Blame - bgpwtf/machines/tests/edge01-waw.nix - hscloud

blob: 535418f1aad24e1c9db06b91b6b735bd56b8df69 [file] [log] [blame]

Serge Bazanski	6abe4fa	2020-10-03 00:18:34 +0200	[diff] [blame]	1	# Smoke test edge01.waw in a multi-VM NixOS test.
				2	#
				3	# This brings up three VMs:
				4	# - dut/edge01
				5	# - bgpspeaker, which simulates bgp upstreams
				6	# - customs, which simulates customs.hackerspace.pl.
				7	#
				8	# We use EoIP to build up virtual ethernet links between the machines, and
				9	# to run VLANs on that. We don't just use plain 'vlans' from NixOS tests as
				10	# we actually want to run 802.1q ourselves from the edge01 config.
				11	#
				12	# Everything else is pretty much straightforward. Bring up everything, ping
				13	# stuff. We don't really test much else than internet routing.
				14	#
				15	# To run this:
				16	# nix-build -A bgpwtf.machines.tests.edge01-waw
				17	#
				18	# To debug this:
				19	# nix-build -A bgpwtf.machines.tests.edge01-waw.driver && result/bin/nixos-test-driver
				20	# >>> start_all()
				21
				22	{ hscloud, pkgsSrc, pkgs, lib, ... }:
				23
				24	with lib;
				25
				26	let
				27
				28	mkBGPSpeaker = let
				29	in { config, pkgs, ... }: {
				30	networking.hostName = "bgpspeaker";
				31	virtualisation.memorySize = 1024;
				32	virtualisation.vlans = [ 1 ];
				33	imports = [
				34	../modules/eoip.nix
				35	];
				36
				37	hscloud.eoip.interfaces."nnet" = {
				38	parent = "eth1";
				39	localV4 = "192.168.1.3";
				40	remoteV4 = "192.168.1.2";
				41	id = 100;
				42	};
				43	networking.interfaces."nnet" = {
				44	virtual = true;
				45	virtualType = "tap";
				46	};
				47	networking.vlans = {
				48	"vl-globalmix" = { interface = "nnet"; id = 466; };
				49	};
				50	networking.interfaces."vl-globalmix" = {
				51	ipv4.addresses = [{ address = "185.235.70.44"; prefixLength = 31; }];
				52	ipv6.addresses = [{ address = "2001:67c:778:fd40::b9eb:462c"; prefixLength = 127; }];
				53	};
				54
				55	services.bird2 = {
				56	enable = true;
				57	config = ''
				58	log syslog all;
				59	debug protocols { states, interfaces, events }
				60	router id 185.235.70.44;
				61
				62	protocol device {
				63	scan time 10;
				64	};
				65	protocol kernel kernel_v4 {
				66	ipv4 {
				67	import none;
				68	export all;
				69	};
				70	}
				71	protocol kernel kernel_v6 {
				72	ipv6 {
				73	import none;
				74	export all;
				75	};
				76	}
				77	ipv4 table globalmix4;
				78	ipv6 table globalmix6;
				79
				80	protocol pipe pipe_globalmix4 {
				81	table master4;
				82	peer table globalmix4;
				83	import all;
				84	export none;
				85	};
				86	protocol pipe pipe_globalmix6 {
				87	table master6;
				88	peer table globalmix6;
				89	import all;
				90	export none;
				91	};
				92
				93	protocol static static_globalmix_originate_v4 {
				94	ipv4 {
				95	table globalmix4;
				96	import all;
				97	};
				98	route 8.8.8.0/24 blackhole;
				99	}
				100	protocol static static_globalmix_originate_v6 {
				101	ipv6 {
				102	table globalmix6;
				103	import all;
				104	};
				105	route 2a00:1450:4016::/48 blackhole;
				106	}
				107	protocol bgp bgp_globalmix_v4 {
				108	ipv4 {
				109	table globalmix4;
				110	export all;
				111	import all;
				112	};
				113	local 185.235.70.44 as 62081;
				114	neighbor 185.235.70.45 as 204880;
				115	};
				116	protocol bgp bgp_globalmix_v6 {
				117	ipv6 {
				118	table globalmix6;
				119	export all;
				120	import all;
				121	};
				122	local 2001:67c:778:fd40::b9eb:462c as 62081;
				123	neighbor 2001:67c:778:fd40::b9eb:462d as 204880;
				124	};
				125	'';
				126	};
				127	networking.firewall.enable = false;
				128	networking.useDHCP = false;
				129	networking.interfaces.lo.ipv4.addresses = [ { address = "8.8.8.1"; prefixLength = 32; } ];
				130	networking.interfaces.lo.ipv6.addresses = [ { address = "2a00:1450:4016:801::200e"; prefixLength = 128; } ];
				131	environment.systemPackages = with pkgs; [
				132	tcpdump htop dstat file
				133	];
				134
				135	};
				136
				137
				138	test = import "${pkgsSrc}/nixos/tests/make-test-python.nix" ({ pkgs, libs, ... }: {
				139	name = "test-edge01-waw-e2e";
				140
				141	nodes = {
				142	dut = { config, pkgs, ... }: {
				143	imports = [
				144	../edge01.waw.bgp.wtf.nix
				145	../modules/eoip.nix
				146	];
				147	virtualisation.memorySize = 1024;
				148	virtualisation.vlans = [
				149	1 2
				150	];
				151
				152	hscloud.eoip.interfaces = {
				153	"e1-nnet" = { parent = "eth1"; localV4 = "192.168.1.2"; remoteV4 = "192.168.1.3"; id = 100; };
				154	"e2-customs" = { parent = "eth2"; localV4 = "192.168.2.2"; remoteV4 = "192.168.2.1"; id = 200; };
				155	"e3-mgmt" = { parent = "eth2"; localV4 = "192.168.2.2"; remoteV4 = "192.168.2.111"; id = 300; }; # not connected
				156	"e4-oob" = { parent = "eth2"; localV4 = "192.168.2.2"; remoteV4 = "192.168.2.112"; id = 400; }; # not connected
				157	"e7-dcsw" = { parent = "eth2"; localV4 = "192.168.2.2"; remoteV4 = "192.168.2.113"; id = 500; }; # not connected
				158	};
				159	networking.interfaces = {
				160	"e1-nnet" = { virtual = true; virtualType = "tap"; };
				161	"e2-customs" = { virtual = true; virtualType = "tap"; };
				162	"e3-mgmt" = { virtual = true; virtualType = "tap"; };
				163	"e4-oob" = { virtual = true; virtualType = "tap"; };
				164	"e7-dcsw" = { virtual = true; virtualType = "tap"; };
				165	};
Bartosz Stebel	c726798	2020-12-10 15:38:29 +0100	[diff] [blame^]	166	hscloud.anchorvm = {
				167	blkdev = "/anchor.img";
				168	ram = 32;
				169	};
				170	systemd.services.anchorTestImg = {
				171	requiredBy = [ "anchorvm.service" ];
				172	serviceConfig = {
				173	Type = "oneshot";
				174	ExecStart = "${pkgs.coreutils}/bin/truncate -s 128m /anchor.img";
				175	};
				176	};
Serge Bazanski	6abe4fa	2020-10-03 00:18:34 +0200	[diff] [blame]	177	};
				178
				179	speaker = mkBGPSpeaker;
				180
				181	customs = { config, pkgs, ... }: {
				182	imports = [
				183	../modules/eoip.nix
				184	];
				185	environment.systemPackages = with pkgs; [
				186	tcpdump htop dstat file dhcpcd
				187	];
				188	virtualisation.memorySize = 1024;
				189	virtualisation.vlans = [
				190	2
				191	];
				192	networking.firewall.enable = false;
				193	networking.useDHCP = false;
				194	networking.defaultGateway = "185.236.240.4";
				195	networking.defaultGateway6 = "2a0d:eb00:2137:1::2";
				196	networking.interfaces."edge" = {
				197	virtual = true;
				198	virtualType = "tap";
				199	ipv4.addresses = [{ address = "185.236.240.5"; prefixLength = 31; }];
				200	ipv6.addresses = [{ address = "2a0d:eb00:2137:1::3"; prefixLength = 127; }];
				201	};
				202	hscloud.eoip.interfaces."edge" = {
				203	parent = "eth2";
				204	localV4 = "192.168.2.1";
				205	remoteV4 = "192.168.2.2";
				206	id = 200;
				207	};
				208	networking.bridges."lan".interfaces = [];
				209	networking.interfaces."lan" = {
				210	ipv4.addresses = [{ address = "10.8.1.2"; prefixLength = 23; }];
				211	ipv6.addresses = [{ address = "2a0d:eb00:4242::1"; prefixLength = 64; }];
				212	};
				213	services.bird2 = {
				214	enable = true;
				215	config = ''
				216	log syslog all;
				217	debug protocols { states, interfaces, events }
				218	router id 185.236.240.5;
				219
				220	protocol device {
				221	scan time 10;
				222	};
				223	protocol kernel kernel_v4 {
				224	ipv4 {
				225	import none;
				226	export all;
				227	};
				228	}
				229	protocol kernel kernel_v6 {
				230	ipv6 {
				231	import none;
				232	export all;
				233	};
				234	}
				235
				236	protocol ospf v3 ospf_hswaw {
				237	ipv6 {
				238	import all;
				239	export all;
				240	};
				241	area 0.0.0.0 {
				242	interface "edge" {
				243	cost 10;
				244	type bcast;
				245	};
				246	interface "lan" {
				247	cost 10;
				248	stub yes;
				249	type bcast;
				250	check link no;
				251	};
				252	};
				253	}
				254	'';
				255	};
				256	};
				257	};
				258
				259	testScript = ''
				260	start_all()
				261
				262	edge01.wait_for_unit("bird2.service")
				263	# Wait for BGP to settle.
				264	edge01.wait_until_succeeds("ping 185.235.70.44 -c 1 -w 2")
				265	edge01.wait_until_succeeds("birdc show route for 8.8.8.1 table all \| grep via")
				266	edge01.wait_until_succeeds(
				267	"birdc show route for 2a00:1450:4016:801::200e table all \| grep via"
				268	)
				269	edge01.succeed("ping 8.8.8.1 -c 1 -w 2")
				270
				271	# ping from customs to globalmix must succeed.
				272	customs.succeed("ping 8.8.8.1 -c 1 -w 2")
				273	customs.succeed("ping 2a00:1450:4016:801::200e -c 1 -w 2")
				274
				275	# edge01 must announce exactly one v4 prefix.
				276	bgpspeaker.succeed("birdc show route protocol bgp_globalmix_v4 \| grep unicast")
				277	bgpspeaker.fail(
				278	"birdc show route protocol bgp_globalmix_v4 \| grep unicast \| grep -v 185.236.240.0/23"
				279	)
				280
				281	# edge01 must announce exactly one v6 prefix.
				282	bgpspeaker.succeed("birdc show route protocol bgp_globalmix_v6 \| grep unicast")
				283	bgpspeaker.fail(
				284	"birdc show route protocol bgp_globalmix_v6 \| grep unicast \| grep -v 2a0d:eb00::/32"
				285	)
				286
				287	# customer networks must be reachable from globalmix
				288	bgpspeaker.succeed("ping 185.236.240.10 -c 1 -w 2")
				289	bgpspeaker.succeed("ping 2a0d:eb00:8000::1 -c 1 -w 2")
				290	bgpspeaker.succeed("ping 185.236.240.12 -c 1 -w 2")
				291	bgpspeaker.succeed("ping 185.236.240.105 -c 1 -w 2")
				292	bgpspeaker.succeed("ping 2a0d:eb00:8003::1 -c 1 -w 2")
				293
				294	# dhcp agent must be reachable
				295	customs.succeed("ping 185.236.240.18 -c 1 -w 2")
				296	'';
				297	});
				298
				299	in test { inherit pkgs; inherit (pkgs) libs; }