1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
|
# This test runs Quagga and checks if OSPF routing works.
#
# Network topology:
# [ client ]--net1--[ router1 ]--net2--[ router2 ]--net3--[ server ]
#
# All interfaces are in OSPF Area 0.
import ./make-test.nix ({ pkgs, ... }:
let
ifAddr = node: iface: (pkgs.lib.head node.config.networking.interfaces.${iface}.ipv4.addresses).address;
ospfConf = ''
interface eth2
ip ospf hello-interval 1
ip ospf dead-interval 5
!
router ospf
network 192.168.0.0/16 area 0
'';
in
{
name = "quagga";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ tavyc ];
};
nodes = {
client =
{ config, pkgs, nodes, ... }:
{
virtualisation.vlans = [ 1 ];
networking.defaultGateway = ifAddr nodes.router1 "eth1";
};
router1 =
{ config, pkgs, nodes, ... }:
{
virtualisation.vlans = [ 1 2 ];
boot.kernel.sysctl."net.ipv4.ip_forward" = "1";
networking.firewall.extraCommands = "iptables -A nixos-fw -i eth2 -p ospf -j ACCEPT";
services.quagga.ospf = {
enable = true;
config = ospfConf;
};
};
router2 =
{ config, pkgs, nodes, ... }:
{
virtualisation.vlans = [ 3 2 ];
boot.kernel.sysctl."net.ipv4.ip_forward" = "1";
networking.firewall.extraCommands = "iptables -A nixos-fw -i eth2 -p ospf -j ACCEPT";
services.quagga.ospf = {
enable = true;
config = ospfConf;
};
};
server =
{ config, pkgs, nodes, ... }:
{
virtualisation.vlans = [ 3 ];
networking.defaultGateway = ifAddr nodes.router2 "eth1";
networking.firewall.allowedTCPPorts = [ 80 ];
networking.firewall.allowPing = true;
services.httpd.enable = true;
services.httpd.adminAddr = "foo@example.com";
};
};
testScript =
{ nodes, ... }:
''
startAll;
# Wait for the networking to start on all machines
$_->waitForUnit("network.target") foreach values %vms;
# Wait for OSPF to form adjacencies
for my $gw ($router1, $router2) {
$gw->waitForUnit("ospfd");
$gw->waitUntilSucceeds("vtysh -c 'show ip ospf neighbor' | grep Full");
$gw->waitUntilSucceeds("vtysh -c 'show ip route' | grep '^O>'");
}
# Test ICMP.
$client->succeed("ping -c 3 server >&2");
# Test whether HTTP works.
$server->waitForUnit("httpd");
$client->succeed("curl --fail http://server/ >&2");
'';
})
|