2 # SPDX-License-Identifier: LGPL-2.1-or-later
3 # systemd-networkd tests
5 # These tests can be executed in the systemd mkosi image when booted in QEMU. After booting the QEMU VM,
6 # simply run this file which can be found in the VM at /usr/lib/systemd/tests/testdata/test-network/systemd-networkd-tests.py.
8 # To run an individual test, specify it as a command line argument in the form
9 # of <class>.<test_function>. E.g. the NetworkdMTUTests class has a test
10 # function called test_ipv6_mtu(). To run just that test use:
12 # sudo ./systemd-networkd-tests.py NetworkdMTUTests.test_ipv6_mtu
14 # Similarly, other individual tests can be run, eg.:
16 # sudo ./systemd-networkd-tests.py NetworkdNetworkTests.test_ipv6_neigh_retrans_time
37 network_unit_dir
= '/run/systemd/network'
38 networkd_conf_dropin_dir
= '/run/systemd/networkd.conf.d'
39 networkd_ci_temp_dir
= '/run/networkd-ci'
40 udev_rules_dir
= '/run/udev/rules.d'
41 credstore_dir
= '/run/credstore'
43 dnsmasq_pid_file
= '/run/networkd-ci/test-dnsmasq.pid'
44 dnsmasq_log_file
= '/run/networkd-ci/test-dnsmasq.log'
45 dnsmasq_lease_file
= '/run/networkd-ci/test-dnsmasq.lease'
47 isc_dhcpd_pid_file
= '/run/networkd-ci/test-isc-dhcpd.pid'
48 isc_dhcpd_lease_file
= '/run/networkd-ci/test-isc-dhcpd.lease'
50 radvd_pid_file
= '/run/networkd-ci/test-radvd.pid'
52 systemd_lib_paths
= ['/usr/lib/systemd', '/lib/systemd']
53 which_paths
= ':'.join(systemd_lib_paths
+ os
.getenv('PATH', os
.defpath
).lstrip(':').split(':'))
54 systemd_source_dir
= None
56 networkd_bin
= shutil
.which('systemd-networkd', path
=which_paths
)
57 resolved_bin
= shutil
.which('systemd-resolved', path
=which_paths
)
58 timesyncd_bin
= shutil
.which('systemd-timesyncd', path
=which_paths
)
59 udevd_bin
= shutil
.which('systemd-udevd', path
=which_paths
)
60 wait_online_bin
= shutil
.which('systemd-networkd-wait-online', path
=which_paths
)
61 networkctl_bin
= shutil
.which('networkctl', path
=which_paths
)
62 resolvectl_bin
= shutil
.which('resolvectl', path
=which_paths
)
63 timedatectl_bin
= shutil
.which('timedatectl', path
=which_paths
)
64 udevadm_bin
= shutil
.which('udevadm', path
=which_paths
)
65 systemd_udev_rules_build_dir
= None
93 saved_ipv4_rules
= None
94 saved_ipv6_rules
= None
98 if os
.path
.exists(path
):
102 shutil
.rmtree(path
, ignore_errors
=True)
105 shutil
.copy(src
, dst
)
108 shutil
.copytree(src
, dst
, copy_function
=shutil
.copy
)
111 os
.makedirs(path
, exist_ok
=True)
114 pathlib
.Path(path
).touch()
116 # pylint: disable=R1710
117 def check_output(*command
, **kwargs
):
118 # This checks the result and returns stdout (and stderr) on success.
119 command
= command
[0].split() + list(command
[1:])
120 ret
= subprocess
.run(command
, check
=False, universal_newlines
=True, stdout
=subprocess
.PIPE
, stderr
=subprocess
.STDOUT
, **kwargs
)
121 if ret
.returncode
== 0:
122 return ret
.stdout
.rstrip()
123 # When returncode != 0, print stdout and stderr, then trigger CalledProcessError.
125 ret
.check_returncode()
127 def call(*command
, **kwargs
):
128 # This returns returncode. stdout and stderr are merged and shown in console
129 command
= command
[0].split() + list(command
[1:])
130 return subprocess
.run(command
, check
=False, universal_newlines
=True, stderr
=subprocess
.STDOUT
, **kwargs
).returncode
132 def call_check(*command
, **kwargs
):
133 # Same as call() above, but it triggers CalledProcessError if rc != 0
134 command
= command
[0].split() + list(command
[1:])
135 return subprocess
.run(command
, check
=False, universal_newlines
=True, stderr
=subprocess
.STDOUT
, **kwargs
).check_returncode()
137 def call_quiet(*command
, **kwargs
):
138 command
= command
[0].split() + list(command
[1:])
139 return subprocess
.run(command
, check
=False, universal_newlines
=True, stdout
=subprocess
.DEVNULL
, stderr
=subprocess
.DEVNULL
, **kwargs
).returncode
141 def run(*command
, **kwargs
):
142 # This returns CompletedProcess instance.
143 command
= command
[0].split() + list(command
[1:])
144 return subprocess
.run(command
, check
=False, universal_newlines
=True, stdout
=subprocess
.PIPE
, stderr
=subprocess
.PIPE
, **kwargs
)
146 def check_json(string
):
149 except json
.JSONDecodeError
:
150 print(f
"String is not a valid JSON: '{string}'")
153 def is_module_available(*module_names
):
154 for module_name
in module_names
:
155 lsmod_output
= check_output('lsmod')
156 module_re
= re
.compile(rf
'^{re.escape(module_name)}\b', re
.MULTILINE
)
157 if not module_re
.search(lsmod_output
) and call_quiet('modprobe', module_name
) != 0:
161 def expectedFailureIfModuleIsNotAvailable(*module_names
):
163 return func
if is_module_available(*module_names
) else unittest
.expectedFailure(func
)
167 def expectedFailureIfERSPANv0IsNotSupported():
168 # erspan version 0 is supported since f989d546a2d5a9f001f6f8be49d98c10ab9b1897 (v5.8)
170 rc
= call_quiet('ip link add dev erspan99 type erspan seq key 30 local 192.168.1.4 remote 192.168.1.1 erspan_ver 0')
171 remove_link('erspan99')
172 return func
if rc
== 0 else unittest
.expectedFailure(func
)
176 def expectedFailureIfERSPANv2IsNotSupported():
177 # erspan version 2 is supported since f551c91de262ba36b20c3ac19538afb4f4507441 (v4.16)
179 rc
= call_quiet('ip link add dev erspan99 type erspan seq key 30 local 192.168.1.4 remote 192.168.1.1 erspan_ver 2')
180 remove_link('erspan99')
181 return func
if rc
== 0 else unittest
.expectedFailure(func
)
185 def expectedFailureIfRoutingPolicyPortRangeIsNotAvailable():
187 rc
= call_quiet('ip rule add from 192.168.100.19 sport 1123-1150 dport 3224-3290 table 7')
188 call_quiet('ip rule del from 192.168.100.19 sport 1123-1150 dport 3224-3290 table 7')
189 return func
if rc
== 0 else unittest
.expectedFailure(func
)
193 def expectedFailureIfRoutingPolicyIPProtoIsNotAvailable():
195 rc
= call_quiet('ip rule add not from 192.168.100.19 ipproto tcp table 7')
196 call_quiet('ip rule del not from 192.168.100.19 ipproto tcp table 7')
197 return func
if rc
== 0 else unittest
.expectedFailure(func
)
201 def expectedFailureIfRoutingPolicyUIDRangeIsNotAvailable():
204 if call_quiet('ip rule add from 192.168.100.19 table 7 uidrange 200-300') == 0:
205 ret
= run('ip rule list from 192.168.100.19 table 7')
206 supported
= ret
.returncode
== 0 and 'uidrange 200-300' in ret
.stdout
207 call_quiet('ip rule del from 192.168.100.19 table 7 uidrange 200-300')
208 return func
if supported
else unittest
.expectedFailure(func
)
212 def expectedFailureIfRoutingPolicyL3MasterDeviceIsNotAvailable():
214 rc
= call_quiet('ip rule add not from 192.168.100.19 l3mdev')
215 call_quiet('ip rule del not from 192.168.100.19 l3mdev')
216 return func
if rc
== 0 else unittest
.expectedFailure(func
)
220 def expectedFailureIfNexthopIsNotAvailable():
222 rc
= call_quiet('ip nexthop list')
223 return func
if rc
== 0 else unittest
.expectedFailure(func
)
227 def expectedFailureIfRTA_VIAIsNotSupported():
229 call_quiet('ip link add dummy98 type dummy')
230 call_quiet('ip link set up dev dummy98')
231 call_quiet('ip route add 2001:1234:5:8fff:ff:ff:ff:fe/128 dev dummy98')
232 rc
= call_quiet('ip route add 10.10.10.10 via inet6 2001:1234:5:8fff:ff:ff:ff:fe dev dummy98')
233 remove_link('dummy98')
234 return func
if rc
== 0 else unittest
.expectedFailure(func
)
238 def expectedFailureIfAlternativeNameIsNotAvailable():
240 call_quiet('ip link add dummy98 type dummy')
242 call_quiet('ip link prop add dev dummy98 altname hogehogehogehogehoge') == 0 and \
243 call_quiet('ip link show dev hogehogehogehogehoge') == 0
244 remove_link('dummy98')
245 return func
if supported
else unittest
.expectedFailure(func
)
249 def expectedFailureIfNetdevsimWithSRIOVIsNotAvailable():
251 def finalize(func
, supported
):
252 call_quiet('rmmod netdevsim')
253 return func
if supported
else unittest
.expectedFailure(func
)
255 call_quiet('rmmod netdevsim')
256 if call_quiet('modprobe netdevsim') != 0:
257 return finalize(func
, False)
260 with
open('/sys/bus/netdevsim/new_device', mode
='w', encoding
='utf-8') as f
:
263 return finalize(func
, False)
265 return finalize(func
, os
.path
.exists('/sys/bus/netdevsim/devices/netdevsim99/sriov_numvfs'))
269 # pylint: disable=C0415
270 def compare_kernel_version(min_kernel_version
):
273 from packaging
import version
275 print('Failed to import either platform or packaging module, assuming the comparison failed')
278 # Get only the actual kernel version without any build/distro/arch stuff
279 # e.g. '5.18.5-200.fc36.x86_64' -> '5.18.5'
280 kver
= platform
.release().split('-')[0]
281 # Get also rid of '+'
282 kver
= kver
.split('+')[0]
284 return version
.parse(kver
) >= version
.parse(min_kernel_version
)
287 check_output(*udevadm_cmd
, 'control', '--reload')
289 def copy_network_unit(*units
, copy_dropins
=True):
291 Copy networkd unit files into the testbed.
293 Any networkd unit file type can be specified, as well as drop-in files.
295 By default, all drop-ins for a specified unit file are copied in;
296 to avoid that specify dropins=False.
298 When a drop-in file is specified, its unit file is also copied in automatically.
301 mkdir_p(network_unit_dir
)
303 if copy_dropins
and os
.path
.exists(os
.path
.join(networkd_ci_temp_dir
, unit
+ '.d')):
304 cp_r(os
.path
.join(networkd_ci_temp_dir
, unit
+ '.d'), os
.path
.join(network_unit_dir
, unit
+ '.d'))
306 if unit
.endswith('.conf'):
308 unit
= os
.path
.dirname(dropin
).rstrip('.d')
309 dropindir
= os
.path
.join(network_unit_dir
, unit
+ '.d')
311 cp(os
.path
.join(networkd_ci_temp_dir
, dropin
), dropindir
)
313 cp(os
.path
.join(networkd_ci_temp_dir
, unit
), network_unit_dir
)
315 if unit
.endswith('.link'):
321 def copy_credential(src
, target
):
322 mkdir_p(credstore_dir
)
323 cp(os
.path
.join(networkd_ci_temp_dir
, src
),
324 os
.path
.join(credstore_dir
, target
))
326 def remove_network_unit(*units
):
328 Remove previously copied unit files from the testbed.
330 Drop-ins will be removed automatically.
334 rm_f(os
.path
.join(network_unit_dir
, unit
))
335 rm_rf(os
.path
.join(network_unit_dir
, unit
+ '.d'))
337 if unit
.endswith('.link') or unit
.endswith('.link.d'):
343 def clear_network_units():
345 if os
.path
.exists(network_unit_dir
):
346 units
= os
.listdir(network_unit_dir
)
348 if unit
.endswith('.link') or unit
.endswith('.link.d'):
351 rm_rf(network_unit_dir
)
356 def copy_networkd_conf_dropin(*dropins
):
357 """Copy networkd.conf dropin files into the testbed."""
358 mkdir_p(networkd_conf_dropin_dir
)
359 for dropin
in dropins
:
360 cp(os
.path
.join(networkd_ci_temp_dir
, dropin
), networkd_conf_dropin_dir
)
362 def remove_networkd_conf_dropin(*dropins
):
363 """Remove previously copied networkd.conf dropin files from the testbed."""
364 for dropin
in dropins
:
365 rm_f(os
.path
.join(networkd_conf_dropin_dir
, dropin
))
367 def clear_networkd_conf_dropins():
368 rm_rf(networkd_conf_dropin_dir
)
370 def setup_systemd_udev_rules():
371 if not systemd_udev_rules_build_dir
:
374 mkdir_p(udev_rules_dir
)
376 for path
in [systemd_udev_rules_build_dir
, os
.path
.join(systemd_source_dir
, "rules.d")]:
377 print(f
"Copying udev rules from {path} to {udev_rules_dir}")
379 for rule
in os
.listdir(path
):
380 if not rule
.endswith(".rules"):
382 cp(os
.path
.join(path
, rule
), udev_rules_dir
)
384 def copy_udev_rule(*rules
):
385 """Copy udev rules"""
386 mkdir_p(udev_rules_dir
)
388 cp(os
.path
.join(networkd_ci_temp_dir
, rule
), udev_rules_dir
)
390 def remove_udev_rule(*rules
):
391 """Remove previously copied udev rules"""
393 rm_f(os
.path
.join(udev_rules_dir
, rule
))
395 def clear_udev_rules():
396 rm_rf(udev_rules_dir
)
398 def save_active_units():
399 for u
in ['systemd-networkd.socket', 'systemd-networkd.service',
400 'systemd-resolved.service', 'systemd-timesyncd.service',
401 'firewalld.service']:
402 if call(f
'systemctl is-active --quiet {u}') == 0:
403 call(f
'systemctl stop {u}')
404 active_units
.append(u
)
406 def restore_active_units():
407 if 'systemd-networkd.socket' in active_units
:
408 call('systemctl stop systemd-networkd.socket systemd-networkd.service')
409 for u
in active_units
:
410 call(f
'systemctl restart {u}')
412 def create_unit_dropin(unit
, contents
):
413 mkdir_p(f
'/run/systemd/system/{unit}.d')
414 with
open(f
'/run/systemd/system/{unit}.d/00-override.conf', mode
='w', encoding
='utf-8') as f
:
415 f
.write('\n'.join(contents
))
417 def create_service_dropin(service
, command
, additional_settings
=None):
421 f
'ExecStart=!!{valgrind_cmd}{command}',
424 drop_in
+= ['Environment=SYSTEMD_LOG_LEVEL=debug']
426 drop_in
+= [f
'Environment=ASAN_OPTIONS="{asan_options}"']
428 drop_in
+= [f
'Environment=LSAN_OPTIONS="{lsan_options}"']
430 drop_in
+= [f
'Environment=UBSAN_OPTIONS="{ubsan_options}"']
431 if asan_options
or lsan_options
or ubsan_options
:
432 drop_in
+= ['SystemCallFilter=']
433 if use_valgrind
or asan_options
or lsan_options
or ubsan_options
:
434 drop_in
+= ['MemoryDenyWriteExecute=no']
437 'Environment=SYSTEMD_MEMPOOL=0',
445 if additional_settings
:
446 drop_in
+= additional_settings
448 create_unit_dropin(f
'{service}.service', drop_in
)
450 def link_exists(link
):
451 return call_quiet(f
'ip link show {link}') == 0
453 def link_resolve(link
):
454 return check_output(f
'ip link show {link}').split(':')[1].strip()
456 def remove_link(*links
, protect
=False):
458 if protect
and link
in protected_links
:
460 if link_exists(link
):
461 call(f
'ip link del dev {link}')
463 def save_existing_links():
464 links
= os
.listdir('/sys/class/net')
466 if link_exists(link
):
467 protected_links
.add(link
)
469 print('### The following links will be protected:')
470 print(', '.join(sorted(list(protected_links
))))
473 links
= os
.listdir('/sys/class/net')
474 remove_link(*links
, protect
=True)
476 def flush_nexthops():
477 # Currently, the 'ip nexthop' command does not have 'save' and 'restore'.
478 # Hence, we cannot restore nexthops in a simple way.
479 # Let's assume there is no nexthop used in the system
480 call_quiet('ip nexthop flush')
483 # pylint: disable=global-statement
485 saved_routes
= check_output('ip route show table all')
486 print('### The following routes will be protected:')
491 output
= check_output('ip route show table all')
492 for line
in output
.splitlines():
493 if line
in saved_routes
:
495 if 'proto kernel' in line
:
497 if ' dev ' in line
and not ' dev lo ' in line
:
501 print('### Removing routes that did not exist when the test started.')
503 call(f
'ip route del {line}')
505 def save_routing_policy_rules():
506 # pylint: disable=global-statement
507 global saved_ipv4_rules
, saved_ipv6_rules
509 output
= check_output(f
'ip -{ipv} rule show')
510 print(f
'### The following IPv{ipv} routing policy rules will be protected:')
514 saved_ipv4_rules
= save(4)
515 saved_ipv6_rules
= save(6)
517 def flush_routing_policy_rules():
518 def flush(ipv
, saved_rules
):
520 output
= check_output(f
'ip -{ipv} rule show')
521 for line
in output
.splitlines():
522 if line
in saved_rules
:
526 print(f
'### Removing IPv{ipv} routing policy rules that did not exist when the test started.')
528 words
= line
.replace('lookup [l3mdev-table]', 'l3mdev').split()
529 priority
= words
[0].rstrip(':')
530 call(f
'ip -{ipv} rule del priority {priority} ' + ' '.join(words
[1:]))
532 flush(4, saved_ipv4_rules
)
533 flush(6, saved_ipv6_rules
)
535 def flush_fou_ports():
536 ret
= run('ip fou show')
537 if ret
.returncode
!= 0:
538 return # fou may not be supported
539 for line
in ret
.stdout
.splitlines():
540 port
= line
.split()[1]
541 call(f
'ip fou del port {port}')
543 def flush_l2tp_tunnels():
545 ret
= run('ip l2tp show tunnel')
546 if ret
.returncode
!= 0:
547 return # l2tp may not be supported
548 for line
in ret
.stdout
.splitlines():
550 if words
[0] == 'Tunnel':
551 tid
= words
[1].rstrip(',')
552 call(f
'ip l2tp del tunnel tunnel_id {tid}')
555 # Removing L2TP tunnel is asynchronous and slightly takes a time.
558 r
= run(f
'ip l2tp show tunnel tunnel_id {tid}')
559 if r
.returncode
!= 0 or len(r
.stdout
.rstrip()) == 0:
563 print(f
'Cannot remove L2TP tunnel {tid}, ignoring.')
566 # pylint: disable=global-statement
567 global saved_timezone
568 r
= run(*timedatectl_cmd
, 'show', '--value', '--property', 'Timezone', env
=env
)
569 if r
.returncode
== 0:
570 saved_timezone
= r
.stdout
.rstrip()
571 print(f
'### Saved timezone: {saved_timezone}')
573 def restore_timezone():
575 call(*timedatectl_cmd
, 'set-timezone', f
'{saved_timezone}', env
=env
)
577 def read_link_attr(*args
):
578 with
open(os
.path
.join('/sys/class/net', *args
), encoding
='utf-8') as f
:
579 return f
.readline().strip()
581 def read_manager_state_file():
582 with
open('/run/systemd/netif/state', encoding
='utf-8') as f
:
585 def read_link_state_file(link
):
586 ifindex
= read_link_attr(link
, 'ifindex')
587 path
= os
.path
.join('/run/systemd/netif/links', ifindex
)
588 with
open(path
, encoding
='utf-8') as f
:
591 def read_ip_sysctl_attr(link
, attribute
, ipv
):
592 with
open(os
.path
.join('/proc/sys/net', ipv
, 'conf', link
, attribute
), encoding
='utf-8') as f
:
593 return f
.readline().strip()
595 def read_ip_neigh_sysctl_attr(link
, attribute
, ipv
):
596 with
open(os
.path
.join('/proc/sys/net', ipv
, 'neigh', link
, attribute
), encoding
='utf-8') as f
:
597 return f
.readline().strip()
599 def read_ipv6_sysctl_attr(link
, attribute
):
600 return read_ip_sysctl_attr(link
, attribute
, 'ipv6')
602 def read_ipv6_neigh_sysctl_attr(link
, attribute
):
603 return read_ip_neigh_sysctl_attr(link
, attribute
, 'ipv6')
605 def read_ipv4_sysctl_attr(link
, attribute
):
606 return read_ip_sysctl_attr(link
, attribute
, 'ipv4')
608 def stop_by_pid_file(pid_file
):
609 if not os
.path
.exists(pid_file
):
611 with
open(pid_file
, 'r', encoding
='utf-8') as f
:
612 pid
= f
.read().rstrip(' \t\r\n\0')
613 os
.kill(int(pid
), signal
.SIGTERM
)
617 print(f
"PID {pid} is still alive, waiting...")
620 if e
.errno
== errno
.ESRCH
:
622 print(f
"Unexpected exception when waiting for {pid} to die: {e.errno}")
625 def start_dnsmasq(*additional_options
, interface
='veth-peer', ra_mode
=None, ipv4_range
='192.168.5.10,192.168.5.200', ipv4_router
='192.168.5.1', ipv6_range
='2600::10,2600::20'):
627 ra_mode
= f
',{ra_mode}'
633 f
'--log-facility={dnsmasq_log_file}',
634 '--log-queries=extra',
636 f
'--pid-file={dnsmasq_pid_file}',
637 '--conf-file=/dev/null',
639 f
'--interface={interface}',
640 f
'--dhcp-leasefile={dnsmasq_lease_file}',
642 f
'--dhcp-range={ipv6_range}{ra_mode},2m',
643 f
'--dhcp-range={ipv4_range},2m',
644 '--dhcp-option=option:mtu,1492',
645 f
'--dhcp-option=option:router,{ipv4_router}',
648 ) + additional_options
649 check_output(*command
)
652 stop_by_pid_file(dnsmasq_pid_file
)
653 rm_f(dnsmasq_lease_file
)
654 rm_f(dnsmasq_log_file
)
656 def read_dnsmasq_log_file():
657 with
open(dnsmasq_log_file
, encoding
='utf-8') as f
:
660 def start_isc_dhcpd(conf_file
, ipv
, interface
='veth-peer'):
661 conf_file_path
= os
.path
.join(networkd_ci_temp_dir
, conf_file
)
662 isc_dhcpd_command
= f
'dhcpd {ipv} -cf {conf_file_path} -lf {isc_dhcpd_lease_file} -pf {isc_dhcpd_pid_file} {interface}'
663 touch(isc_dhcpd_lease_file
)
664 check_output(isc_dhcpd_command
)
666 def stop_isc_dhcpd():
667 stop_by_pid_file(isc_dhcpd_pid_file
)
668 rm_f(isc_dhcpd_lease_file
)
670 def get_dbus_link_path(link
):
671 out
= subprocess
.check_output(['busctl', 'call', 'org.freedesktop.network1',
672 '/org/freedesktop/network1', 'org.freedesktop.network1.Manager',
673 'GetLinkByName', 's', link
])
675 assert out
.startswith(b
'io ')
677 assert out
.endswith(b
'"')
679 return out
[:-1].split('"')[1]
681 def get_dhcp_client_state(link
, family
):
682 link_path
= get_dbus_link_path(link
)
684 out
= subprocess
.check_output(['busctl', 'get-property', 'org.freedesktop.network1',
685 link_path
, f
'org.freedesktop.network1.DHCPv{family}Client', 'State'])
686 assert out
.startswith(b
's "')
688 assert out
.endswith(b
'"')
689 return out
[3:-1].decode()
691 def get_dhcp4_client_state(link
):
692 return get_dhcp_client_state(link
, '4')
694 def get_dhcp6_client_state(link
):
695 return get_dhcp_client_state(link
, '6')
697 def get_link_description(link
):
698 link_path
= get_dbus_link_path(link
)
700 out
= subprocess
.check_output(['busctl', 'call', 'org.freedesktop.network1',
701 link_path
, 'org.freedesktop.network1.Link', 'Describe'])
702 assert out
.startswith(b
's "')
704 assert out
.endswith(b
'"')
705 json_raw
= out
[2:].decode()
707 description
= json
.loads(json_raw
) # Convert from escaped sequences to json
708 check_json(description
)
709 return json
.loads(description
) # Now parse the json
711 def start_radvd(*additional_options
, config_file
):
712 config_file_path
= os
.path
.join(networkd_ci_temp_dir
, 'radvd', config_file
)
715 f
'--pidfile={radvd_pid_file}',
716 f
'--config={config_file_path}',
717 '--logmethod=stderr',
718 ) + additional_options
719 check_output(*command
)
722 stop_by_pid_file(radvd_pid_file
)
724 def radvd_check_config(config_file
):
725 if not shutil
.which('radvd'):
726 print('radvd is not installed, assuming the config check failed')
729 # Note: can't use networkd_ci_temp_dir here, as this command may run before that dir is
730 # set up (one instance is @unittest.skipX())
731 config_file_path
= os
.path
.join(os
.path
.dirname(os
.path
.abspath(__file__
)), 'conf/radvd', config_file
)
732 return call(f
'radvd --config={config_file_path} --configtest') == 0
734 def networkd_invocation_id():
735 return check_output('systemctl show --value -p InvocationID systemd-networkd.service')
737 def read_networkd_log(invocation_id
=None, since
=None):
738 if not invocation_id
:
739 invocation_id
= networkd_invocation_id()
743 '--output=short-monotonic',
744 f
'_SYSTEMD_INVOCATION_ID={invocation_id}',
747 command
.append(f
'--since={since}')
748 check_output('journalctl --sync')
749 return check_output(*command
)
751 def networkd_is_failed():
752 return call_quiet('systemctl is-failed -q systemd-networkd.service') != 1
754 def stop_networkd(show_logs
=True):
756 invocation_id
= networkd_invocation_id()
757 check_output('systemctl stop systemd-networkd.socket')
758 check_output('systemctl stop systemd-networkd.service')
760 print(read_networkd_log(invocation_id
))
761 # Check if networkd exits cleanly.
762 assert not networkd_is_failed()
764 def start_networkd():
765 check_output('systemctl start systemd-networkd')
767 def restart_networkd(show_logs
=True):
769 invocation_id
= networkd_invocation_id()
770 check_output('systemctl restart systemd-networkd.service')
772 print(read_networkd_log(invocation_id
))
775 return int(check_output('systemctl show --value -p MainPID systemd-networkd.service'))
777 def networkctl(*args
):
778 # Do not call networkctl if networkd is in failed state.
779 # Otherwise, networkd may be restarted and we may get wrong results.
780 assert not networkd_is_failed()
781 return check_output(*(networkctl_cmd
+ list(args
)), env
=env
)
783 def networkctl_status(*args
):
784 return networkctl('-n', '0', 'status', *args
)
786 def networkctl_json(*args
):
787 return networkctl('--json=short', 'status', *args
)
789 def networkctl_reconfigure(*links
):
790 networkctl('reconfigure', *links
)
792 def networkctl_reload():
795 def resolvectl(*args
):
796 return check_output(*(resolvectl_cmd
+ list(args
)), env
=env
)
798 def timedatectl(*args
):
799 return check_output(*(timedatectl_cmd
+ list(args
)), env
=env
)
804 def tear_down_common():
805 # 1. stop DHCP/RA servers
811 call_quiet('rmmod netdevsim')
812 call_quiet('rmmod sch_teql')
814 # 3. remove network namespace
815 call_quiet('ip netns del ns99')
825 clear_network_units()
826 clear_networkd_conf_dropins()
831 flush_routing_policy_rules()
835 rm_rf(networkd_ci_temp_dir
)
836 cp_r(os
.path
.join(os
.path
.dirname(os
.path
.abspath(__file__
)), 'conf'), networkd_ci_temp_dir
)
838 clear_network_units()
839 clear_networkd_conf_dropins()
842 setup_systemd_udev_rules()
843 copy_udev_rule('00-debug-net.rules')
847 save_existing_links()
849 save_routing_policy_rules()
852 create_service_dropin('systemd-networkd', networkd_bin
,
855 'Environment=SYSTEMD_NETWORK_TEST_MODE=yes',
857 'StartLimitIntervalSec=0'])
858 create_service_dropin('systemd-resolved', resolved_bin
)
859 create_service_dropin('systemd-timesyncd', timesyncd_bin
)
861 # TODO: also run udevd with sanitizers, valgrind, or coverage
862 #create_service_dropin('systemd-udevd', udevd_bin,
863 # f'{udevadm_bin} control --reload --timeout 0')
865 'systemd-udevd.service',
869 f
'ExecStart=!!@{udevd_bin} systemd-udevd',
873 'systemd-networkd.socket',
876 'StartLimitIntervalSec=0',
880 check_output('systemctl daemon-reload')
881 print(check_output('systemctl cat systemd-networkd.service'))
882 print(check_output('systemctl cat systemd-resolved.service'))
883 print(check_output('systemctl cat systemd-timesyncd.service'))
884 print(check_output('systemctl cat systemd-udevd.service'))
885 check_output('systemctl restart systemd-resolved.service')
886 check_output('systemctl restart systemd-timesyncd.service')
887 check_output('systemctl restart systemd-udevd.service')
889 def tearDownModule():
890 rm_rf(networkd_ci_temp_dir
)
892 clear_network_units()
893 clear_networkd_conf_dropins()
897 rm_rf('/run/systemd/system/systemd-networkd.service.d')
898 rm_rf('/run/systemd/system/systemd-networkd.socket.d')
899 rm_rf('/run/systemd/system/systemd-resolved.service.d')
900 rm_rf('/run/systemd/system/systemd-timesyncd.service.d')
901 rm_rf('/run/systemd/system/systemd-udevd.service.d')
902 check_output('systemctl daemon-reload')
903 check_output('systemctl restart systemd-udevd.service')
904 restore_active_units()
907 # pylint: disable=no-member
909 def check_link_exists(self
, link
, expected
=True):
911 self
.assertTrue(link_exists(link
))
913 self
.assertFalse(link_exists(link
))
915 def check_link_attr(self
, *args
):
916 self
.assertEqual(read_link_attr(*args
[:-1]), args
[-1])
918 def check_bridge_port_attr(self
, master
, port
, attribute
, expected
, allow_enoent
=False):
919 path
= os
.path
.join('/sys/devices/virtual/net', master
, 'lower_' + port
, 'brport', attribute
)
920 if allow_enoent
and not os
.path
.exists(path
):
922 with
open(path
, encoding
='utf-8') as f
:
923 self
.assertEqual(f
.readline().strip(), expected
)
925 def check_ipv4_sysctl_attr(self
, link
, attribute
, expected
):
926 self
.assertEqual(read_ipv4_sysctl_attr(link
, attribute
), expected
)
928 def check_ipv6_sysctl_attr(self
, link
, attribute
, expected
):
929 self
.assertEqual(read_ipv6_sysctl_attr(link
, attribute
), expected
)
931 def check_ipv6_neigh_sysctl_attr(self
, link
, attribute
, expected
):
932 self
.assertEqual(read_ipv6_neigh_sysctl_attr(link
, attribute
), expected
)
934 def wait_links(self
, *links
, timeout
=20, fail_assert
=True):
935 def links_exist(*links
):
937 if not link_exists(link
):
941 for iteration
in range(timeout
+ 1):
945 if links_exist(*links
):
948 self
.fail('Timed out waiting for all links to be created: ' + ', '.join(list(links
)))
951 def wait_activated(self
, link
, state
='down', timeout
=20, fail_assert
=True):
952 # wait for the interface is activated.
953 needle
= f
'{link}: Bringing link {state}'
955 for iteration
in range(timeout
+ 1):
958 if not link_exists(link
):
960 output
= read_networkd_log()
961 if needle
in output
and flag
in check_output(f
'ip link show {link}'):
964 self
.fail(f
'Timed out waiting for {link} activated.')
967 def wait_operstate(self
, link
, operstate
='degraded', setup_state
='configured', setup_timeout
=5, fail_assert
=True):
968 """Wait for the link to reach the specified operstate and/or setup state.
970 Specify None or '' for either operstate or setup_state to ignore that state.
971 This will recheck until the state conditions are met or the timeout expires.
973 If the link successfully matches the requested state, this returns True.
974 If this times out waiting for the link to match, the behavior depends on the
975 'fail_assert' parameter; if True, this causes a test assertion failure,
976 otherwise this returns False. The default is to cause assertion failure.
978 Note that this function matches on *exactly* the given operstate and setup_state.
979 To wait for a link to reach *or exceed* a given operstate, use wait_online().
986 for secs
in range(setup_timeout
+ 1):
989 if not link_exists(link
):
991 output
= networkctl_status(link
)
992 if re
.search(rf
'(?m)^\s*State:\s+{operstate}\s+\({setup_state}\)\s*$', output
):
996 self
.fail(f
'Timed out waiting for {link} to reach state {operstate}/{setup_state}')
999 def wait_online(self
, *links_with_operstate
, timeout
='20s', bool_any
=False, ipv4
=False, ipv6
=False, setup_state
='configured', setup_timeout
=5):
1000 """Wait for the links to reach the specified operstate and/or setup state.
1002 This is similar to wait_operstate() but can be used for multiple links,
1003 and it also calls systemd-networkd-wait-online to wait for the given operstate.
1004 The operstate should be specified in the link name, like 'eth0:degraded'.
1005 If just a link name is provided, wait-online's default operstate to wait for is degraded.
1007 The 'timeout' parameter controls the systemd-networkd-wait-online timeout, and the
1008 'setup_timeout' controls the per-link timeout waiting for the setup_state.
1010 Set 'bool_any' to True to wait for any (instead of all) of the given links.
1011 If this is set, no setup_state checks are done.
1013 Set 'ipv4' or 'ipv6' to True to wait for IPv4 address or IPv6 address, respectively, of each of the given links.
1014 This is applied only for the operational state 'degraded' or above.
1016 Note that this function waits for the links to reach *or exceed* the given operstate.
1017 However, the setup_state, if specified, must be matched *exactly*.
1019 This returns if the links reached the requested operstate/setup_state; otherwise it
1020 raises CalledProcessError or fails test assertion.
1022 args
= wait_online_cmd
+ [f
'--timeout={timeout}'] + [f
'--interface={link}' for link
in links_with_operstate
] + [f
'--ignore={link}' for link
in protected_links
]
1030 check_output(*args
, env
=wait_online_env
)
1031 except subprocess
.CalledProcessError
:
1032 if networkd_is_failed():
1033 print('!!!!! systemd-networkd.service is failed !!!!!')
1034 call('systemctl status systemd-networkd.service')
1036 # show detailed status on failure
1037 for link
in links_with_operstate
:
1038 name
= link
.split(':')[0]
1039 if link_exists(name
):
1040 print(networkctl_status(name
))
1042 print(f
'Interface {name} not found.')
1044 if not bool_any
and setup_state
:
1045 for link
in links_with_operstate
:
1046 self
.wait_operstate(link
.split(':')[0], None, setup_state
, setup_timeout
)
1048 def wait_address(self
, link
, address_regex
, scope
='global', ipv
='', timeout_sec
=100):
1049 for i
in range(timeout_sec
):
1052 output
= check_output(f
'ip {ipv} address show dev {link} scope {scope}')
1053 if re
.search(address_regex
, output
) and 'tentative' not in output
:
1056 self
.assertRegex(output
, address_regex
)
1058 def wait_address_dropped(self
, link
, address_regex
, scope
='global', ipv
='', timeout_sec
=100):
1059 for i
in range(timeout_sec
):
1062 output
= check_output(f
'ip {ipv} address show dev {link} scope {scope}')
1063 if not re
.search(address_regex
, output
):
1066 self
.assertNotRegex(output
, address_regex
)
1068 def wait_route(self
, link
, route_regex
, table
='main', ipv
='', timeout_sec
=100):
1069 for i
in range(timeout_sec
):
1072 output
= check_output(f
'ip {ipv} route show dev {link} table {table}')
1073 if re
.search(route_regex
, output
):
1076 self
.assertRegex(output
, route_regex
)
1078 def check_netlabel(self
, interface
, address
, label
='system_u:object_r:root_t:s0'):
1079 if not shutil
.which('selinuxenabled'):
1080 print('## Checking NetLabel skipped: selinuxenabled command not found.')
1081 elif call_quiet('selinuxenabled') != 0:
1082 print('## Checking NetLabel skipped: SELinux disabled.')
1083 elif not shutil
.which('netlabelctl'): # not packaged by all distros
1084 print('## Checking NetLabel skipped: netlabelctl command not found.')
1086 output
= check_output('netlabelctl unlbl list')
1088 self
.assertRegex(output
, f
'interface:{interface},address:{address},label:"{label}"')
1090 def setup_nftset(self
, filter_name
, filter_type
, flags
=''):
1091 if not shutil
.which('nft'):
1092 print('## Setting up NFT sets skipped: nft command not found.')
1094 if call(f
'nft add table inet sd_test') != 0:
1095 print('## Setting up NFT table failed.')
1097 if call(f
'nft add set inet sd_test {filter_name} {{ type {filter_type}; {flags} }}') != 0:
1098 print('## Setting up NFT sets failed.')
1101 def teardown_nftset(self
, *filters
):
1102 if not shutil
.which('nft'):
1103 print('## Tearing down NFT sets skipped: nft command not found.')
1105 for filter_name
in filters
:
1106 if call(f
'nft delete set inet sd_test {filter_name}') != 0:
1107 print('## Tearing down NFT sets failed.')
1109 if call(f
'nft delete table inet sd_test') != 0:
1110 print('## Tearing down NFT table failed.')
1113 def check_nftset(self
, filter_name
, contents
):
1114 if not shutil
.which('nft'):
1115 print('## Checking NFT sets skipped: nft command not found.')
1117 output
= check_output(f
'nft list set inet sd_test {filter_name}')
1119 self
.assertRegex(output
, r
'.*elements = { [^}]*' + contents
+ r
'[^}]* }.*')
1121 class NetworkctlTests(unittest
.TestCase
, Utilities
):
1129 @expectedFailureIfAlternativeNameIsNotAvailable()
1130 def test_altname(self
):
1131 copy_network_unit('26-netdev-link-local-addressing-yes.network', '12-dummy.netdev', '12-dummy.link')
1133 self
.wait_online('dummy98:degraded')
1135 output
= networkctl_status('dummy98')
1136 self
.assertRegex(output
, 'hogehogehogehogehogehoge')
1138 @expectedFailureIfAlternativeNameIsNotAvailable()
1139 def test_rename_to_altname(self
):
1140 copy_network_unit('26-netdev-link-local-addressing-yes.network',
1141 '12-dummy.netdev', '12-dummy-rename-to-altname.link')
1143 self
.wait_online('dummyalt:degraded')
1145 output
= networkctl_status('dummyalt')
1146 self
.assertIn('hogehogehogehogehogehoge', output
)
1147 self
.assertNotIn('dummy98', output
)
1149 def test_reconfigure(self
):
1150 copy_network_unit('25-address-static.network', '12-dummy.netdev', copy_dropins
=False)
1152 self
.wait_online('dummy98:routable')
1154 output
= check_output('ip -4 address show dev dummy98')
1156 self
.assertIn('inet 10.1.2.3/16 brd 10.1.255.255 scope global dummy98', output
)
1157 self
.assertIn('inet 10.1.2.4/16 brd 10.1.255.255 scope global secondary dummy98', output
)
1158 self
.assertIn('inet 10.2.2.4/16 brd 10.2.255.255 scope global dummy98', output
)
1160 check_output('ip address del 10.1.2.3/16 dev dummy98')
1161 check_output('ip address del 10.1.2.4/16 dev dummy98')
1162 check_output('ip address del 10.2.2.4/16 dev dummy98')
1164 networkctl_reconfigure('dummy98')
1165 self
.wait_online('dummy98:routable')
1167 output
= check_output('ip -4 address show dev dummy98')
1169 self
.assertIn('inet 10.1.2.3/16 brd 10.1.255.255 scope global dummy98', output
)
1170 self
.assertIn('inet 10.1.2.4/16 brd 10.1.255.255 scope global secondary dummy98', output
)
1171 self
.assertIn('inet 10.2.2.4/16 brd 10.2.255.255 scope global dummy98', output
)
1173 remove_network_unit('25-address-static.network')
1176 self
.wait_operstate('dummy98', 'degraded', setup_state
='unmanaged')
1178 output
= check_output('ip -4 address show dev dummy98')
1180 self
.assertNotIn('inet 10.1.2.3/16 brd 10.1.255.255 scope global dummy98', output
)
1181 self
.assertNotIn('inet 10.1.2.4/16 brd 10.1.255.255 scope global secondary dummy98', output
)
1182 self
.assertNotIn('inet 10.2.2.4/16 brd 10.2.255.255 scope global dummy98', output
)
1184 copy_network_unit('25-address-static.network', copy_dropins
=False)
1186 self
.wait_online('dummy98:routable')
1188 output
= check_output('ip -4 address show dev dummy98')
1190 self
.assertIn('inet 10.1.2.3/16 brd 10.1.255.255 scope global dummy98', output
)
1191 self
.assertIn('inet 10.1.2.4/16 brd 10.1.255.255 scope global secondary dummy98', output
)
1192 self
.assertIn('inet 10.2.2.4/16 brd 10.2.255.255 scope global dummy98', output
)
1194 def test_renew(self
):
1196 self
.wait_online('veth99:routable', 'veth-peer:routable')
1197 output
= networkctl_status('veth99')
1199 self
.assertRegex(output
, r
'Address: 192.168.5.[0-9]* \(DHCP4 via 192.168.5.1\)')
1200 self
.assertIn('Gateway: 192.168.5.3', output
)
1201 self
.assertRegex(output
, 'DNS: 192.168.5.1\n *192.168.5.10')
1202 self
.assertRegex(output
, 'NTP: 192.168.5.1\n *192.168.5.11')
1204 copy_network_unit('25-veth.netdev', '25-dhcp-client.network', '25-dhcp-server.network')
1207 check_json(networkctl_json('--lines=0', '--stats', '--all', '--full'))
1209 for verb
in ['renew', 'forcerenew']:
1210 networkctl(verb
, 'veth99')
1212 networkctl(verb
, 'veth99', 'veth99', 'veth99')
1215 def test_up_down(self
):
1216 copy_network_unit('25-address-static.network', '12-dummy.netdev', copy_dropins
=False)
1218 self
.wait_online('dummy98:routable')
1220 networkctl('down', 'dummy98')
1221 self
.wait_online('dummy98:off')
1222 networkctl('up', 'dummy98')
1223 self
.wait_online('dummy98:routable')
1224 networkctl('down', 'dummy98', 'dummy98', 'dummy98')
1225 self
.wait_online('dummy98:off')
1226 networkctl('up', 'dummy98', 'dummy98', 'dummy98')
1227 self
.wait_online('dummy98:routable')
1229 def test_reload(self
):
1232 copy_network_unit('11-dummy.netdev')
1234 self
.wait_operstate('test1', 'off', setup_state
='unmanaged')
1236 copy_network_unit('11-dummy.network')
1238 self
.wait_online('test1:degraded')
1240 remove_network_unit('11-dummy.network')
1242 self
.wait_operstate('test1', 'degraded', setup_state
='unmanaged')
1244 remove_network_unit('11-dummy.netdev')
1246 self
.wait_operstate('test1', 'degraded', setup_state
='unmanaged')
1248 copy_network_unit('11-dummy.netdev', '11-dummy.network')
1250 self
.wait_operstate('test1', 'degraded')
1252 def test_glob(self
):
1253 copy_network_unit('11-dummy.netdev', '11-dummy.network')
1256 self
.wait_online('test1:degraded')
1258 output
= networkctl('list')
1259 self
.assertRegex(output
, '1 lo ')
1260 self
.assertRegex(output
, 'test1')
1262 output
= networkctl('list', 'test1')
1263 self
.assertNotRegex(output
, '1 lo ')
1264 self
.assertRegex(output
, 'test1')
1266 output
= networkctl('list', 'te*')
1267 self
.assertNotRegex(output
, '1 lo ')
1268 self
.assertRegex(output
, 'test1')
1270 output
= networkctl_status('te*')
1271 self
.assertNotRegex(output
, '1: lo ')
1272 self
.assertRegex(output
, 'test1')
1274 output
= networkctl_status('tes[a-z][0-9]')
1275 self
.assertNotRegex(output
, '1: lo ')
1276 self
.assertRegex(output
, 'test1')
1279 copy_network_unit('11-dummy-mtu.netdev', '11-dummy.network')
1282 self
.wait_online('test1:degraded')
1284 output
= networkctl_status('test1')
1285 self
.assertRegex(output
, 'MTU: 1600')
1287 def test_type(self
):
1288 copy_network_unit('11-dummy.netdev', '11-dummy.network')
1290 self
.wait_online('test1:degraded')
1292 output
= networkctl_status('test1')
1294 self
.assertRegex(output
, 'Type: ether')
1296 output
= networkctl_status('lo')
1298 self
.assertRegex(output
, 'Type: loopback')
1300 def test_unit_file(self
):
1301 copy_network_unit('11-test-unit-file.netdev', '11-test-unit-file.network', '11-test-unit-file.link')
1303 self
.wait_online('test1:degraded')
1305 output
= networkctl_status('test1')
1307 self
.assertIn('Link File: /run/systemd/network/11-test-unit-file.link', output
)
1308 self
.assertIn('/run/systemd/network/11-test-unit-file.link.d/dropin.conf', output
)
1309 self
.assertIn('Network File: /run/systemd/network/11-test-unit-file.network', output
)
1310 self
.assertIn('/run/systemd/network/11-test-unit-file.network.d/dropin.conf', output
)
1312 output
= read_networkd_log()
1313 self
.assertIn('test1: Configuring with /run/systemd/network/11-test-unit-file.network (dropins: /run/systemd/network/11-test-unit-file.network.d/dropin.conf).', output
)
1315 # This test may be run on the system that has older udevd than 70f32a260b5ebb68c19ecadf5d69b3844896ba55 (v249).
1316 # In that case, the udev DB for the loopback network interface may already have ID_NET_LINK_FILE property.
1317 # Let's reprocess the interface and drop the property.
1318 check_output(*udevadm_cmd
, 'trigger', '--settle', '--action=add', '/sys/class/net/lo')
1319 output
= networkctl_status('lo')
1321 self
.assertIn('Link File: n/a', output
)
1322 self
.assertIn('Network File: n/a', output
)
1324 def test_delete_links(self
):
1325 copy_network_unit('11-dummy.netdev', '11-dummy.network',
1326 '25-veth.netdev', '26-netdev-link-local-addressing-yes.network')
1329 self
.wait_online('test1:degraded', 'veth99:degraded', 'veth-peer:degraded')
1331 networkctl('delete', 'test1', 'veth99')
1332 self
.check_link_exists('test1', expected
=False)
1333 self
.check_link_exists('veth99', expected
=False)
1334 self
.check_link_exists('veth-peer', expected
=False)
1336 def test_label(self
):
1339 class NetworkdMatchTests(unittest
.TestCase
, Utilities
):
1347 @expectedFailureIfAlternativeNameIsNotAvailable()
1348 def test_match(self
):
1349 copy_network_unit('12-dummy-mac.netdev',
1350 '12-dummy-match-mac-01.network',
1351 '12-dummy-match-mac-02.network',
1352 '12-dummy-match-renamed.network',
1353 '12-dummy-match-altname.network',
1354 '12-dummy-altname.link')
1357 self
.wait_online('dummy98:routable')
1358 output
= networkctl_status('dummy98')
1359 self
.assertIn('Network File: /run/systemd/network/12-dummy-match-mac-01.network', output
)
1360 output
= check_output('ip -4 address show dev dummy98')
1361 self
.assertIn('10.0.0.1/16', output
)
1363 check_output('ip link set dev dummy98 down')
1364 check_output('ip link set dev dummy98 address 12:34:56:78:9a:02')
1366 self
.wait_address('dummy98', '10.0.0.2/16', ipv
='-4', timeout_sec
=10)
1367 self
.wait_online('dummy98:routable')
1368 output
= networkctl_status('dummy98')
1369 self
.assertIn('Network File: /run/systemd/network/12-dummy-match-mac-02.network', output
)
1371 check_output('ip link set dev dummy98 down')
1372 check_output('ip link set dev dummy98 name dummy98-1')
1374 self
.wait_address('dummy98-1', '10.0.1.2/16', ipv
='-4', timeout_sec
=10)
1375 self
.wait_online('dummy98-1:routable')
1376 output
= networkctl_status('dummy98-1')
1377 self
.assertIn('Network File: /run/systemd/network/12-dummy-match-renamed.network', output
)
1379 check_output('ip link set dev dummy98-1 down')
1380 check_output('ip link set dev dummy98-1 name dummy98-2')
1381 check_output(*udevadm_cmd
, 'trigger', '--action=add', '/sys/class/net/dummy98-2')
1383 self
.wait_address('dummy98-2', '10.0.2.2/16', ipv
='-4', timeout_sec
=10)
1384 self
.wait_online('dummy98-2:routable')
1385 output
= networkctl_status('dummy98-2')
1386 self
.assertIn('Network File: /run/systemd/network/12-dummy-match-altname.network', output
)
1388 def test_match_udev_property(self
):
1389 copy_network_unit('12-dummy.netdev', '13-not-match-udev-property.network', '14-match-udev-property.network')
1391 self
.wait_online('dummy98:routable')
1393 output
= networkctl_status('dummy98')
1395 self
.assertRegex(output
, 'Network File: /run/systemd/network/14-match-udev-property')
1397 class WaitOnlineTests(unittest
.TestCase
, Utilities
):
1405 def test_wait_online_any(self
):
1406 copy_network_unit('25-bridge.netdev', '25-bridge.network', '11-dummy.netdev', '11-dummy.network')
1409 self
.wait_online('bridge99', 'test1:degraded', bool_any
=True)
1411 self
.wait_operstate('bridge99', '(off|no-carrier)', setup_state
='configuring')
1412 self
.wait_operstate('test1', 'degraded')
1414 class NetworkdNetDevTests(unittest
.TestCase
, Utilities
):
1422 def test_dropin_and_name_conflict(self
):
1423 copy_network_unit('10-dropin-test.netdev', '15-name-conflict-test.netdev')
1426 self
.wait_online('dropin-test:off', setup_state
='unmanaged')
1428 output
= check_output('ip link show dropin-test')
1430 self
.assertRegex(output
, '00:50:56:c0:00:28')
1432 @expectedFailureIfModuleIsNotAvailable('bareudp')
1433 def test_bareudp(self
):
1434 copy_network_unit('25-bareudp.netdev', '26-netdev-link-local-addressing-yes.network')
1437 self
.wait_online('bareudp99:degraded')
1439 output
= check_output('ip -d link show bareudp99')
1441 self
.assertRegex(output
, 'dstport 1000 ')
1442 self
.assertRegex(output
, 'ethertype ip ')
1444 @expectedFailureIfModuleIsNotAvailable('batman-adv')
1445 def test_batadv(self
):
1446 copy_network_unit('25-batadv.netdev', '26-netdev-link-local-addressing-yes.network')
1449 self
.wait_online('batadv99:degraded')
1451 output
= check_output('ip -d link show batadv99')
1453 self
.assertRegex(output
, 'batadv')
1455 def test_bridge(self
):
1456 copy_network_unit('25-bridge.netdev', '25-bridge-configure-without-carrier.network')
1459 self
.wait_online('bridge99:no-carrier')
1461 tick
= os
.sysconf('SC_CLK_TCK')
1462 self
.assertEqual(9, round(float(read_link_attr('bridge99', 'bridge', 'hello_time')) / tick
))
1463 self
.assertEqual(9, round(float(read_link_attr('bridge99', 'bridge', 'max_age')) / tick
))
1464 self
.assertEqual(9, round(float(read_link_attr('bridge99', 'bridge', 'forward_delay')) / tick
))
1465 self
.assertEqual(9, round(float(read_link_attr('bridge99', 'bridge', 'ageing_time')) / tick
))
1466 self
.assertEqual(9, int(read_link_attr('bridge99', 'bridge', 'priority')))
1467 self
.assertEqual(1, int(read_link_attr('bridge99', 'bridge', 'multicast_querier')))
1468 self
.assertEqual(1, int(read_link_attr('bridge99', 'bridge', 'multicast_snooping')))
1469 self
.assertEqual(1, int(read_link_attr('bridge99', 'bridge', 'stp_state')))
1470 self
.assertEqual(3, int(read_link_attr('bridge99', 'bridge', 'multicast_igmp_version')))
1472 output
= networkctl_status('bridge99')
1474 self
.assertRegex(output
, 'Priority: 9')
1475 self
.assertRegex(output
, 'STP: yes')
1476 self
.assertRegex(output
, 'Multicast IGMP Version: 3')
1478 output
= check_output('ip -d link show bridge99')
1480 self
.assertIn('vlan_filtering 1 ', output
)
1481 self
.assertIn('vlan_protocol 802.1ad ', output
)
1482 self
.assertIn('vlan_default_pvid 9 ', output
)
1484 def test_bond(self
):
1485 copy_network_unit('25-bond.netdev', '25-bond-balanced-tlb.netdev')
1488 self
.wait_online('bond99:off', 'bond98:off', setup_state
='unmanaged')
1490 self
.check_link_attr('bond99', 'bonding', 'mode', '802.3ad 4')
1491 self
.check_link_attr('bond99', 'bonding', 'xmit_hash_policy', 'layer3+4 1')
1492 self
.check_link_attr('bond99', 'bonding', 'miimon', '1000')
1493 self
.check_link_attr('bond99', 'bonding', 'lacp_rate', 'fast 1')
1494 self
.check_link_attr('bond99', 'bonding', 'updelay', '2000')
1495 self
.check_link_attr('bond99', 'bonding', 'downdelay', '2000')
1496 self
.check_link_attr('bond99', 'bonding', 'resend_igmp', '4')
1497 self
.check_link_attr('bond99', 'bonding', 'min_links', '1')
1498 self
.check_link_attr('bond99', 'bonding', 'ad_actor_sys_prio', '1218')
1499 self
.check_link_attr('bond99', 'bonding', 'ad_user_port_key', '811')
1500 self
.check_link_attr('bond99', 'bonding', 'ad_actor_system', '00:11:22:33:44:55')
1502 self
.check_link_attr('bond98', 'bonding', 'mode', 'balance-tlb 5')
1503 self
.check_link_attr('bond98', 'bonding', 'tlb_dynamic_lb', '1')
1505 output
= networkctl_status('bond99')
1507 self
.assertIn('Mode: 802.3ad', output
)
1508 self
.assertIn('Miimon: 1s', output
)
1509 self
.assertIn('Updelay: 2s', output
)
1510 self
.assertIn('Downdelay: 2s', output
)
1512 output
= networkctl_status('bond98')
1514 self
.assertIn('Mode: balance-tlb', output
)
1516 def test_vlan(self
):
1517 copy_network_unit('21-vlan.netdev', '11-dummy.netdev',
1518 '21-vlan.network', '21-vlan-test1.network')
1521 self
.wait_online('test1:degraded', 'vlan99:routable')
1523 output
= check_output('ip -d link show test1')
1525 self
.assertRegex(output
, ' mtu 2000 ')
1527 output
= check_output('ip -d link show vlan99')
1529 self
.assertIn(' mtu 2000 ', output
)
1530 self
.assertIn('REORDER_HDR', output
)
1531 self
.assertIn('LOOSE_BINDING', output
)
1532 self
.assertIn('GVRP', output
)
1533 self
.assertIn('MVRP', output
)
1534 self
.assertIn(' id 99 ', output
)
1535 self
.assertIn('ingress-qos-map { 4:100 7:13 }', output
)
1536 self
.assertIn('egress-qos-map { 0:1 1:3 6:6 7:7 10:3 }', output
)
1538 output
= check_output('ip -4 address show dev test1')
1540 self
.assertRegex(output
, 'inet 192.168.24.5/24 brd 192.168.24.255 scope global test1')
1541 self
.assertRegex(output
, 'inet 192.168.25.5/24 brd 192.168.25.255 scope global test1')
1543 output
= check_output('ip -4 address show dev vlan99')
1545 self
.assertRegex(output
, 'inet 192.168.23.5/24 brd 192.168.23.255 scope global vlan99')
1547 def test_vlan_on_bond(self
):
1548 # For issue #24377 (https://github.com/systemd/systemd/issues/24377),
1549 # which is fixed by b05e52000b4eee764b383cc3031da0a3739e996e (PR#24020).
1551 copy_network_unit('21-bond-802.3ad.netdev', '21-bond-802.3ad.network',
1552 '21-vlan-on-bond.netdev', '21-vlan-on-bond.network')
1554 self
.wait_online('bond99:off')
1555 self
.wait_operstate('vlan99', operstate
='off', setup_state
='configuring', setup_timeout
=10)
1557 # The commit b05e52000b4eee764b383cc3031da0a3739e996e adds ", ignoring". To make it easily confirmed
1558 # that the issue is fixed by the commit, let's allow to match both string.
1559 log_re
= re
.compile('vlan99: Could not bring up interface(, ignoring|): Network is down$', re
.MULTILINE
)
1563 if log_re
.search(read_networkd_log()):
1568 copy_network_unit('11-dummy.netdev', '12-dummy.netdev', '21-dummy-bond-slave.network')
1570 self
.wait_online('test1:enslaved', 'dummy98:enslaved', 'bond99:carrier', 'vlan99:routable')
1572 def test_macvtap(self
):
1574 for mode
in ['private', 'vepa', 'bridge', 'passthru']:
1580 print(f
'### test_macvtap(mode={mode})')
1581 with self
.subTest(mode
=mode
):
1582 copy_network_unit('21-macvtap.netdev', '26-netdev-link-local-addressing-yes.network',
1583 '11-dummy.netdev', '25-macvtap.network')
1584 with
open(os
.path
.join(network_unit_dir
, '21-macvtap.netdev'), mode
='a', encoding
='utf-8') as f
:
1585 f
.write('[MACVTAP]\nMode=' + mode
)
1588 self
.wait_online('macvtap99:degraded',
1589 'test1:carrier' if mode
== 'passthru' else 'test1:degraded')
1591 output
= check_output('ip -d link show macvtap99')
1593 self
.assertRegex(output
, 'macvtap mode ' + mode
+ ' ')
1595 def test_macvlan(self
):
1597 for mode
in ['private', 'vepa', 'bridge', 'passthru']:
1603 print(f
'### test_macvlan(mode={mode})')
1604 with self
.subTest(mode
=mode
):
1605 copy_network_unit('21-macvlan.netdev', '26-netdev-link-local-addressing-yes.network',
1606 '11-dummy.netdev', '25-macvlan.network')
1607 with
open(os
.path
.join(network_unit_dir
, '21-macvlan.netdev'), mode
='a', encoding
='utf-8') as f
:
1608 f
.write('[MACVLAN]\nMode=' + mode
)
1611 self
.wait_online('macvlan99:degraded',
1612 'test1:carrier' if mode
== 'passthru' else 'test1:degraded')
1614 output
= check_output('ip -d link show test1')
1616 self
.assertRegex(output
, ' mtu 2000 ')
1618 output
= check_output('ip -d link show macvlan99')
1620 self
.assertRegex(output
, ' mtu 2000 ')
1621 self
.assertRegex(output
, 'macvlan mode ' + mode
+ ' ')
1623 remove_link('test1')
1626 check_output("ip link add test1 type dummy")
1627 self
.wait_online('macvlan99:degraded',
1628 'test1:carrier' if mode
== 'passthru' else 'test1:degraded')
1630 output
= check_output('ip -d link show test1')
1632 self
.assertRegex(output
, ' mtu 2000 ')
1634 output
= check_output('ip -d link show macvlan99')
1636 self
.assertRegex(output
, ' mtu 2000 ')
1637 self
.assertRegex(output
, 'macvlan mode ' + mode
+ ' ')
1639 @expectedFailureIfModuleIsNotAvailable('ipvlan')
1640 def test_ipvlan(self
):
1642 for mode
, flag
in [['L2', 'private'], ['L3', 'vepa'], ['L3S', 'bridge']]:
1648 print(f
'### test_ipvlan(mode={mode}, flag={flag})')
1649 with self
.subTest(mode
=mode
, flag
=flag
):
1650 copy_network_unit('25-ipvlan.netdev', '26-netdev-link-local-addressing-yes.network',
1651 '11-dummy.netdev', '25-ipvlan.network')
1652 with
open(os
.path
.join(network_unit_dir
, '25-ipvlan.netdev'), mode
='a', encoding
='utf-8') as f
:
1653 f
.write('[IPVLAN]\nMode=' + mode
+ '\nFlags=' + flag
)
1656 self
.wait_online('ipvlan99:degraded', 'test1:degraded')
1658 output
= check_output('ip -d link show ipvlan99')
1660 self
.assertRegex(output
, 'ipvlan *mode ' + mode
.lower() + ' ' + flag
)
1662 @expectedFailureIfModuleIsNotAvailable('ipvtap')
1663 def test_ipvtap(self
):
1665 for mode
, flag
in [['L2', 'private'], ['L3', 'vepa'], ['L3S', 'bridge']]:
1671 print(f
'### test_ipvtap(mode={mode}, flag={flag})')
1672 with self
.subTest(mode
=mode
, flag
=flag
):
1673 copy_network_unit('25-ipvtap.netdev', '26-netdev-link-local-addressing-yes.network',
1674 '11-dummy.netdev', '25-ipvtap.network')
1675 with
open(os
.path
.join(network_unit_dir
, '25-ipvtap.netdev'), mode
='a', encoding
='utf-8') as f
:
1676 f
.write('[IPVTAP]\nMode=' + mode
+ '\nFlags=' + flag
)
1679 self
.wait_online('ipvtap99:degraded', 'test1:degraded')
1681 output
= check_output('ip -d link show ipvtap99')
1683 self
.assertRegex(output
, 'ipvtap *mode ' + mode
.lower() + ' ' + flag
)
1685 def test_veth(self
):
1686 copy_network_unit('25-veth.netdev', '26-netdev-link-local-addressing-yes.network',
1687 '25-veth-mtu.netdev')
1690 self
.wait_online('veth99:degraded', 'veth-peer:degraded', 'veth-mtu:degraded', 'veth-mtu-peer:degraded')
1692 output
= check_output('ip -d link show veth99')
1694 self
.assertRegex(output
, 'link/ether 12:34:56:78:9a:bc')
1695 output
= check_output('ip -d link show veth-peer')
1697 self
.assertRegex(output
, 'link/ether 12:34:56:78:9a:bd')
1699 output
= check_output('ip -d link show veth-mtu')
1701 self
.assertRegex(output
, 'link/ether 12:34:56:78:9a:be')
1702 self
.assertRegex(output
, 'mtu 1800')
1703 output
= check_output('ip -d link show veth-mtu-peer')
1705 self
.assertRegex(output
, 'link/ether 12:34:56:78:9a:bf')
1706 self
.assertRegex(output
, 'mtu 1800')
1708 def test_tuntap(self
):
1709 copy_network_unit('25-tun.netdev', '25-tap.netdev', '26-netdev-link-local-addressing-yes.network')
1712 self
.wait_online('testtun99:degraded', 'testtap99:degraded')
1714 pid
= networkd_pid()
1715 name
= psutil
.Process(pid
).name()[:15]
1717 output
= check_output('ip -d tuntap show')
1719 self
.assertRegex(output
, fr
'(?m)testtap99: tap pi (multi_queue |)vnet_hdr persist filter *(0x100|)\n\tAttached to processes:{name}\({pid}\)systemd\(1\)$')
1720 self
.assertRegex(output
, fr
'(?m)testtun99: tun pi (multi_queue |)vnet_hdr persist filter *(0x100|)\n\tAttached to processes:{name}\({pid}\)systemd\(1\)$')
1722 output
= check_output('ip -d link show testtun99')
1724 # Old ip command does not support IFF_ flags
1725 self
.assertRegex(output
, 'tun (type tun pi on vnet_hdr on multi_queue|addrgenmode) ')
1726 self
.assertIn('UP,LOWER_UP', output
)
1728 output
= check_output('ip -d link show testtap99')
1730 self
.assertRegex(output
, 'tun (type tap pi on vnet_hdr on multi_queue|addrgenmode) ')
1731 self
.assertIn('UP,LOWER_UP', output
)
1733 remove_network_unit('26-netdev-link-local-addressing-yes.network')
1736 self
.wait_online('testtun99:degraded', 'testtap99:degraded', setup_state
='unmanaged')
1738 pid
= networkd_pid()
1739 name
= psutil
.Process(pid
).name()[:15]
1741 output
= check_output('ip -d tuntap show')
1743 self
.assertRegex(output
, fr
'(?m)testtap99: tap pi (multi_queue |)vnet_hdr persist filter *(0x100|)\n\tAttached to processes:{name}\({pid}\)systemd\(1\)$')
1744 self
.assertRegex(output
, fr
'(?m)testtun99: tun pi (multi_queue |)vnet_hdr persist filter *(0x100|)\n\tAttached to processes:{name}\({pid}\)systemd\(1\)$')
1746 output
= check_output('ip -d link show testtun99')
1748 self
.assertRegex(output
, 'tun (type tun pi on vnet_hdr on multi_queue|addrgenmode) ')
1749 self
.assertIn('UP,LOWER_UP', output
)
1751 output
= check_output('ip -d link show testtap99')
1753 self
.assertRegex(output
, 'tun (type tap pi on vnet_hdr on multi_queue|addrgenmode) ')
1754 self
.assertIn('UP,LOWER_UP', output
)
1756 clear_network_units()
1758 self
.wait_online('testtun99:off', 'testtap99:off', setup_state
='unmanaged')
1760 output
= check_output('ip -d tuntap show')
1762 self
.assertRegex(output
, r
'(?m)testtap99: tap pi (multi_queue |)vnet_hdr persist filter *(0x100|)\n\tAttached to processes:$')
1763 self
.assertRegex(output
, r
'(?m)testtun99: tun pi (multi_queue |)vnet_hdr persist filter *(0x100|)\n\tAttached to processes:$')
1768 output
= check_output('ip -d link show testtun99')
1770 self
.assertRegex(output
, 'tun (type tun pi on vnet_hdr on multi_queue|addrgenmode) ')
1771 if 'NO-CARRIER' in output
:
1779 output
= check_output('ip -d link show testtap99')
1781 self
.assertRegex(output
, 'tun (type tap pi on vnet_hdr on multi_queue|addrgenmode) ')
1782 if 'NO-CARRIER' in output
:
1787 @expectedFailureIfModuleIsNotAvailable('vrf')
1789 copy_network_unit('25-vrf.netdev', '26-netdev-link-local-addressing-yes.network')
1792 self
.wait_online('vrf99:carrier')
1794 @expectedFailureIfModuleIsNotAvailable('vcan')
1795 def test_vcan(self
):
1796 copy_network_unit('25-vcan.netdev', '26-netdev-link-local-addressing-yes.network',
1797 '25-vcan98.netdev', '25-vcan98.network')
1800 self
.wait_online('vcan99:carrier', 'vcan98:carrier')
1801 # For can devices, 'carrier' is the default required operational state.
1802 self
.wait_online('vcan99', 'vcan98')
1804 # https://github.com/systemd/systemd/issues/30140
1805 output
= check_output('ip -d link show vcan99')
1807 self
.assertIn('mtu 16 ', output
)
1809 output
= check_output('ip -d link show vcan98')
1811 self
.assertIn('mtu 16 ', output
)
1813 @expectedFailureIfModuleIsNotAvailable('vxcan')
1814 def test_vxcan(self
):
1815 copy_network_unit('25-vxcan.netdev', '26-netdev-link-local-addressing-yes.network')
1818 self
.wait_online('vxcan99:carrier', 'vxcan-peer:carrier')
1819 # For can devices, 'carrier' is the default required operational state.
1820 self
.wait_online('vxcan99', 'vxcan-peer')
1822 @expectedFailureIfModuleIsNotAvailable('wireguard')
1823 def test_wireguard(self
):
1824 copy_credential('25-wireguard-endpoint-peer0-cred.txt', 'network.wireguard.peer0.endpoint')
1825 copy_credential('25-wireguard-preshared-key-peer2-cred.txt', 'network.wireguard.peer2.psk')
1826 copy_credential('25-wireguard-no-peer-private-key-cred.txt', 'network.wireguard.private.25-wireguard-no-peer')
1828 copy_network_unit('25-wireguard.netdev', '25-wireguard.network',
1829 '25-wireguard-23-peers.netdev', '25-wireguard-23-peers.network',
1830 '25-wireguard-preshared-key.txt', '25-wireguard-private-key.txt',
1831 '25-wireguard-no-peer.netdev', '25-wireguard-no-peer.network')
1833 self
.wait_online('wg99:routable', 'wg98:routable', 'wg97:carrier')
1835 output
= check_output('ip -4 address show dev wg99')
1837 self
.assertIn('inet 192.168.124.1/24 scope global wg99', output
)
1839 output
= check_output('ip -4 address show dev wg99')
1841 self
.assertIn('inet 169.254.11.1/24 scope link wg99', output
)
1843 output
= check_output('ip -6 address show dev wg99')
1845 self
.assertIn('inet6 fe80::1/64 scope link', output
)
1847 output
= check_output('ip -4 address show dev wg98')
1849 self
.assertIn('inet 192.168.123.123/24 scope global wg98', output
)
1851 output
= check_output('ip -6 address show dev wg98')
1853 self
.assertIn('inet6 fd8d:4d6d:3ccb:500::1/64 scope global', output
)
1855 output
= check_output('ip -4 route show dev wg99 table 1234')
1857 self
.assertIn('192.168.26.0/24 proto static scope link metric 123', output
)
1859 output
= check_output('ip -6 route show dev wg99 table 1234')
1861 self
.assertIn('fd31:bf08:57cb::/48 proto static metric 123 pref medium', output
)
1863 output
= check_output('ip -6 route show dev wg98 table 1234')
1865 self
.assertIn('fd8d:4d6d:3ccb:500:c79:2339:edce:ece1 proto static metric 123 pref medium', output
)
1866 self
.assertIn('fd8d:4d6d:3ccb:500:1dbf:ca8a:32d3:dd81 proto static metric 123 pref medium', output
)
1867 self
.assertIn('fd8d:4d6d:3ccb:500:1e54:1415:35d0:a47c proto static metric 123 pref medium', output
)
1868 self
.assertIn('fd8d:4d6d:3ccb:500:270d:b5dd:4a3f:8909 proto static metric 123 pref medium', output
)
1869 self
.assertIn('fd8d:4d6d:3ccb:500:5660:679d:3532:94d8 proto static metric 123 pref medium', output
)
1870 self
.assertIn('fd8d:4d6d:3ccb:500:6825:573f:30f3:9472 proto static metric 123 pref medium', output
)
1871 self
.assertIn('fd8d:4d6d:3ccb:500:6f2e:6888:c6fd:dfb9 proto static metric 123 pref medium', output
)
1872 self
.assertIn('fd8d:4d6d:3ccb:500:8d4d:bab:7280:a09a proto static metric 123 pref medium', output
)
1873 self
.assertIn('fd8d:4d6d:3ccb:500:900c:d437:ec27:8822 proto static metric 123 pref medium', output
)
1874 self
.assertIn('fd8d:4d6d:3ccb:500:9742:9931:5217:18d5 proto static metric 123 pref medium', output
)
1875 self
.assertIn('fd8d:4d6d:3ccb:500:9c11:d820:2e96:9be0 proto static metric 123 pref medium', output
)
1876 self
.assertIn('fd8d:4d6d:3ccb:500:a072:80da:de4f:add1 proto static metric 123 pref medium', output
)
1877 self
.assertIn('fd8d:4d6d:3ccb:500:a3f3:df38:19b0:721 proto static metric 123 pref medium', output
)
1878 self
.assertIn('fd8d:4d6d:3ccb:500:a94b:cd6a:a32d:90e6 proto static metric 123 pref medium', output
)
1879 self
.assertIn('fd8d:4d6d:3ccb:500:b39c:9cdc:755a:ead3 proto static metric 123 pref medium', output
)
1880 self
.assertIn('fd8d:4d6d:3ccb:500:b684:4f81:2e3e:132e proto static metric 123 pref medium', output
)
1881 self
.assertIn('fd8d:4d6d:3ccb:500:bad5:495d:8e9c:3427 proto static metric 123 pref medium', output
)
1882 self
.assertIn('fd8d:4d6d:3ccb:500:bfe5:c3c3:5d77:fcb proto static metric 123 pref medium', output
)
1883 self
.assertIn('fd8d:4d6d:3ccb:500:c624:6bf7:4c09:3b59 proto static metric 123 pref medium', output
)
1884 self
.assertIn('fd8d:4d6d:3ccb:500:d4f9:5dc:9296:a1a proto static metric 123 pref medium', output
)
1885 self
.assertIn('fd8d:4d6d:3ccb:500:dcdd:d33b:90c9:6088 proto static metric 123 pref medium', output
)
1886 self
.assertIn('fd8d:4d6d:3ccb:500:e2e1:ae15:103f:f376 proto static metric 123 pref medium', output
)
1887 self
.assertIn('fd8d:4d6d:3ccb:500:f349:c4f0:10c1:6b4 proto static metric 123 pref medium', output
)
1888 self
.assertIn('fd8d:4d6d:3ccb:c79:2339:edce::/96 proto static metric 123 pref medium', output
)
1889 self
.assertIn('fd8d:4d6d:3ccb:1dbf:ca8a:32d3::/96 proto static metric 123 pref medium', output
)
1890 self
.assertIn('fd8d:4d6d:3ccb:1e54:1415:35d0::/96 proto static metric 123 pref medium', output
)
1891 self
.assertIn('fd8d:4d6d:3ccb:270d:b5dd:4a3f::/96 proto static metric 123 pref medium', output
)
1892 self
.assertIn('fd8d:4d6d:3ccb:5660:679d:3532::/96 proto static metric 123 pref medium', output
)
1893 self
.assertIn('fd8d:4d6d:3ccb:6825:573f:30f3::/96 proto static metric 123 pref medium', output
)
1894 self
.assertIn('fd8d:4d6d:3ccb:6f2e:6888:c6fd::/96 proto static metric 123 pref medium', output
)
1895 self
.assertIn('fd8d:4d6d:3ccb:8d4d:bab:7280::/96 proto static metric 123 pref medium', output
)
1896 self
.assertIn('fd8d:4d6d:3ccb:900c:d437:ec27::/96 proto static metric 123 pref medium', output
)
1897 self
.assertIn('fd8d:4d6d:3ccb:9742:9931:5217::/96 proto static metric 123 pref medium', output
)
1898 self
.assertIn('fd8d:4d6d:3ccb:9c11:d820:2e96::/96 proto static metric 123 pref medium', output
)
1899 self
.assertIn('fd8d:4d6d:3ccb:a072:80da:de4f::/96 proto static metric 123 pref medium', output
)
1900 self
.assertIn('fd8d:4d6d:3ccb:a3f3:df38:19b0::/96 proto static metric 123 pref medium', output
)
1901 self
.assertIn('fd8d:4d6d:3ccb:a94b:cd6a:a32d::/96 proto static metric 123 pref medium', output
)
1902 self
.assertIn('fd8d:4d6d:3ccb:b39c:9cdc:755a::/96 proto static metric 123 pref medium', output
)
1903 self
.assertIn('fd8d:4d6d:3ccb:b684:4f81:2e3e::/96 proto static metric 123 pref medium', output
)
1904 self
.assertIn('fd8d:4d6d:3ccb:bad5:495d:8e9c::/96 proto static metric 123 pref medium', output
)
1905 self
.assertIn('fd8d:4d6d:3ccb:bfe5:c3c3:5d77::/96 proto static metric 123 pref medium', output
)
1906 self
.assertIn('fd8d:4d6d:3ccb:c624:6bf7:4c09::/96 proto static metric 123 pref medium', output
)
1907 self
.assertIn('fd8d:4d6d:3ccb:d4f9:5dc:9296::/96 proto static metric 123 pref medium', output
)
1908 self
.assertIn('fd8d:4d6d:3ccb:dcdd:d33b:90c9::/96 proto static metric 123 pref medium', output
)
1909 self
.assertIn('fd8d:4d6d:3ccb:e2e1:ae15:103f::/96 proto static metric 123 pref medium', output
)
1910 self
.assertIn('fd8d:4d6d:3ccb:f349:c4f0:10c1::/96 proto static metric 123 pref medium', output
)
1912 if shutil
.which('wg'):
1915 output
= check_output('wg show wg99 listen-port')
1916 self
.assertEqual(output
, '51820')
1917 output
= check_output('wg show wg99 fwmark')
1918 self
.assertEqual(output
, '0x4d2')
1919 output
= check_output('wg show wg99 private-key')
1920 self
.assertEqual(output
, 'EEGlnEPYJV//kbvvIqxKkQwOiS+UENyPncC4bF46ong=')
1921 output
= check_output('wg show wg99 allowed-ips')
1922 self
.assertIn('9uioxkGzjvGjkse3V35I9AhorWfIjBcrf3UPMS0bw2c=\t192.168.124.3/32', output
)
1923 self
.assertIn('TTiCUpCxS7zDn/ax4p5W6Evg41r8hOrnWQw2Sq6Nh10=\t192.168.124.2/32', output
)
1924 self
.assertIn('lsDtM3AbjxNlauRKzHEPfgS1Zp7cp/VX5Use/P4PQSc=\tfdbc:bae2:7871:e1fe:793:8636::/96 fdbc:bae2:7871:500:e1fe:793:8636:dad1/128', output
)
1925 self
.assertIn('RDf+LSpeEre7YEIKaxg+wbpsNV7du+ktR99uBEtIiCA=\t192.168.26.0/24 fd31:bf08:57cb::/48', output
)
1926 output
= check_output('wg show wg99 persistent-keepalive')
1927 self
.assertIn('9uioxkGzjvGjkse3V35I9AhorWfIjBcrf3UPMS0bw2c=\toff', output
)
1928 self
.assertIn('TTiCUpCxS7zDn/ax4p5W6Evg41r8hOrnWQw2Sq6Nh10=\toff', output
)
1929 self
.assertIn('lsDtM3AbjxNlauRKzHEPfgS1Zp7cp/VX5Use/P4PQSc=\toff', output
)
1930 self
.assertIn('RDf+LSpeEre7YEIKaxg+wbpsNV7du+ktR99uBEtIiCA=\t20', output
)
1931 output
= check_output('wg show wg99 endpoints')
1932 self
.assertIn('9uioxkGzjvGjkse3V35I9AhorWfIjBcrf3UPMS0bw2c=\t(none)', output
)
1933 self
.assertIn('TTiCUpCxS7zDn/ax4p5W6Evg41r8hOrnWQw2Sq6Nh10=\t(none)', output
)
1934 self
.assertIn('lsDtM3AbjxNlauRKzHEPfgS1Zp7cp/VX5Use/P4PQSc=\t(none)', output
)
1935 self
.assertIn('RDf+LSpeEre7YEIKaxg+wbpsNV7du+ktR99uBEtIiCA=\t192.168.27.3:51820', output
)
1936 output
= check_output('wg show wg99 preshared-keys')
1937 self
.assertIn('9uioxkGzjvGjkse3V35I9AhorWfIjBcrf3UPMS0bw2c=\t6Fsg8XN0DE6aPQgAX4r2oazEYJOGqyHUz3QRH/jCB+I=', output
)
1938 self
.assertIn('TTiCUpCxS7zDn/ax4p5W6Evg41r8hOrnWQw2Sq6Nh10=\tit7nd33chCT/tKT2ZZWfYyp43Zs+6oif72hexnSNMqA=', output
)
1939 self
.assertIn('lsDtM3AbjxNlauRKzHEPfgS1Zp7cp/VX5Use/P4PQSc=\tcPLOy1YUrEI0EMMIycPJmOo0aTu3RZnw8bL5meVD6m0=', output
)
1940 self
.assertIn('RDf+LSpeEre7YEIKaxg+wbpsNV7du+ktR99uBEtIiCA=\tIIWIV17wutHv7t4cR6pOT91z6NSz/T8Arh0yaywhw3M=', output
)
1942 output
= check_output('wg show wg98 private-key')
1943 self
.assertEqual(output
, 'CJQUtcS9emY2fLYqDlpSZiE/QJyHkPWr+WHtZLZ90FU=')
1945 output
= check_output('wg show wg97 listen-port')
1946 self
.assertEqual(output
, '51821')
1947 output
= check_output('wg show wg97 fwmark')
1948 self
.assertEqual(output
, '0x4d3')
1950 def test_geneve(self
):
1951 copy_network_unit('25-geneve.netdev', '26-netdev-link-local-addressing-yes.network')
1954 self
.wait_online('geneve99:degraded')
1956 output
= check_output('ip -d link show geneve99')
1958 self
.assertRegex(output
, '192.168.22.1')
1959 self
.assertRegex(output
, '6082')
1960 self
.assertRegex(output
, 'udpcsum')
1961 self
.assertRegex(output
, 'udp6zerocsumrx')
1963 def test_ipip_tunnel(self
):
1964 copy_network_unit('12-dummy.netdev', '25-ipip.network',
1965 '25-ipip-tunnel.netdev', '25-tunnel.network',
1966 '25-ipip-tunnel-local-any.netdev', '25-tunnel-local-any.network',
1967 '25-ipip-tunnel-remote-any.netdev', '25-tunnel-remote-any.network',
1968 '25-ipip-tunnel-any-any.netdev', '25-tunnel-any-any.network')
1970 self
.wait_online('ipiptun99:routable', 'ipiptun98:routable', 'ipiptun97:routable', 'ipiptun96:routable', 'dummy98:degraded')
1972 output
= check_output('ip -d link show ipiptun99')
1974 self
.assertRegex(output
, 'ipip (ipip )?remote 192.169.224.239 local 192.168.223.238 dev dummy98')
1975 output
= check_output('ip -d link show ipiptun98')
1977 self
.assertRegex(output
, 'ipip (ipip )?remote 192.169.224.239 local any dev dummy98')
1978 output
= check_output('ip -d link show ipiptun97')
1980 self
.assertRegex(output
, 'ipip (ipip )?remote any local 192.168.223.238 dev dummy98')
1981 output
= check_output('ip -d link show ipiptun96')
1983 self
.assertRegex(output
, 'ipip (ipip )?remote any local any dev dummy98')
1985 def test_gre_tunnel(self
):
1986 copy_network_unit('12-dummy.netdev', '25-gretun.network',
1987 '25-gre-tunnel.netdev', '25-tunnel.network',
1988 '25-gre-tunnel-local-any.netdev', '25-tunnel-local-any.network',
1989 '25-gre-tunnel-remote-any.netdev', '25-tunnel-remote-any.network',
1990 '25-gre-tunnel-any-any.netdev', '25-tunnel-any-any.network')
1992 self
.wait_online('gretun99:routable', 'gretun98:routable', 'gretun97:routable', 'gretun96:routable', 'dummy98:degraded')
1994 output
= check_output('ip -d link show gretun99')
1996 self
.assertRegex(output
, 'gre remote 10.65.223.239 local 10.65.223.238 dev dummy98')
1997 self
.assertRegex(output
, 'ikey 1.2.3.103')
1998 self
.assertRegex(output
, 'okey 1.2.4.103')
1999 self
.assertRegex(output
, 'iseq')
2000 self
.assertRegex(output
, 'oseq')
2001 output
= check_output('ip -d link show gretun98')
2003 self
.assertRegex(output
, 'gre remote 10.65.223.239 local any dev dummy98')
2004 self
.assertRegex(output
, 'ikey 0.0.0.104')
2005 self
.assertRegex(output
, 'okey 0.0.0.104')
2006 self
.assertNotRegex(output
, 'iseq')
2007 self
.assertNotRegex(output
, 'oseq')
2008 output
= check_output('ip -d link show gretun97')
2010 self
.assertRegex(output
, 'gre remote any local 10.65.223.238 dev dummy98')
2011 self
.assertRegex(output
, 'ikey 0.0.0.105')
2012 self
.assertRegex(output
, 'okey 0.0.0.105')
2013 self
.assertNotRegex(output
, 'iseq')
2014 self
.assertNotRegex(output
, 'oseq')
2015 output
= check_output('ip -d link show gretun96')
2017 self
.assertRegex(output
, 'gre remote any local any dev dummy98')
2018 self
.assertRegex(output
, 'ikey 0.0.0.106')
2019 self
.assertRegex(output
, 'okey 0.0.0.106')
2020 self
.assertNotRegex(output
, 'iseq')
2021 self
.assertNotRegex(output
, 'oseq')
2023 def test_ip6gre_tunnel(self
):
2024 copy_network_unit('12-dummy.netdev', '25-ip6gretun.network',
2025 '25-ip6gre-tunnel.netdev', '25-tunnel.network',
2026 '25-ip6gre-tunnel-local-any.netdev', '25-tunnel-local-any.network',
2027 '25-ip6gre-tunnel-remote-any.netdev', '25-tunnel-remote-any.network',
2028 '25-ip6gre-tunnel-any-any.netdev', '25-tunnel-any-any.network')
2031 # Old kernels seem not to support IPv6LL address on ip6gre tunnel, So please do not use wait_online() here.
2033 self
.wait_links('dummy98', 'ip6gretun99', 'ip6gretun98', 'ip6gretun97', 'ip6gretun96')
2035 output
= check_output('ip -d link show ip6gretun99')
2037 self
.assertRegex(output
, 'ip6gre remote 2001:473:fece:cafe::5179 local 2a00:ffde:4567:edde::4987 dev dummy98')
2038 output
= check_output('ip -d link show ip6gretun98')
2040 self
.assertRegex(output
, 'ip6gre remote 2001:473:fece:cafe::5179 local any dev dummy98')
2041 output
= check_output('ip -d link show ip6gretun97')
2043 self
.assertRegex(output
, 'ip6gre remote any local 2a00:ffde:4567:edde::4987 dev dummy98')
2044 output
= check_output('ip -d link show ip6gretun96')
2046 self
.assertRegex(output
, 'ip6gre remote any local any dev dummy98')
2048 def test_gretap_tunnel(self
):
2049 copy_network_unit('12-dummy.netdev', '25-gretap.network',
2050 '25-gretap-tunnel.netdev', '25-tunnel.network',
2051 '25-gretap-tunnel-local-any.netdev', '25-tunnel-local-any.network')
2053 self
.wait_online('gretap99:routable', 'gretap98:routable', 'dummy98:degraded')
2055 output
= check_output('ip -d link show gretap99')
2057 self
.assertRegex(output
, 'gretap remote 10.65.223.239 local 10.65.223.238 dev dummy98')
2058 self
.assertRegex(output
, 'ikey 0.0.0.106')
2059 self
.assertRegex(output
, 'okey 0.0.0.106')
2060 self
.assertRegex(output
, 'iseq')
2061 self
.assertRegex(output
, 'oseq')
2062 self
.assertIn('nopmtudisc', output
)
2063 self
.assertIn('ignore-df', output
)
2064 output
= check_output('ip -d link show gretap98')
2066 self
.assertRegex(output
, 'gretap remote 10.65.223.239 local any dev dummy98')
2067 self
.assertRegex(output
, 'ikey 0.0.0.107')
2068 self
.assertRegex(output
, 'okey 0.0.0.107')
2069 self
.assertRegex(output
, 'iseq')
2070 self
.assertRegex(output
, 'oseq')
2072 def test_ip6gretap_tunnel(self
):
2073 copy_network_unit('12-dummy.netdev', '25-ip6gretap.network',
2074 '25-ip6gretap-tunnel.netdev', '25-tunnel.network',
2075 '25-ip6gretap-tunnel-local-any.netdev', '25-tunnel-local-any.network')
2077 self
.wait_online('ip6gretap99:routable', 'ip6gretap98:routable', 'dummy98:degraded')
2079 output
= check_output('ip -d link show ip6gretap99')
2081 self
.assertRegex(output
, 'ip6gretap remote 2001:473:fece:cafe::5179 local 2a00:ffde:4567:edde::4987 dev dummy98')
2082 output
= check_output('ip -d link show ip6gretap98')
2084 self
.assertRegex(output
, 'ip6gretap remote 2001:473:fece:cafe::5179 local any dev dummy98')
2086 def test_vti_tunnel(self
):
2087 copy_network_unit('12-dummy.netdev', '25-vti.network',
2088 '25-vti-tunnel.netdev', '25-tunnel.network',
2089 '25-vti-tunnel-local-any.netdev', '25-tunnel-local-any.network',
2090 '25-vti-tunnel-remote-any.netdev', '25-tunnel-remote-any.network',
2091 '25-vti-tunnel-any-any.netdev', '25-tunnel-any-any.network')
2093 self
.wait_online('vtitun99:routable', 'vtitun98:routable', 'vtitun97:routable', 'vtitun96:routable', 'dummy98:degraded')
2095 output
= check_output('ip -d link show vtitun99')
2097 self
.assertRegex(output
, 'vti remote 10.65.223.239 local 10.65.223.238 dev dummy98')
2098 output
= check_output('ip -d link show vtitun98')
2100 self
.assertRegex(output
, 'vti remote 10.65.223.239 local any dev dummy98')
2101 output
= check_output('ip -d link show vtitun97')
2103 self
.assertRegex(output
, 'vti remote any local 10.65.223.238 dev dummy98')
2104 output
= check_output('ip -d link show vtitun96')
2106 self
.assertRegex(output
, 'vti remote any local any dev dummy98')
2108 def test_vti6_tunnel(self
):
2109 copy_network_unit('12-dummy.netdev', '25-vti6.network',
2110 '25-vti6-tunnel.netdev', '25-tunnel.network',
2111 '25-vti6-tunnel-local-any.netdev', '25-tunnel-local-any.network',
2112 '25-vti6-tunnel-remote-any.netdev', '25-tunnel-remote-any.network')
2114 self
.wait_online('vti6tun99:routable', 'vti6tun98:routable', 'vti6tun97:routable', 'dummy98:degraded')
2116 output
= check_output('ip -d link show vti6tun99')
2118 self
.assertRegex(output
, 'vti6 remote 2001:473:fece:cafe::5179 local 2a00:ffde:4567:edde::4987 dev dummy98')
2119 output
= check_output('ip -d link show vti6tun98')
2121 self
.assertRegex(output
, 'vti6 remote 2001:473:fece:cafe::5179 local (any|::) dev dummy98')
2122 output
= check_output('ip -d link show vti6tun97')
2124 self
.assertRegex(output
, 'vti6 remote (any|::) local 2a00:ffde:4567:edde::4987 dev dummy98')
2126 def test_ip6tnl_tunnel(self
):
2127 copy_network_unit('12-dummy.netdev', '25-ip6tnl.network',
2128 '25-ip6tnl-tunnel.netdev', '25-tunnel.network',
2129 '25-ip6tnl-tunnel-local-any.netdev', '25-tunnel-local-any.network',
2130 '25-ip6tnl-tunnel-remote-any.netdev', '25-tunnel-remote-any.network',
2131 '25-veth.netdev', '25-ip6tnl-slaac.network', '25-ipv6-prefix.network',
2132 '25-ip6tnl-tunnel-local-slaac.netdev', '25-ip6tnl-tunnel-local-slaac.network',
2133 '25-ip6tnl-tunnel-external.netdev', '26-netdev-link-local-addressing-yes.network')
2135 self
.wait_online('ip6tnl99:routable', 'ip6tnl98:routable', 'ip6tnl97:routable',
2136 'ip6tnl-slaac:degraded', 'ip6tnl-external:degraded',
2137 'dummy98:degraded', 'veth99:routable', 'veth-peer:degraded')
2139 output
= check_output('ip -d link show ip6tnl99')
2141 self
.assertIn('ip6tnl ip6ip6 remote 2001:473:fece:cafe::5179 local 2a00:ffde:4567:edde::4987 dev dummy98', output
)
2142 output
= check_output('ip -d link show ip6tnl98')
2144 self
.assertRegex(output
, 'ip6tnl ip6ip6 remote 2001:473:fece:cafe::5179 local (any|::) dev dummy98')
2145 output
= check_output('ip -d link show ip6tnl97')
2147 self
.assertRegex(output
, 'ip6tnl ip6ip6 remote (any|::) local 2a00:ffde:4567:edde::4987 dev dummy98')
2148 output
= check_output('ip -d link show ip6tnl-external')
2150 self
.assertIn('ip6tnl-external@NONE:', output
)
2151 self
.assertIn('ip6tnl external ', output
)
2152 output
= check_output('ip -d link show ip6tnl-slaac')
2154 self
.assertIn('ip6tnl ip6ip6 remote 2001:473:fece:cafe::5179 local 2002:da8:1:0:1034:56ff:fe78:9abc dev veth99', output
)
2156 output
= check_output('ip -6 address show veth99')
2158 self
.assertIn('inet6 2002:da8:1:0:1034:56ff:fe78:9abc/64 scope global dynamic', output
)
2160 output
= check_output('ip -4 route show default')
2162 self
.assertIn('default dev ip6tnl-slaac proto static', output
)
2164 def test_sit_tunnel(self
):
2165 copy_network_unit('12-dummy.netdev', '25-sit.network',
2166 '25-sit-tunnel.netdev', '25-tunnel.network',
2167 '25-sit-tunnel-local-any.netdev', '25-tunnel-local-any.network',
2168 '25-sit-tunnel-remote-any.netdev', '25-tunnel-remote-any.network',
2169 '25-sit-tunnel-any-any.netdev', '25-tunnel-any-any.network')
2171 self
.wait_online('sittun99:routable', 'sittun98:routable', 'sittun97:routable', 'sittun96:routable', 'dummy98:degraded')
2173 output
= check_output('ip -d link show sittun99')
2175 self
.assertRegex(output
, "sit (ip6ip )?remote 10.65.223.239 local 10.65.223.238 dev dummy98")
2176 output
= check_output('ip -d link show sittun98')
2178 self
.assertRegex(output
, "sit (ip6ip )?remote 10.65.223.239 local any dev dummy98")
2179 output
= check_output('ip -d link show sittun97')
2181 self
.assertRegex(output
, "sit (ip6ip )?remote any local 10.65.223.238 dev dummy98")
2182 output
= check_output('ip -d link show sittun96')
2184 self
.assertRegex(output
, "sit (ip6ip )?remote any local any dev dummy98")
2186 def test_isatap_tunnel(self
):
2187 copy_network_unit('12-dummy.netdev', '25-isatap.network',
2188 '25-isatap-tunnel.netdev', '25-tunnel.network')
2190 self
.wait_online('isataptun99:routable', 'dummy98:degraded')
2192 output
= check_output('ip -d link show isataptun99')
2194 self
.assertRegex(output
, "isatap ")
2196 def test_6rd_tunnel(self
):
2197 copy_network_unit('12-dummy.netdev', '25-6rd.network',
2198 '25-6rd-tunnel.netdev', '25-tunnel.network')
2200 self
.wait_online('sittun99:routable', 'dummy98:degraded')
2202 output
= check_output('ip -d link show sittun99')
2204 self
.assertRegex(output
, '6rd-prefix 2602::/24')
2206 @expectedFailureIfERSPANv0IsNotSupported()
2207 def test_erspan_tunnel_v0(self
):
2208 copy_network_unit('12-dummy.netdev', '25-erspan.network',
2209 '25-erspan0-tunnel.netdev', '25-tunnel.network',
2210 '25-erspan0-tunnel-local-any.netdev', '25-tunnel-local-any.network')
2212 self
.wait_online('erspan99:routable', 'erspan98:routable', 'dummy98:degraded')
2214 output
= check_output('ip -d link show erspan99')
2216 self
.assertIn('erspan remote 172.16.1.100 local 172.16.1.200', output
)
2217 self
.assertIn('erspan_ver 0', output
)
2218 self
.assertNotIn('erspan_index 123', output
)
2219 self
.assertNotIn('erspan_dir ingress', output
)
2220 self
.assertNotIn('erspan_hwid 1f', output
)
2221 self
.assertIn('ikey 0.0.0.101', output
)
2222 self
.assertIn('iseq', output
)
2223 self
.assertIn('nopmtudisc', output
)
2224 self
.assertIn('ignore-df', output
)
2225 output
= check_output('ip -d link show erspan98')
2227 self
.assertIn('erspan remote 172.16.1.100 local any', output
)
2228 self
.assertIn('erspan_ver 0', output
)
2229 self
.assertNotIn('erspan_index 124', output
)
2230 self
.assertNotIn('erspan_dir egress', output
)
2231 self
.assertNotIn('erspan_hwid 2f', output
)
2232 self
.assertIn('ikey 0.0.0.102', output
)
2233 self
.assertIn('iseq', output
)
2235 def test_erspan_tunnel_v1(self
):
2236 copy_network_unit('12-dummy.netdev', '25-erspan.network',
2237 '25-erspan1-tunnel.netdev', '25-tunnel.network',
2238 '25-erspan1-tunnel-local-any.netdev', '25-tunnel-local-any.network')
2240 self
.wait_online('erspan99:routable', 'erspan98:routable', 'dummy98:degraded')
2242 output
= check_output('ip -d link show erspan99')
2244 self
.assertIn('erspan remote 172.16.1.100 local 172.16.1.200', output
)
2245 self
.assertIn('erspan_ver 1', output
)
2246 self
.assertIn('erspan_index 123', output
)
2247 self
.assertNotIn('erspan_dir ingress', output
)
2248 self
.assertNotIn('erspan_hwid 1f', output
)
2249 self
.assertIn('ikey 0.0.0.101', output
)
2250 self
.assertIn('okey 0.0.0.101', output
)
2251 self
.assertIn('iseq', output
)
2252 self
.assertIn('oseq', output
)
2253 output
= check_output('ip -d link show erspan98')
2255 self
.assertIn('erspan remote 172.16.1.100 local any', output
)
2256 self
.assertIn('erspan_ver 1', output
)
2257 self
.assertIn('erspan_index 124', output
)
2258 self
.assertNotIn('erspan_dir egress', output
)
2259 self
.assertNotIn('erspan_hwid 2f', output
)
2260 self
.assertIn('ikey 0.0.0.102', output
)
2261 self
.assertIn('okey 0.0.0.102', output
)
2262 self
.assertIn('iseq', output
)
2263 self
.assertIn('oseq', output
)
2265 @expectedFailureIfERSPANv2IsNotSupported()
2266 def test_erspan_tunnel_v2(self
):
2267 copy_network_unit('12-dummy.netdev', '25-erspan.network',
2268 '25-erspan2-tunnel.netdev', '25-tunnel.network',
2269 '25-erspan2-tunnel-local-any.netdev', '25-tunnel-local-any.network')
2271 self
.wait_online('erspan99:routable', 'erspan98:routable', 'dummy98:degraded')
2273 output
= check_output('ip -d link show erspan99')
2275 self
.assertIn('erspan remote 172.16.1.100 local 172.16.1.200', output
)
2276 self
.assertIn('erspan_ver 2', output
)
2277 self
.assertNotIn('erspan_index 123', output
)
2278 self
.assertIn('erspan_dir ingress', output
)
2279 self
.assertIn('erspan_hwid 0x1f', output
)
2280 self
.assertIn('ikey 0.0.0.101', output
)
2281 self
.assertIn('okey 0.0.0.101', output
)
2282 self
.assertIn('iseq', output
)
2283 self
.assertIn('oseq', output
)
2284 output
= check_output('ip -d link show erspan98')
2286 self
.assertIn('erspan remote 172.16.1.100 local any', output
)
2287 self
.assertIn('erspan_ver 2', output
)
2288 self
.assertNotIn('erspan_index 124', output
)
2289 self
.assertIn('erspan_dir egress', output
)
2290 self
.assertIn('erspan_hwid 0x2f', output
)
2291 self
.assertIn('ikey 0.0.0.102', output
)
2292 self
.assertIn('okey 0.0.0.102', output
)
2293 self
.assertIn('iseq', output
)
2294 self
.assertIn('oseq', output
)
2296 def test_tunnel_independent(self
):
2297 copy_network_unit('25-ipip-tunnel-independent.netdev', '26-netdev-link-local-addressing-yes.network')
2300 self
.wait_online('ipiptun99:carrier')
2302 def test_tunnel_independent_loopback(self
):
2303 copy_network_unit('25-ipip-tunnel-independent-loopback.netdev', '26-netdev-link-local-addressing-yes.network')
2306 self
.wait_online('ipiptun99:carrier')
2308 @expectedFailureIfModuleIsNotAvailable('xfrm_interface')
2309 def test_xfrm(self
):
2310 copy_network_unit('12-dummy.netdev', '25-xfrm.network',
2311 '25-xfrm.netdev', '25-xfrm-independent.netdev',
2312 '26-netdev-link-local-addressing-yes.network')
2315 self
.wait_online('dummy98:degraded', 'xfrm98:degraded', 'xfrm99:degraded')
2317 output
= check_output('ip -d link show dev xfrm98')
2319 self
.assertIn('xfrm98@dummy98:', output
)
2320 self
.assertIn('xfrm if_id 0x98 ', output
)
2322 output
= check_output('ip -d link show dev xfrm99')
2324 self
.assertIn('xfrm99@lo:', output
)
2325 self
.assertIn('xfrm if_id 0x99 ', output
)
2327 @expectedFailureIfModuleIsNotAvailable('fou')
2329 # The following redundant check is necessary for CentOS CI.
2330 # Maybe, error handling in lookup_id() in sd-netlink/generic-netlink.c needs to be updated.
2331 self
.assertTrue(is_module_available('fou'))
2333 copy_network_unit('25-fou-ipproto-ipip.netdev', '25-fou-ipproto-gre.netdev',
2334 '25-fou-ipip.netdev', '25-fou-sit.netdev',
2335 '25-fou-gre.netdev', '25-fou-gretap.netdev')
2338 self
.wait_online('ipiptun96:off', 'sittun96:off', 'gretun96:off', 'gretap96:off', setup_state
='unmanaged')
2340 output
= check_output('ip fou show')
2342 self
.assertRegex(output
, 'port 55555 ipproto 4')
2343 self
.assertRegex(output
, 'port 55556 ipproto 47')
2345 output
= check_output('ip -d link show ipiptun96')
2347 self
.assertRegex(output
, 'encap fou encap-sport auto encap-dport 55555')
2348 output
= check_output('ip -d link show sittun96')
2350 self
.assertRegex(output
, 'encap fou encap-sport auto encap-dport 55555')
2351 output
= check_output('ip -d link show gretun96')
2353 self
.assertRegex(output
, 'encap fou encap-sport 1001 encap-dport 55556')
2354 output
= check_output('ip -d link show gretap96')
2356 self
.assertRegex(output
, 'encap fou encap-sport auto encap-dport 55556')
2358 def test_vxlan(self
):
2359 copy_network_unit('11-dummy.netdev', '25-vxlan-test1.network',
2360 '25-vxlan.netdev', '25-vxlan.network',
2361 '25-vxlan-ipv6.netdev', '25-vxlan-ipv6.network',
2362 '25-vxlan-independent.netdev', '26-netdev-link-local-addressing-yes.network',
2363 '25-veth.netdev', '25-vxlan-veth99.network', '25-ipv6-prefix.network',
2364 '25-vxlan-local-slaac.netdev', '25-vxlan-local-slaac.network')
2367 self
.wait_online('test1:degraded', 'veth99:routable', 'veth-peer:degraded',
2368 'vxlan99:degraded', 'vxlan98:degraded', 'vxlan97:degraded', 'vxlan-slaac:degraded')
2370 output
= check_output('ip -d -d link show vxlan99')
2372 self
.assertIn('999', output
)
2373 self
.assertIn('5555', output
)
2374 self
.assertIn('l2miss', output
)
2375 self
.assertIn('l3miss', output
)
2376 self
.assertIn('gbp', output
)
2377 # Since [0] some of the options use slightly different names and some
2378 # options with default values are shown only if the -d(etails) setting
2380 # [0] https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=1215e9d3862387353d8672296cb4c6c16e8cbb72
2381 self
.assertRegex(output
, '(udpcsum|udp_csum)')
2382 self
.assertRegex(output
, '(udp6zerocsumtx|udp_zero_csum6_tx)')
2383 self
.assertRegex(output
, '(udp6zerocsumrx|udp_zero_csum6_rx)')
2384 self
.assertRegex(output
, '(remcsumtx|remcsum_tx)')
2385 self
.assertRegex(output
, '(remcsumrx|remcsum_rx)')
2387 output
= check_output('bridge fdb show dev vxlan99')
2389 self
.assertIn('00:11:22:33:44:55 dst 10.0.0.5 self permanent', output
)
2390 self
.assertIn('00:11:22:33:44:66 dst 10.0.0.6 self permanent', output
)
2391 self
.assertIn('00:11:22:33:44:77 dst 10.0.0.7 via test1 self permanent', output
)
2393 output
= networkctl_status('vxlan99')
2395 self
.assertIn('VNI: 999', output
)
2396 self
.assertIn('Destination Port: 5555', output
)
2397 self
.assertIn('Underlying Device: test1', output
)
2399 output
= check_output('bridge fdb show dev vxlan97')
2401 self
.assertIn('00:00:00:00:00:00 dst fe80::23b:d2ff:fe95:967f via test1 self permanent', output
)
2402 self
.assertIn('00:00:00:00:00:00 dst fe80::27c:16ff:fec0:6c74 via test1 self permanent', output
)
2403 self
.assertIn('00:00:00:00:00:00 dst fe80::2a2:e4ff:fef9:2269 via test1 self permanent', output
)
2405 output
= check_output('ip -d link show vxlan-slaac')
2407 self
.assertIn('vxlan id 4831584 local 2002:da8:1:0:1034:56ff:fe78:9abc dev veth99', output
)
2409 output
= check_output('ip -6 address show veth99')
2411 self
.assertIn('inet6 2002:da8:1:0:1034:56ff:fe78:9abc/64 scope global dynamic', output
)
2413 @unittest.skipUnless(compare_kernel_version("6"), reason
="Causes kernel panic on unpatched kernels: https://bugzilla.kernel.org/show_bug.cgi?id=208315")
2414 def test_macsec(self
):
2415 copy_network_unit('25-macsec.netdev', '25-macsec.network', '25-macsec.key',
2416 '26-macsec.network', '12-dummy.netdev')
2419 self
.wait_online('dummy98:degraded', 'macsec99:routable')
2421 output
= check_output('ip -d link show macsec99')
2423 self
.assertRegex(output
, 'macsec99@dummy98')
2424 self
.assertRegex(output
, 'macsec sci [0-9a-f]*000b')
2425 self
.assertRegex(output
, 'encrypt on')
2427 output
= check_output('ip macsec show macsec99')
2429 self
.assertRegex(output
, 'encrypt on')
2430 self
.assertRegex(output
, 'TXSC: [0-9a-f]*000b on SA 1')
2431 self
.assertRegex(output
, '0: PN [0-9]*, state on, key 01000000000000000000000000000000')
2432 self
.assertRegex(output
, '1: PN [0-9]*, state on, key 02030000000000000000000000000000')
2433 self
.assertRegex(output
, 'RXSC: c619528fe6a00100, state on')
2434 self
.assertRegex(output
, '0: PN [0-9]*, state on, key 02030405000000000000000000000000')
2435 self
.assertRegex(output
, '1: PN [0-9]*, state on, key 02030405060000000000000000000000')
2436 self
.assertRegex(output
, '2: PN [0-9]*, state off, key 02030405060700000000000000000000')
2437 self
.assertRegex(output
, '3: PN [0-9]*, state off, key 02030405060708000000000000000000')
2438 self
.assertNotRegex(output
, 'key 02030405067080900000000000000000')
2439 self
.assertRegex(output
, 'RXSC: 8c16456c83a90002, state on')
2440 self
.assertRegex(output
, '0: PN [0-9]*, state off, key 02030400000000000000000000000000')
2442 def test_nlmon(self
):
2443 copy_network_unit('25-nlmon.netdev', '26-netdev-link-local-addressing-yes.network')
2446 self
.wait_online('nlmon99:carrier')
2448 @expectedFailureIfModuleIsNotAvailable('ifb')
2450 copy_network_unit('25-ifb.netdev', '26-netdev-link-local-addressing-yes.network')
2453 self
.wait_online('ifb99:degraded')
2455 class NetworkdL2TPTests(unittest
.TestCase
, Utilities
):
2463 @expectedFailureIfModuleIsNotAvailable('l2tp_eth', 'l2tp_netlink')
2464 def test_l2tp_udp(self
):
2465 copy_network_unit('11-dummy.netdev', '25-l2tp-dummy.network',
2466 '25-l2tp-udp.netdev', '25-l2tp.network')
2469 self
.wait_online('test1:routable', 'l2tp-ses1:degraded', 'l2tp-ses2:degraded')
2471 output
= check_output('ip l2tp show tunnel tunnel_id 10')
2473 self
.assertRegex(output
, "Tunnel 10, encap UDP")
2474 self
.assertRegex(output
, "From 192.168.30.100 to 192.168.30.101")
2475 self
.assertRegex(output
, "Peer tunnel 11")
2476 self
.assertRegex(output
, "UDP source / dest ports: 3000/4000")
2477 self
.assertRegex(output
, "UDP checksum: enabled")
2479 output
= check_output('ip l2tp show session tid 10 session_id 15')
2481 self
.assertRegex(output
, "Session 15 in tunnel 10")
2482 self
.assertRegex(output
, "Peer session 16, tunnel 11")
2483 self
.assertRegex(output
, "interface name: l2tp-ses1")
2485 output
= check_output('ip l2tp show session tid 10 session_id 17')
2487 self
.assertRegex(output
, "Session 17 in tunnel 10")
2488 self
.assertRegex(output
, "Peer session 18, tunnel 11")
2489 self
.assertRegex(output
, "interface name: l2tp-ses2")
2491 @expectedFailureIfModuleIsNotAvailable('l2tp_eth', 'l2tp_ip', 'l2tp_netlink')
2492 def test_l2tp_ip(self
):
2493 copy_network_unit('11-dummy.netdev', '25-l2tp-dummy.network',
2494 '25-l2tp-ip.netdev', '25-l2tp.network')
2497 self
.wait_online('test1:routable', 'l2tp-ses3:degraded', 'l2tp-ses4:degraded')
2499 output
= check_output('ip l2tp show tunnel tunnel_id 10')
2501 self
.assertRegex(output
, "Tunnel 10, encap IP")
2502 self
.assertRegex(output
, "From 192.168.30.100 to 192.168.30.101")
2503 self
.assertRegex(output
, "Peer tunnel 12")
2505 output
= check_output('ip l2tp show session tid 10 session_id 25')
2507 self
.assertRegex(output
, "Session 25 in tunnel 10")
2508 self
.assertRegex(output
, "Peer session 26, tunnel 12")
2509 self
.assertRegex(output
, "interface name: l2tp-ses3")
2511 output
= check_output('ip l2tp show session tid 10 session_id 27')
2513 self
.assertRegex(output
, "Session 27 in tunnel 10")
2514 self
.assertRegex(output
, "Peer session 28, tunnel 12")
2515 self
.assertRegex(output
, "interface name: l2tp-ses4")
2517 class NetworkdNetworkTests(unittest
.TestCase
, Utilities
):
2525 def verify_address_static(
2555 output
= check_output('ip address show dev dummy98')
2559 self
.assertIn('inet 10.1.2.3/16 brd 10.1.255.255 scope global dummy98', output
)
2560 self
.assertIn('inet 10.1.2.4/16 brd 10.1.255.255 scope global secondary dummy98', output
)
2561 self
.assertIn('inet 10.2.2.4/16 brd 10.2.255.255 scope global dummy98', output
)
2562 self
.assertIn('inet6 2001:db8:0:f101::15/64 scope global', output
)
2563 self
.assertIn('inet6 2001:db8:0:f101::16/64 scope global', output
)
2564 self
.assertIn('inet6 2001:db8:0:f102::15/64 scope global', output
)
2567 self
.assertIn(f
'inet 10.3.1.1/24 brd 10.3.1.255 scope global {label1}', output
)
2568 self
.assertIn(f
'inet 10.3.2.1/24 brd 10.3.2.255 scope global {label2}', output
)
2569 self
.assertIn(f
'inet 10.3.3.1/24 brd 10.3.3.255 scope global {label3}', output
)
2572 self
.assertIn(f
'inet 10.4.1.1/24{broadcast1} scope global dummy98', output
)
2573 self
.assertIn(f
'inet 10.4.2.1/24{broadcast2} scope global dummy98', output
)
2574 self
.assertIn(f
'inet 10.4.3.1/24{broadcast3} scope global dummy98', output
)
2577 self
.assertIn(f
'inet 10.5.1.1{peer1} scope global dummy98', output
)
2578 self
.assertIn(f
'inet 10.5.2.1{peer2} scope global dummy98', output
)
2579 self
.assertIn(f
'inet 10.5.3.1{peer3} scope global dummy98', output
)
2580 self
.assertIn(f
'inet6 2001:db8:0:f103::1{peer4} scope global', output
)
2581 self
.assertIn(f
'inet6 2001:db8:0:f103::2{peer5} scope global', output
)
2582 self
.assertIn(f
'inet6 2001:db8:0:f103::3{peer6} scope global', output
)
2585 self
.assertIn(f
'inet 10.6.1.1/24 brd 10.6.1.255 scope {scope1} dummy98', output
)
2586 self
.assertIn(f
'inet 10.6.2.1/24 brd 10.6.2.255 scope {scope2} dummy98', output
)
2589 self
.assertIn(f
'inet 10.7.1.1/24 brd 10.7.1.255 scope global{deprecated1} dummy98', output
)
2590 self
.assertIn(f
'inet 10.7.2.1/24 brd 10.7.2.255 scope global{deprecated2} dummy98', output
)
2591 self
.assertIn(f
'inet6 2001:db8:0:f104::1/64 scope global{deprecated3}', output
)
2592 self
.assertIn(f
'inet6 2001:db8:0:f104::2/64 scope global{deprecated4}', output
)
2595 self
.assertRegex(output
, rf
'inet 10.8.1.1/24 (metric {route_metric} |)brd 10.8.1.255 scope global dummy98')
2596 self
.assertRegex(output
, rf
'inet6 2001:db8:0:f105::1/64 (metric {route_metric} |)scope global')
2598 output_route
= check_output('ip -4 route show dev dummy98 10.8.1.0/24')
2600 self
.assertIn(f
'10.8.1.0/24 proto kernel scope link src 10.8.1.1 metric {route_metric}', output_route
)
2602 output_route
= check_output('ip -6 route show dev dummy98 2001:db8:0:f105::/64')
2604 self
.assertIn(f
'2001:db8:0:f105::/64 proto kernel metric {route_metric}', output_route
)
2607 self
.assertIn(f
'inet 10.9.1.1/24 brd 10.9.1.255 scope global{flag1} dummy98', output
)
2608 self
.assertIn(f
'inet 10.9.2.1/24 brd 10.9.2.255 scope global{flag2} dummy98', output
)
2609 self
.assertIn(f
'inet6 2001:db8:0:f106::1/64 scope global{flag3}', output
)
2610 self
.assertIn(f
'inet6 2001:db8:0:f106::2/64 scope global{flag4}', output
)
2613 self
.assertTrue(ip4_null_16
.endswith('.0.1'))
2614 prefix16
= ip4_null_16
[:-len('.0.1')]
2615 self
.assertTrue(ip4_null_24
.endswith('.1'))
2616 prefix24
= ip4_null_24
[:-len('.1')]
2617 self
.assertIn(f
'inet {ip4_null_16}/16 brd {prefix16}.255.255 scope global subnet16', output
)
2618 self
.assertIn(f
'inet {ip4_null_24}/24 brd {prefix24}.255 scope global subnet24', output
)
2619 self
.assertIn(f
'inet6 {ip6_null_73}/73 scope global', output
)
2620 self
.assertIn(f
'inet6 {ip6_null_74}/74 scope global', output
)
2623 self
.assertNotIn('10.4.4.1', output
)
2624 self
.assertNotIn('10.5.4.1', output
)
2625 self
.assertNotIn('10.5.5.1', output
)
2626 self
.assertNotIn('10.8.2.1', output
)
2627 self
.assertNotIn('10.9.3.1', output
)
2628 self
.assertNotIn('2001:db8:0:f101::2', output
)
2629 self
.assertNotIn('2001:db8:0:f103::4', output
)
2632 self
.check_netlabel('dummy98', r
'10\.10\.1\.0/24')
2634 check_json(networkctl_json())
2636 def test_address_static(self
):
2637 copy_network_unit('25-address-static.network', '12-dummy.netdev', copy_dropins
=False)
2638 self
.setup_nftset('addr4', 'ipv4_addr')
2639 self
.setup_nftset('network4', 'ipv4_addr', 'flags interval;')
2640 self
.setup_nftset('ifindex', 'iface_index')
2643 self
.wait_online('dummy98:routable')
2647 output
= check_output('ip -4 --json address show dev dummy98')
2648 for i
in json
.loads(output
)[0]['addr_info']:
2649 if i
['label'] == 'subnet16':
2650 ip4_null_16
= i
['local']
2651 elif i
['label'] == 'subnet24':
2652 ip4_null_24
= i
['local']
2653 self
.assertTrue(ip4_null_16
.endswith('.0.1'))
2654 self
.assertTrue(ip4_null_24
.endswith('.1'))
2658 output
= check_output('ip -6 --json address show dev dummy98')
2659 for i
in json
.loads(output
)[0]['addr_info']:
2660 if i
['prefixlen'] == 73:
2661 ip6_null_73
= i
['local']
2662 elif i
['prefixlen'] == 74:
2663 ip6_null_74
= i
['local']
2664 self
.assertTrue(ip6_null_73
.endswith(':1'))
2665 self
.assertTrue(ip6_null_74
.endswith(':1'))
2667 self
.verify_address_static(
2672 broadcast2
=' brd 10.4.2.255',
2673 broadcast3
=' brd 10.4.3.63',
2674 peer1
=' peer 10.5.1.101/24',
2675 peer2
=' peer 10.5.2.101/24',
2676 peer3
='/24 brd 10.5.3.255',
2677 peer4
=' peer 2001:db8:0:f103::101/128',
2678 peer5
=' peer 2001:db8:0:f103::102/128',
2683 deprecated2
=' deprecated',
2685 deprecated4
=' deprecated',
2687 flag1
=' noprefixroute',
2689 flag3
=' noprefixroute',
2690 flag4
=' home mngtmpaddr',
2691 ip4_null_16
=ip4_null_16
,
2692 ip4_null_24
=ip4_null_24
,
2693 ip6_null_73
=ip6_null_73
,
2694 ip6_null_74
=ip6_null_74
,
2697 self
.check_nftset('addr4', r
'10\.10\.1\.1')
2698 self
.check_nftset('network4', r
'10\.10\.1\.0/24')
2699 self
.check_nftset('ifindex', 'dummy98')
2701 self
.teardown_nftset('addr4', 'network4', 'ifindex')
2703 copy_network_unit('25-address-static.network.d/10-override.conf')
2705 self
.wait_online('dummy98:routable')
2706 self
.verify_address_static(
2707 label1
='new-label1',
2709 label3
='new-label3',
2710 broadcast1
=' brd 10.4.1.255',
2712 broadcast3
=' brd 10.4.3.31',
2713 peer1
=' peer 10.5.1.102/24',
2714 peer2
='/24 brd 10.5.2.255',
2715 peer3
=' peer 10.5.3.102/24',
2716 peer4
=' peer 2001:db8:0:f103::201/128',
2718 peer6
=' peer 2001:db8:0:f103::203/128',
2721 deprecated1
=' deprecated',
2723 deprecated3
=' deprecated',
2727 flag2
=' noprefixroute',
2728 flag3
=' home mngtmpaddr',
2729 flag4
=' noprefixroute',
2730 ip4_null_16
=ip4_null_16
,
2731 ip4_null_24
=ip4_null_24
,
2732 ip6_null_73
=ip6_null_73
,
2733 ip6_null_74
=ip6_null_74
,
2736 networkctl_reconfigure('dummy98')
2737 self
.wait_online('dummy98:routable')
2738 self
.verify_address_static(
2739 label1
='new-label1',
2741 label3
='new-label3',
2742 broadcast1
=' brd 10.4.1.255',
2744 broadcast3
=' brd 10.4.3.31',
2745 peer1
=' peer 10.5.1.102/24',
2746 peer2
='/24 brd 10.5.2.255',
2747 peer3
=' peer 10.5.3.102/24',
2748 peer4
=' peer 2001:db8:0:f103::201/128',
2750 peer6
=' peer 2001:db8:0:f103::203/128',
2753 deprecated1
=' deprecated',
2755 deprecated3
=' deprecated',
2759 flag2
=' noprefixroute',
2760 flag3
=' home mngtmpaddr',
2761 flag4
=' noprefixroute',
2762 ip4_null_16
=ip4_null_16
,
2763 ip4_null_24
=ip4_null_24
,
2764 ip6_null_73
=ip6_null_73
,
2765 ip6_null_74
=ip6_null_74
,
2769 # 1. set preferred lifetime forever to drop the deprecated flag for testing #20891.
2770 check_output('ip address change 10.7.1.1/24 dev dummy98 preferred_lft forever')
2771 check_output('ip address change 2001:db8:0:f104::1/64 dev dummy98 preferred_lft forever')
2772 output
= check_output('ip address show dev dummy98')
2774 self
.assertNotRegex(output
, '10.7.1.1/24 .* deprecated')
2775 self
.assertNotRegex(output
, '2001:db8:0:f104::1/64 .* deprecated')
2777 # 2. reconfigure the interface, and check the deprecated flag is set again
2778 networkctl_reconfigure('dummy98')
2779 self
.wait_online('dummy98:routable')
2780 self
.verify_address_static(
2781 label1
='new-label1',
2783 label3
='new-label3',
2784 broadcast1
=' brd 10.4.1.255',
2786 broadcast3
=' brd 10.4.3.31',
2787 peer1
=' peer 10.5.1.102/24',
2788 peer2
='/24 brd 10.5.2.255',
2789 peer3
=' peer 10.5.3.102/24',
2790 peer4
=' peer 2001:db8:0:f103::201/128',
2792 peer6
=' peer 2001:db8:0:f103::203/128',
2795 deprecated1
=' deprecated',
2797 deprecated3
=' deprecated',
2801 flag2
=' noprefixroute',
2802 flag3
=' home mngtmpaddr',
2803 flag4
=' noprefixroute',
2804 ip4_null_16
=ip4_null_16
,
2805 ip4_null_24
=ip4_null_24
,
2806 ip6_null_73
=ip6_null_73
,
2807 ip6_null_74
=ip6_null_74
,
2810 # test for ENOBUFS issue #17012 (with reload)
2811 copy_network_unit('25-address-static.network.d/10-many-address.conf')
2813 self
.wait_online('dummy98:routable')
2814 output
= check_output('ip -4 address show dev dummy98')
2815 for i
in range(1, 254):
2816 self
.assertIn(f
'inet 10.3.3.{i}/16 brd 10.3.255.255', output
)
2818 # (with reconfigure)
2819 networkctl_reconfigure('dummy98')
2820 self
.wait_online('dummy98:routable')
2821 output
= check_output('ip -4 address show dev dummy98')
2822 for i
in range(1, 254):
2823 self
.assertIn(f
'inet 10.3.3.{i}/16 brd 10.3.255.255', output
)
2825 # test for an empty string assignment for Address= in [Network]
2826 copy_network_unit('25-address-static.network.d/20-clear-addresses.conf')
2828 self
.wait_online('dummy98:routable')
2829 output
= check_output('ip -4 address show dev dummy98')
2830 for i
in range(1, 254):
2831 self
.assertNotIn(f
'inet 10.3.3.{i}/16 brd 10.3.255.255', output
)
2832 self
.assertIn('inet 10.4.0.1/16 brd 10.4.255.255', output
)
2834 def test_address_ipv4acd(self
):
2835 check_output('ip netns add ns99')
2836 check_output('ip link add veth99 type veth peer veth-peer')
2837 check_output('ip link set veth-peer netns ns99')
2838 check_output('ip link set veth99 up')
2839 check_output('ip netns exec ns99 ip link set veth-peer up')
2840 check_output('ip netns exec ns99 ip address add 192.168.100.10/24 dev veth-peer')
2842 copy_network_unit('25-address-ipv4acd-veth99.network', copy_dropins
=False)
2844 self
.wait_online('veth99:routable')
2846 output
= check_output('ip -4 address show dev veth99')
2848 self
.assertNotIn('192.168.100.10/24', output
)
2849 self
.assertIn('192.168.100.11/24', output
)
2851 copy_network_unit('25-address-ipv4acd-veth99.network.d/conflict-address.conf')
2853 self
.wait_operstate('veth99', operstate
='routable', setup_state
='configuring', setup_timeout
=10)
2855 output
= check_output('ip -4 address show dev veth99')
2857 self
.assertNotIn('192.168.100.10/24', output
)
2858 self
.assertIn('192.168.100.11/24', output
)
2860 def test_address_peer_ipv4(self
):
2861 # test for issue #17304
2862 copy_network_unit('25-address-peer-ipv4.network', '12-dummy.netdev')
2864 for trial
in range(2):
2870 self
.wait_online('dummy98:routable')
2872 output
= check_output('ip -4 address show dev dummy98')
2873 self
.assertIn('inet 100.64.0.1 peer 100.64.0.2/32 scope global', output
)
2875 @expectedFailureIfModuleIsNotAvailable('vrf')
2876 def test_prefix_route(self
):
2877 copy_network_unit('25-prefix-route-with-vrf.network', '12-dummy.netdev',
2878 '25-prefix-route-without-vrf.network', '11-dummy.netdev',
2879 '25-vrf.netdev', '25-vrf.network')
2880 for trial
in range(2):
2886 self
.wait_online('dummy98:routable', 'test1:routable', 'vrf99:carrier')
2888 output
= check_output('ip route show table 42 dev dummy98')
2889 print('### ip route show table 42 dev dummy98')
2891 self
.assertRegex(output
, 'local 10.20.22.1 proto kernel scope host src 10.20.22.1')
2892 self
.assertRegex(output
, '10.20.33.0/24 proto kernel scope link src 10.20.33.1')
2893 self
.assertRegex(output
, 'local 10.20.33.1 proto kernel scope host src 10.20.33.1')
2894 self
.assertRegex(output
, 'broadcast 10.20.33.255 proto kernel scope link src 10.20.33.1')
2895 self
.assertRegex(output
, 'local 10.20.44.1 proto kernel scope host src 10.20.44.1')
2896 self
.assertRegex(output
, 'local 10.20.55.1 proto kernel scope host src 10.20.55.1')
2897 self
.assertRegex(output
, 'broadcast 10.20.55.255 proto kernel scope link src 10.20.55.1')
2898 output
= check_output('ip -6 route show table 42 dev dummy98')
2899 print('### ip -6 route show table 42 dev dummy98')
2903 self
.assertRegex(output
, 'local fdde:11:22::1 proto kernel metric 0 pref medium')
2904 #self.assertRegex(output, 'fdde:11:22::1 proto kernel metric 256 pref medium')
2905 self
.assertRegex(output
, 'local fdde:11:33::1 proto kernel metric 0 pref medium')
2906 self
.assertRegex(output
, 'fdde:11:33::/64 proto kernel metric 256 pref medium')
2907 self
.assertRegex(output
, 'local fdde:11:44::1 proto kernel metric 0 pref medium')
2908 self
.assertRegex(output
, 'local fdde:11:55::1 proto kernel metric 0 pref medium')
2909 self
.assertRegex(output
, 'fe80::/64 proto kernel metric 256 pref medium')
2910 self
.assertRegex(output
, 'ff00::/8 (proto kernel )?metric 256 (linkdown )?pref medium')
2914 output
= check_output('ip route show dev test1')
2915 print('### ip route show dev test1')
2917 self
.assertRegex(output
, '10.21.33.0/24 proto kernel scope link src 10.21.33.1')
2918 output
= check_output('ip route show table local dev test1')
2919 print('### ip route show table local dev test1')
2921 self
.assertRegex(output
, 'local 10.21.22.1 proto kernel scope host src 10.21.22.1')
2922 self
.assertRegex(output
, 'local 10.21.33.1 proto kernel scope host src 10.21.33.1')
2923 self
.assertRegex(output
, 'broadcast 10.21.33.255 proto kernel scope link src 10.21.33.1')
2924 self
.assertRegex(output
, 'local 10.21.44.1 proto kernel scope host src 10.21.44.1')
2925 self
.assertRegex(output
, 'local 10.21.55.1 proto kernel scope host src 10.21.55.1')
2926 self
.assertRegex(output
, 'broadcast 10.21.55.255 proto kernel scope link src 10.21.55.1')
2927 output
= check_output('ip -6 route show dev test1')
2928 print('### ip -6 route show dev test1')
2930 self
.assertRegex(output
, 'fdde:12:22::1 proto kernel metric 256 pref medium')
2931 self
.assertRegex(output
, 'fdde:12:33::/64 proto kernel metric 256 pref medium')
2932 self
.assertRegex(output
, 'fe80::/64 proto kernel metric 256 pref medium')
2933 output
= check_output('ip -6 route show table local dev test1')
2934 print('### ip -6 route show table local dev test1')
2936 self
.assertRegex(output
, 'local fdde:12:22::1 proto kernel metric 0 pref medium')
2937 self
.assertRegex(output
, 'local fdde:12:33::1 proto kernel metric 0 pref medium')
2938 self
.assertRegex(output
, 'local fdde:12:44::1 proto kernel metric 0 pref medium')
2939 self
.assertRegex(output
, 'local fdde:12:55::1 proto kernel metric 0 pref medium')
2940 self
.assertRegex(output
, 'ff00::/8 (proto kernel )?metric 256 (linkdown )?pref medium')
2942 def test_configure_without_carrier(self
):
2943 copy_network_unit('11-dummy.netdev')
2945 self
.wait_operstate('test1', 'off', '')
2946 check_output('ip link set dev test1 up carrier off')
2948 copy_network_unit('25-test1.network.d/configure-without-carrier.conf', copy_dropins
=False)
2950 self
.wait_online('test1:no-carrier')
2952 carrier_map
= {'on': '1', 'off': '0'}
2953 routable_map
= {'on': 'routable', 'off': 'no-carrier'}
2954 for carrier
in ['off', 'on', 'off']:
2955 with self
.subTest(carrier
=carrier
):
2956 if carrier_map
[carrier
] != read_link_attr('test1', 'carrier'):
2957 check_output(f
'ip link set dev test1 carrier {carrier}')
2958 self
.wait_online(f
'test1:{routable_map[carrier]}:{routable_map[carrier]}')
2960 output
= networkctl_status('test1')
2962 self
.assertRegex(output
, '192.168.0.15')
2963 self
.assertRegex(output
, '192.168.0.1')
2964 self
.assertRegex(output
, routable_map
[carrier
])
2966 def test_configure_without_carrier_yes_ignore_carrier_loss_no(self
):
2967 copy_network_unit('11-dummy.netdev')
2969 self
.wait_operstate('test1', 'off', '')
2970 check_output('ip link set dev test1 up carrier off')
2972 copy_network_unit('25-test1.network')
2974 self
.wait_online('test1:no-carrier')
2976 carrier_map
= {'on': '1', 'off': '0'}
2977 routable_map
= {'on': 'routable', 'off': 'no-carrier'}
2978 for (carrier
, have_config
) in [('off', True), ('on', True), ('off', False)]:
2979 with self
.subTest(carrier
=carrier
, have_config
=have_config
):
2980 if carrier_map
[carrier
] != read_link_attr('test1', 'carrier'):
2981 check_output(f
'ip link set dev test1 carrier {carrier}')
2982 self
.wait_online(f
'test1:{routable_map[carrier]}:{routable_map[carrier]}')
2984 output
= networkctl_status('test1')
2987 self
.assertRegex(output
, '192.168.0.15')
2988 self
.assertRegex(output
, '192.168.0.1')
2990 self
.assertNotRegex(output
, '192.168.0.15')
2991 self
.assertNotRegex(output
, '192.168.0.1')
2992 self
.assertRegex(output
, routable_map
[carrier
])
2994 def test_routing_policy_rule(self
):
2995 copy_network_unit('25-routing-policy-rule-test1.network', '11-dummy.netdev')
2997 self
.wait_online('test1:degraded')
2999 output
= check_output('ip rule list iif test1 priority 111')
3001 self
.assertRegex(output
, '111:')
3002 self
.assertRegex(output
, 'from 192.168.100.18')
3003 self
.assertRegex(output
, r
'tos (0x08|throughput)\s')
3004 self
.assertRegex(output
, 'iif test1')
3005 self
.assertRegex(output
, 'oif test1')
3006 self
.assertRegex(output
, 'lookup 7')
3008 output
= check_output('ip rule list iif test1 priority 101')
3010 self
.assertRegex(output
, '101:')
3011 self
.assertRegex(output
, 'from all')
3012 self
.assertRegex(output
, 'iif test1')
3013 self
.assertRegex(output
, 'lookup 9')
3015 output
= check_output('ip -6 rule list iif test1 priority 100')
3017 self
.assertRegex(output
, '100:')
3018 self
.assertRegex(output
, 'from all')
3019 self
.assertRegex(output
, 'iif test1')
3020 self
.assertRegex(output
, 'lookup 8')
3022 output
= check_output('ip rule list iif test1 priority 102')
3024 self
.assertRegex(output
, '102:')
3025 self
.assertRegex(output
, 'from 0.0.0.0/8')
3026 self
.assertRegex(output
, 'iif test1')
3027 self
.assertRegex(output
, 'lookup 10')
3029 check_json(networkctl_json())
3031 def test_routing_policy_rule_issue_11280(self
):
3032 copy_network_unit('25-routing-policy-rule-test1.network', '11-dummy.netdev',
3033 '25-routing-policy-rule-dummy98.network', '12-dummy.netdev')
3035 for trial
in range(3):
3036 restart_networkd(show_logs
=(trial
> 0))
3037 self
.wait_online('test1:degraded', 'dummy98:degraded')
3039 output
= check_output('ip rule list table 7')
3041 self
.assertRegex(output
, '111: from 192.168.100.18 tos (0x08|throughput) iif test1 oif test1 lookup 7')
3043 output
= check_output('ip rule list table 8')
3045 self
.assertRegex(output
, '112: from 192.168.101.18 tos (0x08|throughput) iif dummy98 oif dummy98 lookup 8')
3047 def test_routing_policy_rule_reconfigure(self
):
3048 copy_network_unit('25-routing-policy-rule-reconfigure2.network', '11-dummy.netdev')
3050 self
.wait_online('test1:degraded')
3052 output
= check_output('ip rule list table 1011')
3054 self
.assertIn('10111: from all fwmark 0x3f3 lookup 1011', output
)
3055 self
.assertIn('10112: from all oif test1 lookup 1011', output
)
3056 self
.assertIn('10113: from all iif test1 lookup 1011', output
)
3057 self
.assertIn('10114: from 192.168.8.254 lookup 1011', output
)
3059 output
= check_output('ip -6 rule list table 1011')
3061 self
.assertIn('10112: from all oif test1 lookup 1011', output
)
3063 copy_network_unit('25-routing-policy-rule-reconfigure1.network', '11-dummy.netdev')
3065 self
.wait_online('test1:degraded')
3067 output
= check_output('ip rule list table 1011')
3069 self
.assertIn('10111: from all fwmark 0x3f3 lookup 1011', output
)
3070 self
.assertIn('10112: from all oif test1 lookup 1011', output
)
3071 self
.assertIn('10113: from all iif test1 lookup 1011', output
)
3072 self
.assertIn('10114: from 192.168.8.254 lookup 1011', output
)
3074 output
= check_output('ip -6 rule list table 1011')
3076 self
.assertNotIn('10112: from all oif test1 lookup 1011', output
)
3077 self
.assertIn('10113: from all iif test1 lookup 1011', output
)
3079 call('ip rule delete priority 10111')
3080 call('ip rule delete priority 10112')
3081 call('ip rule delete priority 10113')
3082 call('ip rule delete priority 10114')
3083 call('ip -6 rule delete priority 10113')
3085 output
= check_output('ip rule list table 1011')
3087 self
.assertEqual(output
, '')
3089 output
= check_output('ip -6 rule list table 1011')
3091 self
.assertEqual(output
, '')
3093 networkctl_reconfigure('test1')
3094 self
.wait_online('test1:degraded')
3096 output
= check_output('ip rule list table 1011')
3098 self
.assertIn('10111: from all fwmark 0x3f3 lookup 1011', output
)
3099 self
.assertIn('10112: from all oif test1 lookup 1011', output
)
3100 self
.assertIn('10113: from all iif test1 lookup 1011', output
)
3101 self
.assertIn('10114: from 192.168.8.254 lookup 1011', output
)
3103 output
= check_output('ip -6 rule list table 1011')
3105 self
.assertIn('10113: from all iif test1 lookup 1011', output
)
3107 @expectedFailureIfRoutingPolicyPortRangeIsNotAvailable()
3108 def test_routing_policy_rule_port_range(self
):
3109 copy_network_unit('25-fibrule-port-range.network', '11-dummy.netdev')
3111 self
.wait_online('test1:degraded')
3113 output
= check_output('ip rule')
3115 self
.assertRegex(output
, '111')
3116 self
.assertRegex(output
, 'from 192.168.100.18')
3117 self
.assertRegex(output
, '1123-1150')
3118 self
.assertRegex(output
, '3224-3290')
3119 self
.assertRegex(output
, 'tcp')
3120 self
.assertRegex(output
, 'lookup 7')
3122 @expectedFailureIfRoutingPolicyIPProtoIsNotAvailable()
3123 def test_routing_policy_rule_invert(self
):
3124 copy_network_unit('25-fibrule-invert.network', '11-dummy.netdev')
3126 self
.wait_online('test1:degraded')
3128 output
= check_output('ip rule')
3130 self
.assertRegex(output
, '111')
3131 self
.assertRegex(output
, 'not.*?from.*?192.168.100.18')
3132 self
.assertRegex(output
, 'tcp')
3133 self
.assertRegex(output
, 'lookup 7')
3135 @expectedFailureIfRoutingPolicyL3MasterDeviceIsNotAvailable()
3136 def test_routing_policy_rule_l3mdev(self
):
3137 copy_network_unit('25-fibrule-l3mdev.network', '11-dummy.netdev')
3139 self
.wait_online('test1:degraded')
3141 output
= check_output('ip rule')
3143 self
.assertIn('1500: from all lookup [l3mdev-table]', output
)
3144 self
.assertIn('2000: from all lookup [l3mdev-table] unreachable', output
)
3146 @expectedFailureIfRoutingPolicyUIDRangeIsNotAvailable()
3147 def test_routing_policy_rule_uidrange(self
):
3148 copy_network_unit('25-fibrule-uidrange.network', '11-dummy.netdev')
3150 self
.wait_online('test1:degraded')
3152 output
= check_output('ip rule')
3154 self
.assertRegex(output
, '111')
3155 self
.assertRegex(output
, 'from 192.168.100.18')
3156 self
.assertRegex(output
, 'lookup 7')
3157 self
.assertRegex(output
, 'uidrange 100-200')
3159 def _test_route_static(self
, manage_foreign_routes
):
3160 if not manage_foreign_routes
:
3161 copy_networkd_conf_dropin('networkd-manage-foreign-routes-no.conf')
3163 copy_network_unit('25-route-static.network', '12-dummy.netdev',
3164 '25-route-static-test1.network', '11-dummy.netdev')
3166 self
.wait_online('dummy98:routable')
3168 output
= networkctl_status('dummy98')
3171 print('### ip -6 route show dev dummy98')
3172 output
= check_output('ip -6 route show dev dummy98')
3174 self
.assertIn('2001:1234:5:8fff:ff:ff:ff:ff proto static', output
)
3175 self
.assertIn('2001:1234:5:8f63::1 proto kernel', output
)
3176 self
.assertIn('2001:1234:5:afff:ff:ff:ff:ff via fe80:0:222:4dff:ff:ff:ff:ff proto static', output
)
3178 print('### ip -6 route show default')
3179 output
= check_output('ip -6 route show default')
3181 self
.assertIn('default', output
)
3182 self
.assertIn('via 2001:1234:5:8fff:ff:ff:ff:ff', output
)
3184 print('### ip -4 route show dev dummy98')
3185 output
= check_output('ip -4 route show dev dummy98')
3187 self
.assertIn('149.10.124.48/28 proto kernel scope link src 149.10.124.58', output
)
3188 self
.assertIn('149.10.124.64 proto static scope link', output
)
3189 self
.assertIn('169.254.0.0/16 proto static scope link metric 2048', output
)
3190 self
.assertIn('192.168.1.1 proto static scope link initcwnd 20', output
)
3191 self
.assertIn('192.168.1.2 proto static scope link initrwnd 30', output
)
3192 self
.assertIn('192.168.1.3 proto static scope link advmss 30', output
)
3193 self
.assertIn('192.168.1.4 proto static scope link hoplimit 122', output
)
3194 self
.assertIn('multicast 149.10.123.4 proto static', output
)
3196 print('### ip -4 route show dev dummy98 default')
3197 output
= check_output('ip -4 route show dev dummy98 default')
3199 self
.assertIn('default via 149.10.125.65 proto static onlink', output
)
3200 self
.assertIn('default via 149.10.124.64 proto static', output
)
3201 self
.assertIn('default proto static', output
)
3202 self
.assertIn('default via 1.1.8.104 proto static', output
)
3204 print('### ip -4 route show table local dev dummy98')
3205 output
= check_output('ip -4 route show table local dev dummy98')
3207 self
.assertIn('local 149.10.123.1 proto static scope host', output
)
3208 self
.assertIn('anycast 149.10.123.2 proto static scope link', output
)
3209 self
.assertIn('broadcast 149.10.123.3 proto static scope link', output
)
3211 print('### ip -4 route show type blackhole')
3212 output
= check_output('ip -4 route show type blackhole')
3214 self
.assertIn('blackhole 202.54.1.2 proto static', output
)
3216 print('### ip -4 route show type unreachable')
3217 output
= check_output('ip -4 route show type unreachable')
3219 self
.assertIn('unreachable 202.54.1.3 proto static', output
)
3221 print('### ip -4 route show type prohibit')
3222 output
= check_output('ip -4 route show type prohibit')
3224 self
.assertIn('prohibit 202.54.1.4 proto static', output
)
3226 print('### ip -6 route show type blackhole')
3227 output
= check_output('ip -6 route show type blackhole')
3229 self
.assertIn('blackhole 2001:1234:5678::2 dev lo proto static', output
)
3231 print('### ip -6 route show type unreachable')
3232 output
= check_output('ip -6 route show type unreachable')
3234 self
.assertIn('unreachable 2001:1234:5678::3 dev lo proto static', output
)
3236 print('### ip -6 route show type prohibit')
3237 output
= check_output('ip -6 route show type prohibit')
3239 self
.assertIn('prohibit 2001:1234:5678::4 dev lo proto static', output
)
3241 print('### ip route show 192.168.10.1')
3242 output
= check_output('ip route show 192.168.10.1')
3244 self
.assertIn('192.168.10.1 proto static', output
)
3245 self
.assertIn('nexthop via 149.10.123.59 dev test1 weight 20', output
)
3246 self
.assertIn('nexthop via 149.10.123.60 dev test1 weight 30', output
)
3247 self
.assertIn('nexthop via 149.10.124.59 dev dummy98 weight 10', output
)
3248 self
.assertIn('nexthop via 149.10.124.60 dev dummy98 weight 5', output
)
3250 print('### ip route show 192.168.10.2')
3251 output
= check_output('ip route show 192.168.10.2')
3253 # old ip command does not show IPv6 gateways...
3254 self
.assertIn('192.168.10.2 proto static', output
)
3255 self
.assertIn('nexthop', output
)
3256 self
.assertIn('dev test1 weight 20', output
)
3257 self
.assertIn('dev test1 weight 30', output
)
3258 self
.assertIn('dev dummy98 weight 10', output
)
3259 self
.assertIn('dev dummy98 weight 5', output
)
3261 print('### ip -6 route show 2001:1234:5:7fff:ff:ff:ff:ff')
3262 output
= check_output('ip -6 route show 2001:1234:5:7fff:ff:ff:ff:ff')
3264 # old ip command does not show 'nexthop' keyword and weight...
3265 self
.assertIn('2001:1234:5:7fff:ff:ff:ff:ff', output
)
3266 self
.assertIn('via 2001:1234:5:6fff:ff:ff:ff:ff dev test1', output
)
3267 self
.assertIn('via 2001:1234:5:7fff:ff:ff:ff:ff dev test1', output
)
3268 self
.assertIn('via 2001:1234:5:8fff:ff:ff:ff:ff dev dummy98', output
)
3269 self
.assertIn('via 2001:1234:5:9fff:ff:ff:ff:ff dev dummy98', output
)
3271 check_json(networkctl_json())
3273 copy_network_unit('25-address-static.network', copy_dropins
=False)
3275 self
.wait_online('dummy98:routable')
3277 # check all routes managed by Manager are removed
3278 print('### ip -4 route show type blackhole')
3279 output
= check_output('ip -4 route show type blackhole')
3281 self
.assertEqual(output
, '')
3283 print('### ip -4 route show type unreachable')
3284 output
= check_output('ip -4 route show type unreachable')
3286 self
.assertEqual(output
, '')
3288 print('### ip -4 route show type prohibit')
3289 output
= check_output('ip -4 route show type prohibit')
3291 self
.assertEqual(output
, '')
3293 print('### ip -6 route show type blackhole')
3294 output
= check_output('ip -6 route show type blackhole')
3296 self
.assertEqual(output
, '')
3298 print('### ip -6 route show type unreachable')
3299 output
= check_output('ip -6 route show type unreachable')
3301 self
.assertEqual(output
, '')
3303 print('### ip -6 route show type prohibit')
3304 output
= check_output('ip -6 route show type prohibit')
3306 self
.assertEqual(output
, '')
3308 remove_network_unit('25-address-static.network')
3310 self
.wait_online('dummy98:routable')
3312 # check all routes managed by Manager are reconfigured
3313 print('### ip -4 route show type blackhole')
3314 output
= check_output('ip -4 route show type blackhole')
3316 self
.assertIn('blackhole 202.54.1.2 proto static', output
)
3318 print('### ip -4 route show type unreachable')
3319 output
= check_output('ip -4 route show type unreachable')
3321 self
.assertIn('unreachable 202.54.1.3 proto static', output
)
3323 print('### ip -4 route show type prohibit')
3324 output
= check_output('ip -4 route show type prohibit')
3326 self
.assertIn('prohibit 202.54.1.4 proto static', output
)
3328 print('### ip -6 route show type blackhole')
3329 output
= check_output('ip -6 route show type blackhole')
3331 self
.assertIn('blackhole 2001:1234:5678::2 dev lo proto static', output
)
3333 print('### ip -6 route show type unreachable')
3334 output
= check_output('ip -6 route show type unreachable')
3336 self
.assertIn('unreachable 2001:1234:5678::3 dev lo proto static', output
)
3338 print('### ip -6 route show type prohibit')
3339 output
= check_output('ip -6 route show type prohibit')
3341 self
.assertIn('prohibit 2001:1234:5678::4 dev lo proto static', output
)
3343 remove_link('dummy98')
3346 # check all routes managed by Manager are removed
3347 print('### ip -4 route show type blackhole')
3348 output
= check_output('ip -4 route show type blackhole')
3350 self
.assertEqual(output
, '')
3352 print('### ip -4 route show type unreachable')
3353 output
= check_output('ip -4 route show type unreachable')
3355 self
.assertEqual(output
, '')
3357 print('### ip -4 route show type prohibit')
3358 output
= check_output('ip -4 route show type prohibit')
3360 self
.assertEqual(output
, '')
3362 print('### ip -6 route show type blackhole')
3363 output
= check_output('ip -6 route show type blackhole')
3365 self
.assertEqual(output
, '')
3367 print('### ip -6 route show type unreachable')
3368 output
= check_output('ip -6 route show type unreachable')
3370 self
.assertEqual(output
, '')
3372 print('### ip -6 route show type prohibit')
3373 output
= check_output('ip -6 route show type prohibit')
3375 self
.assertEqual(output
, '')
3377 def test_route_static(self
):
3379 for manage_foreign_routes
in [True, False]:
3385 print(f
'### test_route_static(manage_foreign_routes={manage_foreign_routes})')
3386 with self
.subTest(manage_foreign_routes
=manage_foreign_routes
):
3387 self
._test
_route
_static
(manage_foreign_routes
)
3389 @expectedFailureIfRTA_VIAIsNotSupported()
3390 def test_route_via_ipv6(self
):
3391 copy_network_unit('25-route-via-ipv6.network', '12-dummy.netdev')
3393 self
.wait_online('dummy98:routable')
3395 output
= networkctl_status('dummy98')
3398 print('### ip -6 route show dev dummy98')
3399 output
= check_output('ip -6 route show dev dummy98')
3401 self
.assertRegex(output
, '2001:1234:5:8fff:ff:ff:ff:ff proto static')
3402 self
.assertRegex(output
, '2001:1234:5:8f63::1 proto kernel')
3404 print('### ip -4 route show dev dummy98')
3405 output
= check_output('ip -4 route show dev dummy98')
3407 self
.assertRegex(output
, '149.10.124.48/28 proto kernel scope link src 149.10.124.58')
3408 self
.assertRegex(output
, '149.10.124.66 via inet6 2001:1234:5:8fff:ff:ff:ff:ff proto static')
3410 @expectedFailureIfModuleIsNotAvailable('tcp_dctcp')
3411 def test_route_congctl(self
):
3412 copy_network_unit('25-route-congctl.network', '12-dummy.netdev')
3414 self
.wait_online('dummy98:routable')
3416 print('### ip -6 route show dev dummy98 2001:1234:5:8fff:ff:ff:ff:ff')
3417 output
= check_output('ip -6 route show dev dummy98 2001:1234:5:8fff:ff:ff:ff:ff')
3419 self
.assertIn('2001:1234:5:8fff:ff:ff:ff:ff proto static', output
)
3420 self
.assertIn('congctl dctcp', output
)
3422 print('### ip -4 route show dev dummy98 149.10.124.66')
3423 output
= check_output('ip -4 route show dev dummy98 149.10.124.66')
3425 self
.assertIn('149.10.124.66 proto static', output
)
3426 self
.assertIn('congctl dctcp', output
)
3427 self
.assertIn('rto_min 300s', output
)
3429 @expectedFailureIfModuleIsNotAvailable('vrf')
3430 def test_route_vrf(self
):
3431 copy_network_unit('25-route-vrf.network', '12-dummy.netdev',
3432 '25-vrf.netdev', '25-vrf.network')
3434 self
.wait_online('dummy98:routable', 'vrf99:carrier')
3436 output
= check_output('ip route show vrf vrf99')
3438 self
.assertRegex(output
, 'default via 192.168.100.1')
3440 output
= check_output('ip route show')
3442 self
.assertNotRegex(output
, 'default via 192.168.100.1')
3444 def test_gateway_reconfigure(self
):
3445 copy_network_unit('25-gateway-static.network', '12-dummy.netdev')
3447 self
.wait_online('dummy98:routable')
3448 print('### ip -4 route show dev dummy98 default')
3449 output
= check_output('ip -4 route show dev dummy98 default')
3451 self
.assertIn('default via 149.10.124.59 proto static', output
)
3452 self
.assertNotIn('149.10.124.60', output
)
3454 remove_network_unit('25-gateway-static.network')
3455 copy_network_unit('25-gateway-next-static.network')
3457 self
.wait_online('dummy98:routable')
3458 print('### ip -4 route show dev dummy98 default')
3459 output
= check_output('ip -4 route show dev dummy98 default')
3461 self
.assertNotIn('149.10.124.59', output
)
3462 self
.assertIn('default via 149.10.124.60 proto static', output
)
3464 def test_ip_route_ipv6_src_route(self
):
3465 # a dummy device does not make the addresses go through tentative state, so we
3466 # reuse a bond from an earlier test, which does make the addresses go through
3467 # tentative state, and do our test on that
3468 copy_network_unit('23-active-slave.network', '25-route-ipv6-src.network', '25-bond-active-backup-slave.netdev', '12-dummy.netdev')
3470 self
.wait_online('dummy98:enslaved', 'bond199:routable')
3472 output
= check_output('ip -6 route list dev bond199')
3474 self
.assertIn('abcd::/16 via 2001:1234:56:8f63::1:1 proto static src 2001:1234:56:8f63::2', output
)
3476 def test_route_preferred_source_with_existing_address(self
):
3478 copy_network_unit('25-route-preferred-source.network', '12-dummy.netdev')
3483 networkctl_reconfigure('dummy98')
3485 self
.wait_online('dummy98:routable')
3487 output
= check_output('ip -6 route list dev dummy98')
3489 self
.assertIn('abcd::/16 via 2001:1234:56:8f63::1:1 proto static src 2001:1234:56:8f63::1', output
)
3491 def test_ip_link_mac_address(self
):
3492 copy_network_unit('25-address-link-section.network', '12-dummy.netdev')
3494 self
.wait_online('dummy98:degraded')
3496 output
= check_output('ip link show dummy98')
3498 self
.assertRegex(output
, '00:01:02:aa:bb:cc')
3500 def test_ip_link_unmanaged(self
):
3501 copy_network_unit('25-link-section-unmanaged.network', '12-dummy.netdev')
3504 self
.wait_operstate('dummy98', 'off', setup_state
='unmanaged')
3506 def test_ipv6_address_label(self
):
3507 copy_network_unit('25-ipv6-address-label-section.network', '12-dummy.netdev')
3509 self
.wait_online('dummy98:degraded')
3511 output
= check_output('ip addrlabel list')
3513 self
.assertRegex(output
, '2004:da8:1::/64')
3515 def test_ipv6_proxy_ndp(self
):
3516 copy_network_unit('25-ipv6-proxy-ndp.network', '12-dummy.netdev')
3519 self
.wait_online('dummy98:routable')
3521 output
= check_output('ip neighbor show proxy dev dummy98')
3523 for i
in range(1, 5):
3524 self
.assertRegex(output
, f
'2607:5300:203:5215:{i}::1 *proxy')
3526 def test_ipv6_neigh_retrans_time(self
):
3528 copy_network_unit('25-dummy.netdev', '25-dummy.network')
3531 self
.wait_online(f
'{link}:degraded')
3532 remove_network_unit('25-dummy.network')
3534 # expect retrans_time_ms updated
3535 copy_network_unit('25-ipv6-neigh-retrans-time-3s.network')
3537 self
.wait_online(f
'{link}:degraded')
3538 self
.check_ipv6_neigh_sysctl_attr(link
, 'retrans_time_ms', '3000')
3539 remove_network_unit('25-ipv6-neigh-retrans-time-3s.network')
3541 # expect retrans_time_ms unchanged
3542 copy_network_unit('25-ipv6-neigh-retrans-time-0s.network')
3544 self
.wait_online(f
'{link}:degraded')
3545 self
.check_ipv6_neigh_sysctl_attr(link
, 'retrans_time_ms', '3000')
3546 remove_network_unit('25-ipv6-neigh-retrans-time-0s.network')
3548 # expect retrans_time_ms unchanged
3549 copy_network_unit('25-ipv6-neigh-retrans-time-toobig.network')
3551 self
.wait_online(f
'{link}:degraded')
3552 self
.check_ipv6_neigh_sysctl_attr(link
, 'retrans_time_ms', '3000')
3553 remove_network_unit('25-ipv6-neigh-retrans-time-toobig.network')
3555 # expect retrans_time_ms unchanged
3556 copy_network_unit('25-ipv6-neigh-retrans-time-infinity.network')
3558 self
.wait_online(f
'{link}:degraded')
3559 self
.check_ipv6_neigh_sysctl_attr(link
, 'retrans_time_ms', '3000')
3560 remove_network_unit('25-ipv6-neigh-retrans-time-infinity.network')
3562 # expect retrans_time_ms unchanged
3563 copy_network_unit('25-ipv6-neigh-retrans-time-invalid.network')
3565 self
.wait_online(f
'{link}:degraded')
3566 self
.check_ipv6_neigh_sysctl_attr(link
, 'retrans_time_ms', '3000')
3567 remove_network_unit('25-ipv6-neigh-retrans-time-invalid.network')
3569 # expect retrans_time_ms updated
3570 copy_network_unit('25-ipv6-neigh-retrans-time-4s.network')
3572 self
.wait_online(f
'{link}:degraded')
3573 self
.check_ipv6_neigh_sysctl_attr(link
, 'retrans_time_ms', '4000')
3574 remove_network_unit('25-ipv6-neigh-retrans-time-4s.network')
3576 def test_neighbor(self
):
3577 copy_network_unit('12-dummy.netdev', '25-neighbor-dummy.network', '25-neighbor-dummy.network.d/10-step1.conf',
3578 '25-gre-tunnel-remote-any.netdev', '25-neighbor-ip.network',
3579 '25-ip6gre-tunnel-remote-any.netdev', '25-neighbor-ipv6.network',
3582 self
.wait_online('dummy98:degraded', 'gretun97:routable', 'ip6gretun97:routable')
3584 print('### ip neigh list dev gretun97')
3585 output
= check_output('ip neigh list dev gretun97')
3587 self
.assertIn('10.0.0.22 lladdr 10.65.223.239 PERMANENT', output
)
3588 self
.assertNotIn('10.0.0.23', output
)
3590 print('### ip neigh list dev ip6gretun97')
3591 output
= check_output('ip neigh list dev ip6gretun97')
3593 self
.assertRegex(output
, '2001:db8:0:f102::17 lladdr 2a:?00:ff:?de:45:?67:ed:?de:[0:]*:49:?88 PERMANENT')
3594 self
.assertNotIn('2001:db8:0:f102::18', output
)
3596 print('### ip neigh list dev dummy98')
3597 output
= check_output('ip neigh list dev dummy98')
3599 self
.assertIn('192.168.10.1 lladdr 00:00:5e:00:02:65 PERMANENT', output
)
3600 self
.assertIn('2004:da8:1::1 lladdr 00:00:5e:00:02:66 PERMANENT', output
)
3601 self
.assertNotIn('2004:da8:1:0::2', output
)
3602 self
.assertNotIn('192.168.10.2', output
)
3603 self
.assertNotIn('00:00:5e:00:02:67', output
)
3605 check_json(networkctl_json())
3607 # Here, 10-step1.conf is intendedly kept, to verify that 10-step2.conf overrides
3608 # the valid configurations in 10-step1.conf.
3609 copy_network_unit('25-neighbor-dummy.network.d/10-step2.conf')
3611 self
.wait_online('dummy98:degraded')
3613 print('### ip neigh list dev dummy98')
3614 output
= check_output('ip neigh list dev dummy98')
3616 self
.assertIn('192.168.10.1 lladdr 00:00:5e:00:03:65 PERMANENT', output
)
3617 self
.assertIn('2004:da8:1::1 lladdr 00:00:5e:00:03:66 PERMANENT', output
)
3618 self
.assertNotIn('2004:da8:1:0::2', output
)
3619 self
.assertNotIn('192.168.10.2', output
)
3620 self
.assertNotIn('00:00:5e:00:02:67', output
)
3622 check_json(networkctl_json())
3624 remove_network_unit('25-neighbor-dummy.network.d/10-step1.conf',
3625 '25-neighbor-dummy.network.d/10-step2.conf')
3626 copy_network_unit('25-neighbor-dummy.network.d/10-step3.conf')
3628 self
.wait_online('dummy98:degraded')
3630 print('### ip neigh list dev dummy98')
3631 output
= check_output('ip neigh list dev dummy98')
3633 self
.assertIn('192.168.10.1 lladdr 00:00:5e:00:03:66 PERMANENT', output
)
3634 self
.assertNotIn('00:00:5e:00:02:65', output
)
3635 self
.assertNotIn('00:00:5e:00:02:66', output
)
3636 self
.assertNotIn('00:00:5e:00:03:65', output
)
3637 self
.assertNotIn('2004:da8:1::1', output
)
3639 def test_link_local_addressing(self
):
3640 copy_network_unit('25-link-local-addressing-yes.network', '11-dummy.netdev',
3641 '25-link-local-addressing-no.network', '12-dummy.netdev')
3643 self
.wait_online('test1:degraded', 'dummy98:carrier')
3645 output
= check_output('ip address show dev test1')
3647 self
.assertRegex(output
, 'inet .* scope link')
3648 self
.assertRegex(output
, 'inet6 .* scope link')
3650 output
= check_output('ip address show dev dummy98')
3652 self
.assertNotRegex(output
, 'inet6* .* scope link')
3654 # Documentation/networking/ip-sysctl.txt
3656 # addr_gen_mode - INTEGER
3657 # Defines how link-local and autoconf addresses are generated.
3659 # 0: generate address based on EUI64 (default)
3660 # 1: do no generate a link-local address, use EUI64 for addresses generated
3662 # 2: generate stable privacy addresses, using the secret from
3663 # stable_secret (RFC7217)
3664 # 3: generate stable privacy addresses, using a random secret if unset
3666 self
.check_ipv6_sysctl_attr('test1', 'stable_secret', '0123:4567:89ab:cdef:0123:4567:89ab:cdef')
3667 self
.check_ipv6_sysctl_attr('test1', 'addr_gen_mode', '2')
3668 self
.check_ipv6_sysctl_attr('dummy98', 'addr_gen_mode', '1')
3670 def test_link_local_addressing_ipv6ll(self
):
3671 copy_network_unit('26-link-local-addressing-ipv6.network', '12-dummy.netdev')
3673 self
.wait_online('dummy98:degraded')
3675 # An IPv6LL address exists by default.
3676 output
= check_output('ip address show dev dummy98')
3678 self
.assertRegex(output
, 'inet6 .* scope link')
3680 copy_network_unit('25-link-local-addressing-no.network')
3682 self
.wait_online('dummy98:carrier')
3684 # Check if the IPv6LL address is removed.
3685 output
= check_output('ip address show dev dummy98')
3687 self
.assertNotRegex(output
, 'inet6 .* scope link')
3689 remove_network_unit('25-link-local-addressing-no.network')
3691 self
.wait_online('dummy98:degraded')
3693 # Check if a new IPv6LL address is assigned.
3694 output
= check_output('ip address show dev dummy98')
3696 self
.assertRegex(output
, 'inet6 .* scope link')
3698 def test_sysctl(self
):
3699 copy_networkd_conf_dropin('25-global-ipv6-privacy-extensions.conf')
3700 copy_network_unit('25-sysctl.network', '12-dummy.netdev', copy_dropins
=False)
3702 self
.wait_online('dummy98:degraded')
3704 self
.check_ipv6_sysctl_attr('dummy98', 'forwarding', '1')
3705 self
.check_ipv6_sysctl_attr('dummy98', 'use_tempaddr', '1')
3706 self
.check_ipv6_sysctl_attr('dummy98', 'dad_transmits', '3')
3707 self
.check_ipv6_sysctl_attr('dummy98', 'hop_limit', '5')
3708 self
.check_ipv6_sysctl_attr('dummy98', 'proxy_ndp', '1')
3709 self
.check_ipv4_sysctl_attr('dummy98', 'forwarding', '1')
3710 self
.check_ipv4_sysctl_attr('dummy98', 'proxy_arp', '1')
3711 self
.check_ipv4_sysctl_attr('dummy98', 'proxy_arp_pvlan', '1')
3712 self
.check_ipv4_sysctl_attr('dummy98', 'accept_local', '1')
3713 self
.check_ipv4_sysctl_attr('dummy98', 'rp_filter', '0')
3715 copy_network_unit('25-sysctl.network.d/25-ipv6-privacy-extensions.conf')
3717 self
.wait_online('dummy98:degraded')
3719 self
.check_ipv6_sysctl_attr('dummy98', 'use_tempaddr', '2')
3721 def test_sysctl_disable_ipv6(self
):
3722 copy_network_unit('25-sysctl-disable-ipv6.network', '12-dummy.netdev')
3724 print('## Disable ipv6')
3725 check_output('sysctl net.ipv6.conf.all.disable_ipv6=1')
3726 check_output('sysctl net.ipv6.conf.default.disable_ipv6=1')
3729 self
.wait_online('dummy98:routable')
3731 output
= check_output('ip -4 address show dummy98')
3733 self
.assertRegex(output
, 'inet 10.2.3.4/16 brd 10.2.255.255 scope global dummy98')
3734 output
= check_output('ip -6 address show dummy98')
3736 self
.assertRegex(output
, 'inet6 2607:5300:203:3906::/64 scope global')
3737 self
.assertRegex(output
, 'inet6 .* scope link')
3738 output
= check_output('ip -4 route show dev dummy98')
3740 self
.assertRegex(output
, '10.2.0.0/16 proto kernel scope link src 10.2.3.4')
3741 output
= check_output('ip -6 route show default')
3743 self
.assertRegex(output
, 'default')
3744 self
.assertRegex(output
, 'via 2607:5300:203:39ff:ff:ff:ff:ff')
3746 remove_link('dummy98')
3748 print('## Enable ipv6')
3749 check_output('sysctl net.ipv6.conf.all.disable_ipv6=0')
3750 check_output('sysctl net.ipv6.conf.default.disable_ipv6=0')
3753 self
.wait_online('dummy98:routable')
3755 output
= check_output('ip -4 address show dummy98')
3757 self
.assertRegex(output
, 'inet 10.2.3.4/16 brd 10.2.255.255 scope global dummy98')
3758 output
= check_output('ip -6 address show dummy98')
3760 self
.assertRegex(output
, 'inet6 2607:5300:203:3906::/64 scope global')
3761 self
.assertRegex(output
, 'inet6 .* scope link')
3762 output
= check_output('ip -4 route show dev dummy98')
3764 self
.assertRegex(output
, '10.2.0.0/16 proto kernel scope link src 10.2.3.4')
3765 output
= check_output('ip -6 route show default')
3767 self
.assertRegex(output
, 'via 2607:5300:203:39ff:ff:ff:ff:ff')
3769 def test_bind_carrier(self
):
3770 copy_network_unit('25-bind-carrier.network', '11-dummy.netdev')
3773 # no bound interface.
3774 self
.wait_operstate('test1', 'off', setup_state
='configuring')
3775 output
= check_output('ip address show test1')
3777 self
.assertNotIn('UP,LOWER_UP', output
)
3778 self
.assertIn('DOWN', output
)
3779 self
.assertNotIn('192.168.10', output
)
3781 # add one bound interface. The interface will be up.
3782 check_output('ip link add dummy98 type dummy')
3783 check_output('ip link set dummy98 up')
3784 self
.wait_online('test1:routable')
3785 output
= check_output('ip address show test1')
3787 self
.assertIn('UP,LOWER_UP', output
)
3788 self
.assertIn('inet 192.168.10.30/24 brd 192.168.10.255 scope global test1', output
)
3790 # add another bound interface. The interface is still up.
3791 check_output('ip link add dummy99 type dummy')
3792 check_output('ip link set dummy99 up')
3793 self
.wait_operstate('dummy99', 'degraded', setup_state
='unmanaged')
3794 output
= check_output('ip address show test1')
3796 self
.assertIn('UP,LOWER_UP', output
)
3797 self
.assertIn('inet 192.168.10.30/24 brd 192.168.10.255 scope global test1', output
)
3799 # remove one of the bound interfaces. The interface is still up
3800 remove_link('dummy98')
3801 output
= check_output('ip address show test1')
3803 self
.assertIn('UP,LOWER_UP', output
)
3804 self
.assertIn('inet 192.168.10.30/24 brd 192.168.10.255 scope global test1', output
)
3806 # bring down the remaining bound interface. The interface will be down.
3807 check_output('ip link set dummy99 down')
3808 self
.wait_operstate('test1', 'off')
3809 self
.wait_address_dropped('test1', r
'192.168.10', ipv
='-4', timeout_sec
=10)
3810 output
= check_output('ip address show test1')
3812 self
.assertNotIn('UP,LOWER_UP', output
)
3813 self
.assertIn('DOWN', output
)
3814 self
.assertNotIn('192.168.10', output
)
3816 # bring up the bound interface. The interface will be up.
3817 check_output('ip link set dummy99 up')
3818 self
.wait_online('test1:routable')
3819 output
= check_output('ip address show test1')
3821 self
.assertIn('UP,LOWER_UP', output
)
3822 self
.assertIn('inet 192.168.10.30/24 brd 192.168.10.255 scope global test1', output
)
3824 # remove the remaining bound interface. The interface will be down.
3825 remove_link('dummy99')
3826 self
.wait_operstate('test1', 'off')
3827 self
.wait_address_dropped('test1', r
'192.168.10', ipv
='-4', timeout_sec
=10)
3828 output
= check_output('ip address show test1')
3830 self
.assertNotIn('UP,LOWER_UP', output
)
3831 self
.assertIn('DOWN', output
)
3832 self
.assertNotIn('192.168.10', output
)
3834 # re-add one bound interface. The interface will be up.
3835 check_output('ip link add dummy98 type dummy')
3836 check_output('ip link set dummy98 up')
3837 self
.wait_online('test1:routable')
3838 output
= check_output('ip address show test1')
3840 self
.assertIn('UP,LOWER_UP', output
)
3841 self
.assertIn('inet 192.168.10.30/24 brd 192.168.10.255 scope global test1', output
)
3843 def _test_activation_policy(self
, interface
, test
):
3844 conffile
= '25-activation-policy.network'
3846 conffile
= f
'{conffile}.d/{test}.conf'
3847 if interface
== 'vlan99':
3848 copy_network_unit('21-vlan.netdev', '21-vlan-test1.network')
3849 copy_network_unit('11-dummy.netdev', conffile
, copy_dropins
=False)
3852 always
= test
.startswith('always')
3853 initial_up
= test
!= 'manual' and not test
.endswith('down') # note: default is up
3854 expect_up
= initial_up
3855 next_up
= not expect_up
3857 if test
.endswith('down'):
3858 self
.wait_activated(interface
)
3860 for iteration
in range(4):
3861 with self
.subTest(iteration
=iteration
, expect_up
=expect_up
):
3862 operstate
= 'routable' if expect_up
else 'off'
3863 setup_state
= 'configured' if expect_up
else ('configuring' if iteration
== 0 else None)
3864 self
.wait_operstate(interface
, operstate
, setup_state
=setup_state
, setup_timeout
=20)
3867 self
.assertIn('UP', check_output(f
'ip link show {interface}'))
3868 self
.assertIn('192.168.10.30/24', check_output(f
'ip address show {interface}'))
3869 self
.assertIn('default via 192.168.10.1', check_output(f
'ip route show dev {interface}'))
3871 self
.assertIn('DOWN', check_output(f
'ip link show {interface}'))
3874 check_output(f
'ip link set dev {interface} up')
3876 check_output(f
'ip link set dev {interface} down')
3877 expect_up
= initial_up
if always
else next_up
3878 next_up
= not next_up
3882 def test_activation_policy(self
):
3884 for interface
in ['test1', 'vlan99']:
3885 for test
in ['up', 'always-up', 'manual', 'always-down', 'down', '']:
3891 print(f
'### test_activation_policy(interface={interface}, test={test})')
3892 with self
.subTest(interface
=interface
, test
=test
):
3893 self
._test
_activation
_policy
(interface
, test
)
3895 def _test_activation_policy_required_for_online(self
, policy
, required
):
3896 conffile
= '25-activation-policy.network'
3897 units
= ['11-dummy.netdev', '12-dummy.netdev', '12-dummy.network', conffile
]
3899 units
+= [f
'{conffile}.d/{policy}.conf']
3901 units
+= [f
'{conffile}.d/required-{required}.conf']
3902 copy_network_unit(*units
, copy_dropins
=False)
3905 if policy
.endswith('down'):
3906 self
.wait_activated('test1')
3908 if policy
.endswith('down') or policy
== 'manual':
3909 self
.wait_operstate('test1', 'off', setup_state
='configuring')
3911 self
.wait_online('test1')
3913 if policy
== 'always-down':
3914 # if always-down, required for online is forced to no
3917 # otherwise if required for online is specified, it should match that
3918 expected
= required
== 'yes'
3920 # otherwise if only policy specified, required for online defaults to
3921 # true if policy is up, always-up, or bound
3922 expected
= policy
.endswith('up') or policy
== 'bound'
3924 # default is true, if neither are specified
3927 output
= networkctl_status('test1')
3930 yesno
= 'yes' if expected
else 'no'
3931 self
.assertRegex(output
, f
'Required For Online: {yesno}')
3933 def test_activation_policy_required_for_online(self
):
3935 for policy
in ['up', 'always-up', 'manual', 'always-down', 'down', 'bound', '']:
3936 for required
in ['yes', 'no', '']:
3942 print(f
'### test_activation_policy_required_for_online(policy={policy}, required={required})')
3943 with self
.subTest(policy
=policy
, required
=required
):
3944 self
._test
_activation
_policy
_required
_for
_online
(policy
, required
)
3946 def test_domain(self
):
3947 copy_network_unit('12-dummy.netdev', '24-search-domain.network')
3949 self
.wait_online('dummy98:routable')
3951 output
= networkctl_status('dummy98')
3953 self
.assertRegex(output
, 'Address: 192.168.42.100')
3954 self
.assertRegex(output
, 'DNS: 192.168.42.1')
3955 self
.assertRegex(output
, 'Search Domains: one')
3957 def test_keep_configuration_static(self
):
3958 check_output('ip link add name dummy98 type dummy')
3959 check_output('ip address add 10.1.2.3/16 dev dummy98')
3960 check_output('ip address add 10.2.3.4/16 dev dummy98 valid_lft 600 preferred_lft 500')
3961 output
= check_output('ip address show dummy98')
3963 self
.assertRegex(output
, 'inet 10.1.2.3/16 scope global dummy98')
3964 self
.assertRegex(output
, 'inet 10.2.3.4/16 scope global dynamic dummy98')
3965 output
= check_output('ip route show dev dummy98')
3968 copy_network_unit('24-keep-configuration-static.network')
3970 self
.wait_online('dummy98:routable')
3972 output
= check_output('ip address show dummy98')
3974 self
.assertRegex(output
, 'inet 10.1.2.3/16 scope global dummy98')
3975 self
.assertNotRegex(output
, 'inet 10.2.3.4/16 scope global dynamic dummy98')
3977 def check_nexthop(self
, manage_foreign_nexthops
, first
):
3978 self
.wait_online('veth99:routable', 'veth-peer:routable', 'dummy98:routable')
3980 output
= check_output('ip nexthop list dev veth99')
3983 self
.assertIn('id 1 via 192.168.5.1 dev veth99', output
)
3984 self
.assertIn('id 2 via 2001:1234:5:8f63::2 dev veth99', output
)
3986 self
.assertIn('id 6 via 192.168.5.1 dev veth99', output
)
3987 self
.assertIn('id 7 via 2001:1234:5:8f63::2 dev veth99', output
)
3988 self
.assertIn('id 3 dev veth99', output
)
3989 self
.assertIn('id 4 dev veth99', output
)
3991 self
.assertRegex(output
, 'id 5 via 192.168.10.1 dev veth99 .*onlink')
3993 self
.assertIn('id 5 via 192.168.5.3 dev veth99', output
)
3994 self
.assertNotRegex(output
, 'id 5 via 192.168.5.3 dev veth99 .*onlink')
3995 self
.assertIn('id 8 via fe80:0:222:4dff:ff:ff:ff:ff dev veth99', output
)
3996 if manage_foreign_nexthops
:
3997 self
.assertRegex(output
, r
'id [0-9]* via 192.168.5.2 dev veth99')
3999 output
= check_output('ip nexthop list dev dummy98')
4002 self
.assertIn('id 20 via 192.168.20.1 dev dummy98', output
)
4004 self
.assertIn('id 21 via 192.168.20.1 dev dummy98', output
)
4005 if manage_foreign_nexthops
:
4006 self
.assertNotIn('id 42 via 192.168.20.2 dev dummy98', output
)
4008 self
.assertIn('id 42 via 192.168.20.2 dev dummy98', output
)
4010 # kernel manages blackhole nexthops on lo
4011 output
= check_output('ip nexthop list dev lo')
4014 self
.assertIn('id 6 blackhole', output
)
4015 self
.assertIn('id 7 blackhole', output
)
4017 self
.assertIn('id 1 blackhole', output
)
4018 self
.assertIn('id 2 blackhole', output
)
4020 # group nexthops are shown with -0 option
4022 output
= check_output('ip -0 nexthop list id 21')
4024 self
.assertRegex(output
, r
'id 21 group (1,3/20|20/1,3)')
4026 output
= check_output('ip -0 nexthop list id 20')
4028 self
.assertRegex(output
, r
'id 20 group (5,3/21|21/5,3)')
4030 output
= check_output('ip route show dev veth99 10.10.10.10')
4033 self
.assertEqual('10.10.10.10 nhid 1 via 192.168.5.1 proto static', output
)
4035 self
.assertEqual('10.10.10.10 nhid 6 via 192.168.5.1 proto static', output
)
4037 output
= check_output('ip route show dev veth99 10.10.10.11')
4040 self
.assertEqual('10.10.10.11 nhid 2 via inet6 2001:1234:5:8f63::2 proto static', output
)
4042 self
.assertEqual('10.10.10.11 nhid 7 via inet6 2001:1234:5:8f63::2 proto static', output
)
4044 output
= check_output('ip route show dev veth99 10.10.10.12')
4047 self
.assertEqual('10.10.10.12 nhid 5 via 192.168.10.1 proto static onlink', output
)
4049 self
.assertEqual('10.10.10.12 nhid 5 via 192.168.5.3 proto static', output
)
4051 output
= check_output('ip -6 route show dev veth99 2001:1234:5:8f62::1')
4054 self
.assertEqual('2001:1234:5:8f62::1 nhid 2 via 2001:1234:5:8f63::2 proto static metric 1024 pref medium', output
)
4056 self
.assertEqual('2001:1234:5:8f62::1 nhid 7 via 2001:1234:5:8f63::2 proto static metric 1024 pref medium', output
)
4058 output
= check_output('ip route show 10.10.10.13')
4061 self
.assertEqual('blackhole 10.10.10.13 nhid 6 dev lo proto static', output
)
4063 self
.assertEqual('blackhole 10.10.10.13 nhid 1 dev lo proto static', output
)
4065 output
= check_output('ip -6 route show 2001:1234:5:8f62::2')
4068 self
.assertEqual('blackhole 2001:1234:5:8f62::2 nhid 7 dev lo proto static metric 1024 pref medium', output
)
4070 self
.assertEqual('blackhole 2001:1234:5:8f62::2 nhid 2 dev lo proto static metric 1024 pref medium', output
)
4072 output
= check_output('ip route show 10.10.10.14')
4075 self
.assertIn('10.10.10.14 nhid 21 proto static', output
)
4076 self
.assertIn('nexthop via 192.168.5.1 dev veth99 weight 3', output
)
4078 self
.assertIn('10.10.10.14 nhid 20 proto static', output
)
4079 self
.assertIn('nexthop via 192.168.5.3 dev veth99 weight 3', output
)
4080 self
.assertIn('nexthop via 192.168.20.1 dev dummy98 weight 1', output
)
4082 output
= networkctl_json()
4084 self
.assertNotIn('"Destination":[10.10.10.14]', output
)
4086 def _test_nexthop(self
, manage_foreign_nexthops
):
4087 if not manage_foreign_nexthops
:
4088 copy_networkd_conf_dropin('networkd-manage-foreign-nexthops-no.conf')
4090 check_output('ip link add dummy98 type dummy')
4091 check_output('ip link set dummy98 up')
4092 check_output('ip address add 192.168.20.20/24 dev dummy98')
4093 check_output('ip nexthop add id 42 via 192.168.20.2 dev dummy98')
4095 copy_network_unit('25-nexthop-1.network', '25-veth.netdev', '25-veth-peer.network',
4096 '12-dummy.netdev', '25-nexthop-dummy-1.network')
4099 self
.check_nexthop(manage_foreign_nexthops
, first
=True)
4101 remove_network_unit('25-nexthop-1.network', '25-nexthop-dummy-1.network')
4102 copy_network_unit('25-nexthop-2.network', '25-nexthop-dummy-2.network')
4104 self
.check_nexthop(manage_foreign_nexthops
, first
=False)
4106 remove_network_unit('25-nexthop-2.network')
4107 copy_network_unit('25-nexthop-nothing.network')
4109 self
.wait_online('veth99:routable', 'veth-peer:routable')
4111 output
= check_output('ip nexthop list dev veth99')
4113 self
.assertEqual(output
, '')
4114 output
= check_output('ip nexthop list dev lo')
4116 self
.assertEqual(output
, '')
4118 remove_network_unit('25-nexthop-nothing.network', '25-nexthop-dummy-2.network')
4119 copy_network_unit('25-nexthop-1.network', '25-nexthop-dummy-1.network')
4120 # Of course, networkctl_reconfigure() below is unnecessary in normal operation, but it is intentional
4121 # here to test reconfiguring with different .network files does not trigger race.
4122 # See also comments in link_drop_requests().
4123 networkctl_reconfigure('dummy98') # reconfigured with 25-nexthop-dummy-2.network
4124 networkctl_reload() # reconfigured with 25-nexthop-dummy-1.network
4126 self
.check_nexthop(manage_foreign_nexthops
, first
=True)
4128 # Remove nexthop with ID 20
4129 check_output('ip nexthop del id 20')
4130 copy_network_unit('11-dummy.netdev', '25-nexthop-test1.network')
4133 # 25-nexthop-test1.network requests a route with nexthop ID 21,
4134 # which is silently removed by the kernel when nexthop with ID 20 is removed in the above,
4135 # hence test1 should be stuck in the configuring state.
4136 self
.wait_operstate('test1', operstate
='routable', setup_state
='configuring')
4138 # Wait for a while, and check if the interface is still in the configuring state.
4140 output
= networkctl_status('test1')
4141 self
.assertIn('State: routable (configuring)', output
)
4143 # Check if the route which needs nexthop 20 and 21 are forgotten.
4144 output
= networkctl_json()
4146 self
.assertNotIn('"Destination":[10.10.10.14]', output
)
4148 # Reconfigure the interface that has nexthop with ID 20 and 21,
4149 # then the route requested by test1 can be configured.
4150 networkctl_reconfigure('dummy98')
4151 self
.wait_online('test1:routable')
4153 # Check if the requested route actually configured.
4154 output
= check_output('ip route show 10.10.11.10')
4156 self
.assertIn('10.10.11.10 nhid 21 proto static', output
)
4157 self
.assertIn('nexthop via 192.168.5.1 dev veth99 weight 3', output
)
4158 self
.assertIn('nexthop via 192.168.20.1 dev dummy98 weight 1', output
)
4160 remove_link('veth99')
4163 output
= check_output('ip nexthop list dev lo')
4165 self
.assertEqual(output
, '')
4167 @expectedFailureIfNexthopIsNotAvailable()
4168 def test_nexthop(self
):
4170 for manage_foreign_nexthops
in [True, False]:
4176 print(f
'### test_nexthop(manage_foreign_nexthops={manage_foreign_nexthops})')
4177 with self
.subTest(manage_foreign_nexthops
=manage_foreign_nexthops
):
4178 self
._test
_nexthop
(manage_foreign_nexthops
)
4180 class NetworkdTCTests(unittest
.TestCase
, Utilities
):
4188 @expectedFailureIfModuleIsNotAvailable('sch_cake')
4189 def test_qdisc_cake(self
):
4190 copy_network_unit('25-qdisc-cake.network', '12-dummy.netdev')
4192 self
.wait_online('dummy98:routable')
4194 output
= check_output('tc qdisc show dev dummy98')
4196 self
.assertIn('qdisc cake 3a: root', output
)
4197 self
.assertIn('bandwidth 500Mbit', output
)
4198 self
.assertIn('autorate-ingress', output
)
4199 self
.assertIn('diffserv8', output
)
4200 self
.assertIn('dual-dsthost', output
)
4201 self
.assertIn(' nat', output
)
4202 self
.assertIn(' wash', output
)
4203 self
.assertIn(' split-gso', output
)
4204 self
.assertIn(' raw', output
)
4205 self
.assertIn(' atm', output
)
4206 self
.assertIn('overhead 128', output
)
4207 self
.assertIn('mpu 20', output
)
4208 self
.assertIn('fwmark 0xff00', output
)
4209 self
.assertIn('rtt 1s', output
)
4210 self
.assertIn('ack-filter-aggressive', output
)
4212 @expectedFailureIfModuleIsNotAvailable('sch_codel')
4213 def test_qdisc_codel(self
):
4214 copy_network_unit('25-qdisc-codel.network', '12-dummy.netdev')
4216 self
.wait_online('dummy98:routable')
4218 output
= check_output('tc qdisc show dev dummy98')
4220 self
.assertRegex(output
, 'qdisc codel 33: root')
4221 self
.assertRegex(output
, 'limit 2000p target 10(.0)?ms ce_threshold 100(.0)?ms interval 50(.0)?ms ecn')
4223 @expectedFailureIfModuleIsNotAvailable('sch_drr')
4224 def test_qdisc_drr(self
):
4225 copy_network_unit('25-qdisc-drr.network', '12-dummy.netdev')
4227 self
.wait_online('dummy98:routable')
4229 output
= check_output('tc qdisc show dev dummy98')
4231 self
.assertRegex(output
, 'qdisc drr 2: root')
4232 output
= check_output('tc class show dev dummy98')
4234 self
.assertRegex(output
, 'class drr 2:30 root quantum 2000b')
4236 @expectedFailureIfModuleIsNotAvailable('sch_ets')
4237 def test_qdisc_ets(self
):
4238 copy_network_unit('25-qdisc-ets.network', '12-dummy.netdev')
4240 self
.wait_online('dummy98:routable')
4242 output
= check_output('tc qdisc show dev dummy98')
4245 self
.assertRegex(output
, 'qdisc ets 3a: root')
4246 self
.assertRegex(output
, 'bands 10 strict 3')
4247 self
.assertRegex(output
, 'quanta 1 2 3 4 5')
4248 self
.assertRegex(output
, 'priomap 3 4 5 6 7')
4250 @expectedFailureIfModuleIsNotAvailable('sch_fq')
4251 def test_qdisc_fq(self
):
4252 copy_network_unit('25-qdisc-fq.network', '12-dummy.netdev')
4254 self
.wait_online('dummy98:routable')
4256 output
= check_output('tc qdisc show dev dummy98')
4258 self
.assertRegex(output
, 'qdisc fq 32: root')
4259 self
.assertRegex(output
, 'limit 1000p flow_limit 200p buckets 512 orphan_mask 511')
4260 self
.assertRegex(output
, 'quantum 1500')
4261 self
.assertRegex(output
, 'initial_quantum 13000')
4262 self
.assertRegex(output
, 'maxrate 1Mbit')
4264 @expectedFailureIfModuleIsNotAvailable('sch_fq_codel')
4265 def test_qdisc_fq_codel(self
):
4266 copy_network_unit('25-qdisc-fq_codel.network', '12-dummy.netdev')
4268 self
.wait_online('dummy98:routable')
4270 output
= check_output('tc qdisc show dev dummy98')
4272 self
.assertRegex(output
, 'qdisc fq_codel 34: root')
4273 self
.assertRegex(output
, 'limit 20480p flows 2048 quantum 1400 target 10(.0)?ms ce_threshold 100(.0)?ms interval 200(.0)?ms memory_limit 64Mb ecn')
4275 @expectedFailureIfModuleIsNotAvailable('sch_fq_pie')
4276 def test_qdisc_fq_pie(self
):
4277 copy_network_unit('25-qdisc-fq_pie.network', '12-dummy.netdev')
4279 self
.wait_online('dummy98:routable')
4281 output
= check_output('tc qdisc show dev dummy98')
4284 self
.assertRegex(output
, 'qdisc fq_pie 3a: root')
4285 self
.assertRegex(output
, 'limit 200000p')
4287 @expectedFailureIfModuleIsNotAvailable('sch_gred')
4288 def test_qdisc_gred(self
):
4289 copy_network_unit('25-qdisc-gred.network', '12-dummy.netdev')
4291 self
.wait_online('dummy98:routable')
4293 output
= check_output('tc qdisc show dev dummy98')
4295 self
.assertRegex(output
, 'qdisc gred 38: root')
4296 self
.assertRegex(output
, 'vqs 12 default 10 grio')
4298 @expectedFailureIfModuleIsNotAvailable('sch_hhf')
4299 def test_qdisc_hhf(self
):
4300 copy_network_unit('25-qdisc-hhf.network', '12-dummy.netdev')
4302 self
.wait_online('dummy98:routable')
4304 output
= check_output('tc qdisc show dev dummy98')
4306 self
.assertRegex(output
, 'qdisc hhf 3a: root')
4307 self
.assertRegex(output
, 'limit 1022p')
4309 @expectedFailureIfModuleIsNotAvailable('sch_htb')
4310 def test_qdisc_htb_fifo(self
):
4311 copy_network_unit('25-qdisc-htb-fifo.network', '12-dummy.netdev')
4313 self
.wait_online('dummy98:routable')
4315 output
= check_output('tc qdisc show dev dummy98')
4317 self
.assertRegex(output
, 'qdisc htb 2: root')
4318 self
.assertRegex(output
, r
'default (0x30|30)')
4320 self
.assertRegex(output
, 'qdisc pfifo 37: parent 2:37')
4321 self
.assertRegex(output
, 'limit 100000p')
4323 self
.assertRegex(output
, 'qdisc bfifo 3a: parent 2:3a')
4324 self
.assertRegex(output
, 'limit 1000000')
4326 self
.assertRegex(output
, 'qdisc pfifo_head_drop 3b: parent 2:3b')
4327 self
.assertRegex(output
, 'limit 1023p')
4329 self
.assertRegex(output
, 'qdisc pfifo_fast 3c: parent 2:3c')
4331 output
= check_output('tc -d class show dev dummy98')
4333 # Here (:|prio) is a workaround for a bug in iproute2 v6.2.0 caused by
4334 # https://github.com/shemminger/iproute2/commit/010a8388aea11e767ba3a2506728b9ad9760df0e
4335 # which is fixed in v6.3.0 by
4336 # https://github.com/shemminger/iproute2/commit/4e0e56e0ef05387f7f5d8ab41fe6ec6a1897b26d
4337 self
.assertRegex(output
, 'class htb 2:37 root leaf 37(:|prio) ')
4338 self
.assertRegex(output
, 'class htb 2:3a root leaf 3a(:|prio) ')
4339 self
.assertRegex(output
, 'class htb 2:3b root leaf 3b(:|prio) ')
4340 self
.assertRegex(output
, 'class htb 2:3c root leaf 3c(:|prio) ')
4341 self
.assertRegex(output
, 'prio 1 quantum 4000 rate 1Mbit overhead 100 ceil 500Kbit')
4342 self
.assertRegex(output
, 'burst 123456')
4343 self
.assertRegex(output
, 'cburst 123457')
4345 @expectedFailureIfModuleIsNotAvailable('sch_ingress')
4346 def test_qdisc_ingress(self
):
4347 copy_network_unit('25-qdisc-clsact.network', '12-dummy.netdev',
4348 '25-qdisc-ingress.network', '11-dummy.netdev')
4350 self
.wait_online('dummy98:routable', 'test1:routable')
4352 output
= check_output('tc qdisc show dev dummy98')
4354 self
.assertRegex(output
, 'qdisc clsact')
4356 output
= check_output('tc qdisc show dev test1')
4358 self
.assertRegex(output
, 'qdisc ingress')
4360 @expectedFailureIfModuleIsNotAvailable('sch_netem')
4361 def test_qdisc_netem(self
):
4362 copy_network_unit('25-qdisc-netem.network', '12-dummy.netdev',
4363 '25-qdisc-netem-compat.network', '11-dummy.netdev')
4365 self
.wait_online('dummy98:routable', 'test1:routable')
4367 output
= check_output('tc qdisc show dev dummy98')
4369 self
.assertRegex(output
, 'qdisc netem 30: root')
4370 self
.assertRegex(output
, 'limit 100 delay 50(.0)?ms 10(.0)?ms loss 20%')
4372 output
= check_output('tc qdisc show dev test1')
4374 self
.assertRegex(output
, 'qdisc netem [0-9a-f]*: root')
4375 self
.assertRegex(output
, 'limit 100 delay 50(.0)?ms 10(.0)?ms loss 20%')
4377 @expectedFailureIfModuleIsNotAvailable('sch_pie')
4378 def test_qdisc_pie(self
):
4379 copy_network_unit('25-qdisc-pie.network', '12-dummy.netdev')
4381 self
.wait_online('dummy98:routable')
4383 output
= check_output('tc qdisc show dev dummy98')
4385 self
.assertRegex(output
, 'qdisc pie 3a: root')
4386 self
.assertRegex(output
, 'limit 200000')
4388 @expectedFailureIfModuleIsNotAvailable('sch_qfq')
4389 def test_qdisc_qfq(self
):
4390 copy_network_unit('25-qdisc-qfq.network', '12-dummy.netdev')
4392 self
.wait_online('dummy98:routable')
4394 output
= check_output('tc qdisc show dev dummy98')
4396 self
.assertRegex(output
, 'qdisc qfq 2: root')
4397 output
= check_output('tc class show dev dummy98')
4399 self
.assertRegex(output
, 'class qfq 2:30 root weight 2 maxpkt 16000')
4400 self
.assertRegex(output
, 'class qfq 2:31 root weight 10 maxpkt 8000')
4402 @expectedFailureIfModuleIsNotAvailable('sch_sfb')
4403 def test_qdisc_sfb(self
):
4404 copy_network_unit('25-qdisc-sfb.network', '12-dummy.netdev')
4406 self
.wait_online('dummy98:routable')
4408 output
= check_output('tc qdisc show dev dummy98')
4410 self
.assertRegex(output
, 'qdisc sfb 39: root')
4411 self
.assertRegex(output
, 'limit 200000')
4413 @expectedFailureIfModuleIsNotAvailable('sch_sfq')
4414 def test_qdisc_sfq(self
):
4415 copy_network_unit('25-qdisc-sfq.network', '12-dummy.netdev')
4417 self
.wait_online('dummy98:routable')
4419 output
= check_output('tc qdisc show dev dummy98')
4421 self
.assertRegex(output
, 'qdisc sfq 36: root')
4422 self
.assertRegex(output
, 'perturb 5sec')
4424 @expectedFailureIfModuleIsNotAvailable('sch_tbf')
4425 def test_qdisc_tbf(self
):
4426 copy_network_unit('25-qdisc-tbf.network', '12-dummy.netdev')
4428 self
.wait_online('dummy98:routable')
4430 output
= check_output('tc qdisc show dev dummy98')
4432 self
.assertRegex(output
, 'qdisc tbf 35: root')
4433 self
.assertRegex(output
, 'rate 1Gbit burst 5000b peakrate 100Gbit minburst 987500b lat 70(.0)?ms')
4435 @expectedFailureIfModuleIsNotAvailable('sch_teql')
4436 def test_qdisc_teql(self
):
4437 call_quiet('rmmod sch_teql')
4439 copy_network_unit('25-qdisc-teql.network', '12-dummy.netdev')
4441 self
.wait_links('dummy98')
4442 check_output('modprobe sch_teql max_equalizers=2')
4443 self
.wait_online('dummy98:routable')
4445 output
= check_output('tc qdisc show dev dummy98')
4447 self
.assertRegex(output
, 'qdisc teql1 31: root')
4449 class NetworkdStateFileTests(unittest
.TestCase
, Utilities
):
4457 def test_state_file(self
):
4458 copy_network_unit('12-dummy.netdev', '25-state-file-tests.network')
4460 self
.wait_online('dummy98:routable')
4462 # make link state file updated
4463 resolvectl('revert', 'dummy98')
4465 check_json(networkctl_json())
4467 output
= read_link_state_file('dummy98')
4469 self
.assertIn('IPV4_ADDRESS_STATE=routable', output
)
4470 self
.assertIn('IPV6_ADDRESS_STATE=routable', output
)
4471 self
.assertIn('ADMIN_STATE=configured', output
)
4472 self
.assertIn('OPER_STATE=routable', output
)
4473 self
.assertIn('REQUIRED_FOR_ONLINE=yes', output
)
4474 self
.assertIn('REQUIRED_OPER_STATE_FOR_ONLINE=routable', output
)
4475 self
.assertIn('REQUIRED_FAMILY_FOR_ONLINE=both', output
)
4476 self
.assertIn('ACTIVATION_POLICY=up', output
)
4477 self
.assertIn('NETWORK_FILE=/run/systemd/network/25-state-file-tests.network', output
)
4478 self
.assertIn('DNS=10.10.10.10#aaa.com 10.10.10.11:1111#bbb.com [1111:2222::3333]:1234#ccc.com', output
)
4479 self
.assertIn('NTP=0.fedora.pool.ntp.org 1.fedora.pool.ntp.org', output
)
4480 self
.assertIn('DOMAINS=hogehoge', output
)
4481 self
.assertIn('ROUTE_DOMAINS=foofoo', output
)
4482 self
.assertIn('LLMNR=no', output
)
4483 self
.assertIn('MDNS=yes', output
)
4484 self
.assertIn('DNSSEC=no', output
)
4486 resolvectl('dns', 'dummy98', '10.10.10.12#ccc.com', '10.10.10.13', '1111:2222::3333')
4487 resolvectl('domain', 'dummy98', 'hogehogehoge', '~foofoofoo')
4488 resolvectl('llmnr', 'dummy98', 'yes')
4489 resolvectl('mdns', 'dummy98', 'no')
4490 resolvectl('dnssec', 'dummy98', 'yes')
4491 timedatectl('ntp-servers', 'dummy98', '2.fedora.pool.ntp.org', '3.fedora.pool.ntp.org')
4493 check_json(networkctl_json())
4495 output
= read_link_state_file('dummy98')
4497 self
.assertIn('DNS=10.10.10.12#ccc.com 10.10.10.13 1111:2222::3333', output
)
4498 self
.assertIn('NTP=2.fedora.pool.ntp.org 3.fedora.pool.ntp.org', output
)
4499 self
.assertIn('DOMAINS=hogehogehoge', output
)
4500 self
.assertIn('ROUTE_DOMAINS=foofoofoo', output
)
4501 self
.assertIn('LLMNR=yes', output
)
4502 self
.assertIn('MDNS=no', output
)
4503 self
.assertIn('DNSSEC=yes', output
)
4505 timedatectl('revert', 'dummy98')
4507 check_json(networkctl_json())
4509 output
= read_link_state_file('dummy98')
4511 self
.assertIn('DNS=10.10.10.12#ccc.com 10.10.10.13 1111:2222::3333', output
)
4512 self
.assertIn('NTP=0.fedora.pool.ntp.org 1.fedora.pool.ntp.org', output
)
4513 self
.assertIn('DOMAINS=hogehogehoge', output
)
4514 self
.assertIn('ROUTE_DOMAINS=foofoofoo', output
)
4515 self
.assertIn('LLMNR=yes', output
)
4516 self
.assertIn('MDNS=no', output
)
4517 self
.assertIn('DNSSEC=yes', output
)
4519 resolvectl('revert', 'dummy98')
4521 check_json(networkctl_json())
4523 output
= read_link_state_file('dummy98')
4525 self
.assertIn('DNS=10.10.10.10#aaa.com 10.10.10.11:1111#bbb.com [1111:2222::3333]:1234#ccc.com', output
)
4526 self
.assertIn('NTP=0.fedora.pool.ntp.org 1.fedora.pool.ntp.org', output
)
4527 self
.assertIn('DOMAINS=hogehoge', output
)
4528 self
.assertIn('ROUTE_DOMAINS=foofoo', output
)
4529 self
.assertIn('LLMNR=no', output
)
4530 self
.assertIn('MDNS=yes', output
)
4531 self
.assertIn('DNSSEC=no', output
)
4533 def test_address_state(self
):
4534 copy_network_unit('12-dummy.netdev', '12-dummy-no-address.network')
4537 self
.wait_online('dummy98:degraded')
4539 output
= read_link_state_file('dummy98')
4540 self
.assertIn('IPV4_ADDRESS_STATE=off', output
)
4541 self
.assertIn('IPV6_ADDRESS_STATE=degraded', output
)
4543 # with a routable IPv4 address
4544 check_output('ip address add 10.1.2.3/16 dev dummy98')
4545 self
.wait_online('dummy98:routable', ipv4
=True)
4546 self
.wait_online('dummy98:routable')
4548 output
= read_link_state_file('dummy98')
4549 self
.assertIn('IPV4_ADDRESS_STATE=routable', output
)
4550 self
.assertIn('IPV6_ADDRESS_STATE=degraded', output
)
4552 check_output('ip address del 10.1.2.3/16 dev dummy98')
4554 # with a routable IPv6 address
4555 check_output('ip address add 2002:da8:1:0:1034:56ff:fe78:9abc/64 dev dummy98')
4556 self
.wait_online('dummy98:routable', ipv6
=True)
4557 self
.wait_online('dummy98:routable')
4559 output
= read_link_state_file('dummy98')
4560 self
.assertIn('IPV4_ADDRESS_STATE=off', output
)
4561 self
.assertIn('IPV6_ADDRESS_STATE=routable', output
)
4563 class NetworkdBondTests(unittest
.TestCase
, Utilities
):
4571 def test_bond_keep_master(self
):
4572 check_output('ip link add bond199 type bond mode active-backup')
4573 check_output('ip link add dummy98 type dummy')
4574 check_output('ip link set dummy98 master bond199')
4576 copy_network_unit('23-keep-master.network')
4578 self
.wait_online('dummy98:enslaved')
4580 output
= check_output('ip -d link show bond199')
4582 self
.assertRegex(output
, 'active_slave dummy98')
4584 output
= check_output('ip -d link show dummy98')
4586 self
.assertRegex(output
, 'master bond199')
4588 def test_bond_active_slave(self
):
4589 copy_network_unit('23-active-slave.network', '23-bond199.network', '25-bond-active-backup-slave.netdev', '12-dummy.netdev')
4591 self
.wait_online('dummy98:enslaved', 'bond199:degraded')
4593 output
= check_output('ip -d link show bond199')
4595 self
.assertIn('active_slave dummy98', output
)
4597 # test case for issue #31165.
4598 since
= datetime
.datetime
.now()
4599 networkctl_reconfigure('dummy98')
4600 self
.wait_online('dummy98:enslaved', 'bond199:degraded')
4601 self
.assertNotIn('dummy98: Bringing link down', read_networkd_log(since
=since
))
4603 def test_bond_primary_slave(self
):
4604 copy_network_unit('23-primary-slave.network', '23-bond199.network', '25-bond-active-backup-slave.netdev', '12-dummy.netdev')
4606 self
.wait_online('dummy98:enslaved', 'bond199:degraded')
4608 output
= check_output('ip -d link show bond199')
4610 self
.assertIn('primary dummy98', output
)
4613 mkdir_p(os
.path
.join(network_unit_dir
, '23-bond199.network.d'))
4614 for mac
in ['00:11:22:33:44:55', '00:11:22:33:44:56']:
4615 with
open(os
.path
.join(network_unit_dir
, '23-bond199.network.d/mac.conf'), mode
='w', encoding
='utf-8') as f
:
4616 f
.write(f
'[Link]\nMACAddress={mac}\n')
4619 self
.wait_online('dummy98:enslaved', 'bond199:degraded')
4621 output
= check_output('ip -d link show bond199')
4623 self
.assertIn(f
'link/ether {mac}', output
)
4625 def test_bond_operstate(self
):
4626 copy_network_unit('25-bond.netdev', '11-dummy.netdev', '12-dummy.netdev',
4627 '25-bond99.network', '25-bond-slave.network')
4629 self
.wait_online('dummy98:enslaved', 'test1:enslaved', 'bond99:routable')
4631 output
= check_output('ip -d link show dummy98')
4633 self
.assertRegex(output
, 'SLAVE,UP,LOWER_UP')
4635 output
= check_output('ip -d link show test1')
4637 self
.assertRegex(output
, 'SLAVE,UP,LOWER_UP')
4639 output
= check_output('ip -d link show bond99')
4641 self
.assertRegex(output
, 'MASTER,UP,LOWER_UP')
4643 self
.wait_operstate('dummy98', 'enslaved')
4644 self
.wait_operstate('test1', 'enslaved')
4645 self
.wait_operstate('bond99', 'routable')
4647 check_output('ip link set dummy98 down')
4649 self
.wait_operstate('dummy98', 'off')
4650 self
.wait_operstate('test1', 'enslaved')
4651 self
.wait_operstate('bond99', 'routable')
4653 check_output('ip link set dummy98 up')
4655 self
.wait_operstate('dummy98', 'enslaved')
4656 self
.wait_operstate('test1', 'enslaved')
4657 self
.wait_operstate('bond99', 'routable')
4659 check_output('ip link set dummy98 down')
4660 check_output('ip link set test1 down')
4662 self
.wait_operstate('dummy98', 'off')
4663 self
.wait_operstate('test1', 'off')
4665 if not self
.wait_operstate('bond99', 'no-carrier', setup_timeout
=30, fail_assert
=False):
4666 # Huh? Kernel does not recognize that all slave interfaces are down?
4667 # Let's confirm that networkd's operstate is consistent with ip's result.
4668 self
.assertNotRegex(output
, 'NO-CARRIER')
4670 class NetworkdBridgeTests(unittest
.TestCase
, Utilities
):
4678 def test_bridge_mac_none(self
):
4679 copy_network_unit('12-dummy-mac.netdev', '26-bridge-mac-slave.network',
4680 '26-bridge-mac.netdev', '26-bridge-mac-master.network', '26-bridge-mac.link')
4682 self
.wait_online('dummy98:enslaved', 'bridge99:degraded')
4684 output
= check_output('ip link show dev dummy98')
4686 self
.assertIn('link/ether 12:34:56:78:9a:01', output
)
4688 output
= check_output('ip link show dev bridge99')
4690 self
.assertIn('link/ether 12:34:56:78:9a:01', output
)
4692 def test_bridge_vlan(self
):
4693 copy_network_unit('11-dummy.netdev', '26-bridge-vlan-slave.network',
4694 '26-bridge.netdev', '26-bridge-vlan-master.network',
4697 self
.wait_online('test1:enslaved', 'bridge99:degraded')
4699 output
= check_output('bridge vlan show dev test1')
4701 # check if the default VID is removed
4702 self
.assertNotIn('1 Egress Untagged', output
)
4703 for i
in range(1000, 3000):
4705 self
.assertIn(f
'{i} PVID', output
)
4706 elif i
in range(1012, 1016) or i
in range(1103, 1109):
4707 self
.assertIn(f
'{i} Egress Untagged', output
)
4708 elif i
in range(1008, 1014) or i
in range(1100, 1111):
4709 self
.assertIn(f
'{i}', output
)
4711 self
.assertNotIn(f
'{i}', output
)
4713 output
= check_output('bridge vlan show dev bridge99')
4715 # check if the default VID is removed
4716 self
.assertNotIn('1 Egress Untagged', output
)
4717 for i
in range(1000, 3000):
4719 self
.assertIn(f
'{i} PVID', output
)
4720 elif i
in range(1022, 1026) or i
in range(1203, 1209):
4721 self
.assertIn(f
'{i} Egress Untagged', output
)
4722 elif i
in range(1018, 1024) or i
in range(1200, 1211):
4723 self
.assertIn(f
'{i}', output
)
4725 self
.assertNotIn(f
'{i}', output
)
4728 copy_network_unit('26-bridge-vlan-slave.network.d/10-override.conf',
4729 '26-bridge-vlan-master.network.d/10-override.conf')
4731 self
.wait_online('test1:enslaved', 'bridge99:degraded')
4733 output
= check_output('bridge vlan show dev test1')
4735 for i
in range(1000, 3000):
4737 self
.assertIn(f
'{i} PVID', output
)
4738 elif i
in range(2012, 2016) or i
in range(2103, 2109):
4739 self
.assertIn(f
'{i} Egress Untagged', output
)
4740 elif i
in range(2008, 2014) or i
in range(2100, 2111):
4741 self
.assertIn(f
'{i}', output
)
4743 self
.assertNotIn(f
'{i}', output
)
4745 output
= check_output('bridge vlan show dev bridge99')
4747 for i
in range(1000, 3000):
4749 self
.assertIn(f
'{i} PVID', output
)
4750 elif i
in range(2022, 2026) or i
in range(2203, 2209):
4751 self
.assertIn(f
'{i} Egress Untagged', output
)
4752 elif i
in range(2018, 2024) or i
in range(2200, 2211):
4753 self
.assertIn(f
'{i}', output
)
4755 self
.assertNotIn(f
'{i}', output
)
4757 # Remove several vlan IDs
4758 copy_network_unit('26-bridge-vlan-slave.network.d/20-override.conf',
4759 '26-bridge-vlan-master.network.d/20-override.conf')
4761 self
.wait_online('test1:enslaved', 'bridge99:degraded')
4763 output
= check_output('bridge vlan show dev test1')
4765 for i
in range(1000, 3000):
4767 self
.assertIn(f
'{i} PVID', output
)
4768 elif i
in range(2012, 2016):
4769 self
.assertIn(f
'{i} Egress Untagged', output
)
4770 elif i
in range(2008, 2014):
4771 self
.assertIn(f
'{i}', output
)
4773 self
.assertNotIn(f
'{i}', output
)
4775 output
= check_output('bridge vlan show dev bridge99')
4777 for i
in range(1000, 3000):
4779 self
.assertIn(f
'{i} PVID', output
)
4780 elif i
in range(2022, 2026):
4781 self
.assertIn(f
'{i} Egress Untagged', output
)
4782 elif i
in range(2018, 2024):
4783 self
.assertIn(f
'{i}', output
)
4785 self
.assertNotIn(f
'{i}', output
)
4787 # Remove all vlan IDs
4788 copy_network_unit('26-bridge-vlan-slave.network.d/30-override.conf',
4789 '26-bridge-vlan-master.network.d/30-override.conf')
4791 self
.wait_online('test1:enslaved', 'bridge99:degraded')
4793 output
= check_output('bridge vlan show dev test1')
4795 self
.assertNotIn('PVID', output
)
4796 for i
in range(1000, 3000):
4797 self
.assertNotIn(f
'{i}', output
)
4799 output
= check_output('bridge vlan show dev bridge99')
4801 self
.assertNotIn('PVID', output
)
4802 for i
in range(1000, 3000):
4803 self
.assertNotIn(f
'{i}', output
)
4805 def test_bridge_vlan_issue_20373(self
):
4806 copy_network_unit('11-dummy.netdev', '26-bridge-vlan-slave-issue-20373.network',
4807 '26-bridge-issue-20373.netdev', '26-bridge-vlan-master-issue-20373.network',
4808 '21-vlan.netdev', '21-vlan.network')
4810 self
.wait_online('test1:enslaved', 'bridge99:degraded', 'vlan99:routable')
4812 output
= check_output('bridge vlan show dev test1')
4814 self
.assertIn('100 PVID Egress Untagged', output
)
4815 self
.assertIn('560', output
)
4816 self
.assertIn('600', output
)
4818 output
= check_output('bridge vlan show dev bridge99')
4820 self
.assertIn('1 PVID Egress Untagged', output
)
4821 self
.assertIn('100', output
)
4822 self
.assertIn('600', output
)
4824 def test_bridge_mdb(self
):
4825 copy_network_unit('11-dummy.netdev', '26-bridge-mdb-slave.network',
4826 '26-bridge.netdev', '26-bridge-mdb-master.network')
4828 self
.wait_online('test1:enslaved', 'bridge99:degraded')
4830 output
= check_output('bridge mdb show dev bridge99')
4832 self
.assertRegex(output
, 'dev bridge99 port test1 grp ff02:aaaa:fee5::1:3 permanent *vid 4064')
4833 self
.assertRegex(output
, 'dev bridge99 port test1 grp 224.0.1.1 permanent *vid 4065')
4835 # Old kernel may not support bridge MDB entries on bridge master
4836 if call_quiet('bridge mdb add dev bridge99 port bridge99 grp 224.0.1.3 temp vid 4068') == 0:
4837 self
.assertRegex(output
, 'dev bridge99 port bridge99 grp ff02:aaaa:fee5::1:4 temp *vid 4066')
4838 self
.assertRegex(output
, 'dev bridge99 port bridge99 grp 224.0.1.2 temp *vid 4067')
4840 def test_bridge_keep_master(self
):
4841 check_output('ip link add bridge99 type bridge')
4842 check_output('ip link set bridge99 up')
4843 check_output('ip link add dummy98 type dummy')
4844 check_output('ip link set dummy98 master bridge99')
4846 copy_network_unit('23-keep-master.network')
4848 self
.wait_online('dummy98:enslaved')
4850 output
= check_output('ip -d link show dummy98')
4852 self
.assertRegex(output
, 'master bridge99')
4853 self
.assertRegex(output
, 'bridge')
4855 output
= check_output('bridge -d link show dummy98')
4857 self
.check_bridge_port_attr('bridge99', 'dummy98', 'path_cost', '400')
4858 self
.check_bridge_port_attr('bridge99', 'dummy98', 'hairpin_mode', '1')
4859 self
.check_bridge_port_attr('bridge99', 'dummy98', 'multicast_fast_leave', '1')
4860 self
.check_bridge_port_attr('bridge99', 'dummy98', 'unicast_flood', '1')
4861 self
.check_bridge_port_attr('bridge99', 'dummy98', 'multicast_flood', '0')
4862 # CONFIG_BRIDGE_IGMP_SNOOPING=y
4863 self
.check_bridge_port_attr('bridge99', 'dummy98', 'multicast_to_unicast', '1', allow_enoent
=True)
4864 self
.check_bridge_port_attr('bridge99', 'dummy98', 'neigh_suppress', '1', allow_enoent
=True)
4865 self
.check_bridge_port_attr('bridge99', 'dummy98', 'learning', '0')
4866 self
.check_bridge_port_attr('bridge99', 'dummy98', 'priority', '23')
4867 self
.check_bridge_port_attr('bridge99', 'dummy98', 'bpdu_guard', '0')
4868 self
.check_bridge_port_attr('bridge99', 'dummy98', 'root_block', '0')
4870 def test_bridge_property(self
):
4871 copy_network_unit('11-dummy.netdev', '12-dummy.netdev', '26-bridge.netdev',
4872 '26-bridge-slave-interface-1.network', '26-bridge-slave-interface-2.network',
4873 '25-bridge99.network')
4875 self
.wait_online('dummy98:enslaved', 'test1:enslaved', 'bridge99:routable')
4877 output
= check_output('ip -d link show bridge99')
4879 self
.assertIn('mtu 9000 ', output
)
4881 output
= check_output('ip -d link show test1')
4883 self
.assertIn('master bridge99 ', output
)
4884 self
.assertIn('bridge_slave', output
)
4885 self
.assertIn('mtu 9000 ', output
)
4887 output
= check_output('ip -d link show dummy98')
4889 self
.assertIn('master bridge99 ', output
)
4890 self
.assertIn('bridge_slave', output
)
4891 self
.assertIn('mtu 9000 ', output
)
4893 output
= check_output('ip addr show bridge99')
4895 self
.assertIn('192.168.0.15/24', output
)
4897 output
= check_output('bridge -d link show dummy98')
4899 self
.check_bridge_port_attr('bridge99', 'dummy98', 'path_cost', '400')
4900 self
.check_bridge_port_attr('bridge99', 'dummy98', 'hairpin_mode', '1')
4901 self
.check_bridge_port_attr('bridge99', 'dummy98', 'isolated', '1')
4902 self
.check_bridge_port_attr('bridge99', 'dummy98', 'multicast_fast_leave', '1')
4903 self
.check_bridge_port_attr('bridge99', 'dummy98', 'unicast_flood', '1')
4904 self
.check_bridge_port_attr('bridge99', 'dummy98', 'multicast_flood', '0')
4905 # CONFIG_BRIDGE_IGMP_SNOOPING=y
4906 self
.check_bridge_port_attr('bridge99', 'dummy98', 'multicast_to_unicast', '1', allow_enoent
=True)
4907 self
.check_bridge_port_attr('bridge99', 'dummy98', 'neigh_suppress', '1', allow_enoent
=True)
4908 self
.check_bridge_port_attr('bridge99', 'dummy98', 'learning', '0')
4909 self
.check_bridge_port_attr('bridge99', 'dummy98', 'priority', '23')
4910 self
.check_bridge_port_attr('bridge99', 'dummy98', 'bpdu_guard', '0')
4911 self
.check_bridge_port_attr('bridge99', 'dummy98', 'root_block', '0')
4913 output
= check_output('bridge -d link show test1')
4915 self
.check_bridge_port_attr('bridge99', 'test1', 'priority', '0')
4917 check_output('ip address add 192.168.0.16/24 dev bridge99')
4918 output
= check_output('ip addr show bridge99')
4920 self
.assertIn('192.168.0.16/24', output
)
4923 print('### ip -6 route list table all dev bridge99')
4924 output
= check_output('ip -6 route list table all dev bridge99')
4926 self
.assertRegex(output
, 'ff00::/8 table local (proto kernel )?metric 256 (linkdown )?pref medium')
4928 remove_link('test1')
4929 self
.wait_operstate('bridge99', 'routable')
4931 output
= check_output('ip -d link show bridge99')
4933 self
.assertIn('mtu 9000 ', output
)
4935 output
= check_output('ip -d link show dummy98')
4937 self
.assertIn('master bridge99 ', output
)
4938 self
.assertIn('bridge_slave', output
)
4939 self
.assertIn('mtu 9000 ', output
)
4941 remove_link('dummy98')
4942 self
.wait_operstate('bridge99', 'no-carrier')
4944 output
= check_output('ip -d link show bridge99')
4946 # When no carrier, the kernel may reset the MTU
4947 self
.assertIn('NO-CARRIER', output
)
4949 output
= check_output('ip address show bridge99')
4951 self
.assertNotIn('192.168.0.15/24', output
)
4952 self
.assertIn('192.168.0.16/24', output
) # foreign address is kept
4954 print('### ip -6 route list table all dev bridge99')
4955 output
= check_output('ip -6 route list table all dev bridge99')
4957 self
.assertRegex(output
, 'ff00::/8 table local (proto kernel )?metric 256 (linkdown )?pref medium')
4959 check_output('ip link add dummy98 type dummy')
4960 self
.wait_online('dummy98:enslaved', 'bridge99:routable')
4962 output
= check_output('ip -d link show bridge99')
4964 self
.assertIn('mtu 9000 ', output
)
4966 output
= check_output('ip -d link show dummy98')
4968 self
.assertIn('master bridge99 ', output
)
4969 self
.assertIn('bridge_slave', output
)
4970 self
.assertIn('mtu 9000 ', output
)
4972 def test_bridge_configure_without_carrier(self
):
4973 copy_network_unit('26-bridge.netdev', '26-bridge-configure-without-carrier.network',
4977 # With ConfigureWithoutCarrier=yes, the bridge should remain configured for all these situations
4978 for test
in ['no-slave', 'add-slave', 'slave-up', 'slave-no-carrier', 'slave-carrier', 'slave-down']:
4979 with self
.subTest(test
=test
):
4980 if test
== 'no-slave':
4981 # bridge has no slaves; it's up but *might* not have carrier
4982 self
.wait_operstate('bridge99', operstate
=r
'(no-carrier|routable)', setup_state
=None, setup_timeout
=30)
4983 # due to a bug in the kernel, newly-created bridges are brought up
4984 # *with* carrier, unless they have had any setting changed; e.g.
4985 # their mac set, priority set, etc. Then, they will lose carrier
4986 # as soon as a (down) slave interface is added, and regain carrier
4987 # again once the slave interface is brought up.
4988 #self.check_link_attr('bridge99', 'carrier', '0')
4989 elif test
== 'add-slave':
4990 # add slave to bridge, but leave it down; bridge is definitely no-carrier
4991 self
.check_link_attr('test1', 'operstate', 'down')
4992 check_output('ip link set dev test1 master bridge99')
4993 self
.wait_operstate('bridge99', operstate
='no-carrier', setup_state
=None)
4994 self
.check_link_attr('bridge99', 'carrier', '0')
4995 elif test
== 'slave-up':
4996 # bring up slave, which will have carrier; bridge gains carrier
4997 check_output('ip link set dev test1 up')
4998 self
.wait_online('bridge99:routable')
4999 self
.check_link_attr('bridge99', 'carrier', '1')
5000 elif test
== 'slave-no-carrier':
5001 # drop slave carrier; bridge loses carrier
5002 check_output('ip link set dev test1 carrier off')
5003 self
.wait_online('bridge99:no-carrier:no-carrier')
5004 self
.check_link_attr('bridge99', 'carrier', '0')
5005 elif test
== 'slave-carrier':
5006 # restore slave carrier; bridge gains carrier
5007 check_output('ip link set dev test1 carrier on')
5008 self
.wait_online('bridge99:routable')
5009 self
.check_link_attr('bridge99', 'carrier', '1')
5010 elif test
== 'slave-down':
5011 # bring down slave; bridge loses carrier
5012 check_output('ip link set dev test1 down')
5013 self
.wait_online('bridge99:no-carrier:no-carrier')
5014 self
.check_link_attr('bridge99', 'carrier', '0')
5016 output
= networkctl_status('bridge99')
5017 self
.assertRegex(output
, '10.1.2.3')
5018 self
.assertRegex(output
, '10.1.2.1')
5020 def test_bridge_ignore_carrier_loss(self
):
5021 copy_network_unit('11-dummy.netdev', '12-dummy.netdev', '26-bridge.netdev',
5022 '26-bridge-slave-interface-1.network', '26-bridge-slave-interface-2.network',
5023 '25-bridge99-ignore-carrier-loss.network')
5025 self
.wait_online('dummy98:enslaved', 'test1:enslaved', 'bridge99:routable')
5027 check_output('ip address add 192.168.0.16/24 dev bridge99')
5028 remove_link('test1', 'dummy98')
5031 output
= check_output('ip address show bridge99')
5033 self
.assertRegex(output
, 'NO-CARRIER')
5034 self
.assertRegex(output
, 'inet 192.168.0.15/24 brd 192.168.0.255 scope global bridge99')
5035 self
.assertRegex(output
, 'inet 192.168.0.16/24 scope global secondary bridge99')
5037 def test_bridge_ignore_carrier_loss_frequent_loss_and_gain(self
):
5038 copy_network_unit('26-bridge.netdev', '26-bridge-slave-interface-1.network',
5039 '25-bridge99-ignore-carrier-loss.network')
5041 self
.wait_online('bridge99:no-carrier')
5043 for trial
in range(4):
5044 check_output('ip link add dummy98 type dummy')
5045 check_output('ip link set dummy98 up')
5047 remove_link('dummy98')
5049 self
.wait_online('bridge99:routable', 'dummy98:enslaved')
5051 output
= check_output('ip address show bridge99')
5053 self
.assertRegex(output
, 'inet 192.168.0.15/24 brd 192.168.0.255 scope global bridge99')
5055 output
= check_output('ip rule list table 100')
5057 self
.assertIn('from all to 8.8.8.8 lookup 100', output
)
5059 class NetworkdSRIOVTests(unittest
.TestCase
, Utilities
):
5067 @expectedFailureIfNetdevsimWithSRIOVIsNotAvailable()
5068 def test_sriov(self
):
5069 copy_network_unit('25-default.link', '25-sriov.network')
5071 call('modprobe netdevsim')
5073 with
open('/sys/bus/netdevsim/new_device', mode
='w', encoding
='utf-8') as f
:
5076 with
open('/sys/bus/netdevsim/devices/netdevsim99/sriov_numvfs', mode
='w', encoding
='utf-8') as f
:
5080 self
.wait_online('eni99np1:routable')
5082 output
= check_output('ip link show dev eni99np1')
5084 self
.assertRegex(output
,
5085 'vf 0 .*00:11:22:33:44:55.*vlan 5, qos 1, vlan protocol 802.1ad, spoof checking on, link-state enable, trust on, query_rss on\n *'
5086 'vf 1 .*00:11:22:33:44:56.*vlan 6, qos 2, spoof checking off, link-state disable, trust off, query_rss off\n *'
5087 'vf 2 .*00:11:22:33:44:57.*vlan 7, qos 3, spoof checking off, link-state auto, trust off, query_rss off'
5090 @expectedFailureIfNetdevsimWithSRIOVIsNotAvailable()
5091 def test_sriov_udev(self
):
5092 copy_network_unit('25-sriov.link', '25-sriov-udev.network')
5094 call('modprobe netdevsim')
5096 with
open('/sys/bus/netdevsim/new_device', mode
='w', encoding
='utf-8') as f
:
5100 self
.wait_online('eni99np1:routable')
5102 # the name eni99np1 may be an alternative name.
5103 ifname
= link_resolve('eni99np1')
5105 output
= check_output('ip link show dev eni99np1')
5107 self
.assertRegex(output
,
5108 'vf 0 .*00:11:22:33:44:55.*vlan 5, qos 1, vlan protocol 802.1ad, spoof checking on, link-state enable, trust on, query_rss on\n *'
5109 'vf 1 .*00:11:22:33:44:56.*vlan 6, qos 2, spoof checking off, link-state disable, trust off, query_rss off\n *'
5110 'vf 2 .*00:11:22:33:44:57.*vlan 7, qos 3, spoof checking off, link-state auto, trust off, query_rss off'
5112 self
.assertNotIn('vf 3', output
)
5113 self
.assertNotIn('vf 4', output
)
5115 with
open(os
.path
.join(network_unit_dir
, '25-sriov.link'), mode
='a', encoding
='utf-8') as f
:
5116 f
.write('[Link]\nSR-IOVVirtualFunctions=4\n')
5119 check_output(*udevadm_cmd
, 'trigger', '--action=add', '--settle', f
'/sys/devices/netdevsim99/net/{ifname}')
5121 output
= check_output('ip link show dev eni99np1')
5123 self
.assertRegex(output
,
5124 'vf 0 .*00:11:22:33:44:55.*vlan 5, qos 1, vlan protocol 802.1ad, spoof checking on, link-state enable, trust on, query_rss on\n *'
5125 'vf 1 .*00:11:22:33:44:56.*vlan 6, qos 2, spoof checking off, link-state disable, trust off, query_rss off\n *'
5126 'vf 2 .*00:11:22:33:44:57.*vlan 7, qos 3, spoof checking off, link-state auto, trust off, query_rss off\n *'
5129 self
.assertNotIn('vf 4', output
)
5131 with
open(os
.path
.join(network_unit_dir
, '25-sriov.link'), mode
='a', encoding
='utf-8') as f
:
5132 f
.write('[Link]\nSR-IOVVirtualFunctions=\n')
5135 check_output(*udevadm_cmd
, 'trigger', '--action=add', '--settle', f
'/sys/devices/netdevsim99/net/{ifname}')
5137 output
= check_output('ip link show dev eni99np1')
5139 self
.assertRegex(output
,
5140 'vf 0 .*00:11:22:33:44:55.*vlan 5, qos 1, vlan protocol 802.1ad, spoof checking on, link-state enable, trust on, query_rss on\n *'
5141 'vf 1 .*00:11:22:33:44:56.*vlan 6, qos 2, spoof checking off, link-state disable, trust off, query_rss off\n *'
5142 'vf 2 .*00:11:22:33:44:57.*vlan 7, qos 3, spoof checking off, link-state auto, trust off, query_rss off\n *'
5145 self
.assertNotIn('vf 4', output
)
5147 with
open(os
.path
.join(network_unit_dir
, '25-sriov.link'), mode
='a', encoding
='utf-8') as f
:
5148 f
.write('[Link]\nSR-IOVVirtualFunctions=2\n')
5151 check_output(*udevadm_cmd
, 'trigger', '--action=add', '--settle', f
'/sys/devices/netdevsim99/net/{ifname}')
5153 output
= check_output('ip link show dev eni99np1')
5155 self
.assertRegex(output
,
5156 'vf 0 .*00:11:22:33:44:55.*vlan 5, qos 1, vlan protocol 802.1ad, spoof checking on, link-state enable, trust on, query_rss on\n *'
5157 'vf 1 .*00:11:22:33:44:56.*vlan 6, qos 2, spoof checking off, link-state disable, trust off, query_rss off'
5159 self
.assertNotIn('vf 2', output
)
5160 self
.assertNotIn('vf 3', output
)
5161 self
.assertNotIn('vf 4', output
)
5163 with
open(os
.path
.join(network_unit_dir
, '25-sriov.link'), mode
='a', encoding
='utf-8') as f
:
5164 f
.write('[Link]\nSR-IOVVirtualFunctions=\n')
5167 check_output(*udevadm_cmd
, 'trigger', '--action=add', '--settle', f
'/sys/devices/netdevsim99/net/{ifname}')
5169 output
= check_output('ip link show dev eni99np1')
5171 self
.assertRegex(output
,
5172 'vf 0 .*00:11:22:33:44:55.*vlan 5, qos 1, vlan protocol 802.1ad, spoof checking on, link-state enable, trust on, query_rss on\n *'
5173 'vf 1 .*00:11:22:33:44:56.*vlan 6, qos 2, spoof checking off, link-state disable, trust off, query_rss off\n *'
5174 'vf 2 .*00:11:22:33:44:57.*vlan 7, qos 3, spoof checking off, link-state auto, trust off, query_rss off'
5176 self
.assertNotIn('vf 3', output
)
5177 self
.assertNotIn('vf 4', output
)
5179 class NetworkdLLDPTests(unittest
.TestCase
, Utilities
):
5187 def test_lldp(self
):
5188 copy_network_unit('23-emit-lldp.network', '24-lldp.network', '25-veth.netdev')
5190 self
.wait_online('veth99:degraded', 'veth-peer:degraded')
5192 for trial
in range(10):
5196 output
= networkctl('lldp')
5198 if re
.search(r
'veth99 .* veth-peer', output
):
5203 class NetworkdRATests(unittest
.TestCase
, Utilities
):
5211 def test_ipv6_prefix_delegation(self
):
5212 copy_network_unit('25-veth.netdev', '25-ipv6-prefix.network', '25-ipv6-prefix-veth.network')
5213 self
.setup_nftset('addr6', 'ipv6_addr')
5214 self
.setup_nftset('network6', 'ipv6_addr', 'flags interval;')
5215 self
.setup_nftset('ifindex', 'iface_index')
5217 self
.wait_online('veth99:routable', 'veth-peer:degraded')
5219 output
= resolvectl('dns', 'veth99')
5221 self
.assertRegex(output
, 'fe80::')
5222 self
.assertRegex(output
, '2002:da8:1::1')
5224 output
= resolvectl('domain', 'veth99')
5226 self
.assertIn('hogehoge.test', output
)
5228 output
= networkctl_status('veth99')
5230 self
.assertRegex(output
, '2002:da8:1:0')
5232 self
.check_netlabel('veth99', '2002:da8:1::/64')
5233 self
.check_netlabel('veth99', '2002:da8:2::/64')
5235 self
.check_nftset('addr6', '2002:da8:1:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*')
5236 self
.check_nftset('addr6', '2002:da8:2:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*')
5237 self
.check_nftset('network6', '2002:da8:1::/64')
5238 self
.check_nftset('network6', '2002:da8:2::/64')
5239 self
.check_nftset('ifindex', 'veth99')
5241 self
.teardown_nftset('addr6', 'network6', 'ifindex')
5243 def check_ipv6_token_static(self
):
5244 self
.wait_online('veth99:routable', 'veth-peer:degraded')
5246 output
= networkctl_status('veth99')
5248 self
.assertRegex(output
, '2002:da8:1:0:1a:2b:3c:4d')
5249 self
.assertRegex(output
, '2002:da8:1:0:fa:de:ca:fe')
5250 self
.assertRegex(output
, '2002:da8:2:0:1a:2b:3c:4d')
5251 self
.assertRegex(output
, '2002:da8:2:0:fa:de:ca:fe')
5253 def test_ipv6_token_static(self
):
5254 copy_network_unit('25-veth.netdev', '25-ipv6-prefix.network', '25-ipv6-prefix-veth-token-static.network')
5257 self
.check_ipv6_token_static()
5260 check_output('ip link set veth99 down')
5261 check_output('ip link set veth99 up')
5263 self
.check_ipv6_token_static()
5266 check_output('ip link set veth99 down')
5267 time
.sleep(random
.uniform(0, 0.1))
5268 check_output('ip link set veth99 up')
5269 time
.sleep(random
.uniform(0, 0.1))
5271 self
.check_ipv6_token_static()
5273 def test_ipv6_token_prefixstable(self
):
5274 copy_network_unit('25-veth.netdev', '25-ipv6-prefix.network', '25-ipv6-prefix-veth-token-prefixstable.network')
5276 self
.wait_online('veth99:routable', 'veth-peer:degraded')
5278 output
= networkctl_status('veth99')
5280 self
.assertIn('2002:da8:1:0:b47e:7975:fc7a:7d6e', output
)
5281 self
.assertIn('2002:da8:2:0:1034:56ff:fe78:9abc', output
) # EUI64
5283 def test_ipv6_token_prefixstable_without_address(self
):
5284 copy_network_unit('25-veth.netdev', '25-ipv6-prefix.network', '25-ipv6-prefix-veth-token-prefixstable-without-address.network')
5286 self
.wait_online('veth99:routable', 'veth-peer:degraded')
5288 output
= networkctl_status('veth99')
5290 self
.assertIn('2002:da8:1:0:b47e:7975:fc7a:7d6e', output
)
5291 self
.assertIn('2002:da8:2:0:f689:561a:8eda:7443', output
)
5293 def check_router_hop_limit(self
, hop_limit
):
5294 self
.wait_route('client', rf
'default via fe80::1034:56ff:fe78:9a99 proto ra .* hoplimit {hop_limit}', ipv
='-6', timeout_sec
=10)
5296 output
= check_output('ip -6 route show dev client default via fe80::1034:56ff:fe78:9a99')
5298 self
.assertIn(f
'hoplimit {hop_limit}', output
)
5300 self
.check_ipv6_sysctl_attr('client', 'hop_limit', f
'{hop_limit}')
5302 def test_router_hop_limit(self
):
5303 copy_network_unit('25-veth-client.netdev',
5304 '25-veth-router.netdev',
5306 '25-veth-bridge.network',
5307 '25-veth-client.network',
5308 '25-veth-router-hop-limit.network',
5309 '25-bridge99.network')
5311 self
.wait_online('client-p:enslaved',
5312 'router:degraded', 'router-p:enslaved',
5313 'bridge99:routable')
5315 self
.check_router_hop_limit(42)
5317 with
open(os
.path
.join(network_unit_dir
, '25-veth-router-hop-limit.network'), mode
='a', encoding
='utf-8') as f
:
5318 f
.write('\n[IPv6SendRA]\nHopLimit=43\n')
5322 self
.check_router_hop_limit(43)
5324 def test_router_preference(self
):
5325 copy_network_unit('25-veth-client.netdev',
5326 '25-veth-router-high.netdev',
5327 '25-veth-router-low.netdev',
5329 '25-veth-bridge.network',
5330 '25-veth-client.network',
5331 '25-veth-router-high.network',
5332 '25-veth-router-low.network',
5333 '25-bridge99.network')
5335 self
.wait_online('client-p:enslaved',
5336 'router-high:degraded', 'router-high-p:enslaved',
5337 'router-low:degraded', 'router-low-p:enslaved',
5338 'bridge99:routable')
5340 networkctl_reconfigure('client')
5341 self
.wait_online('client:routable')
5343 self
.wait_address('client', '2002:da8:1:99:1034:56ff:fe78:9a00/64', ipv
='-6', timeout_sec
=10)
5344 self
.wait_address('client', '2002:da8:1:98:1034:56ff:fe78:9a00/64', ipv
='-6', timeout_sec
=10)
5345 self
.wait_route('client', 'default via fe80::1034:56ff:fe78:9a99 proto ra metric 512', ipv
='-6', timeout_sec
=10)
5346 self
.wait_route('client', 'default via fe80::1034:56ff:fe78:9a98 proto ra metric 2048', ipv
='-6', timeout_sec
=10)
5348 output
= check_output('ip -6 route show dev client default via fe80::1034:56ff:fe78:9a99')
5350 self
.assertIn('metric 512', output
)
5351 self
.assertIn('pref high', output
)
5352 output
= check_output('ip -6 route show dev client default via fe80::1034:56ff:fe78:9a98')
5354 self
.assertIn('metric 2048', output
)
5355 self
.assertIn('pref low', output
)
5357 with
open(os
.path
.join(network_unit_dir
, '25-veth-client.network'), mode
='a', encoding
='utf-8') as f
:
5358 f
.write('\n[Link]\nMACAddress=12:34:56:78:9a:01\n[IPv6AcceptRA]\nRouteMetric=100:200:300\n')
5361 self
.wait_online('client:routable')
5363 self
.wait_address('client', '2002:da8:1:99:1034:56ff:fe78:9a01/64', ipv
='-6', timeout_sec
=10)
5364 self
.wait_address('client', '2002:da8:1:98:1034:56ff:fe78:9a01/64', ipv
='-6', timeout_sec
=10)
5365 self
.wait_route('client', 'default via fe80::1034:56ff:fe78:9a99 proto ra metric 100', ipv
='-6', timeout_sec
=10)
5366 self
.wait_route('client', 'default via fe80::1034:56ff:fe78:9a98 proto ra metric 300', ipv
='-6', timeout_sec
=10)
5368 output
= check_output('ip -6 route show dev client default via fe80::1034:56ff:fe78:9a99')
5370 self
.assertIn('metric 100', output
)
5371 self
.assertNotIn('metric 512', output
)
5372 self
.assertIn('pref high', output
)
5373 output
= check_output('ip -6 route show dev client default via fe80::1034:56ff:fe78:9a98')
5375 self
.assertIn('metric 300', output
)
5376 self
.assertNotIn('metric 2048', output
)
5377 self
.assertIn('pref low', output
)
5379 # swap the preference (for issue #28439)
5380 remove_network_unit('25-veth-router-high.network', '25-veth-router-low.network')
5381 copy_network_unit('25-veth-router-high2.network', '25-veth-router-low2.network')
5383 self
.wait_route('client', 'default via fe80::1034:56ff:fe78:9a99 proto ra metric 300', ipv
='-6', timeout_sec
=10)
5384 self
.wait_route('client', 'default via fe80::1034:56ff:fe78:9a98 proto ra metric 100', ipv
='-6', timeout_sec
=10)
5386 output
= check_output('ip -6 route show dev client default via fe80::1034:56ff:fe78:9a99')
5388 self
.assertIn('metric 300', output
)
5389 self
.assertNotIn('metric 100', output
)
5390 self
.assertIn('pref low', output
)
5391 self
.assertNotIn('pref high', output
)
5392 output
= check_output('ip -6 route show dev client default via fe80::1034:56ff:fe78:9a98')
5394 self
.assertIn('metric 100', output
)
5395 self
.assertNotIn('metric 300', output
)
5396 self
.assertIn('pref high', output
)
5397 self
.assertNotIn('pref low', output
)
5399 @unittest.skipUnless(radvd_check_config('captive-portal.conf'), "Installed radvd doesn't support captive portals")
5400 def test_captive_portal(self
):
5401 copy_network_unit('25-veth-client.netdev',
5402 '25-veth-router-captive.netdev',
5404 '25-veth-client-captive.network',
5405 '25-veth-router-captive.network',
5406 '25-veth-bridge-captive.network',
5407 '25-bridge99.network')
5409 self
.wait_online('bridge99:routable', 'client-p:enslaved',
5410 'router-captive:degraded', 'router-captivep:enslaved')
5412 start_radvd(config_file
='captive-portal.conf')
5413 networkctl_reconfigure('client')
5414 self
.wait_online('client:routable')
5416 self
.wait_address('client', '2002:da8:1:99:1034:56ff:fe78:9a00/64', ipv
='-6', timeout_sec
=10)
5417 output
= networkctl_status('client')
5419 self
.assertIn('Captive Portal: http://systemd.io', output
)
5421 @unittest.skipUnless(radvd_check_config('captive-portal.conf'), "Installed radvd doesn't support captive portals")
5422 def test_invalid_captive_portal(self
):
5423 def radvd_write_config(captive_portal_uri
):
5424 with
open(os
.path
.join(networkd_ci_temp_dir
, 'radvd/bogus-captive-portal.conf'), mode
='w', encoding
='utf-8') as f
:
5425 f
.write(f
'interface router-captive {{ AdvSendAdvert on; AdvCaptivePortalAPI "{captive_portal_uri}"; prefix 2002:da8:1:99::/64 {{ AdvOnLink on; AdvAutonomous on; }}; }};')
5427 captive_portal_uris
= [
5428 "42ěščěškd ěšč ě s",
5433 copy_network_unit('25-veth-client.netdev',
5434 '25-veth-router-captive.netdev',
5436 '25-veth-client-captive.network',
5437 '25-veth-router-captive.network',
5438 '25-veth-bridge-captive.network',
5439 '25-bridge99.network')
5441 self
.wait_online('bridge99:routable', 'client-p:enslaved',
5442 'router-captive:degraded', 'router-captivep:enslaved')
5444 for uri
in captive_portal_uris
:
5445 print(f
"Captive portal: {uri}")
5446 radvd_write_config(uri
)
5448 start_radvd(config_file
='bogus-captive-portal.conf')
5449 networkctl_reconfigure('client')
5450 self
.wait_online('client:routable')
5452 self
.wait_address('client', '2002:da8:1:99:1034:56ff:fe78:9a00/64', ipv
='-6', timeout_sec
=10)
5453 output
= networkctl_status('client')
5455 self
.assertNotIn('Captive Portal:', output
)
5457 class NetworkdDHCPServerTests(unittest
.TestCase
, Utilities
):
5465 def test_dhcp_server(self
):
5466 copy_network_unit('25-veth.netdev', '25-dhcp-client.network', '25-dhcp-server.network')
5468 self
.wait_online('veth99:routable', 'veth-peer:routable')
5470 output
= networkctl_status('veth99')
5472 self
.assertRegex(output
, r
'Address: 192.168.5.[0-9]* \(DHCP4 via 192.168.5.1\)')
5473 self
.assertIn('Gateway: 192.168.5.3', output
)
5474 self
.assertRegex(output
, 'DNS: 192.168.5.1\n *192.168.5.10')
5475 self
.assertRegex(output
, 'NTP: 192.168.5.1\n *192.168.5.11')
5477 output
= networkctl_status('veth-peer')
5478 self
.assertRegex(output
, "Offered DHCP leases: 192.168.5.[0-9]*")
5480 def test_dhcp_server_null_server_address(self
):
5481 copy_network_unit('25-veth.netdev', '25-dhcp-client.network', '25-dhcp-server-null-server-address.network')
5483 self
.wait_online('veth99:routable', 'veth-peer:routable')
5485 output
= check_output('ip --json address show dev veth-peer')
5486 server_address
= json
.loads(output
)[0]['addr_info'][0]['local']
5487 print(server_address
)
5489 output
= check_output('ip --json address show dev veth99')
5490 client_address
= json
.loads(output
)[0]['addr_info'][0]['local']
5491 print(client_address
)
5493 output
= networkctl_status('veth99')
5495 self
.assertRegex(output
, rf
'Address: {client_address} \(DHCP4 via {server_address}\)')
5496 self
.assertIn(f
'Gateway: {server_address}', output
)
5497 self
.assertIn(f
'DNS: {server_address}', output
)
5498 self
.assertIn(f
'NTP: {server_address}', output
)
5500 output
= networkctl_status('veth-peer')
5501 self
.assertIn(f
'Offered DHCP leases: {client_address}', output
)
5503 def test_dhcp_server_with_uplink(self
):
5504 copy_network_unit('25-veth.netdev', '25-dhcp-client.network', '25-dhcp-server-downstream.network',
5505 '12-dummy.netdev', '25-dhcp-server-uplink.network')
5507 self
.wait_online('veth99:routable', 'veth-peer:routable')
5509 output
= networkctl_status('veth99')
5511 self
.assertRegex(output
, r
'Address: 192.168.5.[0-9]* \(DHCP4 via 192.168.5.1\)')
5512 self
.assertIn('Gateway: 192.168.5.3', output
)
5513 self
.assertIn('DNS: 192.168.5.1', output
)
5514 self
.assertIn('NTP: 192.168.5.1', output
)
5516 def test_emit_router_timezone(self
):
5517 copy_network_unit('25-veth.netdev', '25-dhcp-client-timezone-router.network', '25-dhcp-server-timezone-router.network')
5519 self
.wait_online('veth99:routable', 'veth-peer:routable')
5521 output
= networkctl_status('veth99')
5523 self
.assertRegex(output
, r
'Address: 192.168.5.[0-9]* \(DHCP4 via 192.168.5.1\)')
5524 self
.assertIn('Gateway: 192.168.5.1', output
)
5525 self
.assertIn('Time Zone: Europe/Berlin', output
)
5527 def test_dhcp_server_static_lease(self
):
5528 copy_network_unit('25-veth.netdev', '25-dhcp-client-static-lease.network', '25-dhcp-server-static-lease.network')
5530 self
.wait_online('veth99:routable', 'veth-peer:routable')
5532 output
= networkctl_status('veth99')
5534 self
.assertIn('Address: 10.1.1.200 (DHCP4 via 10.1.1.1)', output
)
5535 self
.assertIn('DHCP4 Client ID: 12:34:56:78:9a:bc', output
)
5537 def test_dhcp_server_static_lease_default_client_id(self
):
5538 copy_network_unit('25-veth.netdev', '25-dhcp-client.network', '25-dhcp-server-static-lease.network')
5540 self
.wait_online('veth99:routable', 'veth-peer:routable')
5542 output
= networkctl_status('veth99')
5544 self
.assertIn('Address: 10.1.1.200 (DHCP4 via 10.1.1.1)', output
)
5545 self
.assertRegex(output
, 'DHCP4 Client ID: IAID:[0-9a-z]*/DUID')
5547 class NetworkdDHCPServerRelayAgentTests(unittest
.TestCase
, Utilities
):
5555 def test_relay_agent(self
):
5556 copy_network_unit('25-agent-veth-client.netdev',
5557 '25-agent-veth-server.netdev',
5558 '25-agent-client.network',
5559 '25-agent-server.network',
5560 '25-agent-client-peer.network',
5561 '25-agent-server-peer.network')
5564 self
.wait_online('client:routable')
5566 output
= networkctl_status('client')
5568 self
.assertRegex(output
, r
'Address: 192.168.5.150 \(DHCP4 via 192.168.5.1\)')
5570 def test_replay_agent_on_bridge(self
):
5571 copy_network_unit('25-agent-bridge.netdev',
5572 '25-agent-veth-client.netdev',
5573 '25-agent-bridge.network',
5574 '25-agent-bridge-port.network',
5575 '25-agent-client.network')
5577 self
.wait_online('bridge-relay:routable', 'client-peer:enslaved')
5580 expect
= 'bridge-relay: DHCPv4 server: STARTED'
5582 if expect
in read_networkd_log():
5588 class NetworkdDHCPClientTests(unittest
.TestCase
, Utilities
):
5596 def test_dhcp_client_ipv6_only(self
):
5597 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-ipv6-only.network')
5600 self
.wait_online('veth-peer:carrier')
5602 # information request mode
5603 # The name ipv6-only option may not be supported by older dnsmasq
5604 # start_dnsmasq('--dhcp-option=option:ipv6-only,300')
5605 start_dnsmasq('--dhcp-option=108,00:00:02:00',
5606 '--dhcp-option=option6:dns-server,[2600::ee]',
5607 '--dhcp-option=option6:ntp-server,[2600::ff]',
5608 ra_mode
='ra-stateless')
5609 self
.wait_online('veth99:routable', 'veth-peer:routable')
5611 # DHCPv6 REPLY for INFORMATION-REQUEST may be received after the link entered configured state.
5612 # Let's wait for the expected DNS server being listed in the state file.
5613 for _
in range(100):
5614 output
= read_link_state_file('veth99')
5615 if 'DNS=2600::ee' in output
:
5619 # Check link state file
5620 print('## link state file')
5621 output
= read_link_state_file('veth99')
5623 self
.assertIn('DNS=2600::ee', output
)
5624 self
.assertIn('NTP=2600::ff', output
)
5626 # Check manager state file
5627 print('## manager state file')
5628 output
= read_manager_state_file()
5630 self
.assertRegex(output
, 'DNS=.*2600::ee')
5631 self
.assertRegex(output
, 'NTP=.*2600::ff')
5633 print('## dnsmasq log')
5634 output
= read_dnsmasq_log_file()
5636 self
.assertIn('DHCPINFORMATION-REQUEST(veth-peer)', output
)
5637 self
.assertNotIn('DHCPSOLICIT(veth-peer)', output
)
5638 self
.assertNotIn('DHCPADVERTISE(veth-peer)', output
)
5639 self
.assertNotIn('DHCPREQUEST(veth-peer)', output
)
5640 self
.assertNotIn('DHCPREPLY(veth-peer)', output
)
5643 check_json(networkctl_json('veth99'))
5647 start_dnsmasq('--dhcp-option=108,00:00:02:00',
5648 '--dhcp-option=option6:dns-server,[2600::ee]',
5649 '--dhcp-option=option6:ntp-server,[2600::ff]')
5650 networkctl_reconfigure('veth99')
5651 self
.wait_online('veth99:routable', 'veth-peer:routable')
5654 output
= check_output('ip address show dev veth99 scope global')
5656 self
.assertRegex(output
, r
'inet6 2600::[0-9a-f:]*/128 scope global dynamic noprefixroute')
5657 self
.assertNotIn('192.168.5', output
)
5659 # checking semi-static route
5660 output
= check_output('ip -6 route list dev veth99 2001:1234:5:9fff:ff:ff:ff:ff')
5662 self
.assertRegex(output
, 'via fe80::1034:56ff:fe78:9abd')
5664 # Confirm that ipv6 token is not set in the kernel
5665 output
= check_output('ip token show dev veth99')
5667 self
.assertRegex(output
, 'token :: dev veth99')
5669 # Make manager and link state file updated
5670 resolvectl('revert', 'veth99')
5672 # Check link state file
5673 print('## link state file')
5674 output
= read_link_state_file('veth99')
5676 self
.assertIn('DNS=2600::ee', output
)
5677 self
.assertIn('NTP=2600::ff', output
)
5679 # Check manager state file
5680 print('## manager state file')
5681 output
= read_manager_state_file()
5683 self
.assertRegex(output
, 'DNS=.*2600::ee')
5684 self
.assertRegex(output
, 'NTP=.*2600::ff')
5686 print('## dnsmasq log')
5687 output
= read_dnsmasq_log_file()
5689 self
.assertNotIn('DHCPINFORMATION-REQUEST(veth-peer)', output
)
5690 self
.assertIn('DHCPSOLICIT(veth-peer)', output
)
5691 self
.assertNotIn('DHCPADVERTISE(veth-peer)', output
)
5692 self
.assertNotIn('DHCPREQUEST(veth-peer)', output
)
5693 self
.assertIn('DHCPREPLY(veth-peer)', output
)
5694 self
.assertIn('sent size: 0 option: 14 rapid-commit', output
)
5697 check_json(networkctl_json('veth99'))
5699 # Testing without rapid commit support
5700 with
open(os
.path
.join(network_unit_dir
, '25-dhcp-client-ipv6-only.network'), mode
='a', encoding
='utf-8') as f
:
5701 f
.write('\n[DHCPv6]\nRapidCommit=no\n')
5704 start_dnsmasq('--dhcp-option=108,00:00:02:00',
5705 '--dhcp-option=option6:dns-server,[2600::ee]',
5706 '--dhcp-option=option6:ntp-server,[2600::ff]')
5709 self
.wait_online('veth99:routable', 'veth-peer:routable')
5712 output
= check_output('ip address show dev veth99 scope global')
5714 self
.assertRegex(output
, r
'inet6 2600::[0-9a-f:]*/128 scope global dynamic noprefixroute')
5715 self
.assertNotIn('192.168.5', output
)
5717 # checking semi-static route
5718 output
= check_output('ip -6 route list dev veth99 2001:1234:5:9fff:ff:ff:ff:ff')
5720 self
.assertRegex(output
, 'via fe80::1034:56ff:fe78:9abd')
5722 # Make manager and link state file updated
5723 resolvectl('revert', 'veth99')
5725 # Check link state file
5726 print('## link state file')
5727 output
= read_link_state_file('veth99')
5729 self
.assertIn('DNS=2600::ee', output
)
5730 self
.assertIn('NTP=2600::ff', output
)
5732 # Check manager state file
5733 print('## manager state file')
5734 output
= read_manager_state_file()
5736 self
.assertRegex(output
, 'DNS=.*2600::ee')
5737 self
.assertRegex(output
, 'NTP=.*2600::ff')
5739 print('## dnsmasq log')
5740 output
= read_dnsmasq_log_file()
5742 self
.assertNotIn('DHCPINFORMATION-REQUEST(veth-peer)', output
)
5743 self
.assertIn('DHCPSOLICIT(veth-peer)', output
)
5744 self
.assertIn('DHCPADVERTISE(veth-peer)', output
)
5745 self
.assertIn('DHCPREQUEST(veth-peer)', output
)
5746 self
.assertIn('DHCPREPLY(veth-peer)', output
)
5747 self
.assertNotIn('rapid-commit', output
)
5750 check_json(networkctl_json('veth99'))
5752 def test_dhcp_client_ipv6_dbus_status(self
):
5753 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-ipv6-only.network')
5755 self
.wait_online('veth-peer:carrier')
5757 # Note that at this point the DHCPv6 client has not been started because no RA (with managed
5758 # bit set) has yet been received and the configuration does not include WithoutRA=true
5759 state
= get_dhcp6_client_state('veth99')
5760 print(f
"DHCPv6 client state = {state}")
5761 self
.assertEqual(state
, 'stopped')
5763 state
= get_dhcp4_client_state('veth99')
5764 print(f
"DHCPv4 client state = {state}")
5765 self
.assertEqual(state
, 'selecting')
5767 start_dnsmasq('--dhcp-option=108,00:00:02:00')
5768 self
.wait_online('veth99:routable', 'veth-peer:routable')
5770 state
= get_dhcp6_client_state('veth99')
5771 print(f
"DHCPv6 client state = {state}")
5772 self
.assertEqual(state
, 'bound')
5774 # DHCPv4 client will stop after an DHCPOFFER message received, so we need to wait for a while.
5775 for _
in range(100):
5776 state
= get_dhcp4_client_state('veth99')
5777 if state
== 'stopped':
5781 print(f
"DHCPv4 client state = {state}")
5782 self
.assertEqual(state
, 'stopped')
5784 # restart dnsmasq to clear log
5786 start_dnsmasq('--dhcp-option=108,00:00:02:00')
5788 # Test renew command
5789 # See https://github.com/systemd/systemd/pull/29472#issuecomment-1759092138
5790 networkctl('renew', 'veth99')
5792 for _
in range(100):
5793 state
= get_dhcp4_client_state('veth99')
5794 if state
== 'stopped':
5798 print(f
"DHCPv4 client state = {state}")
5799 self
.assertEqual(state
, 'stopped')
5801 print('## dnsmasq log')
5802 output
= read_dnsmasq_log_file()
5804 self
.assertIn('DHCPDISCOVER(veth-peer) 12:34:56:78:9a:bc', output
)
5805 self
.assertIn('DHCPOFFER(veth-peer)', output
)
5806 self
.assertNotIn('DHCPREQUEST(veth-peer)', output
)
5807 self
.assertNotIn('DHCPACK(veth-peer)', output
)
5809 def test_dhcp_client_ipv6_only_with_custom_client_identifier(self
):
5810 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-ipv6-only-custom-client-identifier.network')
5813 self
.wait_online('veth-peer:carrier')
5815 self
.wait_online('veth99:routable', 'veth-peer:routable')
5818 output
= check_output('ip address show dev veth99 scope global')
5820 self
.assertRegex(output
, r
'inet6 2600::[0-9a-f:]*/128 scope global dynamic noprefixroute')
5821 self
.assertNotIn('192.168.5', output
)
5823 print('## dnsmasq log')
5824 output
= read_dnsmasq_log_file()
5826 self
.assertIn('DHCPSOLICIT(veth-peer) 00:42:00:00:ab:11:f9:2a:c2:77:29:f9:5c:00', output
)
5827 self
.assertNotIn('DHCPADVERTISE(veth-peer)', output
)
5828 self
.assertNotIn('DHCPREQUEST(veth-peer)', output
)
5829 self
.assertIn('DHCPREPLY(veth-peer)', output
)
5830 self
.assertIn('sent size: 0 option: 14 rapid-commit', output
)
5832 def test_dhcp_client_ipv4_only(self
):
5833 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-ipv4-only.network')
5835 self
.setup_nftset('addr4', 'ipv4_addr')
5836 self
.setup_nftset('network4', 'ipv4_addr', 'flags interval;')
5837 self
.setup_nftset('ifindex', 'iface_index')
5840 self
.wait_online('veth-peer:carrier')
5841 start_dnsmasq('--dhcp-option=option:dns-server,192.168.5.6,192.168.5.7',
5842 '--dhcp-option=option:sip-server,192.168.5.21,192.168.5.22',
5843 '--dhcp-option=option:domain-search,example.com',
5844 '--dhcp-alternate-port=67,5555',
5845 ipv4_range
='192.168.5.110,192.168.5.119')
5846 self
.wait_online('veth99:routable', 'veth-peer:routable')
5847 self
.wait_address('veth99', r
'inet 192.168.5.11[0-9]*/24', ipv
='-4')
5849 print('## ip address show dev veth99 scope global')
5850 output
= check_output('ip address show dev veth99 scope global')
5852 self
.assertIn('mtu 1492', output
)
5853 self
.assertIn('inet 192.168.5.250/24 brd 192.168.5.255 scope global veth99', output
)
5854 self
.assertRegex(output
, r
'inet 192.168.5.11[0-9]/24 metric 24 brd 192.168.5.255 scope global secondary dynamic noprefixroute test-label')
5855 self
.assertNotIn('2600::', output
)
5857 output
= check_output('ip -4 --json address show dev veth99')
5858 for i
in json
.loads(output
)[0]['addr_info']:
5859 if i
['label'] == 'test-label':
5860 address1
= i
['local']
5863 self
.assertFalse(True)
5865 self
.assertRegex(address1
, r
'^192.168.5.11[0-9]$')
5867 print('## ip route show table main dev veth99')
5868 output
= check_output('ip route show table main dev veth99')
5870 # no DHCP routes assigned to the main table
5871 self
.assertNotIn('proto dhcp', output
)
5873 self
.assertIn('192.168.5.0/24 proto kernel scope link src 192.168.5.250', output
)
5874 self
.assertIn('192.168.5.0/24 proto static scope link', output
)
5875 self
.assertIn('192.168.6.0/24 proto static scope link', output
)
5876 self
.assertIn('192.168.7.0/24 proto static scope link', output
)
5878 print('## ip route show table 211 dev veth99')
5879 output
= check_output('ip route show table 211 dev veth99')
5881 self
.assertRegex(output
, f
'default via 192.168.5.1 proto dhcp src {address1} metric 24')
5882 self
.assertRegex(output
, f
'192.168.5.0/24 proto dhcp scope link src {address1} metric 24')
5883 self
.assertRegex(output
, f
'192.168.5.1 proto dhcp scope link src {address1} metric 24')
5884 self
.assertRegex(output
, f
'192.168.5.6 proto dhcp scope link src {address1} metric 24')
5885 self
.assertRegex(output
, f
'192.168.5.7 proto dhcp scope link src {address1} metric 24')
5886 self
.assertIn('10.0.0.0/8 via 192.168.5.1 proto dhcp', output
)
5888 print('## link state file')
5889 output
= read_link_state_file('veth99')
5891 # checking DNS server, SIP server, and Domains
5892 self
.assertIn('DNS=192.168.5.6 192.168.5.7', output
)
5893 self
.assertIn('SIP=192.168.5.21 192.168.5.22', output
)
5894 self
.assertIn('DOMAINS=example.com', output
)
5897 j
= json
.loads(networkctl_json('veth99'))
5899 self
.assertEqual(len(j
['DNS']), 2)
5902 self
.assertEqual(i
['Family'], 2)
5903 a
= socket
.inet_ntop(socket
.AF_INET
, bytearray(i
['Address']))
5904 self
.assertRegex(a
, '^192.168.5.[67]$')
5905 self
.assertEqual(i
['ConfigSource'], 'DHCPv4')
5906 a
= socket
.inet_ntop(socket
.AF_INET
, bytearray(i
['ConfigProvider']))
5907 self
.assertEqual('192.168.5.1', a
)
5909 self
.assertEqual(len(j
['SIP']), 2)
5912 self
.assertEqual(i
['Family'], 2)
5913 a
= socket
.inet_ntop(socket
.AF_INET
, bytearray(i
['Address']))
5914 self
.assertRegex(a
, '^192.168.5.2[12]$')
5915 self
.assertEqual(i
['ConfigSource'], 'DHCPv4')
5916 a
= socket
.inet_ntop(socket
.AF_INET
, bytearray(i
['ConfigProvider']))
5917 self
.assertEqual('192.168.5.1', a
)
5919 print('## dnsmasq log')
5920 output
= read_dnsmasq_log_file()
5922 self
.assertIn('vendor class: FooBarVendorTest', output
)
5923 self
.assertIn('DHCPDISCOVER(veth-peer) 192.168.5.110 12:34:56:78:9a:bc', output
)
5924 self
.assertIn('client provides name: test-hostname', output
)
5925 self
.assertIn('26:mtu', output
)
5927 # change address range, DNS servers, and Domains
5929 start_dnsmasq('--dhcp-option=option:dns-server,192.168.5.1,192.168.5.7,192.168.5.8',
5930 '--dhcp-option=option:sip-server,192.168.5.23,192.168.5.24',
5931 '--dhcp-option=option:domain-search,foo.example.com',
5932 '--dhcp-alternate-port=67,5555',
5933 ipv4_range
='192.168.5.120,192.168.5.129',)
5935 # Sleep for 120 sec as the dnsmasq minimum lease time can only be set to 120
5936 print('Wait for the DHCP lease to be expired')
5937 self
.wait_address_dropped('veth99', f
'inet {address1}/24', ipv
='-4', timeout_sec
=120)
5938 self
.wait_address('veth99', r
'inet 192.168.5.12[0-9]*/24', ipv
='-4')
5940 self
.wait_online('veth99:routable', 'veth-peer:routable')
5942 print('## ip address show dev veth99 scope global')
5943 output
= check_output('ip address show dev veth99 scope global')
5945 self
.assertIn('mtu 1492', output
)
5946 self
.assertIn('inet 192.168.5.250/24 brd 192.168.5.255 scope global veth99', output
)
5947 self
.assertNotIn(f
'{address1}', output
)
5948 self
.assertRegex(output
, r
'inet 192.168.5.12[0-9]/24 metric 24 brd 192.168.5.255 scope global secondary dynamic noprefixroute test-label')
5949 self
.assertNotIn('2600::', output
)
5951 output
= check_output('ip -4 --json address show dev veth99')
5952 for i
in json
.loads(output
)[0]['addr_info']:
5953 if i
['label'] == 'test-label':
5954 address2
= i
['local']
5957 self
.assertFalse(True)
5959 self
.assertRegex(address2
, r
'^192.168.5.12[0-9]$')
5961 print('## ip route show table main dev veth99')
5962 output
= check_output('ip route show table main dev veth99')
5964 # no DHCP routes assigned to the main table
5965 self
.assertNotIn('proto dhcp', output
)
5967 self
.assertIn('192.168.5.0/24 proto kernel scope link src 192.168.5.250', output
)
5968 self
.assertIn('192.168.5.0/24 proto static scope link', output
)
5969 self
.assertIn('192.168.6.0/24 proto static scope link', output
)
5970 self
.assertIn('192.168.7.0/24 proto static scope link', output
)
5972 print('## ip route show table 211 dev veth99')
5973 output
= check_output('ip route show table 211 dev veth99')
5975 self
.assertRegex(output
, f
'default via 192.168.5.1 proto dhcp src {address2} metric 24')
5976 self
.assertRegex(output
, f
'192.168.5.0/24 proto dhcp scope link src {address2} metric 24')
5977 self
.assertRegex(output
, f
'192.168.5.1 proto dhcp scope link src {address2} metric 24')
5978 self
.assertNotIn('192.168.5.6', output
)
5979 self
.assertRegex(output
, f
'192.168.5.7 proto dhcp scope link src {address2} metric 24')
5980 self
.assertRegex(output
, f
'192.168.5.8 proto dhcp scope link src {address2} metric 24')
5981 self
.assertIn('10.0.0.0/8 via 192.168.5.1 proto dhcp', output
)
5983 print('## link state file')
5984 output
= read_link_state_file('veth99')
5986 # checking DNS server, SIP server, and Domains
5987 self
.assertIn('DNS=192.168.5.1 192.168.5.7 192.168.5.8', output
)
5988 self
.assertIn('SIP=192.168.5.23 192.168.5.24', output
)
5989 self
.assertIn('DOMAINS=foo.example.com', output
)
5992 j
= json
.loads(networkctl_json('veth99'))
5994 self
.assertEqual(len(j
['DNS']), 3)
5997 self
.assertEqual(i
['Family'], 2)
5998 a
= socket
.inet_ntop(socket
.AF_INET
, bytearray(i
['Address']))
5999 self
.assertRegex(a
, '^192.168.5.[178]$')
6000 self
.assertEqual(i
['ConfigSource'], 'DHCPv4')
6001 a
= socket
.inet_ntop(socket
.AF_INET
, bytearray(i
['ConfigProvider']))
6002 self
.assertEqual('192.168.5.1', a
)
6004 self
.assertEqual(len(j
['SIP']), 2)
6007 self
.assertEqual(i
['Family'], 2)
6008 a
= socket
.inet_ntop(socket
.AF_INET
, bytearray(i
['Address']))
6009 self
.assertRegex(a
, '^192.168.5.2[34]$')
6010 self
.assertEqual(i
['ConfigSource'], 'DHCPv4')
6011 a
= socket
.inet_ntop(socket
.AF_INET
, bytearray(i
['ConfigProvider']))
6012 self
.assertEqual('192.168.5.1', a
)
6014 print('## dnsmasq log')
6015 output
= read_dnsmasq_log_file()
6017 self
.assertIn('vendor class: FooBarVendorTest', output
)
6018 self
.assertIn(f
'DHCPDISCOVER(veth-peer) {address1} 12:34:56:78:9a:bc', output
)
6019 self
.assertIn('client provides name: test-hostname', output
)
6020 self
.assertIn('26:mtu', output
)
6022 self
.check_netlabel('veth99', r
'192\.168\.5\.0/24')
6024 self
.check_nftset('addr4', r
'192\.168\.5\.1')
6025 self
.check_nftset('network4', r
'192\.168\.5\.0/24')
6026 self
.check_nftset('ifindex', 'veth99')
6028 self
.teardown_nftset('addr4', 'network4', 'ifindex')
6030 def test_dhcp_client_ipv4_dbus_status(self
):
6031 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-ipv4-only.network')
6033 self
.wait_online('veth-peer:carrier')
6035 state
= get_dhcp4_client_state('veth99')
6036 print(f
"State = {state}")
6037 self
.assertEqual(state
, 'rebooting')
6039 start_dnsmasq('--dhcp-option=option:dns-server,192.168.5.6,192.168.5.7',
6040 '--dhcp-option=option:domain-search,example.com',
6041 '--dhcp-alternate-port=67,5555',
6042 ipv4_range
='192.168.5.110,192.168.5.119')
6043 self
.wait_online('veth99:routable', 'veth-peer:routable')
6044 self
.wait_address('veth99', r
'inet 192.168.5.11[0-9]*/24', ipv
='-4')
6046 state
= get_dhcp4_client_state('veth99')
6047 print(f
"State = {state}")
6048 self
.assertEqual(state
, 'bound')
6050 def test_dhcp_client_allow_list(self
):
6051 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-allow-list.network', copy_dropins
=False)
6054 self
.wait_online('veth-peer:carrier')
6055 since
= datetime
.datetime
.now()
6058 expect
= 'veth99: DHCPv4 server IP address 192.168.5.1 not found in allow-list, ignoring offer.'
6060 if expect
in read_networkd_log(since
=since
):
6066 copy_network_unit('25-dhcp-client-allow-list.network.d/00-allow-list.conf')
6067 since
= datetime
.datetime
.now()
6070 expect
= 'veth99: DHCPv4 server IP address 192.168.5.1 not found in allow-list, ignoring offer.'
6072 if expect
in read_networkd_log(since
=since
):
6078 copy_network_unit('25-dhcp-client-allow-list.network.d/10-deny-list.conf')
6079 since
= datetime
.datetime
.now()
6082 expect
= 'veth99: DHCPv4 server IP address 192.168.5.1 found in deny-list, ignoring offer.'
6084 if expect
in read_networkd_log(since
=since
):
6090 @unittest.skipUnless("--dhcp-rapid-commit" in run("dnsmasq --help").stdout
, reason
="dnsmasq is missing dhcp-rapid-commit support")
6091 def test_dhcp_client_rapid_commit(self
):
6092 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client.network')
6094 self
.wait_online('veth-peer:carrier')
6096 start_dnsmasq('--dhcp-rapid-commit')
6097 self
.wait_online('veth99:routable', 'veth-peer:routable')
6098 self
.wait_address('veth99', r
'inet 192.168.5.[0-9]*/24', ipv
='-4')
6100 state
= get_dhcp4_client_state('veth99')
6101 print(f
"DHCPv4 client state = {state}")
6102 self
.assertEqual(state
, 'bound')
6104 output
= read_dnsmasq_log_file()
6105 self
.assertIn('DHCPDISCOVER(veth-peer)', output
)
6106 self
.assertNotIn('DHCPOFFER(veth-peer)', output
)
6107 self
.assertNotIn('DHCPREQUEST(veth-peer)', output
)
6108 self
.assertIn('DHCPACK(veth-peer)', output
)
6110 def test_dhcp_client_ipv6_only_mode_without_ipv6_connectivity(self
):
6111 copy_network_unit('25-veth.netdev',
6112 '25-dhcp-server-ipv6-only-mode.network',
6113 '25-dhcp-client-ipv6-only-mode.network')
6115 self
.wait_online('veth99:routable', 'veth-peer:routable', timeout
='40s')
6116 self
.wait_address('veth99', r
'inet 192.168.5.[0-9]*/24', ipv
='-4')
6118 state
= get_dhcp4_client_state('veth99')
6119 print(f
"State = {state}")
6120 self
.assertEqual(state
, 'bound')
6122 def test_dhcp_client_ipv4_use_routes_gateway(self
):
6124 for (routes
, gateway
, dns_and_ntp_routes
, classless
) in itertools
.product([True, False], repeat
=4):
6130 print(f
'### test_dhcp_client_ipv4_use_routes_gateway(routes={routes}, gateway={gateway}, dns_and_ntp_routes={dns_and_ntp_routes}, classless={classless})')
6131 with self
.subTest(routes
=routes
, gateway
=gateway
, dns_and_ntp_routes
=dns_and_ntp_routes
, classless
=classless
):
6132 self
._test
_dhcp
_client
_ipv
4_use
_routes
_gateway
(routes
, gateway
, dns_and_ntp_routes
, classless
)
6134 def _test_dhcp_client_ipv4_use_routes_gateway(self
, use_routes
, use_gateway
, dns_and_ntp_routes
, classless
):
6135 testunit
= '25-dhcp-client-ipv4-use-routes-use-gateway.network'
6136 testunits
= ['25-veth.netdev', '25-dhcp-server-veth-peer.network', testunit
]
6137 testunits
.append(f
'{testunit}.d/use-routes-{use_routes}.conf')
6138 testunits
.append(f
'{testunit}.d/use-gateway-{use_gateway}.conf')
6139 testunits
.append(f
'{testunit}.d/use-dns-and-ntp-routes-{dns_and_ntp_routes}.conf')
6140 copy_network_unit(*testunits
, copy_dropins
=False)
6143 self
.wait_online('veth-peer:carrier')
6144 additional_options
= [
6145 '--dhcp-option=option:dns-server,192.168.5.10,8.8.8.8',
6146 '--dhcp-option=option:ntp-server,192.168.5.11,9.9.9.9',
6147 '--dhcp-option=option:static-route,192.168.6.100,192.168.5.2,8.8.8.8,192.168.5.3'
6150 additional_options
+= [
6151 '--dhcp-option=option:classless-static-route,0.0.0.0/0,192.168.5.4,8.0.0.0/8,192.168.5.5,192.168.5.64/26,192.168.5.5'
6153 start_dnsmasq(*additional_options
)
6154 self
.wait_online('veth99:routable', 'veth-peer:routable')
6156 output
= check_output('ip -4 route show dev veth99')
6162 self
.assertRegex(output
, r
'default via 192.168.5.4 proto dhcp src 192.168.5.[0-9]* metric 1024')
6163 self
.assertRegex(output
, r
'8.0.0.0/8 via 192.168.5.5 proto dhcp src 192.168.5.[0-9]* metric 1024')
6164 self
.assertRegex(output
, r
'192.168.5.64/26 via 192.168.5.5 proto dhcp src 192.168.5.[0-9]* metric 1024')
6165 self
.assertRegex(output
, r
'192.168.5.4 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
6166 self
.assertRegex(output
, r
'192.168.5.5 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
6168 self
.assertRegex(output
, r
'192.168.6.0/24 via 192.168.5.2 proto dhcp src 192.168.5.[0-9]* metric 1024')
6169 self
.assertRegex(output
, r
'8.0.0.0/8 via 192.168.5.3 proto dhcp src 192.168.5.[0-9]* metric 1024')
6170 self
.assertRegex(output
, r
'192.168.5.2 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
6171 self
.assertRegex(output
, r
'192.168.5.3 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
6173 self
.assertNotRegex(output
, r
'default via 192.168.5.4 proto dhcp src 192.168.5.[0-9]* metric 1024')
6174 self
.assertNotRegex(output
, r
'8.0.0.0/8 via 192.168.5.5 proto dhcp src 192.168.5.[0-9]* metric 1024')
6175 self
.assertNotRegex(output
, r
'192.168.5.4 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
6176 self
.assertNotRegex(output
, r
'192.168.5.5 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
6177 self
.assertNotRegex(output
, r
'192.168.6.0/24 via 192.168.5.2 proto dhcp src 192.168.5.[0-9]* metric 1024')
6178 self
.assertNotRegex(output
, r
'8.0.0.0/8 via 192.168.5.3 proto dhcp src 192.168.5.[0-9]* metric 1024')
6179 self
.assertNotRegex(output
, r
'192.168.5.2 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
6180 self
.assertNotRegex(output
, r
'192.168.5.3 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
6183 if use_gateway
and (not classless
or not use_routes
):
6184 self
.assertRegex(output
, r
'default via 192.168.5.1 proto dhcp src 192.168.5.[0-9]* metric 1024')
6186 self
.assertNotRegex(output
, r
'default via 192.168.5.1 proto dhcp src 192.168.5.[0-9]* metric 1024')
6188 # Check route to gateway
6189 if (use_gateway
or dns_and_ntp_routes
) and (not classless
or not use_routes
):
6190 self
.assertRegex(output
, r
'192.168.5.1 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
6192 self
.assertNotRegex(output
, r
'192.168.5.1 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
6194 # Check RoutesToDNS= and RoutesToNTP=
6195 if dns_and_ntp_routes
:
6196 self
.assertRegex(output
, r
'192.168.5.10 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
6197 self
.assertRegex(output
, r
'192.168.5.11 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
6200 self
.assertRegex(output
, r
'8.8.8.8 via 192.168.5.5 proto dhcp src 192.168.5.[0-9]* metric 1024')
6201 self
.assertRegex(output
, r
'9.9.9.9 via 192.168.5.4 proto dhcp src 192.168.5.[0-9]* metric 1024')
6203 self
.assertRegex(output
, r
'8.8.8.8 via 192.168.5.3 proto dhcp src 192.168.5.[0-9]* metric 1024')
6204 self
.assertRegex(output
, r
'9.9.9.9 via 192.168.5.1 proto dhcp src 192.168.5.[0-9]* metric 1024')
6206 self
.assertRegex(output
, r
'8.8.8.8 via 192.168.5.1 proto dhcp src 192.168.5.[0-9]* metric 1024')
6207 self
.assertRegex(output
, r
'9.9.9.9 via 192.168.5.1 proto dhcp src 192.168.5.[0-9]* metric 1024')
6209 self
.assertNotRegex(output
, r
'192.168.5.10 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
6210 self
.assertNotRegex(output
, r
'192.168.5.11 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
6211 self
.assertNotRegex(output
, r
'8.8.8.8 via 192.168.5.[0-9]* proto dhcp src 192.168.5.[0-9]* metric 1024')
6212 self
.assertNotRegex(output
, r
'9.9.9.9 via 192.168.5.[0-9]* proto dhcp src 192.168.5.[0-9]* metric 1024')
6214 check_json(networkctl_json())
6216 def test_dhcp_client_settings_anonymize(self
):
6217 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-anonymize.network')
6219 self
.wait_online('veth-peer:carrier')
6221 self
.wait_online('veth99:routable', 'veth-peer:routable')
6223 print('## dnsmasq log')
6224 output
= read_dnsmasq_log_file()
6226 self
.assertNotIn('VendorClassIdentifier=SusantVendorTest', output
)
6227 self
.assertNotIn('test-hostname', output
)
6228 self
.assertNotIn('26:mtu', output
)
6230 def test_dhcp_keep_configuration_dhcp(self
):
6231 copy_network_unit('25-veth.netdev',
6232 '25-dhcp-server-veth-peer.network',
6233 '25-dhcp-client-keep-configuration-dhcp.network')
6235 self
.wait_online('veth-peer:carrier')
6237 self
.wait_online('veth99:routable', 'veth-peer:routable')
6239 output
= check_output('ip address show dev veth99 scope global')
6241 self
.assertRegex(output
, r
'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global veth99\n *'
6242 'valid_lft forever preferred_lft forever')
6244 # Stopping dnsmasq as networkd won't be allowed to renew the DHCP lease.
6247 # Sleep for 120 sec as the dnsmasq minimum lease time can only be set to 120
6248 print('Wait for the DHCP lease to be expired')
6251 # The lease address should be kept after the lease expired
6252 output
= check_output('ip address show dev veth99 scope global')
6254 self
.assertRegex(output
, r
'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global veth99\n *'
6255 'valid_lft forever preferred_lft forever')
6259 # The lease address should be kept after networkd stopped
6260 output
= check_output('ip address show dev veth99 scope global')
6262 self
.assertRegex(output
, r
'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global veth99\n *'
6263 'valid_lft forever preferred_lft forever')
6265 with
open(os
.path
.join(network_unit_dir
, '25-dhcp-client-keep-configuration-dhcp.network'), mode
='a', encoding
='utf-8') as f
:
6266 f
.write('[Network]\nDHCP=no\n')
6269 self
.wait_online('veth99:routable', 'veth-peer:routable')
6271 # Still the lease address should be kept after networkd restarted
6272 output
= check_output('ip address show dev veth99 scope global')
6274 self
.assertRegex(output
, r
'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global veth99\n *'
6275 'valid_lft forever preferred_lft forever')
6277 def test_dhcp_keep_configuration_dhcp_on_stop(self
):
6278 copy_network_unit('25-veth.netdev',
6279 '25-dhcp-server-veth-peer.network',
6280 '25-dhcp-client-keep-configuration-dhcp-on-stop.network')
6282 self
.wait_online('veth-peer:carrier')
6284 self
.wait_online('veth99:routable', 'veth-peer:routable')
6286 output
= check_output('ip address show dev veth99 scope global')
6288 self
.assertRegex(output
, r
'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic veth99')
6293 output
= check_output('ip address show dev veth99 scope global')
6295 self
.assertRegex(output
, r
'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic veth99')
6298 self
.wait_online('veth-peer:routable')
6300 output
= check_output('ip address show dev veth99 scope global')
6302 self
.assertNotIn('192.168.5.', output
)
6304 def test_dhcp_client_reuse_address_as_static(self
):
6305 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client.network')
6307 self
.wait_online('veth-peer:carrier')
6309 self
.wait_online('veth99:routable', 'veth-peer:routable')
6311 # link become 'routable' when at least one protocol provide an valid address.
6312 self
.wait_address('veth99', r
'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic', ipv
='-4')
6313 self
.wait_address('veth99', r
'inet6 2600::[0-9a-f]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)', ipv
='-6')
6315 output
= check_output('ip address show dev veth99 scope global')
6316 ipv4_address
= re
.search(r
'192.168.5.[0-9]*/24', output
).group()
6317 ipv6_address
= re
.search(r
'2600::[0-9a-f:]*/128', output
).group()
6318 static_network
= '\n'.join(['[Match]', 'Name=veth99', '[Network]', 'IPv6AcceptRA=no', 'Address=' + ipv4_address
, 'Address=' + ipv6_address
])
6319 print(static_network
)
6321 remove_network_unit('25-dhcp-client.network')
6323 with
open(os
.path
.join(network_unit_dir
, '25-static.network'), mode
='w', encoding
='utf-8') as f
:
6324 f
.write(static_network
)
6327 self
.wait_online('veth99:routable')
6329 output
= check_output('ip -4 address show dev veth99 scope global')
6331 self
.assertRegex(output
, f
'inet {ipv4_address} brd 192.168.5.255 scope global veth99\n *'
6332 'valid_lft forever preferred_lft forever')
6334 output
= check_output('ip -6 address show dev veth99 scope global')
6336 self
.assertRegex(output
, f
'inet6 {ipv6_address} scope global *\n *'
6337 'valid_lft forever preferred_lft forever')
6339 @expectedFailureIfModuleIsNotAvailable('vrf')
6340 def test_dhcp_client_vrf(self
):
6341 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-vrf.network',
6342 '25-vrf.netdev', '25-vrf.network')
6344 self
.wait_online('veth-peer:carrier')
6346 self
.wait_online('veth99:routable', 'veth-peer:routable', 'vrf99:carrier')
6348 # link become 'routable' when at least one protocol provide an valid address.
6349 self
.wait_address('veth99', r
'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic', ipv
='-4')
6350 self
.wait_address('veth99', r
'inet6 2600::[0-9a-f]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)', ipv
='-6')
6352 print('## ip -d link show dev vrf99')
6353 output
= check_output('ip -d link show dev vrf99')
6355 self
.assertRegex(output
, 'vrf table 42')
6357 print('## ip address show vrf vrf99')
6358 output
= check_output('ip address show vrf vrf99')
6360 self
.assertRegex(output
, 'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic veth99')
6361 self
.assertRegex(output
, 'inet6 2600::[0-9a-f]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)')
6362 self
.assertRegex(output
, 'inet6 .* scope link')
6364 print('## ip address show dev veth99')
6365 output
= check_output('ip address show dev veth99')
6367 self
.assertRegex(output
, 'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic veth99')
6368 self
.assertRegex(output
, 'inet6 2600::[0-9a-f]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)')
6369 self
.assertRegex(output
, 'inet6 .* scope link')
6371 print('## ip route show vrf vrf99')
6372 output
= check_output('ip route show vrf vrf99')
6374 self
.assertRegex(output
, 'default via 192.168.5.1 dev veth99 proto dhcp src 192.168.5.')
6375 self
.assertRegex(output
, '192.168.5.0/24 dev veth99 proto kernel scope link src 192.168.5')
6376 self
.assertRegex(output
, '192.168.5.1 dev veth99 proto dhcp scope link src 192.168.5')
6378 print('## ip route show table main dev veth99')
6379 output
= check_output('ip route show table main dev veth99')
6381 self
.assertEqual(output
, '')
6383 def test_dhcp_client_gateway_onlink_implicit(self
):
6384 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network',
6385 '25-dhcp-client-gateway-onlink-implicit.network')
6387 self
.wait_online('veth-peer:carrier')
6389 self
.wait_online('veth99:routable', 'veth-peer:routable')
6391 output
= networkctl_status('veth99')
6393 self
.assertRegex(output
, '192.168.5')
6395 output
= check_output('ip route list dev veth99 10.0.0.0/8')
6397 self
.assertRegex(output
, 'onlink')
6398 output
= check_output('ip route list dev veth99 192.168.100.0/24')
6400 self
.assertRegex(output
, 'onlink')
6402 def test_dhcp_client_with_ipv4ll(self
):
6403 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network',
6404 '25-dhcp-client-with-ipv4ll.network')
6406 # we need to increase timeout above default, as this will need to wait for
6407 # systemd-networkd to get the dhcpv4 transient failure event
6408 self
.wait_online('veth99:degraded', 'veth-peer:routable', timeout
='60s')
6410 output
= check_output('ip -4 address show dev veth99')
6412 self
.assertNotIn('192.168.5.', output
)
6413 self
.assertIn('inet 169.254.133.11/16 metric 2048 brd 169.254.255.255 scope link', output
)
6416 print('Wait for a DHCP lease to be acquired and the IPv4LL address to be dropped')
6417 self
.wait_address('veth99', r
'inet 192\.168\.5\.\d+/24 metric 1024 brd 192\.168\.5\.255 scope global dynamic', ipv
='-4')
6418 self
.wait_address_dropped('veth99', r
'inet 169\.254\.\d+\.\d+/16 metric 2048 brd 169\.254\.255\.255 scope link', scope
='link', ipv
='-4')
6419 self
.wait_online('veth99:routable')
6421 output
= check_output('ip -4 address show dev veth99')
6423 self
.assertRegex(output
, r
'inet 192\.168\.5\.\d+/24 metric 1024 brd 192\.168\.5\.255 scope global dynamic veth99')
6424 self
.assertNotIn('169.254.', output
)
6425 self
.assertNotIn('scope link', output
)
6428 print('Wait for the DHCP lease to be expired and an IPv4LL address to be acquired')
6429 self
.wait_address_dropped('veth99', r
'inet 192\.168\.5\.\d+/24 metric 1024 brd 192\.168\.5\.255 scope global dynamic', ipv
='-4', timeout_sec
=130)
6430 self
.wait_address('veth99', r
'inet 169\.254\.133\.11/16 metric 2048 brd 169\.254\.255\.255 scope link', scope
='link', ipv
='-4')
6432 output
= check_output('ip -4 address show dev veth99')
6434 self
.assertNotIn('192.168.5.', output
)
6435 self
.assertIn('inet 169.254.133.11/16 metric 2048 brd 169.254.255.255 scope link', output
)
6437 def test_dhcp_client_use_dns(self
):
6438 def check(self
, ipv4
, ipv6
):
6439 os
.makedirs(os
.path
.join(network_unit_dir
, '25-dhcp-client.network.d'), exist_ok
=True)
6440 with
open(os
.path
.join(network_unit_dir
, '25-dhcp-client.network.d/override.conf'), mode
='w', encoding
='utf-8') as f
:
6441 f
.write('[DHCPv4]\nUseDNS=')
6442 f
.write('yes' if ipv4
else 'no')
6443 f
.write('\n[DHCPv6]\nUseDNS=')
6444 f
.write('yes' if ipv6
else 'no')
6445 f
.write('\n[IPv6AcceptRA]\nUseDNS=no')
6448 self
.wait_online('veth99:routable')
6450 # link becomes 'routable' when at least one protocol provide an valid address. Hence, we need to explicitly wait for both addresses.
6451 self
.wait_address('veth99', r
'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic', ipv
='-4')
6452 self
.wait_address('veth99', r
'inet6 2600::[0-9a-f]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)', ipv
='-6')
6454 # make resolved re-read the link state file
6455 resolvectl('revert', 'veth99')
6457 output
= resolvectl('dns', 'veth99')
6460 self
.assertIn('192.168.5.1', output
)
6462 self
.assertNotIn('192.168.5.1', output
)
6464 self
.assertIn('2600::1', output
)
6466 self
.assertNotIn('2600::1', output
)
6468 check_json(networkctl_json())
6470 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client.network', copy_dropins
=False)
6473 self
.wait_online('veth-peer:carrier')
6474 start_dnsmasq('--dhcp-option=option:dns-server,192.168.5.1',
6475 '--dhcp-option=option6:dns-server,[2600::1]')
6477 check(self
, True, True)
6478 check(self
, True, False)
6479 check(self
, False, True)
6480 check(self
, False, False)
6482 def test_dhcp_client_use_captive_portal(self
):
6483 def check(self
, ipv4
, ipv6
):
6484 os
.makedirs(os
.path
.join(network_unit_dir
, '25-dhcp-client.network.d'), exist_ok
=True)
6485 with
open(os
.path
.join(network_unit_dir
, '25-dhcp-client.network.d/override.conf'), mode
='w', encoding
='utf-8') as f
:
6486 f
.write('[DHCPv4]\nUseCaptivePortal=')
6487 f
.write('yes' if ipv4
else 'no')
6488 f
.write('\n[DHCPv6]\nUseCaptivePortal=')
6489 f
.write('yes' if ipv6
else 'no')
6490 f
.write('\n[IPv6AcceptRA]\nUseCaptivePortal=no')
6493 self
.wait_online('veth99:routable')
6495 # link becomes 'routable' when at least one protocol provide an valid address. Hence, we need to explicitly wait for both addresses.
6496 self
.wait_address('veth99', r
'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic', ipv
='-4')
6497 self
.wait_address('veth99', r
'inet6 2600::[0-9a-f]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)', ipv
='-6')
6499 output
= networkctl_status('veth99')
6502 self
.assertIn('Captive Portal: http://systemd.io', output
)
6504 self
.assertNotIn('Captive Portal: http://systemd.io', output
)
6506 check_json(networkctl_json())
6508 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client.network', copy_dropins
=False)
6511 self
.wait_online('veth-peer:carrier')
6512 start_dnsmasq('--dhcp-option=114,http://systemd.io',
6513 '--dhcp-option=option6:103,http://systemd.io')
6515 check(self
, True, True)
6516 check(self
, True, False)
6517 check(self
, False, True)
6518 check(self
, False, False)
6520 def test_dhcp_client_reject_captive_portal(self
):
6521 def check(self
, ipv4
, ipv6
):
6522 os
.makedirs(os
.path
.join(network_unit_dir
, '25-dhcp-client.network.d'), exist_ok
=True)
6523 with
open(os
.path
.join(network_unit_dir
, '25-dhcp-client.network.d/override.conf'), mode
='w', encoding
='utf-8') as f
:
6524 f
.write('[DHCPv4]\nUseCaptivePortal=')
6525 f
.write('yes' if ipv4
else 'no')
6526 f
.write('\n[DHCPv6]\nUseCaptivePortal=')
6527 f
.write('yes' if ipv6
else 'no')
6528 f
.write('\n[IPv6AcceptRA]\nUseCaptivePortal=no')
6531 self
.wait_online('veth99:routable')
6533 # link becomes 'routable' when at least one protocol provide an valid address. Hence, we need to explicitly wait for both addresses.
6534 self
.wait_address('veth99', r
'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic', ipv
='-4')
6535 self
.wait_address('veth99', r
'inet6 2600::[0-9a-f]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)', ipv
='-6')
6537 output
= networkctl_status('veth99')
6539 self
.assertNotIn('Captive Portal: ', output
)
6540 self
.assertNotIn('invalid/url', output
)
6542 check_json(networkctl_json())
6544 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client.network', copy_dropins
=False)
6547 self
.wait_online('veth-peer:carrier')
6548 masq
= lambda bs
: ':'.join(f
'{b:02x}' for b
in bs
)
6549 start_dnsmasq('--dhcp-option=114,' + masq(b
'http://\x00invalid/url'),
6550 '--dhcp-option=option6:103,' + masq(b
'http://\x00/invalid/url'))
6552 check(self
, True, True)
6553 check(self
, True, False)
6554 check(self
, False, True)
6555 check(self
, False, False)
6557 class NetworkdDHCPPDTests(unittest
.TestCase
, Utilities
):
6565 def test_dhcp6pd(self
):
6566 def get_dhcp6_prefix(link
):
6567 description
= get_link_description(link
)
6569 self
.assertIn('DHCPv6Client', description
.keys())
6570 self
.assertIn('Prefixes', description
['DHCPv6Client'])
6572 prefixInfo
= description
['DHCPv6Client']['Prefixes']
6576 copy_network_unit('25-veth.netdev', '25-dhcp6pd-server.network', '25-dhcp6pd-upstream.network',
6577 '25-veth-downstream-veth97.netdev', '25-dhcp-pd-downstream-veth97.network', '25-dhcp-pd-downstream-veth97-peer.network',
6578 '25-veth-downstream-veth98.netdev', '25-dhcp-pd-downstream-veth98.network', '25-dhcp-pd-downstream-veth98-peer.network',
6579 '11-dummy.netdev', '25-dhcp-pd-downstream-test1.network',
6580 '25-dhcp-pd-downstream-dummy97.network',
6581 '12-dummy.netdev', '25-dhcp-pd-downstream-dummy98.network',
6582 '13-dummy.netdev', '25-dhcp-pd-downstream-dummy99.network',
6585 self
.setup_nftset('addr6', 'ipv6_addr')
6586 self
.setup_nftset('network6', 'ipv6_addr', 'flags interval;')
6587 self
.setup_nftset('ifindex', 'iface_index')
6590 self
.wait_online('veth-peer:routable')
6591 start_isc_dhcpd(conf_file
='isc-dhcpd-dhcp6pd.conf', ipv
='-6')
6592 self
.wait_online('veth99:degraded')
6594 # First, test UseAddress=no and Assign=no (issue #29979).
6595 # Note, due to the bug #29701, this test must be done at first.
6596 print('### ip -6 address show dev veth99 scope global')
6597 output
= check_output('ip -6 address show dev veth99 scope global')
6599 self
.assertNotIn('inet6 3ffe:501:ffff', output
)
6601 # Check DBus assigned prefix information to veth99
6602 prefixInfo
= get_dhcp6_prefix('veth99')
6604 self
.assertEqual(len(prefixInfo
), 1)
6605 prefixInfo
= prefixInfo
[0]
6607 self
.assertIn('Prefix', prefixInfo
.keys())
6608 self
.assertIn('PrefixLength', prefixInfo
.keys())
6609 self
.assertIn('PreferredLifetimeUSec', prefixInfo
.keys())
6610 self
.assertIn('ValidLifetimeUSec', prefixInfo
.keys())
6612 self
.assertEqual(prefixInfo
['Prefix'][0:6], [63, 254, 5, 1, 255, 255])
6613 self
.assertEqual(prefixInfo
['PrefixLength'], 56)
6614 self
.assertGreater(prefixInfo
['PreferredLifetimeUSec'], 0)
6615 self
.assertGreater(prefixInfo
['ValidLifetimeUSec'], 0)
6617 copy_network_unit('25-dhcp6pd-upstream.network.d/with-address.conf')
6619 self
.wait_online('veth99:routable', 'test1:routable', 'dummy98:routable', 'dummy99:degraded',
6620 'veth97:routable', 'veth97-peer:routable', 'veth98:routable', 'veth98-peer:routable')
6622 print('### ip -6 address show dev veth-peer scope global')
6623 output
= check_output('ip -6 address show dev veth-peer scope global')
6625 self
.assertIn('inet6 3ffe:501:ffff:100::1/64 scope global', output
)
6629 # dummy97: 0x01 (The link will appear later)
6631 # dummy99: auto -> 0x02 (No address assignment)
6636 print('### ip -6 address show dev veth99 scope global')
6637 output
= check_output('ip -6 address show dev veth99 scope global')
6640 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:100::[0-9]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)')
6641 # address in IA_PD (Token=static)
6642 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]10:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic')
6643 # address in IA_PD (Token=eui64)
6644 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]10:1034:56ff:fe78:9abc/64 (metric 256 |)scope global dynamic')
6645 # address in IA_PD (temporary)
6646 # Note that the temporary addresses may appear after the link enters configured state
6647 self
.wait_address('veth99', 'inet6 3ffe:501:ffff:[2-9a-f]10:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6649 print('### ip -6 address show dev test1 scope global')
6650 output
= check_output('ip -6 address show dev test1 scope global')
6652 # address in IA_PD (Token=static)
6653 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]00:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6654 # address in IA_PD (temporary)
6655 self
.wait_address('test1', 'inet6 3ffe:501:ffff:[2-9a-f]00:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6657 print('### ip -6 address show dev dummy98 scope global')
6658 output
= check_output('ip -6 address show dev dummy98 scope global')
6660 # address in IA_PD (Token=static)
6661 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]00:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6662 # address in IA_PD (temporary)
6663 self
.wait_address('dummy98', 'inet6 3ffe:501:ffff:[2-9a-f]00:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6665 print('### ip -6 address show dev dummy99 scope global')
6666 output
= check_output('ip -6 address show dev dummy99 scope global')
6669 self
.assertNotRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]02')
6671 print('### ip -6 address show dev veth97 scope global')
6672 output
= check_output('ip -6 address show dev veth97 scope global')
6674 # address in IA_PD (Token=static)
6675 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]08:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6676 # address in IA_PD (Token=eui64)
6677 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]08:1034:56ff:fe78:9ace/64 (metric 256 |)scope global dynamic mngtmpaddr')
6678 # address in IA_PD (temporary)
6679 self
.wait_address('veth97', 'inet6 3ffe:501:ffff:[2-9a-f]08:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6681 print('### ip -6 address show dev veth97-peer scope global')
6682 output
= check_output('ip -6 address show dev veth97-peer scope global')
6684 # NDisc address (Token=static)
6685 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]08:1a:2b:3c:4e/64 (metric 256 |)scope global dynamic mngtmpaddr')
6686 # NDisc address (Token=eui64)
6687 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]08:1034:56ff:fe78:9acf/64 (metric 256 |)scope global dynamic mngtmpaddr')
6688 # NDisc address (temporary)
6689 self
.wait_address('veth97-peer', 'inet6 3ffe:501:ffff:[2-9a-f]08:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6691 print('### ip -6 address show dev veth98 scope global')
6692 output
= check_output('ip -6 address show dev veth98 scope global')
6694 # address in IA_PD (Token=static)
6695 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]09:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6696 # address in IA_PD (Token=eui64)
6697 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]09:1034:56ff:fe78:9abe/64 (metric 256 |)scope global dynamic mngtmpaddr')
6698 # address in IA_PD (temporary)
6699 self
.wait_address('veth98', 'inet6 3ffe:501:ffff:[2-9a-f]09:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6701 print('### ip -6 address show dev veth98-peer scope global')
6702 output
= check_output('ip -6 address show dev veth98-peer scope global')
6704 # NDisc address (Token=static)
6705 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]09:1a:2b:3c:4e/64 (metric 256 |)scope global dynamic mngtmpaddr')
6706 # NDisc address (Token=eui64)
6707 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]09:1034:56ff:fe78:9abf/64 (metric 256 |)scope global dynamic mngtmpaddr')
6708 # NDisc address (temporary)
6709 self
.wait_address('veth98-peer', 'inet6 3ffe:501:ffff:[2-9a-f]09:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6711 print('### ip -6 route show type unreachable')
6712 output
= check_output('ip -6 route show type unreachable')
6714 self
.assertRegex(output
, 'unreachable 3ffe:501:ffff:[2-9a-f]00::/56 dev lo proto dhcp')
6716 print('### ip -6 route show dev veth99')
6717 output
= check_output('ip -6 route show dev veth99')
6719 self
.assertRegex(output
, '3ffe:501:ffff:[2-9a-f]10::/64 proto kernel metric [0-9]* expires')
6721 print('### ip -6 route show dev test1')
6722 output
= check_output('ip -6 route show dev test1')
6724 self
.assertRegex(output
, '3ffe:501:ffff:[2-9a-f]00::/64 proto kernel metric [0-9]* expires')
6726 print('### ip -6 route show dev dummy98')
6727 output
= check_output('ip -6 route show dev dummy98')
6729 self
.assertRegex(output
, '3ffe:501:ffff:[2-9a-f]00::/64 proto kernel metric [0-9]* expires')
6731 print('### ip -6 route show dev dummy99')
6732 output
= check_output('ip -6 route show dev dummy99')
6734 self
.assertRegex(output
, '3ffe:501:ffff:[2-9a-f]02::/64 proto dhcp metric [0-9]* expires')
6736 print('### ip -6 route show dev veth97')
6737 output
= check_output('ip -6 route show dev veth97')
6739 self
.assertRegex(output
, '3ffe:501:ffff:[2-9a-f]08::/64 proto kernel metric [0-9]* expires')
6741 print('### ip -6 route show dev veth97-peer')
6742 output
= check_output('ip -6 route show dev veth97-peer')
6744 self
.assertRegex(output
, '3ffe:501:ffff:[2-9a-f]08::/64 proto ra metric [0-9]* expires')
6746 print('### ip -6 route show dev veth98')
6747 output
= check_output('ip -6 route show dev veth98')
6749 self
.assertRegex(output
, '3ffe:501:ffff:[2-9a-f]09::/64 proto kernel metric [0-9]* expires')
6751 print('### ip -6 route show dev veth98-peer')
6752 output
= check_output('ip -6 route show dev veth98-peer')
6754 self
.assertRegex(output
, '3ffe:501:ffff:[2-9a-f]09::/64 proto ra metric [0-9]* expires')
6756 # Test case for a downstream which appears later
6757 check_output('ip link add dummy97 type dummy')
6758 self
.wait_online('dummy97:routable')
6760 print('### ip -6 address show dev dummy97 scope global')
6761 output
= check_output('ip -6 address show dev dummy97 scope global')
6763 # address in IA_PD (Token=static)
6764 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]01:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6765 # address in IA_PD (temporary)
6766 self
.wait_address('dummy97', 'inet6 3ffe:501:ffff:[2-9a-f]01:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6768 print('### ip -6 route show dev dummy97')
6769 output
= check_output('ip -6 route show dev dummy97')
6771 self
.assertRegex(output
, '3ffe:501:ffff:[2-9a-f]01::/64 proto kernel metric [0-9]* expires')
6773 # Test case for reconfigure
6774 networkctl_reconfigure('dummy98', 'dummy99')
6775 self
.wait_online('dummy98:routable', 'dummy99:degraded')
6777 print('### ip -6 address show dev dummy98 scope global')
6778 output
= check_output('ip -6 address show dev dummy98 scope global')
6780 # address in IA_PD (Token=static)
6781 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]00:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6782 # address in IA_PD (temporary)
6783 self
.wait_address('dummy98', 'inet6 3ffe:501:ffff:[2-9a-f]00:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6785 print('### ip -6 address show dev dummy99 scope global')
6786 output
= check_output('ip -6 address show dev dummy99 scope global')
6789 self
.assertNotRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]02')
6791 print('### ip -6 route show dev dummy98')
6792 output
= check_output('ip -6 route show dev dummy98')
6794 self
.assertRegex(output
, '3ffe:501:ffff:[2-9a-f]00::/64 proto kernel metric [0-9]* expires')
6796 print('### ip -6 route show dev dummy99')
6797 output
= check_output('ip -6 route show dev dummy99')
6799 self
.assertRegex(output
, '3ffe:501:ffff:[2-9a-f]02::/64 proto dhcp metric [0-9]* expires')
6801 self
.check_netlabel('dummy98', '3ffe:501:ffff:[2-9a-f]00::/64')
6803 self
.check_nftset('addr6', '3ffe:501:ffff:[2-9a-f]00:1a:2b:3c:4d')
6804 self
.check_nftset('addr6', '3ffe:501:ffff:[2-9a-f]00:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*')
6805 self
.check_nftset('network6', '3ffe:501:ffff:[2-9a-f]00::/64')
6806 self
.check_nftset('ifindex', 'dummy98')
6808 self
.teardown_nftset('addr6', 'network6', 'ifindex')
6810 def verify_dhcp4_6rd(self
, tunnel_name
):
6811 print('### ip -4 address show dev veth-peer scope global')
6812 output
= check_output('ip -4 address show dev veth-peer scope global')
6814 self
.assertIn('inet 10.0.0.1/8 brd 10.255.255.255 scope global veth-peer', output
)
6818 # dummy97: 0x01 (The link will appear later)
6820 # dummy99: auto -> 0x0[23] (No address assignment)
6821 # 6rd-XXX: auto -> 0x0[23]
6826 print('### ip -4 address show dev veth99 scope global')
6827 output
= check_output('ip -4 address show dev veth99 scope global')
6829 self
.assertRegex(output
, 'inet 10.100.100.[0-9]*/8 (metric 1024 |)brd 10.255.255.255 scope global dynamic veth99')
6831 print('### ip -6 address show dev veth99 scope global')
6832 output
= check_output('ip -6 address show dev veth99 scope global')
6834 # address in IA_PD (Token=static)
6835 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+10:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6836 # address in IA_PD (Token=eui64)
6837 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+10:1034:56ff:fe78:9abc/64 (metric 256 |)scope global dynamic mngtmpaddr')
6838 # address in IA_PD (temporary)
6839 # Note that the temporary addresses may appear after the link enters configured state
6840 self
.wait_address('veth99', 'inet6 2001:db8:6464:[0-9a-f]+10:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6842 print('### ip -6 address show dev test1 scope global')
6843 output
= check_output('ip -6 address show dev test1 scope global')
6845 # address in IA_PD (Token=static)
6846 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+00:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6847 # address in IA_PD (temporary)
6848 self
.wait_address('test1', 'inet6 2001:db8:6464:[0-9a-f]+00:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6850 print('### ip -6 address show dev dummy98 scope global')
6851 output
= check_output('ip -6 address show dev dummy98 scope global')
6853 # address in IA_PD (Token=static)
6854 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+00:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6855 # address in IA_PD (temporary)
6856 self
.wait_address('dummy98', 'inet6 2001:db8:6464:[0-9a-f]+00:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6858 print('### ip -6 address show dev dummy99 scope global')
6859 output
= check_output('ip -6 address show dev dummy99 scope global')
6862 self
.assertNotRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+0[23]')
6864 print('### ip -6 address show dev veth97 scope global')
6865 output
= check_output('ip -6 address show dev veth97 scope global')
6867 # address in IA_PD (Token=static)
6868 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+08:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6869 # address in IA_PD (Token=eui64)
6870 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+08:1034:56ff:fe78:9ace/64 (metric 256 |)scope global dynamic mngtmpaddr')
6871 # address in IA_PD (temporary)
6872 self
.wait_address('veth97', 'inet6 2001:db8:6464:[0-9a-f]+08:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6874 print('### ip -6 address show dev veth97-peer scope global')
6875 output
= check_output('ip -6 address show dev veth97-peer scope global')
6877 # NDisc address (Token=static)
6878 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+08:1a:2b:3c:4e/64 (metric 256 |)scope global dynamic mngtmpaddr')
6879 # NDisc address (Token=eui64)
6880 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+08:1034:56ff:fe78:9acf/64 (metric 256 |)scope global dynamic mngtmpaddr')
6881 # NDisc address (temporary)
6882 self
.wait_address('veth97-peer', 'inet6 2001:db8:6464:[0-9a-f]+08:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6884 print('### ip -6 address show dev veth98 scope global')
6885 output
= check_output('ip -6 address show dev veth98 scope global')
6887 # address in IA_PD (Token=static)
6888 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+09:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6889 # address in IA_PD (Token=eui64)
6890 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+09:1034:56ff:fe78:9abe/64 (metric 256 |)scope global dynamic mngtmpaddr')
6891 # address in IA_PD (temporary)
6892 self
.wait_address('veth98', 'inet6 2001:db8:6464:[0-9a-f]+09:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6894 print('### ip -6 address show dev veth98-peer scope global')
6895 output
= check_output('ip -6 address show dev veth98-peer scope global')
6897 # NDisc address (Token=static)
6898 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+09:1a:2b:3c:4e/64 (metric 256 |)scope global dynamic mngtmpaddr')
6899 # NDisc address (Token=eui64)
6900 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+09:1034:56ff:fe78:9abf/64 (metric 256 |)scope global dynamic mngtmpaddr')
6901 # NDisc address (temporary)
6902 self
.wait_address('veth98-peer', 'inet6 2001:db8:6464:[0-9a-f]+09:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6904 print('### ip -6 route show type unreachable')
6905 output
= check_output('ip -6 route show type unreachable')
6907 self
.assertRegex(output
, 'unreachable 2001:db8:6464:[0-9a-f]+00::/56 dev lo proto dhcp')
6909 print('### ip -6 route show dev veth99')
6910 output
= check_output('ip -6 route show dev veth99')
6912 self
.assertRegex(output
, '2001:db8:6464:[0-9a-f]+10::/64 proto kernel metric [0-9]* expires')
6914 print('### ip -6 route show dev test1')
6915 output
= check_output('ip -6 route show dev test1')
6917 self
.assertRegex(output
, '2001:db8:6464:[0-9a-f]+00::/64 proto kernel metric [0-9]* expires')
6919 print('### ip -6 route show dev dummy98')
6920 output
= check_output('ip -6 route show dev dummy98')
6922 self
.assertRegex(output
, '2001:db8:6464:[0-9a-f]+00::/64 proto kernel metric [0-9]* expires')
6924 print('### ip -6 route show dev dummy99')
6925 output
= check_output('ip -6 route show dev dummy99')
6927 self
.assertRegex(output
, '2001:db8:6464:[0-9a-f]+0[23]::/64 proto dhcp metric [0-9]* expires')
6929 print('### ip -6 route show dev veth97')
6930 output
= check_output('ip -6 route show dev veth97')
6932 self
.assertRegex(output
, '2001:db8:6464:[0-9a-f]+08::/64 proto kernel metric [0-9]* expires')
6934 print('### ip -6 route show dev veth97-peer')
6935 output
= check_output('ip -6 route show dev veth97-peer')
6937 self
.assertRegex(output
, '2001:db8:6464:[0-9a-f]+08::/64 proto ra metric [0-9]* expires')
6939 print('### ip -6 route show dev veth98')
6940 output
= check_output('ip -6 route show dev veth98')
6942 self
.assertRegex(output
, '2001:db8:6464:[0-9a-f]+09::/64 proto kernel metric [0-9]* expires')
6944 print('### ip -6 route show dev veth98-peer')
6945 output
= check_output('ip -6 route show dev veth98-peer')
6947 self
.assertRegex(output
, '2001:db8:6464:[0-9a-f]+09::/64 proto ra metric [0-9]* expires')
6949 print('### ip -6 address show dev dummy97 scope global')
6950 output
= check_output('ip -6 address show dev dummy97 scope global')
6952 # address in IA_PD (Token=static)
6953 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+01:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6954 # address in IA_PD (temporary)
6955 self
.wait_address('dummy97', 'inet6 2001:db8:6464:[0-9a-f]+01:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6957 print('### ip -6 route show dev dummy97')
6958 output
= check_output('ip -6 route show dev dummy97')
6960 self
.assertRegex(output
, '2001:db8:6464:[0-9a-f]+01::/64 proto kernel metric [0-9]* expires')
6962 print(f
'### ip -d link show dev {tunnel_name}')
6963 output
= check_output(f
'ip -d link show dev {tunnel_name}')
6965 self
.assertIn('link/sit 10.100.100.', output
)
6966 self
.assertIn('local 10.100.100.', output
)
6967 self
.assertIn('ttl 64', output
)
6968 self
.assertIn('6rd-prefix 2001:db8::/32', output
)
6969 self
.assertIn('6rd-relay_prefix 10.0.0.0/8', output
)
6971 print(f
'### ip -6 address show dev {tunnel_name}')
6972 output
= check_output(f
'ip -6 address show dev {tunnel_name}')
6974 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+0[23]:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global dynamic')
6975 self
.assertRegex(output
, 'inet6 ::10.100.100.[0-9]+/96 scope global')
6977 print(f
'### ip -6 route show dev {tunnel_name}')
6978 output
= check_output(f
'ip -6 route show dev {tunnel_name}')
6980 self
.assertRegex(output
, '2001:db8:6464:[0-9a-f]+0[23]::/64 proto kernel metric [0-9]* expires')
6981 self
.assertRegex(output
, '::/96 proto kernel metric [0-9]*')
6983 print('### ip -6 route show default')
6984 output
= check_output('ip -6 route show default')
6986 self
.assertIn('default', output
)
6987 self
.assertIn(f
'via ::10.0.0.1 dev {tunnel_name}', output
)
6989 def test_dhcp4_6rd(self
):
6990 def get_dhcp_6rd_prefix(link
):
6991 description
= get_link_description(link
)
6993 self
.assertIn('DHCPv4Client', description
.keys())
6994 self
.assertIn('6rdPrefix', description
['DHCPv4Client'].keys())
6996 prefixInfo
= description
['DHCPv4Client']['6rdPrefix']
6997 self
.assertIn('Prefix', prefixInfo
.keys())
6998 self
.assertIn('PrefixLength', prefixInfo
.keys())
6999 self
.assertIn('IPv4MaskLength', prefixInfo
.keys())
7000 self
.assertIn('BorderRouters', prefixInfo
.keys())
7004 copy_network_unit('25-veth.netdev', '25-dhcp4-6rd-server.network', '25-dhcp4-6rd-upstream.network',
7005 '25-veth-downstream-veth97.netdev', '25-dhcp-pd-downstream-veth97.network', '25-dhcp-pd-downstream-veth97-peer.network',
7006 '25-veth-downstream-veth98.netdev', '25-dhcp-pd-downstream-veth98.network', '25-dhcp-pd-downstream-veth98-peer.network',
7007 '11-dummy.netdev', '25-dhcp-pd-downstream-test1.network',
7008 '25-dhcp-pd-downstream-dummy97.network',
7009 '12-dummy.netdev', '25-dhcp-pd-downstream-dummy98.network',
7010 '13-dummy.netdev', '25-dhcp-pd-downstream-dummy99.network',
7011 '80-6rd-tunnel.network')
7014 self
.wait_online('veth-peer:routable')
7017 # 6rd-prefix: 2001:db8::/32
7018 # br-addresss: 10.0.0.1
7020 start_dnsmasq('--dhcp-option=212,08:20:20:01:0d:b8:00:00:00:00:00:00:00:00:00:00:00:00:0a:00:00:01',
7021 ipv4_range
='10.100.100.100,10.100.100.200',
7022 ipv4_router
='10.0.0.1')
7023 self
.wait_online('veth99:routable', 'test1:routable', 'dummy98:routable', 'dummy99:degraded',
7024 'veth97:routable', 'veth97-peer:routable', 'veth98:routable', 'veth98-peer:routable')
7026 # Check the DBus interface for assigned prefix information
7027 prefixInfo
= get_dhcp_6rd_prefix('veth99')
7029 self
.assertEqual(prefixInfo
['Prefix'], [32,1,13,184,0,0,0,0,0,0,0,0,0,0,0,0]) # 2001:db8::
7030 self
.assertEqual(prefixInfo
['PrefixLength'], 32)
7031 self
.assertEqual(prefixInfo
['IPv4MaskLength'], 8)
7032 self
.assertEqual(prefixInfo
['BorderRouters'], [[10,0,0,1]])
7034 # Test case for a downstream which appears later
7035 check_output('ip link add dummy97 type dummy')
7036 self
.wait_online('dummy97:routable')
7040 for name
in os
.listdir('/sys/class/net/'):
7041 if name
.startswith('6rd-'):
7045 self
.wait_online(f
'{tunnel_name}:routable')
7047 self
.verify_dhcp4_6rd(tunnel_name
)
7049 # Test case for reconfigure
7050 networkctl_reconfigure('dummy98', 'dummy99')
7051 self
.wait_online('dummy98:routable', 'dummy99:degraded')
7053 self
.verify_dhcp4_6rd(tunnel_name
)
7055 print('Wait for the DHCP lease to be renewed/rebind')
7058 self
.wait_online('veth99:routable', 'test1:routable', 'dummy97:routable', 'dummy98:routable', 'dummy99:degraded',
7059 'veth97:routable', 'veth97-peer:routable', 'veth98:routable', 'veth98-peer:routable')
7061 self
.verify_dhcp4_6rd(tunnel_name
)
7063 class NetworkdIPv6PrefixTests(unittest
.TestCase
, Utilities
):
7071 def test_ipv6_route_prefix(self
):
7072 copy_network_unit('25-veth.netdev', '25-ipv6ra-prefix-client.network', '25-ipv6ra-prefix.network',
7073 '12-dummy.netdev', '25-ipv6ra-uplink.network')
7076 self
.wait_online('veth99:routable', 'veth-peer:routable', 'dummy98:routable')
7078 output
= check_output('ip address show dev veth-peer')
7080 self
.assertIn('inet6 2001:db8:0:1:', output
)
7081 self
.assertNotIn('inet6 2001:db8:0:2:', output
)
7082 self
.assertNotIn('inet6 2001:db8:0:3:', output
)
7084 output
= check_output('ip -6 route show dev veth-peer')
7086 self
.assertIn('2001:db8:0:1::/64 proto ra', output
)
7087 self
.assertNotIn('2001:db8:0:2::/64 proto ra', output
)
7088 self
.assertNotIn('2001:db8:0:3::/64 proto ra', output
)
7089 self
.assertIn('2001:db0:fff::/64 via ', output
)
7090 self
.assertNotIn('2001:db1:fff::/64 via ', output
)
7091 self
.assertNotIn('2001:db2:fff::/64 via ', output
)
7093 output
= check_output('ip address show dev veth99')
7095 self
.assertNotIn('inet6 2001:db8:0:1:', output
)
7096 self
.assertIn('inet6 2001:db8:0:2:1a:2b:3c:4d', output
)
7097 self
.assertIn('inet6 2001:db8:0:2:fa:de:ca:fe', output
)
7098 self
.assertNotIn('inet6 2001:db8:0:3:', output
)
7100 output
= resolvectl('dns', 'veth-peer')
7102 self
.assertRegex(output
, '2001:db8:1:1::2')
7104 output
= resolvectl('domain', 'veth-peer')
7106 self
.assertIn('example.com', output
)
7108 check_json(networkctl_json())
7110 output
= networkctl_json('veth-peer')
7114 pref64
= json
.loads(output
)['NDisc']['PREF64'][0]
7116 prefix
= socket
.inet_ntop(socket
.AF_INET6
, bytearray(pref64
['Prefix']))
7117 self
.assertEqual(prefix
, '64:ff9b::')
7119 prefix_length
= pref64
['PrefixLength']
7120 self
.assertEqual(prefix_length
, 96)
7122 def test_ipv6_route_prefix_deny_list(self
):
7123 copy_network_unit('25-veth.netdev', '25-ipv6ra-prefix-client-deny-list.network', '25-ipv6ra-prefix.network',
7124 '12-dummy.netdev', '25-ipv6ra-uplink.network')
7127 self
.wait_online('veth99:routable', 'veth-peer:routable', 'dummy98:routable')
7129 output
= check_output('ip address show dev veth-peer')
7131 self
.assertIn('inet6 2001:db8:0:1:', output
)
7132 self
.assertNotIn('inet6 2001:db8:0:2:', output
)
7134 output
= check_output('ip -6 route show dev veth-peer')
7136 self
.assertIn('2001:db8:0:1::/64 proto ra', output
)
7137 self
.assertNotIn('2001:db8:0:2::/64 proto ra', output
)
7138 self
.assertIn('2001:db0:fff::/64 via ', output
)
7139 self
.assertNotIn('2001:db1:fff::/64 via ', output
)
7141 output
= check_output('ip address show dev veth99')
7143 self
.assertNotIn('inet6 2001:db8:0:1:', output
)
7144 self
.assertIn('inet6 2001:db8:0:2:', output
)
7146 output
= resolvectl('dns', 'veth-peer')
7148 self
.assertRegex(output
, '2001:db8:1:1::2')
7150 output
= resolvectl('domain', 'veth-peer')
7152 self
.assertIn('example.com', output
)
7154 class NetworkdMTUTests(unittest
.TestCase
, Utilities
):
7162 def check_mtu(self
, mtu
, ipv6_mtu
=None, reset
=True):
7168 self
.wait_online('dummy98:routable')
7169 self
.check_link_attr('dummy98', 'mtu', mtu
)
7170 self
.check_ipv6_sysctl_attr('dummy98', 'mtu', ipv6_mtu
)
7172 # test normal restart
7174 self
.wait_online('dummy98:routable')
7175 self
.check_link_attr('dummy98', 'mtu', mtu
)
7176 self
.check_ipv6_sysctl_attr('dummy98', 'mtu', ipv6_mtu
)
7179 self
.reset_check_mtu(mtu
, ipv6_mtu
)
7181 def reset_check_mtu(self
, mtu
, ipv6_mtu
=None):
7182 ''' test setting mtu/ipv6_mtu with interface already up '''
7185 # note - changing the device mtu resets the ipv6 mtu
7186 check_output('ip link set up mtu 1501 dev dummy98')
7187 check_output('ip link set up mtu 1500 dev dummy98')
7188 self
.check_link_attr('dummy98', 'mtu', '1500')
7189 self
.check_ipv6_sysctl_attr('dummy98', 'mtu', '1500')
7191 self
.check_mtu(mtu
, ipv6_mtu
, reset
=False)
7193 def test_mtu_network(self
):
7194 copy_network_unit('12-dummy.netdev', '12-dummy.network.d/mtu.conf')
7195 self
.check_mtu('1600')
7197 def test_mtu_netdev(self
):
7198 copy_network_unit('12-dummy-mtu.netdev', '12-dummy.network', copy_dropins
=False)
7199 # note - MTU set by .netdev happens ONLY at device creation!
7200 self
.check_mtu('1600', reset
=False)
7202 def test_mtu_link(self
):
7203 copy_network_unit('12-dummy.netdev', '12-dummy-mtu.link', '12-dummy.network', copy_dropins
=False)
7204 # note - MTU set by .link happens ONLY at udev processing of device 'add' uevent!
7205 self
.check_mtu('1600', reset
=False)
7207 def test_ipv6_mtu(self
):
7208 ''' set ipv6 mtu without setting device mtu '''
7209 copy_network_unit('12-dummy.netdev', '12-dummy.network.d/ipv6-mtu-1400.conf')
7210 self
.check_mtu('1500', '1400')
7212 def test_ipv6_mtu_toolarge(self
):
7213 ''' try set ipv6 mtu over device mtu (it shouldn't work) '''
7214 copy_network_unit('12-dummy.netdev', '12-dummy.network.d/ipv6-mtu-1550.conf')
7215 self
.check_mtu('1500', '1500')
7217 def test_mtu_network_ipv6_mtu(self
):
7218 ''' set ipv6 mtu and set device mtu via network file '''
7219 copy_network_unit('12-dummy.netdev', '12-dummy.network.d/mtu.conf', '12-dummy.network.d/ipv6-mtu-1550.conf')
7220 self
.check_mtu('1600', '1550')
7222 def test_mtu_netdev_ipv6_mtu(self
):
7223 ''' set ipv6 mtu and set device mtu via netdev file '''
7224 copy_network_unit('12-dummy-mtu.netdev', '12-dummy.network.d/ipv6-mtu-1550.conf')
7225 self
.check_mtu('1600', '1550', reset
=False)
7227 def test_mtu_link_ipv6_mtu(self
):
7228 ''' set ipv6 mtu and set device mtu via link file '''
7229 copy_network_unit('12-dummy.netdev', '12-dummy-mtu.link', '12-dummy.network.d/ipv6-mtu-1550.conf')
7230 self
.check_mtu('1600', '1550', reset
=False)
7233 if __name__
== '__main__':
7234 parser
= argparse
.ArgumentParser()
7235 parser
.add_argument('--build-dir', help='Path to build dir', dest
='build_dir')
7236 parser
.add_argument('--source-dir', help='Path to source dir/git tree', dest
='source_dir')
7237 parser
.add_argument('--networkd', help='Path to systemd-networkd', dest
='networkd_bin')
7238 parser
.add_argument('--resolved', help='Path to systemd-resolved', dest
='resolved_bin')
7239 parser
.add_argument('--timesyncd', help='Path to systemd-timesyncd', dest
='timesyncd_bin')
7240 parser
.add_argument('--udevd', help='Path to systemd-udevd', dest
='udevd_bin')
7241 parser
.add_argument('--wait-online', help='Path to systemd-networkd-wait-online', dest
='wait_online_bin')
7242 parser
.add_argument('--networkctl', help='Path to networkctl', dest
='networkctl_bin')
7243 parser
.add_argument('--resolvectl', help='Path to resolvectl', dest
='resolvectl_bin')
7244 parser
.add_argument('--timedatectl', help='Path to timedatectl', dest
='timedatectl_bin')
7245 parser
.add_argument('--udevadm', help='Path to udevadm', dest
='udevadm_bin')
7246 parser
.add_argument('--valgrind', help='Enable valgrind', dest
='use_valgrind', type=bool, nargs
='?', const
=True, default
=use_valgrind
)
7247 parser
.add_argument('--debug', help='Generate debugging logs', dest
='enable_debug', type=bool, nargs
='?', const
=True, default
=enable_debug
)
7248 parser
.add_argument('--asan-options', help='ASAN options', dest
='asan_options')
7249 parser
.add_argument('--lsan-options', help='LSAN options', dest
='lsan_options')
7250 parser
.add_argument('--ubsan-options', help='UBSAN options', dest
='ubsan_options')
7251 parser
.add_argument('--with-coverage', help='Loosen certain sandbox restrictions to make gcov happy', dest
='with_coverage', type=bool, nargs
='?', const
=True, default
=with_coverage
)
7252 ns
, unknown_args
= parser
.parse_known_args(namespace
=unittest
)
7255 if ns
.networkd_bin
or ns
.resolved_bin
or ns
.timesyncd_bin
or ns
.udevd_bin
or \
7256 ns
.wait_online_bin
or ns
.networkctl_bin
or ns
.resolvectl_bin
or ns
.timedatectl_bin
or ns
.udevadm_bin
:
7257 print('WARNING: --networkd, --resolved, --timesyncd, --udevd, --wait-online, --networkctl, --resolvectl, --timedatectl, or --udevadm options are ignored when --build-dir is specified.')
7258 networkd_bin
= os
.path
.join(ns
.build_dir
, 'systemd-networkd')
7259 resolved_bin
= os
.path
.join(ns
.build_dir
, 'systemd-resolved')
7260 timesyncd_bin
= os
.path
.join(ns
.build_dir
, 'systemd-timesyncd')
7261 udevd_bin
= os
.path
.join(ns
.build_dir
, 'udevadm')
7262 wait_online_bin
= os
.path
.join(ns
.build_dir
, 'systemd-networkd-wait-online')
7263 networkctl_bin
= os
.path
.join(ns
.build_dir
, 'networkctl')
7264 resolvectl_bin
= os
.path
.join(ns
.build_dir
, 'resolvectl')
7265 timedatectl_bin
= os
.path
.join(ns
.build_dir
, 'timedatectl')
7266 udevadm_bin
= os
.path
.join(ns
.build_dir
, 'udevadm')
7267 systemd_udev_rules_build_dir
= os
.path
.join(ns
.build_dir
, 'rules.d')
7270 networkd_bin
= ns
.networkd_bin
7272 resolved_bin
= ns
.resolved_bin
7273 if ns
.timesyncd_bin
:
7274 timesyncd_bin
= ns
.timesyncd_bin
7276 udevd_bin
= ns
.udevd_bin
7277 if ns
.wait_online_bin
:
7278 wait_online_bin
= ns
.wait_online_bin
7279 if ns
.networkctl_bin
:
7280 networkctl_bin
= ns
.networkctl_bin
7281 if ns
.resolvectl_bin
:
7282 resolvectl_bin
= ns
.resolvectl_bin
7283 if ns
.timedatectl_bin
:
7284 timedatectl_bin
= ns
.timedatectl_bin
7286 udevadm_bin
= ns
.udevadm_bin
7289 systemd_source_dir
= ns
.source_dir
7291 systemd_source_dir
= os
.path
.normpath(os
.path
.join(os
.path
.dirname(os
.path
.abspath(__file__
)), "../../"))
7292 if not os
.path
.exists(os
.path
.join(systemd_source_dir
, "meson_options.txt")):
7293 raise RuntimeError(f
"{systemd_source_dir} doesn't appear to be a systemd source tree")
7295 use_valgrind
= ns
.use_valgrind
7296 enable_debug
= ns
.enable_debug
7297 asan_options
= ns
.asan_options
7298 lsan_options
= ns
.lsan_options
7299 ubsan_options
= ns
.ubsan_options
7300 with_coverage
= ns
.with_coverage
7303 # Do not forget the trailing space.
7304 valgrind_cmd
= 'valgrind --track-origins=yes --leak-check=full --show-leak-kinds=all '
7306 networkctl_cmd
= valgrind_cmd
.split() + [networkctl_bin
]
7307 resolvectl_cmd
= valgrind_cmd
.split() + [resolvectl_bin
]
7308 timedatectl_cmd
= valgrind_cmd
.split() + [timedatectl_bin
]
7309 udevadm_cmd
= valgrind_cmd
.split() + [udevadm_bin
]
7310 wait_online_cmd
= valgrind_cmd
.split() + [wait_online_bin
]
7313 env
.update({'ASAN_OPTIONS': asan_options
})
7315 env
.update({'LSAN_OPTIONS': lsan_options
})
7317 env
.update({'UBSAN_OPTIONS': ubsan_options
})
7319 env
.update({'SYSTEMD_MEMPOOL': '0'})
7321 wait_online_env
= env
.copy()
7323 wait_online_env
.update({'SYSTEMD_LOG_LEVEL': 'debug'})
7325 sys
.argv
[1:] = unknown_args
7326 unittest
.main(verbosity
=3)