Age | Commit message (Collapse) | Author | Files | Lines |
|
* Removed unused variables
* Deduplicate config for `node{1..3}`
|
|
For this round of ZHF: #230712
Failing Hydra build: https://hydra.nixos.org/build/219234565
Not sure why this a problem now and not in the past, but routes to
the corresponding `/24`-subnet are only configured if addresses are
specified with the correct CIDR.
|
|
The original implementation did a simple string-comparison against the
output of `ip route`. This is problematic because
* if the details in the string-output change, the test breaks. This is
less likely with JSON because the relevant values (i.e. destination,
interface etc) aren't supposed to be changed.
* this is causing issues with formatters[1][2].
[1] #161703
[2] #154818
|
|
- Code formatters normally strip trailing whitespace.
Since this test depends on the whitespace to succeed,
formatting the code would break the test
- This small change make this file to be formatted
while at the same time preserving the test meaning
|
|
|
|
The `Metric`-values of routes defined via `networkd` must be integers.
|
|
test script
For further context please read the discussion in https://github.com/NixOS/nixpkgs/pull/94607#issuecomment-668070029
|
|
Broken while fixing some `.editorconfig`-definitions[1], however this
test explicitly relies on the output of `iproute2`.
[1] 8ae7f8c35998a857f57512ecb7f0fa318ca88463
|
|
|
|
By design, VRFs allow route-leaking for forwarded packages, but not for
local processes using a socket. While it was possible to leak such TCP
traffic through a VRF on a 4.x kernel, this behavior was considered
wrong and got fixed in Linux 5.x[1].
From now on, local unix sockets must run in the VRF itself using
`ip vrf exec`[2] which basically injects a BPF program into the VRF and
drops elevated networking capabilities by default for the specified
command.
[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c82a21f4320c8d54cf6456b27c8d49e5ffb722e
[2] https://man7.org/linux/man-pages/man8/ip-vrf.8.html
|
|
The subtest was mainly written to demonstrate the VRF-issues with a
5.x-kernel. However this breaks the entire test now as we have 5.4 as
default kernel. Disabling the test for now, I still need to find some
time to investigate.
|
|
|