return f
def setUpModule():
-
os.makedirs(network_unit_file_path, exist_ok=True)
os.makedirs(networkd_ci_path, exist_ok=True)
if sleep_sec > 0:
time.sleep(sleep_sec)
- def wait_online(self, links_with_operstate, timeout='20s'):
- args = [wait_online_bin, f' --timeout={timeout}'] + [f'--interface={link}' for link in links_with_operstate]
+ def wait_online(self, links_with_operstate, timeout='20s', bool_any=False):
+ args = [wait_online_bin, f'--timeout={timeout}'] + [f'--interface={link}' for link in links_with_operstate]
+ if bool_any:
+ args += ['--any']
subprocess.check_call(args)
class NetworkdNetDevTests(unittest.TestCase, Utilities):
'erspan98',
'erspan99',
'geneve99',
+ 'gretap96',
'gretap98',
'gretap99',
+ 'gretun96',
'gretun97',
'gretun98',
'gretun99',
'ip6tnl97',
'ip6tnl98',
'ip6tnl99',
+ 'ipiptun96',
'ipiptun97',
'ipiptun98',
'ipiptun99',
'isataptun99',
'macvlan99',
'macvtap99',
+ 'sittun96',
'sittun97',
'sittun98',
'sittun99',
units = [
'10-dropin-test.netdev',
'11-dummy.netdev',
+ '11-dummy.network',
'12-dummy.netdev',
+ '15-name-conflict-test.netdev',
'21-macvlan.netdev',
'21-macvtap.netdev',
'21-vlan-test1.network',
'25-bond.netdev',
'25-bond-balanced-tlb.netdev',
'25-bridge.netdev',
+ '25-bridge.network',
'25-erspan-tunnel-local-any.netdev',
'25-erspan-tunnel.netdev',
+ '25-fou-gretap.netdev',
+ '25-fou-gre.netdev',
+ '25-fou-ipip.netdev',
+ '25-fou-ipproto-gre.netdev',
+ '25-fou-ipproto-ipip.netdev',
+ '25-fou-sit.netdev',
'25-geneve.netdev',
'25-gretap-tunnel-local-any.netdev',
'25-gretap-tunnel.netdev',
'25-ipip-tunnel.netdev',
'25-ipvlan.netdev',
'25-isatap-tunnel.netdev',
+ '25-macsec.key',
+ '25-macsec.netdev',
+ '25-macsec.network',
'25-sit-tunnel-local-any.netdev',
'25-sit-tunnel-remote-any.netdev',
'25-sit-tunnel.netdev',
'25-vxlan.netdev',
'25-wireguard-23-peers.netdev',
'25-wireguard-23-peers.network',
+ '25-wireguard-preshared-key.txt',
'25-wireguard-private-key.txt',
'25-wireguard.netdev',
+ '25-wireguard.network',
'6rd.network',
+ 'erspan.network',
'gre.network',
'gretap.network',
'gretun.network',
'ipip.network',
'ipvlan.network',
'isatap.network',
+ 'macsec.network',
'macvlan.network',
'macvtap.network',
'sit.network',
self.remove_unit_from_networkd_path(self.units)
def test_dropin(self):
- self.copy_unit_to_networkd_unit_path('10-dropin-test.netdev')
+ self.copy_unit_to_networkd_unit_path('10-dropin-test.netdev', '15-name-conflict-test.netdev')
self.start_networkd()
self.assertTrue(self.link_exits('dropin-test'))
+ # This also tests NetDev.Name= conflict and basic networkctl functionalities
+
output = subprocess.check_output(['ip', 'link', 'show', 'dropin-test']).rstrip().decode('utf-8')
print(output)
self.assertRegex(output, '00:50:56:c0:00:28')
else:
print('ethtool does not support driver field at least for dummy interfaces, skipping test for Driver field of networkctl.')
+ def test_wait_online_any(self):
+ self.copy_unit_to_networkd_unit_path('25-bridge.netdev', '25-bridge.network', '11-dummy.netdev', '11-dummy.network')
+ self.start_networkd(0)
+
+ self.wait_online(['bridge99', 'test1:degraded'], bool_any=True)
+ self.assertTrue(self.link_exits('bridge99'))
+ self.assertTrue(self.link_exits('test1'))
+
+ output = subprocess.check_output(['networkctl', 'status', 'bridge99']).rstrip().decode('utf-8')
+ print(output)
+ self.assertRegex(output, 'State: (?:off|no-carrier) \(configuring\)')
+
+ output = subprocess.check_output(['networkctl', 'status', 'test1']).rstrip().decode('utf-8')
+ print(output)
+ self.assertRegex(output, 'State: degraded \(configured\)')
+
def test_bridge(self):
self.copy_unit_to_networkd_unit_path('25-bridge.netdev')
self.start_networkd()
output = subprocess.check_output(['ip', '-d', 'link', 'show', 'test1']).rstrip().decode('utf-8')
print(output)
- self.assertTrue(output, ' mtu 2004 ')
+ self.assertRegex(output, ' mtu 2004 ')
output = subprocess.check_output(['ip', '-d', 'link', 'show', 'vlan99']).rstrip().decode('utf-8')
print(output)
- self.assertTrue(output, ' mtu 2000 ')
- self.assertTrue(output, 'REORDER_HDR')
- self.assertTrue(output, 'LOOSE_BINDING')
- self.assertTrue(output, 'GVRP')
- self.assertTrue(output, 'MVRP')
- self.assertTrue(output, ' id 99 ')
+ self.assertRegex(output, ' mtu 2000 ')
+ self.assertRegex(output, 'REORDER_HDR')
+ self.assertRegex(output, 'LOOSE_BINDING')
+ self.assertRegex(output, 'GVRP')
+ self.assertRegex(output, 'MVRP')
+ self.assertRegex(output, ' id 99 ')
output = subprocess.check_output(['ip', '-4', 'address', 'show', 'dev', 'test1']).rstrip().decode('utf-8')
print(output)
output = subprocess.check_output(['ip', '-d', 'link', 'show', 'test1']).rstrip().decode('utf-8')
print(output)
- self.assertTrue(output, ' mtu 2000 ')
+ self.assertRegex(output, ' mtu 2000 ')
output = subprocess.check_output(['ip', '-d', 'link', 'show', 'macvlan99']).rstrip().decode('utf-8')
print(output)
- self.assertTrue(output, ' mtu 2000 ')
+ self.assertRegex(output, ' mtu 2000 ')
@expectedFailureIfModuleIsNotAvailable('ipvlan')
def test_ipvlan(self):
@expectedFailureIfModuleIsNotAvailable('wireguard')
def test_wireguard(self):
- self.copy_unit_to_networkd_unit_path('25-wireguard.netdev')
- self.start_networkd()
+ self.copy_unit_to_networkd_unit_path('25-wireguard.netdev', '25-wireguard.network',
+ '25-wireguard-23-peers.netdev', '25-wireguard-23-peers.network',
+ '25-wireguard-preshared-key.txt', '25-wireguard-private-key.txt')
+ self.start_networkd(0)
+ self.wait_online(['wg99:carrier', 'wg98:routable'])
+
+ self.assertTrue(self.link_exits('wg99'))
+ self.assertTrue(self.link_exits('wg98'))
if shutil.which('wg'):
subprocess.call('wg')
+
output = subprocess.check_output(['wg', 'show', 'wg99', 'listen-port']).rstrip().decode('utf-8')
- self.assertTrue(output, '51820')
+ self.assertRegex(output, '51820')
output = subprocess.check_output(['wg', 'show', 'wg99', 'fwmark']).rstrip().decode('utf-8')
- self.assertTrue(output, '0x4d2')
+ self.assertRegex(output, '0x4d2')
output = subprocess.check_output(['wg', 'show', 'wg99', 'allowed-ips']).rstrip().decode('utf-8')
- self.assertTrue(output, 'RDf+LSpeEre7YEIKaxg+wbpsNV7du+ktR99uBEtIiCA=\t192.168.26.0/24 fd31:bf08:57cb::/48')
+ self.assertRegex(output, 'RDf\+LSpeEre7YEIKaxg\+wbpsNV7du\+ktR99uBEtIiCA=\t192.168.26.0/24 fd31:bf08:57cb::/48')
+ self.assertRegex(output, 'lsDtM3AbjxNlauRKzHEPfgS1Zp7cp/VX5Use/P4PQSc=\tfdbc:bae2:7871:e1fe:793:8636::/96 fdbc:bae2:7871:500:e1fe:793:8636:dad1/128')
output = subprocess.check_output(['wg', 'show', 'wg99', 'persistent-keepalive']).rstrip().decode('utf-8')
- self.assertTrue(output, 'RDf+LSpeEre7YEIKaxg+wbpsNV7du+ktR99uBEtIiCA=\t20')
+ self.assertRegex(output, 'RDf\+LSpeEre7YEIKaxg\+wbpsNV7du\+ktR99uBEtIiCA=\t20')
output = subprocess.check_output(['wg', 'show', 'wg99', 'endpoints']).rstrip().decode('utf-8')
- self.assertTrue(output, 'RDf+LSpeEre7YEIKaxg+wbpsNV7du+ktR99uBEtIiCA=\t192.168.27.3:51820')
+ self.assertRegex(output, 'RDf\+LSpeEre7YEIKaxg\+wbpsNV7du\+ktR99uBEtIiCA=\t192.168.27.3:51820')
output = subprocess.check_output(['wg', 'show', 'wg99', 'private-key']).rstrip().decode('utf-8')
- self.assertTrue(output, 'EEGlnEPYJV//kbvvIqxKkQwOiS+UENyPncC4bF46ong=')
+ self.assertRegex(output, 'EEGlnEPYJV//kbvvIqxKkQwOiS\+UENyPncC4bF46ong=')
+ output = subprocess.check_output(['wg', 'show', 'wg99', 'preshared-keys']).rstrip().decode('utf-8')
+ self.assertRegex(output, 'RDf\+LSpeEre7YEIKaxg\+wbpsNV7du\+ktR99uBEtIiCA= IIWIV17wutHv7t4cR6pOT91z6NSz/T8Arh0yaywhw3M=')
+ self.assertRegex(output, 'lsDtM3AbjxNlauRKzHEPfgS1Zp7cp/VX5Use/P4PQSc= cPLOy1YUrEI0EMMIycPJmOo0aTu3RZnw8bL5meVD6m0=')
- self.assertTrue(self.link_exits('wg99'))
-
- @expectedFailureIfModuleIsNotAvailable('wireguard')
- def test_wireguard_23_peers(self):
- self.copy_unit_to_networkd_unit_path('25-wireguard-23-peers.netdev', '25-wireguard-23-peers.network',
- '25-wireguard-private-key.txt')
- self.start_networkd()
-
- if shutil.which('wg'):
- subprocess.call('wg')
output = subprocess.check_output(['wg', 'show', 'wg98', 'private-key']).rstrip().decode('utf-8')
- self.assertTrue(output, 'CJQUtcS9emY2fLYqDlpSZiE/QJyHkPWr+WHtZLZ90FU=')
-
- self.assertTrue(self.link_exits('wg98'))
+ self.assertRegex(output, 'CJQUtcS9emY2fLYqDlpSZiE/QJyHkPWr\+WHtZLZ90FU=')
def test_geneve(self):
self.copy_unit_to_networkd_unit_path('25-geneve.netdev')
output = subprocess.check_output(['ip', '-d', 'link', 'show', 'geneve99']).rstrip().decode('utf-8')
print(output)
- self.assertTrue(output, '192.168.22.1')
- self.assertTrue(output, '6082')
- self.assertTrue(output, 'udpcsum')
- self.assertTrue(output, 'udp6zerocsumrx')
+ self.assertRegex(output, '192.168.22.1')
+ self.assertRegex(output, '6082')
+ self.assertRegex(output, 'udpcsum')
+ self.assertRegex(output, 'udp6zerocsumrx')
def test_ipip_tunnel(self):
self.copy_unit_to_networkd_unit_path('12-dummy.netdev', '25-ipip-tunnel.netdev', 'ipip.network',
output = subprocess.check_output(['ip', '-d', 'link', 'show', 'gretun99']).rstrip().decode('utf-8')
print(output)
self.assertRegex(output, 'gre remote 10.65.223.239 local 10.65.223.238 dev dummy98')
+ self.assertRegex(output, 'ikey 1.2.3.103')
+ self.assertRegex(output, 'okey 1.2.4.103')
+ self.assertRegex(output, 'iseq')
+ self.assertRegex(output, 'oseq')
output = subprocess.check_output(['ip', '-d', 'link', 'show', 'gretun98']).rstrip().decode('utf-8')
print(output)
self.assertRegex(output, 'gre remote 10.65.223.239 local any dev dummy98')
+ self.assertRegex(output, 'ikey 0.0.0.104')
+ self.assertRegex(output, 'okey 0.0.0.104')
+ self.assertNotRegex(output, 'iseq')
+ self.assertNotRegex(output, 'oseq')
output = subprocess.check_output(['ip', '-d', 'link', 'show', 'gretun97']).rstrip().decode('utf-8')
print(output)
self.assertRegex(output, 'gre remote any local 10.65.223.238 dev dummy98')
+ self.assertRegex(output, 'ikey 0.0.0.105')
+ self.assertRegex(output, 'okey 0.0.0.105')
+ self.assertNotRegex(output, 'iseq')
+ self.assertNotRegex(output, 'oseq')
def test_ip6gre_tunnel(self):
self.copy_unit_to_networkd_unit_path('12-dummy.netdev', '25-ip6gre-tunnel.netdev', 'ip6gretun.network',
output = subprocess.check_output(['ip', '-d', 'link', 'show', 'gretap99']).rstrip().decode('utf-8')
print(output)
self.assertRegex(output, 'gretap remote 10.65.223.239 local 10.65.223.238 dev dummy98')
+ self.assertRegex(output, 'ikey 0.0.0.106')
+ self.assertRegex(output, 'okey 0.0.0.106')
+ self.assertRegex(output, 'iseq')
+ self.assertRegex(output, 'oseq')
output = subprocess.check_output(['ip', '-d', 'link', 'show', 'gretap98']).rstrip().decode('utf-8')
print(output)
self.assertRegex(output, 'gretap remote 10.65.223.239 local any dev dummy98')
+ self.assertRegex(output, 'ikey 0.0.0.107')
+ self.assertRegex(output, 'okey 0.0.0.107')
+ self.assertRegex(output, 'iseq')
+ self.assertRegex(output, 'oseq')
def test_ip6gretap_tunnel(self):
self.copy_unit_to_networkd_unit_path('12-dummy.netdev', '25-ip6gretap-tunnel.netdev', 'ip6gretap.network',
@expectedFailureIfERSPANModuleIsNotAvailable()
def test_erspan_tunnel(self):
- self.copy_unit_to_networkd_unit_path('25-erspan-tunnel.netdev', '25-erspan-tunnel-local-any.netdev')
+ self.copy_unit_to_networkd_unit_path('12-dummy.netdev', 'erspan.network',
+ '25-erspan-tunnel.netdev', '25-erspan-tunnel-local-any.netdev')
self.start_networkd()
+ self.assertTrue(self.link_exits('dummy98'))
self.assertTrue(self.link_exits('erspan99'))
self.assertTrue(self.link_exits('erspan98'))
output = subprocess.check_output(['ip', '-d', 'link', 'show', 'erspan99']).rstrip().decode('utf-8')
print(output)
self.assertRegex(output, 'erspan remote 172.16.1.100 local 172.16.1.200')
- self.assertRegex(output, '101')
+ self.assertRegex(output, 'ikey 0.0.0.101')
+ self.assertRegex(output, 'okey 0.0.0.101')
+ self.assertRegex(output, 'iseq')
+ self.assertRegex(output, 'oseq')
output = subprocess.check_output(['ip', '-d', 'link', 'show', 'erspan98']).rstrip().decode('utf-8')
print(output)
self.assertRegex(output, 'erspan remote 172.16.1.100 local any')
self.assertRegex(output, '102')
+ self.assertRegex(output, 'ikey 0.0.0.102')
+ self.assertRegex(output, 'okey 0.0.0.102')
+ self.assertRegex(output, 'iseq')
+ self.assertRegex(output, 'oseq')
def test_tunnel_independent(self):
self.copy_unit_to_networkd_unit_path('25-ipip-tunnel-independent.netdev')
self.assertTrue(self.link_exits('ipiptun99'))
+ @expectedFailureIfModuleIsNotAvailable('fou')
+ def test_fou(self):
+ # The following redundant check is necessary for CentOS CI.
+ # Maybe, error handling in lookup_id() in sd-netlink/generic-netlink.c needs to be updated.
+ self.assertTrue(is_module_available('fou'))
+
+ self.copy_unit_to_networkd_unit_path('25-fou-ipproto-ipip.netdev', '25-fou-ipproto-gre.netdev',
+ '25-fou-ipip.netdev', '25-fou-sit.netdev',
+ '25-fou-gre.netdev', '25-fou-gretap.netdev')
+ self.start_networkd()
+
+ self.assertTrue(self.link_exits('ipiptun96'))
+ self.assertTrue(self.link_exits('sittun96'))
+ self.assertTrue(self.link_exits('gretun96'))
+ self.assertTrue(self.link_exits('gretap96'))
+
+ output = subprocess.check_output(['ip', 'fou', 'show']).rstrip().decode('utf-8')
+ print(output)
+ self.assertRegex(output, 'port 55555 ipproto 4')
+ self.assertRegex(output, 'port 55556 ipproto 47')
+
+ output = subprocess.check_output(['ip', '-d', 'link', 'show', 'ipiptun96']).rstrip().decode('utf-8')
+ print(output)
+ self.assertRegex(output, 'encap fou encap-sport auto encap-dport 55555')
+ output = subprocess.check_output(['ip', '-d', 'link', 'show', 'sittun96']).rstrip().decode('utf-8')
+ print(output)
+ self.assertRegex(output, 'encap fou encap-sport auto encap-dport 55555')
+ output = subprocess.check_output(['ip', '-d', 'link', 'show', 'gretun96']).rstrip().decode('utf-8')
+ print(output)
+ self.assertRegex(output, 'encap fou encap-sport 1001 encap-dport 55556')
+ output = subprocess.check_output(['ip', '-d', 'link', 'show', 'gretap96']).rstrip().decode('utf-8')
+ print(output)
+ self.assertRegex(output, 'encap fou encap-sport auto encap-dport 55556')
+
+ subprocess.call(['ip', 'fou', 'del', 'port', '55555'])
+ subprocess.call(['ip', 'fou', 'del', 'port', '55556'])
+
def test_vxlan(self):
self.copy_unit_to_networkd_unit_path('25-vxlan.netdev', 'vxlan.network', '11-dummy.netdev')
self.start_networkd()
self.assertRegex(output, 'remcsumrx')
self.assertRegex(output, 'gbp')
+ def test_macsec(self):
+ self.copy_unit_to_networkd_unit_path('25-macsec.netdev', '25-macsec.network', '25-macsec.key',
+ 'macsec.network', '12-dummy.netdev')
+ self.start_networkd(0)
+
+ self.wait_online(['dummy98:degraded', 'macsec99:routable'])
+
+ output = subprocess.check_output(['ip', '-d', 'link', 'show', 'macsec99']).rstrip().decode('utf-8')
+ print(output)
+ self.assertRegex(output, 'macsec99@dummy98')
+ self.assertRegex(output, 'macsec sci [0-9a-f]*000b')
+ self.assertRegex(output, 'encrypt on')
+
+ output = subprocess.check_output(['ip', 'macsec', 'show', 'macsec99']).rstrip().decode('utf-8')
+ print(output)
+ self.assertRegex(output, 'encrypt on')
+ self.assertRegex(output, 'TXSC: [0-9a-f]*000b on SA 1')
+ self.assertRegex(output, '0: PN [0-9]*, state on, key 01000000000000000000000000000000')
+ self.assertRegex(output, '1: PN [0-9]*, state on, key 02030000000000000000000000000000')
+ self.assertRegex(output, 'RXSC: c619528fe6a00100, state on')
+ self.assertRegex(output, '0: PN [0-9]*, state on, key 02030405000000000000000000000000')
+ self.assertRegex(output, '1: PN [0-9]*, state on, key 02030405060000000000000000000000')
+ self.assertRegex(output, '2: PN [0-9]*, state off, key 02030405060700000000000000000000')
+ self.assertRegex(output, '3: PN [0-9]*, state off, key 02030405060708000000000000000000')
+ self.assertNotRegex(output, 'key 02030405067080900000000000000000')
+ self.assertRegex(output, 'RXSC: 8c16456c83a90002, state on')
+ self.assertRegex(output, '0: PN [0-9]*, state off, key 02030400000000000000000000000000')
+
+
class NetworkdL2TPTests(unittest.TestCase, Utilities):
links =[
print(output)
self.assertRegex(output, '192.168.5.*')
- # Stoping dnsmasq as networkd won't be allowed to renew the DHCP lease.
+ # Stopping dnsmasq as networkd won't be allowed to renew the DHCP lease.
self.stop_dnsmasq(dnsmasq_pid_file)
# Sleep for 120 sec as the dnsmasq minimum lease time can only be set to 120
projects / thirdparty / systemd.git / blobdiff