|
self.wait_address_dropped('veth99', '2002:da8:1:0:da5d:e50a:43fd:5d0f/64', ipv='-6', timeout_sec=10) # the 2nd prefixstable
|
|
self.wait_address_dropped('veth99', '2002:da8:1:0:b47e:7975:fc7a:7d6e/64', ipv='-6', timeout_sec=10) # the 1st prefixstable
|
|
|
|
def test_ipv6_token_prefixstable_without_address(self):
|
|
copy_network_unit('25-veth.netdev', '25-ipv6-prefix.network', '25-ipv6-prefix-veth-token-prefixstable-without-address.network')
|
|
start_networkd()
|
|
self.wait_online('veth99:routable', 'veth-peer:degraded')
|
|
|
|
output = networkctl_status('veth99')
|
|
print(output)
|
|
self.assertIn('2002:da8:1:0:b47e:7975:fc7a:7d6e', output)
|
|
self.assertIn('2002:da8:2:0:f689:561a:8eda:7443', output)
|
|
|
|
def test_router_hop_limit(self):
|
|
copy_network_unit('25-veth-client.netdev',
|
|
'25-veth-router.netdev',
|
|
'26-bridge.netdev',
|
|
'25-veth-bridge.network',
|
|
'25-veth-client.network',
|
|
'25-veth-router-hop-limit.network',
|
|
'25-bridge99.network')
|
|
start_networkd()
|
|
self.wait_online('client:routable', 'client-p:enslaved',
|
|
'router:degraded', 'router-p:enslaved',
|
|
'bridge99:routable')
|
|
|
|
self.check_ipv6_sysctl_attr('client', 'hop_limit', '42')
|
|
|
|
with open(os.path.join(network_unit_dir, '25-veth-router-hop-limit.network'), mode='a', encoding='utf-8') as f:
|
|
f.write('\n[IPv6SendRA]\nHopLimit=43\n')
|
|
|
|
networkctl_reload()
|
|
|
|
for _ in range(20):
|
|
output = read_ipv6_sysctl_attr('client', 'hop_limit')
|
|
if output == '43':
|
|
break
|
|
time.sleep(0.5)
|
|
|
|
self.check_ipv6_sysctl_attr('client', 'hop_limit', '43')
|
|
|
|
def test_router_preference(self):
|
|
copy_network_unit('25-veth-client.netdev',
|
|
'25-veth-router-high.netdev',
|
|
'25-veth-router-low.netdev',
|
|
'26-bridge.netdev',
|
|
'25-veth-bridge.network',
|
|
'25-veth-client.network',
|
|
'25-veth-router-high.network',
|
|
'25-veth-router-low.network',
|
|
'25-bridge99.network')
|
|
start_networkd()
|
|
self.wait_online('client-p:enslaved',
|
|
'router-high:degraded', 'router-high-p:enslaved',
|
|
'router-low:degraded', 'router-low-p:enslaved',
|
|
'bridge99:routable')
|
|
|
|
networkctl_reconfigure('client')
|
|
self.wait_online('client:routable')
|
|
|
|
self.wait_address('client', '2002:da8:1:99:1034:56ff:fe78:9a00/64', ipv='-6', timeout_sec=10)
|
|
self.wait_address('client', '2002:da8:1:98:1034:56ff:fe78:9a00/64', ipv='-6', timeout_sec=10)
|
|
self.wait_route('client', 'default via fe80::1034:56ff:fe78:9a99 proto ra metric 512', ipv='-6', timeout_sec=10)
|
|
self.wait_route('client', 'default via fe80::1034:56ff:fe78:9a98 proto ra metric 2048', ipv='-6', timeout_sec=10)
|
|
|
|
output = check_output('ip -6 route show dev client default via fe80::1034:56ff:fe78:9a99')
|
|
print(output)
|
|
self.assertIn('metric 512', output)
|
|
self.assertIn('pref high', output)
|
|
output = check_output('ip -6 route show dev client default via fe80::1034:56ff:fe78:9a98')
|
|
print(output)
|
|
self.assertIn('metric 2048', output)
|
|
self.assertIn('pref low', output)
|
|
|
|
with open(os.path.join(network_unit_dir, '25-veth-client.network'), mode='a', encoding='utf-8') as f:
|
|
f.write('\n[Link]\nMACAddress=12:34:56:78:9a:01\n[IPv6AcceptRA]\nRouteMetric=100:200:300\n')
|
|
|
|
networkctl_reload()
|
|
self.wait_online('client:routable')
|
|
|
|
self.wait_address('client', '2002:da8:1:99:1034:56ff:fe78:9a01/64', ipv='-6', timeout_sec=10)
|
|
self.wait_address('client', '2002:da8:1:98:1034:56ff:fe78:9a01/64', ipv='-6', timeout_sec=10)
|
|
self.wait_route('client', 'default via fe80::1034:56ff:fe78:9a99 proto ra metric 100', ipv='-6', timeout_sec=10)
|
|
self.wait_route('client', 'default via fe80::1034:56ff:fe78:9a98 proto ra metric 300', ipv='-6', timeout_sec=10)
|
|
|
|
output = check_output('ip -6 route show dev client default via fe80::1034:56ff:fe78:9a99')
|
|
print(output)
|
|
self.assertIn('metric 100', output)
|
|
self.assertNotIn('metric 512', output)
|
|
self.assertIn('pref high', output)
|
|
output = check_output('ip -6 route show dev client default via fe80::1034:56ff:fe78:9a98')
|
|
print(output)
|
|
self.assertIn('metric 300', output)
|
|
self.assertNotIn('metric 2048', output)
|
|
self.assertIn('pref low', output)
|
|
|
|
# swap the preference (for issue #28439)
|
|
remove_network_unit('25-veth-router-high.network', '25-veth-router-low.network')
|
|
copy_network_unit('25-veth-router-high2.network', '25-veth-router-low2.network')
|
|
networkctl_reload()
|
|
self.wait_route('client', 'default via fe80::1034:56ff:fe78:9a99 proto ra metric 300', ipv='-6', timeout_sec=10)
|
|
self.wait_route('client', 'default via fe80::1034:56ff:fe78:9a98 proto ra metric 100', ipv='-6', timeout_sec=10)
|
|
|
|
output = check_output('ip -6 route show dev client default via fe80::1034:56ff:fe78:9a99')
|
|
print(output)
|
|
self.assertIn('metric 300', output)
|
|
self.assertNotIn('metric 100', output)
|
|
self.assertIn('pref low', output)
|
|
self.assertNotIn('pref high', output)
|
|
output = check_output('ip -6 route show dev client default via fe80::1034:56ff:fe78:9a98')
|
|
print(output)
|
|
self.assertIn('metric 100', output)
|
|
self.assertNotIn('metric 300', output)
|
|
self.assertIn('pref high', output)
|
|
self.assertNotIn('pref low', output)
|
|
|
|
def test_ndisc_vs_static_route(self):
|
|
copy_network_unit('25-veth.netdev', '25-ipv6-prefix.network', '25-ipv6-prefix-veth-static-route.network')
|
|
start_networkd()
|
|
self.wait_online('veth99:routable', 'veth-peer:degraded')
|
|
|
|
output = check_output('ip -6 route show dev veth99 table all')
|
|
print(output)
|
|
|
|
# If a conflicting static route is already configured, do not override the static route.
|
|
output = check_output('ip -6 route show dev veth99 default via fe80::1034:56ff:fe78:9abd')
|
|
print(output)
|
|
self.assertIn('default proto static metric 256 pref medium', output)
|
|
self.assertNotIn('proto ra', output)
|
|
|
|
if not os.path.exists(test_ndisc_send):
|
|
self.skipTest(f"{test_ndisc_send} does not exist.")
|
|
|
|
# Also check if the static route is protected from RA with zero lifetime
|
|
check_output(f'{test_ndisc_send} --interface veth-peer --type router-advertisement --lifetime 0')
|
|
time.sleep(2)
|
|
output = check_output('ip -6 route show dev veth99 default via fe80::1034:56ff:fe78:9abd')
|
|
print(output)
|
|
self.assertIn('default proto static metric 256 pref medium', output)
|
|
|
|
# radvd supports captive portal since v2.20.
|
|
# https://github.com/radvd-project/radvd/commit/791179a7f730decbddb2290ef0e34aa85d71b1bc
|
|
@unittest.skipUnless(radvd_check_config('captive-portal.conf'), "Installed radvd doesn't support captive portals")
|
|
def test_captive_portal(self):
|
|
copy_network_unit('25-veth-client.netdev',
|
|
'25-veth-router-captive.netdev',
|
|
'26-bridge.netdev',
|
|
'25-veth-client-captive.network',
|
|
'25-veth-router-captive.network',
|
|
'25-veth-bridge-captive.network',
|
|
'25-bridge99.network')
|
|
start_networkd()
|
|
self.wait_online('bridge99:routable', 'client-p:enslaved',
|
|
'router-captive:degraded', 'router-captivep:enslaved')
|
|
|
|
start_radvd(config_file='captive-portal.conf')
|
|
networkctl_reconfigure('client')
|
|
self.wait_online('client:routable')
|
|
|
|
self.wait_address('client', '2002:da8:1:99:1034:56ff:fe78:9a00/64', ipv='-6', timeout_sec=10)
|
|
output = networkctl_status('client')
|
|
print(output)
|
|
self.assertIn('Captive Portal: http://systemd.io', output)
|
|
|
|
@unittest.skipUnless(radvd_check_config('captive-portal.conf'), "Installed radvd doesn't support captive portals")
|
|
def test_invalid_captive_portal(self):
|
|
def radvd_write_config(captive_portal_uri):
|
|
with open(os.path.join(networkd_ci_temp_dir, 'radvd/bogus-captive-portal.conf'), mode='w', encoding='utf-8') as f:
|
|
f.write(f'interface router-captive {{ AdvSendAdvert on; AdvCaptivePortalAPI "{captive_portal_uri}"; prefix 2002:da8:1:99::/64 {{ AdvOnLink on; AdvAutonomous on; }}; }};')
|
|
|
|
captive_portal_uris = [
|
|
"42ěščěškd ěšč ě s",
|
|
" ",
|
|
"🤔",
|
|
]
|
|
|
|
copy_network_unit('25-veth-client.netdev',
|
|
'25-veth-router-captive.netdev',
|
|
'26-bridge.netdev',
|
|
'25-veth-client-captive.network',
|
|
'25-veth-router-captive.network',
|
|
'25-veth-bridge-captive.network',
|
|
'25-bridge99.network')
|
|
start_networkd()
|
|
self.wait_online('bridge99:routable', 'client-p:enslaved',
|
|
'router-captive:degraded', 'router-captivep:enslaved')
|
|
|
|
for uri in captive_portal_uris:
|
|
print(f"Captive portal: {uri}")
|
|
radvd_write_config(uri)
|
|
stop_radvd()
|
|
start_radvd(config_file='bogus-captive-portal.conf')
|
|
networkctl_reconfigure('client')
|
|
self.wait_online('client:routable')
|
|
|
|
self.wait_address('client', '2002:da8:1:99:1034:56ff:fe78:9a00/64', ipv='-6', timeout_sec=10)
|
|
output = networkctl_status('client')
|
|
print(output)
|
|
self.assertNotIn('Captive Portal:', output)
|
|
|
|
class NetworkdDHCPServerTests(unittest.TestCase, Utilities):
|
|
|
|
def setUp(self):
|
|
setup_common()
|
|
|
|
def tearDown(self):
|
|
tear_down_common()
|
|
|
|
def check_dhcp_server(self, persist_leases=True):
|
|
output = networkctl_status('veth99')
|
|
print(output)
|
|
self.assertRegex(output, r'Address: 192.168.5.[0-9]* \(DHCPv4 via 192.168.5.1\)')
|
|
self.assertIn('Gateway: 192.168.5.3', output)
|
|
self.assertRegex(output, 'DNS: 192.168.5.1\n *192.168.5.10')
|
|
self.assertRegex(output, 'NTP: 192.168.5.1\n *192.168.5.11')
|
|
|
|
output = networkctl_status('veth-peer')
|
|
print(output)
|
|
self.assertRegex(output, "Offered DHCP leases: 192.168.5.[0-9]*")
|
|
|
|
if persist_leases:
|
|
with open('/var/lib/systemd/network/dhcp-server-lease/veth-peer', encoding='utf-8') as f:
|
|
check_json(f.read())
|
|
else:
|
|
self.assertFalse(os.path.exists('/var/lib/systemd/network/dhcp-server-lease/veth-peer'))
|
|
|
|
def test_dhcp_server(self):
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-client.network', '25-dhcp-server.network')
|
|
start_networkd()
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
|
|
self.check_dhcp_server()
|
|
|
|
networkctl_reconfigure('veth-peer')
|
|
self.wait_online('veth-peer:routable')
|
|
|
|
for _ in range(10):
|
|
output = check_output(*networkctl_cmd, '-n', '0', 'status', 'veth-peer', env=env)
|
|
if 'Offered DHCP leases: 192.168.5.' in output:
|
|
break
|
|
time.sleep(.2)
|
|
else:
|
|
self.fail()
|
|
|
|
def test_dhcp_server_persist_leases_no(self):
|
|
copy_networkd_conf_dropin('persist-leases-no.conf')
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-client.network', '25-dhcp-server.network')
|
|
start_networkd()
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
|
|
self.check_dhcp_server(persist_leases=False)
|
|
|
|
remove_networkd_conf_dropin('persist-leases-no.conf')
|
|
with open(os.path.join(network_unit_dir, '25-dhcp-server.network'), mode='a', encoding='utf-8') as f:
|
|
f.write('[DHCPServer]\nPersistLeases=no')
|
|
restart_networkd()
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
|
|
self.check_dhcp_server(persist_leases=False)
|
|
|
|
def test_dhcp_server_null_server_address(self):
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-client.network', '25-dhcp-server-null-server-address.network')
|
|
start_networkd()
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
|
|
output = check_output('ip --json address show dev veth-peer')
|
|
server_address = json.loads(output)[0]['addr_info'][0]['local']
|
|
print(server_address)
|
|
|
|
output = check_output('ip --json address show dev veth99')
|
|
client_address = json.loads(output)[0]['addr_info'][0]['local']
|
|
print(client_address)
|
|
|
|
output = networkctl_status('veth99')
|
|
print(output)
|
|
self.assertRegex(output, rf'Address: {client_address} \(DHCPv4 via {server_address}\)')
|
|
self.assertIn(f'Gateway: {server_address}', output)
|
|
self.assertIn(f'DNS: {server_address}', output)
|
|
self.assertIn(f'NTP: {server_address}', output)
|
|
|
|
output = networkctl_status('veth-peer')
|
|
self.assertIn(f'Offered DHCP leases: {client_address}', output)
|
|
|
|
# Check if the same addresses are used even if the service is restarted.
|
|
restart_networkd()
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
|
|
output = check_output('ip -4 address show dev veth-peer')
|
|
print(output)
|
|
self.assertIn(f'{server_address}', output)
|
|
|
|
output = check_output('ip -4 address show dev veth99')
|
|
print(output)
|
|
self.assertIn(f'{client_address}', output)
|
|
|
|
output = networkctl_status('veth99')
|
|
print(output)
|
|
self.assertRegex(output, rf'Address: {client_address} \(DHCPv4 via {server_address}\)')
|
|
self.assertIn(f'Gateway: {server_address}', output)
|
|
self.assertIn(f'DNS: {server_address}', output)
|
|
self.assertIn(f'NTP: {server_address}', output)
|
|
|
|
output = networkctl_status('veth-peer')
|
|
self.assertIn(f'Offered DHCP leases: {client_address}', output)
|
|
|
|
def test_dhcp_server_with_uplink(self):
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-client.network', '25-dhcp-server-downstream.network',
|
|
'12-dummy.netdev', '25-dhcp-server-uplink.network')
|
|
start_networkd()
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
|
|
output = networkctl_status('veth99')
|
|
print(output)
|
|
self.assertRegex(output, r'Address: 192.168.5.[0-9]* \(DHCPv4 via 192.168.5.1\)')
|
|
self.assertIn('Gateway: 192.168.5.3', output)
|
|
self.assertIn('DNS: 192.168.5.1', output)
|
|
self.assertIn('NTP: 192.168.5.1', output)
|
|
|
|
def test_emit_router_timezone(self):
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-client-timezone-router.network', '25-dhcp-server-timezone-router.network')
|
|
start_networkd()
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
|
|
output = networkctl_status('veth99')
|
|
print(output)
|
|
self.assertRegex(output, r'Address: 192.168.5.[0-9]* \(DHCPv4 via 192.168.5.1\)')
|
|
self.assertIn('Gateway: 192.168.5.1', output)
|
|
self.assertIn('Time Zone: Europe/Berlin', output)
|
|
|
|
def test_dhcp_server_static_lease(self):
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-client-static-lease.network', '25-dhcp-server-static-lease.network')
|
|
start_networkd()
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
|
|
output = networkctl_status('veth99')
|
|
print(output)
|
|
self.assertIn('Address: 10.1.1.200 (DHCPv4 via 10.1.1.1)', output)
|
|
self.assertIn('DHCPv4 Client ID: 12:34:56:78:9a:bc', output)
|
|
|
|
def test_dhcp_server_static_lease_default_client_id(self):
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-client.network', '25-dhcp-server-static-lease.network')
|
|
start_networkd()
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
|
|
output = networkctl_status('veth99')
|
|
print(output)
|
|
self.assertIn('Address: 10.1.1.200 (DHCPv4 via 10.1.1.1)', output)
|
|
self.assertRegex(output, 'DHCPv4 Client ID: IAID:[0-9a-z]*/DUID')
|
|
|
|
class NetworkdDHCPServerRelayAgentTests(unittest.TestCase, Utilities):
|
|
|
|
def setUp(self):
|
|
setup_common()
|
|
|
|
def tearDown(self):
|
|
tear_down_common()
|
|
|
|
def test_relay_agent(self):
|
|
copy_network_unit('25-agent-veth-client.netdev',
|
|
'25-agent-veth-server.netdev',
|
|
'25-agent-client.network',
|
|
'25-agent-server.network',
|
|
'25-agent-client-peer.network',
|
|
'25-agent-server-peer.network')
|
|
start_networkd()
|
|
|
|
self.wait_online('client:routable')
|
|
|
|
output = networkctl_status('client')
|
|
print(output)
|
|
self.assertRegex(output, r'Address: 192.168.5.150 \(DHCPv4 via 192.168.5.1\)')
|
|
|
|
def test_relay_agent_on_bridge(self):
|
|
copy_network_unit('25-agent-bridge.netdev',
|
|
'25-agent-veth-client.netdev',
|
|
'25-agent-bridge.network',
|
|
'25-agent-bridge-port.network',
|
|
'25-agent-client.network')
|
|
start_networkd()
|
|
self.wait_online('bridge-relay:routable', 'client-peer:enslaved')
|
|
|
|
# For issue #30763.
|
|
self.check_networkd_log('bridge-relay: DHCPv4 server: STARTED')
|
|
|
|
class NetworkdDHCPClientTests(unittest.TestCase, Utilities):
|
|
|
|
def setUp(self):
|
|
setup_common()
|
|
|
|
def tearDown(self):
|
|
tear_down_common()
|
|
|
|
def test_dhcp_client_ipv6_only(self):
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-ipv6-only.network')
|
|
|
|
start_networkd()
|
|
self.wait_online('veth-peer:carrier')
|
|
|
|
# information request mode
|
|
# The name ipv6-only option may not be supported by older dnsmasq
|
|
# start_dnsmasq('--dhcp-option=option:ipv6-only,300')
|
|
start_dnsmasq('--dhcp-option=108,00:00:02:00',
|
|
'--dhcp-option=option6:dns-server,[2600::ee]',
|
|
'--dhcp-option=option6:ntp-server,[2600::ff]',
|
|
ra_mode='ra-stateless')
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
|
|
# DHCPv6 REPLY for INFORMATION-REQUEST may be received after the link entered configured state.
|
|
# Let's wait for the expected DNS server being listed in the state file.
|
|
for _ in range(100):
|
|
output = read_link_state_file('veth99')
|
|
if 'DNS=2600::ee' in output:
|
|
break
|
|
time.sleep(.2)
|
|
|
|
# Check link state file
|
|
print('## link state file')
|
|
output = read_link_state_file('veth99')
|
|
print(output)
|
|
self.assertIn('DNS=2600::ee', output)
|
|
self.assertIn('NTP=2600::ff', output)
|
|
|
|
# Check manager state file
|
|
print('## manager state file')
|
|
output = read_manager_state_file()
|
|
print(output)
|
|
self.assertRegex(output, 'DNS=.*2600::ee')
|
|
self.assertRegex(output, 'NTP=.*2600::ff')
|
|
|
|
print('## dnsmasq log')
|
|
output = read_dnsmasq_log_file()
|
|
print(output)
|
|
self.assertIn('DHCPINFORMATION-REQUEST(veth-peer)', output)
|
|
self.assertNotIn('DHCPSOLICIT(veth-peer)', output)
|
|
self.assertNotIn('DHCPADVERTISE(veth-peer)', output)
|
|
self.assertNotIn('DHCPREQUEST(veth-peer)', output)
|
|
self.assertNotIn('DHCPREPLY(veth-peer)', output)
|
|
|
|
# Check json format
|
|
check_json(networkctl_json('veth99'))
|
|
|
|
# solicit mode
|
|
stop_dnsmasq()
|
|
start_dnsmasq('--dhcp-option=108,00:00:02:00',
|
|
'--dhcp-option=option6:dns-server,[2600::ee]',
|
|
'--dhcp-option=option6:ntp-server,[2600::ff]')
|
|
networkctl_reconfigure('veth99')
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
|
|
# checking address
|
|
output = check_output('ip address show dev veth99 scope global')
|
|
print(output)
|
|
self.assertRegex(output, r'inet6 2600::[0-9a-f:]*/128 scope global dynamic noprefixroute')
|
|
self.assertNotIn('192.168.5', output)
|
|
|
|
# checking semi-static route
|
|
output = check_output('ip -6 route list dev veth99 2001:1234:5:9fff:ff:ff:ff:ff')
|
|
print(output)
|
|
self.assertRegex(output, 'via fe80::1034:56ff:fe78:9abd')
|
|
|
|
# Confirm that ipv6 token is not set in the kernel
|
|
output = check_output('ip token show dev veth99')
|
|
print(output)
|
|
self.assertRegex(output, 'token :: dev veth99')
|
|
|
|
# Make manager and link state file updated
|
|
resolvectl('revert', 'veth99')
|
|
|
|
# Check link state file
|
|
print('## link state file')
|
|
output = read_link_state_file('veth99')
|
|
print(output)
|
|
self.assertIn('DNS=2600::ee', output)
|
|
self.assertIn('NTP=2600::ff', output)
|
|
|
|
# Check manager state file
|
|
print('## manager state file')
|
|
output = read_manager_state_file()
|
|
print(output)
|
|
self.assertRegex(output, 'DNS=.*2600::ee')
|
|
self.assertRegex(output, 'NTP=.*2600::ff')
|
|
|
|
print('## dnsmasq log')
|
|
output = read_dnsmasq_log_file()
|
|
print(output)
|
|
self.assertNotIn('DHCPINFORMATION-REQUEST(veth-peer)', output)
|
|
self.assertIn('DHCPSOLICIT(veth-peer)', output)
|
|
self.assertNotIn('DHCPADVERTISE(veth-peer)', output)
|
|
self.assertNotIn('DHCPREQUEST(veth-peer)', output)
|
|
self.assertIn('DHCPREPLY(veth-peer)', output)
|
|
self.assertIn('sent size: 0 option: 14 rapid-commit', output)
|
|
|
|
# Check json format
|
|
check_json(networkctl_json('veth99'))
|
|
|
|
# Testing without rapid commit support
|
|
with open(os.path.join(network_unit_dir, '25-dhcp-client-ipv6-only.network'), mode='a', encoding='utf-8') as f:
|
|
f.write('\n[DHCPv6]\nRapidCommit=no\n')
|
|
|
|
stop_dnsmasq()
|
|
start_dnsmasq('--dhcp-option=108,00:00:02:00',
|
|
'--dhcp-option=option6:dns-server,[2600::ee]',
|
|
'--dhcp-option=option6:ntp-server,[2600::ff]')
|
|
|
|
networkctl_reload()
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
|
|
# checking address
|
|
output = check_output('ip address show dev veth99 scope global')
|
|
print(output)
|
|
self.assertRegex(output, r'inet6 2600::[0-9a-f:]*/128 scope global dynamic noprefixroute')
|
|
self.assertNotIn('192.168.5', output)
|
|
|
|
# checking semi-static route
|
|
output = check_output('ip -6 route list dev veth99 2001:1234:5:9fff:ff:ff:ff:ff')
|
|
print(output)
|
|
self.assertRegex(output, 'via fe80::1034:56ff:fe78:9abd')
|
|
|
|
# Make manager and link state file updated
|
|
resolvectl('revert', 'veth99')
|
|
|
|
# Check link state file
|
|
print('## link state file')
|
|
output = read_link_state_file('veth99')
|
|
print(output)
|
|
self.assertIn('DNS=2600::ee', output)
|
|
self.assertIn('NTP=2600::ff', output)
|
|
|
|
# Check manager state file
|
|
print('## manager state file')
|
|
output = read_manager_state_file()
|
|
print(output)
|
|
self.assertRegex(output, 'DNS=.*2600::ee')
|
|
self.assertRegex(output, 'NTP=.*2600::ff')
|
|
|
|
print('## dnsmasq log')
|
|
output = read_dnsmasq_log_file()
|
|
print(output)
|
|
self.assertNotIn('DHCPINFORMATION-REQUEST(veth-peer)', output)
|
|
self.assertIn('DHCPSOLICIT(veth-peer)', output)
|
|
self.assertIn('DHCPADVERTISE(veth-peer)', output)
|
|
self.assertIn('DHCPREQUEST(veth-peer)', output)
|
|
self.assertIn('DHCPREPLY(veth-peer)', output)
|
|
self.assertNotIn('rapid-commit', output)
|
|
|
|
# Check json format
|
|
check_json(networkctl_json('veth99'))
|
|
|
|
def test_dhcp_client_ipv6_dbus_status(self):
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-ipv6-only.network')
|
|
start_networkd()
|
|
self.wait_online('veth-peer:carrier')
|
|
|
|
# Note that at this point the DHCPv6 client has not been started because no RA (with managed
|
|
# bit set) has yet been received and the configuration does not include WithoutRA=true
|
|
state = get_dhcp6_client_state('veth99')
|
|
print(f"DHCPv6 client state = {state}")
|
|
self.assertEqual(state, 'stopped')
|
|
|
|
state = get_dhcp4_client_state('veth99')
|
|
print(f"DHCPv4 client state = {state}")
|
|
self.assertEqual(state, 'selecting')
|
|
|
|
start_dnsmasq('--dhcp-option=108,00:00:02:00')
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
|
|
state = get_dhcp6_client_state('veth99')
|
|
print(f"DHCPv6 client state = {state}")
|
|
self.assertEqual(state, 'bound')
|
|
|
|
# DHCPv4 client will stop after an DHCPOFFER message received, so we need to wait for a while.
|
|
for _ in range(100):
|
|
state = get_dhcp4_client_state('veth99')
|
|
if state == 'stopped':
|
|
break
|
|
time.sleep(.2)
|
|
|
|
print(f"DHCPv4 client state = {state}")
|
|
self.assertEqual(state, 'stopped')
|
|
|
|
# restart dnsmasq to clear log
|
|
stop_dnsmasq()
|
|
start_dnsmasq('--dhcp-option=108,00:00:02:00')
|
|
|
|
# Test renew command
|
|
# See https://github.com/systemd/systemd/pull/29472#issuecomment-1759092138
|
|
networkctl('renew', 'veth99')
|
|
|
|
for _ in range(100):
|
|
state = get_dhcp4_client_state('veth99')
|
|
if state == 'stopped':
|
|
break
|
|
time.sleep(.2)
|
|
|
|
print(f"DHCPv4 client state = {state}")
|
|
self.assertEqual(state, 'stopped')
|
|
|
|
print('## dnsmasq log')
|
|
output = read_dnsmasq_log_file()
|
|
print(output)
|
|
self.assertIn('DHCPDISCOVER(veth-peer) 12:34:56:78:9a:bc', output)
|
|
self.assertIn('DHCPOFFER(veth-peer)', output)
|
|
self.assertNotIn('DHCPREQUEST(veth-peer)', output)
|
|
self.assertNotIn('DHCPACK(veth-peer)', output)
|
|
|
|
def test_dhcp_client_ipv6_only_with_custom_client_identifier(self):
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-ipv6-only-custom-client-identifier.network')
|
|
|
|
start_networkd()
|
|
self.wait_online('veth-peer:carrier')
|
|
start_dnsmasq()
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
|
|
# checking address
|
|
output = check_output('ip address show dev veth99 scope global')
|
|
print(output)
|
|
self.assertRegex(output, r'inet6 2600::[0-9a-f:]*/128 scope global dynamic noprefixroute')
|
|
self.assertNotIn('192.168.5', output)
|
|
|
|
print('## dnsmasq log')
|
|
output = read_dnsmasq_log_file()
|
|
print(output)
|
|
self.assertIn('DHCPSOLICIT(veth-peer) 00:42:00:00:ab:11:f9:2a:c2:77:29:f9:5c:00', output)
|
|
self.assertNotIn('DHCPADVERTISE(veth-peer)', output)
|
|
self.assertNotIn('DHCPREQUEST(veth-peer)', output)
|
|
self.assertIn('DHCPREPLY(veth-peer)', output)
|
|
self.assertIn('sent size: 0 option: 14 rapid-commit', output)
|
|
|
|
@expectedFailureIfKernelReturnsInvalidFlags()
|
|
def test_dhcp_client_ipv4_only(self):
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-ipv4-only.network')
|
|
|
|
self.setup_nftset('addr4', 'ipv4_addr')
|
|
self.setup_nftset('network4', 'ipv4_addr', 'flags interval;')
|
|
self.setup_nftset('ifindex', 'iface_index')
|
|
|
|
start_networkd()
|
|
self.wait_online('veth-peer:carrier')
|
|
start_dnsmasq('--dhcp-option=option:dns-server,192.168.5.6,192.168.5.7',
|
|
'--dhcp-option=option:sip-server,192.168.5.21,192.168.5.22',
|
|
'--dhcp-option=option:domain-search,example.com',
|
|
'--dhcp-alternate-port=67,5555',
|
|
ipv4_range='192.168.5.110,192.168.5.119')
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
self.wait_address('veth99', r'inet 192.168.5.11[0-9]*/24', ipv='-4')
|
|
|
|
print('## ip address show dev veth99 scope global')
|
|
output = check_output('ip address show dev veth99 scope global')
|
|
print(output)
|
|
self.assertIn('mtu 1492', output)
|
|
self.assertIn('inet 192.168.5.250/24 brd 192.168.5.255 scope global veth99', output)
|
|
self.assertRegex(output, r'inet 192.168.5.11[0-9]/24 metric 24 brd 192.168.5.255 scope global secondary dynamic noprefixroute test-label')
|
|
self.assertNotIn('2600::', output)
|
|
|
|
output = check_output('ip -4 --json address show dev veth99')
|
|
for i in json.loads(output)[0]['addr_info']:
|
|
if i['label'] == 'test-label':
|
|
address1 = i['local']
|
|
break
|
|
else:
|
|
self.assertFalse(True)
|
|
|
|
self.assertRegex(address1, r'^192.168.5.11[0-9]$')
|
|
|
|
print('## ip route show table main dev veth99')
|
|
output = check_output('ip route show table main dev veth99')
|
|
print(output)
|
|
# no DHCP routes assigned to the main table
|
|
self.assertNotIn('proto dhcp', output)
|
|
# static routes
|
|
self.assertIn('192.168.5.0/24 proto kernel scope link src 192.168.5.250', output)
|
|
self.assertIn('192.168.5.0/24 proto static scope link', output)
|
|
self.assertIn('192.168.6.0/24 proto static scope link', output)
|
|
self.assertIn('192.168.7.0/24 proto static scope link', output)
|
|
|
|
print('## ip route show table 211 dev veth99')
|
|
output = check_output('ip route show table 211 dev veth99')
|
|
print(output)
|
|
self.assertRegex(output, f'default via 192.168.5.1 proto dhcp src {address1} metric 24')
|
|
self.assertRegex(output, f'192.168.5.0/24 proto dhcp scope link src {address1} metric 24')
|
|
self.assertRegex(output, f'192.168.5.1 proto dhcp scope link src {address1} metric 24')
|
|
self.assertRegex(output, f'192.168.5.6 proto dhcp scope link src {address1} metric 24')
|
|
self.assertRegex(output, f'192.168.5.7 proto dhcp scope link src {address1} metric 24')
|
|
self.assertIn('10.0.0.0/8 via 192.168.5.1 proto dhcp', output)
|
|
|
|
print('## link state file')
|
|
output = read_link_state_file('veth99')
|
|
print(output)
|
|
# checking DNS server, SIP server, and Domains
|
|
self.assertIn('DNS=192.168.5.6 192.168.5.7', output)
|
|
self.assertIn('SIP=192.168.5.21 192.168.5.22', output)
|
|
self.assertIn('DOMAINS=example.com', output)
|
|
|
|
print('## json')
|
|
j = json.loads(networkctl_json('veth99'))
|
|
|
|
self.assertEqual(len(j['DNS']), 2)
|
|
for i in j['DNS']:
|
|
print(i)
|
|
self.assertEqual(i['Family'], 2)
|
|
a = socket.inet_ntop(socket.AF_INET, bytearray(i['Address']))
|
|
self.assertRegex(a, '^192.168.5.[67]$')
|
|
self.assertEqual(i['ConfigSource'], 'DHCPv4')
|
|
a = socket.inet_ntop(socket.AF_INET, bytearray(i['ConfigProvider']))
|
|
self.assertEqual('192.168.5.1', a)
|
|
|
|
self.assertEqual(len(j['SIP']), 2)
|
|
for i in j['SIP']:
|
|
print(i)
|
|
self.assertEqual(i['Family'], 2)
|
|
a = socket.inet_ntop(socket.AF_INET, bytearray(i['Address']))
|
|
self.assertRegex(a, '^192.168.5.2[12]$')
|
|
self.assertEqual(i['ConfigSource'], 'DHCPv4')
|
|
a = socket.inet_ntop(socket.AF_INET, bytearray(i['ConfigProvider']))
|
|
self.assertEqual('192.168.5.1', a)
|
|
|
|
print('## dnsmasq log')
|
|
output = read_dnsmasq_log_file()
|
|
print(output)
|
|
self.assertIn('vendor class: FooBarVendorTest', output)
|
|
self.assertIn('DHCPDISCOVER(veth-peer) 192.168.5.110 12:34:56:78:9a:bc', output)
|
|
self.assertIn('client provides name: test-hostname', output)
|
|
self.assertIn('26:mtu', output)
|
|
|
|
# change address range, DNS servers, and Domains
|
|
stop_dnsmasq()
|
|
start_dnsmasq('--dhcp-option=option:dns-server,192.168.5.1,192.168.5.7,192.168.5.8',
|
|
'--dhcp-option=option:sip-server,192.168.5.23,192.168.5.24',
|
|
'--dhcp-option=option:domain-search,foo.example.com',
|
|
'--dhcp-alternate-port=67,5555',
|
|
ipv4_range='192.168.5.120,192.168.5.129',)
|
|
|
|
# Sleep for 120 sec as the dnsmasq minimum lease time can only be set to 120
|
|
print('Wait for the DHCP lease to be expired')
|
|
self.wait_address_dropped('veth99', f'inet {address1}/24', ipv='-4', timeout_sec=120)
|
|
self.wait_address('veth99', r'inet 192.168.5.12[0-9]*/24', ipv='-4')
|
|
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
|
|
print('## ip address show dev veth99 scope global')
|
|
output = check_output('ip address show dev veth99 scope global')
|
|
print(output)
|
|
self.assertIn('mtu 1492', output)
|
|
self.assertIn('inet 192.168.5.250/24 brd 192.168.5.255 scope global veth99', output)
|
|
self.assertNotIn(f'{address1}', output)
|
|
self.assertRegex(output, r'inet 192.168.5.12[0-9]/24 metric 24 brd 192.168.5.255 scope global secondary dynamic noprefixroute test-label')
|
|
self.assertNotIn('2600::', output)
|
|
|
|
output = check_output('ip -4 --json address show dev veth99')
|
|
for i in json.loads(output)[0]['addr_info']:
|
|
if i['label'] == 'test-label':
|
|
address2 = i['local']
|
|
break
|
|
else:
|
|
self.assertFalse(True)
|
|
|
|
self.assertRegex(address2, r'^192.168.5.12[0-9]$')
|
|
|
|
print('## ip route show table main dev veth99')
|
|
output = check_output('ip route show table main dev veth99')
|
|
print(output)
|
|
# no DHCP routes assigned to the main table
|
|
self.assertNotIn('proto dhcp', output)
|
|
# static routes
|
|
self.assertIn('192.168.5.0/24 proto kernel scope link src 192.168.5.250', output)
|
|
self.assertIn('192.168.5.0/24 proto static scope link', output)
|
|
self.assertIn('192.168.6.0/24 proto static scope link', output)
|
|
self.assertIn('192.168.7.0/24 proto static scope link', output)
|
|
|
|
print('## ip route show table 211 dev veth99')
|
|
output = check_output('ip route show table 211 dev veth99')
|
|
print(output)
|
|
self.assertRegex(output, f'default via 192.168.5.1 proto dhcp src {address2} metric 24')
|
|
self.assertRegex(output, f'192.168.5.0/24 proto dhcp scope link src {address2} metric 24')
|
|
self.assertRegex(output, f'192.168.5.1 proto dhcp scope link src {address2} metric 24')
|
|
self.assertNotIn('192.168.5.6', output)
|
|
self.assertRegex(output, f'192.168.5.7 proto dhcp scope link src {address2} metric 24')
|
|
self.assertRegex(output, f'192.168.5.8 proto dhcp scope link src {address2} metric 24')
|
|
self.assertIn('10.0.0.0/8 via 192.168.5.1 proto dhcp', output)
|
|
|
|
print('## link state file')
|
|
output = read_link_state_file('veth99')
|
|
print(output)
|
|
# checking DNS server, SIP server, and Domains
|
|
self.assertIn('DNS=192.168.5.1 192.168.5.7 192.168.5.8', output)
|
|
self.assertIn('SIP=192.168.5.23 192.168.5.24', output)
|
|
self.assertIn('DOMAINS=foo.example.com', output)
|
|
|
|
print('## json')
|
|
j = json.loads(networkctl_json('veth99'))
|
|
|
|
self.assertEqual(len(j['DNS']), 3)
|
|
for i in j['DNS']:
|
|
print(i)
|
|
self.assertEqual(i['Family'], 2)
|
|
a = socket.inet_ntop(socket.AF_INET, bytearray(i['Address']))
|
|
self.assertRegex(a, '^192.168.5.[178]$')
|
|
self.assertEqual(i['ConfigSource'], 'DHCPv4')
|
|
a = socket.inet_ntop(socket.AF_INET, bytearray(i['ConfigProvider']))
|
|
self.assertEqual('192.168.5.1', a)
|
|
|
|
self.assertEqual(len(j['SIP']), 2)
|
|
for i in j['SIP']:
|
|
print(i)
|
|
self.assertEqual(i['Family'], 2)
|
|
a = socket.inet_ntop(socket.AF_INET, bytearray(i['Address']))
|
|
self.assertRegex(a, '^192.168.5.2[34]$')
|
|
self.assertEqual(i['ConfigSource'], 'DHCPv4')
|
|
a = socket.inet_ntop(socket.AF_INET, bytearray(i['ConfigProvider']))
|
|
self.assertEqual('192.168.5.1', a)
|
|
|
|
print('## dnsmasq log')
|
|
output = read_dnsmasq_log_file()
|
|
print(output)
|
|
self.assertIn('vendor class: FooBarVendorTest', output)
|
|
self.assertIn(f'DHCPDISCOVER(veth-peer) {address1} 12:34:56:78:9a:bc', output)
|
|
self.assertIn('client provides name: test-hostname', output)
|
|
self.assertIn('26:mtu', output)
|
|
|
|
self.check_netlabel('veth99', r'192\.168\.5\.0/24')
|
|
|
|
self.check_nftset('addr4', r'192\.168\.5\.1')
|
|
self.check_nftset('network4', r'192\.168\.5\.0/24')
|
|
self.check_nftset('ifindex', 'veth99')
|
|
|
|
self.teardown_nftset('addr4', 'network4', 'ifindex')
|
|
|
|
def test_dhcp_client_ipv4_dbus_status(self):
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-ipv4-only.network')
|
|
start_networkd()
|
|
self.wait_online('veth-peer:carrier')
|
|
|
|
state = get_dhcp4_client_state('veth99')
|
|
print(f"State = {state}")
|
|
self.assertEqual(state, 'rebooting')
|
|
|
|
start_dnsmasq('--dhcp-option=option:dns-server,192.168.5.6,192.168.5.7',
|
|
'--dhcp-option=option:domain-search,example.com',
|
|
'--dhcp-alternate-port=67,5555',
|
|
ipv4_range='192.168.5.110,192.168.5.119')
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
self.wait_address('veth99', r'inet 192.168.5.11[0-9]*/24', ipv='-4')
|
|
|
|
state = get_dhcp4_client_state('veth99')
|
|
print(f"State = {state}")
|
|
self.assertEqual(state, 'bound')
|
|
|
|
def test_dhcp_client_allow_list(self):
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-allow-list.network', copy_dropins=False)
|
|
|
|
start_networkd()
|
|
self.wait_online('veth-peer:carrier')
|
|
since = datetime.datetime.now()
|
|
start_dnsmasq()
|
|
|
|
self.check_networkd_log('veth99: DHCPv4 server IP address 192.168.5.1 not found in allow-list, ignoring offer.', since=since)
|
|
|
|
copy_network_unit('25-dhcp-client-allow-list.network.d/00-allow-list.conf')
|
|
since = datetime.datetime.now()
|
|
networkctl_reload()
|
|
|
|
self.check_networkd_log('veth99: DHCPv4 server IP address 192.168.5.1 not found in allow-list, ignoring offer.', since=since)
|
|
|
|
copy_network_unit('25-dhcp-client-allow-list.network.d/10-deny-list.conf')
|
|
since = datetime.datetime.now()
|
|
networkctl_reload()
|
|
|
|
self.check_networkd_log('veth99: DHCPv4 server IP address 192.168.5.1 found in deny-list, ignoring offer.', since=since)
|
|
|
|
@unittest.skipUnless("--dhcp-rapid-commit" in run("dnsmasq --help").stdout, reason="dnsmasq is missing dhcp-rapid-commit support")
|
|
def test_dhcp_client_rapid_commit(self):
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client.network')
|
|
start_networkd()
|
|
self.wait_online('veth-peer:carrier')
|
|
|
|
start_dnsmasq('--dhcp-rapid-commit')
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
self.wait_address('veth99', r'inet 192.168.5.[0-9]*/24', ipv='-4')
|
|
|
|
state = get_dhcp4_client_state('veth99')
|
|
print(f"DHCPv4 client state = {state}")
|
|
self.assertEqual(state, 'bound')
|
|
|
|
output = read_dnsmasq_log_file()
|
|
self.assertIn('DHCPDISCOVER(veth-peer)', output)
|
|
self.assertNotIn('DHCPOFFER(veth-peer)', output)
|
|
self.assertNotIn('DHCPREQUEST(veth-peer)', output)
|
|
self.assertIn('DHCPACK(veth-peer)', output)
|
|
|
|
def test_dhcp_client_ipv6_only_mode_without_ipv6_connectivity(self):
|
|
copy_network_unit('25-veth.netdev',
|
|
'25-dhcp-server-ipv6-only-mode.network',
|
|
'25-dhcp-client-ipv6-only-mode.network')
|
|
start_networkd()
|
|
self.wait_online('veth99:routable', 'veth-peer:routable', timeout='40s')
|
|
self.wait_address('veth99', r'inet 192.168.5.[0-9]*/24', ipv='-4')
|
|
|
|
state = get_dhcp4_client_state('veth99')
|
|
print(f"State = {state}")
|
|
self.assertEqual(state, 'bound')
|
|
|
|
def test_dhcp_client_ipv4_use_routes_gateway(self):
|
|
first = True
|
|
for (routes, gateway, dns_and_ntp_routes, classless) in itertools.product([True, False], repeat=4):
|
|
if first:
|
|
first = False
|
|
else:
|
|
self.tearDown()
|
|
|
|
print(f'### test_dhcp_client_ipv4_use_routes_gateway(routes={routes}, gateway={gateway}, dns_and_ntp_routes={dns_and_ntp_routes}, classless={classless})')
|
|
with self.subTest(routes=routes, gateway=gateway, dns_and_ntp_routes=dns_and_ntp_routes, classless=classless):
|
|
self._test_dhcp_client_ipv4_use_routes_gateway(routes, gateway, dns_and_ntp_routes, classless)
|
|
|
|
def _test_dhcp_client_ipv4_use_routes_gateway(self, use_routes, use_gateway, dns_and_ntp_routes, classless):
|
|
testunit = '25-dhcp-client-ipv4-use-routes-use-gateway.network'
|
|
testunits = ['25-veth.netdev', '25-dhcp-server-veth-peer.network', testunit]
|
|
testunits.append(f'{testunit}.d/use-routes-{use_routes}.conf')
|
|
testunits.append(f'{testunit}.d/use-gateway-{use_gateway}.conf')
|
|
testunits.append(f'{testunit}.d/use-dns-and-ntp-routes-{dns_and_ntp_routes}.conf')
|
|
copy_network_unit(*testunits, copy_dropins=False)
|
|
|
|
start_networkd()
|
|
self.wait_online('veth-peer:carrier')
|
|
additional_options = [
|
|
'--dhcp-option=option:dns-server,192.168.5.10,8.8.8.8',
|
|
'--dhcp-option=option:ntp-server,192.168.5.11,9.9.9.9',
|
|
'--dhcp-option=option:static-route,192.168.6.100,192.168.5.2,8.8.8.8,192.168.5.3'
|
|
]
|
|
if classless:
|
|
additional_options += [
|
|
'--dhcp-option=option:classless-static-route,0.0.0.0/0,192.168.5.4,8.0.0.0/8,192.168.5.5,192.168.5.64/26,192.168.5.5'
|
|
]
|
|
start_dnsmasq(*additional_options)
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
|
|
output = check_output('ip -4 route show dev veth99')
|
|
print(output)
|
|
|
|
# Check UseRoutes=
|
|
if use_routes:
|
|
if classless:
|
|
self.assertRegex(output, r'default via 192.168.5.4 proto dhcp src 192.168.5.[0-9]* metric 1024')
|
|
self.assertRegex(output, r'8.0.0.0/8 via 192.168.5.5 proto dhcp src 192.168.5.[0-9]* metric 1024')
|
|
self.assertRegex(output, r'192.168.5.64/26 via 192.168.5.5 proto dhcp src 192.168.5.[0-9]* metric 1024')
|
|
self.assertRegex(output, r'192.168.5.4 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
|
|
self.assertRegex(output, r'192.168.5.5 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
|
|
else:
|
|
self.assertRegex(output, r'192.168.6.0/24 via 192.168.5.2 proto dhcp src 192.168.5.[0-9]* metric 1024')
|
|
self.assertRegex(output, r'8.0.0.0/8 via 192.168.5.3 proto dhcp src 192.168.5.[0-9]* metric 1024')
|
|
self.assertRegex(output, r'192.168.5.2 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
|
|
self.assertRegex(output, r'192.168.5.3 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
|
|
else:
|
|
self.assertNotRegex(output, r'default via 192.168.5.4 proto dhcp src 192.168.5.[0-9]* metric 1024')
|
|
self.assertNotRegex(output, r'8.0.0.0/8 via 192.168.5.5 proto dhcp src 192.168.5.[0-9]* metric 1024')
|
|
self.assertNotRegex(output, r'192.168.5.4 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
|
|
self.assertNotRegex(output, r'192.168.5.5 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
|
|
self.assertNotRegex(output, r'192.168.6.0/24 via 192.168.5.2 proto dhcp src 192.168.5.[0-9]* metric 1024')
|
|
self.assertNotRegex(output, r'8.0.0.0/8 via 192.168.5.3 proto dhcp src 192.168.5.[0-9]* metric 1024')
|
|
self.assertNotRegex(output, r'192.168.5.2 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
|
|
self.assertNotRegex(output, r'192.168.5.3 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
|
|
|
|
# Check UseGateway=
|
|
if use_gateway and (not classless or not use_routes):
|
|
self.assertRegex(output, r'default via 192.168.5.1 proto dhcp src 192.168.5.[0-9]* metric 1024')
|
|
else:
|
|
self.assertNotRegex(output, r'default via 192.168.5.1 proto dhcp src 192.168.5.[0-9]* metric 1024')
|
|
|
|
# Check route to gateway
|
|
if (use_gateway or dns_and_ntp_routes) and (not classless or not use_routes):
|
|
self.assertRegex(output, r'192.168.5.1 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
|
|
else:
|
|
self.assertNotRegex(output, r'192.168.5.1 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
|
|
|
|
# Check RoutesToDNS= and RoutesToNTP=
|
|
if dns_and_ntp_routes:
|
|
self.assertRegex(output, r'192.168.5.10 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
|
|
self.assertRegex(output, r'192.168.5.11 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
|
|
if use_routes:
|
|
if classless:
|
|
self.assertRegex(output, r'8.8.8.8 via 192.168.5.5 proto dhcp src 192.168.5.[0-9]* metric 1024')
|
|
self.assertRegex(output, r'9.9.9.9 via 192.168.5.4 proto dhcp src 192.168.5.[0-9]* metric 1024')
|
|
else:
|
|
self.assertRegex(output, r'8.8.8.8 via 192.168.5.3 proto dhcp src 192.168.5.[0-9]* metric 1024')
|
|
self.assertRegex(output, r'9.9.9.9 via 192.168.5.1 proto dhcp src 192.168.5.[0-9]* metric 1024')
|
|
else:
|
|
self.assertRegex(output, r'8.8.8.8 via 192.168.5.1 proto dhcp src 192.168.5.[0-9]* metric 1024')
|
|
self.assertRegex(output, r'9.9.9.9 via 192.168.5.1 proto dhcp src 192.168.5.[0-9]* metric 1024')
|
|
else:
|
|
self.assertNotRegex(output, r'192.168.5.10 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
|
|
self.assertNotRegex(output, r'192.168.5.11 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
|
|
self.assertNotRegex(output, r'8.8.8.8 via 192.168.5.[0-9]* proto dhcp src 192.168.5.[0-9]* metric 1024')
|
|
self.assertNotRegex(output, r'9.9.9.9 via 192.168.5.[0-9]* proto dhcp src 192.168.5.[0-9]* metric 1024')
|
|
|
|
check_json(networkctl_json())
|
|
|
|
def test_dhcp_client_settings_anonymize(self):
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-anonymize.network')
|
|
start_networkd()
|
|
self.wait_online('veth-peer:carrier')
|
|
start_dnsmasq()
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
|
|
print('## dnsmasq log')
|
|
output = read_dnsmasq_log_file()
|
|
print(output)
|
|
self.assertNotIn('VendorClassIdentifier=SusantVendorTest', output)
|
|
self.assertNotIn('test-hostname', output)
|
|
self.assertNotIn('26:mtu', output)
|
|
|
|
def test_dhcp_keep_configuration_dhcp(self):
|
|
copy_network_unit('25-veth.netdev',
|
|
'25-dhcp-server-veth-peer.network',
|
|
'25-dhcp-client-keep-configuration-dhcp.network')
|
|
start_networkd()
|
|
self.wait_online('veth-peer:carrier')
|
|
start_dnsmasq()
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
|
|
output = check_output('ip address show dev veth99 scope global')
|
|
print(output)
|
|
self.assertRegex(output, r'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global veth99\n *'
|
|
'valid_lft forever preferred_lft forever')
|
|
|
|
# Stopping dnsmasq as networkd won't be allowed to renew the DHCP lease.
|
|
stop_dnsmasq()
|
|
|
|
# Sleep for 120 sec as the dnsmasq minimum lease time can only be set to 120
|
|
print('Wait for the DHCP lease to be expired')
|
|
time.sleep(120)
|
|
|
|
# The lease address should be kept after the lease expired
|
|
output = check_output('ip address show dev veth99 scope global')
|
|
print(output)
|
|
self.assertRegex(output, r'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global veth99\n *'
|
|
'valid_lft forever preferred_lft forever')
|
|
|
|
stop_networkd()
|
|
|
|
# The lease address should be kept after networkd stopped
|
|
output = check_output('ip address show dev veth99 scope global')
|
|
print(output)
|
|
self.assertRegex(output, r'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global veth99\n *'
|
|
'valid_lft forever preferred_lft forever')
|
|
|
|
with open(os.path.join(network_unit_dir, '25-dhcp-client-keep-configuration-dhcp.network'), mode='a', encoding='utf-8') as f:
|
|
f.write('[Network]\nDHCP=no\n')
|
|
|
|
start_networkd()
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
|
|
# Still the lease address should be kept after networkd restarted
|
|
output = check_output('ip address show dev veth99 scope global')
|
|
print(output)
|
|
self.assertRegex(output, r'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global veth99\n *'
|
|
'valid_lft forever preferred_lft forever')
|
|
|
|
def test_dhcp_keep_configuration_dhcp_on_stop(self):
|
|
copy_network_unit('25-veth.netdev',
|
|
'25-dhcp-server-veth-peer.network',
|
|
'25-dhcp-client-keep-configuration-dhcp-on-stop.network')
|
|
start_networkd()
|
|
self.wait_online('veth-peer:carrier')
|
|
start_dnsmasq()
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
|
|
output = check_output('ip address show dev veth99 scope global')
|
|
print(output)
|
|
self.assertRegex(output, r'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic veth99')
|
|
|
|
stop_dnsmasq()
|
|
stop_networkd()
|
|
|
|
output = check_output('ip address show dev veth99 scope global')
|
|
print(output)
|
|
self.assertRegex(output, r'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic veth99')
|
|
|
|
start_networkd()
|
|
self.wait_online('veth-peer:routable')
|
|
|
|
output = check_output('ip address show dev veth99 scope global')
|
|
print(output)
|
|
self.assertNotIn('192.168.5.', output)
|
|
|
|
def test_dhcp_client_reuse_address_as_static(self):
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client.network')
|
|
start_networkd()
|
|
self.wait_online('veth-peer:carrier')
|
|
start_dnsmasq()
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
|
|
# link become 'routable' when at least one protocol provide an valid address.
|
|
self.wait_address('veth99', r'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic', ipv='-4')
|
|
self.wait_address('veth99', r'inet6 2600::[0-9a-f]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)', ipv='-6')
|
|
|
|
output = check_output('ip address show dev veth99 scope global')
|
|
ipv4_address = re.search(r'192.168.5.[0-9]*/24', output).group()
|
|
ipv6_address = re.search(r'2600::[0-9a-f:]*/128', output).group()
|
|
static_network = '\n'.join(['[Match]', 'Name=veth99', '[Network]', 'IPv6AcceptRA=no', 'Address=' + ipv4_address, 'Address=' + ipv6_address])
|
|
print(static_network)
|
|
|
|
remove_network_unit('25-dhcp-client.network')
|
|
|
|
with open(os.path.join(network_unit_dir, '25-static.network'), mode='w', encoding='utf-8') as f:
|
|
f.write(static_network)
|
|
|
|
restart_networkd()
|
|
self.wait_online('veth99:routable')
|
|
|
|
output = check_output('ip -4 address show dev veth99 scope global')
|
|
print(output)
|
|
self.assertRegex(output, f'inet {ipv4_address} brd 192.168.5.255 scope global veth99\n *'
|
|
'valid_lft forever preferred_lft forever')
|
|
|
|
output = check_output('ip -6 address show dev veth99 scope global')
|
|
print(output)
|
|
self.assertRegex(output, f'inet6 {ipv6_address} scope global *\n *'
|
|
'valid_lft forever preferred_lft forever')
|
|
|
|
@expectedFailureIfModuleIsNotAvailable('vrf')
|
|
def test_dhcp_client_vrf(self):
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-vrf.network',
|
|
'25-vrf.netdev', '25-vrf.network')
|
|
start_networkd()
|
|
self.wait_online('veth-peer:carrier')
|
|
start_dnsmasq()
|
|
self.wait_online('veth99:routable', 'veth-peer:routable', 'vrf99:carrier')
|
|
|
|
# link become 'routable' when at least one protocol provide an valid address.
|
|
self.wait_address('veth99', r'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic', ipv='-4')
|
|
self.wait_address('veth99', r'inet6 2600::[0-9a-f]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)', ipv='-6')
|
|
|
|
print('## ip -d link show dev vrf99')
|
|
output = check_output('ip -d link show dev vrf99')
|
|
print(output)
|
|
self.assertRegex(output, 'vrf table 42')
|
|
|
|
print('## ip address show vrf vrf99')
|
|
output = check_output('ip address show vrf vrf99')
|
|
print(output)
|
|
self.assertRegex(output, 'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic veth99')
|
|
self.assertRegex(output, 'inet6 2600::[0-9a-f]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)')
|
|
self.assertRegex(output, 'inet6 .* scope link')
|
|
|
|
print('## ip address show dev veth99')
|
|
output = check_output('ip address show dev veth99')
|
|
print(output)
|
|
self.assertRegex(output, 'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic veth99')
|
|
self.assertRegex(output, 'inet6 2600::[0-9a-f]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)')
|
|
self.assertRegex(output, 'inet6 .* scope link')
|
|
|
|
print('## ip route show vrf vrf99')
|
|
output = check_output('ip route show vrf vrf99')
|
|
print(output)
|
|
self.assertRegex(output, 'default via 192.168.5.1 dev veth99 proto dhcp src 192.168.5.')
|
|
self.assertRegex(output, '192.168.5.0/24 dev veth99 proto kernel scope link src 192.168.5')
|
|
self.assertRegex(output, '192.168.5.1 dev veth99 proto dhcp scope link src 192.168.5')
|
|
|
|
print('## ip route show table main dev veth99')
|
|
output = check_output('ip route show table main dev veth99')
|
|
print(output)
|
|
self.assertEqual(output, '')
|
|
|
|
def test_dhcp_client_gateway_onlink_implicit(self):
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network',
|
|
'25-dhcp-client-gateway-onlink-implicit.network')
|
|
start_networkd()
|
|
self.wait_online('veth-peer:carrier')
|
|
start_dnsmasq()
|
|
self.wait_online('veth99:routable', 'veth-peer:routable')
|
|
|
|
output = networkctl_status('veth99')
|
|
print(output)
|
|
self.assertRegex(output, '192.168.5')
|
|
|
|
output = check_output('ip route list dev veth99 10.0.0.0/8')
|
|
print(output)
|
|
self.assertRegex(output, 'onlink')
|
|
output = check_output('ip route list dev veth99 192.168.100.0/24')
|
|
print(output)
|
|
self.assertRegex(output, 'onlink')
|
|
|
|
def test_dhcp_client_with_ipv4ll(self):
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network',
|
|
'25-dhcp-client-with-ipv4ll.network')
|
|
start_networkd()
|
|
# we need to increase timeout above default, as this will need to wait for
|
|
# systemd-networkd to get the dhcpv4 transient failure event
|
|
self.wait_online('veth99:degraded', 'veth-peer:routable', timeout='60s')
|
|
|
|
output = check_output('ip -4 address show dev veth99')
|
|
print(output)
|
|
self.assertNotIn('192.168.5.', output)
|
|
self.assertIn('inet 169.254.133.11/16 metric 2048 brd 169.254.255.255 scope link', output)
|
|
|
|
start_dnsmasq()
|
|
print('Wait for a DHCP lease to be acquired and the IPv4LL address to be dropped')
|
|
self.wait_address('veth99', r'inet 192\.168\.5\.\d+/24 metric 1024 brd 192\.168\.5\.255 scope global dynamic', ipv='-4')
|
|
self.wait_address_dropped('veth99', r'inet 169\.254\.\d+\.\d+/16 metric 2048 brd 169\.254\.255\.255 scope link', scope='link', ipv='-4')
|
|
self.wait_online('veth99:routable')
|
|
|
|
output = check_output('ip -4 address show dev veth99')
|
|
print(output)
|
|
self.assertRegex(output, r'inet 192\.168\.5\.\d+/24 metric 1024 brd 192\.168\.5\.255 scope global dynamic veth99')
|
|
self.assertNotIn('169.254.', output)
|
|
self.assertNotIn('scope link', output)
|
|
|
|
stop_dnsmasq()
|
|
print('Wait for the DHCP lease to be expired and an IPv4LL address to be acquired')
|
|
self.wait_address_dropped('veth99', r'inet 192\.168\.5\.\d+/24 metric 1024 brd 192\.168\.5\.255 scope global dynamic', ipv='-4', timeout_sec=130)
|
|
self.wait_address('veth99', r'inet 169\.254\.133\.11/16 metric 2048 brd 169\.254\.255\.255 scope link', scope='link', ipv='-4')
|
|
|
|
output = check_output('ip -4 address show dev veth99')
|
|
print(output)
|
|
self.assertNotIn('192.168.5.', output)
|
|
self.assertIn('inet 169.254.133.11/16 metric 2048 brd 169.254.255.255 scope link', output)
|
|
|
|
def test_dhcp_client_use_dns(self):
|
|
def check(self, ipv4, ipv6):
|
|
os.makedirs(os.path.join(network_unit_dir, '25-dhcp-client.network.d'), exist_ok=True)
|
|
with open(os.path.join(network_unit_dir, '25-dhcp-client.network.d/override.conf'), mode='w', encoding='utf-8') as f:
|
|
f.write('[DHCPv4]\nUseDNS=')
|
|
f.write('yes' if ipv4 else 'no')
|
|
f.write('\n[DHCPv6]\nUseDNS=')
|
|
f.write('yes' if ipv6 else 'no')
|
|
f.write('\n[IPv6AcceptRA]\nUseDNS=no')
|
|
|
|
networkctl_reload()
|
|
self.wait_online('veth99:routable')
|
|
|
|
# link becomes 'routable' when at least one protocol provide an valid address. Hence, we need to explicitly wait for both addresses.
|
|
self.wait_address('veth99', r'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic', ipv='-4')
|
|
self.wait_address('veth99', r'inet6 2600::[0-9a-f]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)', ipv='-6')
|
|
|
|
# make resolved re-read the link state file
|
|
resolvectl('revert', 'veth99')
|
|
|
|
output = resolvectl('dns', 'veth99')
|
|
print(output)
|
|
if ipv4:
|
|
self.assertIn('192.168.5.1', output)
|
|
else:
|
|
self.assertNotIn('192.168.5.1', output)
|
|
if ipv6:
|
|
self.assertIn('2600::1', output)
|
|
else:
|
|
self.assertNotIn('2600::1', output)
|
|
|
|
check_json(networkctl_json())
|
|
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client.network', copy_dropins=False)
|
|
|
|
start_networkd()
|
|
self.wait_online('veth-peer:carrier')
|
|
start_dnsmasq('--dhcp-option=option:dns-server,192.168.5.1',
|
|
'--dhcp-option=option6:dns-server,[2600::1]')
|
|
|
|
check(self, True, True)
|
|
check(self, True, False)
|
|
check(self, False, True)
|
|
check(self, False, False)
|
|
|
|
def test_dhcp_client_default_use_domains(self):
|
|
def check(self, common, ipv4, ipv6):
|
|
mkdir_p(networkd_conf_dropin_dir)
|
|
with open(os.path.join(networkd_conf_dropin_dir, 'default_use_domains.conf'), mode='w', encoding='utf-8') as f:
|
|
f.write('[Network]\nUseDomains=')
|
|
f.write('yes\n' if common else 'no\n')
|
|
f.write('[DHCPv4]\nUseDomains=')
|
|
f.write('yes\n' if ipv4 else 'no\n')
|
|
f.write('[DHCPv6]\nUseDomains=')
|
|
f.write('yes\n' if ipv6 else 'no\n')
|
|
|
|
restart_networkd()
|
|
self.wait_online('veth-peer:carrier')
|
|
start_dnsmasq('--dhcp-option=option:dns-server,192.168.5.1',
|
|
'--dhcp-option=option6:dns-server,[2600::1]',
|
|
'--dhcp-option=option:domain-search,example.com',
|
|
'--dhcp-option=option6:domain-search,example.com')
|
|
|
|
self.wait_online('veth99:routable')
|
|
|
|
# link becomes 'routable' when at least one protocol provide an valid address. Hence, we need to explicitly wait for both addresses.
|
|
self.wait_address('veth99', r'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic', ipv='-4')
|
|
self.wait_address('veth99', r'inet6 2600::[0-9a-f]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)', ipv='-6')
|
|
|
|
for _ in range(20):
|
|
output = resolvectl('domain', 'veth99')
|
|
if common or ipv4 or ipv6:
|
|
if 'example.com' in output:
|
|
break
|
|
else:
|
|
if 'example.com' not in output:
|
|
break
|
|
time.sleep(0.5)
|
|
else:
|
|
print(output)
|
|
print(read_link_state_file('veth99'))
|
|
self.fail('unexpected domain setting in resolved...')
|
|
|
|
stop_dnsmasq()
|
|
remove_networkd_conf_dropin('default_use_domains.conf')
|
|
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client.network', copy_dropins=False)
|
|
check(self, True, False, False)
|
|
check(self, False, True, True)
|
|
check(self, False, True, False)
|
|
check(self, False, False, True)
|
|
check(self, False, False, False)
|
|
|
|
def test_dhcp_client_use_dnr(self):
|
|
def check(self, ipv4, ipv6):
|
|
os.makedirs(os.path.join(network_unit_dir, '25-dhcp-client.network.d'), exist_ok=True)
|
|
with open(os.path.join(network_unit_dir, '25-dhcp-client.network.d/override.conf'), mode='w', encoding='utf-8') as f:
|
|
f.write('[DHCPv4]\nUseDNS=')
|
|
f.write('yes' if ipv4 else 'no')
|
|
f.write('\n[DHCPv6]\nUseDNS=')
|
|
f.write('yes' if ipv6 else 'no')
|
|
f.write('\n[IPv6AcceptRA]\nUseDNS=no')
|
|
|
|
networkctl_reload()
|
|
self.wait_online('veth99:routable')
|
|
|
|
# link becomes 'routable' when at least one protocol provide an valid address. Hence, we need to explicitly wait for both addresses.
|
|
self.wait_address('veth99', r'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic', ipv='-4')
|
|
self.wait_address('veth99', r'inet6 2600::[0-9a-f]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)', ipv='-6')
|
|
|
|
# make resolved re-read the link state file
|
|
resolvectl('revert', 'veth99')
|
|
|
|
output = resolvectl('dns', 'veth99')
|
|
print(output)
|
|
if ipv4:
|
|
self.assertIn('8.8.8.8#dns.google', output)
|
|
self.assertIn('0.7.4.2#homer.simpson', output)
|
|
else:
|
|
self.assertNotIn('8.8.8.8#dns.google', output)
|
|
if ipv6:
|
|
self.assertIn('2001:4860:4860::8888#dns.google', output)
|
|
else:
|
|
self.assertNotIn('2001:4860:4860::8888#dns.google', output)
|
|
|
|
check_json(networkctl_json())
|
|
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client.network', copy_dropins=False)
|
|
|
|
start_networkd()
|
|
self.wait_online('veth-peer:carrier')
|
|
dnr_v4 = dnr_v4_instance_data(adn = "dns.google", addrs = ["8.8.8.8", "8.8.4.4"])
|
|
dnr_v4 += dnr_v4_instance_data(adn = "homer.simpson", addrs = ["0.7.4.2"], alpns = ("dot","h2","h3"), dohpath = "/springfield{?dns}")
|
|
dnr_v6 = dnr_v6_instance_data(adn = "dns.google", addrs = ["2001:4860:4860::8888", "2001:4860:4860::8844"])
|
|
masq = lambda bs: ':'.join(f"{b:02x}" for b in bs)
|
|
start_dnsmasq(f'--dhcp-option=162,{masq(dnr_v4)}',
|
|
f'--dhcp-option=option6:144,{masq(dnr_v6)}')
|
|
|
|
check(self, True, True)
|
|
check(self, True, False)
|
|
check(self, False, True)
|
|
check(self, False, False)
|
|
|
|
def test_dhcp_client_use_captive_portal(self):
|
|
def check(self, ipv4, ipv6):
|
|
os.makedirs(os.path.join(network_unit_dir, '25-dhcp-client.network.d'), exist_ok=True)
|
|
with open(os.path.join(network_unit_dir, '25-dhcp-client.network.d/override.conf'), mode='w', encoding='utf-8') as f:
|
|
f.write('[DHCPv4]\nUseCaptivePortal=')
|
|
f.write('yes' if ipv4 else 'no')
|
|
f.write('\n[DHCPv6]\nUseCaptivePortal=')
|
|
f.write('yes' if ipv6 else 'no')
|
|
f.write('\n[IPv6AcceptRA]\nUseCaptivePortal=no')
|
|
|
|
networkctl_reload()
|
|
self.wait_online('veth99:routable')
|
|
|
|
# link becomes 'routable' when at least one protocol provide an valid address. Hence, we need to explicitly wait for both addresses.
|
|
self.wait_address('veth99', r'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic', ipv='-4')
|
|
self.wait_address('veth99', r'inet6 2600::[0-9a-f]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)', ipv='-6')
|
|
|
|
output = networkctl_status('veth99')
|
|
print(output)
|
|
if ipv4 or ipv6:
|
|
self.assertIn('Captive Portal: http://systemd.io', output)
|
|
else:
|
|
self.assertNotIn('Captive Portal: http://systemd.io', output)
|
|
|
|
check_json(networkctl_json())
|
|
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client.network', copy_dropins=False)
|
|
|
|
start_networkd()
|
|
self.wait_online('veth-peer:carrier')
|
|
start_dnsmasq('--dhcp-option=114,http://systemd.io',
|
|
'--dhcp-option=option6:103,http://systemd.io')
|
|
|
|
check(self, True, True)
|
|
check(self, True, False)
|
|
check(self, False, True)
|
|
check(self, False, False)
|
|
|
|
def test_dhcp_client_reject_captive_portal(self):
|
|
def check(self, ipv4, ipv6):
|
|
os.makedirs(os.path.join(network_unit_dir, '25-dhcp-client.network.d'), exist_ok=True)
|
|
with open(os.path.join(network_unit_dir, '25-dhcp-client.network.d/override.conf'), mode='w', encoding='utf-8') as f:
|
|
f.write('[DHCPv4]\nUseCaptivePortal=')
|
|
f.write('yes' if ipv4 else 'no')
|
|
f.write('\n[DHCPv6]\nUseCaptivePortal=')
|
|
f.write('yes' if ipv6 else 'no')
|
|
f.write('\n[IPv6AcceptRA]\nUseCaptivePortal=no')
|
|
|
|
networkctl_reload()
|
|
self.wait_online('veth99:routable')
|
|
|
|
# link becomes 'routable' when at least one protocol provide an valid address. Hence, we need to explicitly wait for both addresses.
|
|
self.wait_address('veth99', r'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic', ipv='-4')
|
|
self.wait_address('veth99', r'inet6 2600::[0-9a-f]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)', ipv='-6')
|
|
|
|
output = networkctl_status('veth99')
|
|
print(output)
|
|
self.assertNotIn('Captive Portal: ', output)
|
|
self.assertNotIn('invalid/url', output)
|
|
|
|
check_json(networkctl_json())
|
|
|
|
copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client.network', copy_dropins=False)
|
|
|
|
start_networkd()
|
|
self.wait_online('veth-peer:carrier')
|
|
masq = lambda bs: ':'.join(f'{b:02x}' for b in bs)
|
|
start_dnsmasq('--dhcp-option=114,' + masq(b'http://\x00invalid/url'),
|
|
'--dhcp-option=option6:103,' + masq(b'http://\x00/invalid/url'))
|
|
|
|
check(self, True, True)
|
|
check(self, True, False)
|
|
check(self, False, True)
|
|
check(self, False, False)
|
|
|
|
class NetworkdDHCPPDTests(unittest.TestCase, Utilities):
|
|
|
|
def setUp(self):
|
|
setup_common()
|
|
|
|
def tearDown(self):
|
|
tear_down_common()
|
|
|
|
def check_dhcp6_prefix(self, link):
|
|
description = get_link_description(link)
|
|
|
|
self.assertIn('DHCPv6Client', description.keys())
|
|
self.assertIn('Prefixes', description['DHCPv6Client'])
|
|
|
|
prefixInfo = description['DHCPv6Client']['Prefixes']
|
|
|
|
self.assertEqual(len(prefixInfo), 1)
|
|
|
|
self.assertIn('Prefix', prefixInfo[0].keys())
|
|
self.assertIn('PrefixLength', prefixInfo[0].keys())
|
|
self.assertIn('PreferredLifetimeUSec', prefixInfo[0].keys())
|
|
self.assertIn('ValidLifetimeUSec', prefixInfo[0].keys())
|
|
|
|
self.assertEqual(prefixInfo[0]['Prefix'][0:6], [63, 254, 5, 1, 255, 255])
|
|
self.assertEqual(prefixInfo[0]['PrefixLength'], 56)
|
|
self.assertGreater(prefixInfo[0]['PreferredLifetimeUSec'], 0)
|
|
self.assertGreater(prefixInfo[0]['ValidLifetimeUSec'], 0)
|
|
|
|
@unittest.skipUnless(shutil.which('dhcpd'), reason="dhcpd is not available on CentOS Stream 10")
|
|
def test_dhcp6pd_no_address(self):
|
|
# For issue #29979.
|
|
copy_network_unit('25-veth.netdev', '25-dhcp6pd-server.network', '25-dhcp6pd-upstream-no-address.network')
|
|
|
|
start_networkd()
|
|
self.wait_online('veth-peer:routable')
|
|
start_isc_dhcpd(conf_file='isc-dhcpd-dhcp6pd.conf', ipv='-6')
|
|
self.wait_online('veth99:degraded')
|
|
|
|
print('### ip -6 address show dev veth99 scope global')
|
|
output = check_output('ip -6 address show dev veth99 scope global')
|
|
print(output)
|
|
self.assertNotIn('inet6 3ffe:501:ffff', output)
|
|
|
|
print('### ip -6 route show dev lo')
|
|
output = check_output('ip -6 route show dev lo')
|
|
print(output)
|
|
self.assertNotRegex(output, '3ffe:501:ffff:[2-9a-f]00::/56')
|
|
|
|
self.check_dhcp6_prefix('veth99')
|
|
|
|
@unittest.skipUnless(shutil.which('dhcpd'), reason="dhcpd is not available on CentOS Stream 10")
|
|
def test_dhcp6pd_no_assign(self):
|
|
# Similar to test_dhcp6pd_no_assign(), but in this case UseAddress=yes (default),
|
|
# However, the server does not provide IA_NA. For issue #31349.
|
|
copy_network_unit('25-veth.netdev', '25-dhcp6pd-server.network', '25-dhcp6pd-upstream-no-assign.network')
|
|
|
|
start_networkd()
|
|
self.wait_online('veth-peer:routable')
|
|
start_isc_dhcpd(conf_file='isc-dhcpd-dhcp6pd-no-range.conf', ipv='-6')
|
|
self.wait_online('veth99:degraded')
|
|
|
|
print('### ip -6 address show dev veth99 scope global')
|
|
output = check_output('ip -6 address show dev veth99 scope global')
|
|
print(output)
|
|
self.assertNotIn('inet6 3ffe:501:ffff', output)
|
|
|
|
print('### ip -6 route show type blackhole')
|
|
output = check_output('ip -6 route show type blackhole')
|
|
print(output)
|
|
self.assertRegex(output, 'blackhole 3ffe:501:ffff:[2-9a-f]00::/56 dev lo proto dhcp')
|
|
|
|
self.check_dhcp6_prefix('veth99')
|
|
|
|
@unittest.skipUnless(shutil.which('dhcpd'), reason="dhcpd is not available on CentOS Stream 10")
|
|
def test_dhcp6pd(self):
|
|
copy_network_unit('25-veth.netdev', '25-dhcp6pd-server.network', '25-dhcp6pd-upstream.network',
|
|
'25-veth-downstream-veth97.netdev', '25-dhcp-pd-downstream-veth97.network', '25-dhcp-pd-downstream-veth97-peer.network',
|
|
'25-veth-downstream-veth98.netdev', '25-dhcp-pd-downstream-veth98.network', '25-dhcp-pd-downstream-veth98-peer.network',
|
|
'11-dummy.netdev', '25-dhcp-pd-downstream-test1.network',
|
|
'25-dhcp-pd-downstream-dummy97.network',
|
|
'12-dummy.netdev', '25-dhcp-pd-downstream-dummy98.network',
|
|
'13-dummy.netdev', '25-dhcp-pd-downstream-dummy99.network')
|
|
|
|
start_networkd()
|
|
self.wait_online('veth-peer:routable')
|
|
start_isc_dhcpd(conf_file='isc-dhcpd-dhcp6pd.conf', ipv='-6')
|
|
self.wait_online('veth99:routable', 'test1:routable', 'dummy98:routable', 'dummy99:degraded',
|
|
'veth97:routable', 'veth97-peer:routable', 'veth98:routable', 'veth98-peer:routable')
|
|
|
|
self.setup_nftset('addr6', 'ipv6_addr')
|
|
self.setup_nftset('network6', 'ipv6_addr', 'flags interval;')
|
|
self.setup_nftset('ifindex', 'iface_index')
|
|
|
|
# Check DBus assigned prefix information to veth99
|
|
self.check_dhcp6_prefix('veth99')
|
|
|
|
print('### ip -6 address show dev veth-peer scope global')
|
|
output = check_output('ip -6 address show dev veth-peer scope global')
|
|
print(output)
|
|
self.assertIn('inet6 3ffe:501:ffff:100::1/64 scope global', output)
|
|
|
|
# Link Subnet IDs
|
|
# test1: 0x00
|
|
# dummy97: 0x01 (The link will appear later)
|
|
# dummy98: 0x00
|
|
# dummy99: auto -> 0x02 (No address assignment)
|
|
# veth97: 0x08
|
|
# veth98: 0x09
|
|
# veth99: 0x10
|
|
|
|
print('### ip -6 address show dev veth99 scope global')
|
|
output = check_output('ip -6 address show dev veth99 scope global')
|
|
print(output)
|
|
# IA_NA
|
|
self.assertRegex(output, 'inet6 3ffe:501:ffff:100::[0-9]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)')
|
|
# address in IA_PD (Token=static)
|
|
self.assertRegex(output, 'inet6 3ffe:501:ffff:[2-9a-f]10:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic')
|
|
# address in IA_PD (Token=eui64)
|
|
self.assertRegex(output, 'inet6 3ffe:501:ffff:[2-9a-f]10:1034:56ff:fe78:9abc/64 (metric 256 |)scope global dynamic')
|
|
# address in IA_PD (temporary)
|
|
# Note that the temporary addresses may appear after the link enters configured state
|
|
self.wait_address('veth99', 'inet6 3ffe:501:ffff:[2-9a-f]10:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv='-6')
|
|
|
|
print('### ip -6 address show dev test1 scope global')
|
|
output = check_output('ip -6 address show dev test1 scope global')
|
|
print(output)
|
|
# address in IA_PD (Token=static)
|
|
self.assertRegex(output, 'inet6 3ffe:501:ffff:[2-9a-f]00:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# address in IA_PD (temporary)
|
|
self.wait_address('test1', 'inet6 3ffe:501:ffff:[2-9a-f]00:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv='-6')
|
|
|
|
print('### ip -6 address show dev dummy98 scope global')
|
|
output = check_output('ip -6 address show dev dummy98 scope global')
|
|
print(output)
|
|
# address in IA_PD (Token=static)
|
|
self.assertRegex(output, 'inet6 3ffe:501:ffff:[2-9a-f]00:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# address in IA_PD (temporary)
|
|
self.wait_address('dummy98', 'inet6 3ffe:501:ffff:[2-9a-f]00:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv='-6')
|
|
|
|
print('### ip -6 address show dev dummy99 scope global')
|
|
output = check_output('ip -6 address show dev dummy99 scope global')
|
|
print(output)
|
|
# Assign=no
|
|
self.assertNotRegex(output, 'inet6 3ffe:501:ffff:[2-9a-f]02')
|
|
|
|
print('### ip -6 address show dev veth97 scope global')
|
|
output = check_output('ip -6 address show dev veth97 scope global')
|
|
print(output)
|
|
# address in IA_PD (Token=static)
|
|
self.assertRegex(output, 'inet6 3ffe:501:ffff:[2-9a-f]08:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# address in IA_PD (Token=eui64)
|
|
self.assertRegex(output, 'inet6 3ffe:501:ffff:[2-9a-f]08:1034:56ff:fe78:9ace/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# address in IA_PD (temporary)
|
|
self.wait_address('veth97', 'inet6 3ffe:501:ffff:[2-9a-f]08:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv='-6')
|
|
|
|
print('### ip -6 address show dev veth97-peer scope global')
|
|
output = check_output('ip -6 address show dev veth97-peer scope global')
|
|
print(output)
|
|
# NDisc address (Token=static)
|
|
self.assertRegex(output, 'inet6 3ffe:501:ffff:[2-9a-f]08:1a:2b:3c:4e/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# NDisc address (Token=eui64)
|
|
self.assertRegex(output, 'inet6 3ffe:501:ffff:[2-9a-f]08:1034:56ff:fe78:9acf/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# NDisc address (temporary)
|
|
self.wait_address('veth97-peer', 'inet6 3ffe:501:ffff:[2-9a-f]08:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv='-6')
|
|
|
|
print('### ip -6 address show dev veth98 scope global')
|
|
output = check_output('ip -6 address show dev veth98 scope global')
|
|
print(output)
|
|
# address in IA_PD (Token=static)
|
|
self.assertRegex(output, 'inet6 3ffe:501:ffff:[2-9a-f]09:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# address in IA_PD (Token=eui64)
|
|
self.assertRegex(output, 'inet6 3ffe:501:ffff:[2-9a-f]09:1034:56ff:fe78:9abe/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# address in IA_PD (temporary)
|
|
self.wait_address('veth98', 'inet6 3ffe:501:ffff:[2-9a-f]09:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv='-6')
|
|
|
|
print('### ip -6 address show dev veth98-peer scope global')
|
|
output = check_output('ip -6 address show dev veth98-peer scope global')
|
|
print(output)
|
|
# NDisc address (Token=static)
|
|
self.assertRegex(output, 'inet6 3ffe:501:ffff:[2-9a-f]09:1a:2b:3c:4e/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# NDisc address (Token=eui64)
|
|
self.assertRegex(output, 'inet6 3ffe:501:ffff:[2-9a-f]09:1034:56ff:fe78:9abf/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# NDisc address (temporary)
|
|
self.wait_address('veth98-peer', 'inet6 3ffe:501:ffff:[2-9a-f]09:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv='-6')
|
|
|
|
print('### ip -6 route show type unreachable')
|
|
output = check_output('ip -6 route show type unreachable')
|
|
print(output)
|
|
self.assertRegex(output, 'unreachable 3ffe:501:ffff:[2-9a-f]00::/56 dev lo proto dhcp')
|
|
|
|
print('### ip -6 route show dev veth99')
|
|
output = check_output('ip -6 route show dev veth99')
|
|
print(output)
|
|
self.assertRegex(output, '3ffe:501:ffff:[2-9a-f]10::/64 proto kernel metric [0-9]* expires')
|
|
|
|
print('### ip -6 route show dev test1')
|
|
output = check_output('ip -6 route show dev test1')
|
|
print(output)
|
|
self.assertRegex(output, '3ffe:501:ffff:[2-9a-f]00::/64 proto kernel metric [0-9]* expires')
|
|
|
|
print('### ip -6 route show dev dummy98')
|
|
output = check_output('ip -6 route show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, '3ffe:501:ffff:[2-9a-f]00::/64 proto kernel metric [0-9]* expires')
|
|
|
|
print('### ip -6 route show dev dummy99')
|
|
output = check_output('ip -6 route show dev dummy99')
|
|
print(output)
|
|
self.assertRegex(output, '3ffe:501:ffff:[2-9a-f]02::/64 proto dhcp metric [0-9]* expires')
|
|
|
|
print('### ip -6 route show dev veth97')
|
|
output = check_output('ip -6 route show dev veth97')
|
|
print(output)
|
|
self.assertRegex(output, '3ffe:501:ffff:[2-9a-f]08::/64 proto kernel metric [0-9]* expires')
|
|
|
|
print('### ip -6 route show dev veth97-peer')
|
|
output = check_output('ip -6 route show dev veth97-peer')
|
|
print(output)
|
|
self.assertRegex(output, '3ffe:501:ffff:[2-9a-f]08::/64 proto ra metric [0-9]* expires')
|
|
|
|
print('### ip -6 route show dev veth98')
|
|
output = check_output('ip -6 route show dev veth98')
|
|
print(output)
|
|
self.assertRegex(output, '3ffe:501:ffff:[2-9a-f]09::/64 proto kernel metric [0-9]* expires')
|
|
|
|
print('### ip -6 route show dev veth98-peer')
|
|
output = check_output('ip -6 route show dev veth98-peer')
|
|
print(output)
|
|
self.assertRegex(output, '3ffe:501:ffff:[2-9a-f]09::/64 proto ra metric [0-9]* expires')
|
|
|
|
# Test case for a downstream which appears later
|
|
check_output('ip link add dummy97 type dummy')
|
|
self.wait_online('dummy97:routable')
|
|
|
|
print('### ip -6 address show dev dummy97 scope global')
|
|
output = check_output('ip -6 address show dev dummy97 scope global')
|
|
print(output)
|
|
# address in IA_PD (Token=static)
|
|
self.assertRegex(output, 'inet6 3ffe:501:ffff:[2-9a-f]01:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# address in IA_PD (temporary)
|
|
self.wait_address('dummy97', 'inet6 3ffe:501:ffff:[2-9a-f]01:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv='-6')
|
|
|
|
print('### ip -6 route show dev dummy97')
|
|
output = check_output('ip -6 route show dev dummy97')
|
|
print(output)
|
|
self.assertRegex(output, '3ffe:501:ffff:[2-9a-f]01::/64 proto kernel metric [0-9]* expires')
|
|
|
|
# Test case for reconfigure
|
|
networkctl_reconfigure('dummy98', 'dummy99')
|
|
self.wait_online('dummy98:routable', 'dummy99:degraded')
|
|
|
|
print('### ip -6 address show dev dummy98 scope global')
|
|
output = check_output('ip -6 address show dev dummy98 scope global')
|
|
print(output)
|
|
# address in IA_PD (Token=static)
|
|
self.assertRegex(output, 'inet6 3ffe:501:ffff:[2-9a-f]00:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# address in IA_PD (temporary)
|
|
self.wait_address('dummy98', 'inet6 3ffe:501:ffff:[2-9a-f]00:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv='-6')
|
|
|
|
print('### ip -6 address show dev dummy99 scope global')
|
|
output = check_output('ip -6 address show dev dummy99 scope global')
|
|
print(output)
|
|
# Assign=no
|
|
self.assertNotRegex(output, 'inet6 3ffe:501:ffff:[2-9a-f]02')
|
|
|
|
print('### ip -6 route show dev dummy98')
|
|
output = check_output('ip -6 route show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, '3ffe:501:ffff:[2-9a-f]00::/64 proto kernel metric [0-9]* expires')
|
|
|
|
print('### ip -6 route show dev dummy99')
|
|
output = check_output('ip -6 route show dev dummy99')
|
|
print(output)
|
|
self.assertRegex(output, '3ffe:501:ffff:[2-9a-f]02::/64 proto dhcp metric [0-9]* expires')
|
|
|
|
self.check_netlabel('dummy98', '3ffe:501:ffff:[2-9a-f]00::/64')
|
|
|
|
self.check_nftset('addr6', '3ffe:501:ffff:[2-9a-f]00:1a:2b:3c:4d')
|
|
self.check_nftset('addr6', '3ffe:501:ffff:[2-9a-f]00:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*')
|
|
self.check_nftset('network6', '3ffe:501:ffff:[2-9a-f]00::/64')
|
|
self.check_nftset('ifindex', 'dummy98')
|
|
|
|
self.teardown_nftset('addr6', 'network6', 'ifindex')
|
|
|
|
def verify_dhcp4_6rd(self, tunnel_name):
|
|
print('### ip -4 address show dev veth-peer scope global')
|
|
output = check_output('ip -4 address show dev veth-peer scope global')
|
|
print(output)
|
|
self.assertIn('inet 10.0.0.1/8 brd 10.255.255.255 scope global veth-peer', output)
|
|
|
|
# Link Subnet IDs
|
|
# test1: 0x00
|
|
# dummy97: 0x01 (The link will appear later)
|
|
# dummy98: 0x00
|
|
# dummy99: auto -> 0x0[23] (No address assignment)
|
|
# 6rd-XXX: auto -> 0x0[23]
|
|
# veth97: 0x08
|
|
# veth98: 0x09
|
|
# veth99: 0x10
|
|
|
|
print('### ip -4 address show dev veth99 scope global')
|
|
output = check_output('ip -4 address show dev veth99 scope global')
|
|
print(output)
|
|
self.assertRegex(output, 'inet 10.100.100.[0-9]*/8 (metric 1024 |)brd 10.255.255.255 scope global dynamic veth99')
|
|
|
|
print('### ip -6 address show dev veth99 scope global')
|
|
output = check_output('ip -6 address show dev veth99 scope global')
|
|
print(output)
|
|
# address in IA_PD (Token=static)
|
|
self.assertRegex(output, 'inet6 2001:db8:6464:[0-9a-f]+10:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# address in IA_PD (Token=eui64)
|
|
self.assertRegex(output, 'inet6 2001:db8:6464:[0-9a-f]+10:1034:56ff:fe78:9abc/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# address in IA_PD (temporary)
|
|
# Note that the temporary addresses may appear after the link enters configured state
|
|
self.wait_address('veth99', 'inet6 2001:db8:6464:[0-9a-f]+10:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv='-6')
|
|
|
|
print('### ip -6 address show dev test1 scope global')
|
|
output = check_output('ip -6 address show dev test1 scope global')
|
|
print(output)
|
|
# address in IA_PD (Token=static)
|
|
self.assertRegex(output, 'inet6 2001:db8:6464:[0-9a-f]+00:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# address in IA_PD (temporary)
|
|
self.wait_address('test1', 'inet6 2001:db8:6464:[0-9a-f]+00:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv='-6')
|
|
|
|
print('### ip -6 address show dev dummy98 scope global')
|
|
output = check_output('ip -6 address show dev dummy98 scope global')
|
|
print(output)
|
|
# address in IA_PD (Token=static)
|
|
self.assertRegex(output, 'inet6 2001:db8:6464:[0-9a-f]+00:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# address in IA_PD (temporary)
|
|
self.wait_address('dummy98', 'inet6 2001:db8:6464:[0-9a-f]+00:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv='-6')
|
|
|
|
print('### ip -6 address show dev dummy99 scope global')
|
|
output = check_output('ip -6 address show dev dummy99 scope global')
|
|
print(output)
|
|
# Assign=no
|
|
self.assertNotRegex(output, 'inet6 2001:db8:6464:[0-9a-f]+0[23]')
|
|
|
|
print('### ip -6 address show dev veth97 scope global')
|
|
output = check_output('ip -6 address show dev veth97 scope global')
|
|
print(output)
|
|
# address in IA_PD (Token=static)
|
|
self.assertRegex(output, 'inet6 2001:db8:6464:[0-9a-f]+08:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# address in IA_PD (Token=eui64)
|
|
self.assertRegex(output, 'inet6 2001:db8:6464:[0-9a-f]+08:1034:56ff:fe78:9ace/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# address in IA_PD (temporary)
|
|
self.wait_address('veth97', 'inet6 2001:db8:6464:[0-9a-f]+08:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv='-6')
|
|
|
|
print('### ip -6 address show dev veth97-peer scope global')
|
|
output = check_output('ip -6 address show dev veth97-peer scope global')
|
|
print(output)
|
|
# NDisc address (Token=static)
|
|
self.assertRegex(output, 'inet6 2001:db8:6464:[0-9a-f]+08:1a:2b:3c:4e/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# NDisc address (Token=eui64)
|
|
self.assertRegex(output, 'inet6 2001:db8:6464:[0-9a-f]+08:1034:56ff:fe78:9acf/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# NDisc address (temporary)
|
|
self.wait_address('veth97-peer', 'inet6 2001:db8:6464:[0-9a-f]+08:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv='-6')
|
|
|
|
print('### ip -6 address show dev veth98 scope global')
|
|
output = check_output('ip -6 address show dev veth98 scope global')
|
|
print(output)
|
|
# address in IA_PD (Token=static)
|
|
self.assertRegex(output, 'inet6 2001:db8:6464:[0-9a-f]+09:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# address in IA_PD (Token=eui64)
|
|
self.assertRegex(output, 'inet6 2001:db8:6464:[0-9a-f]+09:1034:56ff:fe78:9abe/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# address in IA_PD (temporary)
|
|
self.wait_address('veth98', 'inet6 2001:db8:6464:[0-9a-f]+09:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv='-6')
|
|
|
|
print('### ip -6 address show dev veth98-peer scope global')
|
|
output = check_output('ip -6 address show dev veth98-peer scope global')
|
|
print(output)
|
|
# NDisc address (Token=static)
|
|
self.assertRegex(output, 'inet6 2001:db8:6464:[0-9a-f]+09:1a:2b:3c:4e/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# NDisc address (Token=eui64)
|
|
self.assertRegex(output, 'inet6 2001:db8:6464:[0-9a-f]+09:1034:56ff:fe78:9abf/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# NDisc address (temporary)
|
|
self.wait_address('veth98-peer', 'inet6 2001:db8:6464:[0-9a-f]+09:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv='-6')
|
|
|
|
print('### ip -6 route show type unreachable')
|
|
output = check_output('ip -6 route show type unreachable')
|
|
print(output)
|
|
self.assertRegex(output, 'unreachable 2001:db8:6464:[0-9a-f]+00::/56 dev lo proto dhcp')
|
|
|
|
print('### ip -6 route show dev veth99')
|
|
output = check_output('ip -6 route show dev veth99')
|
|
print(output)
|
|
self.assertRegex(output, '2001:db8:6464:[0-9a-f]+10::/64 proto kernel metric [0-9]* expires')
|
|
|
|
print('### ip -6 route show dev test1')
|
|
output = check_output('ip -6 route show dev test1')
|
|
print(output)
|
|
self.assertRegex(output, '2001:db8:6464:[0-9a-f]+00::/64 proto kernel metric [0-9]* expires')
|
|
|
|
print('### ip -6 route show dev dummy98')
|
|
output = check_output('ip -6 route show dev dummy98')
|
|
print(output)
|
|
self.assertRegex(output, '2001:db8:6464:[0-9a-f]+00::/64 proto kernel metric [0-9]* expires')
|
|
|
|
print('### ip -6 route show dev dummy99')
|
|
output = check_output('ip -6 route show dev dummy99')
|
|
print(output)
|
|
self.assertRegex(output, '2001:db8:6464:[0-9a-f]+0[23]::/64 proto dhcp metric [0-9]* expires')
|
|
|
|
print('### ip -6 route show dev veth97')
|
|
output = check_output('ip -6 route show dev veth97')
|
|
print(output)
|
|
self.assertRegex(output, '2001:db8:6464:[0-9a-f]+08::/64 proto kernel metric [0-9]* expires')
|
|
|
|
print('### ip -6 route show dev veth97-peer')
|
|
output = check_output('ip -6 route show dev veth97-peer')
|
|
print(output)
|
|
self.assertRegex(output, '2001:db8:6464:[0-9a-f]+08::/64 proto ra metric [0-9]* expires')
|
|
|
|
print('### ip -6 route show dev veth98')
|
|
output = check_output('ip -6 route show dev veth98')
|
|
print(output)
|
|
self.assertRegex(output, '2001:db8:6464:[0-9a-f]+09::/64 proto kernel metric [0-9]* expires')
|
|
|
|
print('### ip -6 route show dev veth98-peer')
|
|
output = check_output('ip -6 route show dev veth98-peer')
|
|
print(output)
|
|
self.assertRegex(output, '2001:db8:6464:[0-9a-f]+09::/64 proto ra metric [0-9]* expires')
|
|
|
|
print('### ip -6 address show dev dummy97 scope global')
|
|
output = check_output('ip -6 address show dev dummy97 scope global')
|
|
print(output)
|
|
# address in IA_PD (Token=static)
|
|
self.assertRegex(output, 'inet6 2001:db8:6464:[0-9a-f]+01:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
|
|
# address in IA_PD (temporary)
|
|
self.wait_address('dummy97', 'inet6 2001:db8:6464:[0-9a-f]+01:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv='-6')
|
|
|
|
print('### ip -6 route show dev dummy97')
|
|
output = check_output('ip -6 route show dev dummy97')
|
|
print(output)
|
|
self.assertRegex(output, '2001:db8:6464:[0-9a-f]+01::/64 proto kernel metric [0-9]* expires')
|
|
|
|
print(f'### ip -d link show dev {tunnel_name}')
|
|
output = check_output(f'ip -d link show dev {tunnel_name}')
|
|
print(output)
|
|
self.assertIn('link/sit 10.100.100.', output)
|
|
self.assertIn('local 10.100.100.', output)
|
|
self.assertIn('ttl 64', output)
|
|
self.assertIn('6rd-prefix 2001:db8::/32', output)
|
|
self.assertIn('6rd-relay_prefix 10.0.0.0/8', output)
|
|
|
|
print(f'### ip -6 address show dev {tunnel_name}')
|
|
output = check_output(f'ip -6 address show dev {tunnel_name}')
|
|
print(output)
|
|
self.assertRegex(output, 'inet6 2001:db8:6464:[0-9a-f]+0[23]:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global dynamic')
|
|
self.assertRegex(output, 'inet6 ::10.100.100.[0-9]+/96 scope global')
|
|
|
|
print(f'### ip -6 route show dev {tunnel_name}')
|
|
output = check_output(f'ip -6 route show dev {tunnel_name}')
|
|
print(output)
|
|
self.assertRegex(output, '2001:db8:6464:[0-9a-f]+0[23]::/64 proto kernel metric [0-9]* expires')
|
|
self.assertRegex(output, '::/96 proto kernel metric [0-9]*')
|
|
|
|
print('### ip -6 route show default')
|
|
output = check_output('ip -6 route show default')
|
|
print(output)
|
|
self.assertIn('default', output)
|
|
self.assertIn(f'via ::10.0.0.1 dev {tunnel_name}', output)
|
|
|
|
def test_dhcp4_6rd(self):
|
|
def get_dhcp_6rd_prefix(link):
|
|
description = get_link_description(link)
|
|
|
|
self.assertIn('DHCPv4Client', description.keys())
|
|
self.assertIn('6rdPrefix', description['DHCPv4Client'].keys())
|
|
|
|
prefixInfo = description['DHCPv4Client']['6rdPrefix']
|
|
self.assertIn('Prefix', prefixInfo.keys())
|
|
self.assertIn('PrefixLength', prefixInfo.keys())
|
|
self.assertIn('IPv4MaskLength', prefixInfo.keys())
|
|
self.assertIn('BorderRouters', prefixInfo.keys())
|
|
|
|
return prefixInfo
|
|
|
|
copy_network_unit('25-veth.netdev', '25-dhcp4-6rd-server.network', '25-dhcp4-6rd-upstream.network',
|
|
'25-veth-downstream-veth97.netdev', '25-dhcp-pd-downstream-veth97.network', '25-dhcp-pd-downstream-veth97-peer.network',
|
|
'25-veth-downstream-veth98.netdev', '25-dhcp-pd-downstream-veth98.network', '25-dhcp-pd-downstream-veth98-peer.network',
|
|
'11-dummy.netdev', '25-dhcp-pd-downstream-test1.network',
|
|
'25-dhcp-pd-downstream-dummy97.network',
|
|
'12-dummy.netdev', '25-dhcp-pd-downstream-dummy98.network',
|
|
'13-dummy.netdev', '25-dhcp-pd-downstream-dummy99.network',
|
|
'80-6rd-tunnel.network')
|
|
|
|
start_networkd()
|
|
self.wait_online('veth-peer:routable')
|
|
|
|
# ipv4masklen: 8
|
|
# 6rd-prefix: 2001:db8::/32
|
|
# br-addresss: 10.0.0.1
|
|
|
|
start_dnsmasq('--dhcp-option=212,08:20:20:01:0d:b8:00:00:00:00:00:00:00:00:00:00:00:00:0a:00:00:01',
|
|
ipv4_range='10.100.100.100,10.100.100.200',
|
|
ipv4_router='10.0.0.1')
|
|
self.wait_online('veth99:routable', 'test1:routable', 'dummy98:routable', 'dummy99:degraded',
|
|
'veth97:routable', 'veth97-peer:routable', 'veth98:routable', 'veth98-peer:routable')
|
|
|
|
# Check the DBus interface for assigned prefix information
|
|
prefixInfo = get_dhcp_6rd_prefix('veth99')
|
|
|
|
self.assertEqual(prefixInfo['Prefix'], [32,1,13,184,0,0,0,0,0,0,0,0,0,0,0,0]) # 2001:db8::
|
|
self.assertEqual(prefixInfo['PrefixLength'], 32)
|
|
self.assertEqual(prefixInfo['IPv4MaskLength'], 8)
|
|
self.assertEqual(prefixInfo['BorderRouters'], [[10,0,0,1]])
|
|
|
|
# Test case for a downstream which appears later
|
|
check_output('ip link add dummy97 type dummy')
|
|
self.wait_online('dummy97:routable')
|
|
|
|
# Find tunnel name
|
|
tunnel_name = None
|
|
for name in os.listdir('/sys/class/net/'):
|
|
if name.startswith('6rd-'):
|
|
tunnel_name = name
|
|
break
|
|
|
|
self.wait_online(f'{tunnel_name}:routable')
|
|
|
|
self.verify_dhcp4_6rd(tunnel_name)
|
|
|
|
# Test case for reconfigure
|
|
networkctl_reconfigure('dummy98', 'dummy99')
|
|
self.wait_online('dummy98:routable', 'dummy99:degraded')
|
|
|
|
self.verify_dhcp4_6rd(tunnel_name)
|
|
|
|
print('Wait for the DHCP lease to be renewed/rebind')
|
|
time.sleep(120)
|
|
|
|
self.wait_online('veth99:routable', 'test1:routable', 'dummy97:routable', 'dummy98:routable', 'dummy99:degraded',
|
|
'veth97:routable', 'veth97-peer:routable', 'veth98:routable', 'veth98-peer:routable')
|
|
|
|
self.verify_dhcp4_6rd(tunnel_name)
|
|
|
|
class NetworkdIPv6PrefixTests(unittest.TestCase, Utilities):
|
|
|
|
def setUp(self):
|
|
setup_common()
|
|
|
|
def tearDown(self):
|
|
tear_down_common()
|
|
|
|
def test_ipv6_route_prefix(self):
|
|
copy_network_unit('25-veth.netdev', '25-ipv6ra-prefix-client.network', '25-ipv6ra-prefix.network',
|
|
'12-dummy.netdev', '25-ipv6ra-uplink.network')
|
|
|
|
start_networkd()
|
|
self.wait_online('veth99:routable', 'veth-peer:routable', 'dummy98:routable')
|
|
|
|
output = check_output('ip address show dev veth-peer')
|
|
print(output)
|
|
self.assertIn('inet6 2001:db8:0:1:', output)
|
|
self.assertNotIn('inet6 2001:db8:0:2:', output)
|
|
self.assertNotIn('inet6 2001:db8:0:3:', output)
|
|
|
|
output = check_output('ip -6 route show dev veth-peer')
|
|
print(output)
|
|
self.assertIn('2001:db8:0:1::/64 proto ra', output)
|
|
self.assertNotIn('2001:db8:0:2::/64 proto ra', output)
|
|
self.assertNotIn('2001:db8:0:3::/64 proto ra', output)
|
|
self.assertIn('2001:db0:fff::/64 via ', output)
|
|
self.assertNotIn('2001:db1:fff::/64 via ', output)
|
|
self.assertNotIn('2001:db2:fff::/64 via ', output)
|
|
|
|
output = check_output('ip address show dev veth99')
|
|
print(output)
|
|
self.assertNotIn('inet6 2001:db8:0:1:', output)
|
|
self.assertIn('inet6 2001:db8:0:2:1a:2b:3c:4d', output)
|
|
self.assertIn('inet6 2001:db8:0:2:fa:de:ca:fe', output)
|
|
self.assertNotIn('inet6 2001:db8:0:3:', output)
|
|
|
|
output = resolvectl('dns', 'veth-peer')
|
|
print(output)
|
|
self.assertRegex(output, '2001:db8:1:1::2')
|
|
|
|
output = resolvectl('domain', 'veth-peer')
|
|
print(output)
|
|
self.assertIn('example.com', output)
|
|
|
|
check_json(networkctl_json())
|
|
|
|
output = networkctl_json('veth-peer')
|
|
check_json(output)
|
|
|
|
# PREF64 or NAT64
|
|
pref64 = json.loads(output)['NDisc']['PREF64'][0]
|
|
|
|
prefix = socket.inet_ntop(socket.AF_INET6, bytearray(pref64['Prefix']))
|
|
self.assertEqual(prefix, '64:ff9b::')
|
|
|
|
prefix_length = pref64['PrefixLength']
|
|
self.assertEqual(prefix_length, 96)
|
|
|
|
def test_ipv6_route_prefix_deny_list(self):
|
|
copy_network_unit('25-veth.netdev', '25-ipv6ra-prefix-client-deny-list.network', '25-ipv6ra-prefix.network',
|
|
'12-dummy.netdev', '25-ipv6ra-uplink.network')
|
|
|
|
start_networkd()
|
|
self.wait_online('veth99:routable', 'veth-peer:routable', 'dummy98:routable')
|
|
|
|
output = check_output('ip address show dev veth-peer')
|
|
print(output)
|
|
self.assertIn('inet6 2001:db8:0:1:', output)
|
|
self.assertNotIn('inet6 2001:db8:0:2:', output)
|
|
|
|
output = check_output('ip -6 route show dev veth-peer')
|
|
print(output)
|
|
self.assertIn('2001:db8:0:1::/64 proto ra', output)
|
|
self.assertNotIn('2001:db8:0:2::/64 proto ra', output)
|
|
self.assertIn('2001:db0:fff::/64 via ', output)
|
|
self.assertNotIn('2001:db1:fff::/64 via ', output)
|
|
|
|
output = check_output('ip address show dev veth99')
|
|
print(output)
|
|
self.assertNotIn('inet6 2001:db8:0:1:', output)
|
|
self.assertIn('inet6 2001:db8:0:2:', output)
|
|
|
|
output = resolvectl('dns', 'veth-peer')
|
|
print(output)
|
|
self.assertRegex(output, '2001:db8:1:1::2')
|
|
|
|
output = resolvectl('domain', 'veth-peer')
|
|
print(output)
|
|
self.assertIn('example.com', output)
|
|
|
|
class NetworkdMTUTests(unittest.TestCase, Utilities):
|
|
|
|
def setUp(self):
|
|
setup_common()
|
|
|
|
def tearDown(self):
|
|
tear_down_common()
|
|
|
|
def check_mtu(self, mtu, ipv6_mtu=None, reset=True):
|
|
if not ipv6_mtu:
|
|
ipv6_mtu = mtu
|
|
|
|
# test normal start
|
|
start_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
self.check_link_attr('dummy98', 'mtu', mtu)
|
|
self.check_ipv6_sysctl_attr('dummy98', 'mtu', ipv6_mtu)
|
|
|
|
# test normal restart
|
|
restart_networkd()
|
|
self.wait_online('dummy98:routable')
|
|
self.check_link_attr('dummy98', 'mtu', mtu)
|
|
self.check_ipv6_sysctl_attr('dummy98', 'mtu', ipv6_mtu)
|
|
|
|
if reset:
|
|
self.reset_check_mtu(mtu, ipv6_mtu)
|
|
|
|
def reset_check_mtu(self, mtu, ipv6_mtu=None):
|
|
''' test setting mtu/ipv6_mtu with interface already up '''
|
|
stop_networkd()
|
|
|
|
# note - changing the device mtu resets the ipv6 mtu
|
|
check_output('ip link set up mtu 1501 dev dummy98')
|
|
check_output('ip link set up mtu 1500 dev dummy98')
|
|
self.check_link_attr('dummy98', 'mtu', '1500')
|
|
self.check_ipv6_sysctl_attr('dummy98', 'mtu', '1500')
|
|
|
|
self.check_mtu(mtu, ipv6_mtu, reset=False)
|
|
|
|
def test_mtu_network(self):
|
|
copy_network_unit('12-dummy.netdev', '12-dummy.network.d/mtu.conf')
|
|
self.check_mtu('1600')
|
|
|
|
def test_mtu_netdev(self):
|
|
copy_network_unit('12-dummy-mtu.netdev', '12-dummy.network', copy_dropins=False)
|
|
# note - MTU set by .netdev happens ONLY at device creation!
|
|
self.check_mtu('1600', reset=False)
|
|
|
|
def test_mtu_link(self):
|
|
copy_network_unit('12-dummy.netdev', '12-dummy-mtu.link', '12-dummy.network', copy_dropins=False)
|
|
# note - MTU set by .link happens ONLY at udev processing of device 'add' uevent!
|
|
self.check_mtu('1600', reset=False)
|
|
|
|
def test_ipv6_mtu(self):
|
|
''' set ipv6 mtu without setting device mtu '''
|
|
copy_network_unit('12-dummy.netdev', '12-dummy.network.d/ipv6-mtu-1400.conf')
|
|
self.check_mtu('1500', '1400')
|
|
|
|
def test_ipv6_mtu_toolarge(self):
|
|
''' try set ipv6 mtu over device mtu (it shouldn't work) '''
|
|
copy_network_unit('12-dummy.netdev', '12-dummy.network.d/ipv6-mtu-1550.conf')
|
|
self.check_mtu('1500', '1500')
|
|
|
|
def test_mtu_network_ipv6_mtu(self):
|
|
''' set ipv6 mtu and set device mtu via network file '''
|
|
copy_network_unit('12-dummy.netdev', '12-dummy.network.d/mtu.conf', '12-dummy.network.d/ipv6-mtu-1550.conf')
|
|
self.check_mtu('1600', '1550')
|
|
|
|
def test_mtu_netdev_ipv6_mtu(self):
|
|
''' set ipv6 mtu and set device mtu via netdev file '''
|
|
copy_network_unit('12-dummy-mtu.netdev', '12-dummy.network.d/ipv6-mtu-1550.conf')
|
|
self.check_mtu('1600', '1550', reset=False)
|
|
|
|
def test_mtu_link_ipv6_mtu(self):
|
|
''' set ipv6 mtu and set device mtu via link file '''
|
|
copy_network_unit('12-dummy.netdev', '12-dummy-mtu.link', '12-dummy.network.d/ipv6-mtu-1550.conf')
|
|
self.check_mtu('1600', '1550', reset=False)
|
|
|
|
class NetworkdSysctlTest(unittest.TestCase, Utilities):
|
|
|
|
def setUp(self):
|
|
setup_common()
|
|
|
|
def tearDown(self):
|
|
tear_down_common()
|
|
|
|
@unittest.skipUnless(compare_kernel_version("6.12"), reason="On kernels <= 6.12, bpf_current_task_under_cgroup() isn't available for program types BPF_PROG_TYPE_CGROUP_SYSCTL")
|
|
def check_sysctl_watch(self):
|
|
copy_network_unit('12-dummy.network', '12-dummy.netdev', '12-dummy.link')
|
|
start_networkd()
|
|
|
|
self.wait_online('dummy98:routable')
|
|
|
|
# Change managed sysctls
|
|
call('sysctl -w net.ipv6.conf.dummy98.accept_ra=1')
|
|
call('sysctl -w net.ipv6.conf.dummy98.mtu=1360')
|
|
call('sysctl -w net.ipv4.conf.dummy98.promote_secondaries=0')
|
|
call('sysctl -w net.ipv6.conf.dummy98.proxy_ndp=1')
|
|
|
|
# And unmanaged ones
|
|
call('sysctl -w net.ipv6.conf.dummy98.hop_limit=4')
|
|
call('sysctl -w net.ipv6.conf.dummy98.max_addresses=10')
|
|
|
|
log=read_networkd_log()
|
|
self.assertRegex(log, r"Foreign process 'sysctl\[\d+\]' changed sysctl '/proc/sys/net/ipv6/conf/dummy98/accept_ra' from '0' to '1', conflicting with our setting to '0'")
|
|
self.assertRegex(log, r"Foreign process 'sysctl\[\d+\]' changed sysctl '/proc/sys/net/ipv6/conf/dummy98/mtu' from '1550' to '1360', conflicting with our setting to '1550'")
|
|
self.assertRegex(log, r"Foreign process 'sysctl\[\d+\]' changed sysctl '/proc/sys/net/ipv4/conf/dummy98/promote_secondaries' from '1' to '0', conflicting with our setting to '1'")
|
|
self.assertRegex(log, r"Foreign process 'sysctl\[\d+\]' changed sysctl '/proc/sys/net/ipv6/conf/dummy98/proxy_ndp' from '0' to '1', conflicting with our setting to '0'")
|
|
self.assertNotIn("changed sysctl '/proc/sys/net/ipv6/conf/dummy98/hop_limit'", log)
|
|
self.assertNotIn("changed sysctl '/proc/sys/net/ipv6/conf/dummy98/max_addresses'", log)
|
|
|
|
if __name__ == '__main__':
|
|
parser = argparse.ArgumentParser()
|
|
parser.add_argument('--build-dir', help='Path to build dir', dest='build_dir')
|
|
parser.add_argument('--source-dir', help='Path to source dir/git tree', dest='source_dir')
|
|
parser.add_argument('--valgrind', help='Enable valgrind', dest='use_valgrind', type=bool, nargs='?', const=True, default=use_valgrind)
|
|
parser.add_argument('--debug', help='Generate debugging logs', dest='enable_debug', type=bool, nargs='?', const=True, default=enable_debug)
|
|
parser.add_argument('--asan-options', help='ASAN options', dest='asan_options')
|
|
parser.add_argument('--lsan-options', help='LSAN options', dest='lsan_options')
|
|
parser.add_argument('--ubsan-options', help='UBSAN options', dest='ubsan_options')
|
|
parser.add_argument('--with-coverage', help='Loosen certain sandbox restrictions to make gcov happy', dest='with_coverage', type=bool, nargs='?', const=True, default=with_coverage)
|
|
parser.add_argument('--no-journal', help='Do not show journal of systemd-networkd on stop', dest='show_journal', action='store_false')
|
|
ns, unknown_args = parser.parse_known_args(namespace=unittest)
|
|
|
|
if ns.build_dir:
|
|
networkd_bin = os.path.join(ns.build_dir, 'systemd-networkd')
|
|
resolved_bin = os.path.join(ns.build_dir, 'systemd-resolved')
|
|
timesyncd_bin = os.path.join(ns.build_dir, 'systemd-timesyncd')
|
|
wait_online_bin = os.path.join(ns.build_dir, 'systemd-networkd-wait-online')
|
|
networkctl_bin = os.path.join(ns.build_dir, 'networkctl')
|
|
resolvectl_bin = os.path.join(ns.build_dir, 'resolvectl')
|
|
timedatectl_bin = os.path.join(ns.build_dir, 'timedatectl')
|
|
udevadm_bin = os.path.join(ns.build_dir, 'udevadm')
|
|
build_dir = ns.build_dir
|
|
|
|
if ns.source_dir:
|
|
source_dir = ns.source_dir
|
|
assert os.path.exists(os.path.join(source_dir, "meson_options.txt")), f"{source_dir} doesn't appear to be a systemd source tree."
|
|
elif os.path.exists(os.path.normpath(os.path.join(os.path.dirname(os.path.abspath(__file__)), "../../meson_options.txt"))):
|
|
source_dir = os.path.normpath(os.path.join(os.path.dirname(os.path.abspath(__file__)), "../../"))
|
|
else:
|
|
source_dir = None
|
|
|
|
use_valgrind = ns.use_valgrind
|
|
enable_debug = ns.enable_debug
|
|
asan_options = ns.asan_options
|
|
lsan_options = ns.lsan_options
|
|
ubsan_options = ns.ubsan_options
|
|
with_coverage = ns.with_coverage
|
|
show_journal = ns.show_journal
|
|
|
|
if use_valgrind:
|
|
# Do not forget the trailing space.
|
|
valgrind_cmd = 'valgrind --track-origins=yes --leak-check=full --show-leak-kinds=all '
|
|
|
|
networkctl_cmd = valgrind_cmd.split() + [networkctl_bin]
|
|
resolvectl_cmd = valgrind_cmd.split() + [resolvectl_bin]
|
|
timedatectl_cmd = valgrind_cmd.split() + [timedatectl_bin]
|
|
udevadm_cmd = valgrind_cmd.split() + [udevadm_bin]
|
|
wait_online_cmd = valgrind_cmd.split() + [wait_online_bin]
|
|
|
|
if build_dir:
|
|
test_ndisc_send = os.path.normpath(os.path.join(build_dir, 'test-ndisc-send'))
|
|
else:
|
|
test_ndisc_send = '/usr/lib/tests/test-ndisc-send'
|
|
|
|
if asan_options:
|
|
env.update({'ASAN_OPTIONS': asan_options})
|
|
if lsan_options:
|
|
env.update({'LSAN_OPTIONS': lsan_options})
|
|
if ubsan_options:
|
|
env.update({'UBSAN_OPTIONS': ubsan_options})
|
|
if use_valgrind:
|
|
env.update({'SYSTEMD_MEMPOOL': '0'})
|
|
|
|
wait_online_env = env.copy()
|
|
if enable_debug:
|
|
wait_online_env.update({'SYSTEMD_LOG_LEVEL': 'debug'})
|
|
|
|
unittest.main(
|
|
verbosity=3,
|
|
argv=[
|
|
sys.argv[0],
|
|
*unknown_args,
|
|
*(["-k", match] if (match := os.getenv("TEST_MATCH_TESTCASE")) else [])
|
|
],
|
|
)
|