Gitiles
Code Review Sign In
gerrit.hackerspace.pl / hscloud / 957d91180a348406e204010d012f83502a75dd70 / . / bgpwtf / machines / tests / edge01-waw-bgp.nix
blob: 0a1e260157e04fff7ddc6880e8ec488933d7ba90 [file] [log] [blame]
Serge Bazanski6abe4fa2020-10-03 00:18:34 +0200[diff] [blame]1# Smoke test edge01.waw in a multi-VM NixOS test.
2#
3# This brings up three VMs:
4# - dut/edge01
5# - bgpspeaker, which simulates bgp upstreams
6# - customs, which simulates customs.hackerspace.pl.
7#
Serge Bazanskicc769a52021-02-13 13:13:41 +0100[diff] [blame]8# We use GRETap to build up virtual ethernet links between the machines, and to
9# run VLANs on that. We don't just use plain 'vlans' from NixOS tests as we
10# actually want to run 802.1q ourselves from the edge01 config.
Serge Bazanski6abe4fa2020-10-03 00:18:34 +0200[diff] [blame]11#
12# Everything else is pretty much straightforward. Bring up everything, ping
13# stuff. We don't really test much else than internet routing.
14#
15# To run this:
16# nix-build -A bgpwtf.machines.tests.edge01-waw
17#
18# To debug this:
19# nix-build -A bgpwtf.machines.tests.edge01-waw.driver && result/bin/nixos-test-driver
20# >>> start_all()
21
Serge Bazanskid635dc82022-06-11 21:54:04 +0200[diff] [blame]22{ hscloud, ... }:
Serge Bazanski6abe4fa2020-10-03 00:18:34 +0200[diff] [blame]23
Serge Bazanskid635dc82022-06-11 21:54:04 +0200[diff] [blame]24# Use pkgs that edge01 is using. Perhaps we shouldn't use them for
25# _everything_, but this will have to do.
26let
27 pkgs = hscloud.ops.machines."edge01.waw.bgp.wtf".pkgs;
28 pkgsSrc = pkgs.path;
29 lib = pkgs.lib;
30
31in with lib;
Serge Bazanski6abe4fa2020-10-03 00:18:34 +0200[diff] [blame]32
33let
34
35mkBGPSpeaker = let
36in { config, pkgs, ... }: {
37 networking.hostName = "bgpspeaker";
38 virtualisation.memorySize = 1024;
39 virtualisation.vlans = [ 1 ];
40 imports = [
Serge Bazanskicc769a52021-02-13 13:13:41 +0100[diff] [blame]41 ../modules/gretap.nix
Serge Bazanski6abe4fa2020-10-03 00:18:34 +0200[diff] [blame]42 ];
43
Serge Bazanskicc769a52021-02-13 13:13:41 +0100[diff] [blame]44 hscloud.gretap.interfaces."nnet" = {
Serge Bazanski6abe4fa2020-10-03 00:18:34 +0200[diff] [blame]45 parent = "eth1";
46 localV4 = "192.168.1.3";
47 remoteV4 = "192.168.1.2";
48 id = 100;
49 };
Serge Bazanski6abe4fa2020-10-03 00:18:34 +0200[diff] [blame]50 networking.vlans = {
51 "vl-globalmix" = { interface = "nnet"; id = 466; };
52 };
53 networking.interfaces."vl-globalmix" = {
54 ipv4.addresses = [{ address = "185.235.70.44"; prefixLength = 31; }];
55 ipv6.addresses = [{ address = "2001:67c:778:fd40::b9eb:462c"; prefixLength = 127; }];
56 };
57
58 services.bird2 = {
59 enable = true;
60 config = ''
61 log syslog all;
62 debug protocols { states, interfaces, events }
63 router id 185.235.70.44;
64
65 protocol device {
66 scan time 10;
67 };
68 protocol kernel kernel_v4 {
69 ipv4 {
70 import none;
71 export all;
72 };
73 }
74 protocol kernel kernel_v6 {
75 ipv6 {
76 import none;
77 export all;
78 };
79 }
80 ipv4 table globalmix4;
81 ipv6 table globalmix6;
82
83 protocol pipe pipe_globalmix4 {
84 table master4;
85 peer table globalmix4;
86 import all;
87 export none;
88 };
89 protocol pipe pipe_globalmix6 {
90 table master6;
91 peer table globalmix6;
92 import all;
93 export none;
94 };
95
96 protocol static static_globalmix_originate_v4 {
97 ipv4 {
98 table globalmix4;
99 import all;
100 };
101 route 8.8.8.0/24 blackhole;
102 }
103 protocol static static_globalmix_originate_v6 {
104 ipv6 {
105 table globalmix6;
106 import all;
107 };
108 route 2a00:1450:4016::/48 blackhole;
109 }
110 protocol bgp bgp_globalmix_v4 {
111 ipv4 {
112 table globalmix4;
113 export all;
114 import all;
115 };
116 local 185.235.70.44 as 62081;
117 neighbor 185.235.70.45 as 204880;
118 };
119 protocol bgp bgp_globalmix_v6 {
120 ipv6 {
121 table globalmix6;
122 export all;
123 import all;
124 };
125 local 2001:67c:778:fd40::b9eb:462c as 62081;
126 neighbor 2001:67c:778:fd40::b9eb:462d as 204880;
127 };
128 '';
129 };
130 networking.firewall.enable = false;
131 networking.useDHCP = false;
132 networking.interfaces.lo.ipv4.addresses = [ { address = "8.8.8.1"; prefixLength = 32; } ];
133 networking.interfaces.lo.ipv6.addresses = [ { address = "2a00:1450:4016:801::200e"; prefixLength = 128; } ];
134 environment.systemPackages = with pkgs; [
135 tcpdump htop dstat file
136 ];
137
138};
139
140
141test = import "${pkgsSrc}/nixos/tests/make-test-python.nix" ({ pkgs, libs, ... }: {
142 name = "test-edge01-waw-e2e";
143
144 nodes = {
145 dut = { config, pkgs, ... }: {
146 imports = [
147 ../edge01.waw.bgp.wtf.nix
Serge Bazanskicc769a52021-02-13 13:13:41 +0100[diff] [blame]148 ../modules/gretap.nix
Serge Bazanski6abe4fa2020-10-03 00:18:34 +0200[diff] [blame]149 ];
150 virtualisation.memorySize = 1024;
151 virtualisation.vlans = [
152 1 2
153 ];
154
Serge Bazanskicc769a52021-02-13 13:13:41 +0100[diff] [blame]155 hscloud.gretap.interfaces = {
Serge Bazanski6abe4fa2020-10-03 00:18:34 +0200[diff] [blame]156 "e1-nnet" = { parent = "eth1"; localV4 = "192.168.1.2"; remoteV4 = "192.168.1.3"; id = 100; };
157 "e2-customs" = { parent = "eth2"; localV4 = "192.168.2.2"; remoteV4 = "192.168.2.1"; id = 200; };
158 "e3-mgmt" = { parent = "eth2"; localV4 = "192.168.2.2"; remoteV4 = "192.168.2.111"; id = 300; }; # not connected
159 "e4-oob" = { parent = "eth2"; localV4 = "192.168.2.2"; remoteV4 = "192.168.2.112"; id = 400; }; # not connected
160 "e7-dcsw" = { parent = "eth2"; localV4 = "192.168.2.2"; remoteV4 = "192.168.2.113"; id = 500; }; # not connected
161 };
Bartosz Stebelc7267982020-12-10 15:38:29 +0100[diff] [blame]162 hscloud.anchorvm = {
163 blkdev = "/anchor.img";
164 ram = 32;
165 };
166 systemd.services.anchorTestImg = {
167 requiredBy = [ "anchorvm.service" ];
168 serviceConfig = {
169 Type = "oneshot";
170 ExecStart = "${pkgs.coreutils}/bin/truncate -s 128m /anchor.img";
171 };
172 };
Serge Bazanski6abe4fa2020-10-03 00:18:34 +0200[diff] [blame]173 };
174
175 speaker = mkBGPSpeaker;
176
177 customs = { config, pkgs, ... }: {
178 imports = [
Serge Bazanskicc769a52021-02-13 13:13:41 +0100[diff] [blame]179 ../modules/gretap.nix
Serge Bazanski6abe4fa2020-10-03 00:18:34 +0200[diff] [blame]180 ];
181 environment.systemPackages = with pkgs; [
182 tcpdump htop dstat file dhcpcd
183 ];
184 virtualisation.memorySize = 1024;
185 virtualisation.vlans = [
186 2
187 ];
188 networking.firewall.enable = false;
189 networking.useDHCP = false;
190 networking.defaultGateway = "185.236.240.4";
191 networking.defaultGateway6 = "2a0d:eb00:2137:1::2";
192 networking.interfaces."edge" = {
Serge Bazanski6abe4fa2020-10-03 00:18:34 +0200[diff] [blame]193 ipv4.addresses = [{ address = "185.236.240.5"; prefixLength = 31; }];
194 ipv6.addresses = [{ address = "2a0d:eb00:2137:1::3"; prefixLength = 127; }];
195 };
Serge Bazanskicc769a52021-02-13 13:13:41 +0100[diff] [blame]196 hscloud.gretap.interfaces."edge" = {
Serge Bazanski6abe4fa2020-10-03 00:18:34 +0200[diff] [blame]197 parent = "eth2";
198 localV4 = "192.168.2.1";
199 remoteV4 = "192.168.2.2";
200 id = 200;
201 };
202 networking.bridges."lan".interfaces = [];
203 networking.interfaces."lan" = {
204 ipv4.addresses = [{ address = "10.8.1.2"; prefixLength = 23; }];
205 ipv6.addresses = [{ address = "2a0d:eb00:4242::1"; prefixLength = 64; }];
206 };
207 services.bird2 = {
208 enable = true;
209 config = ''
210 log syslog all;
211 debug protocols { states, interfaces, events }
212 router id 185.236.240.5;
213
214 protocol device {
215 scan time 10;
216 };
217 protocol kernel kernel_v4 {
218 ipv4 {
219 import none;
220 export all;
221 };
222 }
223 protocol kernel kernel_v6 {
224 ipv6 {
225 import none;
226 export all;
227 };
228 }
229
230 protocol ospf v3 ospf_hswaw {
231 ipv6 {
232 import all;
233 export all;
234 };
235 area 0.0.0.0 {
236 interface "edge" {
237 cost 10;
238 type bcast;
239 };
240 interface "lan" {
241 cost 10;
242 stub yes;
243 type bcast;
244 check link no;
245 };
246 };
247 }
248 '';
249 };
250 };
251 };
252
253 testScript = ''
254 start_all()
255
256 edge01.wait_for_unit("bird2.service")
257 # Wait for BGP to settle.
258 edge01.wait_until_succeeds("ping 185.235.70.44 -c 1 -w 2")
259 edge01.wait_until_succeeds("birdc show route for 8.8.8.1 table all | grep via")
260 edge01.wait_until_succeeds(
261 "birdc show route for 2a00:1450:4016:801::200e table all | grep via"
262 )
263 edge01.succeed("ping 8.8.8.1 -c 1 -w 2")
264
265 # ping from customs to globalmix must succeed.
266 customs.succeed("ping 8.8.8.1 -c 1 -w 2")
267 customs.succeed("ping 2a00:1450:4016:801::200e -c 1 -w 2")
268
269 # edge01 must announce exactly one v4 prefix.
270 bgpspeaker.succeed("birdc show route protocol bgp_globalmix_v4 | grep unicast")
271 bgpspeaker.fail(
Serge Bazanskid635dc82022-06-11 21:54:04 +0200[diff] [blame]272 "birdc show route protocol bgp_globalmix_v4 | grep unicast | grep -v 185.236.240.0/23"
Serge Bazanski6abe4fa2020-10-03 00:18:34 +0200[diff] [blame]273 )
274
275 # edge01 must announce exactly one v6 prefix.
276 bgpspeaker.succeed("birdc show route protocol bgp_globalmix_v6 | grep unicast")
277 bgpspeaker.fail(
278 "birdc show route protocol bgp_globalmix_v6 | grep unicast | grep -v 2a0d:eb00::/32"
279 )
280
281 # customer networks must be reachable from globalmix
282 bgpspeaker.succeed("ping 185.236.240.10 -c 1 -w 2")
283 bgpspeaker.succeed("ping 2a0d:eb00:8000::1 -c 1 -w 2")
284 bgpspeaker.succeed("ping 185.236.240.12 -c 1 -w 2")
285 bgpspeaker.succeed("ping 185.236.240.105 -c 1 -w 2")
286 bgpspeaker.succeed("ping 2a0d:eb00:8003::1 -c 1 -w 2")
287
288 # dhcp agent must be reachable
289 customs.succeed("ping 185.236.240.18 -c 1 -w 2")
290 '';
291});
292
293in test { inherit pkgs; inherit (pkgs) libs; }