forked from hswaw/hscloud
Serge Bazanski
e1aa63c7dd
Change-Id: Idba53905d3965db6f805221da3e48548d7a01811 Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1340 Reviewed-by: implr <implr@hackerspace.pl>
292 lines
8.4 KiB
Nix
292 lines
8.4 KiB
Nix
# Smoke test edge01.waw in a multi-VM NixOS test.
|
|
#
|
|
# This brings up three VMs:
|
|
# - dut/edge01
|
|
# - bgpspeaker, which simulates bgp upstreams
|
|
# - customs, which simulates customs.hackerspace.pl.
|
|
#
|
|
# We use GRETap to build up virtual ethernet links between the machines, and to
|
|
# run VLANs on that. We don't just use plain 'vlans' from NixOS tests as we
|
|
# actually want to run 802.1q ourselves from the edge01 config.
|
|
#
|
|
# Everything else is pretty much straightforward. Bring up everything, ping
|
|
# stuff. We don't really test much else than internet routing.
|
|
#
|
|
# To run this:
|
|
# nix-build -A bgpwtf.machines.tests.edge01-waw-bgp
|
|
#
|
|
# To debug this:
|
|
# nix-build -A bgpwtf.machines.tests.edge01-waw-bgp.driver && result/bin/nixos-test-driver
|
|
# >>> start_all()
|
|
|
|
{ hscloud, ... }:
|
|
|
|
# Use pkgs that edge01 is using. Perhaps we shouldn't use them for
|
|
# _everything_, but this will have to do.
|
|
let
|
|
pkgs = hscloud.ops.machines."edge01.waw.bgp.wtf".pkgs;
|
|
pkgsSrc = pkgs.path;
|
|
lib = pkgs.lib;
|
|
|
|
in with lib;
|
|
|
|
let
|
|
|
|
mkBGPSpeaker = let
|
|
in { config, pkgs, ... }: {
|
|
networking.hostName = "bgpspeaker";
|
|
virtualisation.memorySize = 1024;
|
|
virtualisation.vlans = [ 1 ];
|
|
imports = [
|
|
../modules/gretap.nix
|
|
];
|
|
hscloud.gretap.interfaces."nnet" = {
|
|
parent = "eth1";
|
|
localV4 = "192.168.1.3";
|
|
remoteV4 = "192.168.1.2";
|
|
id = 100;
|
|
};
|
|
networking.vlans = {
|
|
"vl-globalmix" = { interface = "nnet"; id = 466; };
|
|
};
|
|
networking.interfaces."vl-globalmix" = {
|
|
ipv4.addresses = [{ address = "185.235.70.44"; prefixLength = 31; }];
|
|
ipv6.addresses = [{ address = "2001:67c:778:fd40::b9eb:462c"; prefixLength = 127; }];
|
|
};
|
|
|
|
services.bird2 = {
|
|
enable = true;
|
|
config = ''
|
|
log syslog all;
|
|
debug protocols { states, interfaces, events }
|
|
router id 185.235.70.44;
|
|
|
|
protocol device {
|
|
scan time 10;
|
|
};
|
|
protocol kernel kernel_v4 {
|
|
ipv4 {
|
|
import none;
|
|
export all;
|
|
};
|
|
}
|
|
protocol kernel kernel_v6 {
|
|
ipv6 {
|
|
import none;
|
|
export all;
|
|
};
|
|
}
|
|
ipv4 table globalmix4;
|
|
ipv6 table globalmix6;
|
|
|
|
protocol pipe pipe_globalmix4 {
|
|
table master4;
|
|
peer table globalmix4;
|
|
import all;
|
|
export none;
|
|
};
|
|
protocol pipe pipe_globalmix6 {
|
|
table master6;
|
|
peer table globalmix6;
|
|
import all;
|
|
export none;
|
|
};
|
|
|
|
protocol static static_globalmix_originate_v4 {
|
|
ipv4 {
|
|
table globalmix4;
|
|
import all;
|
|
};
|
|
route 8.8.8.0/24 blackhole;
|
|
}
|
|
protocol static static_globalmix_originate_v6 {
|
|
ipv6 {
|
|
table globalmix6;
|
|
import all;
|
|
};
|
|
route 2a00:1450:4016::/48 blackhole;
|
|
}
|
|
protocol bgp bgp_globalmix_v4 {
|
|
ipv4 {
|
|
table globalmix4;
|
|
export all;
|
|
import all;
|
|
};
|
|
local 185.235.70.44 as 62081;
|
|
neighbor 185.235.70.45 as 204880;
|
|
};
|
|
protocol bgp bgp_globalmix_v6 {
|
|
ipv6 {
|
|
table globalmix6;
|
|
export all;
|
|
import all;
|
|
};
|
|
local 2001:67c:778:fd40::b9eb:462c as 62081;
|
|
neighbor 2001:67c:778:fd40::b9eb:462d as 204880;
|
|
};
|
|
'';
|
|
};
|
|
networking.firewall.enable = false;
|
|
networking.useDHCP = false;
|
|
networking.interfaces.lo.ipv4.addresses = [ { address = "8.8.8.1"; prefixLength = 32; } ];
|
|
networking.interfaces.lo.ipv6.addresses = [ { address = "2a00:1450:4016:801::200e"; prefixLength = 128; } ];
|
|
environment.systemPackages = with pkgs; [
|
|
tcpdump htop dstat file
|
|
];
|
|
|
|
};
|
|
|
|
|
|
test = import "${pkgsSrc}/nixos/tests/make-test-python.nix" ({ pkgs, libs, ... }: {
|
|
name = "test-edge01-waw-bgp";
|
|
|
|
nodes = {
|
|
dut = { config, pkgs, ... }: {
|
|
imports = [
|
|
../edge01.waw.bgp.wtf.nix
|
|
../modules/gretap.nix
|
|
];
|
|
virtualisation.memorySize = 1024;
|
|
virtualisation.vlans = [
|
|
1 2
|
|
];
|
|
|
|
hscloud.gretap.interfaces = {
|
|
"e1-nnet" = { parent = "eth1"; localV4 = "192.168.1.2"; remoteV4 = "192.168.1.3"; id = 100; };
|
|
"e2-customs" = { parent = "eth2"; localV4 = "192.168.2.2"; remoteV4 = "192.168.2.1"; id = 200; };
|
|
"e3-mgmt" = { parent = "eth2"; localV4 = "192.168.2.2"; remoteV4 = "192.168.2.111"; id = 300; }; # not connected
|
|
"e4-oob" = { parent = "eth2"; localV4 = "192.168.2.2"; remoteV4 = "192.168.2.112"; id = 400; }; # not connected
|
|
"e7-dcsw" = { parent = "eth2"; localV4 = "192.168.2.2"; remoteV4 = "192.168.2.113"; id = 500; }; # not connected
|
|
};
|
|
hscloud.anchorvm = {
|
|
blkdev = "/anchor.img";
|
|
ram = 32;
|
|
};
|
|
systemd.services.anchorTestImg = {
|
|
requiredBy = [ "anchorvm.service" ];
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
ExecStart = "${pkgs.coreutils}/bin/truncate -s 128m /anchor.img";
|
|
};
|
|
};
|
|
};
|
|
|
|
speaker = mkBGPSpeaker;
|
|
|
|
customs = { config, pkgs, ... }: {
|
|
imports = [
|
|
../modules/gretap.nix
|
|
];
|
|
environment.systemPackages = with pkgs; [
|
|
tcpdump htop dstat file dhcpcd
|
|
];
|
|
virtualisation.memorySize = 1024;
|
|
virtualisation.vlans = [
|
|
2
|
|
];
|
|
networking.firewall.enable = false;
|
|
networking.useDHCP = false;
|
|
networking.defaultGateway = "185.236.240.4";
|
|
networking.defaultGateway6 = "2a0d:eb00:2137:1::2";
|
|
networking.interfaces."edge" = {
|
|
ipv4.addresses = [{ address = "185.236.240.5"; prefixLength = 31; }];
|
|
ipv6.addresses = [{ address = "2a0d:eb00:2137:1::3"; prefixLength = 127; }];
|
|
};
|
|
hscloud.gretap.interfaces."edge" = {
|
|
parent = "eth2";
|
|
localV4 = "192.168.2.1";
|
|
remoteV4 = "192.168.2.2";
|
|
id = 200;
|
|
};
|
|
networking.bridges."lan".interfaces = [];
|
|
networking.interfaces."lan" = {
|
|
ipv4.addresses = [{ address = "10.8.1.2"; prefixLength = 23; }];
|
|
ipv6.addresses = [{ address = "2a0d:eb00:4242::1"; prefixLength = 64; }];
|
|
};
|
|
services.bird2 = {
|
|
enable = true;
|
|
config = ''
|
|
log syslog all;
|
|
debug protocols { states, interfaces, events }
|
|
router id 185.236.240.5;
|
|
|
|
protocol device {
|
|
scan time 10;
|
|
};
|
|
protocol kernel kernel_v4 {
|
|
ipv4 {
|
|
import none;
|
|
export all;
|
|
};
|
|
}
|
|
protocol kernel kernel_v6 {
|
|
ipv6 {
|
|
import none;
|
|
export all;
|
|
};
|
|
}
|
|
|
|
protocol ospf v3 ospf_hswaw {
|
|
ipv6 {
|
|
import all;
|
|
export all;
|
|
};
|
|
area 0.0.0.0 {
|
|
interface "edge" {
|
|
cost 10;
|
|
type bcast;
|
|
};
|
|
interface "lan" {
|
|
cost 10;
|
|
stub yes;
|
|
type bcast;
|
|
check link no;
|
|
};
|
|
};
|
|
}
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
|
|
testScript = ''
|
|
start_all()
|
|
|
|
edge01.wait_for_unit("bird2.service")
|
|
# Wait for BGP to settle.
|
|
edge01.wait_until_succeeds("ping 185.235.70.44 -c 1 -w 2")
|
|
edge01.wait_until_succeeds("birdc show route for 8.8.8.1 table all | grep via")
|
|
edge01.wait_until_succeeds(
|
|
"birdc show route for 2a00:1450:4016:801::200e table all | grep via"
|
|
)
|
|
edge01.succeed("ping 8.8.8.1 -c 1 -w 2")
|
|
|
|
# ping from customs to globalmix must succeed.
|
|
customs.succeed("ping 8.8.8.1 -c 1 -w 2")
|
|
customs.succeed("ping 2a00:1450:4016:801::200e -c 1 -w 2")
|
|
|
|
# edge01 must announce exactly one v4 prefix.
|
|
bgpspeaker.succeed("birdc show route protocol bgp_globalmix_v4 | grep unicast")
|
|
bgpspeaker.fail(
|
|
"birdc show route protocol bgp_globalmix_v4 | grep unicast | grep -v 185.236.240.0/23"
|
|
)
|
|
|
|
# edge01 must announce exactly one v6 prefix.
|
|
bgpspeaker.succeed("birdc show route protocol bgp_globalmix_v6 | grep unicast")
|
|
bgpspeaker.fail(
|
|
"birdc show route protocol bgp_globalmix_v6 | grep unicast | grep -v 2a0d:eb00::/32"
|
|
)
|
|
|
|
# customer networks must be reachable from globalmix
|
|
bgpspeaker.succeed("ping 185.236.240.10 -c 1 -w 2")
|
|
bgpspeaker.succeed("ping 2a0d:eb00:8000::1 -c 1 -w 2")
|
|
bgpspeaker.succeed("ping 185.236.240.12 -c 1 -w 2")
|
|
bgpspeaker.succeed("ping 185.236.240.105 -c 1 -w 2")
|
|
bgpspeaker.succeed("ping 2a0d:eb00:8003::1 -c 1 -w 2")
|
|
|
|
# dhcp agent must be reachable
|
|
customs.succeed("ping 185.236.240.18 -c 1 -w 2")
|
|
'';
|
|
});
|
|
|
|
in test { inherit pkgs; inherit (pkgs) libs; }
|