2 # SPDX-License-Identifier: LGPL-2.1-or-later
3 # systemd-networkd tests
5 # These tests can be executed in the systemd mkosi image when booted in QEMU. After booting the QEMU VM,
6 # simply run this file which can be found in the VM at /usr/lib/systemd/tests/testdata/test-network/systemd-networkd-tests.py.
26 network_unit_dir
= '/run/systemd/network'
27 networkd_conf_dropin_dir
= '/run/systemd/networkd.conf.d'
28 networkd_ci_temp_dir
= '/run/networkd-ci'
29 udev_rules_dir
= '/run/udev/rules.d'
31 dnsmasq_pid_file
= '/run/networkd-ci/test-dnsmasq.pid'
32 dnsmasq_log_file
= '/run/networkd-ci/test-dnsmasq.log'
33 dnsmasq_lease_file
= '/run/networkd-ci/test-dnsmasq.lease'
35 isc_dhcpd_pid_file
= '/run/networkd-ci/test-isc-dhcpd.pid'
36 isc_dhcpd_lease_file
= '/run/networkd-ci/test-isc-dhcpd.lease'
38 radvd_pid_file
= '/run/networkd-ci/test-radvd.pid'
40 systemd_lib_paths
= ['/usr/lib/systemd', '/lib/systemd']
41 which_paths
= ':'.join(systemd_lib_paths
+ os
.getenv('PATH', os
.defpath
).lstrip(':').split(':'))
42 systemd_source_dir
= None
44 networkd_bin
= shutil
.which('systemd-networkd', path
=which_paths
)
45 resolved_bin
= shutil
.which('systemd-resolved', path
=which_paths
)
46 timesyncd_bin
= shutil
.which('systemd-timesyncd', path
=which_paths
)
47 udevd_bin
= shutil
.which('systemd-udevd', path
=which_paths
)
48 wait_online_bin
= shutil
.which('systemd-networkd-wait-online', path
=which_paths
)
49 networkctl_bin
= shutil
.which('networkctl', path
=which_paths
)
50 resolvectl_bin
= shutil
.which('resolvectl', path
=which_paths
)
51 timedatectl_bin
= shutil
.which('timedatectl', path
=which_paths
)
52 udevadm_bin
= shutil
.which('udevadm', path
=which_paths
)
53 systemd_udev_rules_build_dir
= None
81 saved_ipv4_rules
= None
82 saved_ipv6_rules
= None
86 if os
.path
.exists(path
):
90 shutil
.rmtree(path
, ignore_errors
=True)
96 shutil
.copytree(src
, dst
, copy_function
=shutil
.copy
)
99 os
.makedirs(path
, exist_ok
=True)
102 pathlib
.Path(path
).touch()
104 # pylint: disable=R1710
105 def check_output(*command
, **kwargs
):
106 # This checks the result and returns stdout (and stderr) on success.
107 command
= command
[0].split() + list(command
[1:])
108 ret
= subprocess
.run(command
, check
=False, universal_newlines
=True, stdout
=subprocess
.PIPE
, stderr
=subprocess
.STDOUT
, **kwargs
)
109 if ret
.returncode
== 0:
110 return ret
.stdout
.rstrip()
111 # When returncode != 0, print stdout and stderr, then trigger CalledProcessError.
113 ret
.check_returncode()
115 def call(*command
, **kwargs
):
116 # This returns returncode. stdout and stderr are merged and shown in console
117 command
= command
[0].split() + list(command
[1:])
118 return subprocess
.run(command
, check
=False, universal_newlines
=True, stderr
=subprocess
.STDOUT
, **kwargs
).returncode
120 def call_check(*command
, **kwargs
):
121 # Same as call() above, but it triggers CalledProcessError if rc != 0
122 command
= command
[0].split() + list(command
[1:])
123 return subprocess
.run(command
, check
=False, universal_newlines
=True, stderr
=subprocess
.STDOUT
, **kwargs
).check_returncode()
125 def call_quiet(*command
, **kwargs
):
126 command
= command
[0].split() + list(command
[1:])
127 return subprocess
.run(command
, check
=False, universal_newlines
=True, stdout
=subprocess
.DEVNULL
, stderr
=subprocess
.DEVNULL
, **kwargs
).returncode
129 def run(*command
, **kwargs
):
130 # This returns CompletedProcess instance.
131 command
= command
[0].split() + list(command
[1:])
132 return subprocess
.run(command
, check
=False, universal_newlines
=True, stdout
=subprocess
.PIPE
, stderr
=subprocess
.PIPE
, **kwargs
)
134 def check_json(string
):
137 except json
.JSONDecodeError
:
138 print(f
"String is not a valid JSON: '{string}'")
141 def is_module_available(*module_names
):
142 for module_name
in module_names
:
143 lsmod_output
= check_output('lsmod')
144 module_re
= re
.compile(rf
'^{re.escape(module_name)}\b', re
.MULTILINE
)
145 if not module_re
.search(lsmod_output
) and call_quiet('modprobe', module_name
) != 0:
149 def expectedFailureIfModuleIsNotAvailable(*module_names
):
151 return func
if is_module_available(*module_names
) else unittest
.expectedFailure(func
)
155 def expectedFailureIfERSPANv0IsNotSupported():
156 # erspan version 0 is supported since f989d546a2d5a9f001f6f8be49d98c10ab9b1897 (v5.8)
158 rc
= call_quiet('ip link add dev erspan99 type erspan seq key 30 local 192.168.1.4 remote 192.168.1.1 erspan_ver 0')
159 remove_link('erspan99')
160 return func
if rc
== 0 else unittest
.expectedFailure(func
)
164 def expectedFailureIfERSPANv2IsNotSupported():
165 # erspan version 2 is supported since f551c91de262ba36b20c3ac19538afb4f4507441 (v4.16)
167 rc
= call_quiet('ip link add dev erspan99 type erspan seq key 30 local 192.168.1.4 remote 192.168.1.1 erspan_ver 2')
168 remove_link('erspan99')
169 return func
if rc
== 0 else unittest
.expectedFailure(func
)
173 def expectedFailureIfRoutingPolicyPortRangeIsNotAvailable():
175 rc
= call_quiet('ip rule add from 192.168.100.19 sport 1123-1150 dport 3224-3290 table 7')
176 call_quiet('ip rule del from 192.168.100.19 sport 1123-1150 dport 3224-3290 table 7')
177 return func
if rc
== 0 else unittest
.expectedFailure(func
)
181 def expectedFailureIfRoutingPolicyIPProtoIsNotAvailable():
183 rc
= call_quiet('ip rule add not from 192.168.100.19 ipproto tcp table 7')
184 call_quiet('ip rule del not from 192.168.100.19 ipproto tcp table 7')
185 return func
if rc
== 0 else unittest
.expectedFailure(func
)
189 def expectedFailureIfRoutingPolicyUIDRangeIsNotAvailable():
192 if call_quiet('ip rule add from 192.168.100.19 table 7 uidrange 200-300') == 0:
193 ret
= run('ip rule list from 192.168.100.19 table 7')
194 supported
= ret
.returncode
== 0 and 'uidrange 200-300' in ret
.stdout
195 call_quiet('ip rule del from 192.168.100.19 table 7 uidrange 200-300')
196 return func
if supported
else unittest
.expectedFailure(func
)
200 def expectedFailureIfNexthopIsNotAvailable():
202 rc
= call_quiet('ip nexthop list')
203 return func
if rc
== 0 else unittest
.expectedFailure(func
)
207 def expectedFailureIfRTA_VIAIsNotSupported():
209 call_quiet('ip link add dummy98 type dummy')
210 call_quiet('ip link set up dev dummy98')
211 call_quiet('ip route add 2001:1234:5:8fff:ff:ff:ff:fe/128 dev dummy98')
212 rc
= call_quiet('ip route add 10.10.10.10 via inet6 2001:1234:5:8fff:ff:ff:ff:fe dev dummy98')
213 remove_link('dummy98')
214 return func
if rc
== 0 else unittest
.expectedFailure(func
)
218 def expectedFailureIfAlternativeNameIsNotAvailable():
220 call_quiet('ip link add dummy98 type dummy')
222 call_quiet('ip link prop add dev dummy98 altname hogehogehogehogehoge') == 0 and \
223 call_quiet('ip link show dev hogehogehogehogehoge') == 0
224 remove_link('dummy98')
225 return func
if supported
else unittest
.expectedFailure(func
)
229 def expectedFailureIfNetdevsimWithSRIOVIsNotAvailable():
231 def finalize(func
, supported
):
232 call_quiet('rmmod netdevsim')
233 return func
if supported
else unittest
.expectedFailure(func
)
235 call_quiet('rmmod netdevsim')
236 if call_quiet('modprobe netdevsim') != 0:
237 return finalize(func
, False)
240 with
open('/sys/bus/netdevsim/new_device', mode
='w', encoding
='utf-8') as f
:
243 return finalize(func
, False)
245 return finalize(func
, os
.path
.exists('/sys/bus/netdevsim/devices/netdevsim99/sriov_numvfs'))
249 # pylint: disable=C0415
250 def compare_kernel_version(min_kernel_version
):
253 from packaging
import version
255 print('Failed to import either platform or packaging module, assuming the comparison failed')
258 # Get only the actual kernel version without any build/distro/arch stuff
259 # e.g. '5.18.5-200.fc36.x86_64' -> '5.18.5'
260 kver
= platform
.release().split('-')[0]
262 return version
.parse(kver
) >= version
.parse(min_kernel_version
)
265 check_output(*udevadm_cmd
, 'control', '--reload')
267 def copy_network_unit(*units
, copy_dropins
=True):
269 Copy networkd unit files into the testbed.
271 Any networkd unit file type can be specified, as well as drop-in files.
273 By default, all drop-ins for a specified unit file are copied in;
274 to avoid that specify dropins=False.
276 When a drop-in file is specified, its unit file is also copied in automatically.
279 mkdir_p(network_unit_dir
)
281 if copy_dropins
and os
.path
.exists(os
.path
.join(networkd_ci_temp_dir
, unit
+ '.d')):
282 cp_r(os
.path
.join(networkd_ci_temp_dir
, unit
+ '.d'), os
.path
.join(network_unit_dir
, unit
+ '.d'))
284 if unit
.endswith('.conf'):
286 unit
= os
.path
.dirname(dropin
).rstrip('.d')
287 dropindir
= os
.path
.join(network_unit_dir
, unit
+ '.d')
289 cp(os
.path
.join(networkd_ci_temp_dir
, dropin
), dropindir
)
291 cp(os
.path
.join(networkd_ci_temp_dir
, unit
), network_unit_dir
)
293 if unit
.endswith('.link'):
299 def remove_network_unit(*units
):
301 Remove previously copied unit files from the testbed.
303 Drop-ins will be removed automatically.
307 rm_f(os
.path
.join(network_unit_dir
, unit
))
308 rm_rf(os
.path
.join(network_unit_dir
, unit
+ '.d'))
310 if unit
.endswith('.link') or unit
.endswith('.link.d'):
316 def clear_network_units():
318 if os
.path
.exists(network_unit_dir
):
319 units
= os
.listdir(network_unit_dir
)
321 if unit
.endswith('.link') or unit
.endswith('.link.d'):
324 rm_rf(network_unit_dir
)
329 def copy_networkd_conf_dropin(*dropins
):
330 """Copy networkd.conf dropin files into the testbed."""
331 mkdir_p(networkd_conf_dropin_dir
)
332 for dropin
in dropins
:
333 cp(os
.path
.join(networkd_ci_temp_dir
, dropin
), networkd_conf_dropin_dir
)
335 def remove_networkd_conf_dropin(*dropins
):
336 """Remove previously copied networkd.conf dropin files from the testbed."""
337 for dropin
in dropins
:
338 rm_f(os
.path
.join(networkd_conf_dropin_dir
, dropin
))
340 def clear_networkd_conf_dropins():
341 rm_rf(networkd_conf_dropin_dir
)
343 def setup_systemd_udev_rules():
344 if not systemd_udev_rules_build_dir
:
347 mkdir_p(udev_rules_dir
)
349 for path
in [systemd_udev_rules_build_dir
, os
.path
.join(systemd_source_dir
, "rules.d")]:
350 print(f
"Copying udev rules from {path} to {udev_rules_dir}")
352 for rule
in os
.listdir(path
):
353 if not rule
.endswith(".rules"):
355 cp(os
.path
.join(path
, rule
), udev_rules_dir
)
357 def copy_udev_rule(*rules
):
358 """Copy udev rules"""
359 mkdir_p(udev_rules_dir
)
361 cp(os
.path
.join(networkd_ci_temp_dir
, rule
), udev_rules_dir
)
363 def remove_udev_rule(*rules
):
364 """Remove previously copied udev rules"""
366 rm_f(os
.path
.join(udev_rules_dir
, rule
))
368 def clear_udev_rules():
369 rm_rf(udev_rules_dir
)
371 def save_active_units():
372 for u
in ['systemd-networkd.socket', 'systemd-networkd.service',
373 'systemd-resolved.service', 'systemd-timesyncd.service',
374 'firewalld.service']:
375 if call(f
'systemctl is-active --quiet {u}') == 0:
376 call(f
'systemctl stop {u}')
377 active_units
.append(u
)
379 def restore_active_units():
380 if 'systemd-networkd.socket' in active_units
:
381 call('systemctl stop systemd-networkd.socket systemd-networkd.service')
382 for u
in active_units
:
383 call(f
'systemctl restart {u}')
385 def create_unit_dropin(unit
, contents
):
386 mkdir_p(f
'/run/systemd/system/{unit}.d')
387 with
open(f
'/run/systemd/system/{unit}.d/00-override.conf', mode
='w', encoding
='utf-8') as f
:
388 f
.write('\n'.join(contents
))
390 def create_service_dropin(service
, command
, additional_settings
=None):
394 f
'ExecStart=!!{valgrind_cmd}{command}',
397 drop_in
+= ['Environment=SYSTEMD_LOG_LEVEL=debug']
399 drop_in
+= [f
'Environment=ASAN_OPTIONS="{asan_options}"']
401 drop_in
+= [f
'Environment=LSAN_OPTIONS="{lsan_options}"']
403 drop_in
+= [f
'Environment=UBSAN_OPTIONS="{ubsan_options}"']
404 if asan_options
or lsan_options
or ubsan_options
:
405 drop_in
+= ['SystemCallFilter=']
406 if use_valgrind
or asan_options
or lsan_options
or ubsan_options
:
407 drop_in
+= ['MemoryDenyWriteExecute=no']
410 'Environment=SYSTEMD_MEMPOOL=0',
418 if additional_settings
:
419 drop_in
+= additional_settings
421 create_unit_dropin(f
'{service}.service', drop_in
)
423 def link_exists(link
):
424 return call_quiet(f
'ip link show {link}') == 0
426 def link_resolve(link
):
427 return check_output(f
'ip link show {link}').split(':')[1].strip()
429 def remove_link(*links
, protect
=False):
431 if protect
and link
in protected_links
:
433 if link_exists(link
):
434 call(f
'ip link del dev {link}')
436 def save_existing_links():
437 links
= os
.listdir('/sys/class/net')
439 if link_exists(link
):
440 protected_links
.add(link
)
442 print('### The following links will be protected:')
443 print(', '.join(sorted(list(protected_links
))))
446 links
= os
.listdir('/sys/class/net')
447 remove_link(*links
, protect
=True)
449 def flush_nexthops():
450 # Currently, the 'ip nexthop' command does not have 'save' and 'restore'.
451 # Hence, we cannot restore nexthops in a simple way.
452 # Let's assume there is no nexthop used in the system
453 call_quiet('ip nexthop flush')
456 # pylint: disable=global-statement
458 saved_routes
= check_output('ip route show table all')
459 print('### The following routes will be protected:')
464 output
= check_output('ip route show table all')
465 for line
in output
.splitlines():
466 if line
in saved_routes
:
468 if 'proto kernel' in line
:
470 if ' dev ' in line
and not ' dev lo ' in line
:
474 print('### Removing routes that did not exist when the test started.')
476 call(f
'ip route del {line}')
478 def save_routing_policy_rules():
479 # pylint: disable=global-statement
480 global saved_ipv4_rules
, saved_ipv6_rules
482 output
= check_output(f
'ip -{ipv} rule show')
483 print(f
'### The following IPv{ipv} routing policy rules will be protected:')
487 saved_ipv4_rules
= save(4)
488 saved_ipv6_rules
= save(6)
490 def flush_routing_policy_rules():
491 def flush(ipv
, saved_rules
):
493 output
= check_output(f
'ip -{ipv} rule show')
494 for line
in output
.splitlines():
495 if line
in saved_rules
:
499 print(f
'### Removing IPv{ipv} routing policy rules that did not exist when the test started.')
501 words
= line
.replace('lookup [l3mdev-table]', 'l3mdev').split()
502 priority
= words
[0].rstrip(':')
503 call(f
'ip -{ipv} rule del priority {priority} ' + ' '.join(words
[1:]))
505 flush(4, saved_ipv4_rules
)
506 flush(6, saved_ipv6_rules
)
508 def flush_fou_ports():
509 ret
= run('ip fou show')
510 if ret
.returncode
!= 0:
511 return # fou may not be supported
512 for line
in ret
.stdout
.splitlines():
513 port
= line
.split()[1]
514 call(f
'ip fou del port {port}')
516 def flush_l2tp_tunnels():
518 ret
= run('ip l2tp show tunnel')
519 if ret
.returncode
!= 0:
520 return # l2tp may not be supported
521 for line
in ret
.stdout
.splitlines():
523 if words
[0] == 'Tunnel':
524 tid
= words
[1].rstrip(',')
525 call(f
'ip l2tp del tunnel tunnel_id {tid}')
528 # Removing L2TP tunnel is asynchronous and slightly takes a time.
531 r
= run(f
'ip l2tp show tunnel tunnel_id {tid}')
532 if r
.returncode
!= 0 or len(r
.stdout
.rstrip()) == 0:
536 print(f
'Cannot remove L2TP tunnel {tid}, ignoring.')
539 # pylint: disable=global-statement
540 global saved_timezone
541 r
= run(*timedatectl_cmd
, 'show', '--value', '--property', 'Timezone', env
=env
)
542 if r
.returncode
== 0:
543 saved_timezone
= r
.stdout
.rstrip()
544 print(f
'### Saved timezone: {saved_timezone}')
546 def restore_timezone():
548 call(*timedatectl_cmd
, 'set-timezone', f
'{saved_timezone}', env
=env
)
550 def read_link_attr(*args
):
551 with
open(os
.path
.join('/sys/class/net', *args
), encoding
='utf-8') as f
:
552 return f
.readline().strip()
554 def read_manager_state_file():
555 with
open('/run/systemd/netif/state', encoding
='utf-8') as f
:
558 def read_link_state_file(link
):
559 ifindex
= read_link_attr(link
, 'ifindex')
560 path
= os
.path
.join('/run/systemd/netif/links', ifindex
)
561 with
open(path
, encoding
='utf-8') as f
:
564 def read_ip_sysctl_attr(link
, attribute
, ipv
):
565 with
open(os
.path
.join('/proc/sys/net', ipv
, 'conf', link
, attribute
), encoding
='utf-8') as f
:
566 return f
.readline().strip()
568 def read_ipv6_sysctl_attr(link
, attribute
):
569 return read_ip_sysctl_attr(link
, attribute
, 'ipv6')
571 def read_ipv4_sysctl_attr(link
, attribute
):
572 return read_ip_sysctl_attr(link
, attribute
, 'ipv4')
574 def stop_by_pid_file(pid_file
):
575 if not os
.path
.exists(pid_file
):
577 with
open(pid_file
, 'r', encoding
='utf-8') as f
:
578 pid
= f
.read().rstrip(' \t\r\n\0')
579 os
.kill(int(pid
), signal
.SIGTERM
)
583 print(f
"PID {pid} is still alive, waiting...")
586 if e
.errno
== errno
.ESRCH
:
588 print(f
"Unexpected exception when waiting for {pid} to die: {e.errno}")
591 def start_dnsmasq(*additional_options
, interface
='veth-peer', ra_mode
=None, ipv4_range
='192.168.5.10,192.168.5.200', ipv4_router
='192.168.5.1', ipv6_range
='2600::10,2600::20'):
593 ra_mode
= f
',{ra_mode}'
599 f
'--log-facility={dnsmasq_log_file}',
600 '--log-queries=extra',
602 f
'--pid-file={dnsmasq_pid_file}',
603 '--conf-file=/dev/null',
605 f
'--interface={interface}',
606 f
'--dhcp-leasefile={dnsmasq_lease_file}',
608 f
'--dhcp-range={ipv6_range}{ra_mode},2m',
609 f
'--dhcp-range={ipv4_range},2m',
610 '--dhcp-option=option:mtu,1492',
611 f
'--dhcp-option=option:router,{ipv4_router}',
614 ) + additional_options
615 check_output(*command
)
618 stop_by_pid_file(dnsmasq_pid_file
)
619 rm_f(dnsmasq_lease_file
)
620 rm_f(dnsmasq_log_file
)
622 def read_dnsmasq_log_file():
623 with
open(dnsmasq_log_file
, encoding
='utf-8') as f
:
626 def start_isc_dhcpd(conf_file
, ipv
, interface
='veth-peer'):
627 conf_file_path
= os
.path
.join(networkd_ci_temp_dir
, conf_file
)
628 isc_dhcpd_command
= f
'dhcpd {ipv} -cf {conf_file_path} -lf {isc_dhcpd_lease_file} -pf {isc_dhcpd_pid_file} {interface}'
629 touch(isc_dhcpd_lease_file
)
630 check_output(isc_dhcpd_command
)
632 def stop_isc_dhcpd():
633 stop_by_pid_file(isc_dhcpd_pid_file
)
634 rm_f(isc_dhcpd_lease_file
)
636 def get_dbus_link_path(link
):
637 out
= subprocess
.check_output(['busctl', 'call', 'org.freedesktop.network1',
638 '/org/freedesktop/network1', 'org.freedesktop.network1.Manager',
639 'GetLinkByName', 's', link
])
641 assert out
.startswith(b
'io ')
643 assert out
.endswith(b
'"')
645 return out
[:-1].split('"')[1]
647 def get_dhcp_client_state(link
, family
):
648 link_path
= get_dbus_link_path(link
)
650 out
= subprocess
.check_output(['busctl', 'get-property', 'org.freedesktop.network1',
651 link_path
, f
'org.freedesktop.network1.DHCPv{family}Client', 'State'])
652 assert out
.startswith(b
's "')
654 assert out
.endswith(b
'"')
655 return out
[3:-1].decode()
657 def get_dhcp4_client_state(link
):
658 return get_dhcp_client_state(link
, '4')
660 def get_dhcp6_client_state(link
):
661 return get_dhcp_client_state(link
, '6')
663 def get_link_description(link
):
664 link_path
= get_dbus_link_path(link
)
666 out
= subprocess
.check_output(['busctl', 'call', 'org.freedesktop.network1',
667 link_path
, 'org.freedesktop.network1.Link', 'Describe'])
668 assert out
.startswith(b
's "')
670 assert out
.endswith(b
'"')
671 json_raw
= out
[2:].decode()
673 description
= json
.loads(json_raw
) # Convert from escaped sequences to json
674 check_json(description
)
675 return json
.loads(description
) # Now parse the json
677 def start_radvd(*additional_options
, config_file
):
678 config_file_path
= os
.path
.join(networkd_ci_temp_dir
, 'radvd', config_file
)
681 f
'--pidfile={radvd_pid_file}',
682 f
'--config={config_file_path}',
683 '--logmethod=stderr',
684 ) + additional_options
685 check_output(*command
)
688 stop_by_pid_file(radvd_pid_file
)
690 def radvd_check_config(config_file
):
691 if not shutil
.which('radvd'):
692 print('radvd is not installed, assuming the config check failed')
695 # Note: can't use networkd_ci_temp_dir here, as this command may run before that dir is
696 # set up (one instance is @unittest.skipX())
697 config_file_path
= os
.path
.join(os
.path
.dirname(os
.path
.abspath(__file__
)), 'conf/radvd', config_file
)
698 return call(f
'radvd --config={config_file_path} --configtest') == 0
700 def networkd_invocation_id():
701 return check_output('systemctl show --value -p InvocationID systemd-networkd.service')
703 def read_networkd_log(invocation_id
=None, since
=None):
704 if not invocation_id
:
705 invocation_id
= networkd_invocation_id()
708 f
'_SYSTEMD_INVOCATION_ID={invocation_id}',
711 command
.append(f
'--since={since}')
712 return check_output(*command
)
714 def stop_networkd(show_logs
=True):
716 invocation_id
= networkd_invocation_id()
717 check_output('systemctl stop systemd-networkd.socket')
718 check_output('systemctl stop systemd-networkd.service')
720 print(read_networkd_log(invocation_id
))
721 # Check if networkd exits cleanly.
722 assert call_quiet('systemctl is-failed -q systemd-networkd.service') == 1
724 def start_networkd():
725 check_output('systemctl start systemd-networkd')
727 def restart_networkd(show_logs
=True):
729 invocation_id
= networkd_invocation_id()
730 check_output('systemctl restart systemd-networkd.service')
732 print(read_networkd_log(invocation_id
))
735 return int(check_output('systemctl show --value -p MainPID systemd-networkd.service'))
737 def networkctl_reconfigure(*links
):
738 check_output(*networkctl_cmd
, 'reconfigure', *links
, env
=env
)
740 def networkctl_reload(sleep_time
=1):
741 check_output(*networkctl_cmd
, 'reload', env
=env
)
742 # 'networkctl reload' asynchronously reconfigure links.
743 # Hence, we need to wait for a short time for link to be in configuring state.
745 time
.sleep(sleep_time
)
750 def tear_down_common():
751 # 1. stop DHCP/RA servers
757 call_quiet('rmmod netdevsim')
758 call_quiet('rmmod sch_teql')
760 # 3. remove network namespace
761 call_quiet('ip netns del ns99')
771 clear_network_units()
772 clear_networkd_conf_dropins()
777 flush_routing_policy_rules()
781 rm_rf(networkd_ci_temp_dir
)
782 cp_r(os
.path
.join(os
.path
.dirname(os
.path
.abspath(__file__
)), 'conf'), networkd_ci_temp_dir
)
784 clear_network_units()
785 clear_networkd_conf_dropins()
788 setup_systemd_udev_rules()
789 copy_udev_rule('00-debug-net.rules')
793 save_existing_links()
795 save_routing_policy_rules()
798 create_service_dropin('systemd-networkd', networkd_bin
,
801 'Environment=SYSTEMD_NETWORK_TEST_MODE=yes',
803 'StartLimitIntervalSec=0'])
804 create_service_dropin('systemd-resolved', resolved_bin
)
805 create_service_dropin('systemd-timesyncd', timesyncd_bin
)
807 # TODO: also run udevd with sanitizers, valgrind, or coverage
808 #create_service_dropin('systemd-udevd', udevd_bin,
809 # f'{udevadm_bin} control --reload --timeout 0')
811 'systemd-udevd.service',
815 f
'ExecStart=!!@{udevd_bin} systemd-udevd',
819 'systemd-networkd.socket',
822 'StartLimitIntervalSec=0',
826 check_output('systemctl daemon-reload')
827 print(check_output('systemctl cat systemd-networkd.service'))
828 print(check_output('systemctl cat systemd-resolved.service'))
829 print(check_output('systemctl cat systemd-timesyncd.service'))
830 print(check_output('systemctl cat systemd-udevd.service'))
831 check_output('systemctl restart systemd-resolved.service')
832 check_output('systemctl restart systemd-timesyncd.service')
833 check_output('systemctl restart systemd-udevd.service')
835 def tearDownModule():
836 rm_rf(networkd_ci_temp_dir
)
838 clear_network_units()
839 clear_networkd_conf_dropins()
843 rm_rf('/run/systemd/system/systemd-networkd.service.d')
844 rm_rf('/run/systemd/system/systemd-networkd.socket.d')
845 rm_rf('/run/systemd/system/systemd-resolved.service.d')
846 rm_rf('/run/systemd/system/systemd-timesyncd.service.d')
847 rm_rf('/run/systemd/system/systemd-udevd.service.d')
848 check_output('systemctl daemon-reload')
849 check_output('systemctl restart systemd-udevd.service')
850 restore_active_units()
853 # pylint: disable=no-member
855 def check_link_exists(self
, link
, expected
=True):
857 self
.assertTrue(link_exists(link
))
859 self
.assertFalse(link_exists(link
))
861 def check_link_attr(self
, *args
):
862 self
.assertEqual(read_link_attr(*args
[:-1]), args
[-1])
864 def check_bridge_port_attr(self
, master
, port
, attribute
, expected
, allow_enoent
=False):
865 path
= os
.path
.join('/sys/devices/virtual/net', master
, 'lower_' + port
, 'brport', attribute
)
866 if allow_enoent
and not os
.path
.exists(path
):
868 with
open(path
, encoding
='utf-8') as f
:
869 self
.assertEqual(f
.readline().strip(), expected
)
871 def check_ipv4_sysctl_attr(self
, link
, attribute
, expected
):
872 self
.assertEqual(read_ipv4_sysctl_attr(link
, attribute
), expected
)
874 def check_ipv6_sysctl_attr(self
, link
, attribute
, expected
):
875 self
.assertEqual(read_ipv6_sysctl_attr(link
, attribute
), expected
)
877 def wait_links(self
, *links
, timeout
=20, fail_assert
=True):
878 def links_exist(*links
):
880 if not link_exists(link
):
884 for iteration
in range(timeout
+ 1):
888 if links_exist(*links
):
891 self
.fail('Timed out waiting for all links to be created: ' + ', '.join(list(links
)))
894 def wait_activated(self
, link
, state
='down', timeout
=20, fail_assert
=True):
895 # wait for the interface is activated.
896 invocation_id
= check_output('systemctl show systemd-networkd -p InvocationID --value')
897 needle
= f
'{link}: Bringing link {state}'
899 for iteration
in range(timeout
+ 1):
902 if not link_exists(link
):
904 output
= check_output('journalctl _SYSTEMD_INVOCATION_ID=' + invocation_id
)
905 if needle
in output
and flag
in check_output(f
'ip link show {link}'):
908 self
.fail(f
'Timed out waiting for {link} activated.')
911 def wait_operstate(self
, link
, operstate
='degraded', setup_state
='configured', setup_timeout
=5, fail_assert
=True):
912 """Wait for the link to reach the specified operstate and/or setup state.
914 Specify None or '' for either operstate or setup_state to ignore that state.
915 This will recheck until the state conditions are met or the timeout expires.
917 If the link successfully matches the requested state, this returns True.
918 If this times out waiting for the link to match, the behavior depends on the
919 'fail_assert' parameter; if True, this causes a test assertion failure,
920 otherwise this returns False. The default is to cause assertion failure.
922 Note that this function matches on *exactly* the given operstate and setup_state.
923 To wait for a link to reach *or exceed* a given operstate, use wait_online().
930 for secs
in range(setup_timeout
+ 1):
933 if not link_exists(link
):
935 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', link
, env
=env
)
936 if re
.search(rf
'(?m)^\s*State:\s+{operstate}\s+\({setup_state}\)\s*$', output
):
940 self
.fail(f
'Timed out waiting for {link} to reach state {operstate}/{setup_state}')
943 def wait_online(self
, links_with_operstate
, timeout
='20s', bool_any
=False, ipv4
=False, ipv6
=False, setup_state
='configured', setup_timeout
=5):
944 """Wait for the links to reach the specified operstate and/or setup state.
946 This is similar to wait_operstate() but can be used for multiple links,
947 and it also calls systemd-networkd-wait-online to wait for the given operstate.
948 The operstate should be specified in the link name, like 'eth0:degraded'.
949 If just a link name is provided, wait-online's default operstate to wait for is degraded.
951 The 'timeout' parameter controls the systemd-networkd-wait-online timeout, and the
952 'setup_timeout' controls the per-link timeout waiting for the setup_state.
954 Set 'bool_any' to True to wait for any (instead of all) of the given links.
955 If this is set, no setup_state checks are done.
957 Set 'ipv4' or 'ipv6' to True to wait for IPv4 address or IPv6 address, respectively, of each of the given links.
958 This is applied only for the operational state 'degraded' or above.
960 Note that this function waits for the links to reach *or exceed* the given operstate.
961 However, the setup_state, if specified, must be matched *exactly*.
963 This returns if the links reached the requested operstate/setup_state; otherwise it
964 raises CalledProcessError or fails test assertion.
966 args
= wait_online_cmd
+ [f
'--timeout={timeout}'] + [f
'--interface={link}' for link
in links_with_operstate
] + [f
'--ignore={link}' for link
in protected_links
]
974 check_output(*args
, env
=wait_online_env
)
975 except subprocess
.CalledProcessError
:
976 # show detailed status on failure
977 for link
in links_with_operstate
:
978 name
= link
.split(':')[0]
979 if link_exists(name
):
980 call(*networkctl_cmd
, '-n', '0', 'status', name
, env
=env
)
982 if not bool_any
and setup_state
:
983 for link
in links_with_operstate
:
984 self
.wait_operstate(link
.split(':')[0], None, setup_state
, setup_timeout
)
986 def wait_address(self
, link
, address_regex
, scope
='global', ipv
='', timeout_sec
=100):
987 for i
in range(timeout_sec
):
990 output
= check_output(f
'ip {ipv} address show dev {link} scope {scope}')
991 if re
.search(address_regex
, output
) and 'tentative' not in output
:
994 self
.assertRegex(output
, address_regex
)
996 def wait_address_dropped(self
, link
, address_regex
, scope
='global', ipv
='', timeout_sec
=100):
997 for i
in range(timeout_sec
):
1000 output
= check_output(f
'ip {ipv} address show dev {link} scope {scope}')
1001 if not re
.search(address_regex
, output
):
1004 self
.assertNotRegex(output
, address_regex
)
1006 def wait_route(self
, link
, route_regex
, table
='main', ipv
='', timeout_sec
=100):
1007 for i
in range(timeout_sec
):
1010 output
= check_output(f
'ip {ipv} route show dev {link} table {table}')
1011 if re
.search(route_regex
, output
):
1014 self
.assertRegex(output
, route_regex
)
1016 def check_netlabel(self
, interface
, address
, label
='system_u:object_r:root_t:s0'):
1017 if not shutil
.which('selinuxenabled'):
1018 print('## Checking NetLabel skipped: selinuxenabled command not found.')
1019 elif call_quiet('selinuxenabled') != 0:
1020 print('## Checking NetLabel skipped: SELinux disabled.')
1021 elif not shutil
.which('netlabelctl'): # not packaged by all distros
1022 print('## Checking NetLabel skipped: netlabelctl command not found.')
1024 output
= check_output('netlabelctl unlbl list')
1026 self
.assertRegex(output
, f
'interface:{interface},address:{address},label:"{label}"')
1028 def setup_nftset(self
, filter_name
, filter_type
, flags
=''):
1029 if not shutil
.which('nft'):
1030 print('## Setting up NFT sets skipped: nft command not found.')
1032 if call(f
'nft add table inet sd_test') != 0:
1033 print('## Setting up NFT table failed.')
1035 if call(f
'nft add set inet sd_test {filter_name} {{ type {filter_type}; {flags} }}') != 0:
1036 print('## Setting up NFT sets failed.')
1039 def teardown_nftset(self
, *filters
):
1040 if not shutil
.which('nft'):
1041 print('## Tearing down NFT sets skipped: nft command not found.')
1043 for filter_name
in filters
:
1044 if call(f
'nft delete set inet sd_test {filter_name}') != 0:
1045 print('## Tearing down NFT sets failed.')
1047 if call(f
'nft delete table inet sd_test') != 0:
1048 print('## Tearing down NFT table failed.')
1051 def check_nftset(self
, filter_name
, contents
):
1052 if not shutil
.which('nft'):
1053 print('## Checking NFT sets skipped: nft command not found.')
1055 output
= check_output(f
'nft list set inet sd_test {filter_name}')
1057 self
.assertRegex(output
, r
'.*elements = { [^}]*' + contents
+ r
'[^}]* }.*')
1059 class NetworkctlTests(unittest
.TestCase
, Utilities
):
1067 @expectedFailureIfAlternativeNameIsNotAvailable()
1068 def test_altname(self
):
1069 copy_network_unit('26-netdev-link-local-addressing-yes.network', '12-dummy.netdev', '12-dummy.link')
1071 self
.wait_online(['dummy98:degraded'])
1073 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'dummy98', env
=env
)
1074 self
.assertRegex(output
, 'hogehogehogehogehogehoge')
1076 @expectedFailureIfAlternativeNameIsNotAvailable()
1077 def test_rename_to_altname(self
):
1078 copy_network_unit('26-netdev-link-local-addressing-yes.network',
1079 '12-dummy.netdev', '12-dummy-rename-to-altname.link')
1081 self
.wait_online(['dummyalt:degraded'])
1083 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'dummyalt', env
=env
)
1084 self
.assertIn('hogehogehogehogehogehoge', output
)
1085 self
.assertNotIn('dummy98', output
)
1087 def test_reconfigure(self
):
1088 copy_network_unit('25-address-static.network', '12-dummy.netdev')
1090 self
.wait_online(['dummy98:routable'])
1092 output
= check_output('ip -4 address show dev dummy98')
1094 self
.assertIn('inet 10.1.2.3/16 brd 10.1.255.255 scope global dummy98', output
)
1095 self
.assertIn('inet 10.1.2.4/16 brd 10.1.255.255 scope global secondary dummy98', output
)
1096 self
.assertIn('inet 10.2.2.4/16 brd 10.2.255.255 scope global dummy98', output
)
1098 check_output('ip address del 10.1.2.3/16 dev dummy98')
1099 check_output('ip address del 10.1.2.4/16 dev dummy98')
1100 check_output('ip address del 10.2.2.4/16 dev dummy98')
1102 networkctl_reconfigure('dummy98')
1103 self
.wait_online(['dummy98:routable'])
1105 output
= check_output('ip -4 address show dev dummy98')
1107 self
.assertIn('inet 10.1.2.3/16 brd 10.1.255.255 scope global dummy98', output
)
1108 self
.assertIn('inet 10.1.2.4/16 brd 10.1.255.255 scope global secondary dummy98', output
)
1109 self
.assertIn('inet 10.2.2.4/16 brd 10.2.255.255 scope global dummy98', output
)
1111 remove_network_unit('25-address-static.network')
1114 self
.wait_operstate('dummy98', 'degraded', setup_state
='unmanaged')
1116 output
= check_output('ip -4 address show dev dummy98')
1118 self
.assertNotIn('inet 10.1.2.3/16 brd 10.1.255.255 scope global dummy98', output
)
1119 self
.assertNotIn('inet 10.1.2.4/16 brd 10.1.255.255 scope global secondary dummy98', output
)
1120 self
.assertNotIn('inet 10.2.2.4/16 brd 10.2.255.255 scope global dummy98', output
)
1122 copy_network_unit('25-address-static.network')
1124 self
.wait_online(['dummy98:routable'])
1126 output
= check_output('ip -4 address show dev dummy98')
1128 self
.assertIn('inet 10.1.2.3/16 brd 10.1.255.255 scope global dummy98', output
)
1129 self
.assertIn('inet 10.1.2.4/16 brd 10.1.255.255 scope global secondary dummy98', output
)
1130 self
.assertIn('inet 10.2.2.4/16 brd 10.2.255.255 scope global dummy98', output
)
1132 def test_renew(self
):
1134 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
1135 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'veth99', env
=env
)
1137 self
.assertRegex(output
, r
'Address: 192.168.5.[0-9]* \(DHCP4 via 192.168.5.1\)')
1138 self
.assertIn('Gateway: 192.168.5.3', output
)
1139 self
.assertRegex(output
, 'DNS: 192.168.5.1\n *192.168.5.10')
1140 self
.assertRegex(output
, 'NTP: 192.168.5.1\n *192.168.5.11')
1142 copy_network_unit('25-veth.netdev', '25-dhcp-client.network', '25-dhcp-server.network')
1145 output
= check_output(*networkctl_cmd
, '--lines=0', '--stats', '--all', '--full', '--json=short', 'status')
1148 for verb
in ['renew', 'forcerenew']:
1149 call_check(*networkctl_cmd
, verb
, 'veth99')
1151 call_check(*networkctl_cmd
, verb
, 'veth99', 'veth99', 'veth99')
1154 def test_up_down(self
):
1155 copy_network_unit('25-address-static.network', '12-dummy.netdev')
1157 self
.wait_online(['dummy98:routable'])
1159 call_check(*networkctl_cmd
, 'down', 'dummy98')
1160 self
.wait_online(['dummy98:off'])
1161 call_check(*networkctl_cmd
, 'up', 'dummy98')
1162 self
.wait_online(['dummy98:routable'])
1163 call_check(*networkctl_cmd
, 'down', 'dummy98', 'dummy98', 'dummy98')
1164 self
.wait_online(['dummy98:off'])
1165 call_check(*networkctl_cmd
, 'up', 'dummy98', 'dummy98', 'dummy98')
1166 self
.wait_online(['dummy98:routable'])
1168 def test_reload(self
):
1171 copy_network_unit('11-dummy.netdev')
1173 self
.wait_operstate('test1', 'off', setup_state
='unmanaged')
1175 copy_network_unit('11-dummy.network')
1177 self
.wait_online(['test1:degraded'])
1179 remove_network_unit('11-dummy.network')
1181 self
.wait_operstate('test1', 'degraded', setup_state
='unmanaged')
1183 remove_network_unit('11-dummy.netdev')
1185 self
.wait_operstate('test1', 'degraded', setup_state
='unmanaged')
1187 copy_network_unit('11-dummy.netdev', '11-dummy.network')
1189 self
.wait_operstate('test1', 'degraded')
1191 def test_glob(self
):
1192 copy_network_unit('11-dummy.netdev', '11-dummy.network')
1195 self
.wait_online(['test1:degraded'])
1197 output
= check_output(*networkctl_cmd
, 'list', env
=env
)
1198 self
.assertRegex(output
, '1 lo ')
1199 self
.assertRegex(output
, 'test1')
1201 output
= check_output(*networkctl_cmd
, 'list', 'test1', env
=env
)
1202 self
.assertNotRegex(output
, '1 lo ')
1203 self
.assertRegex(output
, 'test1')
1205 output
= check_output(*networkctl_cmd
, 'list', 'te*', env
=env
)
1206 self
.assertNotRegex(output
, '1 lo ')
1207 self
.assertRegex(output
, 'test1')
1209 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'te*', env
=env
)
1210 self
.assertNotRegex(output
, '1: lo ')
1211 self
.assertRegex(output
, 'test1')
1213 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'tes[a-z][0-9]', env
=env
)
1214 self
.assertNotRegex(output
, '1: lo ')
1215 self
.assertRegex(output
, 'test1')
1218 copy_network_unit('11-dummy-mtu.netdev', '11-dummy.network')
1221 self
.wait_online(['test1:degraded'])
1223 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'test1', env
=env
)
1224 self
.assertRegex(output
, 'MTU: 1600')
1226 def test_type(self
):
1227 copy_network_unit('11-dummy.netdev', '11-dummy.network')
1229 self
.wait_online(['test1:degraded'])
1231 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'test1', env
=env
)
1233 self
.assertRegex(output
, 'Type: ether')
1235 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'lo', env
=env
)
1237 self
.assertRegex(output
, 'Type: loopback')
1239 def test_udev_link_file(self
):
1240 copy_network_unit('11-dummy.netdev', '11-dummy.network', '25-default.link')
1242 self
.wait_online(['test1:degraded'])
1244 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'test1', env
=env
)
1246 self
.assertRegex(output
, r
'Link File: /run/systemd/network/25-default.link')
1247 self
.assertRegex(output
, r
'Network File: /run/systemd/network/11-dummy.network')
1249 # This test may be run on the system that has older udevd than 70f32a260b5ebb68c19ecadf5d69b3844896ba55 (v249).
1250 # In that case, the udev DB for the loopback network interface may already have ID_NET_LINK_FILE property.
1251 # Let's reprocess the interface and drop the property.
1252 check_output(*udevadm_cmd
, 'trigger', '--settle', '--action=add', '/sys/class/net/lo')
1253 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'lo', env
=env
)
1255 self
.assertRegex(output
, r
'Link File: n/a')
1256 self
.assertRegex(output
, r
'Network File: n/a')
1258 def test_delete_links(self
):
1259 copy_network_unit('11-dummy.netdev', '11-dummy.network',
1260 '25-veth.netdev', '26-netdev-link-local-addressing-yes.network')
1263 self
.wait_online(['test1:degraded', 'veth99:degraded', 'veth-peer:degraded'])
1265 check_output(*networkctl_cmd
, 'delete', 'test1', 'veth99', env
=env
)
1266 self
.check_link_exists('test1', expected
=False)
1267 self
.check_link_exists('veth99', expected
=False)
1268 self
.check_link_exists('veth-peer', expected
=False)
1270 def test_label(self
):
1271 call_check(*networkctl_cmd
, 'label')
1273 class NetworkdMatchTests(unittest
.TestCase
, Utilities
):
1281 @expectedFailureIfAlternativeNameIsNotAvailable()
1282 def test_match(self
):
1283 copy_network_unit('12-dummy-mac.netdev',
1284 '12-dummy-match-mac-01.network',
1285 '12-dummy-match-mac-02.network',
1286 '12-dummy-match-renamed.network',
1287 '12-dummy-match-altname.network',
1288 '12-dummy-altname.link')
1291 self
.wait_online(['dummy98:routable'])
1292 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'dummy98', env
=env
)
1293 self
.assertIn('Network File: /run/systemd/network/12-dummy-match-mac-01.network', output
)
1294 output
= check_output('ip -4 address show dev dummy98')
1295 self
.assertIn('10.0.0.1/16', output
)
1297 check_output('ip link set dev dummy98 down')
1298 check_output('ip link set dev dummy98 address 12:34:56:78:9a:02')
1300 self
.wait_address('dummy98', '10.0.0.2/16', ipv
='-4', timeout_sec
=10)
1301 self
.wait_online(['dummy98:routable'])
1302 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'dummy98', env
=env
)
1303 self
.assertIn('Network File: /run/systemd/network/12-dummy-match-mac-02.network', output
)
1305 check_output('ip link set dev dummy98 down')
1306 check_output('ip link set dev dummy98 name dummy98-1')
1308 self
.wait_address('dummy98-1', '10.0.1.2/16', ipv
='-4', timeout_sec
=10)
1309 self
.wait_online(['dummy98-1:routable'])
1310 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'dummy98-1', env
=env
)
1311 self
.assertIn('Network File: /run/systemd/network/12-dummy-match-renamed.network', output
)
1313 check_output('ip link set dev dummy98-1 down')
1314 check_output('ip link set dev dummy98-1 name dummy98-2')
1315 check_output(*udevadm_cmd
, 'trigger', '--action=add', '/sys/class/net/dummy98-2')
1317 self
.wait_address('dummy98-2', '10.0.2.2/16', ipv
='-4', timeout_sec
=10)
1318 self
.wait_online(['dummy98-2:routable'])
1319 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'dummy98-2', env
=env
)
1320 self
.assertIn('Network File: /run/systemd/network/12-dummy-match-altname.network', output
)
1322 def test_match_udev_property(self
):
1323 copy_network_unit('12-dummy.netdev', '13-not-match-udev-property.network', '14-match-udev-property.network')
1325 self
.wait_online(['dummy98:routable'])
1327 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'dummy98', env
=env
)
1329 self
.assertRegex(output
, 'Network File: /run/systemd/network/14-match-udev-property')
1331 class WaitOnlineTests(unittest
.TestCase
, Utilities
):
1339 def test_wait_online_any(self
):
1340 copy_network_unit('25-bridge.netdev', '25-bridge.network', '11-dummy.netdev', '11-dummy.network')
1343 self
.wait_online(['bridge99', 'test1:degraded'], bool_any
=True)
1345 self
.wait_operstate('bridge99', '(off|no-carrier)', setup_state
='configuring')
1346 self
.wait_operstate('test1', 'degraded')
1348 class NetworkdNetDevTests(unittest
.TestCase
, Utilities
):
1356 def test_dropin_and_name_conflict(self
):
1357 copy_network_unit('10-dropin-test.netdev', '15-name-conflict-test.netdev')
1360 self
.wait_online(['dropin-test:off'], setup_state
='unmanaged')
1362 output
= check_output('ip link show dropin-test')
1364 self
.assertRegex(output
, '00:50:56:c0:00:28')
1366 @expectedFailureIfModuleIsNotAvailable('bareudp')
1367 def test_bareudp(self
):
1368 copy_network_unit('25-bareudp.netdev', '26-netdev-link-local-addressing-yes.network')
1371 self
.wait_online(['bareudp99:degraded'])
1373 output
= check_output('ip -d link show bareudp99')
1375 self
.assertRegex(output
, 'dstport 1000 ')
1376 self
.assertRegex(output
, 'ethertype ip ')
1378 @expectedFailureIfModuleIsNotAvailable('batman-adv')
1379 def test_batadv(self
):
1380 copy_network_unit('25-batadv.netdev', '26-netdev-link-local-addressing-yes.network')
1383 self
.wait_online(['batadv99:degraded'])
1385 output
= check_output('ip -d link show batadv99')
1387 self
.assertRegex(output
, 'batadv')
1389 def test_bridge(self
):
1390 copy_network_unit('25-bridge.netdev', '25-bridge-configure-without-carrier.network')
1393 self
.wait_online(['bridge99:no-carrier'])
1395 tick
= os
.sysconf('SC_CLK_TCK')
1396 self
.assertEqual(9, round(float(read_link_attr('bridge99', 'bridge', 'hello_time')) / tick
))
1397 self
.assertEqual(9, round(float(read_link_attr('bridge99', 'bridge', 'max_age')) / tick
))
1398 self
.assertEqual(9, round(float(read_link_attr('bridge99', 'bridge', 'forward_delay')) / tick
))
1399 self
.assertEqual(9, round(float(read_link_attr('bridge99', 'bridge', 'ageing_time')) / tick
))
1400 self
.assertEqual(9, int(read_link_attr('bridge99', 'bridge', 'priority')))
1401 self
.assertEqual(1, int(read_link_attr('bridge99', 'bridge', 'multicast_querier')))
1402 self
.assertEqual(1, int(read_link_attr('bridge99', 'bridge', 'multicast_snooping')))
1403 self
.assertEqual(1, int(read_link_attr('bridge99', 'bridge', 'stp_state')))
1404 self
.assertEqual(3, int(read_link_attr('bridge99', 'bridge', 'multicast_igmp_version')))
1406 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'bridge99', env
=env
)
1408 self
.assertRegex(output
, 'Priority: 9')
1409 self
.assertRegex(output
, 'STP: yes')
1410 self
.assertRegex(output
, 'Multicast IGMP Version: 3')
1412 output
= check_output('ip -d link show bridge99')
1414 self
.assertIn('vlan_filtering 1 ', output
)
1415 self
.assertIn('vlan_protocol 802.1ad ', output
)
1416 self
.assertIn('vlan_default_pvid 9 ', output
)
1418 def test_bond(self
):
1419 copy_network_unit('25-bond.netdev', '25-bond-balanced-tlb.netdev')
1422 self
.wait_online(['bond99:off', 'bond98:off'], setup_state
='unmanaged')
1424 self
.check_link_attr('bond99', 'bonding', 'mode', '802.3ad 4')
1425 self
.check_link_attr('bond99', 'bonding', 'xmit_hash_policy', 'layer3+4 1')
1426 self
.check_link_attr('bond99', 'bonding', 'miimon', '1000')
1427 self
.check_link_attr('bond99', 'bonding', 'lacp_rate', 'fast 1')
1428 self
.check_link_attr('bond99', 'bonding', 'updelay', '2000')
1429 self
.check_link_attr('bond99', 'bonding', 'downdelay', '2000')
1430 self
.check_link_attr('bond99', 'bonding', 'resend_igmp', '4')
1431 self
.check_link_attr('bond99', 'bonding', 'min_links', '1')
1432 self
.check_link_attr('bond99', 'bonding', 'ad_actor_sys_prio', '1218')
1433 self
.check_link_attr('bond99', 'bonding', 'ad_user_port_key', '811')
1434 self
.check_link_attr('bond99', 'bonding', 'ad_actor_system', '00:11:22:33:44:55')
1436 self
.check_link_attr('bond98', 'bonding', 'mode', 'balance-tlb 5')
1437 self
.check_link_attr('bond98', 'bonding', 'tlb_dynamic_lb', '1')
1439 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'bond99', env
=env
)
1441 self
.assertIn('Mode: 802.3ad', output
)
1442 self
.assertIn('Miimon: 1s', output
)
1443 self
.assertIn('Updelay: 2s', output
)
1444 self
.assertIn('Downdelay: 2s', output
)
1446 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'bond98', env
=env
)
1448 self
.assertIn('Mode: balance-tlb', output
)
1450 def test_vlan(self
):
1451 copy_network_unit('21-vlan.netdev', '11-dummy.netdev',
1452 '21-vlan.network', '21-vlan-test1.network')
1455 self
.wait_online(['test1:degraded', 'vlan99:routable'])
1457 output
= check_output('ip -d link show test1')
1459 self
.assertRegex(output
, ' mtu 2000 ')
1461 output
= check_output('ip -d link show vlan99')
1463 self
.assertIn(' mtu 2000 ', output
)
1464 self
.assertIn('REORDER_HDR', output
)
1465 self
.assertIn('LOOSE_BINDING', output
)
1466 self
.assertIn('GVRP', output
)
1467 self
.assertIn('MVRP', output
)
1468 self
.assertIn(' id 99 ', output
)
1469 self
.assertIn('ingress-qos-map { 4:100 7:13 }', output
)
1470 self
.assertIn('egress-qos-map { 0:1 1:3 6:6 7:7 10:3 }', output
)
1472 output
= check_output('ip -4 address show dev test1')
1474 self
.assertRegex(output
, 'inet 192.168.24.5/24 brd 192.168.24.255 scope global test1')
1475 self
.assertRegex(output
, 'inet 192.168.25.5/24 brd 192.168.25.255 scope global test1')
1477 output
= check_output('ip -4 address show dev vlan99')
1479 self
.assertRegex(output
, 'inet 192.168.23.5/24 brd 192.168.23.255 scope global vlan99')
1481 def test_vlan_on_bond(self
):
1482 # For issue #24377 (https://github.com/systemd/systemd/issues/24377),
1483 # which is fixed by b05e52000b4eee764b383cc3031da0a3739e996e (PR#24020).
1485 copy_network_unit('21-bond-802.3ad.netdev', '21-bond-802.3ad.network',
1486 '21-vlan-on-bond.netdev', '21-vlan-on-bond.network')
1488 self
.wait_online(['bond99:off'])
1489 self
.wait_operstate('vlan99', operstate
='off', setup_state
='configuring', setup_timeout
=10)
1491 # The commit b05e52000b4eee764b383cc3031da0a3739e996e adds ", ignoring". To make it easily confirmed
1492 # that the issue is fixed by the commit, let's allow to match both string.
1493 log_re
= re
.compile('vlan99: Could not bring up interface(, ignoring|): Network is down$', re
.MULTILINE
)
1497 if log_re
.search(read_networkd_log()):
1502 copy_network_unit('11-dummy.netdev', '12-dummy.netdev', '21-dummy-bond-slave.network')
1504 self
.wait_online(['test1:enslaved', 'dummy98:enslaved', 'bond99:carrier', 'vlan99:routable'])
1506 def test_macvtap(self
):
1508 for mode
in ['private', 'vepa', 'bridge', 'passthru']:
1514 print(f
'### test_macvtap(mode={mode})')
1515 with self
.subTest(mode
=mode
):
1516 copy_network_unit('21-macvtap.netdev', '26-netdev-link-local-addressing-yes.network',
1517 '11-dummy.netdev', '25-macvtap.network')
1518 with
open(os
.path
.join(network_unit_dir
, '21-macvtap.netdev'), mode
='a', encoding
='utf-8') as f
:
1519 f
.write('[MACVTAP]\nMode=' + mode
)
1522 self
.wait_online(['macvtap99:degraded',
1523 'test1:carrier' if mode
== 'passthru' else 'test1:degraded'])
1525 output
= check_output('ip -d link show macvtap99')
1527 self
.assertRegex(output
, 'macvtap mode ' + mode
+ ' ')
1529 def test_macvlan(self
):
1531 for mode
in ['private', 'vepa', 'bridge', 'passthru']:
1537 print(f
'### test_macvlan(mode={mode})')
1538 with self
.subTest(mode
=mode
):
1539 copy_network_unit('21-macvlan.netdev', '26-netdev-link-local-addressing-yes.network',
1540 '11-dummy.netdev', '25-macvlan.network')
1541 with
open(os
.path
.join(network_unit_dir
, '21-macvlan.netdev'), mode
='a', encoding
='utf-8') as f
:
1542 f
.write('[MACVLAN]\nMode=' + mode
)
1545 self
.wait_online(['macvlan99:degraded',
1546 'test1:carrier' if mode
== 'passthru' else 'test1:degraded'])
1548 output
= check_output('ip -d link show test1')
1550 self
.assertRegex(output
, ' mtu 2000 ')
1552 output
= check_output('ip -d link show macvlan99')
1554 self
.assertRegex(output
, ' mtu 2000 ')
1555 self
.assertRegex(output
, 'macvlan mode ' + mode
+ ' ')
1557 remove_link('test1')
1560 check_output("ip link add test1 type dummy")
1561 self
.wait_online(['macvlan99:degraded',
1562 'test1:carrier' if mode
== 'passthru' else 'test1:degraded'])
1564 output
= check_output('ip -d link show test1')
1566 self
.assertRegex(output
, ' mtu 2000 ')
1568 output
= check_output('ip -d link show macvlan99')
1570 self
.assertRegex(output
, ' mtu 2000 ')
1571 self
.assertRegex(output
, 'macvlan mode ' + mode
+ ' ')
1573 @expectedFailureIfModuleIsNotAvailable('ipvlan')
1574 def test_ipvlan(self
):
1576 for mode
, flag
in [['L2', 'private'], ['L3', 'vepa'], ['L3S', 'bridge']]:
1582 print(f
'### test_ipvlan(mode={mode}, flag={flag})')
1583 with self
.subTest(mode
=mode
, flag
=flag
):
1584 copy_network_unit('25-ipvlan.netdev', '26-netdev-link-local-addressing-yes.network',
1585 '11-dummy.netdev', '25-ipvlan.network')
1586 with
open(os
.path
.join(network_unit_dir
, '25-ipvlan.netdev'), mode
='a', encoding
='utf-8') as f
:
1587 f
.write('[IPVLAN]\nMode=' + mode
+ '\nFlags=' + flag
)
1590 self
.wait_online(['ipvlan99:degraded', 'test1:degraded'])
1592 output
= check_output('ip -d link show ipvlan99')
1594 self
.assertRegex(output
, 'ipvlan *mode ' + mode
.lower() + ' ' + flag
)
1596 @expectedFailureIfModuleIsNotAvailable('ipvtap')
1597 def test_ipvtap(self
):
1599 for mode
, flag
in [['L2', 'private'], ['L3', 'vepa'], ['L3S', 'bridge']]:
1605 print(f
'### test_ipvtap(mode={mode}, flag={flag})')
1606 with self
.subTest(mode
=mode
, flag
=flag
):
1607 copy_network_unit('25-ipvtap.netdev', '26-netdev-link-local-addressing-yes.network',
1608 '11-dummy.netdev', '25-ipvtap.network')
1609 with
open(os
.path
.join(network_unit_dir
, '25-ipvtap.netdev'), mode
='a', encoding
='utf-8') as f
:
1610 f
.write('[IPVTAP]\nMode=' + mode
+ '\nFlags=' + flag
)
1613 self
.wait_online(['ipvtap99:degraded', 'test1:degraded'])
1615 output
= check_output('ip -d link show ipvtap99')
1617 self
.assertRegex(output
, 'ipvtap *mode ' + mode
.lower() + ' ' + flag
)
1619 def test_veth(self
):
1620 copy_network_unit('25-veth.netdev', '26-netdev-link-local-addressing-yes.network',
1621 '25-veth-mtu.netdev')
1624 self
.wait_online(['veth99:degraded', 'veth-peer:degraded', 'veth-mtu:degraded', 'veth-mtu-peer:degraded'])
1626 output
= check_output('ip -d link show veth99')
1628 self
.assertRegex(output
, 'link/ether 12:34:56:78:9a:bc')
1629 output
= check_output('ip -d link show veth-peer')
1631 self
.assertRegex(output
, 'link/ether 12:34:56:78:9a:bd')
1633 output
= check_output('ip -d link show veth-mtu')
1635 self
.assertRegex(output
, 'link/ether 12:34:56:78:9a:be')
1636 self
.assertRegex(output
, 'mtu 1800')
1637 output
= check_output('ip -d link show veth-mtu-peer')
1639 self
.assertRegex(output
, 'link/ether 12:34:56:78:9a:bf')
1640 self
.assertRegex(output
, 'mtu 1800')
1642 def test_tuntap(self
):
1643 copy_network_unit('25-tun.netdev', '25-tap.netdev', '26-netdev-link-local-addressing-yes.network')
1646 self
.wait_online(['testtun99:degraded', 'testtap99:degraded'])
1648 pid
= networkd_pid()
1649 name
= psutil
.Process(pid
).name()[:15]
1651 output
= check_output('ip -d tuntap show')
1653 self
.assertRegex(output
, fr
'(?m)testtap99: tap pi (multi_queue |)vnet_hdr persist filter *(0x100|)\n\tAttached to processes:{name}\({pid}\)systemd\(1\)$')
1654 self
.assertRegex(output
, fr
'(?m)testtun99: tun pi (multi_queue |)vnet_hdr persist filter *(0x100|)\n\tAttached to processes:{name}\({pid}\)systemd\(1\)$')
1656 output
= check_output('ip -d link show testtun99')
1658 # Old ip command does not support IFF_ flags
1659 self
.assertRegex(output
, 'tun (type tun pi on vnet_hdr on multi_queue|addrgenmode) ')
1660 self
.assertIn('UP,LOWER_UP', output
)
1662 output
= check_output('ip -d link show testtap99')
1664 self
.assertRegex(output
, 'tun (type tap pi on vnet_hdr on multi_queue|addrgenmode) ')
1665 self
.assertIn('UP,LOWER_UP', output
)
1667 remove_network_unit('26-netdev-link-local-addressing-yes.network')
1670 self
.wait_online(['testtun99:degraded', 'testtap99:degraded'], setup_state
='unmanaged')
1672 pid
= networkd_pid()
1673 name
= psutil
.Process(pid
).name()[:15]
1675 output
= check_output('ip -d tuntap show')
1677 self
.assertRegex(output
, fr
'(?m)testtap99: tap pi (multi_queue |)vnet_hdr persist filter *(0x100|)\n\tAttached to processes:{name}\({pid}\)systemd\(1\)$')
1678 self
.assertRegex(output
, fr
'(?m)testtun99: tun pi (multi_queue |)vnet_hdr persist filter *(0x100|)\n\tAttached to processes:{name}\({pid}\)systemd\(1\)$')
1680 output
= check_output('ip -d link show testtun99')
1682 self
.assertRegex(output
, 'tun (type tun pi on vnet_hdr on multi_queue|addrgenmode) ')
1683 self
.assertIn('UP,LOWER_UP', output
)
1685 output
= check_output('ip -d link show testtap99')
1687 self
.assertRegex(output
, 'tun (type tap pi on vnet_hdr on multi_queue|addrgenmode) ')
1688 self
.assertIn('UP,LOWER_UP', output
)
1690 clear_network_units()
1692 self
.wait_online(['testtun99:off', 'testtap99:off'], setup_state
='unmanaged')
1694 output
= check_output('ip -d tuntap show')
1696 self
.assertRegex(output
, r
'(?m)testtap99: tap pi (multi_queue |)vnet_hdr persist filter *(0x100|)\n\tAttached to processes:$')
1697 self
.assertRegex(output
, r
'(?m)testtun99: tun pi (multi_queue |)vnet_hdr persist filter *(0x100|)\n\tAttached to processes:$')
1702 output
= check_output('ip -d link show testtun99')
1704 self
.assertRegex(output
, 'tun (type tun pi on vnet_hdr on multi_queue|addrgenmode) ')
1705 if 'NO-CARRIER' in output
:
1713 output
= check_output('ip -d link show testtap99')
1715 self
.assertRegex(output
, 'tun (type tap pi on vnet_hdr on multi_queue|addrgenmode) ')
1716 if 'NO-CARRIER' in output
:
1721 @expectedFailureIfModuleIsNotAvailable('vrf')
1723 copy_network_unit('25-vrf.netdev', '26-netdev-link-local-addressing-yes.network')
1726 self
.wait_online(['vrf99:carrier'])
1728 @expectedFailureIfModuleIsNotAvailable('vcan')
1729 def test_vcan(self
):
1730 copy_network_unit('25-vcan.netdev', '26-netdev-link-local-addressing-yes.network',
1731 '25-vcan98.netdev', '25-vcan98.network')
1734 self
.wait_online(['vcan99:carrier', 'vcan98:carrier'])
1736 # https://github.com/systemd/systemd/issues/30140
1737 output
= check_output('ip -d link show vcan99')
1739 self
.assertIn('mtu 16 ', output
)
1741 output
= check_output('ip -d link show vcan98')
1743 self
.assertIn('mtu 16 ', output
)
1745 @expectedFailureIfModuleIsNotAvailable('vxcan')
1746 def test_vxcan(self
):
1747 copy_network_unit('25-vxcan.netdev', '26-netdev-link-local-addressing-yes.network')
1750 self
.wait_online(['vxcan99:carrier', 'vxcan-peer:carrier'])
1752 @expectedFailureIfModuleIsNotAvailable('wireguard')
1753 def test_wireguard(self
):
1754 copy_network_unit('25-wireguard.netdev', '25-wireguard.network',
1755 '25-wireguard-23-peers.netdev', '25-wireguard-23-peers.network',
1756 '25-wireguard-preshared-key.txt', '25-wireguard-private-key.txt',
1757 '25-wireguard-no-peer.netdev', '25-wireguard-no-peer.network')
1759 self
.wait_online(['wg99:routable', 'wg98:routable', 'wg97:carrier'])
1761 output
= check_output('ip -4 address show dev wg99')
1763 self
.assertIn('inet 192.168.124.1/24 scope global wg99', output
)
1765 output
= check_output('ip -4 address show dev wg99')
1767 self
.assertIn('inet 169.254.11.1/24 scope link wg99', output
)
1769 output
= check_output('ip -6 address show dev wg99')
1771 self
.assertIn('inet6 fe80::1/64 scope link', output
)
1773 output
= check_output('ip -4 address show dev wg98')
1775 self
.assertIn('inet 192.168.123.123/24 scope global wg98', output
)
1777 output
= check_output('ip -6 address show dev wg98')
1779 self
.assertIn('inet6 fd8d:4d6d:3ccb:500::1/64 scope global', output
)
1781 output
= check_output('ip -4 route show dev wg99 table 1234')
1783 self
.assertIn('192.168.26.0/24 proto static metric 123', output
)
1785 output
= check_output('ip -6 route show dev wg99 table 1234')
1787 self
.assertIn('fd31:bf08:57cb::/48 proto static metric 123 pref medium', output
)
1789 output
= check_output('ip -6 route show dev wg98 table 1234')
1791 self
.assertIn('fd8d:4d6d:3ccb:500:c79:2339:edce:ece1 proto static metric 123 pref medium', output
)
1792 self
.assertIn('fd8d:4d6d:3ccb:500:1dbf:ca8a:32d3:dd81 proto static metric 123 pref medium', output
)
1793 self
.assertIn('fd8d:4d6d:3ccb:500:1e54:1415:35d0:a47c proto static metric 123 pref medium', output
)
1794 self
.assertIn('fd8d:4d6d:3ccb:500:270d:b5dd:4a3f:8909 proto static metric 123 pref medium', output
)
1795 self
.assertIn('fd8d:4d6d:3ccb:500:5660:679d:3532:94d8 proto static metric 123 pref medium', output
)
1796 self
.assertIn('fd8d:4d6d:3ccb:500:6825:573f:30f3:9472 proto static metric 123 pref medium', output
)
1797 self
.assertIn('fd8d:4d6d:3ccb:500:6f2e:6888:c6fd:dfb9 proto static metric 123 pref medium', output
)
1798 self
.assertIn('fd8d:4d6d:3ccb:500:8d4d:bab:7280:a09a proto static metric 123 pref medium', output
)
1799 self
.assertIn('fd8d:4d6d:3ccb:500:900c:d437:ec27:8822 proto static metric 123 pref medium', output
)
1800 self
.assertIn('fd8d:4d6d:3ccb:500:9742:9931:5217:18d5 proto static metric 123 pref medium', output
)
1801 self
.assertIn('fd8d:4d6d:3ccb:500:9c11:d820:2e96:9be0 proto static metric 123 pref medium', output
)
1802 self
.assertIn('fd8d:4d6d:3ccb:500:a072:80da:de4f:add1 proto static metric 123 pref medium', output
)
1803 self
.assertIn('fd8d:4d6d:3ccb:500:a3f3:df38:19b0:721 proto static metric 123 pref medium', output
)
1804 self
.assertIn('fd8d:4d6d:3ccb:500:a94b:cd6a:a32d:90e6 proto static metric 123 pref medium', output
)
1805 self
.assertIn('fd8d:4d6d:3ccb:500:b39c:9cdc:755a:ead3 proto static metric 123 pref medium', output
)
1806 self
.assertIn('fd8d:4d6d:3ccb:500:b684:4f81:2e3e:132e proto static metric 123 pref medium', output
)
1807 self
.assertIn('fd8d:4d6d:3ccb:500:bad5:495d:8e9c:3427 proto static metric 123 pref medium', output
)
1808 self
.assertIn('fd8d:4d6d:3ccb:500:bfe5:c3c3:5d77:fcb proto static metric 123 pref medium', output
)
1809 self
.assertIn('fd8d:4d6d:3ccb:500:c624:6bf7:4c09:3b59 proto static metric 123 pref medium', output
)
1810 self
.assertIn('fd8d:4d6d:3ccb:500:d4f9:5dc:9296:a1a proto static metric 123 pref medium', output
)
1811 self
.assertIn('fd8d:4d6d:3ccb:500:dcdd:d33b:90c9:6088 proto static metric 123 pref medium', output
)
1812 self
.assertIn('fd8d:4d6d:3ccb:500:e2e1:ae15:103f:f376 proto static metric 123 pref medium', output
)
1813 self
.assertIn('fd8d:4d6d:3ccb:500:f349:c4f0:10c1:6b4 proto static metric 123 pref medium', output
)
1814 self
.assertIn('fd8d:4d6d:3ccb:c79:2339:edce::/96 proto static metric 123 pref medium', output
)
1815 self
.assertIn('fd8d:4d6d:3ccb:1dbf:ca8a:32d3::/96 proto static metric 123 pref medium', output
)
1816 self
.assertIn('fd8d:4d6d:3ccb:1e54:1415:35d0::/96 proto static metric 123 pref medium', output
)
1817 self
.assertIn('fd8d:4d6d:3ccb:270d:b5dd:4a3f::/96 proto static metric 123 pref medium', output
)
1818 self
.assertIn('fd8d:4d6d:3ccb:5660:679d:3532::/96 proto static metric 123 pref medium', output
)
1819 self
.assertIn('fd8d:4d6d:3ccb:6825:573f:30f3::/96 proto static metric 123 pref medium', output
)
1820 self
.assertIn('fd8d:4d6d:3ccb:6f2e:6888:c6fd::/96 proto static metric 123 pref medium', output
)
1821 self
.assertIn('fd8d:4d6d:3ccb:8d4d:bab:7280::/96 proto static metric 123 pref medium', output
)
1822 self
.assertIn('fd8d:4d6d:3ccb:900c:d437:ec27::/96 proto static metric 123 pref medium', output
)
1823 self
.assertIn('fd8d:4d6d:3ccb:9742:9931:5217::/96 proto static metric 123 pref medium', output
)
1824 self
.assertIn('fd8d:4d6d:3ccb:9c11:d820:2e96::/96 proto static metric 123 pref medium', output
)
1825 self
.assertIn('fd8d:4d6d:3ccb:a072:80da:de4f::/96 proto static metric 123 pref medium', output
)
1826 self
.assertIn('fd8d:4d6d:3ccb:a3f3:df38:19b0::/96 proto static metric 123 pref medium', output
)
1827 self
.assertIn('fd8d:4d6d:3ccb:a94b:cd6a:a32d::/96 proto static metric 123 pref medium', output
)
1828 self
.assertIn('fd8d:4d6d:3ccb:b39c:9cdc:755a::/96 proto static metric 123 pref medium', output
)
1829 self
.assertIn('fd8d:4d6d:3ccb:b684:4f81:2e3e::/96 proto static metric 123 pref medium', output
)
1830 self
.assertIn('fd8d:4d6d:3ccb:bad5:495d:8e9c::/96 proto static metric 123 pref medium', output
)
1831 self
.assertIn('fd8d:4d6d:3ccb:bfe5:c3c3:5d77::/96 proto static metric 123 pref medium', output
)
1832 self
.assertIn('fd8d:4d6d:3ccb:c624:6bf7:4c09::/96 proto static metric 123 pref medium', output
)
1833 self
.assertIn('fd8d:4d6d:3ccb:d4f9:5dc:9296::/96 proto static metric 123 pref medium', output
)
1834 self
.assertIn('fd8d:4d6d:3ccb:dcdd:d33b:90c9::/96 proto static metric 123 pref medium', output
)
1835 self
.assertIn('fd8d:4d6d:3ccb:e2e1:ae15:103f::/96 proto static metric 123 pref medium', output
)
1836 self
.assertIn('fd8d:4d6d:3ccb:f349:c4f0:10c1::/96 proto static metric 123 pref medium', output
)
1838 if shutil
.which('wg'):
1841 output
= check_output('wg show wg99 listen-port')
1842 self
.assertEqual(output
, '51820')
1843 output
= check_output('wg show wg99 fwmark')
1844 self
.assertEqual(output
, '0x4d2')
1845 output
= check_output('wg show wg99 private-key')
1846 self
.assertEqual(output
, 'EEGlnEPYJV//kbvvIqxKkQwOiS+UENyPncC4bF46ong=')
1847 output
= check_output('wg show wg99 allowed-ips')
1848 self
.assertIn('9uioxkGzjvGjkse3V35I9AhorWfIjBcrf3UPMS0bw2c=\t192.168.124.3/32', output
)
1849 self
.assertIn('TTiCUpCxS7zDn/ax4p5W6Evg41r8hOrnWQw2Sq6Nh10=\t192.168.124.2/32', output
)
1850 self
.assertIn('lsDtM3AbjxNlauRKzHEPfgS1Zp7cp/VX5Use/P4PQSc=\tfdbc:bae2:7871:e1fe:793:8636::/96 fdbc:bae2:7871:500:e1fe:793:8636:dad1/128', output
)
1851 self
.assertIn('RDf+LSpeEre7YEIKaxg+wbpsNV7du+ktR99uBEtIiCA=\t192.168.26.0/24 fd31:bf08:57cb::/48', output
)
1852 output
= check_output('wg show wg99 persistent-keepalive')
1853 self
.assertIn('9uioxkGzjvGjkse3V35I9AhorWfIjBcrf3UPMS0bw2c=\toff', output
)
1854 self
.assertIn('TTiCUpCxS7zDn/ax4p5W6Evg41r8hOrnWQw2Sq6Nh10=\toff', output
)
1855 self
.assertIn('lsDtM3AbjxNlauRKzHEPfgS1Zp7cp/VX5Use/P4PQSc=\toff', output
)
1856 self
.assertIn('RDf+LSpeEre7YEIKaxg+wbpsNV7du+ktR99uBEtIiCA=\t20', output
)
1857 output
= check_output('wg show wg99 endpoints')
1858 self
.assertIn('9uioxkGzjvGjkse3V35I9AhorWfIjBcrf3UPMS0bw2c=\t(none)', output
)
1859 self
.assertIn('TTiCUpCxS7zDn/ax4p5W6Evg41r8hOrnWQw2Sq6Nh10=\t(none)', output
)
1860 self
.assertIn('lsDtM3AbjxNlauRKzHEPfgS1Zp7cp/VX5Use/P4PQSc=\t(none)', output
)
1861 self
.assertIn('RDf+LSpeEre7YEIKaxg+wbpsNV7du+ktR99uBEtIiCA=\t192.168.27.3:51820', output
)
1862 output
= check_output('wg show wg99 preshared-keys')
1863 self
.assertIn('9uioxkGzjvGjkse3V35I9AhorWfIjBcrf3UPMS0bw2c=\t6Fsg8XN0DE6aPQgAX4r2oazEYJOGqyHUz3QRH/jCB+I=', output
)
1864 self
.assertIn('TTiCUpCxS7zDn/ax4p5W6Evg41r8hOrnWQw2Sq6Nh10=\tit7nd33chCT/tKT2ZZWfYyp43Zs+6oif72hexnSNMqA=', output
)
1865 self
.assertIn('lsDtM3AbjxNlauRKzHEPfgS1Zp7cp/VX5Use/P4PQSc=\tcPLOy1YUrEI0EMMIycPJmOo0aTu3RZnw8bL5meVD6m0=', output
)
1866 self
.assertIn('RDf+LSpeEre7YEIKaxg+wbpsNV7du+ktR99uBEtIiCA=\tIIWIV17wutHv7t4cR6pOT91z6NSz/T8Arh0yaywhw3M=', output
)
1868 output
= check_output('wg show wg98 private-key')
1869 self
.assertEqual(output
, 'CJQUtcS9emY2fLYqDlpSZiE/QJyHkPWr+WHtZLZ90FU=')
1871 output
= check_output('wg show wg97 listen-port')
1872 self
.assertEqual(output
, '51821')
1873 output
= check_output('wg show wg97 fwmark')
1874 self
.assertEqual(output
, '0x4d3')
1876 def test_geneve(self
):
1877 copy_network_unit('25-geneve.netdev', '26-netdev-link-local-addressing-yes.network')
1880 self
.wait_online(['geneve99:degraded'])
1882 output
= check_output('ip -d link show geneve99')
1884 self
.assertRegex(output
, '192.168.22.1')
1885 self
.assertRegex(output
, '6082')
1886 self
.assertRegex(output
, 'udpcsum')
1887 self
.assertRegex(output
, 'udp6zerocsumrx')
1889 def test_ipip_tunnel(self
):
1890 copy_network_unit('12-dummy.netdev', '25-ipip.network',
1891 '25-ipip-tunnel.netdev', '25-tunnel.network',
1892 '25-ipip-tunnel-local-any.netdev', '25-tunnel-local-any.network',
1893 '25-ipip-tunnel-remote-any.netdev', '25-tunnel-remote-any.network',
1894 '25-ipip-tunnel-any-any.netdev', '25-tunnel-any-any.network')
1896 self
.wait_online(['ipiptun99:routable', 'ipiptun98:routable', 'ipiptun97:routable', 'ipiptun96:routable', 'dummy98:degraded'])
1898 output
= check_output('ip -d link show ipiptun99')
1900 self
.assertRegex(output
, 'ipip (ipip )?remote 192.169.224.239 local 192.168.223.238 dev dummy98')
1901 output
= check_output('ip -d link show ipiptun98')
1903 self
.assertRegex(output
, 'ipip (ipip )?remote 192.169.224.239 local any dev dummy98')
1904 output
= check_output('ip -d link show ipiptun97')
1906 self
.assertRegex(output
, 'ipip (ipip )?remote any local 192.168.223.238 dev dummy98')
1907 output
= check_output('ip -d link show ipiptun96')
1909 self
.assertRegex(output
, 'ipip (ipip )?remote any local any dev dummy98')
1911 def test_gre_tunnel(self
):
1912 copy_network_unit('12-dummy.netdev', '25-gretun.network',
1913 '25-gre-tunnel.netdev', '25-tunnel.network',
1914 '25-gre-tunnel-local-any.netdev', '25-tunnel-local-any.network',
1915 '25-gre-tunnel-remote-any.netdev', '25-tunnel-remote-any.network',
1916 '25-gre-tunnel-any-any.netdev', '25-tunnel-any-any.network')
1918 self
.wait_online(['gretun99:routable', 'gretun98:routable', 'gretun97:routable', 'gretun96:routable', 'dummy98:degraded'])
1920 output
= check_output('ip -d link show gretun99')
1922 self
.assertRegex(output
, 'gre remote 10.65.223.239 local 10.65.223.238 dev dummy98')
1923 self
.assertRegex(output
, 'ikey 1.2.3.103')
1924 self
.assertRegex(output
, 'okey 1.2.4.103')
1925 self
.assertRegex(output
, 'iseq')
1926 self
.assertRegex(output
, 'oseq')
1927 output
= check_output('ip -d link show gretun98')
1929 self
.assertRegex(output
, 'gre remote 10.65.223.239 local any dev dummy98')
1930 self
.assertRegex(output
, 'ikey 0.0.0.104')
1931 self
.assertRegex(output
, 'okey 0.0.0.104')
1932 self
.assertNotRegex(output
, 'iseq')
1933 self
.assertNotRegex(output
, 'oseq')
1934 output
= check_output('ip -d link show gretun97')
1936 self
.assertRegex(output
, 'gre remote any local 10.65.223.238 dev dummy98')
1937 self
.assertRegex(output
, 'ikey 0.0.0.105')
1938 self
.assertRegex(output
, 'okey 0.0.0.105')
1939 self
.assertNotRegex(output
, 'iseq')
1940 self
.assertNotRegex(output
, 'oseq')
1941 output
= check_output('ip -d link show gretun96')
1943 self
.assertRegex(output
, 'gre remote any local any dev dummy98')
1944 self
.assertRegex(output
, 'ikey 0.0.0.106')
1945 self
.assertRegex(output
, 'okey 0.0.0.106')
1946 self
.assertNotRegex(output
, 'iseq')
1947 self
.assertNotRegex(output
, 'oseq')
1949 def test_ip6gre_tunnel(self
):
1950 copy_network_unit('12-dummy.netdev', '25-ip6gretun.network',
1951 '25-ip6gre-tunnel.netdev', '25-tunnel.network',
1952 '25-ip6gre-tunnel-local-any.netdev', '25-tunnel-local-any.network',
1953 '25-ip6gre-tunnel-remote-any.netdev', '25-tunnel-remote-any.network',
1954 '25-ip6gre-tunnel-any-any.netdev', '25-tunnel-any-any.network')
1957 # Old kernels seem not to support IPv6LL address on ip6gre tunnel, So please do not use wait_online() here.
1959 self
.wait_links('dummy98', 'ip6gretun99', 'ip6gretun98', 'ip6gretun97', 'ip6gretun96')
1961 output
= check_output('ip -d link show ip6gretun99')
1963 self
.assertRegex(output
, 'ip6gre remote 2001:473:fece:cafe::5179 local 2a00:ffde:4567:edde::4987 dev dummy98')
1964 output
= check_output('ip -d link show ip6gretun98')
1966 self
.assertRegex(output
, 'ip6gre remote 2001:473:fece:cafe::5179 local any dev dummy98')
1967 output
= check_output('ip -d link show ip6gretun97')
1969 self
.assertRegex(output
, 'ip6gre remote any local 2a00:ffde:4567:edde::4987 dev dummy98')
1970 output
= check_output('ip -d link show ip6gretun96')
1972 self
.assertRegex(output
, 'ip6gre remote any local any dev dummy98')
1974 def test_gretap_tunnel(self
):
1975 copy_network_unit('12-dummy.netdev', '25-gretap.network',
1976 '25-gretap-tunnel.netdev', '25-tunnel.network',
1977 '25-gretap-tunnel-local-any.netdev', '25-tunnel-local-any.network')
1979 self
.wait_online(['gretap99:routable', 'gretap98:routable', 'dummy98:degraded'])
1981 output
= check_output('ip -d link show gretap99')
1983 self
.assertRegex(output
, 'gretap remote 10.65.223.239 local 10.65.223.238 dev dummy98')
1984 self
.assertRegex(output
, 'ikey 0.0.0.106')
1985 self
.assertRegex(output
, 'okey 0.0.0.106')
1986 self
.assertRegex(output
, 'iseq')
1987 self
.assertRegex(output
, 'oseq')
1988 self
.assertIn('nopmtudisc', output
)
1989 self
.assertIn('ignore-df', output
)
1990 output
= check_output('ip -d link show gretap98')
1992 self
.assertRegex(output
, 'gretap remote 10.65.223.239 local any dev dummy98')
1993 self
.assertRegex(output
, 'ikey 0.0.0.107')
1994 self
.assertRegex(output
, 'okey 0.0.0.107')
1995 self
.assertRegex(output
, 'iseq')
1996 self
.assertRegex(output
, 'oseq')
1998 def test_ip6gretap_tunnel(self
):
1999 copy_network_unit('12-dummy.netdev', '25-ip6gretap.network',
2000 '25-ip6gretap-tunnel.netdev', '25-tunnel.network',
2001 '25-ip6gretap-tunnel-local-any.netdev', '25-tunnel-local-any.network')
2003 self
.wait_online(['ip6gretap99:routable', 'ip6gretap98:routable', 'dummy98:degraded'])
2005 output
= check_output('ip -d link show ip6gretap99')
2007 self
.assertRegex(output
, 'ip6gretap remote 2001:473:fece:cafe::5179 local 2a00:ffde:4567:edde::4987 dev dummy98')
2008 output
= check_output('ip -d link show ip6gretap98')
2010 self
.assertRegex(output
, 'ip6gretap remote 2001:473:fece:cafe::5179 local any dev dummy98')
2012 def test_vti_tunnel(self
):
2013 copy_network_unit('12-dummy.netdev', '25-vti.network',
2014 '25-vti-tunnel.netdev', '25-tunnel.network',
2015 '25-vti-tunnel-local-any.netdev', '25-tunnel-local-any.network',
2016 '25-vti-tunnel-remote-any.netdev', '25-tunnel-remote-any.network',
2017 '25-vti-tunnel-any-any.netdev', '25-tunnel-any-any.network')
2019 self
.wait_online(['vtitun99:routable', 'vtitun98:routable', 'vtitun97:routable', 'vtitun96:routable', 'dummy98:degraded'])
2021 output
= check_output('ip -d link show vtitun99')
2023 self
.assertRegex(output
, 'vti remote 10.65.223.239 local 10.65.223.238 dev dummy98')
2024 output
= check_output('ip -d link show vtitun98')
2026 self
.assertRegex(output
, 'vti remote 10.65.223.239 local any dev dummy98')
2027 output
= check_output('ip -d link show vtitun97')
2029 self
.assertRegex(output
, 'vti remote any local 10.65.223.238 dev dummy98')
2030 output
= check_output('ip -d link show vtitun96')
2032 self
.assertRegex(output
, 'vti remote any local any dev dummy98')
2034 def test_vti6_tunnel(self
):
2035 copy_network_unit('12-dummy.netdev', '25-vti6.network',
2036 '25-vti6-tunnel.netdev', '25-tunnel.network',
2037 '25-vti6-tunnel-local-any.netdev', '25-tunnel-local-any.network',
2038 '25-vti6-tunnel-remote-any.netdev', '25-tunnel-remote-any.network')
2040 self
.wait_online(['vti6tun99:routable', 'vti6tun98:routable', 'vti6tun97:routable', 'dummy98:degraded'])
2042 output
= check_output('ip -d link show vti6tun99')
2044 self
.assertRegex(output
, 'vti6 remote 2001:473:fece:cafe::5179 local 2a00:ffde:4567:edde::4987 dev dummy98')
2045 output
= check_output('ip -d link show vti6tun98')
2047 self
.assertRegex(output
, 'vti6 remote 2001:473:fece:cafe::5179 local (any|::) dev dummy98')
2048 output
= check_output('ip -d link show vti6tun97')
2050 self
.assertRegex(output
, 'vti6 remote (any|::) local 2a00:ffde:4567:edde::4987 dev dummy98')
2052 def test_ip6tnl_tunnel(self
):
2053 copy_network_unit('12-dummy.netdev', '25-ip6tnl.network',
2054 '25-ip6tnl-tunnel.netdev', '25-tunnel.network',
2055 '25-ip6tnl-tunnel-local-any.netdev', '25-tunnel-local-any.network',
2056 '25-ip6tnl-tunnel-remote-any.netdev', '25-tunnel-remote-any.network',
2057 '25-veth.netdev', '25-ip6tnl-slaac.network', '25-ipv6-prefix.network',
2058 '25-ip6tnl-tunnel-local-slaac.netdev', '25-ip6tnl-tunnel-local-slaac.network',
2059 '25-ip6tnl-tunnel-external.netdev', '26-netdev-link-local-addressing-yes.network')
2061 self
.wait_online(['ip6tnl99:routable', 'ip6tnl98:routable', 'ip6tnl97:routable',
2062 'ip6tnl-slaac:degraded', 'ip6tnl-external:degraded',
2063 'dummy98:degraded', 'veth99:routable', 'veth-peer:degraded'])
2065 output
= check_output('ip -d link show ip6tnl99')
2067 self
.assertIn('ip6tnl ip6ip6 remote 2001:473:fece:cafe::5179 local 2a00:ffde:4567:edde::4987 dev dummy98', output
)
2068 output
= check_output('ip -d link show ip6tnl98')
2070 self
.assertRegex(output
, 'ip6tnl ip6ip6 remote 2001:473:fece:cafe::5179 local (any|::) dev dummy98')
2071 output
= check_output('ip -d link show ip6tnl97')
2073 self
.assertRegex(output
, 'ip6tnl ip6ip6 remote (any|::) local 2a00:ffde:4567:edde::4987 dev dummy98')
2074 output
= check_output('ip -d link show ip6tnl-external')
2076 self
.assertIn('ip6tnl-external@NONE:', output
)
2077 self
.assertIn('ip6tnl external ', output
)
2078 output
= check_output('ip -d link show ip6tnl-slaac')
2080 self
.assertIn('ip6tnl ip6ip6 remote 2001:473:fece:cafe::5179 local 2002:da8:1:0:1034:56ff:fe78:9abc dev veth99', output
)
2082 output
= check_output('ip -6 address show veth99')
2084 self
.assertIn('inet6 2002:da8:1:0:1034:56ff:fe78:9abc/64 scope global dynamic', output
)
2086 output
= check_output('ip -4 route show default')
2088 self
.assertIn('default dev ip6tnl-slaac proto static', output
)
2090 def test_sit_tunnel(self
):
2091 copy_network_unit('12-dummy.netdev', '25-sit.network',
2092 '25-sit-tunnel.netdev', '25-tunnel.network',
2093 '25-sit-tunnel-local-any.netdev', '25-tunnel-local-any.network',
2094 '25-sit-tunnel-remote-any.netdev', '25-tunnel-remote-any.network',
2095 '25-sit-tunnel-any-any.netdev', '25-tunnel-any-any.network')
2097 self
.wait_online(['sittun99:routable', 'sittun98:routable', 'sittun97:routable', 'sittun96:routable', 'dummy98:degraded'])
2099 output
= check_output('ip -d link show sittun99')
2101 self
.assertRegex(output
, "sit (ip6ip )?remote 10.65.223.239 local 10.65.223.238 dev dummy98")
2102 output
= check_output('ip -d link show sittun98')
2104 self
.assertRegex(output
, "sit (ip6ip )?remote 10.65.223.239 local any dev dummy98")
2105 output
= check_output('ip -d link show sittun97')
2107 self
.assertRegex(output
, "sit (ip6ip )?remote any local 10.65.223.238 dev dummy98")
2108 output
= check_output('ip -d link show sittun96')
2110 self
.assertRegex(output
, "sit (ip6ip )?remote any local any dev dummy98")
2112 def test_isatap_tunnel(self
):
2113 copy_network_unit('12-dummy.netdev', '25-isatap.network',
2114 '25-isatap-tunnel.netdev', '25-tunnel.network')
2116 self
.wait_online(['isataptun99:routable', 'dummy98:degraded'])
2118 output
= check_output('ip -d link show isataptun99')
2120 self
.assertRegex(output
, "isatap ")
2122 def test_6rd_tunnel(self
):
2123 copy_network_unit('12-dummy.netdev', '25-6rd.network',
2124 '25-6rd-tunnel.netdev', '25-tunnel.network')
2126 self
.wait_online(['sittun99:routable', 'dummy98:degraded'])
2128 output
= check_output('ip -d link show sittun99')
2130 self
.assertRegex(output
, '6rd-prefix 2602::/24')
2132 @expectedFailureIfERSPANv0IsNotSupported()
2133 def test_erspan_tunnel_v0(self
):
2134 copy_network_unit('12-dummy.netdev', '25-erspan.network',
2135 '25-erspan0-tunnel.netdev', '25-tunnel.network',
2136 '25-erspan0-tunnel-local-any.netdev', '25-tunnel-local-any.network')
2138 self
.wait_online(['erspan99:routable', 'erspan98:routable', 'dummy98:degraded'])
2140 output
= check_output('ip -d link show erspan99')
2142 self
.assertIn('erspan remote 172.16.1.100 local 172.16.1.200', output
)
2143 self
.assertIn('erspan_ver 0', output
)
2144 self
.assertNotIn('erspan_index 123', output
)
2145 self
.assertNotIn('erspan_dir ingress', output
)
2146 self
.assertNotIn('erspan_hwid 1f', output
)
2147 self
.assertIn('ikey 0.0.0.101', output
)
2148 self
.assertIn('iseq', output
)
2149 self
.assertIn('nopmtudisc', output
)
2150 self
.assertIn('ignore-df', output
)
2151 output
= check_output('ip -d link show erspan98')
2153 self
.assertIn('erspan remote 172.16.1.100 local any', output
)
2154 self
.assertIn('erspan_ver 0', output
)
2155 self
.assertNotIn('erspan_index 124', output
)
2156 self
.assertNotIn('erspan_dir egress', output
)
2157 self
.assertNotIn('erspan_hwid 2f', output
)
2158 self
.assertIn('ikey 0.0.0.102', output
)
2159 self
.assertIn('iseq', output
)
2161 def test_erspan_tunnel_v1(self
):
2162 copy_network_unit('12-dummy.netdev', '25-erspan.network',
2163 '25-erspan1-tunnel.netdev', '25-tunnel.network',
2164 '25-erspan1-tunnel-local-any.netdev', '25-tunnel-local-any.network')
2166 self
.wait_online(['erspan99:routable', 'erspan98:routable', 'dummy98:degraded'])
2168 output
= check_output('ip -d link show erspan99')
2170 self
.assertIn('erspan remote 172.16.1.100 local 172.16.1.200', output
)
2171 self
.assertIn('erspan_ver 1', output
)
2172 self
.assertIn('erspan_index 123', output
)
2173 self
.assertNotIn('erspan_dir ingress', output
)
2174 self
.assertNotIn('erspan_hwid 1f', output
)
2175 self
.assertIn('ikey 0.0.0.101', output
)
2176 self
.assertIn('okey 0.0.0.101', output
)
2177 self
.assertIn('iseq', output
)
2178 self
.assertIn('oseq', output
)
2179 output
= check_output('ip -d link show erspan98')
2181 self
.assertIn('erspan remote 172.16.1.100 local any', output
)
2182 self
.assertIn('erspan_ver 1', output
)
2183 self
.assertIn('erspan_index 124', output
)
2184 self
.assertNotIn('erspan_dir egress', output
)
2185 self
.assertNotIn('erspan_hwid 2f', output
)
2186 self
.assertIn('ikey 0.0.0.102', output
)
2187 self
.assertIn('okey 0.0.0.102', output
)
2188 self
.assertIn('iseq', output
)
2189 self
.assertIn('oseq', output
)
2191 @expectedFailureIfERSPANv2IsNotSupported()
2192 def test_erspan_tunnel_v2(self
):
2193 copy_network_unit('12-dummy.netdev', '25-erspan.network',
2194 '25-erspan2-tunnel.netdev', '25-tunnel.network',
2195 '25-erspan2-tunnel-local-any.netdev', '25-tunnel-local-any.network')
2197 self
.wait_online(['erspan99:routable', 'erspan98:routable', 'dummy98:degraded'])
2199 output
= check_output('ip -d link show erspan99')
2201 self
.assertIn('erspan remote 172.16.1.100 local 172.16.1.200', output
)
2202 self
.assertIn('erspan_ver 2', output
)
2203 self
.assertNotIn('erspan_index 123', output
)
2204 self
.assertIn('erspan_dir ingress', output
)
2205 self
.assertIn('erspan_hwid 0x1f', output
)
2206 self
.assertIn('ikey 0.0.0.101', output
)
2207 self
.assertIn('okey 0.0.0.101', output
)
2208 self
.assertIn('iseq', output
)
2209 self
.assertIn('oseq', output
)
2210 output
= check_output('ip -d link show erspan98')
2212 self
.assertIn('erspan remote 172.16.1.100 local any', output
)
2213 self
.assertIn('erspan_ver 2', output
)
2214 self
.assertNotIn('erspan_index 124', output
)
2215 self
.assertIn('erspan_dir egress', output
)
2216 self
.assertIn('erspan_hwid 0x2f', output
)
2217 self
.assertIn('ikey 0.0.0.102', output
)
2218 self
.assertIn('okey 0.0.0.102', output
)
2219 self
.assertIn('iseq', output
)
2220 self
.assertIn('oseq', output
)
2222 def test_tunnel_independent(self
):
2223 copy_network_unit('25-ipip-tunnel-independent.netdev', '26-netdev-link-local-addressing-yes.network')
2226 self
.wait_online(['ipiptun99:carrier'])
2228 def test_tunnel_independent_loopback(self
):
2229 copy_network_unit('25-ipip-tunnel-independent-loopback.netdev', '26-netdev-link-local-addressing-yes.network')
2232 self
.wait_online(['ipiptun99:carrier'])
2234 @expectedFailureIfModuleIsNotAvailable('xfrm_interface')
2235 def test_xfrm(self
):
2236 copy_network_unit('12-dummy.netdev', '25-xfrm.network',
2237 '25-xfrm.netdev', '25-xfrm-independent.netdev',
2238 '26-netdev-link-local-addressing-yes.network')
2241 self
.wait_online(['dummy98:degraded', 'xfrm98:degraded', 'xfrm99:degraded'])
2243 output
= check_output('ip -d link show dev xfrm98')
2245 self
.assertIn('xfrm98@dummy98:', output
)
2246 self
.assertIn('xfrm if_id 0x98 ', output
)
2248 output
= check_output('ip -d link show dev xfrm99')
2250 self
.assertIn('xfrm99@lo:', output
)
2251 self
.assertIn('xfrm if_id 0x99 ', output
)
2253 @expectedFailureIfModuleIsNotAvailable('fou')
2255 # The following redundant check is necessary for CentOS CI.
2256 # Maybe, error handling in lookup_id() in sd-netlink/generic-netlink.c needs to be updated.
2257 self
.assertTrue(is_module_available('fou'))
2259 copy_network_unit('25-fou-ipproto-ipip.netdev', '25-fou-ipproto-gre.netdev',
2260 '25-fou-ipip.netdev', '25-fou-sit.netdev',
2261 '25-fou-gre.netdev', '25-fou-gretap.netdev')
2264 self
.wait_online(['ipiptun96:off', 'sittun96:off', 'gretun96:off', 'gretap96:off'], setup_state
='unmanaged')
2266 output
= check_output('ip fou show')
2268 self
.assertRegex(output
, 'port 55555 ipproto 4')
2269 self
.assertRegex(output
, 'port 55556 ipproto 47')
2271 output
= check_output('ip -d link show ipiptun96')
2273 self
.assertRegex(output
, 'encap fou encap-sport auto encap-dport 55555')
2274 output
= check_output('ip -d link show sittun96')
2276 self
.assertRegex(output
, 'encap fou encap-sport auto encap-dport 55555')
2277 output
= check_output('ip -d link show gretun96')
2279 self
.assertRegex(output
, 'encap fou encap-sport 1001 encap-dport 55556')
2280 output
= check_output('ip -d link show gretap96')
2282 self
.assertRegex(output
, 'encap fou encap-sport auto encap-dport 55556')
2284 def test_vxlan(self
):
2285 copy_network_unit('11-dummy.netdev', '25-vxlan-test1.network',
2286 '25-vxlan.netdev', '25-vxlan.network',
2287 '25-vxlan-ipv6.netdev', '25-vxlan-ipv6.network',
2288 '25-vxlan-independent.netdev', '26-netdev-link-local-addressing-yes.network',
2289 '25-veth.netdev', '25-vxlan-veth99.network', '25-ipv6-prefix.network',
2290 '25-vxlan-local-slaac.netdev', '25-vxlan-local-slaac.network')
2293 self
.wait_online(['test1:degraded', 'veth99:routable', 'veth-peer:degraded',
2294 'vxlan99:degraded', 'vxlan98:degraded', 'vxlan97:degraded', 'vxlan-slaac:degraded'])
2296 output
= check_output('ip -d -d link show vxlan99')
2298 self
.assertIn('999', output
)
2299 self
.assertIn('5555', output
)
2300 self
.assertIn('l2miss', output
)
2301 self
.assertIn('l3miss', output
)
2302 self
.assertIn('gbp', output
)
2303 # Since [0] some of the options use slightly different names and some
2304 # options with default values are shown only if the -d(etails) setting
2306 # [0] https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=1215e9d3862387353d8672296cb4c6c16e8cbb72
2307 self
.assertRegex(output
, '(udpcsum|udp_csum)')
2308 self
.assertRegex(output
, '(udp6zerocsumtx|udp_zero_csum6_tx)')
2309 self
.assertRegex(output
, '(udp6zerocsumrx|udp_zero_csum6_rx)')
2310 self
.assertRegex(output
, '(remcsumtx|remcsum_tx)')
2311 self
.assertRegex(output
, '(remcsumrx|remcsum_rx)')
2313 output
= check_output('bridge fdb show dev vxlan99')
2315 self
.assertIn('00:11:22:33:44:55 dst 10.0.0.5 self permanent', output
)
2316 self
.assertIn('00:11:22:33:44:66 dst 10.0.0.6 self permanent', output
)
2317 self
.assertIn('00:11:22:33:44:77 dst 10.0.0.7 via test1 self permanent', output
)
2319 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'vxlan99', env
=env
)
2321 self
.assertIn('VNI: 999', output
)
2322 self
.assertIn('Destination Port: 5555', output
)
2323 self
.assertIn('Underlying Device: test1', output
)
2325 output
= check_output('bridge fdb show dev vxlan97')
2327 self
.assertIn('00:00:00:00:00:00 dst fe80::23b:d2ff:fe95:967f via test1 self permanent', output
)
2328 self
.assertIn('00:00:00:00:00:00 dst fe80::27c:16ff:fec0:6c74 via test1 self permanent', output
)
2329 self
.assertIn('00:00:00:00:00:00 dst fe80::2a2:e4ff:fef9:2269 via test1 self permanent', output
)
2331 output
= check_output('ip -d link show vxlan-slaac')
2333 self
.assertIn('vxlan id 4831584 local 2002:da8:1:0:1034:56ff:fe78:9abc dev veth99', output
)
2335 output
= check_output('ip -6 address show veth99')
2337 self
.assertIn('inet6 2002:da8:1:0:1034:56ff:fe78:9abc/64 scope global dynamic', output
)
2339 @unittest.skipUnless(compare_kernel_version("6"), reason
="Causes kernel panic on unpatched kernels: https://bugzilla.kernel.org/show_bug.cgi?id=208315")
2340 def test_macsec(self
):
2341 copy_network_unit('25-macsec.netdev', '25-macsec.network', '25-macsec.key',
2342 '26-macsec.network', '12-dummy.netdev')
2345 self
.wait_online(['dummy98:degraded', 'macsec99:routable'])
2347 output
= check_output('ip -d link show macsec99')
2349 self
.assertRegex(output
, 'macsec99@dummy98')
2350 self
.assertRegex(output
, 'macsec sci [0-9a-f]*000b')
2351 self
.assertRegex(output
, 'encrypt on')
2353 output
= check_output('ip macsec show macsec99')
2355 self
.assertRegex(output
, 'encrypt on')
2356 self
.assertRegex(output
, 'TXSC: [0-9a-f]*000b on SA 1')
2357 self
.assertRegex(output
, '0: PN [0-9]*, state on, key 01000000000000000000000000000000')
2358 self
.assertRegex(output
, '1: PN [0-9]*, state on, key 02030000000000000000000000000000')
2359 self
.assertRegex(output
, 'RXSC: c619528fe6a00100, state on')
2360 self
.assertRegex(output
, '0: PN [0-9]*, state on, key 02030405000000000000000000000000')
2361 self
.assertRegex(output
, '1: PN [0-9]*, state on, key 02030405060000000000000000000000')
2362 self
.assertRegex(output
, '2: PN [0-9]*, state off, key 02030405060700000000000000000000')
2363 self
.assertRegex(output
, '3: PN [0-9]*, state off, key 02030405060708000000000000000000')
2364 self
.assertNotRegex(output
, 'key 02030405067080900000000000000000')
2365 self
.assertRegex(output
, 'RXSC: 8c16456c83a90002, state on')
2366 self
.assertRegex(output
, '0: PN [0-9]*, state off, key 02030400000000000000000000000000')
2368 def test_nlmon(self
):
2369 copy_network_unit('25-nlmon.netdev', '26-netdev-link-local-addressing-yes.network')
2372 self
.wait_online(['nlmon99:carrier'])
2374 @expectedFailureIfModuleIsNotAvailable('ifb')
2376 copy_network_unit('25-ifb.netdev', '26-netdev-link-local-addressing-yes.network')
2379 self
.wait_online(['ifb99:degraded'])
2381 class NetworkdL2TPTests(unittest
.TestCase
, Utilities
):
2389 @expectedFailureIfModuleIsNotAvailable('l2tp_eth', 'l2tp_netlink')
2390 def test_l2tp_udp(self
):
2391 copy_network_unit('11-dummy.netdev', '25-l2tp-dummy.network',
2392 '25-l2tp-udp.netdev', '25-l2tp.network')
2395 self
.wait_online(['test1:routable', 'l2tp-ses1:degraded', 'l2tp-ses2:degraded'])
2397 output
= check_output('ip l2tp show tunnel tunnel_id 10')
2399 self
.assertRegex(output
, "Tunnel 10, encap UDP")
2400 self
.assertRegex(output
, "From 192.168.30.100 to 192.168.30.101")
2401 self
.assertRegex(output
, "Peer tunnel 11")
2402 self
.assertRegex(output
, "UDP source / dest ports: 3000/4000")
2403 self
.assertRegex(output
, "UDP checksum: enabled")
2405 output
= check_output('ip l2tp show session tid 10 session_id 15')
2407 self
.assertRegex(output
, "Session 15 in tunnel 10")
2408 self
.assertRegex(output
, "Peer session 16, tunnel 11")
2409 self
.assertRegex(output
, "interface name: l2tp-ses1")
2411 output
= check_output('ip l2tp show session tid 10 session_id 17')
2413 self
.assertRegex(output
, "Session 17 in tunnel 10")
2414 self
.assertRegex(output
, "Peer session 18, tunnel 11")
2415 self
.assertRegex(output
, "interface name: l2tp-ses2")
2417 @expectedFailureIfModuleIsNotAvailable('l2tp_eth', 'l2tp_ip', 'l2tp_netlink')
2418 def test_l2tp_ip(self
):
2419 copy_network_unit('11-dummy.netdev', '25-l2tp-dummy.network',
2420 '25-l2tp-ip.netdev', '25-l2tp.network')
2423 self
.wait_online(['test1:routable', 'l2tp-ses3:degraded', 'l2tp-ses4:degraded'])
2425 output
= check_output('ip l2tp show tunnel tunnel_id 10')
2427 self
.assertRegex(output
, "Tunnel 10, encap IP")
2428 self
.assertRegex(output
, "From 192.168.30.100 to 192.168.30.101")
2429 self
.assertRegex(output
, "Peer tunnel 12")
2431 output
= check_output('ip l2tp show session tid 10 session_id 25')
2433 self
.assertRegex(output
, "Session 25 in tunnel 10")
2434 self
.assertRegex(output
, "Peer session 26, tunnel 12")
2435 self
.assertRegex(output
, "interface name: l2tp-ses3")
2437 output
= check_output('ip l2tp show session tid 10 session_id 27')
2439 self
.assertRegex(output
, "Session 27 in tunnel 10")
2440 self
.assertRegex(output
, "Peer session 28, tunnel 12")
2441 self
.assertRegex(output
, "interface name: l2tp-ses4")
2443 class NetworkdNetworkTests(unittest
.TestCase
, Utilities
):
2451 def verify_address_static(
2481 output
= check_output('ip address show dev dummy98')
2485 self
.assertIn('inet 10.1.2.3/16 brd 10.1.255.255 scope global dummy98', output
)
2486 self
.assertIn('inet 10.1.2.4/16 brd 10.1.255.255 scope global secondary dummy98', output
)
2487 self
.assertIn('inet 10.2.2.4/16 brd 10.2.255.255 scope global dummy98', output
)
2488 self
.assertIn('inet6 2001:db8:0:f101::15/64 scope global', output
)
2489 self
.assertIn('inet6 2001:db8:0:f101::16/64 scope global', output
)
2490 self
.assertIn('inet6 2001:db8:0:f102::15/64 scope global', output
)
2493 self
.assertIn(f
'inet 10.3.1.1/24 brd 10.3.1.255 scope global {label1}', output
)
2494 self
.assertIn(f
'inet 10.3.2.1/24 brd 10.3.2.255 scope global {label2}', output
)
2495 self
.assertIn(f
'inet 10.3.3.1/24 brd 10.3.3.255 scope global {label3}', output
)
2498 self
.assertIn(f
'inet 10.4.1.1/24{broadcast1} scope global dummy98', output
)
2499 self
.assertIn(f
'inet 10.4.2.1/24{broadcast2} scope global dummy98', output
)
2500 self
.assertIn(f
'inet 10.4.3.1/24{broadcast3} scope global dummy98', output
)
2503 self
.assertIn(f
'inet 10.5.1.1{peer1} scope global dummy98', output
)
2504 self
.assertIn(f
'inet 10.5.2.1{peer2} scope global dummy98', output
)
2505 self
.assertIn(f
'inet 10.5.3.1{peer3} scope global dummy98', output
)
2506 self
.assertIn(f
'inet6 2001:db8:0:f103::1{peer4} scope global', output
)
2507 self
.assertIn(f
'inet6 2001:db8:0:f103::2{peer5} scope global', output
)
2508 self
.assertIn(f
'inet6 2001:db8:0:f103::3{peer6} scope global', output
)
2511 self
.assertIn(f
'inet 10.6.1.1/24 brd 10.6.1.255 scope {scope1} dummy98', output
)
2512 self
.assertIn(f
'inet 10.6.2.1/24 brd 10.6.2.255 scope {scope2} dummy98', output
)
2515 self
.assertIn(f
'inet 10.7.1.1/24 brd 10.7.1.255 scope global{deprecated1} dummy98', output
)
2516 self
.assertIn(f
'inet 10.7.2.1/24 brd 10.7.2.255 scope global{deprecated2} dummy98', output
)
2517 self
.assertIn(f
'inet6 2001:db8:0:f104::1/64 scope global{deprecated3}', output
)
2518 self
.assertIn(f
'inet6 2001:db8:0:f104::2/64 scope global{deprecated4}', output
)
2521 self
.assertRegex(output
, rf
'inet 10.8.1.1/24 (metric {route_metric} |)brd 10.8.1.255 scope global dummy98')
2522 self
.assertRegex(output
, rf
'inet6 2001:db8:0:f105::1/64 (metric {route_metric} |)scope global')
2524 output_route
= check_output('ip -4 route show dev dummy98 10.8.1.0/24')
2526 self
.assertIn(f
'10.8.1.0/24 proto kernel scope link src 10.8.1.1 metric {route_metric}', output_route
)
2528 output_route
= check_output('ip -6 route show dev dummy98 2001:db8:0:f105::/64')
2530 self
.assertIn(f
'2001:db8:0:f105::/64 proto kernel metric {route_metric}', output_route
)
2533 self
.assertIn(f
'inet 10.9.1.1/24 brd 10.9.1.255 scope global{flag1} dummy98', output
)
2534 self
.assertIn(f
'inet 10.9.2.1/24 brd 10.9.2.255 scope global{flag2} dummy98', output
)
2535 self
.assertIn(f
'inet6 2001:db8:0:f106::1/64 scope global{flag3}', output
)
2536 self
.assertIn(f
'inet6 2001:db8:0:f106::2/64 scope global{flag4}', output
)
2539 self
.assertTrue(ip4_null_16
.endswith('.0.1'))
2540 prefix16
= ip4_null_16
[:-len('.0.1')]
2541 self
.assertTrue(ip4_null_24
.endswith('.1'))
2542 prefix24
= ip4_null_24
[:-len('.1')]
2543 self
.assertIn(f
'inet {ip4_null_16}/16 brd {prefix16}.255.255 scope global subnet16', output
)
2544 self
.assertIn(f
'inet {ip4_null_24}/24 brd {prefix24}.255 scope global subnet24', output
)
2545 self
.assertIn(f
'inet6 {ip6_null_73}/73 scope global', output
)
2546 self
.assertIn(f
'inet6 {ip6_null_74}/74 scope global', output
)
2549 self
.assertNotIn('10.4.4.1', output
)
2550 self
.assertNotIn('10.5.4.1', output
)
2551 self
.assertNotIn('10.5.5.1', output
)
2552 self
.assertNotIn('10.8.2.1', output
)
2553 self
.assertNotIn('10.9.3.1', output
)
2554 self
.assertNotIn('2001:db8:0:f101::2', output
)
2555 self
.assertNotIn('2001:db8:0:f103::4', output
)
2558 self
.check_netlabel('dummy98', r
'10\.10\.1\.0/24')
2560 output
= check_output(*networkctl_cmd
, '--json=short', 'status', env
=env
)
2563 def test_address_static(self
):
2564 copy_network_unit('25-address-static.network', '12-dummy.netdev', copy_dropins
=False)
2566 self
.setup_nftset('addr4', 'ipv4_addr')
2567 self
.setup_nftset('network4', 'ipv4_addr', 'flags interval;')
2568 self
.setup_nftset('ifindex', 'iface_index')
2570 self
.wait_online(['dummy98:routable'])
2574 output
= check_output('ip -4 --json address show dev dummy98')
2575 for i
in json
.loads(output
)[0]['addr_info']:
2576 if i
['label'] == 'subnet16':
2577 ip4_null_16
= i
['local']
2578 elif i
['label'] == 'subnet24':
2579 ip4_null_24
= i
['local']
2580 self
.assertTrue(ip4_null_16
.endswith('.0.1'))
2581 self
.assertTrue(ip4_null_24
.endswith('.1'))
2585 output
= check_output('ip -6 --json address show dev dummy98')
2586 for i
in json
.loads(output
)[0]['addr_info']:
2587 if i
['prefixlen'] == 73:
2588 ip6_null_73
= i
['local']
2589 elif i
['prefixlen'] == 74:
2590 ip6_null_74
= i
['local']
2591 self
.assertTrue(ip6_null_73
.endswith(':1'))
2592 self
.assertTrue(ip6_null_74
.endswith(':1'))
2594 self
.verify_address_static(
2599 broadcast2
=' brd 10.4.2.255',
2600 broadcast3
=' brd 10.4.3.63',
2601 peer1
=' peer 10.5.1.101/24',
2602 peer2
=' peer 10.5.2.101/24',
2603 peer3
='/24 brd 10.5.3.255',
2604 peer4
=' peer 2001:db8:0:f103::101/128',
2605 peer5
=' peer 2001:db8:0:f103::102/128',
2610 deprecated2
=' deprecated',
2612 deprecated4
=' deprecated',
2614 flag1
=' noprefixroute',
2616 flag3
=' noprefixroute',
2617 flag4
=' home mngtmpaddr',
2618 ip4_null_16
=ip4_null_16
,
2619 ip4_null_24
=ip4_null_24
,
2620 ip6_null_73
=ip6_null_73
,
2621 ip6_null_74
=ip6_null_74
,
2624 # FIXME: re-enable once https://github.com/systemd/systemd/issues/30427 is resolved
2625 #self.check_nftset('addr4', r'10\.10\.1\.1')
2626 #self.check_nftset('network4', r'10\.10\.1\.0/24')
2627 #self.check_nftset('ifindex', 'dummy98')
2629 self
.teardown_nftset('addr4', 'network4', 'ifindex')
2631 copy_network_unit('25-address-static.network.d/10-override.conf')
2633 self
.wait_online(['dummy98:routable'])
2634 self
.verify_address_static(
2635 label1
='new-label1',
2637 label3
='new-label3',
2638 broadcast1
=' brd 10.4.1.255',
2640 broadcast3
=' brd 10.4.3.31',
2641 peer1
=' peer 10.5.1.102/24',
2642 peer2
='/24 brd 10.5.2.255',
2643 peer3
=' peer 10.5.3.102/24',
2644 peer4
=' peer 2001:db8:0:f103::201/128',
2646 peer6
=' peer 2001:db8:0:f103::203/128',
2649 deprecated1
=' deprecated',
2651 deprecated3
=' deprecated',
2655 flag2
=' noprefixroute',
2656 flag3
=' home mngtmpaddr',
2657 flag4
=' noprefixroute',
2658 ip4_null_16
=ip4_null_16
,
2659 ip4_null_24
=ip4_null_24
,
2660 ip6_null_73
=ip6_null_73
,
2661 ip6_null_74
=ip6_null_74
,
2664 networkctl_reconfigure('dummy98')
2665 self
.wait_online(['dummy98:routable'])
2666 self
.verify_address_static(
2667 label1
='new-label1',
2669 label3
='new-label3',
2670 broadcast1
=' brd 10.4.1.255',
2672 broadcast3
=' brd 10.4.3.31',
2673 peer1
=' peer 10.5.1.102/24',
2674 peer2
='/24 brd 10.5.2.255',
2675 peer3
=' peer 10.5.3.102/24',
2676 peer4
=' peer 2001:db8:0:f103::201/128',
2678 peer6
=' peer 2001:db8:0:f103::203/128',
2681 deprecated1
=' deprecated',
2683 deprecated3
=' deprecated',
2687 flag2
=' noprefixroute',
2688 flag3
=' home mngtmpaddr',
2689 flag4
=' noprefixroute',
2690 ip4_null_16
=ip4_null_16
,
2691 ip4_null_24
=ip4_null_24
,
2692 ip6_null_73
=ip6_null_73
,
2693 ip6_null_74
=ip6_null_74
,
2697 # 1. set preferred lifetime forever to drop the deprecated flag for testing #20891.
2698 check_output('ip address change 10.7.1.1/24 dev dummy98 preferred_lft forever')
2699 check_output('ip address change 2001:db8:0:f104::1/64 dev dummy98 preferred_lft forever')
2700 output
= check_output('ip address show dev dummy98')
2702 self
.assertNotRegex(output
, '10.7.1.1/24 .* deprecated')
2703 self
.assertNotRegex(output
, '2001:db8:0:f104::1/64 .* deprecated')
2705 # 2. reconfigure the interface, and check the deprecated flag is set again
2706 networkctl_reconfigure('dummy98')
2707 self
.wait_online(['dummy98:routable'])
2708 self
.verify_address_static(
2709 label1
='new-label1',
2711 label3
='new-label3',
2712 broadcast1
=' brd 10.4.1.255',
2714 broadcast3
=' brd 10.4.3.31',
2715 peer1
=' peer 10.5.1.102/24',
2716 peer2
='/24 brd 10.5.2.255',
2717 peer3
=' peer 10.5.3.102/24',
2718 peer4
=' peer 2001:db8:0:f103::201/128',
2720 peer6
=' peer 2001:db8:0:f103::203/128',
2723 deprecated1
=' deprecated',
2725 deprecated3
=' deprecated',
2729 flag2
=' noprefixroute',
2730 flag3
=' home mngtmpaddr',
2731 flag4
=' noprefixroute',
2732 ip4_null_16
=ip4_null_16
,
2733 ip4_null_24
=ip4_null_24
,
2734 ip6_null_73
=ip6_null_73
,
2735 ip6_null_74
=ip6_null_74
,
2738 # test for ENOBUFS issue #17012 (with reload)
2739 copy_network_unit('25-address-static.network.d/10-many-address.conf')
2741 self
.wait_online(['dummy98:routable'])
2742 output
= check_output('ip -4 address show dev dummy98')
2743 for i
in range(1, 254):
2744 self
.assertIn(f
'inet 10.3.3.{i}/16 brd 10.3.255.255', output
)
2746 # (with reconfigure)
2747 networkctl_reconfigure('dummy98')
2748 self
.wait_online(['dummy98:routable'])
2749 output
= check_output('ip -4 address show dev dummy98')
2750 for i
in range(1, 254):
2751 self
.assertIn(f
'inet 10.3.3.{i}/16 brd 10.3.255.255', output
)
2753 def test_address_ipv4acd(self
):
2754 check_output('ip netns add ns99')
2755 check_output('ip link add veth99 type veth peer veth-peer')
2756 check_output('ip link set veth-peer netns ns99')
2757 check_output('ip link set veth99 up')
2758 check_output('ip netns exec ns99 ip link set veth-peer up')
2759 check_output('ip netns exec ns99 ip address add 192.168.100.10/24 dev veth-peer')
2761 copy_network_unit('25-address-ipv4acd-veth99.network', copy_dropins
=False)
2763 self
.wait_online(['veth99:routable'])
2765 output
= check_output('ip -4 address show dev veth99')
2767 self
.assertNotIn('192.168.100.10/24', output
)
2768 self
.assertIn('192.168.100.11/24', output
)
2770 copy_network_unit('25-address-ipv4acd-veth99.network.d/conflict-address.conf')
2772 self
.wait_operstate('veth99', operstate
='routable', setup_state
='configuring', setup_timeout
=10)
2774 output
= check_output('ip -4 address show dev veth99')
2776 self
.assertNotIn('192.168.100.10/24', output
)
2777 self
.assertIn('192.168.100.11/24', output
)
2779 def test_address_peer_ipv4(self
):
2780 # test for issue #17304
2781 copy_network_unit('25-address-peer-ipv4.network', '12-dummy.netdev')
2783 for trial
in range(2):
2789 self
.wait_online(['dummy98:routable'])
2791 output
= check_output('ip -4 address show dev dummy98')
2792 self
.assertIn('inet 100.64.0.1 peer 100.64.0.2/32 scope global', output
)
2794 @expectedFailureIfModuleIsNotAvailable('vrf')
2795 def test_prefix_route(self
):
2796 copy_network_unit('25-prefix-route-with-vrf.network', '12-dummy.netdev',
2797 '25-prefix-route-without-vrf.network', '11-dummy.netdev',
2798 '25-vrf.netdev', '25-vrf.network')
2799 for trial
in range(2):
2805 self
.wait_online(['dummy98:routable', 'test1:routable', 'vrf99:carrier'])
2807 output
= check_output('ip route show table 42 dev dummy98')
2808 print('### ip route show table 42 dev dummy98')
2810 self
.assertRegex(output
, 'local 10.20.22.1 proto kernel scope host src 10.20.22.1')
2811 self
.assertRegex(output
, '10.20.33.0/24 proto kernel scope link src 10.20.33.1')
2812 self
.assertRegex(output
, 'local 10.20.33.1 proto kernel scope host src 10.20.33.1')
2813 self
.assertRegex(output
, 'broadcast 10.20.33.255 proto kernel scope link src 10.20.33.1')
2814 self
.assertRegex(output
, 'local 10.20.44.1 proto kernel scope host src 10.20.44.1')
2815 self
.assertRegex(output
, 'local 10.20.55.1 proto kernel scope host src 10.20.55.1')
2816 self
.assertRegex(output
, 'broadcast 10.20.55.255 proto kernel scope link src 10.20.55.1')
2817 output
= check_output('ip -6 route show table 42 dev dummy98')
2818 print('### ip -6 route show table 42 dev dummy98')
2822 self
.assertRegex(output
, 'local fdde:11:22::1 proto kernel metric 0 pref medium')
2823 #self.assertRegex(output, 'fdde:11:22::1 proto kernel metric 256 pref medium')
2824 self
.assertRegex(output
, 'local fdde:11:33::1 proto kernel metric 0 pref medium')
2825 self
.assertRegex(output
, 'fdde:11:33::/64 proto kernel metric 256 pref medium')
2826 self
.assertRegex(output
, 'local fdde:11:44::1 proto kernel metric 0 pref medium')
2827 self
.assertRegex(output
, 'local fdde:11:55::1 proto kernel metric 0 pref medium')
2828 self
.assertRegex(output
, 'fe80::/64 proto kernel metric 256 pref medium')
2829 self
.assertRegex(output
, 'ff00::/8 (proto kernel )?metric 256 (linkdown )?pref medium')
2833 output
= check_output('ip route show dev test1')
2834 print('### ip route show dev test1')
2836 self
.assertRegex(output
, '10.21.33.0/24 proto kernel scope link src 10.21.33.1')
2837 output
= check_output('ip route show table local dev test1')
2838 print('### ip route show table local dev test1')
2840 self
.assertRegex(output
, 'local 10.21.22.1 proto kernel scope host src 10.21.22.1')
2841 self
.assertRegex(output
, 'local 10.21.33.1 proto kernel scope host src 10.21.33.1')
2842 self
.assertRegex(output
, 'broadcast 10.21.33.255 proto kernel scope link src 10.21.33.1')
2843 self
.assertRegex(output
, 'local 10.21.44.1 proto kernel scope host src 10.21.44.1')
2844 self
.assertRegex(output
, 'local 10.21.55.1 proto kernel scope host src 10.21.55.1')
2845 self
.assertRegex(output
, 'broadcast 10.21.55.255 proto kernel scope link src 10.21.55.1')
2846 output
= check_output('ip -6 route show dev test1')
2847 print('### ip -6 route show dev test1')
2849 self
.assertRegex(output
, 'fdde:12:22::1 proto kernel metric 256 pref medium')
2850 self
.assertRegex(output
, 'fdde:12:33::/64 proto kernel metric 256 pref medium')
2851 self
.assertRegex(output
, 'fe80::/64 proto kernel metric 256 pref medium')
2852 output
= check_output('ip -6 route show table local dev test1')
2853 print('### ip -6 route show table local dev test1')
2855 self
.assertRegex(output
, 'local fdde:12:22::1 proto kernel metric 0 pref medium')
2856 self
.assertRegex(output
, 'local fdde:12:33::1 proto kernel metric 0 pref medium')
2857 self
.assertRegex(output
, 'local fdde:12:44::1 proto kernel metric 0 pref medium')
2858 self
.assertRegex(output
, 'local fdde:12:55::1 proto kernel metric 0 pref medium')
2859 self
.assertRegex(output
, 'ff00::/8 (proto kernel )?metric 256 (linkdown )?pref medium')
2861 def test_configure_without_carrier(self
):
2862 copy_network_unit('11-dummy.netdev')
2864 self
.wait_operstate('test1', 'off', '')
2865 check_output('ip link set dev test1 up carrier off')
2867 copy_network_unit('25-test1.network.d/configure-without-carrier.conf', copy_dropins
=False)
2869 self
.wait_online(['test1:no-carrier'])
2871 carrier_map
= {'on': '1', 'off': '0'}
2872 routable_map
= {'on': 'routable', 'off': 'no-carrier'}
2873 for carrier
in ['off', 'on', 'off']:
2874 with self
.subTest(carrier
=carrier
):
2875 if carrier_map
[carrier
] != read_link_attr('test1', 'carrier'):
2876 check_output(f
'ip link set dev test1 carrier {carrier}')
2877 self
.wait_online([f
'test1:{routable_map[carrier]}:{routable_map[carrier]}'])
2879 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'test1', env
=env
)
2881 self
.assertRegex(output
, '192.168.0.15')
2882 self
.assertRegex(output
, '192.168.0.1')
2883 self
.assertRegex(output
, routable_map
[carrier
])
2885 def test_configure_without_carrier_yes_ignore_carrier_loss_no(self
):
2886 copy_network_unit('11-dummy.netdev')
2888 self
.wait_operstate('test1', 'off', '')
2889 check_output('ip link set dev test1 up carrier off')
2891 copy_network_unit('25-test1.network')
2893 self
.wait_online(['test1:no-carrier'])
2895 carrier_map
= {'on': '1', 'off': '0'}
2896 routable_map
= {'on': 'routable', 'off': 'no-carrier'}
2897 for (carrier
, have_config
) in [('off', True), ('on', True), ('off', False)]:
2898 with self
.subTest(carrier
=carrier
, have_config
=have_config
):
2899 if carrier_map
[carrier
] != read_link_attr('test1', 'carrier'):
2900 check_output(f
'ip link set dev test1 carrier {carrier}')
2901 self
.wait_online([f
'test1:{routable_map[carrier]}:{routable_map[carrier]}'])
2903 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'test1', env
=env
)
2906 self
.assertRegex(output
, '192.168.0.15')
2907 self
.assertRegex(output
, '192.168.0.1')
2909 self
.assertNotRegex(output
, '192.168.0.15')
2910 self
.assertNotRegex(output
, '192.168.0.1')
2911 self
.assertRegex(output
, routable_map
[carrier
])
2913 def test_routing_policy_rule(self
):
2914 copy_network_unit('25-routing-policy-rule-test1.network', '11-dummy.netdev')
2916 self
.wait_online(['test1:degraded'])
2918 output
= check_output('ip rule list iif test1 priority 111')
2920 self
.assertRegex(output
, '111:')
2921 self
.assertRegex(output
, 'from 192.168.100.18')
2922 self
.assertRegex(output
, r
'tos (0x08|throughput)\s')
2923 self
.assertRegex(output
, 'iif test1')
2924 self
.assertRegex(output
, 'oif test1')
2925 self
.assertRegex(output
, 'lookup 7')
2927 output
= check_output('ip rule list iif test1 priority 101')
2929 self
.assertRegex(output
, '101:')
2930 self
.assertRegex(output
, 'from all')
2931 self
.assertRegex(output
, 'iif test1')
2932 self
.assertRegex(output
, 'lookup 9')
2934 output
= check_output('ip -6 rule list iif test1 priority 100')
2936 self
.assertRegex(output
, '100:')
2937 self
.assertRegex(output
, 'from all')
2938 self
.assertRegex(output
, 'iif test1')
2939 self
.assertRegex(output
, 'lookup 8')
2941 output
= check_output('ip rule list iif test1 priority 102')
2943 self
.assertRegex(output
, '102:')
2944 self
.assertRegex(output
, 'from 0.0.0.0/8')
2945 self
.assertRegex(output
, 'iif test1')
2946 self
.assertRegex(output
, 'lookup 10')
2948 output
= check_output(*networkctl_cmd
, '--json=short', 'status', env
=env
)
2951 def test_routing_policy_rule_issue_11280(self
):
2952 copy_network_unit('25-routing-policy-rule-test1.network', '11-dummy.netdev',
2953 '25-routing-policy-rule-dummy98.network', '12-dummy.netdev')
2955 for trial
in range(3):
2956 restart_networkd(show_logs
=(trial
> 0))
2957 self
.wait_online(['test1:degraded', 'dummy98:degraded'])
2959 output
= check_output('ip rule list table 7')
2961 self
.assertRegex(output
, '111: from 192.168.100.18 tos (0x08|throughput) iif test1 oif test1 lookup 7')
2963 output
= check_output('ip rule list table 8')
2965 self
.assertRegex(output
, '112: from 192.168.101.18 tos (0x08|throughput) iif dummy98 oif dummy98 lookup 8')
2967 def test_routing_policy_rule_reconfigure(self
):
2968 copy_network_unit('25-routing-policy-rule-reconfigure2.network', '11-dummy.netdev')
2970 self
.wait_online(['test1:degraded'])
2972 output
= check_output('ip rule list table 1011')
2974 self
.assertIn('10111: from all fwmark 0x3f3 lookup 1011', output
)
2975 self
.assertIn('10112: from all oif test1 lookup 1011', output
)
2976 self
.assertIn('10113: from all iif test1 lookup 1011', output
)
2977 self
.assertIn('10114: from 192.168.8.254 lookup 1011', output
)
2979 output
= check_output('ip -6 rule list table 1011')
2981 self
.assertIn('10112: from all oif test1 lookup 1011', output
)
2983 copy_network_unit('25-routing-policy-rule-reconfigure1.network', '11-dummy.netdev')
2985 self
.wait_online(['test1:degraded'])
2987 output
= check_output('ip rule list table 1011')
2989 self
.assertIn('10111: from all fwmark 0x3f3 lookup 1011', output
)
2990 self
.assertIn('10112: from all oif test1 lookup 1011', output
)
2991 self
.assertIn('10113: from all iif test1 lookup 1011', output
)
2992 self
.assertIn('10114: from 192.168.8.254 lookup 1011', output
)
2994 output
= check_output('ip -6 rule list table 1011')
2996 self
.assertNotIn('10112: from all oif test1 lookup 1011', output
)
2997 self
.assertIn('10113: from all iif test1 lookup 1011', output
)
2999 call('ip rule delete priority 10111')
3000 call('ip rule delete priority 10112')
3001 call('ip rule delete priority 10113')
3002 call('ip rule delete priority 10114')
3003 call('ip -6 rule delete priority 10113')
3005 output
= check_output('ip rule list table 1011')
3007 self
.assertEqual(output
, '')
3009 output
= check_output('ip -6 rule list table 1011')
3011 self
.assertEqual(output
, '')
3013 networkctl_reconfigure('test1')
3014 self
.wait_online(['test1:degraded'])
3016 output
= check_output('ip rule list table 1011')
3018 self
.assertIn('10111: from all fwmark 0x3f3 lookup 1011', output
)
3019 self
.assertIn('10112: from all oif test1 lookup 1011', output
)
3020 self
.assertIn('10113: from all iif test1 lookup 1011', output
)
3021 self
.assertIn('10114: from 192.168.8.254 lookup 1011', output
)
3023 output
= check_output('ip -6 rule list table 1011')
3025 self
.assertIn('10113: from all iif test1 lookup 1011', output
)
3027 @expectedFailureIfRoutingPolicyPortRangeIsNotAvailable()
3028 def test_routing_policy_rule_port_range(self
):
3029 copy_network_unit('25-fibrule-port-range.network', '11-dummy.netdev')
3031 self
.wait_online(['test1:degraded'])
3033 output
= check_output('ip rule')
3035 self
.assertRegex(output
, '111')
3036 self
.assertRegex(output
, 'from 192.168.100.18')
3037 self
.assertRegex(output
, '1123-1150')
3038 self
.assertRegex(output
, '3224-3290')
3039 self
.assertRegex(output
, 'tcp')
3040 self
.assertRegex(output
, 'lookup 7')
3042 @expectedFailureIfRoutingPolicyIPProtoIsNotAvailable()
3043 def test_routing_policy_rule_invert(self
):
3044 copy_network_unit('25-fibrule-invert.network', '11-dummy.netdev')
3046 self
.wait_online(['test1:degraded'])
3048 output
= check_output('ip rule')
3050 self
.assertRegex(output
, '111')
3051 self
.assertRegex(output
, 'not.*?from.*?192.168.100.18')
3052 self
.assertRegex(output
, 'tcp')
3053 self
.assertRegex(output
, 'lookup 7')
3055 @expectedFailureIfRoutingPolicyUIDRangeIsNotAvailable()
3056 def test_routing_policy_rule_uidrange(self
):
3057 copy_network_unit('25-fibrule-uidrange.network', '11-dummy.netdev')
3059 self
.wait_online(['test1:degraded'])
3061 output
= check_output('ip rule')
3063 self
.assertRegex(output
, '111')
3064 self
.assertRegex(output
, 'from 192.168.100.18')
3065 self
.assertRegex(output
, 'lookup 7')
3066 self
.assertRegex(output
, 'uidrange 100-200')
3068 def _test_route_static(self
, manage_foreign_routes
):
3069 if not manage_foreign_routes
:
3070 copy_networkd_conf_dropin('networkd-manage-foreign-routes-no.conf')
3072 copy_network_unit('25-route-static.network', '12-dummy.netdev',
3073 '25-route-static-test1.network', '11-dummy.netdev')
3075 self
.wait_online(['dummy98:routable'])
3077 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'dummy98', env
=env
)
3080 print('### ip -6 route show dev dummy98')
3081 output
= check_output('ip -6 route show dev dummy98')
3083 self
.assertIn('2001:1234:5:8fff:ff:ff:ff:ff proto static', output
)
3084 self
.assertIn('2001:1234:5:8f63::1 proto kernel', output
)
3085 self
.assertIn('2001:1234:5:afff:ff:ff:ff:ff via fe80:0:222:4dff:ff:ff:ff:ff proto static', output
)
3087 print('### ip -6 route show default')
3088 output
= check_output('ip -6 route show default')
3090 self
.assertIn('default', output
)
3091 self
.assertIn('via 2001:1234:5:8fff:ff:ff:ff:ff', output
)
3093 print('### ip -4 route show dev dummy98')
3094 output
= check_output('ip -4 route show dev dummy98')
3096 self
.assertIn('149.10.124.48/28 proto kernel scope link src 149.10.124.58', output
)
3097 self
.assertIn('149.10.124.64 proto static scope link', output
)
3098 self
.assertIn('169.254.0.0/16 proto static scope link metric 2048', output
)
3099 self
.assertIn('192.168.1.1 proto static scope link initcwnd 20', output
)
3100 self
.assertIn('192.168.1.2 proto static scope link initrwnd 30', output
)
3101 self
.assertIn('192.168.1.3 proto static scope link advmss 30', output
)
3102 self
.assertIn('192.168.1.4 proto static scope link hoplimit 122', output
)
3103 self
.assertIn('multicast 149.10.123.4 proto static', output
)
3105 print('### ip -4 route show dev dummy98 default')
3106 output
= check_output('ip -4 route show dev dummy98 default')
3108 self
.assertIn('default via 149.10.125.65 proto static onlink', output
)
3109 self
.assertIn('default via 149.10.124.64 proto static', output
)
3110 self
.assertIn('default proto static', output
)
3111 self
.assertIn('default via 1.1.8.104 proto static', output
)
3113 print('### ip -4 route show table local dev dummy98')
3114 output
= check_output('ip -4 route show table local dev dummy98')
3116 self
.assertIn('local 149.10.123.1 proto static scope host', output
)
3117 self
.assertIn('anycast 149.10.123.2 proto static scope link', output
)
3118 self
.assertIn('broadcast 149.10.123.3 proto static scope link', output
)
3120 print('### ip -4 route show type blackhole')
3121 output
= check_output('ip -4 route show type blackhole')
3123 self
.assertIn('blackhole 202.54.1.2 proto static', output
)
3125 print('### ip -4 route show type unreachable')
3126 output
= check_output('ip -4 route show type unreachable')
3128 self
.assertIn('unreachable 202.54.1.3 proto static', output
)
3130 print('### ip -4 route show type prohibit')
3131 output
= check_output('ip -4 route show type prohibit')
3133 self
.assertIn('prohibit 202.54.1.4 proto static', output
)
3135 print('### ip -6 route show type blackhole')
3136 output
= check_output('ip -6 route show type blackhole')
3138 self
.assertIn('blackhole 2001:1234:5678::2 dev lo proto static', output
)
3140 print('### ip -6 route show type unreachable')
3141 output
= check_output('ip -6 route show type unreachable')
3143 self
.assertIn('unreachable 2001:1234:5678::3 dev lo proto static', output
)
3145 print('### ip -6 route show type prohibit')
3146 output
= check_output('ip -6 route show type prohibit')
3148 self
.assertIn('prohibit 2001:1234:5678::4 dev lo proto static', output
)
3150 print('### ip route show 192.168.10.1')
3151 output
= check_output('ip route show 192.168.10.1')
3153 self
.assertIn('192.168.10.1 proto static', output
)
3154 self
.assertIn('nexthop via 149.10.123.59 dev test1 weight 20', output
)
3155 self
.assertIn('nexthop via 149.10.123.60 dev test1 weight 30', output
)
3156 self
.assertIn('nexthop via 149.10.124.59 dev dummy98 weight 10', output
)
3157 self
.assertIn('nexthop via 149.10.124.60 dev dummy98 weight 5', output
)
3159 print('### ip route show 192.168.10.2')
3160 output
= check_output('ip route show 192.168.10.2')
3162 # old ip command does not show IPv6 gateways...
3163 self
.assertIn('192.168.10.2 proto static', output
)
3164 self
.assertIn('nexthop', output
)
3165 self
.assertIn('dev test1 weight 20', output
)
3166 self
.assertIn('dev test1 weight 30', output
)
3167 self
.assertIn('dev dummy98 weight 10', output
)
3168 self
.assertIn('dev dummy98 weight 5', output
)
3170 print('### ip -6 route show 2001:1234:5:7fff:ff:ff:ff:ff')
3171 output
= check_output('ip -6 route show 2001:1234:5:7fff:ff:ff:ff:ff')
3173 # old ip command does not show 'nexthop' keyword and weight...
3174 self
.assertIn('2001:1234:5:7fff:ff:ff:ff:ff', output
)
3175 self
.assertIn('via 2001:1234:5:6fff:ff:ff:ff:ff dev test1', output
)
3176 self
.assertIn('via 2001:1234:5:7fff:ff:ff:ff:ff dev test1', output
)
3177 self
.assertIn('via 2001:1234:5:8fff:ff:ff:ff:ff dev dummy98', output
)
3178 self
.assertIn('via 2001:1234:5:9fff:ff:ff:ff:ff dev dummy98', output
)
3180 output
= check_output(*networkctl_cmd
, '--json=short', 'status', env
=env
)
3183 copy_network_unit('25-address-static.network')
3185 self
.wait_online(['dummy98:routable'])
3187 # check all routes managed by Manager are removed
3188 print('### ip -4 route show type blackhole')
3189 output
= check_output('ip -4 route show type blackhole')
3191 self
.assertEqual(output
, '')
3193 print('### ip -4 route show type unreachable')
3194 output
= check_output('ip -4 route show type unreachable')
3196 self
.assertEqual(output
, '')
3198 print('### ip -4 route show type prohibit')
3199 output
= check_output('ip -4 route show type prohibit')
3201 self
.assertEqual(output
, '')
3203 print('### ip -6 route show type blackhole')
3204 output
= check_output('ip -6 route show type blackhole')
3206 self
.assertEqual(output
, '')
3208 print('### ip -6 route show type unreachable')
3209 output
= check_output('ip -6 route show type unreachable')
3211 self
.assertEqual(output
, '')
3213 print('### ip -6 route show type prohibit')
3214 output
= check_output('ip -6 route show type prohibit')
3216 self
.assertEqual(output
, '')
3218 remove_network_unit('25-address-static.network')
3220 self
.wait_online(['dummy98:routable'])
3222 # check all routes managed by Manager are reconfigured
3223 print('### ip -4 route show type blackhole')
3224 output
= check_output('ip -4 route show type blackhole')
3226 self
.assertIn('blackhole 202.54.1.2 proto static', output
)
3228 print('### ip -4 route show type unreachable')
3229 output
= check_output('ip -4 route show type unreachable')
3231 self
.assertIn('unreachable 202.54.1.3 proto static', output
)
3233 print('### ip -4 route show type prohibit')
3234 output
= check_output('ip -4 route show type prohibit')
3236 self
.assertIn('prohibit 202.54.1.4 proto static', output
)
3238 print('### ip -6 route show type blackhole')
3239 output
= check_output('ip -6 route show type blackhole')
3241 self
.assertIn('blackhole 2001:1234:5678::2 dev lo proto static', output
)
3243 print('### ip -6 route show type unreachable')
3244 output
= check_output('ip -6 route show type unreachable')
3246 self
.assertIn('unreachable 2001:1234:5678::3 dev lo proto static', output
)
3248 print('### ip -6 route show type prohibit')
3249 output
= check_output('ip -6 route show type prohibit')
3251 self
.assertIn('prohibit 2001:1234:5678::4 dev lo proto static', output
)
3253 remove_link('dummy98')
3256 # check all routes managed by Manager are removed
3257 print('### ip -4 route show type blackhole')
3258 output
= check_output('ip -4 route show type blackhole')
3260 self
.assertEqual(output
, '')
3262 print('### ip -4 route show type unreachable')
3263 output
= check_output('ip -4 route show type unreachable')
3265 self
.assertEqual(output
, '')
3267 print('### ip -4 route show type prohibit')
3268 output
= check_output('ip -4 route show type prohibit')
3270 self
.assertEqual(output
, '')
3272 print('### ip -6 route show type blackhole')
3273 output
= check_output('ip -6 route show type blackhole')
3275 self
.assertEqual(output
, '')
3277 print('### ip -6 route show type unreachable')
3278 output
= check_output('ip -6 route show type unreachable')
3280 self
.assertEqual(output
, '')
3282 print('### ip -6 route show type prohibit')
3283 output
= check_output('ip -6 route show type prohibit')
3285 self
.assertEqual(output
, '')
3287 def test_route_static(self
):
3289 for manage_foreign_routes
in [True, False]:
3295 print(f
'### test_route_static(manage_foreign_routes={manage_foreign_routes})')
3296 with self
.subTest(manage_foreign_routes
=manage_foreign_routes
):
3297 self
._test
_route
_static
(manage_foreign_routes
)
3299 @expectedFailureIfRTA_VIAIsNotSupported()
3300 def test_route_via_ipv6(self
):
3301 copy_network_unit('25-route-via-ipv6.network', '12-dummy.netdev')
3303 self
.wait_online(['dummy98:routable'])
3305 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'dummy98', env
=env
)
3308 print('### ip -6 route show dev dummy98')
3309 output
= check_output('ip -6 route show dev dummy98')
3311 self
.assertRegex(output
, '2001:1234:5:8fff:ff:ff:ff:ff proto static')
3312 self
.assertRegex(output
, '2001:1234:5:8f63::1 proto kernel')
3314 print('### ip -4 route show dev dummy98')
3315 output
= check_output('ip -4 route show dev dummy98')
3317 self
.assertRegex(output
, '149.10.124.48/28 proto kernel scope link src 149.10.124.58')
3318 self
.assertRegex(output
, '149.10.124.66 via inet6 2001:1234:5:8fff:ff:ff:ff:ff proto static')
3320 @expectedFailureIfModuleIsNotAvailable('tcp_dctcp')
3321 def test_route_congctl(self
):
3322 copy_network_unit('25-route-congctl.network', '12-dummy.netdev')
3324 self
.wait_online(['dummy98:routable'])
3326 print('### ip -6 route show dev dummy98 2001:1234:5:8fff:ff:ff:ff:ff')
3327 output
= check_output('ip -6 route show dev dummy98 2001:1234:5:8fff:ff:ff:ff:ff')
3329 self
.assertIn('2001:1234:5:8fff:ff:ff:ff:ff proto static', output
)
3330 self
.assertIn('congctl dctcp', output
)
3332 print('### ip -4 route show dev dummy98 149.10.124.66')
3333 output
= check_output('ip -4 route show dev dummy98 149.10.124.66')
3335 self
.assertIn('149.10.124.66 proto static', output
)
3336 self
.assertIn('congctl dctcp', output
)
3337 self
.assertIn('rto_min 300s', output
)
3339 @expectedFailureIfModuleIsNotAvailable('vrf')
3340 def test_route_vrf(self
):
3341 copy_network_unit('25-route-vrf.network', '12-dummy.netdev',
3342 '25-vrf.netdev', '25-vrf.network')
3344 self
.wait_online(['dummy98:routable', 'vrf99:carrier'])
3346 output
= check_output('ip route show vrf vrf99')
3348 self
.assertRegex(output
, 'default via 192.168.100.1')
3350 output
= check_output('ip route show')
3352 self
.assertNotRegex(output
, 'default via 192.168.100.1')
3354 def test_gateway_reconfigure(self
):
3355 copy_network_unit('25-gateway-static.network', '12-dummy.netdev')
3357 self
.wait_online(['dummy98:routable'])
3358 print('### ip -4 route show dev dummy98 default')
3359 output
= check_output('ip -4 route show dev dummy98 default')
3361 self
.assertIn('default via 149.10.124.59 proto static', output
)
3362 self
.assertNotIn('149.10.124.60', output
)
3364 remove_network_unit('25-gateway-static.network')
3365 copy_network_unit('25-gateway-next-static.network')
3367 self
.wait_online(['dummy98:routable'])
3368 print('### ip -4 route show dev dummy98 default')
3369 output
= check_output('ip -4 route show dev dummy98 default')
3371 self
.assertNotIn('149.10.124.59', output
)
3372 self
.assertIn('default via 149.10.124.60 proto static', output
)
3374 def test_ip_route_ipv6_src_route(self
):
3375 # a dummy device does not make the addresses go through tentative state, so we
3376 # reuse a bond from an earlier test, which does make the addresses go through
3377 # tentative state, and do our test on that
3378 copy_network_unit('23-active-slave.network', '25-route-ipv6-src.network', '25-bond-active-backup-slave.netdev', '12-dummy.netdev')
3380 self
.wait_online(['dummy98:enslaved', 'bond199:routable'])
3382 output
= check_output('ip -6 route list dev bond199')
3384 self
.assertIn('abcd::/16 via 2001:1234:56:8f63::1:1 proto static src 2001:1234:56:8f63::2', output
)
3386 def test_route_preferred_source_with_existing_address(self
):
3388 copy_network_unit('25-route-preferred-source.network', '12-dummy.netdev')
3393 networkctl_reconfigure('dummy98')
3395 self
.wait_online(['dummy98:routable'])
3397 output
= check_output('ip -6 route list dev dummy98')
3399 self
.assertIn('abcd::/16 via 2001:1234:56:8f63::1:1 proto static src 2001:1234:56:8f63::1', output
)
3401 def test_ip_link_mac_address(self
):
3402 copy_network_unit('25-address-link-section.network', '12-dummy.netdev')
3404 self
.wait_online(['dummy98:degraded'])
3406 output
= check_output('ip link show dummy98')
3408 self
.assertRegex(output
, '00:01:02:aa:bb:cc')
3410 def test_ip_link_unmanaged(self
):
3411 copy_network_unit('25-link-section-unmanaged.network', '12-dummy.netdev')
3414 self
.wait_operstate('dummy98', 'off', setup_state
='unmanaged')
3416 def test_ipv6_address_label(self
):
3417 copy_network_unit('25-ipv6-address-label-section.network', '12-dummy.netdev')
3419 self
.wait_online(['dummy98:degraded'])
3421 output
= check_output('ip addrlabel list')
3423 self
.assertRegex(output
, '2004:da8:1::/64')
3425 def test_ipv6_proxy_ndp(self
):
3426 copy_network_unit('25-ipv6-proxy-ndp.network', '12-dummy.netdev')
3429 self
.wait_online(['dummy98:routable'])
3431 output
= check_output('ip neighbor show proxy dev dummy98')
3433 for i
in range(1, 5):
3434 self
.assertRegex(output
, f
'2607:5300:203:5215:{i}::1 *proxy')
3436 def test_neighbor_section(self
):
3437 copy_network_unit('25-neighbor-section.network', '12-dummy.netdev', copy_dropins
=False)
3439 self
.wait_online(['dummy98:degraded'])
3441 print('### ip neigh list dev dummy98')
3442 output
= check_output('ip neigh list dev dummy98')
3444 self
.assertIn('192.168.10.1 lladdr 00:00:5e:00:02:65 PERMANENT', output
)
3445 self
.assertIn('2004:da8:1::1 lladdr 00:00:5e:00:02:66 PERMANENT', output
)
3446 self
.assertNotIn('2004:da8:1:0::2', output
)
3447 self
.assertNotIn('192.168.10.2', output
)
3448 self
.assertNotIn('00:00:5e:00:02:67', output
)
3450 output
= check_output(*networkctl_cmd
, '--json=short', 'status', env
=env
)
3453 copy_network_unit('25-neighbor-section.network.d/override.conf')
3455 self
.wait_online(['dummy98:degraded'])
3457 print('### ip neigh list dev dummy98 (after reloading)')
3458 output
= check_output('ip neigh list dev dummy98')
3460 self
.assertIn('192.168.10.1 lladdr 00:00:5e:00:03:65 PERMANENT', output
)
3461 self
.assertIn('2004:da8:1::1 lladdr 00:00:5e:00:03:66 PERMANENT', output
)
3462 self
.assertNotIn('2004:da8:1:0::2', output
)
3463 self
.assertNotIn('192.168.10.2', output
)
3464 self
.assertNotIn('00:00:5e:00:02', output
)
3466 def test_neighbor_reconfigure(self
):
3467 copy_network_unit('25-neighbor-section.network', '12-dummy.netdev', copy_dropins
=False)
3469 self
.wait_online(['dummy98:degraded'])
3471 print('### ip neigh list dev dummy98')
3472 output
= check_output('ip neigh list dev dummy98')
3474 self
.assertIn('192.168.10.1 lladdr 00:00:5e:00:02:65 PERMANENT', output
)
3475 self
.assertIn('2004:da8:1::1 lladdr 00:00:5e:00:02:66 PERMANENT', output
)
3477 remove_network_unit('25-neighbor-section.network')
3478 copy_network_unit('25-neighbor-next.network')
3480 self
.wait_online(['dummy98:degraded'])
3481 print('### ip neigh list dev dummy98')
3482 output
= check_output('ip neigh list dev dummy98')
3484 self
.assertNotIn('00:00:5e:00:02:65', output
)
3485 self
.assertIn('192.168.10.1 lladdr 00:00:5e:00:02:66 PERMANENT', output
)
3486 self
.assertNotIn('2004:da8:1::1', output
)
3488 def test_neighbor_gre(self
):
3489 copy_network_unit('25-neighbor-ip.network', '25-neighbor-ipv6.network', '25-neighbor-ip-dummy.network',
3490 '12-dummy.netdev', '25-gre-tunnel-remote-any.netdev', '25-ip6gre-tunnel-remote-any.netdev')
3492 self
.wait_online(['dummy98:degraded', 'gretun97:routable', 'ip6gretun97:routable'], timeout
='40s')
3494 output
= check_output('ip neigh list dev gretun97')
3496 self
.assertIn('10.0.0.22 lladdr 10.65.223.239 PERMANENT', output
)
3497 self
.assertNotIn('10.0.0.23', output
)
3499 output
= check_output('ip neigh list dev ip6gretun97')
3501 self
.assertRegex(output
, '2001:db8:0:f102::17 lladdr 2a:?00:ff:?de:45:?67:ed:?de:[0:]*:49:?88 PERMANENT')
3502 self
.assertNotIn('2001:db8:0:f102::18', output
)
3504 output
= check_output(*networkctl_cmd
, '--json=short', 'status', env
=env
)
3507 def test_link_local_addressing(self
):
3508 copy_network_unit('25-link-local-addressing-yes.network', '11-dummy.netdev',
3509 '25-link-local-addressing-no.network', '12-dummy.netdev')
3511 self
.wait_online(['test1:degraded', 'dummy98:carrier'])
3513 output
= check_output('ip address show dev test1')
3515 self
.assertRegex(output
, 'inet .* scope link')
3516 self
.assertRegex(output
, 'inet6 .* scope link')
3518 output
= check_output('ip address show dev dummy98')
3520 self
.assertNotRegex(output
, 'inet6* .* scope link')
3522 # Documentation/networking/ip-sysctl.txt
3524 # addr_gen_mode - INTEGER
3525 # Defines how link-local and autoconf addresses are generated.
3527 # 0: generate address based on EUI64 (default)
3528 # 1: do no generate a link-local address, use EUI64 for addresses generated
3530 # 2: generate stable privacy addresses, using the secret from
3531 # stable_secret (RFC7217)
3532 # 3: generate stable privacy addresses, using a random secret if unset
3534 self
.check_ipv6_sysctl_attr('test1', 'stable_secret', '0123:4567:89ab:cdef:0123:4567:89ab:cdef')
3535 self
.check_ipv6_sysctl_attr('test1', 'addr_gen_mode', '2')
3536 self
.check_ipv6_sysctl_attr('dummy98', 'addr_gen_mode', '1')
3538 def test_link_local_addressing_ipv6ll(self
):
3539 copy_network_unit('26-link-local-addressing-ipv6.network', '12-dummy.netdev')
3541 self
.wait_online(['dummy98:degraded'])
3543 # An IPv6LL address exists by default.
3544 output
= check_output('ip address show dev dummy98')
3546 self
.assertRegex(output
, 'inet6 .* scope link')
3548 copy_network_unit('25-link-local-addressing-no.network')
3550 self
.wait_online(['dummy98:carrier'])
3552 # Check if the IPv6LL address is removed.
3553 output
= check_output('ip address show dev dummy98')
3555 self
.assertNotRegex(output
, 'inet6 .* scope link')
3557 remove_network_unit('25-link-local-addressing-no.network')
3559 self
.wait_online(['dummy98:degraded'])
3561 # Check if a new IPv6LL address is assigned.
3562 output
= check_output('ip address show dev dummy98')
3564 self
.assertRegex(output
, 'inet6 .* scope link')
3566 @unittest.skip("Re-enable once https://github.com/systemd/systemd/issues/30056 is resolved")
3567 def test_sysctl(self
):
3568 copy_networkd_conf_dropin('25-global-ipv6-privacy-extensions.conf')
3569 copy_network_unit('25-sysctl.network', '12-dummy.netdev', copy_dropins
=False)
3571 self
.wait_online(['dummy98:degraded'])
3573 self
.check_ipv6_sysctl_attr('dummy98', 'forwarding', '1')
3574 self
.check_ipv6_sysctl_attr('dummy98', 'use_tempaddr', '1')
3575 self
.check_ipv6_sysctl_attr('dummy98', 'dad_transmits', '3')
3576 self
.check_ipv6_sysctl_attr('dummy98', 'hop_limit', '5')
3577 self
.check_ipv6_sysctl_attr('dummy98', 'proxy_ndp', '1')
3578 self
.check_ipv4_sysctl_attr('dummy98', 'forwarding', '1')
3579 self
.check_ipv4_sysctl_attr('dummy98', 'proxy_arp', '1')
3580 self
.check_ipv4_sysctl_attr('dummy98', 'accept_local', '1')
3581 self
.check_ipv4_sysctl_attr('dummy98', 'rp_filter', '0')
3583 copy_network_unit('25-sysctl.network.d/25-ipv6-privacy-extensions.conf')
3585 self
.wait_online(['dummy98:degraded'])
3587 self
.check_ipv6_sysctl_attr('dummy98', 'use_tempaddr', '2')
3589 def test_sysctl_disable_ipv6(self
):
3590 copy_network_unit('25-sysctl-disable-ipv6.network', '12-dummy.netdev')
3592 print('## Disable ipv6')
3593 check_output('sysctl net.ipv6.conf.all.disable_ipv6=1')
3594 check_output('sysctl net.ipv6.conf.default.disable_ipv6=1')
3597 self
.wait_online(['dummy98:routable'])
3599 output
= check_output('ip -4 address show dummy98')
3601 self
.assertRegex(output
, 'inet 10.2.3.4/16 brd 10.2.255.255 scope global dummy98')
3602 output
= check_output('ip -6 address show dummy98')
3604 self
.assertRegex(output
, 'inet6 2607:5300:203:3906::/64 scope global')
3605 self
.assertRegex(output
, 'inet6 .* scope link')
3606 output
= check_output('ip -4 route show dev dummy98')
3608 self
.assertRegex(output
, '10.2.0.0/16 proto kernel scope link src 10.2.3.4')
3609 output
= check_output('ip -6 route show default')
3611 self
.assertRegex(output
, 'default')
3612 self
.assertRegex(output
, 'via 2607:5300:203:39ff:ff:ff:ff:ff')
3614 remove_link('dummy98')
3616 print('## Enable ipv6')
3617 check_output('sysctl net.ipv6.conf.all.disable_ipv6=0')
3618 check_output('sysctl net.ipv6.conf.default.disable_ipv6=0')
3621 self
.wait_online(['dummy98:routable'])
3623 output
= check_output('ip -4 address show dummy98')
3625 self
.assertRegex(output
, 'inet 10.2.3.4/16 brd 10.2.255.255 scope global dummy98')
3626 output
= check_output('ip -6 address show dummy98')
3628 self
.assertRegex(output
, 'inet6 2607:5300:203:3906::/64 scope global')
3629 self
.assertRegex(output
, 'inet6 .* scope link')
3630 output
= check_output('ip -4 route show dev dummy98')
3632 self
.assertRegex(output
, '10.2.0.0/16 proto kernel scope link src 10.2.3.4')
3633 output
= check_output('ip -6 route show default')
3635 self
.assertRegex(output
, 'via 2607:5300:203:39ff:ff:ff:ff:ff')
3637 def test_bind_carrier(self
):
3638 copy_network_unit('25-bind-carrier.network', '11-dummy.netdev')
3641 # no bound interface.
3642 self
.wait_operstate('test1', 'off', setup_state
='configuring')
3643 output
= check_output('ip address show test1')
3645 self
.assertNotIn('UP,LOWER_UP', output
)
3646 self
.assertIn('DOWN', output
)
3647 self
.assertNotIn('192.168.10', output
)
3649 # add one bound interface. The interface will be up.
3650 check_output('ip link add dummy98 type dummy')
3651 check_output('ip link set dummy98 up')
3652 self
.wait_online(['test1:routable'])
3653 output
= check_output('ip address show test1')
3655 self
.assertIn('UP,LOWER_UP', output
)
3656 self
.assertIn('inet 192.168.10.30/24 brd 192.168.10.255 scope global test1', output
)
3658 # add another bound interface. The interface is still up.
3659 check_output('ip link add dummy99 type dummy')
3660 check_output('ip link set dummy99 up')
3661 self
.wait_operstate('dummy99', 'degraded', setup_state
='unmanaged')
3662 output
= check_output('ip address show test1')
3664 self
.assertIn('UP,LOWER_UP', output
)
3665 self
.assertIn('inet 192.168.10.30/24 brd 192.168.10.255 scope global test1', output
)
3667 # remove one of the bound interfaces. The interface is still up
3668 remove_link('dummy98')
3669 output
= check_output('ip address show test1')
3671 self
.assertIn('UP,LOWER_UP', output
)
3672 self
.assertIn('inet 192.168.10.30/24 brd 192.168.10.255 scope global test1', output
)
3674 # bring down the remaining bound interface. The interface will be down.
3675 check_output('ip link set dummy99 down')
3676 self
.wait_operstate('test1', 'off')
3677 self
.wait_address_dropped('test1', r
'192.168.10', ipv
='-4', timeout_sec
=10)
3678 output
= check_output('ip address show test1')
3680 self
.assertNotIn('UP,LOWER_UP', output
)
3681 self
.assertIn('DOWN', output
)
3682 self
.assertNotIn('192.168.10', output
)
3684 # bring up the bound interface. The interface will be up.
3685 check_output('ip link set dummy99 up')
3686 self
.wait_online(['test1:routable'])
3687 output
= check_output('ip address show test1')
3689 self
.assertIn('UP,LOWER_UP', output
)
3690 self
.assertIn('inet 192.168.10.30/24 brd 192.168.10.255 scope global test1', output
)
3692 # remove the remaining bound interface. The interface will be down.
3693 remove_link('dummy99')
3694 self
.wait_operstate('test1', 'off')
3695 self
.wait_address_dropped('test1', r
'192.168.10', ipv
='-4', timeout_sec
=10)
3696 output
= check_output('ip address show test1')
3698 self
.assertNotIn('UP,LOWER_UP', output
)
3699 self
.assertIn('DOWN', output
)
3700 self
.assertNotIn('192.168.10', output
)
3702 # re-add one bound interface. The interface will be up.
3703 check_output('ip link add dummy98 type dummy')
3704 check_output('ip link set dummy98 up')
3705 self
.wait_online(['test1:routable'])
3706 output
= check_output('ip address show test1')
3708 self
.assertIn('UP,LOWER_UP', output
)
3709 self
.assertIn('inet 192.168.10.30/24 brd 192.168.10.255 scope global test1', output
)
3711 def _test_activation_policy(self
, interface
, test
):
3712 conffile
= '25-activation-policy.network'
3714 conffile
= f
'{conffile}.d/{test}.conf'
3715 if interface
== 'vlan99':
3716 copy_network_unit('21-vlan.netdev', '21-vlan-test1.network')
3717 copy_network_unit('11-dummy.netdev', conffile
, copy_dropins
=False)
3720 always
= test
.startswith('always')
3721 initial_up
= test
!= 'manual' and not test
.endswith('down') # note: default is up
3722 expect_up
= initial_up
3723 next_up
= not expect_up
3725 if test
.endswith('down'):
3726 self
.wait_activated(interface
)
3728 for iteration
in range(4):
3729 with self
.subTest(iteration
=iteration
, expect_up
=expect_up
):
3730 operstate
= 'routable' if expect_up
else 'off'
3731 setup_state
= 'configured' if expect_up
else ('configuring' if iteration
== 0 else None)
3732 self
.wait_operstate(interface
, operstate
, setup_state
=setup_state
, setup_timeout
=20)
3735 self
.assertIn('UP', check_output(f
'ip link show {interface}'))
3736 self
.assertIn('192.168.10.30/24', check_output(f
'ip address show {interface}'))
3737 self
.assertIn('default via 192.168.10.1', check_output(f
'ip route show dev {interface}'))
3739 self
.assertIn('DOWN', check_output(f
'ip link show {interface}'))
3742 check_output(f
'ip link set dev {interface} up')
3744 check_output(f
'ip link set dev {interface} down')
3745 expect_up
= initial_up
if always
else next_up
3746 next_up
= not next_up
3750 def test_activation_policy(self
):
3752 for interface
in ['test1', 'vlan99']:
3753 for test
in ['up', 'always-up', 'manual', 'always-down', 'down', '']:
3759 print(f
'### test_activation_policy(interface={interface}, test={test})')
3760 with self
.subTest(interface
=interface
, test
=test
):
3761 self
._test
_activation
_policy
(interface
, test
)
3763 def _test_activation_policy_required_for_online(self
, policy
, required
):
3764 conffile
= '25-activation-policy.network'
3765 units
= ['11-dummy.netdev', '12-dummy.netdev', '12-dummy.network', conffile
]
3767 units
+= [f
'{conffile}.d/{policy}.conf']
3769 units
+= [f
'{conffile}.d/required-{required}.conf']
3770 copy_network_unit(*units
, copy_dropins
=False)
3773 if policy
.endswith('down'):
3774 self
.wait_activated('test1')
3776 if policy
.endswith('down') or policy
== 'manual':
3777 self
.wait_operstate('test1', 'off', setup_state
='configuring')
3779 self
.wait_online(['test1'])
3781 if policy
== 'always-down':
3782 # if always-down, required for online is forced to no
3785 # otherwise if required for online is specified, it should match that
3786 expected
= required
== 'yes'
3788 # otherwise if only policy specified, required for online defaults to
3789 # true if policy is up, always-up, or bound
3790 expected
= policy
.endswith('up') or policy
== 'bound'
3792 # default is true, if neither are specified
3795 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'test1', env
=env
)
3798 yesno
= 'yes' if expected
else 'no'
3799 self
.assertRegex(output
, f
'Required For Online: {yesno}')
3801 def test_activation_policy_required_for_online(self
):
3803 for policy
in ['up', 'always-up', 'manual', 'always-down', 'down', 'bound', '']:
3804 for required
in ['yes', 'no', '']:
3810 print(f
'### test_activation_policy_required_for_online(policy={policy}, required={required})')
3811 with self
.subTest(policy
=policy
, required
=required
):
3812 self
._test
_activation
_policy
_required
_for
_online
(policy
, required
)
3814 def test_domain(self
):
3815 copy_network_unit('12-dummy.netdev', '24-search-domain.network')
3817 self
.wait_online(['dummy98:routable'])
3819 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'dummy98', env
=env
)
3821 self
.assertRegex(output
, 'Address: 192.168.42.100')
3822 self
.assertRegex(output
, 'DNS: 192.168.42.1')
3823 self
.assertRegex(output
, 'Search Domains: one')
3825 def test_keep_configuration_static(self
):
3826 check_output('ip link add name dummy98 type dummy')
3827 check_output('ip address add 10.1.2.3/16 dev dummy98')
3828 check_output('ip address add 10.2.3.4/16 dev dummy98 valid_lft 600 preferred_lft 500')
3829 output
= check_output('ip address show dummy98')
3831 self
.assertRegex(output
, 'inet 10.1.2.3/16 scope global dummy98')
3832 self
.assertRegex(output
, 'inet 10.2.3.4/16 scope global dynamic dummy98')
3833 output
= check_output('ip route show dev dummy98')
3836 copy_network_unit('24-keep-configuration-static.network')
3838 self
.wait_online(['dummy98:routable'])
3840 output
= check_output('ip address show dummy98')
3842 self
.assertRegex(output
, 'inet 10.1.2.3/16 scope global dummy98')
3843 self
.assertNotRegex(output
, 'inet 10.2.3.4/16 scope global dynamic dummy98')
3845 @expectedFailureIfNexthopIsNotAvailable()
3846 def test_nexthop(self
):
3847 def check_nexthop(self
):
3848 self
.wait_online(['veth99:routable', 'veth-peer:routable', 'dummy98:routable'])
3850 output
= check_output('ip nexthop list dev veth99')
3852 self
.assertIn('id 1 via 192.168.5.1 dev veth99', output
)
3853 self
.assertIn('id 2 via 2001:1234:5:8f63::2 dev veth99', output
)
3854 self
.assertIn('id 3 dev veth99', output
)
3855 self
.assertIn('id 4 dev veth99', output
)
3856 self
.assertRegex(output
, 'id 5 via 192.168.10.1 dev veth99 .*onlink')
3857 self
.assertIn('id 8 via fe80:0:222:4dff:ff:ff:ff:ff dev veth99', output
)
3858 self
.assertRegex(output
, r
'id [0-9]* via 192.168.5.2 dev veth99')
3860 output
= check_output('ip nexthop list dev dummy98')
3862 self
.assertIn('id 20 via 192.168.20.1 dev dummy98', output
)
3864 # kernel manages blackhole nexthops on lo
3865 output
= check_output('ip nexthop list dev lo')
3867 self
.assertIn('id 6 blackhole', output
)
3868 self
.assertIn('id 7 blackhole', output
)
3870 # group nexthops are shown with -0 option
3871 output
= check_output('ip -0 nexthop list id 21')
3873 self
.assertRegex(output
, r
'id 21 group (1,3/20|20/1,3)')
3875 output
= check_output('ip route show dev veth99 10.10.10.10')
3877 self
.assertEqual('10.10.10.10 nhid 1 via 192.168.5.1 proto static', output
)
3879 output
= check_output('ip route show dev veth99 10.10.10.11')
3881 self
.assertEqual('10.10.10.11 nhid 2 via inet6 2001:1234:5:8f63::2 proto static', output
)
3883 output
= check_output('ip route show dev veth99 10.10.10.12')
3885 self
.assertEqual('10.10.10.12 nhid 5 via 192.168.10.1 proto static onlink', output
)
3887 output
= check_output('ip -6 route show dev veth99 2001:1234:5:8f62::1')
3889 self
.assertEqual('2001:1234:5:8f62::1 nhid 2 via 2001:1234:5:8f63::2 proto static metric 1024 pref medium', output
)
3891 output
= check_output('ip route show 10.10.10.13')
3893 self
.assertEqual('blackhole 10.10.10.13 nhid 6 dev lo proto static', output
)
3895 output
= check_output('ip -6 route show 2001:1234:5:8f62::2')
3897 self
.assertEqual('blackhole 2001:1234:5:8f62::2 nhid 7 dev lo proto static metric 1024 pref medium', output
)
3899 output
= check_output('ip route show 10.10.10.14')
3901 self
.assertIn('10.10.10.14 nhid 21 proto static', output
)
3902 self
.assertIn('nexthop via 192.168.20.1 dev dummy98 weight 1', output
)
3903 self
.assertIn('nexthop via 192.168.5.1 dev veth99 weight 3', output
)
3905 output
= check_output(*networkctl_cmd
, '--json=short', 'status', env
=env
)
3908 copy_network_unit('25-nexthop.network', '25-veth.netdev', '25-veth-peer.network',
3909 '12-dummy.netdev', '25-nexthop-dummy.network')
3914 remove_network_unit('25-nexthop.network')
3915 copy_network_unit('25-nexthop-nothing.network')
3917 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
3919 output
= check_output('ip nexthop list dev veth99')
3921 self
.assertEqual(output
, '')
3922 output
= check_output('ip nexthop list dev lo')
3924 self
.assertEqual(output
, '')
3926 remove_network_unit('25-nexthop-nothing.network')
3927 copy_network_unit('25-nexthop.network')
3928 networkctl_reconfigure('dummy98')
3933 remove_link('veth99')
3936 output
= check_output('ip nexthop list dev lo')
3938 self
.assertEqual(output
, '')
3940 class NetworkdTCTests(unittest
.TestCase
, Utilities
):
3948 @expectedFailureIfModuleIsNotAvailable('sch_cake')
3949 def test_qdisc_cake(self
):
3950 copy_network_unit('25-qdisc-cake.network', '12-dummy.netdev')
3952 self
.wait_online(['dummy98:routable'])
3954 output
= check_output('tc qdisc show dev dummy98')
3956 self
.assertIn('qdisc cake 3a: root', output
)
3957 self
.assertIn('bandwidth 500Mbit', output
)
3958 self
.assertIn('autorate-ingress', output
)
3959 self
.assertIn('diffserv8', output
)
3960 self
.assertIn('dual-dsthost', output
)
3961 self
.assertIn(' nat', output
)
3962 self
.assertIn(' wash', output
)
3963 self
.assertIn(' split-gso', output
)
3964 self
.assertIn(' raw', output
)
3965 self
.assertIn(' atm', output
)
3966 self
.assertIn('overhead 128', output
)
3967 self
.assertIn('mpu 20', output
)
3968 self
.assertIn('fwmark 0xff00', output
)
3969 self
.assertIn('rtt 1s', output
)
3970 self
.assertIn('ack-filter-aggressive', output
)
3972 @expectedFailureIfModuleIsNotAvailable('sch_codel')
3973 def test_qdisc_codel(self
):
3974 copy_network_unit('25-qdisc-codel.network', '12-dummy.netdev')
3976 self
.wait_online(['dummy98:routable'])
3978 output
= check_output('tc qdisc show dev dummy98')
3980 self
.assertRegex(output
, 'qdisc codel 33: root')
3981 self
.assertRegex(output
, 'limit 2000p target 10(.0)?ms ce_threshold 100(.0)?ms interval 50(.0)?ms ecn')
3983 @expectedFailureIfModuleIsNotAvailable('sch_drr')
3984 def test_qdisc_drr(self
):
3985 copy_network_unit('25-qdisc-drr.network', '12-dummy.netdev')
3987 self
.wait_online(['dummy98:routable'])
3989 output
= check_output('tc qdisc show dev dummy98')
3991 self
.assertRegex(output
, 'qdisc drr 2: root')
3992 output
= check_output('tc class show dev dummy98')
3994 self
.assertRegex(output
, 'class drr 2:30 root quantum 2000b')
3996 @expectedFailureIfModuleIsNotAvailable('sch_ets')
3997 def test_qdisc_ets(self
):
3998 copy_network_unit('25-qdisc-ets.network', '12-dummy.netdev')
4000 self
.wait_online(['dummy98:routable'])
4002 output
= check_output('tc qdisc show dev dummy98')
4005 self
.assertRegex(output
, 'qdisc ets 3a: root')
4006 self
.assertRegex(output
, 'bands 10 strict 3')
4007 self
.assertRegex(output
, 'quanta 1 2 3 4 5')
4008 self
.assertRegex(output
, 'priomap 3 4 5 6 7')
4010 @expectedFailureIfModuleIsNotAvailable('sch_fq')
4011 def test_qdisc_fq(self
):
4012 copy_network_unit('25-qdisc-fq.network', '12-dummy.netdev')
4014 self
.wait_online(['dummy98:routable'])
4016 output
= check_output('tc qdisc show dev dummy98')
4018 self
.assertRegex(output
, 'qdisc fq 32: root')
4019 self
.assertRegex(output
, 'limit 1000p flow_limit 200p buckets 512 orphan_mask 511')
4020 self
.assertRegex(output
, 'quantum 1500')
4021 self
.assertRegex(output
, 'initial_quantum 13000')
4022 self
.assertRegex(output
, 'maxrate 1Mbit')
4024 @expectedFailureIfModuleIsNotAvailable('sch_fq_codel')
4025 def test_qdisc_fq_codel(self
):
4026 copy_network_unit('25-qdisc-fq_codel.network', '12-dummy.netdev')
4028 self
.wait_online(['dummy98:routable'])
4030 output
= check_output('tc qdisc show dev dummy98')
4032 self
.assertRegex(output
, 'qdisc fq_codel 34: root')
4033 self
.assertRegex(output
, 'limit 20480p flows 2048 quantum 1400 target 10(.0)?ms ce_threshold 100(.0)?ms interval 200(.0)?ms memory_limit 64Mb ecn')
4035 @expectedFailureIfModuleIsNotAvailable('sch_fq_pie')
4036 def test_qdisc_fq_pie(self
):
4037 copy_network_unit('25-qdisc-fq_pie.network', '12-dummy.netdev')
4039 self
.wait_online(['dummy98:routable'])
4041 output
= check_output('tc qdisc show dev dummy98')
4044 self
.assertRegex(output
, 'qdisc fq_pie 3a: root')
4045 self
.assertRegex(output
, 'limit 200000p')
4047 @expectedFailureIfModuleIsNotAvailable('sch_gred')
4048 def test_qdisc_gred(self
):
4049 copy_network_unit('25-qdisc-gred.network', '12-dummy.netdev')
4051 self
.wait_online(['dummy98:routable'])
4053 output
= check_output('tc qdisc show dev dummy98')
4055 self
.assertRegex(output
, 'qdisc gred 38: root')
4056 self
.assertRegex(output
, 'vqs 12 default 10 grio')
4058 @expectedFailureIfModuleIsNotAvailable('sch_hhf')
4059 def test_qdisc_hhf(self
):
4060 copy_network_unit('25-qdisc-hhf.network', '12-dummy.netdev')
4062 self
.wait_online(['dummy98:routable'])
4064 output
= check_output('tc qdisc show dev dummy98')
4066 self
.assertRegex(output
, 'qdisc hhf 3a: root')
4067 self
.assertRegex(output
, 'limit 1022p')
4069 @expectedFailureIfModuleIsNotAvailable('sch_htb')
4070 def test_qdisc_htb_fifo(self
):
4071 copy_network_unit('25-qdisc-htb-fifo.network', '12-dummy.netdev')
4073 self
.wait_online(['dummy98:routable'])
4075 output
= check_output('tc qdisc show dev dummy98')
4077 self
.assertRegex(output
, 'qdisc htb 2: root')
4078 self
.assertRegex(output
, r
'default (0x30|30)')
4080 self
.assertRegex(output
, 'qdisc pfifo 37: parent 2:37')
4081 self
.assertRegex(output
, 'limit 100000p')
4083 self
.assertRegex(output
, 'qdisc bfifo 3a: parent 2:3a')
4084 self
.assertRegex(output
, 'limit 1000000')
4086 self
.assertRegex(output
, 'qdisc pfifo_head_drop 3b: parent 2:3b')
4087 self
.assertRegex(output
, 'limit 1023p')
4089 self
.assertRegex(output
, 'qdisc pfifo_fast 3c: parent 2:3c')
4091 output
= check_output('tc -d class show dev dummy98')
4093 # Here (:|prio) is a workaround for a bug in iproute2 v6.2.0 caused by
4094 # https://github.com/shemminger/iproute2/commit/010a8388aea11e767ba3a2506728b9ad9760df0e
4095 # which is fixed in v6.3.0 by
4096 # https://github.com/shemminger/iproute2/commit/4e0e56e0ef05387f7f5d8ab41fe6ec6a1897b26d
4097 self
.assertRegex(output
, 'class htb 2:37 root leaf 37(:|prio) ')
4098 self
.assertRegex(output
, 'class htb 2:3a root leaf 3a(:|prio) ')
4099 self
.assertRegex(output
, 'class htb 2:3b root leaf 3b(:|prio) ')
4100 self
.assertRegex(output
, 'class htb 2:3c root leaf 3c(:|prio) ')
4101 self
.assertRegex(output
, 'prio 1 quantum 4000 rate 1Mbit overhead 100 ceil 500Kbit')
4102 self
.assertRegex(output
, 'burst 123456')
4103 self
.assertRegex(output
, 'cburst 123457')
4105 @expectedFailureIfModuleIsNotAvailable('sch_ingress')
4106 def test_qdisc_ingress(self
):
4107 copy_network_unit('25-qdisc-clsact.network', '12-dummy.netdev',
4108 '25-qdisc-ingress.network', '11-dummy.netdev')
4110 self
.wait_online(['dummy98:routable', 'test1:routable'])
4112 output
= check_output('tc qdisc show dev dummy98')
4114 self
.assertRegex(output
, 'qdisc clsact')
4116 output
= check_output('tc qdisc show dev test1')
4118 self
.assertRegex(output
, 'qdisc ingress')
4120 @expectedFailureIfModuleIsNotAvailable('sch_netem')
4121 def test_qdisc_netem(self
):
4122 copy_network_unit('25-qdisc-netem.network', '12-dummy.netdev',
4123 '25-qdisc-netem-compat.network', '11-dummy.netdev')
4125 self
.wait_online(['dummy98:routable', 'test1:routable'])
4127 output
= check_output('tc qdisc show dev dummy98')
4129 self
.assertRegex(output
, 'qdisc netem 30: root')
4130 self
.assertRegex(output
, 'limit 100 delay 50(.0)?ms 10(.0)?ms loss 20%')
4132 output
= check_output('tc qdisc show dev test1')
4134 self
.assertRegex(output
, 'qdisc netem [0-9a-f]*: root')
4135 self
.assertRegex(output
, 'limit 100 delay 50(.0)?ms 10(.0)?ms loss 20%')
4137 @expectedFailureIfModuleIsNotAvailable('sch_pie')
4138 def test_qdisc_pie(self
):
4139 copy_network_unit('25-qdisc-pie.network', '12-dummy.netdev')
4141 self
.wait_online(['dummy98:routable'])
4143 output
= check_output('tc qdisc show dev dummy98')
4145 self
.assertRegex(output
, 'qdisc pie 3a: root')
4146 self
.assertRegex(output
, 'limit 200000')
4148 @expectedFailureIfModuleIsNotAvailable('sch_qfq')
4149 def test_qdisc_qfq(self
):
4150 copy_network_unit('25-qdisc-qfq.network', '12-dummy.netdev')
4152 self
.wait_online(['dummy98:routable'])
4154 output
= check_output('tc qdisc show dev dummy98')
4156 self
.assertRegex(output
, 'qdisc qfq 2: root')
4157 output
= check_output('tc class show dev dummy98')
4159 self
.assertRegex(output
, 'class qfq 2:30 root weight 2 maxpkt 16000')
4160 self
.assertRegex(output
, 'class qfq 2:31 root weight 10 maxpkt 8000')
4162 @expectedFailureIfModuleIsNotAvailable('sch_sfb')
4163 def test_qdisc_sfb(self
):
4164 copy_network_unit('25-qdisc-sfb.network', '12-dummy.netdev')
4166 self
.wait_online(['dummy98:routable'])
4168 output
= check_output('tc qdisc show dev dummy98')
4170 self
.assertRegex(output
, 'qdisc sfb 39: root')
4171 self
.assertRegex(output
, 'limit 200000')
4173 @expectedFailureIfModuleIsNotAvailable('sch_sfq')
4174 def test_qdisc_sfq(self
):
4175 copy_network_unit('25-qdisc-sfq.network', '12-dummy.netdev')
4177 self
.wait_online(['dummy98:routable'])
4179 output
= check_output('tc qdisc show dev dummy98')
4181 self
.assertRegex(output
, 'qdisc sfq 36: root')
4182 self
.assertRegex(output
, 'perturb 5sec')
4184 @expectedFailureIfModuleIsNotAvailable('sch_tbf')
4185 def test_qdisc_tbf(self
):
4186 copy_network_unit('25-qdisc-tbf.network', '12-dummy.netdev')
4188 self
.wait_online(['dummy98:routable'])
4190 output
= check_output('tc qdisc show dev dummy98')
4192 self
.assertRegex(output
, 'qdisc tbf 35: root')
4193 self
.assertRegex(output
, 'rate 1Gbit burst 5000b peakrate 100Gbit minburst 987500b lat 70(.0)?ms')
4195 @expectedFailureIfModuleIsNotAvailable('sch_teql')
4196 def test_qdisc_teql(self
):
4197 call_quiet('rmmod sch_teql')
4199 copy_network_unit('25-qdisc-teql.network', '12-dummy.netdev')
4201 self
.wait_links('dummy98')
4202 check_output('modprobe sch_teql max_equalizers=2')
4203 self
.wait_online(['dummy98:routable'])
4205 output
= check_output('tc qdisc show dev dummy98')
4207 self
.assertRegex(output
, 'qdisc teql1 31: root')
4209 class NetworkdStateFileTests(unittest
.TestCase
, Utilities
):
4217 def test_state_file(self
):
4218 copy_network_unit('12-dummy.netdev', '25-state-file-tests.network')
4220 self
.wait_online(['dummy98:routable'])
4222 # make link state file updated
4223 check_output(*resolvectl_cmd
, 'revert', 'dummy98', env
=env
)
4225 output
= check_output(*networkctl_cmd
, '--json=short', 'status', env
=env
)
4228 output
= read_link_state_file('dummy98')
4230 self
.assertIn('IPV4_ADDRESS_STATE=routable', output
)
4231 self
.assertIn('IPV6_ADDRESS_STATE=routable', output
)
4232 self
.assertIn('ADMIN_STATE=configured', output
)
4233 self
.assertIn('OPER_STATE=routable', output
)
4234 self
.assertIn('REQUIRED_FOR_ONLINE=yes', output
)
4235 self
.assertIn('REQUIRED_OPER_STATE_FOR_ONLINE=routable', output
)
4236 self
.assertIn('REQUIRED_FAMILY_FOR_ONLINE=both', output
)
4237 self
.assertIn('ACTIVATION_POLICY=up', output
)
4238 self
.assertIn('NETWORK_FILE=/run/systemd/network/25-state-file-tests.network', output
)
4239 self
.assertIn('DNS=10.10.10.10#aaa.com 10.10.10.11:1111#bbb.com [1111:2222::3333]:1234#ccc.com', output
)
4240 self
.assertIn('NTP=0.fedora.pool.ntp.org 1.fedora.pool.ntp.org', output
)
4241 self
.assertIn('DOMAINS=hogehoge', output
)
4242 self
.assertIn('ROUTE_DOMAINS=foofoo', output
)
4243 self
.assertIn('LLMNR=no', output
)
4244 self
.assertIn('MDNS=yes', output
)
4245 self
.assertIn('DNSSEC=no', output
)
4247 check_output(*resolvectl_cmd
, 'dns', 'dummy98', '10.10.10.12#ccc.com', '10.10.10.13', '1111:2222::3333', env
=env
)
4248 check_output(*resolvectl_cmd
, 'domain', 'dummy98', 'hogehogehoge', '~foofoofoo', env
=env
)
4249 check_output(*resolvectl_cmd
, 'llmnr', 'dummy98', 'yes', env
=env
)
4250 check_output(*resolvectl_cmd
, 'mdns', 'dummy98', 'no', env
=env
)
4251 check_output(*resolvectl_cmd
, 'dnssec', 'dummy98', 'yes', env
=env
)
4252 check_output(*timedatectl_cmd
, 'ntp-servers', 'dummy98', '2.fedora.pool.ntp.org', '3.fedora.pool.ntp.org', env
=env
)
4254 output
= check_output(*networkctl_cmd
, '--json=short', 'status', env
=env
)
4257 output
= read_link_state_file('dummy98')
4259 self
.assertIn('DNS=10.10.10.12#ccc.com 10.10.10.13 1111:2222::3333', output
)
4260 self
.assertIn('NTP=2.fedora.pool.ntp.org 3.fedora.pool.ntp.org', output
)
4261 self
.assertIn('DOMAINS=hogehogehoge', output
)
4262 self
.assertIn('ROUTE_DOMAINS=foofoofoo', output
)
4263 self
.assertIn('LLMNR=yes', output
)
4264 self
.assertIn('MDNS=no', output
)
4265 self
.assertIn('DNSSEC=yes', output
)
4267 check_output(*timedatectl_cmd
, 'revert', 'dummy98', env
=env
)
4269 output
= check_output(*networkctl_cmd
, '--json=short', 'status', env
=env
)
4272 output
= read_link_state_file('dummy98')
4274 self
.assertIn('DNS=10.10.10.12#ccc.com 10.10.10.13 1111:2222::3333', output
)
4275 self
.assertIn('NTP=0.fedora.pool.ntp.org 1.fedora.pool.ntp.org', output
)
4276 self
.assertIn('DOMAINS=hogehogehoge', output
)
4277 self
.assertIn('ROUTE_DOMAINS=foofoofoo', output
)
4278 self
.assertIn('LLMNR=yes', output
)
4279 self
.assertIn('MDNS=no', output
)
4280 self
.assertIn('DNSSEC=yes', output
)
4282 check_output(*resolvectl_cmd
, 'revert', 'dummy98', env
=env
)
4284 output
= check_output(*networkctl_cmd
, '--json=short', 'status', env
=env
)
4287 output
= read_link_state_file('dummy98')
4289 self
.assertIn('DNS=10.10.10.10#aaa.com 10.10.10.11:1111#bbb.com [1111:2222::3333]:1234#ccc.com', output
)
4290 self
.assertIn('NTP=0.fedora.pool.ntp.org 1.fedora.pool.ntp.org', output
)
4291 self
.assertIn('DOMAINS=hogehoge', output
)
4292 self
.assertIn('ROUTE_DOMAINS=foofoo', output
)
4293 self
.assertIn('LLMNR=no', output
)
4294 self
.assertIn('MDNS=yes', output
)
4295 self
.assertIn('DNSSEC=no', output
)
4297 def test_address_state(self
):
4298 copy_network_unit('12-dummy.netdev', '12-dummy-no-address.network')
4301 self
.wait_online(['dummy98:degraded'])
4303 output
= read_link_state_file('dummy98')
4304 self
.assertIn('IPV4_ADDRESS_STATE=off', output
)
4305 self
.assertIn('IPV6_ADDRESS_STATE=degraded', output
)
4307 # with a routable IPv4 address
4308 check_output('ip address add 10.1.2.3/16 dev dummy98')
4309 self
.wait_online(['dummy98:routable'], ipv4
=True)
4310 self
.wait_online(['dummy98:routable'])
4312 output
= read_link_state_file('dummy98')
4313 self
.assertIn('IPV4_ADDRESS_STATE=routable', output
)
4314 self
.assertIn('IPV6_ADDRESS_STATE=degraded', output
)
4316 check_output('ip address del 10.1.2.3/16 dev dummy98')
4318 # with a routable IPv6 address
4319 check_output('ip address add 2002:da8:1:0:1034:56ff:fe78:9abc/64 dev dummy98')
4320 self
.wait_online(['dummy98:routable'], ipv6
=True)
4321 self
.wait_online(['dummy98:routable'])
4323 output
= read_link_state_file('dummy98')
4324 self
.assertIn('IPV4_ADDRESS_STATE=off', output
)
4325 self
.assertIn('IPV6_ADDRESS_STATE=routable', output
)
4327 class NetworkdBondTests(unittest
.TestCase
, Utilities
):
4335 def test_bond_keep_master(self
):
4336 check_output('ip link add bond199 type bond mode active-backup')
4337 check_output('ip link add dummy98 type dummy')
4338 check_output('ip link set dummy98 master bond199')
4340 copy_network_unit('23-keep-master.network')
4342 self
.wait_online(['dummy98:enslaved'])
4344 output
= check_output('ip -d link show bond199')
4346 self
.assertRegex(output
, 'active_slave dummy98')
4348 output
= check_output('ip -d link show dummy98')
4350 self
.assertRegex(output
, 'master bond199')
4352 def test_bond_active_slave(self
):
4353 copy_network_unit('23-active-slave.network', '23-bond199.network', '25-bond-active-backup-slave.netdev', '12-dummy.netdev')
4355 self
.wait_online(['dummy98:enslaved', 'bond199:degraded'])
4357 output
= check_output('ip -d link show bond199')
4359 self
.assertIn('active_slave dummy98', output
)
4361 def test_bond_primary_slave(self
):
4362 copy_network_unit('23-primary-slave.network', '23-bond199.network', '25-bond-active-backup-slave.netdev', '12-dummy.netdev')
4364 self
.wait_online(['dummy98:enslaved', 'bond199:degraded'])
4366 output
= check_output('ip -d link show bond199')
4368 self
.assertIn('primary dummy98', output
)
4371 mkdir_p(os
.path
.join(network_unit_dir
, '23-bond199.network.d'))
4372 for mac
in ['00:11:22:33:44:55', '00:11:22:33:44:56']:
4373 with
open(os
.path
.join(network_unit_dir
, '23-bond199.network.d/mac.conf'), mode
='w', encoding
='utf-8') as f
:
4374 f
.write(f
'[Link]\nMACAddress={mac}\n')
4377 self
.wait_online(['dummy98:enslaved', 'bond199:degraded'])
4379 output
= check_output('ip -d link show bond199')
4381 self
.assertIn(f
'link/ether {mac}', output
)
4383 def test_bond_operstate(self
):
4384 copy_network_unit('25-bond.netdev', '11-dummy.netdev', '12-dummy.netdev',
4385 '25-bond99.network', '25-bond-slave.network')
4387 self
.wait_online(['dummy98:enslaved', 'test1:enslaved', 'bond99:routable'])
4389 output
= check_output('ip -d link show dummy98')
4391 self
.assertRegex(output
, 'SLAVE,UP,LOWER_UP')
4393 output
= check_output('ip -d link show test1')
4395 self
.assertRegex(output
, 'SLAVE,UP,LOWER_UP')
4397 output
= check_output('ip -d link show bond99')
4399 self
.assertRegex(output
, 'MASTER,UP,LOWER_UP')
4401 self
.wait_operstate('dummy98', 'enslaved')
4402 self
.wait_operstate('test1', 'enslaved')
4403 self
.wait_operstate('bond99', 'routable')
4405 check_output('ip link set dummy98 down')
4407 self
.wait_operstate('dummy98', 'off')
4408 self
.wait_operstate('test1', 'enslaved')
4409 self
.wait_operstate('bond99', 'routable')
4411 check_output('ip link set dummy98 up')
4413 self
.wait_operstate('dummy98', 'enslaved')
4414 self
.wait_operstate('test1', 'enslaved')
4415 self
.wait_operstate('bond99', 'routable')
4417 check_output('ip link set dummy98 down')
4418 check_output('ip link set test1 down')
4420 self
.wait_operstate('dummy98', 'off')
4421 self
.wait_operstate('test1', 'off')
4423 if not self
.wait_operstate('bond99', 'no-carrier', setup_timeout
=30, fail_assert
=False):
4424 # Huh? Kernel does not recognize that all slave interfaces are down?
4425 # Let's confirm that networkd's operstate is consistent with ip's result.
4426 self
.assertNotRegex(output
, 'NO-CARRIER')
4428 class NetworkdBridgeTests(unittest
.TestCase
, Utilities
):
4436 def test_bridge_vlan(self
):
4437 copy_network_unit('11-dummy.netdev', '26-bridge-vlan-slave.network',
4438 '26-bridge.netdev', '26-bridge-vlan-master.network',
4441 self
.wait_online(['test1:enslaved', 'bridge99:degraded'])
4443 output
= check_output('bridge vlan show dev test1')
4445 # check if the default VID is removed
4446 self
.assertNotIn('1 Egress Untagged', output
)
4447 for i
in range(1000, 3000):
4449 self
.assertIn(f
'{i} PVID', output
)
4450 elif i
in range(1012, 1016) or i
in range(1103, 1109):
4451 self
.assertIn(f
'{i} Egress Untagged', output
)
4452 elif i
in range(1008, 1014) or i
in range(1100, 1111):
4453 self
.assertIn(f
'{i}', output
)
4455 self
.assertNotIn(f
'{i}', output
)
4457 output
= check_output('bridge vlan show dev bridge99')
4459 # check if the default VID is removed
4460 self
.assertNotIn('1 Egress Untagged', output
)
4461 for i
in range(1000, 3000):
4463 self
.assertIn(f
'{i} PVID', output
)
4464 elif i
in range(1022, 1026) or i
in range(1203, 1209):
4465 self
.assertIn(f
'{i} Egress Untagged', output
)
4466 elif i
in range(1018, 1024) or i
in range(1200, 1211):
4467 self
.assertIn(f
'{i}', output
)
4469 self
.assertNotIn(f
'{i}', output
)
4472 copy_network_unit('26-bridge-vlan-slave.network.d/10-override.conf',
4473 '26-bridge-vlan-master.network.d/10-override.conf')
4475 self
.wait_online(['test1:enslaved', 'bridge99:degraded'])
4477 output
= check_output('bridge vlan show dev test1')
4479 for i
in range(1000, 3000):
4481 self
.assertIn(f
'{i} PVID', output
)
4482 elif i
in range(2012, 2016) or i
in range(2103, 2109):
4483 self
.assertIn(f
'{i} Egress Untagged', output
)
4484 elif i
in range(2008, 2014) or i
in range(2100, 2111):
4485 self
.assertIn(f
'{i}', output
)
4487 self
.assertNotIn(f
'{i}', output
)
4489 output
= check_output('bridge vlan show dev bridge99')
4491 for i
in range(1000, 3000):
4493 self
.assertIn(f
'{i} PVID', output
)
4494 elif i
in range(2022, 2026) or i
in range(2203, 2209):
4495 self
.assertIn(f
'{i} Egress Untagged', output
)
4496 elif i
in range(2018, 2024) or i
in range(2200, 2211):
4497 self
.assertIn(f
'{i}', output
)
4499 self
.assertNotIn(f
'{i}', output
)
4501 # Remove several vlan IDs
4502 copy_network_unit('26-bridge-vlan-slave.network.d/20-override.conf',
4503 '26-bridge-vlan-master.network.d/20-override.conf')
4505 self
.wait_online(['test1:enslaved', 'bridge99:degraded'])
4507 output
= check_output('bridge vlan show dev test1')
4509 for i
in range(1000, 3000):
4511 self
.assertIn(f
'{i} PVID', output
)
4512 elif i
in range(2012, 2016):
4513 self
.assertIn(f
'{i} Egress Untagged', output
)
4514 elif i
in range(2008, 2014):
4515 self
.assertIn(f
'{i}', output
)
4517 self
.assertNotIn(f
'{i}', output
)
4519 output
= check_output('bridge vlan show dev bridge99')
4521 for i
in range(1000, 3000):
4523 self
.assertIn(f
'{i} PVID', output
)
4524 elif i
in range(2022, 2026):
4525 self
.assertIn(f
'{i} Egress Untagged', output
)
4526 elif i
in range(2018, 2024):
4527 self
.assertIn(f
'{i}', output
)
4529 self
.assertNotIn(f
'{i}', output
)
4531 # Remove all vlan IDs
4532 copy_network_unit('26-bridge-vlan-slave.network.d/30-override.conf',
4533 '26-bridge-vlan-master.network.d/30-override.conf')
4535 self
.wait_online(['test1:enslaved', 'bridge99:degraded'])
4537 output
= check_output('bridge vlan show dev test1')
4539 self
.assertNotIn('PVID', output
)
4540 for i
in range(1000, 3000):
4541 self
.assertNotIn(f
'{i}', output
)
4543 output
= check_output('bridge vlan show dev bridge99')
4545 self
.assertNotIn('PVID', output
)
4546 for i
in range(1000, 3000):
4547 self
.assertNotIn(f
'{i}', output
)
4549 def test_bridge_vlan_issue_20373(self
):
4550 copy_network_unit('11-dummy.netdev', '26-bridge-vlan-slave-issue-20373.network',
4551 '26-bridge-issue-20373.netdev', '26-bridge-vlan-master-issue-20373.network',
4552 '21-vlan.netdev', '21-vlan.network')
4554 self
.wait_online(['test1:enslaved', 'bridge99:degraded', 'vlan99:routable'])
4556 output
= check_output('bridge vlan show dev test1')
4558 self
.assertIn('100 PVID Egress Untagged', output
)
4559 self
.assertIn('560', output
)
4560 self
.assertIn('600', output
)
4562 output
= check_output('bridge vlan show dev bridge99')
4564 self
.assertIn('1 PVID Egress Untagged', output
)
4565 self
.assertIn('100', output
)
4566 self
.assertIn('600', output
)
4568 def test_bridge_mdb(self
):
4569 copy_network_unit('11-dummy.netdev', '26-bridge-mdb-slave.network',
4570 '26-bridge.netdev', '26-bridge-mdb-master.network')
4572 self
.wait_online(['test1:enslaved', 'bridge99:degraded'])
4574 output
= check_output('bridge mdb show dev bridge99')
4576 self
.assertRegex(output
, 'dev bridge99 port test1 grp ff02:aaaa:fee5::1:3 permanent *vid 4064')
4577 self
.assertRegex(output
, 'dev bridge99 port test1 grp 224.0.1.1 permanent *vid 4065')
4579 # Old kernel may not support bridge MDB entries on bridge master
4580 if call_quiet('bridge mdb add dev bridge99 port bridge99 grp 224.0.1.3 temp vid 4068') == 0:
4581 self
.assertRegex(output
, 'dev bridge99 port bridge99 grp ff02:aaaa:fee5::1:4 temp *vid 4066')
4582 self
.assertRegex(output
, 'dev bridge99 port bridge99 grp 224.0.1.2 temp *vid 4067')
4584 def test_bridge_keep_master(self
):
4585 check_output('ip link add bridge99 type bridge')
4586 check_output('ip link set bridge99 up')
4587 check_output('ip link add dummy98 type dummy')
4588 check_output('ip link set dummy98 master bridge99')
4590 copy_network_unit('23-keep-master.network')
4592 self
.wait_online(['dummy98:enslaved'])
4594 output
= check_output('ip -d link show dummy98')
4596 self
.assertRegex(output
, 'master bridge99')
4597 self
.assertRegex(output
, 'bridge')
4599 output
= check_output('bridge -d link show dummy98')
4601 self
.check_bridge_port_attr('bridge99', 'dummy98', 'path_cost', '400')
4602 self
.check_bridge_port_attr('bridge99', 'dummy98', 'hairpin_mode', '1')
4603 self
.check_bridge_port_attr('bridge99', 'dummy98', 'multicast_fast_leave', '1')
4604 self
.check_bridge_port_attr('bridge99', 'dummy98', 'unicast_flood', '1')
4605 self
.check_bridge_port_attr('bridge99', 'dummy98', 'multicast_flood', '0')
4606 # CONFIG_BRIDGE_IGMP_SNOOPING=y
4607 self
.check_bridge_port_attr('bridge99', 'dummy98', 'multicast_to_unicast', '1', allow_enoent
=True)
4608 self
.check_bridge_port_attr('bridge99', 'dummy98', 'neigh_suppress', '1', allow_enoent
=True)
4609 self
.check_bridge_port_attr('bridge99', 'dummy98', 'learning', '0')
4610 self
.check_bridge_port_attr('bridge99', 'dummy98', 'priority', '23')
4611 self
.check_bridge_port_attr('bridge99', 'dummy98', 'bpdu_guard', '0')
4612 self
.check_bridge_port_attr('bridge99', 'dummy98', 'root_block', '0')
4614 def test_bridge_property(self
):
4615 copy_network_unit('11-dummy.netdev', '12-dummy.netdev', '26-bridge.netdev',
4616 '26-bridge-slave-interface-1.network', '26-bridge-slave-interface-2.network',
4617 '25-bridge99.network')
4619 self
.wait_online(['dummy98:enslaved', 'test1:enslaved', 'bridge99:routable'])
4621 output
= check_output('ip -d link show bridge99')
4623 self
.assertIn('mtu 9000 ', output
)
4625 output
= check_output('ip -d link show test1')
4627 self
.assertIn('master bridge99 ', output
)
4628 self
.assertIn('bridge_slave', output
)
4629 self
.assertIn('mtu 9000 ', output
)
4631 output
= check_output('ip -d link show dummy98')
4633 self
.assertIn('master bridge99 ', output
)
4634 self
.assertIn('bridge_slave', output
)
4635 self
.assertIn('mtu 9000 ', output
)
4637 output
= check_output('ip addr show bridge99')
4639 self
.assertIn('192.168.0.15/24', output
)
4641 output
= check_output('bridge -d link show dummy98')
4643 self
.check_bridge_port_attr('bridge99', 'dummy98', 'path_cost', '400')
4644 self
.check_bridge_port_attr('bridge99', 'dummy98', 'hairpin_mode', '1')
4645 self
.check_bridge_port_attr('bridge99', 'dummy98', 'isolated', '1')
4646 self
.check_bridge_port_attr('bridge99', 'dummy98', 'multicast_fast_leave', '1')
4647 self
.check_bridge_port_attr('bridge99', 'dummy98', 'unicast_flood', '1')
4648 self
.check_bridge_port_attr('bridge99', 'dummy98', 'multicast_flood', '0')
4649 # CONFIG_BRIDGE_IGMP_SNOOPING=y
4650 self
.check_bridge_port_attr('bridge99', 'dummy98', 'multicast_to_unicast', '1', allow_enoent
=True)
4651 self
.check_bridge_port_attr('bridge99', 'dummy98', 'neigh_suppress', '1', allow_enoent
=True)
4652 self
.check_bridge_port_attr('bridge99', 'dummy98', 'learning', '0')
4653 self
.check_bridge_port_attr('bridge99', 'dummy98', 'priority', '23')
4654 self
.check_bridge_port_attr('bridge99', 'dummy98', 'bpdu_guard', '0')
4655 self
.check_bridge_port_attr('bridge99', 'dummy98', 'root_block', '0')
4657 output
= check_output('bridge -d link show test1')
4659 self
.check_bridge_port_attr('bridge99', 'test1', 'priority', '0')
4661 check_output('ip address add 192.168.0.16/24 dev bridge99')
4662 output
= check_output('ip addr show bridge99')
4664 self
.assertIn('192.168.0.16/24', output
)
4667 print('### ip -6 route list table all dev bridge99')
4668 output
= check_output('ip -6 route list table all dev bridge99')
4670 self
.assertRegex(output
, 'ff00::/8 table local (proto kernel )?metric 256 (linkdown )?pref medium')
4672 remove_link('test1')
4673 self
.wait_operstate('bridge99', 'routable')
4675 output
= check_output('ip -d link show bridge99')
4677 self
.assertIn('mtu 9000 ', output
)
4679 output
= check_output('ip -d link show dummy98')
4681 self
.assertIn('master bridge99 ', output
)
4682 self
.assertIn('bridge_slave', output
)
4683 self
.assertIn('mtu 9000 ', output
)
4685 remove_link('dummy98')
4686 self
.wait_operstate('bridge99', 'no-carrier')
4688 output
= check_output('ip -d link show bridge99')
4690 # When no carrier, the kernel may reset the MTU
4691 self
.assertIn('NO-CARRIER', output
)
4693 output
= check_output('ip address show bridge99')
4695 self
.assertNotIn('192.168.0.15/24', output
)
4696 self
.assertIn('192.168.0.16/24', output
) # foreign address is kept
4698 print('### ip -6 route list table all dev bridge99')
4699 output
= check_output('ip -6 route list table all dev bridge99')
4701 self
.assertRegex(output
, 'ff00::/8 table local (proto kernel )?metric 256 (linkdown )?pref medium')
4703 check_output('ip link add dummy98 type dummy')
4704 self
.wait_online(['dummy98:enslaved', 'bridge99:routable'])
4706 output
= check_output('ip -d link show bridge99')
4708 self
.assertIn('mtu 9000 ', output
)
4710 output
= check_output('ip -d link show dummy98')
4712 self
.assertIn('master bridge99 ', output
)
4713 self
.assertIn('bridge_slave', output
)
4714 self
.assertIn('mtu 9000 ', output
)
4716 def test_bridge_configure_without_carrier(self
):
4717 copy_network_unit('26-bridge.netdev', '26-bridge-configure-without-carrier.network',
4721 # With ConfigureWithoutCarrier=yes, the bridge should remain configured for all these situations
4722 for test
in ['no-slave', 'add-slave', 'slave-up', 'slave-no-carrier', 'slave-carrier', 'slave-down']:
4723 with self
.subTest(test
=test
):
4724 if test
== 'no-slave':
4725 # bridge has no slaves; it's up but *might* not have carrier
4726 self
.wait_operstate('bridge99', operstate
=r
'(no-carrier|routable)', setup_state
=None, setup_timeout
=30)
4727 # due to a bug in the kernel, newly-created bridges are brought up
4728 # *with* carrier, unless they have had any setting changed; e.g.
4729 # their mac set, priority set, etc. Then, they will lose carrier
4730 # as soon as a (down) slave interface is added, and regain carrier
4731 # again once the slave interface is brought up.
4732 #self.check_link_attr('bridge99', 'carrier', '0')
4733 elif test
== 'add-slave':
4734 # add slave to bridge, but leave it down; bridge is definitely no-carrier
4735 self
.check_link_attr('test1', 'operstate', 'down')
4736 check_output('ip link set dev test1 master bridge99')
4737 self
.wait_operstate('bridge99', operstate
='no-carrier', setup_state
=None)
4738 self
.check_link_attr('bridge99', 'carrier', '0')
4739 elif test
== 'slave-up':
4740 # bring up slave, which will have carrier; bridge gains carrier
4741 check_output('ip link set dev test1 up')
4742 self
.wait_online(['bridge99:routable'])
4743 self
.check_link_attr('bridge99', 'carrier', '1')
4744 elif test
== 'slave-no-carrier':
4745 # drop slave carrier; bridge loses carrier
4746 check_output('ip link set dev test1 carrier off')
4747 self
.wait_online(['bridge99:no-carrier:no-carrier'])
4748 self
.check_link_attr('bridge99', 'carrier', '0')
4749 elif test
== 'slave-carrier':
4750 # restore slave carrier; bridge gains carrier
4751 check_output('ip link set dev test1 carrier on')
4752 self
.wait_online(['bridge99:routable'])
4753 self
.check_link_attr('bridge99', 'carrier', '1')
4754 elif test
== 'slave-down':
4755 # bring down slave; bridge loses carrier
4756 check_output('ip link set dev test1 down')
4757 self
.wait_online(['bridge99:no-carrier:no-carrier'])
4758 self
.check_link_attr('bridge99', 'carrier', '0')
4760 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'bridge99', env
=env
)
4761 self
.assertRegex(output
, '10.1.2.3')
4762 self
.assertRegex(output
, '10.1.2.1')
4764 def test_bridge_ignore_carrier_loss(self
):
4765 copy_network_unit('11-dummy.netdev', '12-dummy.netdev', '26-bridge.netdev',
4766 '26-bridge-slave-interface-1.network', '26-bridge-slave-interface-2.network',
4767 '25-bridge99-ignore-carrier-loss.network')
4769 self
.wait_online(['dummy98:enslaved', 'test1:enslaved', 'bridge99:routable'])
4771 check_output('ip address add 192.168.0.16/24 dev bridge99')
4772 remove_link('test1', 'dummy98')
4775 output
= check_output('ip address show bridge99')
4777 self
.assertRegex(output
, 'NO-CARRIER')
4778 self
.assertRegex(output
, 'inet 192.168.0.15/24 brd 192.168.0.255 scope global bridge99')
4779 self
.assertRegex(output
, 'inet 192.168.0.16/24 scope global secondary bridge99')
4781 def test_bridge_ignore_carrier_loss_frequent_loss_and_gain(self
):
4782 copy_network_unit('26-bridge.netdev', '26-bridge-slave-interface-1.network',
4783 '25-bridge99-ignore-carrier-loss.network')
4785 self
.wait_online(['bridge99:no-carrier'])
4787 for trial
in range(4):
4788 check_output('ip link add dummy98 type dummy')
4789 check_output('ip link set dummy98 up')
4791 remove_link('dummy98')
4793 self
.wait_online(['bridge99:routable', 'dummy98:enslaved'])
4795 output
= check_output('ip address show bridge99')
4797 self
.assertRegex(output
, 'inet 192.168.0.15/24 brd 192.168.0.255 scope global bridge99')
4799 output
= check_output('ip rule list table 100')
4801 self
.assertIn('from all to 8.8.8.8 lookup 100', output
)
4803 class NetworkdSRIOVTests(unittest
.TestCase
, Utilities
):
4811 @expectedFailureIfNetdevsimWithSRIOVIsNotAvailable()
4812 def test_sriov(self
):
4813 copy_network_unit('25-default.link', '25-sriov.network')
4815 call('modprobe netdevsim')
4817 with
open('/sys/bus/netdevsim/new_device', mode
='w', encoding
='utf-8') as f
:
4820 with
open('/sys/bus/netdevsim/devices/netdevsim99/sriov_numvfs', mode
='w', encoding
='utf-8') as f
:
4824 self
.wait_online(['eni99np1:routable'])
4826 output
= check_output('ip link show dev eni99np1')
4828 self
.assertRegex(output
,
4829 'vf 0 .*00:11:22:33:44:55.*vlan 5, qos 1, vlan protocol 802.1ad, spoof checking on, link-state enable, trust on, query_rss on\n *'
4830 'vf 1 .*00:11:22:33:44:56.*vlan 6, qos 2, spoof checking off, link-state disable, trust off, query_rss off\n *'
4831 'vf 2 .*00:11:22:33:44:57.*vlan 7, qos 3, spoof checking off, link-state auto, trust off, query_rss off'
4834 @expectedFailureIfNetdevsimWithSRIOVIsNotAvailable()
4835 def test_sriov_udev(self
):
4836 copy_network_unit('25-sriov.link', '25-sriov-udev.network')
4838 call('modprobe netdevsim')
4840 with
open('/sys/bus/netdevsim/new_device', mode
='w', encoding
='utf-8') as f
:
4844 self
.wait_online(['eni99np1:routable'])
4846 # the name eni99np1 may be an alternative name.
4847 ifname
= link_resolve('eni99np1')
4849 output
= check_output('ip link show dev eni99np1')
4851 self
.assertRegex(output
,
4852 'vf 0 .*00:11:22:33:44:55.*vlan 5, qos 1, vlan protocol 802.1ad, spoof checking on, link-state enable, trust on, query_rss on\n *'
4853 'vf 1 .*00:11:22:33:44:56.*vlan 6, qos 2, spoof checking off, link-state disable, trust off, query_rss off\n *'
4854 'vf 2 .*00:11:22:33:44:57.*vlan 7, qos 3, spoof checking off, link-state auto, trust off, query_rss off'
4856 self
.assertNotIn('vf 3', output
)
4857 self
.assertNotIn('vf 4', output
)
4859 with
open(os
.path
.join(network_unit_dir
, '25-sriov.link'), mode
='a', encoding
='utf-8') as f
:
4860 f
.write('[Link]\nSR-IOVVirtualFunctions=4\n')
4863 check_output(*udevadm_cmd
, 'trigger', '--action=add', '--settle', f
'/sys/devices/netdevsim99/net/{ifname}')
4865 output
= check_output('ip link show dev eni99np1')
4867 self
.assertRegex(output
,
4868 'vf 0 .*00:11:22:33:44:55.*vlan 5, qos 1, vlan protocol 802.1ad, spoof checking on, link-state enable, trust on, query_rss on\n *'
4869 'vf 1 .*00:11:22:33:44:56.*vlan 6, qos 2, spoof checking off, link-state disable, trust off, query_rss off\n *'
4870 'vf 2 .*00:11:22:33:44:57.*vlan 7, qos 3, spoof checking off, link-state auto, trust off, query_rss off\n *'
4873 self
.assertNotIn('vf 4', output
)
4875 with
open(os
.path
.join(network_unit_dir
, '25-sriov.link'), mode
='a', encoding
='utf-8') as f
:
4876 f
.write('[Link]\nSR-IOVVirtualFunctions=\n')
4879 check_output(*udevadm_cmd
, 'trigger', '--action=add', '--settle', f
'/sys/devices/netdevsim99/net/{ifname}')
4881 output
= check_output('ip link show dev eni99np1')
4883 self
.assertRegex(output
,
4884 'vf 0 .*00:11:22:33:44:55.*vlan 5, qos 1, vlan protocol 802.1ad, spoof checking on, link-state enable, trust on, query_rss on\n *'
4885 'vf 1 .*00:11:22:33:44:56.*vlan 6, qos 2, spoof checking off, link-state disable, trust off, query_rss off\n *'
4886 'vf 2 .*00:11:22:33:44:57.*vlan 7, qos 3, spoof checking off, link-state auto, trust off, query_rss off\n *'
4889 self
.assertNotIn('vf 4', output
)
4891 with
open(os
.path
.join(network_unit_dir
, '25-sriov.link'), mode
='a', encoding
='utf-8') as f
:
4892 f
.write('[Link]\nSR-IOVVirtualFunctions=2\n')
4895 check_output(*udevadm_cmd
, 'trigger', '--action=add', '--settle', f
'/sys/devices/netdevsim99/net/{ifname}')
4897 output
= check_output('ip link show dev eni99np1')
4899 self
.assertRegex(output
,
4900 'vf 0 .*00:11:22:33:44:55.*vlan 5, qos 1, vlan protocol 802.1ad, spoof checking on, link-state enable, trust on, query_rss on\n *'
4901 'vf 1 .*00:11:22:33:44:56.*vlan 6, qos 2, spoof checking off, link-state disable, trust off, query_rss off'
4903 self
.assertNotIn('vf 2', output
)
4904 self
.assertNotIn('vf 3', output
)
4905 self
.assertNotIn('vf 4', output
)
4907 with
open(os
.path
.join(network_unit_dir
, '25-sriov.link'), mode
='a', encoding
='utf-8') as f
:
4908 f
.write('[Link]\nSR-IOVVirtualFunctions=\n')
4911 check_output(*udevadm_cmd
, 'trigger', '--action=add', '--settle', f
'/sys/devices/netdevsim99/net/{ifname}')
4913 output
= check_output('ip link show dev eni99np1')
4915 self
.assertRegex(output
,
4916 'vf 0 .*00:11:22:33:44:55.*vlan 5, qos 1, vlan protocol 802.1ad, spoof checking on, link-state enable, trust on, query_rss on\n *'
4917 'vf 1 .*00:11:22:33:44:56.*vlan 6, qos 2, spoof checking off, link-state disable, trust off, query_rss off\n *'
4918 'vf 2 .*00:11:22:33:44:57.*vlan 7, qos 3, spoof checking off, link-state auto, trust off, query_rss off'
4920 self
.assertNotIn('vf 3', output
)
4921 self
.assertNotIn('vf 4', output
)
4923 class NetworkdLLDPTests(unittest
.TestCase
, Utilities
):
4931 def test_lldp(self
):
4932 copy_network_unit('23-emit-lldp.network', '24-lldp.network', '25-veth.netdev')
4934 self
.wait_online(['veth99:degraded', 'veth-peer:degraded'])
4936 for trial
in range(10):
4940 output
= check_output(*networkctl_cmd
, 'lldp', env
=env
)
4942 if re
.search(r
'veth99 .* veth-peer', output
):
4947 class NetworkdRATests(unittest
.TestCase
, Utilities
):
4955 def test_ipv6_prefix_delegation(self
):
4956 copy_network_unit('25-veth.netdev', '25-ipv6-prefix.network', '25-ipv6-prefix-veth.network')
4957 self
.setup_nftset('addr6', 'ipv6_addr')
4958 self
.setup_nftset('network6', 'ipv6_addr', 'flags interval;')
4959 self
.setup_nftset('ifindex', 'iface_index')
4961 self
.wait_online(['veth99:routable', 'veth-peer:degraded'])
4963 output
= check_output(*resolvectl_cmd
, 'dns', 'veth99', env
=env
)
4965 self
.assertRegex(output
, 'fe80::')
4966 self
.assertRegex(output
, '2002:da8:1::1')
4968 output
= check_output(*resolvectl_cmd
, 'domain', 'veth99', env
=env
)
4970 self
.assertIn('hogehoge.test', output
)
4972 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'veth99', env
=env
)
4974 self
.assertRegex(output
, '2002:da8:1:0')
4976 self
.check_netlabel('veth99', '2002:da8:1::/64')
4977 self
.check_netlabel('veth99', '2002:da8:2::/64')
4979 self
.check_nftset('addr6', '2002:da8:1:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*')
4980 self
.check_nftset('addr6', '2002:da8:2:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*')
4981 self
.check_nftset('network6', '2002:da8:1::/64')
4982 self
.check_nftset('network6', '2002:da8:2::/64')
4983 self
.check_nftset('ifindex', 'veth99')
4985 self
.teardown_nftset('addr6', 'network6', 'ifindex')
4987 def test_ipv6_token_static(self
):
4988 copy_network_unit('25-veth.netdev', '25-ipv6-prefix.network', '25-ipv6-prefix-veth-token-static.network')
4990 self
.wait_online(['veth99:routable', 'veth-peer:degraded'])
4992 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'veth99', env
=env
)
4994 self
.assertRegex(output
, '2002:da8:1:0:1a:2b:3c:4d')
4995 self
.assertRegex(output
, '2002:da8:1:0:fa:de:ca:fe')
4996 self
.assertRegex(output
, '2002:da8:2:0:1a:2b:3c:4d')
4997 self
.assertRegex(output
, '2002:da8:2:0:fa:de:ca:fe')
4999 def test_ipv6_token_prefixstable(self
):
5000 copy_network_unit('25-veth.netdev', '25-ipv6-prefix.network', '25-ipv6-prefix-veth-token-prefixstable.network')
5002 self
.wait_online(['veth99:routable', 'veth-peer:degraded'])
5004 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'veth99', env
=env
)
5006 self
.assertIn('2002:da8:1:0:b47e:7975:fc7a:7d6e', output
)
5007 self
.assertIn('2002:da8:2:0:1034:56ff:fe78:9abc', output
) # EUI64
5009 def test_ipv6_token_prefixstable_without_address(self
):
5010 copy_network_unit('25-veth.netdev', '25-ipv6-prefix.network', '25-ipv6-prefix-veth-token-prefixstable-without-address.network')
5012 self
.wait_online(['veth99:routable', 'veth-peer:degraded'])
5014 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'veth99', env
=env
)
5016 self
.assertIn('2002:da8:1:0:b47e:7975:fc7a:7d6e', output
)
5017 self
.assertIn('2002:da8:2:0:f689:561a:8eda:7443', output
)
5019 def test_router_preference(self
):
5020 copy_network_unit('25-veth-client.netdev',
5021 '25-veth-router-high.netdev',
5022 '25-veth-router-low.netdev',
5024 '25-veth-bridge.network',
5025 '25-veth-client.network',
5026 '25-veth-router-high.network',
5027 '25-veth-router-low.network',
5028 '25-bridge99.network')
5030 self
.wait_online(['client-p:enslaved',
5031 'router-high:degraded', 'router-high-p:enslaved',
5032 'router-low:degraded', 'router-low-p:enslaved',
5033 'bridge99:routable'])
5035 networkctl_reconfigure('client')
5036 self
.wait_online(['client:routable'])
5038 self
.wait_address('client', '2002:da8:1:99:1034:56ff:fe78:9a00/64', ipv
='-6', timeout_sec
=10)
5039 self
.wait_address('client', '2002:da8:1:98:1034:56ff:fe78:9a00/64', ipv
='-6', timeout_sec
=10)
5040 self
.wait_route('client', 'default via fe80::1034:56ff:fe78:9a99 proto ra metric 512', ipv
='-6', timeout_sec
=10)
5041 self
.wait_route('client', 'default via fe80::1034:56ff:fe78:9a98 proto ra metric 2048', ipv
='-6', timeout_sec
=10)
5043 output
= check_output('ip -6 route show dev client default via fe80::1034:56ff:fe78:9a99')
5045 self
.assertIn('pref high', output
)
5046 output
= check_output('ip -6 route show dev client default via fe80::1034:56ff:fe78:9a98')
5048 self
.assertIn('pref low', output
)
5050 with
open(os
.path
.join(network_unit_dir
, '25-veth-client.network'), mode
='a', encoding
='utf-8') as f
:
5051 f
.write('\n[Link]\nMACAddress=12:34:56:78:9a:01\n[IPv6AcceptRA]\nRouteMetric=100:200:300\n')
5054 self
.wait_online(['client:routable'])
5056 self
.wait_address('client', '2002:da8:1:99:1034:56ff:fe78:9a01/64', ipv
='-6', timeout_sec
=10)
5057 self
.wait_address('client', '2002:da8:1:98:1034:56ff:fe78:9a01/64', ipv
='-6', timeout_sec
=10)
5058 self
.wait_route('client', 'default via fe80::1034:56ff:fe78:9a99 proto ra metric 100', ipv
='-6', timeout_sec
=10)
5059 self
.wait_route('client', 'default via fe80::1034:56ff:fe78:9a98 proto ra metric 300', ipv
='-6', timeout_sec
=10)
5061 output
= check_output('ip -6 route show dev client default via fe80::1034:56ff:fe78:9a99')
5063 self
.assertIn('pref high', output
)
5064 output
= check_output('ip -6 route show dev client default via fe80::1034:56ff:fe78:9a98')
5066 self
.assertIn('pref low', output
)
5068 @unittest.skipUnless(radvd_check_config('captive-portal.conf'), "Installed radvd doesn't support captive portals")
5069 def test_captive_portal(self
):
5070 copy_network_unit('25-veth-client.netdev',
5071 '25-veth-router-captive.netdev',
5073 '25-veth-client-captive.network',
5074 '25-veth-router-captive.network',
5075 '25-veth-bridge-captive.network',
5076 '25-bridge99.network')
5078 self
.wait_online(['bridge99:routable', 'client-p:enslaved',
5079 'router-captive:degraded', 'router-captivep:enslaved'])
5081 start_radvd(config_file
='captive-portal.conf')
5082 networkctl_reconfigure('client')
5083 self
.wait_online(['client:routable'])
5085 self
.wait_address('client', '2002:da8:1:99:1034:56ff:fe78:9a00/64', ipv
='-6', timeout_sec
=10)
5086 output
= check_output(*networkctl_cmd
, 'status', 'client', env
=env
)
5088 self
.assertIn('Captive Portal: http://systemd.io', output
)
5090 @unittest.skipUnless(radvd_check_config('captive-portal.conf'), "Installed radvd doesn't support captive portals")
5091 def test_invalid_captive_portal(self
):
5092 def radvd_write_config(captive_portal_uri
):
5093 with
open(os
.path
.join(networkd_ci_temp_dir
, 'radvd/bogus-captive-portal.conf'), mode
='w', encoding
='utf-8') as f
:
5094 f
.write(f
'interface router-captive {{ AdvSendAdvert on; AdvCaptivePortalAPI "{captive_portal_uri}"; prefix 2002:da8:1:99::/64 {{ AdvOnLink on; AdvAutonomous on; }}; }};')
5096 captive_portal_uris
= [
5097 "42ěščěškd ěšč ě s",
5102 copy_network_unit('25-veth-client.netdev',
5103 '25-veth-router-captive.netdev',
5105 '25-veth-client-captive.network',
5106 '25-veth-router-captive.network',
5107 '25-veth-bridge-captive.network',
5108 '25-bridge99.network')
5110 self
.wait_online(['bridge99:routable', 'client-p:enslaved',
5111 'router-captive:degraded', 'router-captivep:enslaved'])
5113 for uri
in captive_portal_uris
:
5114 print(f
"Captive portal: {uri}")
5115 radvd_write_config(uri
)
5117 start_radvd(config_file
='bogus-captive-portal.conf')
5118 networkctl_reconfigure('client')
5119 self
.wait_online(['client:routable'])
5121 self
.wait_address('client', '2002:da8:1:99:1034:56ff:fe78:9a00/64', ipv
='-6', timeout_sec
=10)
5122 output
= check_output(*networkctl_cmd
, 'status', 'client', env
=env
)
5124 self
.assertNotIn('Captive Portal:', output
)
5126 class NetworkdDHCPServerTests(unittest
.TestCase
, Utilities
):
5134 def test_dhcp_server(self
):
5135 copy_network_unit('25-veth.netdev', '25-dhcp-client.network', '25-dhcp-server.network')
5137 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
5139 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'veth99', env
=env
)
5141 self
.assertRegex(output
, r
'Address: 192.168.5.[0-9]* \(DHCP4 via 192.168.5.1\)')
5142 self
.assertIn('Gateway: 192.168.5.3', output
)
5143 self
.assertRegex(output
, 'DNS: 192.168.5.1\n *192.168.5.10')
5144 self
.assertRegex(output
, 'NTP: 192.168.5.1\n *192.168.5.11')
5146 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'veth-peer', env
=env
)
5147 self
.assertRegex(output
, "Offered DHCP leases: 192.168.5.[0-9]*")
5149 def test_dhcp_server_null_server_address(self
):
5150 copy_network_unit('25-veth.netdev', '25-dhcp-client.network', '25-dhcp-server-null-server-address.network')
5152 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
5154 output
= check_output('ip --json address show dev veth-peer')
5155 server_address
= json
.loads(output
)[0]['addr_info'][0]['local']
5156 print(server_address
)
5158 output
= check_output('ip --json address show dev veth99')
5159 client_address
= json
.loads(output
)[0]['addr_info'][0]['local']
5160 print(client_address
)
5162 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'veth99', env
=env
)
5164 self
.assertRegex(output
, rf
'Address: {client_address} \(DHCP4 via {server_address}\)')
5165 self
.assertIn(f
'Gateway: {server_address}', output
)
5166 self
.assertIn(f
'DNS: {server_address}', output
)
5167 self
.assertIn(f
'NTP: {server_address}', output
)
5169 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'veth-peer', env
=env
)
5170 self
.assertIn(f
'Offered DHCP leases: {client_address}', output
)
5172 def test_dhcp_server_with_uplink(self
):
5173 copy_network_unit('25-veth.netdev', '25-dhcp-client.network', '25-dhcp-server-downstream.network',
5174 '12-dummy.netdev', '25-dhcp-server-uplink.network')
5176 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
5178 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'veth99', env
=env
)
5180 self
.assertRegex(output
, r
'Address: 192.168.5.[0-9]* \(DHCP4 via 192.168.5.1\)')
5181 self
.assertIn('Gateway: 192.168.5.3', output
)
5182 self
.assertIn('DNS: 192.168.5.1', output
)
5183 self
.assertIn('NTP: 192.168.5.1', output
)
5185 def test_emit_router_timezone(self
):
5186 copy_network_unit('25-veth.netdev', '25-dhcp-client-timezone-router.network', '25-dhcp-server-timezone-router.network')
5188 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
5190 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'veth99', env
=env
)
5192 self
.assertRegex(output
, r
'Address: 192.168.5.[0-9]* \(DHCP4 via 192.168.5.1\)')
5193 self
.assertIn('Gateway: 192.168.5.1', output
)
5194 self
.assertIn('Time Zone: Europe/Berlin', output
)
5196 def test_dhcp_server_static_lease(self
):
5197 copy_network_unit('25-veth.netdev', '25-dhcp-client-static-lease.network', '25-dhcp-server-static-lease.network')
5199 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
5201 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'veth99', env
=env
)
5203 self
.assertIn('Address: 10.1.1.200 (DHCP4 via 10.1.1.1)', output
)
5204 self
.assertIn('DHCP4 Client ID: 12:34:56:78:9a:bc', output
)
5206 def test_dhcp_server_static_lease_default_client_id(self
):
5207 copy_network_unit('25-veth.netdev', '25-dhcp-client.network', '25-dhcp-server-static-lease.network')
5209 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
5211 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'veth99', env
=env
)
5213 self
.assertIn('Address: 10.1.1.200 (DHCP4 via 10.1.1.1)', output
)
5214 self
.assertRegex(output
, 'DHCP4 Client ID: IAID:[0-9a-z]*/DUID')
5216 class NetworkdDHCPServerRelayAgentTests(unittest
.TestCase
, Utilities
):
5224 def test_relay_agent(self
):
5225 copy_network_unit('25-agent-veth-client.netdev',
5226 '25-agent-veth-server.netdev',
5227 '25-agent-client.network',
5228 '25-agent-server.network',
5229 '25-agent-client-peer.network',
5230 '25-agent-server-peer.network')
5233 self
.wait_online(['client:routable'])
5235 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'client', env
=env
)
5237 self
.assertRegex(output
, r
'Address: 192.168.5.150 \(DHCP4 via 192.168.5.1\)')
5239 class NetworkdDHCPClientTests(unittest
.TestCase
, Utilities
):
5247 def test_dhcp_client_ipv6_only(self
):
5248 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-ipv6-only.network')
5251 self
.wait_online(['veth-peer:carrier'])
5253 # information request mode
5254 # The name ipv6-only option may not be supported by older dnsmasq
5255 # start_dnsmasq('--dhcp-option=option:ipv6-only,300')
5256 start_dnsmasq('--dhcp-option=108,00:00:02:00',
5257 '--dhcp-option=option6:dns-server,[2600::ee]',
5258 '--dhcp-option=option6:ntp-server,[2600::ff]',
5259 ra_mode
='ra-stateless')
5260 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
5262 # DHCPv6 REPLY for INFORMATION-REQUEST may be received after the link entered configured state.
5263 # Let's wait for the expected DNS server being listed in the state file.
5264 for _
in range(100):
5265 output
= read_link_state_file('veth99')
5266 if 'DNS=2600::ee' in output
:
5270 # Check link state file
5271 print('## link state file')
5272 output
= read_link_state_file('veth99')
5274 self
.assertIn('DNS=2600::ee', output
)
5275 self
.assertIn('NTP=2600::ff', output
)
5277 # Check manager state file
5278 print('## manager state file')
5279 output
= read_manager_state_file()
5281 self
.assertRegex(output
, 'DNS=.*2600::ee')
5282 self
.assertRegex(output
, 'NTP=.*2600::ff')
5284 print('## dnsmasq log')
5285 output
= read_dnsmasq_log_file()
5287 self
.assertIn('DHCPINFORMATION-REQUEST(veth-peer)', output
)
5288 self
.assertNotIn('DHCPSOLICIT(veth-peer)', output
)
5289 self
.assertNotIn('DHCPADVERTISE(veth-peer)', output
)
5290 self
.assertNotIn('DHCPREQUEST(veth-peer)', output
)
5291 self
.assertNotIn('DHCPREPLY(veth-peer)', output
)
5294 output
= check_output(*networkctl_cmd
, '--json=short', 'status', 'veth99', env
=env
)
5299 start_dnsmasq('--dhcp-option=108,00:00:02:00',
5300 '--dhcp-option=option6:dns-server,[2600::ee]',
5301 '--dhcp-option=option6:ntp-server,[2600::ff]')
5302 networkctl_reconfigure('veth99')
5303 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
5306 output
= check_output('ip address show dev veth99 scope global')
5308 self
.assertRegex(output
, r
'inet6 2600::[0-9a-f:]*/128 scope global dynamic noprefixroute')
5309 self
.assertNotIn('192.168.5', output
)
5311 # checking semi-static route
5312 output
= check_output('ip -6 route list dev veth99 2001:1234:5:9fff:ff:ff:ff:ff')
5314 self
.assertRegex(output
, 'via fe80::1034:56ff:fe78:9abd')
5316 # Confirm that ipv6 token is not set in the kernel
5317 output
= check_output('ip token show dev veth99')
5319 self
.assertRegex(output
, 'token :: dev veth99')
5321 # Make manager and link state file updated
5322 check_output(*resolvectl_cmd
, 'revert', 'veth99', env
=env
)
5324 # Check link state file
5325 print('## link state file')
5326 output
= read_link_state_file('veth99')
5328 self
.assertIn('DNS=2600::ee', output
)
5329 self
.assertIn('NTP=2600::ff', output
)
5331 # Check manager state file
5332 print('## manager state file')
5333 output
= read_manager_state_file()
5335 self
.assertRegex(output
, 'DNS=.*2600::ee')
5336 self
.assertRegex(output
, 'NTP=.*2600::ff')
5338 print('## dnsmasq log')
5339 output
= read_dnsmasq_log_file()
5341 self
.assertNotIn('DHCPINFORMATION-REQUEST(veth-peer)', output
)
5342 self
.assertIn('DHCPSOLICIT(veth-peer)', output
)
5343 self
.assertNotIn('DHCPADVERTISE(veth-peer)', output
)
5344 self
.assertNotIn('DHCPREQUEST(veth-peer)', output
)
5345 self
.assertIn('DHCPREPLY(veth-peer)', output
)
5346 self
.assertIn('sent size: 0 option: 14 rapid-commit', output
)
5349 output
= check_output(*networkctl_cmd
, '--json=short', 'status', 'veth99', env
=env
)
5352 # Testing without rapid commit support
5353 with
open(os
.path
.join(network_unit_dir
, '25-dhcp-client-ipv6-only.network'), mode
='a', encoding
='utf-8') as f
:
5354 f
.write('\n[DHCPv6]\nRapidCommit=no\n')
5357 start_dnsmasq('--dhcp-option=108,00:00:02:00',
5358 '--dhcp-option=option6:dns-server,[2600::ee]',
5359 '--dhcp-option=option6:ntp-server,[2600::ff]')
5362 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
5365 output
= check_output('ip address show dev veth99 scope global')
5367 self
.assertRegex(output
, r
'inet6 2600::[0-9a-f:]*/128 scope global dynamic noprefixroute')
5368 self
.assertNotIn('192.168.5', output
)
5370 # checking semi-static route
5371 output
= check_output('ip -6 route list dev veth99 2001:1234:5:9fff:ff:ff:ff:ff')
5373 self
.assertRegex(output
, 'via fe80::1034:56ff:fe78:9abd')
5375 # Make manager and link state file updated
5376 check_output(*resolvectl_cmd
, 'revert', 'veth99', env
=env
)
5378 # Check link state file
5379 print('## link state file')
5380 output
= read_link_state_file('veth99')
5382 self
.assertIn('DNS=2600::ee', output
)
5383 self
.assertIn('NTP=2600::ff', output
)
5385 # Check manager state file
5386 print('## manager state file')
5387 output
= read_manager_state_file()
5389 self
.assertRegex(output
, 'DNS=.*2600::ee')
5390 self
.assertRegex(output
, 'NTP=.*2600::ff')
5392 print('## dnsmasq log')
5393 output
= read_dnsmasq_log_file()
5395 self
.assertNotIn('DHCPINFORMATION-REQUEST(veth-peer)', output
)
5396 self
.assertIn('DHCPSOLICIT(veth-peer)', output
)
5397 self
.assertIn('DHCPADVERTISE(veth-peer)', output
)
5398 self
.assertIn('DHCPREQUEST(veth-peer)', output
)
5399 self
.assertIn('DHCPREPLY(veth-peer)', output
)
5400 self
.assertNotIn('rapid-commit', output
)
5403 output
= check_output(*networkctl_cmd
, '--json=short', 'status', 'veth99', env
=env
)
5406 def test_dhcp_client_ipv6_dbus_status(self
):
5407 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-ipv6-only.network')
5409 self
.wait_online(['veth-peer:carrier'])
5411 # Note that at this point the DHCPv6 client has not been started because no RA (with managed
5412 # bit set) has yet been received and the configuration does not include WithoutRA=true
5413 state
= get_dhcp6_client_state('veth99')
5414 print(f
"DHCPv6 client state = {state}")
5415 self
.assertEqual(state
, 'stopped')
5417 state
= get_dhcp4_client_state('veth99')
5418 print(f
"DHCPv4 client state = {state}")
5419 self
.assertEqual(state
, 'selecting')
5421 start_dnsmasq('--dhcp-option=108,00:00:02:00')
5422 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
5424 state
= get_dhcp6_client_state('veth99')
5425 print(f
"DHCPv6 client state = {state}")
5426 self
.assertEqual(state
, 'bound')
5428 # DHCPv4 client will stop after an DHCPOFFER message received, so we need to wait for a while.
5429 for _
in range(100):
5430 state
= get_dhcp4_client_state('veth99')
5431 if state
== 'stopped':
5435 print(f
"DHCPv4 client state = {state}")
5436 self
.assertEqual(state
, 'stopped')
5438 # restart dnsmasq to clear log
5440 start_dnsmasq('--dhcp-option=108,00:00:02:00')
5442 # Test renew command
5443 # See https://github.com/systemd/systemd/pull/29472#issuecomment-1759092138
5444 check_output(*networkctl_cmd
, 'renew', 'veth99', env
=env
)
5446 for _
in range(100):
5447 state
= get_dhcp4_client_state('veth99')
5448 if state
== 'stopped':
5452 print(f
"DHCPv4 client state = {state}")
5453 self
.assertEqual(state
, 'stopped')
5455 print('## dnsmasq log')
5456 output
= read_dnsmasq_log_file()
5458 self
.assertIn('DHCPDISCOVER(veth-peer) 12:34:56:78:9a:bc', output
)
5459 self
.assertIn('DHCPOFFER(veth-peer)', output
)
5460 self
.assertNotIn('DHCPREQUEST(veth-peer)', output
)
5461 self
.assertNotIn('DHCPACK(veth-peer)', output
)
5463 def test_dhcp_client_ipv6_only_with_custom_client_identifier(self
):
5464 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-ipv6-only-custom-client-identifier.network')
5467 self
.wait_online(['veth-peer:carrier'])
5469 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
5472 output
= check_output('ip address show dev veth99 scope global')
5474 self
.assertRegex(output
, r
'inet6 2600::[0-9a-f:]*/128 scope global dynamic noprefixroute')
5475 self
.assertNotIn('192.168.5', output
)
5477 print('## dnsmasq log')
5478 output
= read_dnsmasq_log_file()
5480 self
.assertIn('DHCPSOLICIT(veth-peer) 00:42:00:00:ab:11:f9:2a:c2:77:29:f9:5c:00', output
)
5481 self
.assertNotIn('DHCPADVERTISE(veth-peer)', output
)
5482 self
.assertNotIn('DHCPREQUEST(veth-peer)', output
)
5483 self
.assertIn('DHCPREPLY(veth-peer)', output
)
5484 self
.assertIn('sent size: 0 option: 14 rapid-commit', output
)
5486 def test_dhcp_client_ipv4_only(self
):
5487 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-ipv4-only.network')
5489 self
.setup_nftset('addr4', 'ipv4_addr')
5490 self
.setup_nftset('network4', 'ipv4_addr', 'flags interval;')
5491 self
.setup_nftset('ifindex', 'iface_index')
5494 self
.wait_online(['veth-peer:carrier'])
5495 start_dnsmasq('--dhcp-option=option:dns-server,192.168.5.6,192.168.5.7',
5496 '--dhcp-option=option:sip-server,192.168.5.21,192.168.5.22',
5497 '--dhcp-option=option:domain-search,example.com',
5498 '--dhcp-alternate-port=67,5555',
5499 ipv4_range
='192.168.5.110,192.168.5.119')
5500 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
5501 self
.wait_address('veth99', r
'inet 192.168.5.11[0-9]*/24', ipv
='-4')
5503 print('## ip address show dev veth99 scope global')
5504 output
= check_output('ip address show dev veth99 scope global')
5506 self
.assertIn('mtu 1492', output
)
5507 self
.assertIn('inet 192.168.5.250/24 brd 192.168.5.255 scope global veth99', output
)
5508 self
.assertRegex(output
, r
'inet 192.168.5.11[0-9]/24 metric 24 brd 192.168.5.255 scope global secondary dynamic noprefixroute test-label')
5509 self
.assertNotIn('2600::', output
)
5511 output
= check_output('ip -4 --json address show dev veth99')
5512 for i
in json
.loads(output
)[0]['addr_info']:
5513 if i
['label'] == 'test-label':
5514 address1
= i
['local']
5517 self
.assertFalse(True)
5519 self
.assertRegex(address1
, r
'^192.168.5.11[0-9]$')
5521 print('## ip route show table main dev veth99')
5522 output
= check_output('ip route show table main dev veth99')
5524 # no DHCP routes assigned to the main table
5525 self
.assertNotIn('proto dhcp', output
)
5527 self
.assertIn('192.168.5.0/24 proto kernel scope link src 192.168.5.250', output
)
5528 self
.assertIn('192.168.5.0/24 proto static scope link', output
)
5529 self
.assertIn('192.168.6.0/24 proto static scope link', output
)
5530 self
.assertIn('192.168.7.0/24 proto static scope link', output
)
5532 print('## ip route show table 211 dev veth99')
5533 output
= check_output('ip route show table 211 dev veth99')
5535 self
.assertRegex(output
, f
'default via 192.168.5.1 proto dhcp src {address1} metric 24')
5536 self
.assertRegex(output
, f
'192.168.5.0/24 proto dhcp scope link src {address1} metric 24')
5537 self
.assertRegex(output
, f
'192.168.5.1 proto dhcp scope link src {address1} metric 24')
5538 self
.assertRegex(output
, f
'192.168.5.6 proto dhcp scope link src {address1} metric 24')
5539 self
.assertRegex(output
, f
'192.168.5.7 proto dhcp scope link src {address1} metric 24')
5540 self
.assertIn('10.0.0.0/8 via 192.168.5.1 proto dhcp', output
)
5542 print('## link state file')
5543 output
= read_link_state_file('veth99')
5545 # checking DNS server, SIP server, and Domains
5546 self
.assertIn('DNS=192.168.5.6 192.168.5.7', output
)
5547 self
.assertIn('SIP=192.168.5.21 192.168.5.22', output
)
5548 self
.assertIn('DOMAINS=example.com', output
)
5551 output
= check_output(*networkctl_cmd
, '--json=short', 'status', 'veth99', env
=env
)
5552 j
= json
.loads(output
)
5554 self
.assertEqual(len(j
['DNS']), 2)
5557 self
.assertEqual(i
['Family'], 2)
5558 a
= socket
.inet_ntop(socket
.AF_INET
, bytearray(i
['Address']))
5559 self
.assertRegex(a
, '^192.168.5.[67]$')
5560 self
.assertEqual(i
['ConfigSource'], 'DHCPv4')
5561 a
= socket
.inet_ntop(socket
.AF_INET
, bytearray(i
['ConfigProvider']))
5562 self
.assertEqual('192.168.5.1', a
)
5564 self
.assertEqual(len(j
['SIP']), 2)
5567 self
.assertEqual(i
['Family'], 2)
5568 a
= socket
.inet_ntop(socket
.AF_INET
, bytearray(i
['Address']))
5569 self
.assertRegex(a
, '^192.168.5.2[12]$')
5570 self
.assertEqual(i
['ConfigSource'], 'DHCPv4')
5571 a
= socket
.inet_ntop(socket
.AF_INET
, bytearray(i
['ConfigProvider']))
5572 self
.assertEqual('192.168.5.1', a
)
5574 print('## dnsmasq log')
5575 output
= read_dnsmasq_log_file()
5577 self
.assertIn('vendor class: FooBarVendorTest', output
)
5578 self
.assertIn('DHCPDISCOVER(veth-peer) 192.168.5.110 12:34:56:78:9a:bc', output
)
5579 self
.assertIn('client provides name: test-hostname', output
)
5580 self
.assertIn('26:mtu', output
)
5582 # change address range, DNS servers, and Domains
5584 start_dnsmasq('--dhcp-option=option:dns-server,192.168.5.1,192.168.5.7,192.168.5.8',
5585 '--dhcp-option=option:sip-server,192.168.5.23,192.168.5.24',
5586 '--dhcp-option=option:domain-search,foo.example.com',
5587 '--dhcp-alternate-port=67,5555',
5588 ipv4_range
='192.168.5.120,192.168.5.129',)
5590 # Sleep for 120 sec as the dnsmasq minimum lease time can only be set to 120
5591 print('Wait for the DHCP lease to be expired')
5592 self
.wait_address_dropped('veth99', f
'inet {address1}/24', ipv
='-4', timeout_sec
=120)
5593 self
.wait_address('veth99', r
'inet 192.168.5.12[0-9]*/24', ipv
='-4')
5595 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
5597 print('## ip address show dev veth99 scope global')
5598 output
= check_output('ip address show dev veth99 scope global')
5600 self
.assertIn('mtu 1492', output
)
5601 self
.assertIn('inet 192.168.5.250/24 brd 192.168.5.255 scope global veth99', output
)
5602 self
.assertNotIn(f
'{address1}', output
)
5603 self
.assertRegex(output
, r
'inet 192.168.5.12[0-9]/24 metric 24 brd 192.168.5.255 scope global secondary dynamic noprefixroute test-label')
5604 self
.assertNotIn('2600::', output
)
5606 output
= check_output('ip -4 --json address show dev veth99')
5607 for i
in json
.loads(output
)[0]['addr_info']:
5608 if i
['label'] == 'test-label':
5609 address2
= i
['local']
5612 self
.assertFalse(True)
5614 self
.assertRegex(address2
, r
'^192.168.5.12[0-9]$')
5616 print('## ip route show table main dev veth99')
5617 output
= check_output('ip route show table main dev veth99')
5619 # no DHCP routes assigned to the main table
5620 self
.assertNotIn('proto dhcp', output
)
5622 self
.assertIn('192.168.5.0/24 proto kernel scope link src 192.168.5.250', output
)
5623 self
.assertIn('192.168.5.0/24 proto static scope link', output
)
5624 self
.assertIn('192.168.6.0/24 proto static scope link', output
)
5625 self
.assertIn('192.168.7.0/24 proto static scope link', output
)
5627 print('## ip route show table 211 dev veth99')
5628 output
= check_output('ip route show table 211 dev veth99')
5630 self
.assertRegex(output
, f
'default via 192.168.5.1 proto dhcp src {address2} metric 24')
5631 self
.assertRegex(output
, f
'192.168.5.0/24 proto dhcp scope link src {address2} metric 24')
5632 self
.assertRegex(output
, f
'192.168.5.1 proto dhcp scope link src {address2} metric 24')
5633 self
.assertNotIn('192.168.5.6', output
)
5634 self
.assertRegex(output
, f
'192.168.5.7 proto dhcp scope link src {address2} metric 24')
5635 self
.assertRegex(output
, f
'192.168.5.8 proto dhcp scope link src {address2} metric 24')
5636 self
.assertIn('10.0.0.0/8 via 192.168.5.1 proto dhcp', output
)
5638 print('## link state file')
5639 output
= read_link_state_file('veth99')
5641 # checking DNS server, SIP server, and Domains
5642 self
.assertIn('DNS=192.168.5.1 192.168.5.7 192.168.5.8', output
)
5643 self
.assertIn('SIP=192.168.5.23 192.168.5.24', output
)
5644 self
.assertIn('DOMAINS=foo.example.com', output
)
5647 output
= check_output(*networkctl_cmd
, '--json=short', 'status', 'veth99', env
=env
)
5648 j
= json
.loads(output
)
5650 self
.assertEqual(len(j
['DNS']), 3)
5653 self
.assertEqual(i
['Family'], 2)
5654 a
= socket
.inet_ntop(socket
.AF_INET
, bytearray(i
['Address']))
5655 self
.assertRegex(a
, '^192.168.5.[178]$')
5656 self
.assertEqual(i
['ConfigSource'], 'DHCPv4')
5657 a
= socket
.inet_ntop(socket
.AF_INET
, bytearray(i
['ConfigProvider']))
5658 self
.assertEqual('192.168.5.1', a
)
5660 self
.assertEqual(len(j
['SIP']), 2)
5663 self
.assertEqual(i
['Family'], 2)
5664 a
= socket
.inet_ntop(socket
.AF_INET
, bytearray(i
['Address']))
5665 self
.assertRegex(a
, '^192.168.5.2[34]$')
5666 self
.assertEqual(i
['ConfigSource'], 'DHCPv4')
5667 a
= socket
.inet_ntop(socket
.AF_INET
, bytearray(i
['ConfigProvider']))
5668 self
.assertEqual('192.168.5.1', a
)
5670 print('## dnsmasq log')
5671 output
= read_dnsmasq_log_file()
5673 self
.assertIn('vendor class: FooBarVendorTest', output
)
5674 self
.assertIn(f
'DHCPDISCOVER(veth-peer) {address1} 12:34:56:78:9a:bc', output
)
5675 self
.assertIn('client provides name: test-hostname', output
)
5676 self
.assertIn('26:mtu', output
)
5678 self
.check_netlabel('veth99', r
'192\.168\.5\.0/24')
5680 self
.check_nftset('addr4', r
'192\.168\.5\.1')
5681 self
.check_nftset('network4', r
'192\.168\.5\.0/24')
5682 self
.check_nftset('ifindex', 'veth99')
5684 self
.teardown_nftset('addr4', 'network4', 'ifindex')
5686 def test_dhcp_client_ipv4_dbus_status(self
):
5687 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-ipv4-only.network')
5689 self
.wait_online(['veth-peer:carrier'])
5691 state
= get_dhcp4_client_state('veth99')
5692 print(f
"State = {state}")
5693 self
.assertEqual(state
, 'rebooting')
5695 start_dnsmasq('--dhcp-option=option:dns-server,192.168.5.6,192.168.5.7',
5696 '--dhcp-option=option:domain-search,example.com',
5697 '--dhcp-alternate-port=67,5555',
5698 ipv4_range
='192.168.5.110,192.168.5.119')
5699 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
5700 self
.wait_address('veth99', r
'inet 192.168.5.11[0-9]*/24', ipv
='-4')
5702 state
= get_dhcp4_client_state('veth99')
5703 print(f
"State = {state}")
5704 self
.assertEqual(state
, 'bound')
5706 def test_dhcp_client_allow_list(self
):
5707 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-allow-list.network', copy_dropins
=False)
5710 self
.wait_online(['veth-peer:carrier'])
5711 since
= datetime
.datetime
.now()
5714 expect
= 'veth99: DHCPv4 server IP address 192.168.5.1 not found in allow-list, ignoring offer.'
5716 if expect
in read_networkd_log(since
=since
):
5722 copy_network_unit('25-dhcp-client-allow-list.network.d/00-allow-list.conf')
5723 since
= datetime
.datetime
.now()
5726 expect
= 'veth99: DHCPv4 server IP address 192.168.5.1 not found in allow-list, ignoring offer.'
5728 if expect
in read_networkd_log(since
=since
):
5734 copy_network_unit('25-dhcp-client-allow-list.network.d/10-deny-list.conf')
5735 since
= datetime
.datetime
.now()
5738 expect
= 'veth99: DHCPv4 server IP address 192.168.5.1 found in deny-list, ignoring offer.'
5740 if expect
in read_networkd_log(since
=since
):
5746 @unittest.skipUnless("--dhcp-rapid-commit" in run("dnsmasq --help").stdout
, reason
="dnsmasq is missing dhcp-rapid-commit support")
5747 def test_dhcp_client_rapid_commit(self
):
5748 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client.network')
5750 self
.wait_online(['veth-peer:carrier'])
5752 start_dnsmasq('--dhcp-rapid-commit')
5753 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
5754 self
.wait_address('veth99', r
'inet 192.168.5.[0-9]*/24', ipv
='-4')
5756 state
= get_dhcp4_client_state('veth99')
5757 print(f
"DHCPv4 client state = {state}")
5758 self
.assertEqual(state
, 'bound')
5760 output
= read_dnsmasq_log_file()
5761 self
.assertIn('DHCPDISCOVER(veth-peer)', output
)
5762 self
.assertNotIn('DHCPOFFER(veth-peer)', output
)
5763 self
.assertNotIn('DHCPREQUEST(veth-peer)', output
)
5764 self
.assertIn('DHCPACK(veth-peer)', output
)
5766 def test_dhcp_client_ipv6_only_mode_without_ipv6_connectivity(self
):
5767 copy_network_unit('25-veth.netdev',
5768 '25-dhcp-server-ipv6-only-mode.network',
5769 '25-dhcp-client-ipv6-only-mode.network')
5771 self
.wait_online(['veth99:routable', 'veth-peer:routable'], timeout
='40s')
5772 self
.wait_address('veth99', r
'inet 192.168.5.[0-9]*/24', ipv
='-4')
5774 state
= get_dhcp4_client_state('veth99')
5775 print(f
"State = {state}")
5776 self
.assertEqual(state
, 'bound')
5778 def test_dhcp_client_ipv4_use_routes_gateway(self
):
5780 for (routes
, gateway
, dns_and_ntp_routes
, classless
) in itertools
.product([True, False], repeat
=4):
5786 print(f
'### test_dhcp_client_ipv4_use_routes_gateway(routes={routes}, gateway={gateway}, dns_and_ntp_routes={dns_and_ntp_routes}, classless={classless})')
5787 with self
.subTest(routes
=routes
, gateway
=gateway
, dns_and_ntp_routes
=dns_and_ntp_routes
, classless
=classless
):
5788 self
._test
_dhcp
_client
_ipv
4_use
_routes
_gateway
(routes
, gateway
, dns_and_ntp_routes
, classless
)
5790 def _test_dhcp_client_ipv4_use_routes_gateway(self
, use_routes
, use_gateway
, dns_and_ntp_routes
, classless
):
5791 testunit
= '25-dhcp-client-ipv4-use-routes-use-gateway.network'
5792 testunits
= ['25-veth.netdev', '25-dhcp-server-veth-peer.network', testunit
]
5793 testunits
.append(f
'{testunit}.d/use-routes-{use_routes}.conf')
5794 testunits
.append(f
'{testunit}.d/use-gateway-{use_gateway}.conf')
5795 testunits
.append(f
'{testunit}.d/use-dns-and-ntp-routes-{dns_and_ntp_routes}.conf')
5796 copy_network_unit(*testunits
, copy_dropins
=False)
5799 self
.wait_online(['veth-peer:carrier'])
5800 additional_options
= [
5801 '--dhcp-option=option:dns-server,192.168.5.10,8.8.8.8',
5802 '--dhcp-option=option:ntp-server,192.168.5.11,9.9.9.9',
5803 '--dhcp-option=option:static-route,192.168.6.100,192.168.5.2,8.8.8.8,192.168.5.3'
5806 additional_options
+= [
5807 '--dhcp-option=option:classless-static-route,0.0.0.0/0,192.168.5.4,8.0.0.0/8,192.168.5.5,192.168.5.64/26,192.168.5.5'
5809 start_dnsmasq(*additional_options
)
5810 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
5812 output
= check_output('ip -4 route show dev veth99')
5818 self
.assertRegex(output
, r
'default via 192.168.5.4 proto dhcp src 192.168.5.[0-9]* metric 1024')
5819 self
.assertRegex(output
, r
'8.0.0.0/8 via 192.168.5.5 proto dhcp src 192.168.5.[0-9]* metric 1024')
5820 self
.assertRegex(output
, r
'192.168.5.64/26 via 192.168.5.5 proto dhcp src 192.168.5.[0-9]* metric 1024')
5821 self
.assertRegex(output
, r
'192.168.5.4 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
5822 self
.assertRegex(output
, r
'192.168.5.5 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
5824 self
.assertRegex(output
, r
'192.168.6.0/24 via 192.168.5.2 proto dhcp src 192.168.5.[0-9]* metric 1024')
5825 self
.assertRegex(output
, r
'8.0.0.0/8 via 192.168.5.3 proto dhcp src 192.168.5.[0-9]* metric 1024')
5826 self
.assertRegex(output
, r
'192.168.5.2 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
5827 self
.assertRegex(output
, r
'192.168.5.3 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
5829 self
.assertNotRegex(output
, r
'default via 192.168.5.4 proto dhcp src 192.168.5.[0-9]* metric 1024')
5830 self
.assertNotRegex(output
, r
'8.0.0.0/8 via 192.168.5.5 proto dhcp src 192.168.5.[0-9]* metric 1024')
5831 self
.assertNotRegex(output
, r
'192.168.5.4 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
5832 self
.assertNotRegex(output
, r
'192.168.5.5 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
5833 self
.assertNotRegex(output
, r
'192.168.6.0/24 via 192.168.5.2 proto dhcp src 192.168.5.[0-9]* metric 1024')
5834 self
.assertNotRegex(output
, r
'8.0.0.0/8 via 192.168.5.3 proto dhcp src 192.168.5.[0-9]* metric 1024')
5835 self
.assertNotRegex(output
, r
'192.168.5.2 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
5836 self
.assertNotRegex(output
, r
'192.168.5.3 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
5839 if use_gateway
and (not classless
or not use_routes
):
5840 self
.assertRegex(output
, r
'default via 192.168.5.1 proto dhcp src 192.168.5.[0-9]* metric 1024')
5842 self
.assertNotRegex(output
, r
'default via 192.168.5.1 proto dhcp src 192.168.5.[0-9]* metric 1024')
5844 # Check route to gateway
5845 if (use_gateway
or dns_and_ntp_routes
) and (not classless
or not use_routes
):
5846 self
.assertRegex(output
, r
'192.168.5.1 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
5848 self
.assertNotRegex(output
, r
'192.168.5.1 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
5850 # Check RoutesToDNS= and RoutesToNTP=
5851 if dns_and_ntp_routes
:
5852 self
.assertRegex(output
, r
'192.168.5.10 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
5853 self
.assertRegex(output
, r
'192.168.5.11 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
5856 self
.assertRegex(output
, r
'8.8.8.8 via 192.168.5.5 proto dhcp src 192.168.5.[0-9]* metric 1024')
5857 self
.assertRegex(output
, r
'9.9.9.9 via 192.168.5.4 proto dhcp src 192.168.5.[0-9]* metric 1024')
5859 self
.assertRegex(output
, r
'8.8.8.8 via 192.168.5.3 proto dhcp src 192.168.5.[0-9]* metric 1024')
5860 self
.assertRegex(output
, r
'9.9.9.9 via 192.168.5.1 proto dhcp src 192.168.5.[0-9]* metric 1024')
5862 self
.assertRegex(output
, r
'8.8.8.8 via 192.168.5.1 proto dhcp src 192.168.5.[0-9]* metric 1024')
5863 self
.assertRegex(output
, r
'9.9.9.9 via 192.168.5.1 proto dhcp src 192.168.5.[0-9]* metric 1024')
5865 self
.assertNotRegex(output
, r
'192.168.5.10 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
5866 self
.assertNotRegex(output
, r
'192.168.5.11 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
5867 self
.assertNotRegex(output
, r
'8.8.8.8 via 192.168.5.[0-9]* proto dhcp src 192.168.5.[0-9]* metric 1024')
5868 self
.assertNotRegex(output
, r
'9.9.9.9 via 192.168.5.[0-9]* proto dhcp src 192.168.5.[0-9]* metric 1024')
5870 output
= check_output(*networkctl_cmd
, '--json=short', 'status', env
=env
)
5873 def test_dhcp_client_settings_anonymize(self
):
5874 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-anonymize.network')
5876 self
.wait_online(['veth-peer:carrier'])
5878 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
5880 print('## dnsmasq log')
5881 output
= read_dnsmasq_log_file()
5883 self
.assertNotIn('VendorClassIdentifier=SusantVendorTest', output
)
5884 self
.assertNotIn('test-hostname', output
)
5885 self
.assertNotIn('26:mtu', output
)
5887 def test_dhcp_keep_configuration_dhcp(self
):
5888 copy_network_unit('25-veth.netdev',
5889 '25-dhcp-server-veth-peer.network',
5890 '25-dhcp-client-keep-configuration-dhcp.network')
5892 self
.wait_online(['veth-peer:carrier'])
5894 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
5896 output
= check_output('ip address show dev veth99 scope global')
5898 self
.assertRegex(output
, r
'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global veth99\n *'
5899 'valid_lft forever preferred_lft forever')
5901 # Stopping dnsmasq as networkd won't be allowed to renew the DHCP lease.
5904 # Sleep for 120 sec as the dnsmasq minimum lease time can only be set to 120
5905 print('Wait for the DHCP lease to be expired')
5908 # The lease address should be kept after the lease expired
5909 output
= check_output('ip address show dev veth99 scope global')
5911 self
.assertRegex(output
, r
'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global veth99\n *'
5912 'valid_lft forever preferred_lft forever')
5916 # The lease address should be kept after networkd stopped
5917 output
= check_output('ip address show dev veth99 scope global')
5919 self
.assertRegex(output
, r
'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global veth99\n *'
5920 'valid_lft forever preferred_lft forever')
5922 with
open(os
.path
.join(network_unit_dir
, '25-dhcp-client-keep-configuration-dhcp.network'), mode
='a', encoding
='utf-8') as f
:
5923 f
.write('[Network]\nDHCP=no\n')
5926 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
5928 # Still the lease address should be kept after networkd restarted
5929 output
= check_output('ip address show dev veth99 scope global')
5931 self
.assertRegex(output
, r
'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global veth99\n *'
5932 'valid_lft forever preferred_lft forever')
5934 def test_dhcp_keep_configuration_dhcp_on_stop(self
):
5935 copy_network_unit('25-veth.netdev',
5936 '25-dhcp-server-veth-peer.network',
5937 '25-dhcp-client-keep-configuration-dhcp-on-stop.network')
5939 self
.wait_online(['veth-peer:carrier'])
5941 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
5943 output
= check_output('ip address show dev veth99 scope global')
5945 self
.assertRegex(output
, r
'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic veth99')
5950 output
= check_output('ip address show dev veth99 scope global')
5952 self
.assertRegex(output
, r
'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic veth99')
5955 self
.wait_online(['veth-peer:routable'])
5957 output
= check_output('ip address show dev veth99 scope global')
5959 self
.assertNotIn('192.168.5.', output
)
5961 def test_dhcp_client_reuse_address_as_static(self
):
5962 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client.network')
5964 self
.wait_online(['veth-peer:carrier'])
5966 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
5968 # link become 'routable' when at least one protocol provide an valid address.
5969 self
.wait_address('veth99', r
'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic', ipv
='-4')
5970 self
.wait_address('veth99', r
'inet6 2600::[0-9a-f]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)', ipv
='-6')
5972 output
= check_output('ip address show dev veth99 scope global')
5973 ipv4_address
= re
.search(r
'192.168.5.[0-9]*/24', output
).group()
5974 ipv6_address
= re
.search(r
'2600::[0-9a-f:]*/128', output
).group()
5975 static_network
= '\n'.join(['[Match]', 'Name=veth99', '[Network]', 'IPv6AcceptRA=no', 'Address=' + ipv4_address
, 'Address=' + ipv6_address
])
5976 print(static_network
)
5978 remove_network_unit('25-dhcp-client.network')
5980 with
open(os
.path
.join(network_unit_dir
, '25-static.network'), mode
='w', encoding
='utf-8') as f
:
5981 f
.write(static_network
)
5984 self
.wait_online(['veth99:routable'])
5986 output
= check_output('ip -4 address show dev veth99 scope global')
5988 self
.assertRegex(output
, f
'inet {ipv4_address} brd 192.168.5.255 scope global veth99\n *'
5989 'valid_lft forever preferred_lft forever')
5991 output
= check_output('ip -6 address show dev veth99 scope global')
5993 self
.assertRegex(output
, f
'inet6 {ipv6_address} scope global *\n *'
5994 'valid_lft forever preferred_lft forever')
5996 @expectedFailureIfModuleIsNotAvailable('vrf')
5997 def test_dhcp_client_vrf(self
):
5998 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client-vrf.network',
5999 '25-vrf.netdev', '25-vrf.network')
6001 self
.wait_online(['veth-peer:carrier'])
6003 self
.wait_online(['veth99:routable', 'veth-peer:routable', 'vrf99:carrier'])
6005 # link become 'routable' when at least one protocol provide an valid address.
6006 self
.wait_address('veth99', r
'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic', ipv
='-4')
6007 self
.wait_address('veth99', r
'inet6 2600::[0-9a-f]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)', ipv
='-6')
6009 print('## ip -d link show dev vrf99')
6010 output
= check_output('ip -d link show dev vrf99')
6012 self
.assertRegex(output
, 'vrf table 42')
6014 print('## ip address show vrf vrf99')
6015 output
= check_output('ip address show vrf vrf99')
6017 self
.assertRegex(output
, 'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic veth99')
6018 self
.assertRegex(output
, 'inet6 2600::[0-9a-f]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)')
6019 self
.assertRegex(output
, 'inet6 .* scope link')
6021 print('## ip address show dev veth99')
6022 output
= check_output('ip address show dev veth99')
6024 self
.assertRegex(output
, 'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic veth99')
6025 self
.assertRegex(output
, 'inet6 2600::[0-9a-f]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)')
6026 self
.assertRegex(output
, 'inet6 .* scope link')
6028 print('## ip route show vrf vrf99')
6029 output
= check_output('ip route show vrf vrf99')
6031 self
.assertRegex(output
, 'default via 192.168.5.1 dev veth99 proto dhcp src 192.168.5.')
6032 self
.assertRegex(output
, '192.168.5.0/24 dev veth99 proto kernel scope link src 192.168.5')
6033 self
.assertRegex(output
, '192.168.5.1 dev veth99 proto dhcp scope link src 192.168.5')
6035 print('## ip route show table main dev veth99')
6036 output
= check_output('ip route show table main dev veth99')
6038 self
.assertEqual(output
, '')
6040 def test_dhcp_client_gateway_onlink_implicit(self
):
6041 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network',
6042 '25-dhcp-client-gateway-onlink-implicit.network')
6044 self
.wait_online(['veth-peer:carrier'])
6046 self
.wait_online(['veth99:routable', 'veth-peer:routable'])
6048 output
= check_output(*networkctl_cmd
, '-n', '0', 'status', 'veth99', env
=env
)
6050 self
.assertRegex(output
, '192.168.5')
6052 output
= check_output('ip route list dev veth99 10.0.0.0/8')
6054 self
.assertRegex(output
, 'onlink')
6055 output
= check_output('ip route list dev veth99 192.168.100.0/24')
6057 self
.assertRegex(output
, 'onlink')
6059 def test_dhcp_client_with_ipv4ll(self
):
6060 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network',
6061 '25-dhcp-client-with-ipv4ll.network')
6063 # we need to increase timeout above default, as this will need to wait for
6064 # systemd-networkd to get the dhcpv4 transient failure event
6065 self
.wait_online(['veth99:degraded', 'veth-peer:routable'], timeout
='60s')
6067 output
= check_output('ip -4 address show dev veth99')
6069 self
.assertNotIn('192.168.5.', output
)
6070 self
.assertIn('inet 169.254.133.11/16 metric 2048 brd 169.254.255.255 scope link', output
)
6073 print('Wait for a DHCP lease to be acquired and the IPv4LL address to be dropped')
6074 self
.wait_address('veth99', r
'inet 192\.168\.5\.\d+/24 metric 1024 brd 192\.168\.5\.255 scope global dynamic', ipv
='-4')
6075 self
.wait_address_dropped('veth99', r
'inet 169\.254\.\d+\.\d+/16 metric 2048 brd 169\.254\.255\.255 scope link', scope
='link', ipv
='-4')
6076 self
.wait_online(['veth99:routable'])
6078 output
= check_output('ip -4 address show dev veth99')
6080 self
.assertRegex(output
, r
'inet 192\.168\.5\.\d+/24 metric 1024 brd 192\.168\.5\.255 scope global dynamic veth99')
6081 self
.assertNotIn('169.254.', output
)
6082 self
.assertNotIn('scope link', output
)
6085 print('Wait for the DHCP lease to be expired and an IPv4LL address to be acquired')
6086 self
.wait_address_dropped('veth99', r
'inet 192\.168\.5\.\d+/24 metric 1024 brd 192\.168\.5\.255 scope global dynamic', ipv
='-4', timeout_sec
=130)
6087 self
.wait_address('veth99', r
'inet 169\.254\.133\.11/16 metric 2048 brd 169\.254\.255\.255 scope link', scope
='link', ipv
='-4')
6089 output
= check_output('ip -4 address show dev veth99')
6091 self
.assertNotIn('192.168.5.', output
)
6092 self
.assertIn('inet 169.254.133.11/16 metric 2048 brd 169.254.255.255 scope link', output
)
6094 def test_dhcp_client_use_dns(self
):
6095 def check(self
, ipv4
, ipv6
):
6096 os
.makedirs(os
.path
.join(network_unit_dir
, '25-dhcp-client.network.d'), exist_ok
=True)
6097 with
open(os
.path
.join(network_unit_dir
, '25-dhcp-client.network.d/override.conf'), mode
='w', encoding
='utf-8') as f
:
6098 f
.write('[DHCPv4]\nUseDNS=')
6099 f
.write('yes' if ipv4
else 'no')
6100 f
.write('\n[DHCPv6]\nUseDNS=')
6101 f
.write('yes' if ipv6
else 'no')
6102 f
.write('\n[IPv6AcceptRA]\nUseDNS=no')
6105 self
.wait_online(['veth99:routable'])
6107 # link becomes 'routable' when at least one protocol provide an valid address. Hence, we need to explicitly wait for both addresses.
6108 self
.wait_address('veth99', r
'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic', ipv
='-4')
6109 self
.wait_address('veth99', r
'inet6 2600::[0-9a-f]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)', ipv
='-6')
6111 # make resolved re-read the link state file
6112 check_output(*resolvectl_cmd
, 'revert', 'veth99', env
=env
)
6114 output
= check_output(*resolvectl_cmd
, 'dns', 'veth99', env
=env
)
6117 self
.assertIn('192.168.5.1', output
)
6119 self
.assertNotIn('192.168.5.1', output
)
6121 self
.assertIn('2600::1', output
)
6123 self
.assertNotIn('2600::1', output
)
6125 output
= check_output(*networkctl_cmd
, '--json=short', 'status', env
=env
)
6128 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client.network', copy_dropins
=False)
6131 self
.wait_online(['veth-peer:carrier'])
6132 start_dnsmasq('--dhcp-option=option:dns-server,192.168.5.1',
6133 '--dhcp-option=option6:dns-server,[2600::1]')
6135 check(self
, True, True)
6136 check(self
, True, False)
6137 check(self
, False, True)
6138 check(self
, False, False)
6140 def test_dhcp_client_use_captive_portal(self
):
6141 def check(self
, ipv4
, ipv6
):
6142 os
.makedirs(os
.path
.join(network_unit_dir
, '25-dhcp-client.network.d'), exist_ok
=True)
6143 with
open(os
.path
.join(network_unit_dir
, '25-dhcp-client.network.d/override.conf'), mode
='w', encoding
='utf-8') as f
:
6144 f
.write('[DHCPv4]\nUseCaptivePortal=')
6145 f
.write('yes' if ipv4
else 'no')
6146 f
.write('\n[DHCPv6]\nUseCaptivePortal=')
6147 f
.write('yes' if ipv6
else 'no')
6148 f
.write('\n[IPv6AcceptRA]\nUseCaptivePortal=no')
6151 self
.wait_online(['veth99:routable'])
6153 # link becomes 'routable' when at least one protocol provide an valid address. Hence, we need to explicitly wait for both addresses.
6154 self
.wait_address('veth99', r
'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic', ipv
='-4')
6155 self
.wait_address('veth99', r
'inet6 2600::[0-9a-f]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)', ipv
='-6')
6157 output
= check_output(*networkctl_cmd
, 'status', 'veth99', env
=env
)
6160 self
.assertIn('Captive Portal: http://systemd.io', output
)
6162 self
.assertNotIn('Captive Portal: http://systemd.io', output
)
6164 output
= check_output(*networkctl_cmd
, '--json=short', 'status', env
=env
)
6167 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client.network', copy_dropins
=False)
6170 self
.wait_online(['veth-peer:carrier'])
6171 start_dnsmasq('--dhcp-option=114,http://systemd.io',
6172 '--dhcp-option=option6:103,http://systemd.io')
6174 check(self
, True, True)
6175 check(self
, True, False)
6176 check(self
, False, True)
6177 check(self
, False, False)
6179 def test_dhcp_client_reject_captive_portal(self
):
6180 def check(self
, ipv4
, ipv6
):
6181 os
.makedirs(os
.path
.join(network_unit_dir
, '25-dhcp-client.network.d'), exist_ok
=True)
6182 with
open(os
.path
.join(network_unit_dir
, '25-dhcp-client.network.d/override.conf'), mode
='w', encoding
='utf-8') as f
:
6183 f
.write('[DHCPv4]\nUseCaptivePortal=')
6184 f
.write('yes' if ipv4
else 'no')
6185 f
.write('\n[DHCPv6]\nUseCaptivePortal=')
6186 f
.write('yes' if ipv6
else 'no')
6187 f
.write('\n[IPv6AcceptRA]\nUseCaptivePortal=no')
6190 self
.wait_online(['veth99:routable'])
6192 # link becomes 'routable' when at least one protocol provide an valid address. Hence, we need to explicitly wait for both addresses.
6193 self
.wait_address('veth99', r
'inet 192.168.5.[0-9]*/24 metric 1024 brd 192.168.5.255 scope global dynamic', ipv
='-4')
6194 self
.wait_address('veth99', r
'inet6 2600::[0-9a-f]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)', ipv
='-6')
6196 output
= check_output(*networkctl_cmd
, 'status', 'veth99', env
=env
)
6198 self
.assertNotIn('Captive Portal: ', output
)
6199 self
.assertNotIn('invalid/url', output
)
6201 output
= check_output(*networkctl_cmd
, '--json=short', 'status', env
=env
)
6204 copy_network_unit('25-veth.netdev', '25-dhcp-server-veth-peer.network', '25-dhcp-client.network', copy_dropins
=False)
6207 self
.wait_online(['veth-peer:carrier'])
6208 masq
= lambda bs
: ':'.join(f
'{b:02x}' for b
in bs
)
6209 start_dnsmasq('--dhcp-option=114,' + masq(b
'http://\x00invalid/url'),
6210 '--dhcp-option=option6:103,' + masq(b
'http://\x00/invalid/url'))
6212 check(self
, True, True)
6213 check(self
, True, False)
6214 check(self
, False, True)
6215 check(self
, False, False)
6217 class NetworkdDHCPPDTests(unittest
.TestCase
, Utilities
):
6225 def test_dhcp6pd(self
):
6226 def get_dhcp6_prefix(link
):
6227 description
= get_link_description(link
)
6229 self
.assertIn('DHCPv6Client', description
.keys())
6230 self
.assertIn('Prefixes', description
['DHCPv6Client'])
6232 prefixInfo
= description
['DHCPv6Client']['Prefixes']
6236 copy_network_unit('25-veth.netdev', '25-dhcp6pd-server.network', '25-dhcp6pd-upstream.network',
6237 '25-veth-downstream-veth97.netdev', '25-dhcp-pd-downstream-veth97.network', '25-dhcp-pd-downstream-veth97-peer.network',
6238 '25-veth-downstream-veth98.netdev', '25-dhcp-pd-downstream-veth98.network', '25-dhcp-pd-downstream-veth98-peer.network',
6239 '11-dummy.netdev', '25-dhcp-pd-downstream-test1.network',
6240 '25-dhcp-pd-downstream-dummy97.network',
6241 '12-dummy.netdev', '25-dhcp-pd-downstream-dummy98.network',
6242 '13-dummy.netdev', '25-dhcp-pd-downstream-dummy99.network',
6245 self
.setup_nftset('addr6', 'ipv6_addr')
6246 self
.setup_nftset('network6', 'ipv6_addr', 'flags interval;')
6247 self
.setup_nftset('ifindex', 'iface_index')
6250 self
.wait_online(['veth-peer:routable'])
6251 start_isc_dhcpd(conf_file
='isc-dhcpd-dhcp6pd.conf', ipv
='-6')
6252 self
.wait_online(['veth99:degraded'])
6254 # First, test UseAddress=no and Assign=no (issue #29979).
6255 # Note, due to the bug #29701, this test must be done at first.
6256 print('### ip -6 address show dev veth99 scope global')
6257 output
= check_output('ip -6 address show dev veth99 scope global')
6259 self
.assertNotIn('inet6 3ffe:501:ffff', output
)
6261 # Check DBus assigned prefix information to veth99
6262 prefixInfo
= get_dhcp6_prefix('veth99')
6264 self
.assertEqual(len(prefixInfo
), 1)
6265 prefixInfo
= prefixInfo
[0]
6267 self
.assertIn('Prefix', prefixInfo
.keys())
6268 self
.assertIn('PrefixLength', prefixInfo
.keys())
6269 self
.assertIn('PreferredLifetimeUSec', prefixInfo
.keys())
6270 self
.assertIn('ValidLifetimeUSec', prefixInfo
.keys())
6272 self
.assertEqual(prefixInfo
['Prefix'][0:6], [63, 254, 5, 1, 255, 255])
6273 self
.assertEqual(prefixInfo
['PrefixLength'], 56)
6274 self
.assertGreater(prefixInfo
['PreferredLifetimeUSec'], 0)
6275 self
.assertGreater(prefixInfo
['ValidLifetimeUSec'], 0)
6277 copy_network_unit('25-dhcp6pd-upstream.network.d/with-address.conf')
6279 self
.wait_online(['veth99:routable', 'test1:routable', 'dummy98:routable', 'dummy99:degraded',
6280 'veth97:routable', 'veth97-peer:routable', 'veth98:routable', 'veth98-peer:routable'])
6282 print('### ip -6 address show dev veth-peer scope global')
6283 output
= check_output('ip -6 address show dev veth-peer scope global')
6285 self
.assertIn('inet6 3ffe:501:ffff:100::1/64 scope global', output
)
6289 # dummy97: 0x01 (The link will appear later)
6291 # dummy99: auto -> 0x02 (No address assignment)
6296 print('### ip -6 address show dev veth99 scope global')
6297 output
= check_output('ip -6 address show dev veth99 scope global')
6300 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:100::[0-9]*/128 scope global (dynamic noprefixroute|noprefixroute dynamic)')
6301 # address in IA_PD (Token=static)
6302 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]10:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic')
6303 # address in IA_PD (Token=eui64)
6304 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]10:1034:56ff:fe78:9abc/64 (metric 256 |)scope global dynamic')
6305 # address in IA_PD (temporary)
6306 # Note that the temporary addresses may appear after the link enters configured state
6307 self
.wait_address('veth99', 'inet6 3ffe:501:ffff:[2-9a-f]10:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6309 print('### ip -6 address show dev test1 scope global')
6310 output
= check_output('ip -6 address show dev test1 scope global')
6312 # address in IA_PD (Token=static)
6313 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]00:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6314 # address in IA_PD (temporary)
6315 self
.wait_address('test1', 'inet6 3ffe:501:ffff:[2-9a-f]00:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6317 print('### ip -6 address show dev dummy98 scope global')
6318 output
= check_output('ip -6 address show dev dummy98 scope global')
6320 # address in IA_PD (Token=static)
6321 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]00:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6322 # address in IA_PD (temporary)
6323 self
.wait_address('dummy98', 'inet6 3ffe:501:ffff:[2-9a-f]00:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6325 print('### ip -6 address show dev dummy99 scope global')
6326 output
= check_output('ip -6 address show dev dummy99 scope global')
6329 self
.assertNotRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]02')
6331 print('### ip -6 address show dev veth97 scope global')
6332 output
= check_output('ip -6 address show dev veth97 scope global')
6334 # address in IA_PD (Token=static)
6335 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]08:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6336 # address in IA_PD (Token=eui64)
6337 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]08:1034:56ff:fe78:9ace/64 (metric 256 |)scope global dynamic mngtmpaddr')
6338 # address in IA_PD (temporary)
6339 self
.wait_address('veth97', 'inet6 3ffe:501:ffff:[2-9a-f]08:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6341 print('### ip -6 address show dev veth97-peer scope global')
6342 output
= check_output('ip -6 address show dev veth97-peer scope global')
6344 # NDisc address (Token=static)
6345 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]08:1a:2b:3c:4e/64 (metric 256 |)scope global dynamic mngtmpaddr')
6346 # NDisc address (Token=eui64)
6347 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]08:1034:56ff:fe78:9acf/64 (metric 256 |)scope global dynamic mngtmpaddr')
6348 # NDisc address (temporary)
6349 self
.wait_address('veth97-peer', 'inet6 3ffe:501:ffff:[2-9a-f]08:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6351 print('### ip -6 address show dev veth98 scope global')
6352 output
= check_output('ip -6 address show dev veth98 scope global')
6354 # address in IA_PD (Token=static)
6355 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]09:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6356 # address in IA_PD (Token=eui64)
6357 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]09:1034:56ff:fe78:9abe/64 (metric 256 |)scope global dynamic mngtmpaddr')
6358 # address in IA_PD (temporary)
6359 self
.wait_address('veth98', 'inet6 3ffe:501:ffff:[2-9a-f]09:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6361 print('### ip -6 address show dev veth98-peer scope global')
6362 output
= check_output('ip -6 address show dev veth98-peer scope global')
6364 # NDisc address (Token=static)
6365 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]09:1a:2b:3c:4e/64 (metric 256 |)scope global dynamic mngtmpaddr')
6366 # NDisc address (Token=eui64)
6367 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]09:1034:56ff:fe78:9abf/64 (metric 256 |)scope global dynamic mngtmpaddr')
6368 # NDisc address (temporary)
6369 self
.wait_address('veth98-peer', 'inet6 3ffe:501:ffff:[2-9a-f]09:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6371 print('### ip -6 route show type unreachable')
6372 output
= check_output('ip -6 route show type unreachable')
6374 self
.assertRegex(output
, 'unreachable 3ffe:501:ffff:[2-9a-f]00::/56 dev lo proto dhcp')
6376 print('### ip -6 route show dev veth99')
6377 output
= check_output('ip -6 route show dev veth99')
6379 self
.assertRegex(output
, '3ffe:501:ffff:[2-9a-f]10::/64 proto kernel metric [0-9]* expires')
6381 print('### ip -6 route show dev test1')
6382 output
= check_output('ip -6 route show dev test1')
6384 self
.assertRegex(output
, '3ffe:501:ffff:[2-9a-f]00::/64 proto kernel metric [0-9]* expires')
6386 print('### ip -6 route show dev dummy98')
6387 output
= check_output('ip -6 route show dev dummy98')
6389 self
.assertRegex(output
, '3ffe:501:ffff:[2-9a-f]00::/64 proto kernel metric [0-9]* expires')
6391 print('### ip -6 route show dev dummy99')
6392 output
= check_output('ip -6 route show dev dummy99')
6394 self
.assertRegex(output
, '3ffe:501:ffff:[2-9a-f]02::/64 proto dhcp metric [0-9]* expires')
6396 print('### ip -6 route show dev veth97')
6397 output
= check_output('ip -6 route show dev veth97')
6399 self
.assertRegex(output
, '3ffe:501:ffff:[2-9a-f]08::/64 proto kernel metric [0-9]* expires')
6401 print('### ip -6 route show dev veth97-peer')
6402 output
= check_output('ip -6 route show dev veth97-peer')
6404 self
.assertRegex(output
, '3ffe:501:ffff:[2-9a-f]08::/64 proto ra metric [0-9]* expires')
6406 print('### ip -6 route show dev veth98')
6407 output
= check_output('ip -6 route show dev veth98')
6409 self
.assertRegex(output
, '3ffe:501:ffff:[2-9a-f]09::/64 proto kernel metric [0-9]* expires')
6411 print('### ip -6 route show dev veth98-peer')
6412 output
= check_output('ip -6 route show dev veth98-peer')
6414 self
.assertRegex(output
, '3ffe:501:ffff:[2-9a-f]09::/64 proto ra metric [0-9]* expires')
6416 # Test case for a downstream which appears later
6417 check_output('ip link add dummy97 type dummy')
6418 self
.wait_online(['dummy97:routable'])
6420 print('### ip -6 address show dev dummy97 scope global')
6421 output
= check_output('ip -6 address show dev dummy97 scope global')
6423 # address in IA_PD (Token=static)
6424 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]01:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6425 # address in IA_PD (temporary)
6426 self
.wait_address('dummy97', 'inet6 3ffe:501:ffff:[2-9a-f]01:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6428 print('### ip -6 route show dev dummy97')
6429 output
= check_output('ip -6 route show dev dummy97')
6431 self
.assertRegex(output
, '3ffe:501:ffff:[2-9a-f]01::/64 proto kernel metric [0-9]* expires')
6433 # Test case for reconfigure
6434 networkctl_reconfigure('dummy98', 'dummy99')
6435 self
.wait_online(['dummy98:routable', 'dummy99:degraded'])
6437 print('### ip -6 address show dev dummy98 scope global')
6438 output
= check_output('ip -6 address show dev dummy98 scope global')
6440 # address in IA_PD (Token=static)
6441 self
.assertRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]00:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6442 # address in IA_PD (temporary)
6443 self
.wait_address('dummy98', 'inet6 3ffe:501:ffff:[2-9a-f]00:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6445 print('### ip -6 address show dev dummy99 scope global')
6446 output
= check_output('ip -6 address show dev dummy99 scope global')
6449 self
.assertNotRegex(output
, 'inet6 3ffe:501:ffff:[2-9a-f]02')
6451 print('### ip -6 route show dev dummy98')
6452 output
= check_output('ip -6 route show dev dummy98')
6454 self
.assertRegex(output
, '3ffe:501:ffff:[2-9a-f]00::/64 proto kernel metric [0-9]* expires')
6456 print('### ip -6 route show dev dummy99')
6457 output
= check_output('ip -6 route show dev dummy99')
6459 self
.assertRegex(output
, '3ffe:501:ffff:[2-9a-f]02::/64 proto dhcp metric [0-9]* expires')
6461 self
.check_netlabel('dummy98', '3ffe:501:ffff:[2-9a-f]00::/64')
6463 self
.check_nftset('addr6', '3ffe:501:ffff:[2-9a-f]00:1a:2b:3c:4d')
6464 self
.check_nftset('addr6', '3ffe:501:ffff:[2-9a-f]00:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*')
6465 self
.check_nftset('network6', '3ffe:501:ffff:[2-9a-f]00::/64')
6466 self
.check_nftset('ifindex', 'dummy98')
6468 self
.teardown_nftset('addr6', 'network6', 'ifindex')
6470 def verify_dhcp4_6rd(self
, tunnel_name
):
6471 print('### ip -4 address show dev veth-peer scope global')
6472 output
= check_output('ip -4 address show dev veth-peer scope global')
6474 self
.assertIn('inet 10.0.0.1/8 brd 10.255.255.255 scope global veth-peer', output
)
6478 # dummy97: 0x01 (The link will appear later)
6480 # dummy99: auto -> 0x0[23] (No address assignment)
6481 # 6rd-XXX: auto -> 0x0[23]
6486 print('### ip -4 address show dev veth99 scope global')
6487 output
= check_output('ip -4 address show dev veth99 scope global')
6489 self
.assertRegex(output
, 'inet 10.100.100.[0-9]*/8 (metric 1024 |)brd 10.255.255.255 scope global dynamic veth99')
6491 print('### ip -6 address show dev veth99 scope global')
6492 output
= check_output('ip -6 address show dev veth99 scope global')
6494 # address in IA_PD (Token=static)
6495 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+10:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6496 # address in IA_PD (Token=eui64)
6497 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+10:1034:56ff:fe78:9abc/64 (metric 256 |)scope global dynamic mngtmpaddr')
6498 # address in IA_PD (temporary)
6499 # Note that the temporary addresses may appear after the link enters configured state
6500 self
.wait_address('veth99', 'inet6 2001:db8:6464:[0-9a-f]+10:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6502 print('### ip -6 address show dev test1 scope global')
6503 output
= check_output('ip -6 address show dev test1 scope global')
6505 # address in IA_PD (Token=static)
6506 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+00:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6507 # address in IA_PD (temporary)
6508 self
.wait_address('test1', 'inet6 2001:db8:6464:[0-9a-f]+00:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6510 print('### ip -6 address show dev dummy98 scope global')
6511 output
= check_output('ip -6 address show dev dummy98 scope global')
6513 # address in IA_PD (Token=static)
6514 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+00:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6515 # address in IA_PD (temporary)
6516 self
.wait_address('dummy98', 'inet6 2001:db8:6464:[0-9a-f]+00:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6518 print('### ip -6 address show dev dummy99 scope global')
6519 output
= check_output('ip -6 address show dev dummy99 scope global')
6522 self
.assertNotRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+0[23]')
6524 print('### ip -6 address show dev veth97 scope global')
6525 output
= check_output('ip -6 address show dev veth97 scope global')
6527 # address in IA_PD (Token=static)
6528 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+08:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6529 # address in IA_PD (Token=eui64)
6530 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+08:1034:56ff:fe78:9ace/64 (metric 256 |)scope global dynamic mngtmpaddr')
6531 # address in IA_PD (temporary)
6532 self
.wait_address('veth97', 'inet6 2001:db8:6464:[0-9a-f]+08:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6534 print('### ip -6 address show dev veth97-peer scope global')
6535 output
= check_output('ip -6 address show dev veth97-peer scope global')
6537 # NDisc address (Token=static)
6538 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+08:1a:2b:3c:4e/64 (metric 256 |)scope global dynamic mngtmpaddr')
6539 # NDisc address (Token=eui64)
6540 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+08:1034:56ff:fe78:9acf/64 (metric 256 |)scope global dynamic mngtmpaddr')
6541 # NDisc address (temporary)
6542 self
.wait_address('veth97-peer', 'inet6 2001:db8:6464:[0-9a-f]+08:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6544 print('### ip -6 address show dev veth98 scope global')
6545 output
= check_output('ip -6 address show dev veth98 scope global')
6547 # address in IA_PD (Token=static)
6548 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+09:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6549 # address in IA_PD (Token=eui64)
6550 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+09:1034:56ff:fe78:9abe/64 (metric 256 |)scope global dynamic mngtmpaddr')
6551 # address in IA_PD (temporary)
6552 self
.wait_address('veth98', 'inet6 2001:db8:6464:[0-9a-f]+09:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6554 print('### ip -6 address show dev veth98-peer scope global')
6555 output
= check_output('ip -6 address show dev veth98-peer scope global')
6557 # NDisc address (Token=static)
6558 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+09:1a:2b:3c:4e/64 (metric 256 |)scope global dynamic mngtmpaddr')
6559 # NDisc address (Token=eui64)
6560 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+09:1034:56ff:fe78:9abf/64 (metric 256 |)scope global dynamic mngtmpaddr')
6561 # NDisc address (temporary)
6562 self
.wait_address('veth98-peer', 'inet6 2001:db8:6464:[0-9a-f]+09:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6564 print('### ip -6 route show type unreachable')
6565 output
= check_output('ip -6 route show type unreachable')
6567 self
.assertRegex(output
, 'unreachable 2001:db8:6464:[0-9a-f]+00::/56 dev lo proto dhcp')
6569 print('### ip -6 route show dev veth99')
6570 output
= check_output('ip -6 route show dev veth99')
6572 self
.assertRegex(output
, '2001:db8:6464:[0-9a-f]+10::/64 proto kernel metric [0-9]* expires')
6574 print('### ip -6 route show dev test1')
6575 output
= check_output('ip -6 route show dev test1')
6577 self
.assertRegex(output
, '2001:db8:6464:[0-9a-f]+00::/64 proto kernel metric [0-9]* expires')
6579 print('### ip -6 route show dev dummy98')
6580 output
= check_output('ip -6 route show dev dummy98')
6582 self
.assertRegex(output
, '2001:db8:6464:[0-9a-f]+00::/64 proto kernel metric [0-9]* expires')
6584 print('### ip -6 route show dev dummy99')
6585 output
= check_output('ip -6 route show dev dummy99')
6587 self
.assertRegex(output
, '2001:db8:6464:[0-9a-f]+0[23]::/64 proto dhcp metric [0-9]* expires')
6589 print('### ip -6 route show dev veth97')
6590 output
= check_output('ip -6 route show dev veth97')
6592 self
.assertRegex(output
, '2001:db8:6464:[0-9a-f]+08::/64 proto kernel metric [0-9]* expires')
6594 print('### ip -6 route show dev veth97-peer')
6595 output
= check_output('ip -6 route show dev veth97-peer')
6597 self
.assertRegex(output
, '2001:db8:6464:[0-9a-f]+08::/64 proto ra metric [0-9]* expires')
6599 print('### ip -6 route show dev veth98')
6600 output
= check_output('ip -6 route show dev veth98')
6602 self
.assertRegex(output
, '2001:db8:6464:[0-9a-f]+09::/64 proto kernel metric [0-9]* expires')
6604 print('### ip -6 route show dev veth98-peer')
6605 output
= check_output('ip -6 route show dev veth98-peer')
6607 self
.assertRegex(output
, '2001:db8:6464:[0-9a-f]+09::/64 proto ra metric [0-9]* expires')
6609 print('### ip -6 address show dev dummy97 scope global')
6610 output
= check_output('ip -6 address show dev dummy97 scope global')
6612 # address in IA_PD (Token=static)
6613 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+01:1a:2b:3c:4d/64 (metric 256 |)scope global dynamic mngtmpaddr')
6614 # address in IA_PD (temporary)
6615 self
.wait_address('dummy97', 'inet6 2001:db8:6464:[0-9a-f]+01:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global temporary dynamic', ipv
='-6')
6617 print('### ip -6 route show dev dummy97')
6618 output
= check_output('ip -6 route show dev dummy97')
6620 self
.assertRegex(output
, '2001:db8:6464:[0-9a-f]+01::/64 proto kernel metric [0-9]* expires')
6622 print(f
'### ip -d link show dev {tunnel_name}')
6623 output
= check_output(f
'ip -d link show dev {tunnel_name}')
6625 self
.assertIn('link/sit 10.100.100.', output
)
6626 self
.assertIn('local 10.100.100.', output
)
6627 self
.assertIn('ttl 64', output
)
6628 self
.assertIn('6rd-prefix 2001:db8::/32', output
)
6629 self
.assertIn('6rd-relay_prefix 10.0.0.0/8', output
)
6631 print(f
'### ip -6 address show dev {tunnel_name}')
6632 output
= check_output(f
'ip -6 address show dev {tunnel_name}')
6634 self
.assertRegex(output
, 'inet6 2001:db8:6464:[0-9a-f]+0[23]:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*:[0-9a-f]*/64 (metric 256 |)scope global dynamic')
6635 self
.assertRegex(output
, 'inet6 ::10.100.100.[0-9]+/96 scope global')
6637 print(f
'### ip -6 route show dev {tunnel_name}')
6638 output
= check_output(f
'ip -6 route show dev {tunnel_name}')
6640 self
.assertRegex(output
, '2001:db8:6464:[0-9a-f]+0[23]::/64 proto kernel metric [0-9]* expires')
6641 self
.assertRegex(output
, '::/96 proto kernel metric [0-9]*')
6643 print('### ip -6 route show default')
6644 output
= check_output('ip -6 route show default')
6646 self
.assertIn('default', output
)
6647 self
.assertIn(f
'via ::10.0.0.1 dev {tunnel_name}', output
)
6649 def test_dhcp4_6rd(self
):
6650 def get_dhcp_6rd_prefix(link
):
6651 description
= get_link_description(link
)
6653 self
.assertIn('DHCPv4Client', description
.keys())
6654 self
.assertIn('6rdPrefix', description
['DHCPv4Client'].keys())
6656 prefixInfo
= description
['DHCPv4Client']['6rdPrefix']
6657 self
.assertIn('Prefix', prefixInfo
.keys())
6658 self
.assertIn('PrefixLength', prefixInfo
.keys())
6659 self
.assertIn('IPv4MaskLength', prefixInfo
.keys())
6660 self
.assertIn('BorderRouters', prefixInfo
.keys())
6664 copy_network_unit('25-veth.netdev', '25-dhcp4-6rd-server.network', '25-dhcp4-6rd-upstream.network',
6665 '25-veth-downstream-veth97.netdev', '25-dhcp-pd-downstream-veth97.network', '25-dhcp-pd-downstream-veth97-peer.network',
6666 '25-veth-downstream-veth98.netdev', '25-dhcp-pd-downstream-veth98.network', '25-dhcp-pd-downstream-veth98-peer.network',
6667 '11-dummy.netdev', '25-dhcp-pd-downstream-test1.network',
6668 '25-dhcp-pd-downstream-dummy97.network',
6669 '12-dummy.netdev', '25-dhcp-pd-downstream-dummy98.network',
6670 '13-dummy.netdev', '25-dhcp-pd-downstream-dummy99.network',
6671 '80-6rd-tunnel.network')
6674 self
.wait_online(['veth-peer:routable'])
6677 # 6rd-prefix: 2001:db8::/32
6678 # br-addresss: 10.0.0.1
6680 start_dnsmasq('--dhcp-option=212,08:20:20:01:0d:b8:00:00:00:00:00:00:00:00:00:00:00:00:0a:00:00:01',
6681 ipv4_range
='10.100.100.100,10.100.100.200',
6682 ipv4_router
='10.0.0.1')
6683 self
.wait_online(['veth99:routable', 'test1:routable', 'dummy98:routable', 'dummy99:degraded',
6684 'veth97:routable', 'veth97-peer:routable', 'veth98:routable', 'veth98-peer:routable'])
6686 # Check the DBus interface for assigned prefix information
6687 prefixInfo
= get_dhcp_6rd_prefix('veth99')
6689 self
.assertEqual(prefixInfo
['Prefix'], [32,1,13,184,0,0,0,0,0,0,0,0,0,0,0,0]) # 2001:db8::
6690 self
.assertEqual(prefixInfo
['PrefixLength'], 32)
6691 self
.assertEqual(prefixInfo
['IPv4MaskLength'], 8)
6692 self
.assertEqual(prefixInfo
['BorderRouters'], [[10,0,0,1]])
6694 # Test case for a downstream which appears later
6695 check_output('ip link add dummy97 type dummy')
6696 self
.wait_online(['dummy97:routable'])
6700 for name
in os
.listdir('/sys/class/net/'):
6701 if name
.startswith('6rd-'):
6705 self
.wait_online([f
'{tunnel_name}:routable'])
6707 self
.verify_dhcp4_6rd(tunnel_name
)
6709 # Test case for reconfigure
6710 networkctl_reconfigure('dummy98', 'dummy99')
6711 self
.wait_online(['dummy98:routable', 'dummy99:degraded'])
6713 self
.verify_dhcp4_6rd(tunnel_name
)
6715 print('Wait for the DHCP lease to be renewed/rebind')
6718 self
.wait_online(['veth99:routable', 'test1:routable', 'dummy97:routable', 'dummy98:routable', 'dummy99:degraded',
6719 'veth97:routable', 'veth97-peer:routable', 'veth98:routable', 'veth98-peer:routable'])
6721 self
.verify_dhcp4_6rd(tunnel_name
)
6723 class NetworkdIPv6PrefixTests(unittest
.TestCase
, Utilities
):
6731 def test_ipv6_route_prefix(self
):
6732 copy_network_unit('25-veth.netdev', '25-ipv6ra-prefix-client.network', '25-ipv6ra-prefix.network',
6733 '12-dummy.netdev', '25-ipv6ra-uplink.network')
6736 self
.wait_online(['veth99:routable', 'veth-peer:routable', 'dummy98:routable'])
6738 output
= check_output('ip address show dev veth-peer')
6740 self
.assertIn('inet6 2001:db8:0:1:', output
)
6741 self
.assertNotIn('inet6 2001:db8:0:2:', output
)
6742 self
.assertNotIn('inet6 2001:db8:0:3:', output
)
6744 output
= check_output('ip -6 route show dev veth-peer')
6746 self
.assertIn('2001:db8:0:1::/64 proto ra', output
)
6747 self
.assertNotIn('2001:db8:0:2::/64 proto ra', output
)
6748 self
.assertNotIn('2001:db8:0:3::/64 proto ra', output
)
6749 self
.assertIn('2001:db0:fff::/64 via ', output
)
6750 self
.assertNotIn('2001:db1:fff::/64 via ', output
)
6751 self
.assertNotIn('2001:db2:fff::/64 via ', output
)
6753 output
= check_output('ip address show dev veth99')
6755 self
.assertNotIn('inet6 2001:db8:0:1:', output
)
6756 self
.assertIn('inet6 2001:db8:0:2:1a:2b:3c:4d', output
)
6757 self
.assertIn('inet6 2001:db8:0:2:fa:de:ca:fe', output
)
6758 self
.assertNotIn('inet6 2001:db8:0:3:', output
)
6760 output
= check_output(*resolvectl_cmd
, 'dns', 'veth-peer', env
=env
)
6762 self
.assertRegex(output
, '2001:db8:1:1::2')
6764 output
= check_output(*resolvectl_cmd
, 'domain', 'veth-peer', env
=env
)
6766 self
.assertIn('example.com', output
)
6768 output
= check_output(*networkctl_cmd
, '--json=short', 'status', env
=env
)
6771 output
= check_output(*networkctl_cmd
, '--json=short', 'status', 'veth-peer', env
=env
)
6775 pref64
= json
.loads(output
)['NDisc']['PREF64'][0]
6777 prefix
= socket
.inet_ntop(socket
.AF_INET6
, bytearray(pref64
['Prefix']))
6778 self
.assertEqual(prefix
, '64:ff9b::')
6780 prefix_length
= pref64
['PrefixLength']
6781 self
.assertEqual(prefix_length
, 96)
6783 def test_ipv6_route_prefix_deny_list(self
):
6784 copy_network_unit('25-veth.netdev', '25-ipv6ra-prefix-client-deny-list.network', '25-ipv6ra-prefix.network',
6785 '12-dummy.netdev', '25-ipv6ra-uplink.network')
6788 self
.wait_online(['veth99:routable', 'veth-peer:routable', 'dummy98:routable'])
6790 output
= check_output('ip address show dev veth-peer')
6792 self
.assertIn('inet6 2001:db8:0:1:', output
)
6793 self
.assertNotIn('inet6 2001:db8:0:2:', output
)
6795 output
= check_output('ip -6 route show dev veth-peer')
6797 self
.assertIn('2001:db8:0:1::/64 proto ra', output
)
6798 self
.assertNotIn('2001:db8:0:2::/64 proto ra', output
)
6799 self
.assertIn('2001:db0:fff::/64 via ', output
)
6800 self
.assertNotIn('2001:db1:fff::/64 via ', output
)
6802 output
= check_output('ip address show dev veth99')
6804 self
.assertNotIn('inet6 2001:db8:0:1:', output
)
6805 self
.assertIn('inet6 2001:db8:0:2:', output
)
6807 output
= check_output(*resolvectl_cmd
, 'dns', 'veth-peer', env
=env
)
6809 self
.assertRegex(output
, '2001:db8:1:1::2')
6811 output
= check_output(*resolvectl_cmd
, 'domain', 'veth-peer', env
=env
)
6813 self
.assertIn('example.com', output
)
6815 class NetworkdMTUTests(unittest
.TestCase
, Utilities
):
6823 def check_mtu(self
, mtu
, ipv6_mtu
=None, reset
=True):
6829 self
.wait_online(['dummy98:routable'])
6830 self
.check_link_attr('dummy98', 'mtu', mtu
)
6831 self
.check_ipv6_sysctl_attr('dummy98', 'mtu', ipv6_mtu
)
6833 # test normal restart
6835 self
.wait_online(['dummy98:routable'])
6836 self
.check_link_attr('dummy98', 'mtu', mtu
)
6837 self
.check_ipv6_sysctl_attr('dummy98', 'mtu', ipv6_mtu
)
6840 self
.reset_check_mtu(mtu
, ipv6_mtu
)
6842 def reset_check_mtu(self
, mtu
, ipv6_mtu
=None):
6843 ''' test setting mtu/ipv6_mtu with interface already up '''
6846 # note - changing the device mtu resets the ipv6 mtu
6847 check_output('ip link set up mtu 1501 dev dummy98')
6848 check_output('ip link set up mtu 1500 dev dummy98')
6849 self
.check_link_attr('dummy98', 'mtu', '1500')
6850 self
.check_ipv6_sysctl_attr('dummy98', 'mtu', '1500')
6852 self
.check_mtu(mtu
, ipv6_mtu
, reset
=False)
6854 def test_mtu_network(self
):
6855 copy_network_unit('12-dummy.netdev', '12-dummy.network.d/mtu.conf')
6856 self
.check_mtu('1600')
6858 def test_mtu_netdev(self
):
6859 copy_network_unit('12-dummy-mtu.netdev', '12-dummy.network', copy_dropins
=False)
6860 # note - MTU set by .netdev happens ONLY at device creation!
6861 self
.check_mtu('1600', reset
=False)
6863 def test_mtu_link(self
):
6864 copy_network_unit('12-dummy.netdev', '12-dummy-mtu.link', '12-dummy.network', copy_dropins
=False)
6865 # note - MTU set by .link happens ONLY at udev processing of device 'add' uevent!
6866 self
.check_mtu('1600', reset
=False)
6868 def test_ipv6_mtu(self
):
6869 ''' set ipv6 mtu without setting device mtu '''
6870 copy_network_unit('12-dummy.netdev', '12-dummy.network.d/ipv6-mtu-1400.conf')
6871 self
.check_mtu('1500', '1400')
6873 def test_ipv6_mtu_toolarge(self
):
6874 ''' try set ipv6 mtu over device mtu (it shouldn't work) '''
6875 copy_network_unit('12-dummy.netdev', '12-dummy.network.d/ipv6-mtu-1550.conf')
6876 self
.check_mtu('1500', '1500')
6878 def test_mtu_network_ipv6_mtu(self
):
6879 ''' set ipv6 mtu and set device mtu via network file '''
6880 copy_network_unit('12-dummy.netdev', '12-dummy.network.d/mtu.conf', '12-dummy.network.d/ipv6-mtu-1550.conf')
6881 self
.check_mtu('1600', '1550')
6883 def test_mtu_netdev_ipv6_mtu(self
):
6884 ''' set ipv6 mtu and set device mtu via netdev file '''
6885 copy_network_unit('12-dummy-mtu.netdev', '12-dummy.network.d/ipv6-mtu-1550.conf')
6886 self
.check_mtu('1600', '1550', reset
=False)
6888 def test_mtu_link_ipv6_mtu(self
):
6889 ''' set ipv6 mtu and set device mtu via link file '''
6890 copy_network_unit('12-dummy.netdev', '12-dummy-mtu.link', '12-dummy.network.d/ipv6-mtu-1550.conf')
6891 self
.check_mtu('1600', '1550', reset
=False)
6894 if __name__
== '__main__':
6895 parser
= argparse
.ArgumentParser()
6896 parser
.add_argument('--build-dir', help='Path to build dir', dest
='build_dir')
6897 parser
.add_argument('--source-dir', help='Path to source dir/git tree', dest
='source_dir')
6898 parser
.add_argument('--networkd', help='Path to systemd-networkd', dest
='networkd_bin')
6899 parser
.add_argument('--resolved', help='Path to systemd-resolved', dest
='resolved_bin')
6900 parser
.add_argument('--timesyncd', help='Path to systemd-timesyncd', dest
='timesyncd_bin')
6901 parser
.add_argument('--udevd', help='Path to systemd-udevd', dest
='udevd_bin')
6902 parser
.add_argument('--wait-online', help='Path to systemd-networkd-wait-online', dest
='wait_online_bin')
6903 parser
.add_argument('--networkctl', help='Path to networkctl', dest
='networkctl_bin')
6904 parser
.add_argument('--resolvectl', help='Path to resolvectl', dest
='resolvectl_bin')
6905 parser
.add_argument('--timedatectl', help='Path to timedatectl', dest
='timedatectl_bin')
6906 parser
.add_argument('--udevadm', help='Path to udevadm', dest
='udevadm_bin')
6907 parser
.add_argument('--valgrind', help='Enable valgrind', dest
='use_valgrind', type=bool, nargs
='?', const
=True, default
=use_valgrind
)
6908 parser
.add_argument('--debug', help='Generate debugging logs', dest
='enable_debug', type=bool, nargs
='?', const
=True, default
=enable_debug
)
6909 parser
.add_argument('--asan-options', help='ASAN options', dest
='asan_options')
6910 parser
.add_argument('--lsan-options', help='LSAN options', dest
='lsan_options')
6911 parser
.add_argument('--ubsan-options', help='UBSAN options', dest
='ubsan_options')
6912 parser
.add_argument('--with-coverage', help='Loosen certain sandbox restrictions to make gcov happy', dest
='with_coverage', type=bool, nargs
='?', const
=True, default
=with_coverage
)
6913 ns
, unknown_args
= parser
.parse_known_args(namespace
=unittest
)
6916 if ns
.networkd_bin
or ns
.resolved_bin
or ns
.timesyncd_bin
or ns
.udevd_bin
or \
6917 ns
.wait_online_bin
or ns
.networkctl_bin
or ns
.resolvectl_bin
or ns
.timedatectl_bin
or ns
.udevadm_bin
:
6918 print('WARNING: --networkd, --resolved, --timesyncd, --udevd, --wait-online, --networkctl, --resolvectl, --timedatectl, or --udevadm options are ignored when --build-dir is specified.')
6919 networkd_bin
= os
.path
.join(ns
.build_dir
, 'systemd-networkd')
6920 resolved_bin
= os
.path
.join(ns
.build_dir
, 'systemd-resolved')
6921 timesyncd_bin
= os
.path
.join(ns
.build_dir
, 'systemd-timesyncd')
6922 udevd_bin
= os
.path
.join(ns
.build_dir
, 'udevadm')
6923 wait_online_bin
= os
.path
.join(ns
.build_dir
, 'systemd-networkd-wait-online')
6924 networkctl_bin
= os
.path
.join(ns
.build_dir
, 'networkctl')
6925 resolvectl_bin
= os
.path
.join(ns
.build_dir
, 'resolvectl')
6926 timedatectl_bin
= os
.path
.join(ns
.build_dir
, 'timedatectl')
6927 udevadm_bin
= os
.path
.join(ns
.build_dir
, 'udevadm')
6928 systemd_udev_rules_build_dir
= os
.path
.join(ns
.build_dir
, 'rules.d')
6931 networkd_bin
= ns
.networkd_bin
6933 resolved_bin
= ns
.resolved_bin
6934 if ns
.timesyncd_bin
:
6935 timesyncd_bin
= ns
.timesyncd_bin
6937 udevd_bin
= ns
.udevd_bin
6938 if ns
.wait_online_bin
:
6939 wait_online_bin
= ns
.wait_online_bin
6940 if ns
.networkctl_bin
:
6941 networkctl_bin
= ns
.networkctl_bin
6942 if ns
.resolvectl_bin
:
6943 resolvectl_bin
= ns
.resolvectl_bin
6944 if ns
.timedatectl_bin
:
6945 timedatectl_bin
= ns
.timedatectl_bin
6947 udevadm_bin
= ns
.udevadm_bin
6950 systemd_source_dir
= ns
.source_dir
6952 systemd_source_dir
= os
.path
.normpath(os
.path
.join(os
.path
.dirname(os
.path
.abspath(__file__
)), "../../"))
6953 if not os
.path
.exists(os
.path
.join(systemd_source_dir
, "meson_options.txt")):
6954 raise RuntimeError(f
"{systemd_source_dir} doesn't appear to be a systemd source tree")
6956 use_valgrind
= ns
.use_valgrind
6957 enable_debug
= ns
.enable_debug
6958 asan_options
= ns
.asan_options
6959 lsan_options
= ns
.lsan_options
6960 ubsan_options
= ns
.ubsan_options
6961 with_coverage
= ns
.with_coverage
6964 # Do not forget the trailing space.
6965 valgrind_cmd
= 'valgrind --track-origins=yes --leak-check=full --show-leak-kinds=all '
6967 networkctl_cmd
= valgrind_cmd
.split() + [networkctl_bin
]
6968 resolvectl_cmd
= valgrind_cmd
.split() + [resolvectl_bin
]
6969 timedatectl_cmd
= valgrind_cmd
.split() + [timedatectl_bin
]
6970 udevadm_cmd
= valgrind_cmd
.split() + [udevadm_bin
]
6971 wait_online_cmd
= valgrind_cmd
.split() + [wait_online_bin
]
6974 env
.update({'ASAN_OPTIONS': asan_options
})
6976 env
.update({'LSAN_OPTIONS': lsan_options
})
6978 env
.update({'UBSAN_OPTIONS': ubsan_options
})
6980 env
.update({'SYSTEMD_MEMPOOL': '0'})
6982 wait_online_env
= env
.copy()
6984 wait_online_env
.update({'SYSTEMD_LOG_LEVEL': 'debug'})
6986 sys
.argv
[1:] = unknown_args
6987 unittest
.main(verbosity
=3)