diff options
| -rw-r--r-- | tests/default.nix | 3 | ||||
| -rw-r--r-- | tests/richi235/multipath-vpn.nix | 189 |
2 files changed, 192 insertions, 0 deletions
diff --git a/tests/default.nix b/tests/default.nix index 96b7da48..775b3165 100644 --- a/tests/default.nix +++ b/tests/default.nix @@ -12,4 +12,7 @@ in { labnet = { heinrich = callTest ./labnet/heinrich.nix; }; + richi235 = { + multipath-vpn = callTest ./richi235/multipath-vpn.nix; + }; } diff --git a/tests/richi235/multipath-vpn.nix b/tests/richi235/multipath-vpn.nix new file mode 100644 index 00000000..3595b074 --- /dev/null +++ b/tests/richi235/multipath-vpn.nix @@ -0,0 +1,189 @@ +{ + name = "multipath-test"; + + nodes = let + common = { lib, ... }: { + networking.firewall.enable = false; + networking.useNetworkd = true; + systemd.network.netdevs."40-eth0".netdevConfig = { + Name = "eth0"; + Kind = "dummy"; + }; + }; + + in { + client = { lib, ... }: { + imports = [ common ]; + virtualisation.vlans = [ 10 ]; + networking.defaultGateway = "42.0.0.1"; + networking.interfaces.eth1.ip4 = lib.singleton { + address = "42.0.0.2"; + prefixLength = 8; + }; + }; + mtc = { lib, nodes, ... }: { + imports = [ common ]; + virtualisation.vlans = [ 1 2 10 ]; + networking.interfaces.eth1.ip4 = lib.mkForce (lib.singleton { + address = "1.0.0.2"; + prefixLength = 8; + }); + networking.interfaces.eth2.ip4 = lib.mkForce (lib.singleton { + address = "2.0.0.2"; + prefixLength = 8; + }); + networking.interfaces.eth3.ip4 = lib.mkForce (lib.singleton { + address = "42.0.0.1"; + prefixLength = 8; + }); + systemd.network.networks."40-eth1".routes = lib.singleton { + routeConfig.Gateway = "1.0.0.1"; + routeConfig.Destination = "10.0.0.0/8"; + }; + systemd.network.networks."40-eth2".routes = lib.singleton { + routeConfig.Gateway = "2.0.0.1"; + routeConfig.Destination = "11.0.0.0/8"; + }; + vuizvui.services.multipath-vpn.client.enable = true; + vuizvui.services.multipath-vpn.client.links.vlan1 = { + interface = "eth1"; + destAddress = "10.0.0.1"; + }; + vuizvui.services.multipath-vpn.client.links.vlan2 = { + interface = "eth2"; + destAddress = "11.0.0.1"; + }; + vuizvui.services.multipath-vpn.client.tun = { + ip = "192.168.66.2"; + mask = 24; + }; + vuizvui.services.multipath-vpn.client.route = { + network = "0.0.0.0"; + mask = 0; + gateway = "192.168.66.1"; + }; + }; + relay1 = { lib, ... }: { + imports = [ common ]; + virtualisation.vlans = [ 1 3 ]; + networking.useDHCP = false; + networking.interfaces.eth1.ip4 = lib.mkForce (lib.singleton { + address = "1.0.0.1"; + prefixLength = 8; + }); + networking.interfaces.eth2.ip4 = lib.mkForce (lib.singleton { + address = "10.0.0.2"; + prefixLength = 8; + }); + systemd.network.networks."40-eth2".routes = lib.singleton { + routeConfig.Gateway = "10.0.0.1"; + routeConfig.Destination = "10.0.0.0/8"; + }; + networking.nat.enable = true; + networking.nat.internalInterfaces = [ "eth1" ]; + networking.nat.externalInterface = "eth2"; + }; + relay2 = { lib, ... }: { + imports = [ common ]; + virtualisation.vlans = [ 2 4 ]; + networking.useDHCP = false; + networking.interfaces.eth1.ip4 = lib.mkForce (lib.singleton { + address = "2.0.0.1"; + prefixLength = 8; + }); + networking.interfaces.eth2.ip4 = lib.mkForce (lib.singleton { + address = "11.0.0.2"; + prefixLength = 8; + }); + systemd.network.networks."40-eth2".routes = lib.singleton { + routeConfig.Gateway = "11.0.0.1"; + routeConfig.Destination = "11.0.0.0/8"; + }; + networking.nat.enable = true; + networking.nat.internalInterfaces = [ "eth1" ]; + networking.nat.externalInterface = "eth2"; + }; + mts = { lib, ... }: { + imports = [ common ]; + virtualisation.vlans = [ 3 4 5 ]; + networking.interfaces.eth1.ip4 = lib.mkForce (lib.singleton { + address = "10.0.0.1"; + prefixLength = 8; + }); + networking.interfaces.eth2.ip4 = lib.mkForce (lib.singleton { + address = "11.0.0.1"; + prefixLength = 8; + }); + networking.interfaces.eth3.ip4 = lib.mkForce (lib.singleton { + address = "6.6.6.42"; + prefixLength = 8; + }); + networking.nat.enable = true; + #networking.nat.internalInterfaces = [ "tun0" ]; + networking.nat.externalInterface = "eth3"; + vuizvui.services.multipath-vpn.server.enable = true; + vuizvui.services.multipath-vpn.server.links.vlan3 = { + interface = "eth1"; + destAddress = "0"; # XXX + destPort = 0; # XXX + }; + vuizvui.services.multipath-vpn.server.links.vlan4 = { + interface = "eth2"; + destAddress = "0"; # XXX + destPort = 0; # XXX + }; + vuizvui.services.multipath-vpn.server.tun = { + ip = "192.168.66.1"; + mask = 24; + }; + vuizvui.services.multipath-vpn.server.route = { + #network = "192.168.0.0"; + #network = "6.0.0.0"; + #mask = 8; + network = "0.0.0.0"; + mask = 0; + gateway = "192.168.66.2"; + }; + }; + zs = { lib, ... }: { + imports = [ common ]; + virtualisation.vlans = [ 5 ]; + networking.interfaces.eth1.ip4 = lib.mkForce (lib.singleton { + address = "6.6.6.23"; + prefixLength = 8; + }); + }; + }; + + testScript = { nodes, ... }: '' + startAll; + $mtc->waitForUnit("multipath-vpn-client.service"); + $mts->waitForUnit("multipath-vpn-server.service"); + + $mtc->sleep(30); + + subtest "test network topology", sub { + $mtc->succeed("ping -c1 10.0.0.1 >&2"); + $mtc->succeed("ping -c1 11.0.0.1 >&2"); + $mts->succeed("ping -c1 6.6.6.23 >&2"); + }; + + subtest "test tunnel connectivity", sub { + $client->execute("ifconfig >&2"); + $client->execute("ip route >&2"); + $zs->execute("ifconfig >&2"); + $zs->execute("ip route >&2"); + + $mtc->execute("ifconfig >&2"); + $mtc->execute("ip route >&2"); + $mts->execute("ifconfig >&2"); + $mts->execute("ip route >&2"); + + $mtc->succeed("ping -c1 192.168.66.1 >&2"); + $mtc->succeed("ping -c1 6.6.6.23 >&2"); + + #$client->succeed("ping -c1 192.168.66.1 >&2"); + $client->succeed("ping -c1 6.6.6.23 >&2"); + }; + ''; +} |