about summary refs log tree commit diff
path: root/nixos/tests/systemd-networkd-vrf.nix
AgeCommit message (Collapse)AuthorFilesLines
2023-05-11nixos/tests/systemd-networkd-vrf: clean upMaximilian Bosch1-80/+30
* Removed unused variables * Deduplicate config for `node{1..3}`
2023-05-11nixos/tests/systemd-networkd-vrf: fix buildMaximilian Bosch1-5/+5
For this round of ZHF: #230712 Failing Hydra build: https://hydra.nixos.org/build/219234565 Not sure why this a problem now and not in the past, but routes to the corresponding `/24`-subnet are only configured if addresses are specified with the correct CIDR.
2022-06-24nixos/systemd-networkd-vrf: check routing tables via `ip --json`Maximilian Bosch1-18/+32
The original implementation did a simple string-comparison against the output of `ip route`. This is problematic because * if the details in the string-output change, the test breaks. This is less likely with JSON because the relevant values (i.e. destination, interface etc) aren't supposed to be changed. * this is causing issues with formatters[1][2]. [1] #161703 [2] #154818
2022-04-21nixos/systemd: prepare tests for formattersKevin Amado1-10/+5
- Code formatters normally strip trailing whitespace. Since this test depends on the whitespace to succeed, formatting the code would break the test - This small change make this file to be formatted while at the same time preserving the test meaning
2022-01-13nixos/tests/systemd-networkd-vrf: move disabled check inlinezowoq1-0/+2
2020-10-13nixos/tests/systemd-networkd-vrf: fix evalMaximilian Bosch1-2/+2
The `Metric`-values of routes defined via `networkd` must be integers.
2020-08-03nixos/tests/systemd-networkd-vrf: add comment about trailing whitespaces in ↵Maximilian Bosch1-0/+2
test script For further context please read the discussion in https://github.com/NixOS/nixpkgs/pull/94607#issuecomment-668070029
2020-08-03nixos/tests/systemd-networkd-vrf: fix testMaximilian Bosch1-7/+7
Broken while fixing some `.editorconfig`-definitions[1], however this test explicitly relies on the output of `iproute2`. [1] 8ae7f8c35998a857f57512ecb7f0fa318ca88463
2020-08-04nixos/tests/*: editorconfig fixeszowoq1-7/+7
2020-07-31nixos/systemd-networkd-vrf: implement working TCP test on a 5.x kernelMaximilian Bosch1-12/+10
By design, VRFs allow route-leaking for forwarded packages, but not for local processes using a socket. While it was possible to leak such TCP traffic through a VRF on a 4.x kernel, this behavior was considered wrong and got fixed in Linux 5.x[1]. From now on, local unix sockets must run in the VRF itself using `ip vrf exec`[2] which basically injects a BPF program into the VRF and drops elevated networking capabilities by default for the specified command. [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c82a21f4320c8d54cf6456b27c8d49e5ffb722e [2] https://man7.org/linux/man-pages/man8/ip-vrf.8.html
2020-02-25nixos/networkd: disable vrf sub-test which tests the behavior of tcp-packetsMaximilian Bosch1-9/+9
The subtest was mainly written to demonstrate the VRF-issues with a 5.x-kernel. However this breaks the entire test now as we have 5.4 as default kernel. Disabling the test for now, I still need to find some time to investigate.
2020-01-25nixos/networkd: add test for VRF configurationsMaximilian Bosch1-0/+221
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-08-07 02:50:07 +0000