commit 10b3f7d3564d4ef1deeaed7ece130588d5ba1905 · pyrox.dev/nixpkgs

+1 -1

nixos/doc/manual/configuration/ipv4-config.xml

··· 12 follows: 13 14 <programlisting> 15 - networking.interfaces.eth0.ip4 = [ { address = "192.168.1.2"; prefixLength = 24; } ]; 16 </programlisting> 17 18 Typically you’ll also want to set a default gateway and set of name

··· 12 follows: 13 14 <programlisting> 15 + networking.interfaces.eth0.ipv4.addresses = [ { address = "192.168.1.2"; prefixLength = 24; } ]; 16 </programlisting> 17 18 Typically you’ll also want to set a default gateway and set of name

+1 -1

nixos/doc/manual/configuration/ipv6-config.xml

··· 26 DHCPv6. You can configure an interface manually: 27 28 <programlisting> 29 - networking.interfaces.eth0.ip6 = [ { address = "fe00:aa:bb:cc::2"; prefixLength = 64; } ]; 30 </programlisting> 31 </para> 32

··· 26 DHCPv6. You can configure an interface manually: 27 28 <programlisting> 29 + networking.interfaces.eth0.ipv6.addresses = [ { address = "fe00:aa:bb:cc::2"; prefixLength = 64; } ]; 30 </programlisting> 31 </para> 32

+36 -4

nixos/doc/manual/release-notes/rl-1803.xml

··· 261 </listitem> 262 <listitem> 263 <para> 264 - The option <option>services.xserver.desktopManager.default</option> is now <literal>none</literal> by default. 265 - An assertion failure is thrown if WM's and DM's default are <literal>none</literal>. 266 - To explicitly run a plain X session without and DM or WM, the newly introduced option <option>services.xserver.plainX</option> 267 - must be set to true. 268 </para> 269 </listitem> 270 <listitem>

··· 261 </listitem> 262 <listitem> 263 <para> 264 + In the module <option>networking.interfaces.<name></option> the 265 + following options have been removed: 266 + <itemizedlist> 267 + <listitem> 268 + <para><option>ipAddress</option></para> 269 + </listitem> 270 + <listitem> 271 + <para><option>ipv6Address</option></para> 272 + </listitem> 273 + <listitem> 274 + <para><option>prefixLength</option></para> 275 + </listitem> 276 + <listitem> 277 + <para><option>ipv6PrefixLength</option></para> 278 + </listitem> 279 + <listitem> 280 + <para><option>subnetMask</option></para> 281 + </listitem> 282 + </itemizedlist> 283 + To assign static addresses to an interface the options 284 + <option>ipv4.addresses</option> and <option>ipv6.addresses</option> 285 + should be used instead. 286 + The options <option>ip4</option> and <option>ip6</option> have been 287 + renamed to <option>ipv4.addresses</option> <option>ipv6.addresses</option> 288 + respectively. 289 + The new options <option>ipv4.routes</option> and <option>ipv6.routes</option> 290 + have been added to set up static routing. 291 + </para> 292 + </listitem> 293 + <listitem> 294 + <para> 295 + The option <option>services.xserver.desktopManager.default</option> is now 296 + <literal>none</literal> by default. An assertion failure is thrown if WM's 297 + and DM's default are <literal>none</literal>. 298 + To explicitly run a plain X session without and DM or WM, the newly 299 + introduced option <option>services.xserver.plainX</option> must be set to true. 300 </para> 301 </listitem> 302 <listitem>

+2 -2

nixos/lib/build-vms.nix

··· 51 let 52 interfacesNumbered = zipLists config.virtualisation.vlans (range 1 255); 53 interfaces = flip map interfacesNumbered ({ fst, snd }: 54 - nameValuePair "eth${toString snd}" { ip4 = 55 [ { address = "192.168.${toString fst}.${toString m.snd}"; 56 prefixLength = 24; 57 } ]; ··· 64 networking.interfaces = listToAttrs interfaces; 65 66 networking.primaryIPAddress = 67 - optionalString (interfaces != []) (head (head interfaces).value.ip4).address; 68 69 # Put the IP addresses of all VMs in this machine's 70 # /etc/hosts file. If a machine has multiple

··· 51 let 52 interfacesNumbered = zipLists config.virtualisation.vlans (range 1 255); 53 interfaces = flip map interfacesNumbered ({ fst, snd }: 54 + nameValuePair "eth${toString snd}" { ipv4.addresses = 55 [ { address = "192.168.${toString fst}.${toString m.snd}"; 56 prefixLength = 24; 57 } ]; ··· 64 networking.interfaces = listToAttrs interfaces; 65 66 networking.primaryIPAddress = 67 + optionalString (interfaces != []) (head (head interfaces).value.ipv4.addresses).address; 68 69 # Put the IP addresses of all VMs in this machine's 70 # /etc/hosts file. If a machine has multiple

+1 -1

nixos/modules/services/networking/dhcpcd.nix

··· 16 # Don't start dhcpcd on explicitly configured interfaces or on 17 # interfaces that are part of a bridge, bond or sit device. 18 ignoredInterfaces = 19 - map (i: i.name) (filter (i: if i.useDHCP != null then !i.useDHCP else i.ip4 != [ ] || i.ipAddress != null) interfaces) 20 ++ mapAttrsToList (i: _: i) config.networking.sits 21 ++ concatLists (attrValues (mapAttrs (n: v: v.interfaces) config.networking.bridges)) 22 ++ concatLists (attrValues (mapAttrs (n: v: v.interfaces) config.networking.vswitches))

··· 16 # Don't start dhcpcd on explicitly configured interfaces or on 17 # interfaces that are part of a bridge, bond or sit device. 18 ignoredInterfaces = 19 + map (i: i.name) (filter (i: if i.useDHCP != null then !i.useDHCP else i.ipv4.addresses != [ ]) interfaces) 20 ++ mapAttrsToList (i: _: i) config.networking.sits 21 ++ concatLists (attrValues (mapAttrs (n: v: v.interfaces) config.networking.bridges)) 22 ++ concatLists (attrValues (mapAttrs (n: v: v.interfaces) config.networking.vswitches))

+3 -4

nixos/modules/services/security/hologram-agent.nix

··· 35 config = mkIf cfg.enable { 36 boot.kernelModules = [ "dummy" ]; 37 38 - networking.interfaces.dummy0 = { 39 - ipAddress = "169.254.169.254"; 40 - prefixLength = 32; 41 - }; 42 43 systemd.services.hologram-agent = { 44 description = "Provide EC2 instance credentials to machines outside of EC2";

··· 35 config = mkIf cfg.enable { 36 boot.kernelModules = [ "dummy" ]; 37 38 + networking.interfaces.dummy0.ipv4.addresses = [ 39 + { address = "169.254.169.254"; prefixLength = 32; } 40 + ]; 41 42 systemd.services.hologram-agent = { 43 description = "Provide EC2 instance credentials to machines outside of EC2";

+48 -29

nixos/modules/tasks/network-interfaces-scripted.nix

··· 20 "sys-subsystem-net-devices-${escapeSystemdPath interface}.device"; 21 22 interfaceIps = i: 23 - i.ip4 ++ optionals cfg.enableIPv6 i.ip6 24 - ++ optional (i.ipAddress != null) { 25 - address = i.ipAddress; 26 - prefixLength = i.prefixLength; 27 - } ++ optional (cfg.enableIPv6 && i.ipv6Address != null) { 28 - address = i.ipv6Address; 29 - prefixLength = i.ipv6PrefixLength; 30 - }; 31 32 destroyBond = i: '' 33 while true; do ··· 185 path = [ pkgs.iproute ]; 186 script = 187 '' 188 - # FIXME: shouldn't this be done in network-link? 189 - echo "bringing up interface..." 190 - ip link set "${i.name}" up 191 - 192 state="/run/nixos/network/addresses/${i.name}" 193 194 mkdir -p $(dirname "$state") 195 196 - '' + flip concatMapStrings (ips) (ip: 197 - let 198 - address = "${ip.address}/${toString ip.prefixLength}"; 199 - in 200 - '' 201 - echo "${address}" >> $state 202 - if out=$(ip addr add "${address}" dev "${i.name}" 2>&1); then 203 - echo "added ip ${address}" 204 - elif ! echo "$out" | grep "File exists" >/dev/null 2>&1; then 205 - echo "failed to add ${address}" 206 - exit 1 207 - fi 208 - ''); 209 preStop = '' 210 state="/run/nixos/network/addresses/${i.name}" 211 - while read address; do 212 - echo -n "deleting $address..." 213 - ip addr del "$address" dev "${i.name}" >/dev/null 2>&1 || echo -n " Failed" 214 - echo "" 215 done < "$state" 216 rm -f "$state" 217 '';

··· 20 "sys-subsystem-net-devices-${escapeSystemdPath interface}.device"; 21 22 interfaceIps = i: 23 + i.ipv4.addresses 24 + ++ optionals cfg.enableIPv6 i.ipv6.addresses; 25 26 destroyBond = i: '' 27 while true; do ··· 179 path = [ pkgs.iproute ]; 180 script = 181 '' 182 state="/run/nixos/network/addresses/${i.name}" 183 + mkdir -p $(dirname "$state") 184 185 + ${flip concatMapStrings ips (ip: 186 + let 187 + cidr = "${ip.address}/${toString ip.prefixLength}"; 188 + in 189 + '' 190 + echo "${cidr}" >> $state 191 + echo -n "adding address ${cidr}... " 192 + if out=$(ip addr add "${cidr}" dev "${i.name}" 2>&1); then 193 + echo "done" 194 + elif ! echo "$out" | grep "File exists" >/dev/null 2>&1; then 195 + echo "failed" 196 + exit 1 197 + fi 198 + '' 199 + )} 200 + 201 + state="/run/nixos/network/routes/${i.name}" 202 mkdir -p $(dirname "$state") 203 204 + ${flip concatMapStrings (i.ipv4.routes ++ i.ipv6.routes) (route: 205 + let 206 + cidr = "${route.address}/${toString route.prefixLength}"; 207 + via = optionalString (route.via != null) ''via "${route.via}"''; 208 + options = concatStrings (mapAttrsToList (name: val: "${name} ${val} ") route.options); 209 + in 210 + '' 211 + echo "${cidr}" >> $state 212 + echo -n "adding route ${cidr}... " 213 + if out=$(ip route add "${cidr}" ${options} ${via} dev "${i.name}" 2>&1); then 214 + echo "done" 215 + elif ! echo "$out" | grep "File exists" >/dev/null 2>&1; then 216 + echo "failed" 217 + exit 1 218 + fi 219 + '' 220 + )} 221 + ''; 222 preStop = '' 223 + state="/run/nixos/network/routes/${i.name}" 224 + while read cidr; do 225 + echo -n "deleting route $cidr... " 226 + ip route del "$cidr" dev "${i.name}" >/dev/null 2>&1 && echo "done" || echo "failed" 227 + done < "$state" 228 + rm -f "$state" 229 + 230 state="/run/nixos/network/addresses/${i.name}" 231 + while read cidr; do 232 + echo -n "deleting address $cidr... " 233 + ip addr del "$cidr" dev "${i.name}" >/dev/null 2>&1 && echo "done" || echo "failed" 234 done < "$state" 235 rm -f "$state" 236 '';

+2 -8

nixos/modules/tasks/network-interfaces-systemd.nix

··· 9 interfaces = attrValues cfg.interfaces; 10 11 interfaceIps = i: 12 - i.ip4 ++ optionals cfg.enableIPv6 i.ip6 13 - ++ optional (i.ipAddress != null) { 14 - address = i.ipAddress; 15 - prefixLength = i.prefixLength; 16 - } ++ optional (cfg.enableIPv6 && i.ipv6Address != null) { 17 - address = i.ipv6Address; 18 - prefixLength = i.ipv6PrefixLength; 19 - }; 20 21 dhcpStr = useDHCP: if useDHCP == true || useDHCP == null then "both" else "none"; 22

··· 9 interfaces = attrValues cfg.interfaces; 10 11 interfaceIps = i: 12 + i.ipv4.addresses 13 + ++ optionals cfg.enableIPv6 i.ipv6.addresses; 14 15 dhcpStr = useDHCP: if useDHCP == true || useDHCP == null then "both" else "none"; 16

+87 -51

nixos/modules/tasks/network-interfaces.nix

··· 1 - { config, lib, pkgs, utils, stdenv, ... }: 2 3 with lib; 4 with utils; ··· 101 address = mkOption { 102 type = types.str; 103 description = '' 104 - IPv${toString v} address of the interface. Leave empty to configure the 105 interface using DHCP. 106 ''; 107 }; ··· 116 }; 117 }; 118 119 gatewayCoerce = address: { inherit address; }; 120 121 gatewayOpts = { ... }: { ··· 148 interfaceOpts = { name, ... }: { 149 150 options = { 151 - 152 name = mkOption { 153 example = "eth0"; 154 type = types.str; ··· 175 ''; 176 }; 177 178 - ip4 = mkOption { 179 default = [ ]; 180 example = [ 181 { address = "10.0.0.1"; prefixLength = 16; } ··· 187 ''; 188 }; 189 190 - ip6 = mkOption { 191 default = [ ]; 192 example = [ 193 { address = "fdfd:b3f0:482::1"; prefixLength = 48; } ··· 199 ''; 200 }; 201 202 - ipAddress = mkOption { 203 - default = null; 204 - example = "10.0.0.1"; 205 - type = types.nullOr types.str; 206 - description = '' 207 - IP address of the interface. Leave empty to configure the 208 - interface using DHCP. 209 - ''; 210 - }; 211 - 212 - prefixLength = mkOption { 213 - default = null; 214 - example = 24; 215 - type = types.nullOr types.int; 216 - description = '' 217 - Subnet mask of the interface, specified as the number of 218 - bits in the prefix (<literal>24</literal>). 219 - ''; 220 - }; 221 - 222 - subnetMask = mkOption { 223 - default = null; 224 - description = '' 225 - Defunct, supply the prefix length instead. 226 - ''; 227 - }; 228 - 229 - ipv6Address = mkOption { 230 - default = null; 231 - example = "2001:1470:fffd:2098::e006"; 232 - type = types.nullOr types.str; 233 description = '' 234 - IPv6 address of the interface. Leave empty to configure the 235 - interface using NDP. 236 ''; 237 }; 238 239 - ipv6PrefixLength = mkOption { 240 - default = 64; 241 - example = 64; 242 - type = types.int; 243 description = '' 244 - Subnet mask of the interface, specified as the number of 245 - bits in the prefix (<literal>64</literal>). 246 ''; 247 }; 248 ··· 316 config = { 317 name = mkDefault name; 318 }; 319 320 }; 321 ··· 453 networking.interfaces = mkOption { 454 default = {}; 455 example = 456 - { eth0.ip4 = [ { 457 address = "131.211.84.78"; 458 prefixLength = 25; 459 } ]; ··· 932 933 config = { 934 935 assertions = 936 (flip map interfaces (i: { 937 - assertion = i.subnetMask == null; 938 - message = '' 939 - The networking.interfaces."${i.name}".subnetMask option is defunct. Use prefixLength instead. 940 - ''; 941 - })) ++ (flip map interfaces (i: { 942 # With the linux kernel, interface name length is limited by IFNAMSIZ 943 # to 16 bytes, including the trailing null byte. 944 # See include/linux/if.h in the kernel sources ··· 947 The name of networking.interfaces."${i.name}" is too long, it needs to be less than 16 characters. 948 ''; 949 })) ++ (flip map slaveIfs (i: { 950 - assertion = i.ip4 == [ ] && i.ipAddress == null && i.ip6 == [ ] && i.ipv6Address == null; 951 message = '' 952 The networking.interfaces."${i.name}" must not have any defined ips when it is a slave. 953 ''; ··· 1089 '' + optionalString (i.mtu != null) '' 1090 echo "setting MTU to ${toString i.mtu}..." 1091 ip link set "${i.name}" mtu "${toString i.mtu}" 1092 ''; 1093 }))); 1094

··· 1 + { config, options, lib, pkgs, utils, stdenv, ... }: 2 3 with lib; 4 with utils; ··· 101 address = mkOption { 102 type = types.str; 103 description = '' 104 + IPv${toString v} address of the interface. Leave empty to configure the 105 interface using DHCP. 106 ''; 107 }; ··· 116 }; 117 }; 118 119 + routeOpts = v: 120 + { options = { 121 + address = mkOption { 122 + type = types.str; 123 + description = "IPv${toString v} address of the network."; 124 + }; 125 + 126 + prefixLength = mkOption { 127 + type = types.addCheck types.int (n: n >= 0 && n <= (if v == 4 then 32 else 128)); 128 + description = '' 129 + Subnet mask of the network, specified as the number of 130 + bits in the prefix (<literal>${if v == 4 then "24" else "64"}</literal>). 131 + ''; 132 + }; 133 + 134 + via = mkOption { 135 + type = types.nullOr types.str; 136 + default = null; 137 + description = "IPv${toString v} address of the next hop."; 138 + }; 139 + 140 + options = mkOption { 141 + type = types.attrsOf types.str; 142 + default = { }; 143 + example = { mtu = "1492"; window = "524288"; }; 144 + description = '' 145 + Other route options. See the symbol <literal>OPTION</literal> 146 + in the <literal>ip-route(8)</literal> manual page for the details. 147 + ''; 148 + }; 149 + 150 + }; 151 + }; 152 + 153 gatewayCoerce = address: { inherit address; }; 154 155 gatewayOpts = { ... }: { ··· 182 interfaceOpts = { name, ... }: { 183 184 options = { 185 name = mkOption { 186 example = "eth0"; 187 type = types.str; ··· 208 ''; 209 }; 210 211 + ipv4.addresses = mkOption { 212 default = [ ]; 213 example = [ 214 { address = "10.0.0.1"; prefixLength = 16; } ··· 220 ''; 221 }; 222 223 + ipv6.addresses = mkOption { 224 default = [ ]; 225 example = [ 226 { address = "fdfd:b3f0:482::1"; prefixLength = 48; } ··· 232 ''; 233 }; 234 235 + ipv4.routes = mkOption { 236 + default = []; 237 + example = [ 238 + { address = "10.0.0.0"; prefixLength = 16; } 239 + { address = "192.168.2.0"; prefixLength = 24; via = "192.168.1.1"; } 240 + ]; 241 + type = with types; listOf (submodule (routeOpts 4)); 242 description = '' 243 + List of extra IPv4 static routes that will be assigned to the interface. 244 ''; 245 }; 246 247 + ipv6.routes = mkOption { 248 + default = []; 249 + example = [ 250 + { address = "fdfd:b3f0::"; prefixLength = 48; } 251 + { address = "2001:1470:fffd:2098::"; prefixLength = 64; via = "fdfd:b3f0::1"; } 252 + ]; 253 + type = with types; listOf (submodule (routeOpts 6)); 254 description = '' 255 + List of extra IPv6 static routes that will be assigned to the interface. 256 ''; 257 }; 258 ··· 326 config = { 327 name = mkDefault name; 328 }; 329 + 330 + # Renamed or removed options 331 + imports = 332 + let 333 + defined = x: x != "_mkMergedOptionModule"; 334 + in [ 335 + (mkRenamedOptionModule [ "ip4" ] [ "ipv4" "addresses"]) 336 + (mkRenamedOptionModule [ "ip6" ] [ "ipv6" "addresses"]) 337 + (mkRemovedOptionModule [ "subnetMask" ] '' 338 + Supply a prefix length instead; use option 339 + networking.interfaces.<name>.ipv{4,6}.addresses'') 340 + (mkMergedOptionModule 341 + [ [ "ipAddress" ] [ "prefixLength" ] ] 342 + [ "ipv4" "addresses" ] 343 + (cfg: with cfg; 344 + optional (defined ipAddress && defined prefixLength) 345 + { address = ipAddress; prefixLength = prefixLength; })) 346 + (mkMergedOptionModule 347 + [ [ "ipv6Address" ] [ "ipv6PrefixLength" ] ] 348 + [ "ipv6" "addresses" ] 349 + (cfg: with cfg; 350 + optional (defined ipv6Address && defined ipv6PrefixLength) 351 + { address = ipv6Address; prefixLength = ipv6PrefixLength; })) 352 + 353 + ({ options.warnings = options.warnings; }) 354 + ]; 355 356 }; 357 ··· 489 networking.interfaces = mkOption { 490 default = {}; 491 example = 492 + { eth0.ipv4 = [ { 493 address = "131.211.84.78"; 494 prefixLength = 25; 495 } ]; ··· 968 969 config = { 970 971 + warnings = concatMap (i: i.warnings) interfaces; 972 + 973 assertions = 974 (flip map interfaces (i: { 975 # With the linux kernel, interface name length is limited by IFNAMSIZ 976 # to 16 bytes, including the trailing null byte. 977 # See include/linux/if.h in the kernel sources ··· 980 The name of networking.interfaces."${i.name}" is too long, it needs to be less than 16 characters. 981 ''; 982 })) ++ (flip map slaveIfs (i: { 983 + assertion = i.ipv4.addresses == [ ] && i.ipv6.addresses == [ ]; 984 message = '' 985 The networking.interfaces."${i.name}" must not have any defined ips when it is a slave. 986 ''; ··· 1122 '' + optionalString (i.mtu != null) '' 1123 echo "setting MTU to ${toString i.mtu}..." 1124 ip link set "${i.name}" mtu "${toString i.mtu}" 1125 + '' + '' 1126 + echo -n "bringing up interface... " 1127 + ip link set "${i.name}" up && echo "done" || (echo "failed"; exit 1) 1128 ''; 1129 }))); 1130

+1 -1

nixos/modules/virtualisation/virtualbox-host.nix

··· 124 ''; 125 }; 126 127 - networking.interfaces.vboxnet0.ip4 = [ { address = "192.168.56.1"; prefixLength = 24; } ]; 128 # Make sure NetworkManager won't assume this interface being up 129 # means we have internet access. 130 networking.networkmanager.unmanaged = ["vboxnet0"];

··· 124 ''; 125 }; 126 127 + networking.interfaces.vboxnet0.ipv4.addresses = { address = "192.168.56.1"; prefixLength = 24; }; 128 # Make sure NetworkManager won't assume this interface being up 129 # means we have internet access. 130 networking.networkmanager.unmanaged = ["vboxnet0"];

+3 -3

nixos/tests/bittorrent.nix

··· 16 miniupnpdConf = nodes: pkgs.writeText "miniupnpd.conf" 17 '' 18 ext_ifname=eth1 19 - listening_ip=${(pkgs.lib.head nodes.router.config.networking.interfaces.eth2.ip4).address}/24 20 allow 1024-65535 192.168.2.0/24 1024-65535 21 ''; 22 ··· 56 { environment.systemPackages = [ pkgs.transmission ]; 57 virtualisation.vlans = [ 2 ]; 58 networking.defaultGateway = 59 - (pkgs.lib.head nodes.router.config.networking.interfaces.eth2.ip4).address; 60 networking.firewall.enable = false; 61 }; 62 ··· 84 # Create the torrent. 85 $tracker->succeed("mkdir /tmp/data"); 86 $tracker->succeed("cp ${file} /tmp/data/test.tar.bz2"); 87 - $tracker->succeed("transmission-create /tmp/data/test.tar.bz2 -p -t http://${(pkgs.lib.head nodes.tracker.config.networking.interfaces.eth1.ip4).address}:6969/announce -o /tmp/test.torrent"); 88 $tracker->succeed("chmod 644 /tmp/test.torrent"); 89 90 # Start the tracker. !!! use a less crappy tracker

··· 16 miniupnpdConf = nodes: pkgs.writeText "miniupnpd.conf" 17 '' 18 ext_ifname=eth1 19 + listening_ip=${(pkgs.lib.head nodes.router.config.networking.interfaces.eth2.ipv4.addresses).address}/24 20 allow 1024-65535 192.168.2.0/24 1024-65535 21 ''; 22 ··· 56 { environment.systemPackages = [ pkgs.transmission ]; 57 virtualisation.vlans = [ 2 ]; 58 networking.defaultGateway = 59 + (pkgs.lib.head nodes.router.config.networking.interfaces.eth2.ipv4.addresses).address; 60 networking.firewall.enable = false; 61 }; 62 ··· 84 # Create the torrent. 85 $tracker->succeed("mkdir /tmp/data"); 86 $tracker->succeed("cp ${file} /tmp/data/test.tar.bz2"); 87 + $tracker->succeed("transmission-create /tmp/data/test.tar.bz2 -p -t http://${(pkgs.lib.head nodes.tracker.config.networking.interfaces.eth1.ipv4.addresses).address}:6969/announce -o /tmp/test.torrent"); 88 $tracker->succeed("chmod 644 /tmp/test.torrent"); 89 90 # Start the tracker. !!! use a less crappy tracker

+6 -3

nixos/tests/cjdns.nix

··· 12 # the sequence of address assignment less stochastic. 13 networking.useDHCP = false; 14 15 - networking.interfaces.eth1.prefixLength = 24; 16 # CJDNS output is incompatible with the XML log. 17 systemd.services.cjdns.serviceConfig.StandardOutput = "null"; 18 #networking.firewall.enable = true; ··· 49 50 { imports = [ basicConfig ]; 51 52 - networking.interfaces.eth1.ipAddress = "192.168.0.2"; 53 54 services.cjdns = 55 { UDPInterface = ··· 76 CJDNS_ADMIN_PASSWORD=FOOBAR 77 ''; 78 79 - networking.interfaces.eth1.ipAddress = "192.168.0.1"; 80 81 services.cjdns = 82 { authorizedPasswords = [ carolPassword ];

··· 12 # the sequence of address assignment less stochastic. 13 networking.useDHCP = false; 14 15 # CJDNS output is incompatible with the XML log. 16 systemd.services.cjdns.serviceConfig.StandardOutput = "null"; 17 #networking.firewall.enable = true; ··· 48 49 { imports = [ basicConfig ]; 50 51 + networking.interfaces.eth1.ipv4.addresses = [ 52 + { address = "192.168.0.2"; prefixLength = 24; } 53 + ]; 54 55 services.cjdns = 56 { UDPInterface = ··· 77 CJDNS_ADMIN_PASSWORD=FOOBAR 78 ''; 79 80 + networking.interfaces.eth1.ipv4.addresses = [ 81 + { address = "192.168.0.1"; prefixLength = 24; } 82 + ]; 83 84 services.cjdns = 85 { authorizedPasswords = [ carolPassword ];

+2 -2

nixos/tests/containers-bridge.nix

··· 26 }; 27 networking.interfaces = { 28 br0 = { 29 - ip4 = [{ address = hostIp; prefixLength = 24; }]; 30 - ip6 = [{ address = hostIp6; prefixLength = 7; }]; 31 }; 32 }; 33

··· 26 }; 27 networking.interfaces = { 28 br0 = { 29 + ipv4.addresses = [{ address = hostIp; prefixLength = 24; }]; 30 + ipv6.addresses = [{ address = hostIp6; prefixLength = 7; }]; 31 }; 32 }; 33

+3 -3

nixos/tests/containers-extra_veth.nix

··· 21 }; 22 networking.interfaces = { 23 br0 = { 24 - ip4 = [{ address = "192.168.0.1"; prefixLength = 24; }]; 25 - ip6 = [{ address = "fc00::1"; prefixLength = 7; }]; 26 }; 27 br1 = { 28 - ip4 = [{ address = "192.168.1.1"; prefixLength = 24; }]; 29 }; 30 }; 31

··· 21 }; 22 networking.interfaces = { 23 br0 = { 24 + ipv4.addresses = [{ address = "192.168.0.1"; prefixLength = 24; }]; 25 + ipv6.addresses = [{ address = "fc00::1"; prefixLength = 7; }]; 26 }; 27 br1 = { 28 + ipv4.addresses = [{ address = "192.168.1.1"; prefixLength = 24; }]; 29 }; 30 }; 31

+3 -3

nixos/tests/containers-hosts.nix

··· 13 virtualisation.vlans = []; 14 15 networking.bridges.br0.interfaces = []; 16 - networking.interfaces.br0 = { 17 - ip4 = [ { address = "10.11.0.254"; prefixLength = 24; } ]; 18 - }; 19 20 # Force /etc/hosts to be the only source for host name resolution 21 environment.etc."nsswitch.conf".text = lib.mkForce ''

··· 13 virtualisation.vlans = []; 14 15 networking.bridges.br0.interfaces = []; 16 + networking.interfaces.br0.ipv4.addresses = [ 17 + { address = "10.11.0.254"; prefixLength = 24; } 18 + ]; 19 20 # Force /etc/hosts to be the only source for host name resolution 21 environment.etc."nsswitch.conf".text = lib.mkForce ''

+4 -4

nixos/tests/containers-macvlans.nix

··· 26 interface = "eth1"; 27 mode = "bridge"; 28 }; 29 - networking.interfaces.eth1.ip4 = lib.mkForce []; 30 networking.interfaces.mv-eth1-host = { 31 - ip4 = [ { address = "192.168.1.1"; prefixLength = 24; } ]; 32 }; 33 34 containers.test1 = { ··· 37 38 config = { 39 networking.interfaces.mv-eth1 = { 40 - ip4 = [ { address = containerIp1; prefixLength = 24; } ]; 41 }; 42 }; 43 }; ··· 48 49 config = { 50 networking.interfaces.mv-eth1 = { 51 - ip4 = [ { address = containerIp2; prefixLength = 24; } ]; 52 }; 53 }; 54 };

··· 26 interface = "eth1"; 27 mode = "bridge"; 28 }; 29 + networking.interfaces.eth1.ipv4.addresses = lib.mkForce []; 30 networking.interfaces.mv-eth1-host = { 31 + ipv4.addresses = [ { address = "192.168.1.1"; prefixLength = 24; } ]; 32 }; 33 34 containers.test1 = { ··· 37 38 config = { 39 networking.interfaces.mv-eth1 = { 40 + ipv4.addresses = [ { address = containerIp1; prefixLength = 24; } ]; 41 }; 42 }; 43 }; ··· 48 49 config = { 50 networking.interfaces.mv-eth1 = { 51 + ipv4.addresses = [ { address = containerIp2; prefixLength = 24; } ]; 52 }; 53 }; 54 };

+12 -12

nixos/tests/containers-physical_interfaces.nix

··· 16 interfaces = [ "eth1" ]; 17 18 config = { 19 - networking.interfaces.eth1 = { 20 - ip4 = [ { address = "10.10.0.1"; prefixLength = 24; } ]; 21 - }; 22 networking.firewall.enable = false; 23 }; 24 }; ··· 33 34 config = { 35 networking.bridges.br0.interfaces = [ "eth1" ]; 36 - networking.interfaces.br0 = { 37 - ip4 = [ { address = "10.10.0.2"; prefixLength = 24; } ]; 38 - }; 39 networking.firewall.enable = false; 40 }; 41 }; ··· 54 interfaces = [ "eth1" ]; 55 mode = "active-backup"; 56 }; 57 - networking.interfaces.bond0 = { 58 - ip4 = [ { address = "10.10.0.3"; prefixLength = 24; } ]; 59 - }; 60 networking.firewall.enable = false; 61 }; 62 }; ··· 76 mode = "active-backup"; 77 }; 78 networking.bridges.br0.interfaces = [ "bond0" ]; 79 - networking.interfaces.br0 = { 80 - ip4 = [ { address = "10.10.0.4"; prefixLength = 24; } ]; 81 - }; 82 networking.firewall.enable = false; 83 }; 84 };

··· 16 interfaces = [ "eth1" ]; 17 18 config = { 19 + networking.interfaces.eth1.ipv4.addresses = [ 20 + { address = "10.10.0.1"; prefixLength = 24; } 21 + ]; 22 networking.firewall.enable = false; 23 }; 24 }; ··· 33 34 config = { 35 networking.bridges.br0.interfaces = [ "eth1" ]; 36 + networking.interfaces.br0.ipv4.addresses = [ 37 + { address = "10.10.0.2"; prefixLength = 24; } 38 + ]; 39 networking.firewall.enable = false; 40 }; 41 }; ··· 54 interfaces = [ "eth1" ]; 55 mode = "active-backup"; 56 }; 57 + networking.interfaces.bond0.ipv4.addresses = [ 58 + { address = "10.10.0.3"; prefixLength = 24; } 59 + ]; 60 networking.firewall.enable = false; 61 }; 62 }; ··· 76 mode = "active-backup"; 77 }; 78 networking.bridges.br0.interfaces = [ "bond0" ]; 79 + networking.interfaces.br0.ipv4.addresses = [ 80 + { address = "10.10.0.4"; prefixLength = 24; } 81 + ]; 82 networking.firewall.enable = false; 83 }; 84 };

+1 -1

nixos/tests/containers-reloadable.nix

··· 11 12 # prevent make-test.nix to change IP 13 networking.interfaces = { 14 - eth1.ip4 = lib.mkOverride 0 [ ]; 15 }; 16 }; 17 in {

··· 11 12 # prevent make-test.nix to change IP 13 networking.interfaces = { 14 + eth1.ipv4.addresses = lib.mkOverride 0 [ ]; 15 }; 16 }; 17 in {

+7 -7

nixos/tests/containers-restart_networking.nix

··· 11 config = { 12 networking.firewall.enable = false; 13 networking.firewall.allowPing = true; 14 - networking.interfaces.eth0.ip4 = [ 15 { address = "192.168.1.122"; prefixLength = 24; } 16 ]; 17 }; ··· 33 rstp = false; 34 }; 35 networking.interfaces = { 36 - eth1.ip4 = lib.mkOverride 0 [ ]; 37 - br0.ip4 = [{ address = "192.168.1.1"; prefixLength = 24; }]; 38 }; 39 40 }; ··· 44 rstp = false; 45 }; 46 networking.interfaces = { 47 - eth1.ip4 = lib.mkOverride 0 [ ]; 48 - br0.ip4 = [{ address = "192.168.1.2"; prefixLength = 24; }]; 49 }; 50 }; 51 client_eth1_rstp = { lib, pkgs, ... }: client_base // { ··· 54 rstp = true; 55 }; 56 networking.interfaces = { 57 - eth1.ip4 = lib.mkOverride 0 [ ]; 58 - br0.ip4 = [{ address = "192.168.1.2"; prefixLength = 24; }]; 59 }; 60 }; 61 };

··· 11 config = { 12 networking.firewall.enable = false; 13 networking.firewall.allowPing = true; 14 + networking.interfaces.eth0.ipv4.addresses = [ 15 { address = "192.168.1.122"; prefixLength = 24; } 16 ]; 17 }; ··· 33 rstp = false; 34 }; 35 networking.interfaces = { 36 + eth1.ipv4.addresses = lib.mkOverride 0 [ ]; 37 + br0.ipv4.addresses = [ { address = "192.168.1.1"; prefixLength = 24; } ]; 38 }; 39 40 }; ··· 44 rstp = false; 45 }; 46 networking.interfaces = { 47 + eth1.ipv4.addresses = lib.mkOverride 0 [ ]; 48 + br0.ipv4.addresses = [ { address = "192.168.1.2"; prefixLength = 24; } ]; 49 }; 50 }; 51 client_eth1_rstp = { lib, pkgs, ... }: client_base // { ··· 54 rstp = true; 55 }; 56 networking.interfaces = { 57 + eth1.ipv4.addresses = lib.mkOverride 0 [ ]; 58 + br0.ipv4.addresses = [ { address = "192.168.1.2"; prefixLength = 24; } ]; 59 }; 60 }; 61 };

+4 -4

nixos/tests/ferm.nix

··· 11 with pkgs.lib; 12 { 13 networking = { 14 - interfaces.eth1.ip6 = mkOverride 0 [ { address = "fd00::2"; prefixLength = 64; } ]; 15 - interfaces.eth1.ip4 = mkOverride 0 [ { address = "192.168.1.2"; prefixLength = 24; } ]; 16 }; 17 }; 18 server = ··· 20 with pkgs.lib; 21 { 22 networking = { 23 - interfaces.eth1.ip6 = mkOverride 0 [ { address = "fd00::1"; prefixLength = 64; } ]; 24 - interfaces.eth1.ip4 = mkOverride 0 [ { address = "192.168.1.1"; prefixLength = 24; } ]; 25 }; 26 27 services = {

··· 11 with pkgs.lib; 12 { 13 networking = { 14 + interfaces.eth1.ipv6.addresses = mkOverride 0 [ { address = "fd00::2"; prefixLength = 64; } ]; 15 + interfaces.eth1.ipv4.addresses = mkOverride 0 [ { address = "192.168.1.2"; prefixLength = 24; } ]; 16 }; 17 }; 18 server = ··· 20 with pkgs.lib; 21 { 22 networking = { 23 + interfaces.eth1.ipv6.addresses = mkOverride 0 [ { address = "fd00::1"; prefixLength = 64; } ]; 24 + interfaces.eth1.ipv4.addresses = mkOverride 0 [ { address = "192.168.1.1"; prefixLength = 24; } ]; 25 }; 26 27 services = {

+1 -3

nixos/tests/initrd-network-ssh/default.nix

··· 11 { config, pkgs, ... }: 12 { 13 boot.kernelParams = [ 14 - "ip=${ 15 - (head config.networking.interfaces.eth1.ip4).address 16 - }:::255.255.255.0::eth1:none" 17 ]; 18 boot.initrd.network = { 19 enable = true;

··· 11 { config, pkgs, ... }: 12 { 13 boot.kernelParams = [ 14 + "ip=${config.networking.primaryIPAddress}:::255.255.255.0::eth1:none" 15 ]; 16 boot.initrd.network = { 17 enable = true;

+1 -1

nixos/tests/nat.nix

··· 35 { virtualisation.vlans = [ 1 ]; 36 networking.firewall.allowPing = true; 37 networking.defaultGateway = 38 - (pkgs.lib.head nodes.router.config.networking.interfaces.eth2.ip4).address; 39 } 40 (lib.optionalAttrs withConntrackHelpers { 41 networking.firewall.connectionTrackingModules = [ "ftp" ];

··· 35 { virtualisation.vlans = [ 1 ]; 36 networking.firewall.allowPing = true; 37 networking.defaultGateway = 38 + (pkgs.lib.head nodes.router.config.networking.interfaces.eth2.ipv4.addresses).address; 39 } 40 (lib.optionalAttrs withConntrackHelpers { 41 networking.firewall.connectionTrackingModules = [ "ftp" ];

+95 -34

nixos/tests/networking.nix

··· 21 firewall.allowedUDPPorts = [ 547 ]; 22 interfaces = mkOverride 0 (listToAttrs (flip map vlanIfs (n: 23 nameValuePair "eth${toString n}" { 24 - ipAddress = "192.168.${toString n}.1"; 25 - prefixLength = 24; 26 - ipv6Address = "fd00:1234:5678:${toString n}::1"; 27 - ipv6PrefixLength = 64; 28 }))); 29 }; 30 services.dhcpd4 = { ··· 90 firewall.allowPing = true; 91 useDHCP = false; 92 defaultGateway = "192.168.1.1"; 93 - interfaces.eth1.ip4 = mkOverride 0 [ 94 { address = "192.168.1.2"; prefixLength = 24; } 95 { address = "192.168.1.3"; prefixLength = 32; } 96 { address = "192.168.1.10"; prefixLength = 32; } 97 ]; 98 - interfaces.eth2.ip4 = mkOverride 0 [ 99 { address = "192.168.2.2"; prefixLength = 24; } 100 ]; 101 }; ··· 143 firewall.allowPing = true; 144 useDHCP = true; 145 interfaces.eth1 = { 146 - ip4 = mkOverride 0 [ ]; 147 - ip6 = mkOverride 0 [ ]; 148 }; 149 interfaces.eth2 = { 150 - ip4 = mkOverride 0 [ ]; 151 - ip6 = mkOverride 0 [ ]; 152 }; 153 }; 154 }; ··· 198 firewall.allowPing = true; 199 useDHCP = false; 200 interfaces.eth1 = { 201 - ip4 = mkOverride 0 [ ]; 202 useDHCP = true; 203 }; 204 - interfaces.eth2.ip4 = mkOverride 0 [ ]; 205 }; 206 }; 207 testScript = { nodes, ... }: ··· 241 interfaces = [ "eth1" "eth2" ]; 242 driverOptions.mode = "balance-rr"; 243 }; 244 - interfaces.eth1.ip4 = mkOverride 0 [ ]; 245 - interfaces.eth2.ip4 = mkOverride 0 [ ]; 246 - interfaces.bond.ip4 = mkOverride 0 247 [ { inherit address; prefixLength = 30; } ]; 248 }; 249 }; ··· 274 useNetworkd = networkd; 275 firewall.allowPing = true; 276 useDHCP = false; 277 - interfaces.eth1.ip4 = mkOverride 0 278 [ { inherit address; prefixLength = 24; } ]; 279 }; 280 }; ··· 289 firewall.allowPing = true; 290 useDHCP = false; 291 bridges.bridge.interfaces = [ "eth1" "eth2" ]; 292 - interfaces.eth1.ip4 = mkOverride 0 [ ]; 293 - interfaces.eth2.ip4 = mkOverride 0 [ ]; 294 - interfaces.bridge.ip4 = mkOverride 0 295 [ { address = "192.168.1.1"; prefixLength = 24; } ]; 296 }; 297 }; ··· 328 firewall.allowPing = true; 329 useDHCP = true; 330 macvlans.macvlan.interface = "eth1"; 331 - interfaces.eth1.ip4 = mkOverride 0 [ ]; 332 }; 333 }; 334 testScript = { nodes, ... }: ··· 369 local = address4; 370 dev = "eth1"; 371 }; 372 - interfaces.eth1.ip4 = mkOverride 0 373 [ { address = address4; prefixLength = 24; } ]; 374 - interfaces.sit.ip6 = mkOverride 0 375 [ { address = address6; prefixLength = 64; } ]; 376 }; 377 }; ··· 410 id = 1; 411 interface = "eth0"; 412 }; 413 - interfaces.eth0.ip4 = mkOverride 0 [ ]; 414 - interfaces.eth1.ip4 = mkOverride 0 [ ]; 415 - interfaces.vlan.ip4 = mkOverride 0 416 [ { inherit address; prefixLength = 24; } ]; 417 }; 418 }; ··· 437 name = "Virtual"; 438 machine = { 439 networking.interfaces."tap0" = { 440 - ip4 = [ { address = "192.168.1.1"; prefixLength = 24; } ]; 441 - ip6 = [ { address = "2001:1470:fffd:2096::"; prefixLength = 64; } ]; 442 virtual = true; 443 }; 444 networking.interfaces."tun0" = { 445 - ip4 = [ { address = "192.168.1.2"; prefixLength = 24; } ]; 446 - ip6 = [ { address = "2001:1470:fffd:2097::"; prefixLength = 64; } ]; 447 virtual = true; 448 }; 449 }; ··· 483 boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = true; 484 networking = { 485 useNetworkd = networkd; 486 - interfaces.eth1 = { 487 - ipv6Address = "fd00:1234:5678:1::1"; 488 - ipv6PrefixLength = 64; 489 }; 490 }; 491 services.radvd = { ··· 511 useDHCP = true; 512 interfaces.eth1 = { 513 preferTempAddress = true; 514 - ip4 = mkOverride 0 [ ]; 515 - ip6 = mkOverride 0 [ ]; 516 }; 517 }; 518 }; ··· 532 # Test address used is temporary 533 $client->waitUntilSucceeds("! ip route get fd00:1234:5678:1::1 | grep -q ':[a-f0-9]*ff:fe[a-f0-9]*:'"); 534 ''; 535 }; 536 }; 537

··· 21 firewall.allowedUDPPorts = [ 547 ]; 22 interfaces = mkOverride 0 (listToAttrs (flip map vlanIfs (n: 23 nameValuePair "eth${toString n}" { 24 + ipv4.addresses = [ { address = "192.168.${toString n}.1"; prefixLength = 24; } ]; 25 + ipv6.addresses = [ { address = "fd00:1234:5678:${toString n}::1"; prefixLength = 64; } ]; 26 }))); 27 }; 28 services.dhcpd4 = { ··· 88 firewall.allowPing = true; 89 useDHCP = false; 90 defaultGateway = "192.168.1.1"; 91 + interfaces.eth1.ipv4.addresses = mkOverride 0 [ 92 { address = "192.168.1.2"; prefixLength = 24; } 93 { address = "192.168.1.3"; prefixLength = 32; } 94 { address = "192.168.1.10"; prefixLength = 32; } 95 ]; 96 + interfaces.eth2.ipv4.addresses = mkOverride 0 [ 97 { address = "192.168.2.2"; prefixLength = 24; } 98 ]; 99 }; ··· 141 firewall.allowPing = true; 142 useDHCP = true; 143 interfaces.eth1 = { 144 + ipv4.addresses = mkOverride 0 [ ]; 145 + ipv6.addresses = mkOverride 0 [ ]; 146 }; 147 interfaces.eth2 = { 148 + ipv4.addresses = mkOverride 0 [ ]; 149 + ipv6.addresses = mkOverride 0 [ ]; 150 }; 151 }; 152 }; ··· 196 firewall.allowPing = true; 197 useDHCP = false; 198 interfaces.eth1 = { 199 + ipv4.addresses = mkOverride 0 [ ]; 200 useDHCP = true; 201 }; 202 + interfaces.eth2.ipv4.addresses = mkOverride 0 [ ]; 203 }; 204 }; 205 testScript = { nodes, ... }: ··· 239 interfaces = [ "eth1" "eth2" ]; 240 driverOptions.mode = "balance-rr"; 241 }; 242 + interfaces.eth1.ipv4.addresses = mkOverride 0 [ ]; 243 + interfaces.eth2.ipv4.addresses = mkOverride 0 [ ]; 244 + interfaces.bond.ipv4.addresses = mkOverride 0 245 [ { inherit address; prefixLength = 30; } ]; 246 }; 247 }; ··· 272 useNetworkd = networkd; 273 firewall.allowPing = true; 274 useDHCP = false; 275 + interfaces.eth1.ipv4.addresses = mkOverride 0 276 [ { inherit address; prefixLength = 24; } ]; 277 }; 278 }; ··· 287 firewall.allowPing = true; 288 useDHCP = false; 289 bridges.bridge.interfaces = [ "eth1" "eth2" ]; 290 + interfaces.eth1.ipv4.addresses = mkOverride 0 [ ]; 291 + interfaces.eth2.ipv4.addresses = mkOverride 0 [ ]; 292 + interfaces.bridge.ipv4.addresses = mkOverride 0 293 [ { address = "192.168.1.1"; prefixLength = 24; } ]; 294 }; 295 }; ··· 326 firewall.allowPing = true; 327 useDHCP = true; 328 macvlans.macvlan.interface = "eth1"; 329 + interfaces.eth1.ipv4.addresses = mkOverride 0 [ ]; 330 }; 331 }; 332 testScript = { nodes, ... }: ··· 367 local = address4; 368 dev = "eth1"; 369 }; 370 + interfaces.eth1.ipv4.addresses = mkOverride 0 371 [ { address = address4; prefixLength = 24; } ]; 372 + interfaces.sit.ipv6.addresses = mkOverride 0 373 [ { address = address6; prefixLength = 64; } ]; 374 }; 375 }; ··· 408 id = 1; 409 interface = "eth0"; 410 }; 411 + interfaces.eth0.ipv4.addresses = mkOverride 0 [ ]; 412 + interfaces.eth1.ipv4.addresses = mkOverride 0 [ ]; 413 + interfaces.vlan.ipv4.addresses = mkOverride 0 414 [ { inherit address; prefixLength = 24; } ]; 415 }; 416 }; ··· 435 name = "Virtual"; 436 machine = { 437 networking.interfaces."tap0" = { 438 + ipv4.addresses = [ { address = "192.168.1.1"; prefixLength = 24; } ]; 439 + ipv6.addresses = [ { address = "2001:1470:fffd:2096::"; prefixLength = 64; } ]; 440 virtual = true; 441 }; 442 networking.interfaces."tun0" = { 443 + ipv4.addresses = [ { address = "192.168.1.2"; prefixLength = 24; } ]; 444 + ipv6.addresses = [ { address = "2001:1470:fffd:2097::"; prefixLength = 64; } ]; 445 virtual = true; 446 }; 447 }; ··· 481 boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = true; 482 networking = { 483 useNetworkd = networkd; 484 + interfaces.eth1.ipv6.addresses = singleton { 485 + address = "fd00:1234:5678:1::1"; 486 + prefixLength = 64; 487 }; 488 }; 489 services.radvd = { ··· 509 useDHCP = true; 510 interfaces.eth1 = { 511 preferTempAddress = true; 512 + ipv4.addresses = mkOverride 0 [ ]; 513 + ipv6.addresses = mkOverride 0 [ ]; 514 }; 515 }; 516 }; ··· 530 # Test address used is temporary 531 $client->waitUntilSucceeds("! ip route get fd00:1234:5678:1::1 | grep -q ':[a-f0-9]*ff:fe[a-f0-9]*:'"); 532 ''; 533 + }; 534 + routes = { 535 + name = "routes"; 536 + machine = { 537 + networking.useDHCP = false; 538 + networking.interfaces."eth0" = { 539 + ipv4.addresses = [ { address = "192.168.1.2"; prefixLength = 24; } ]; 540 + ipv6.addresses = [ { address = "2001:1470:fffd:2097::"; prefixLength = 64; } ]; 541 + ipv6.routes = [ 542 + { address = "fdfd:b3f0::"; prefixLength = 48; } 543 + { address = "2001:1470:fffd:2098::"; prefixLength = 64; via = "fdfd:b3f0::1"; } 544 + ]; 545 + ipv4.routes = [ 546 + { address = "10.0.0.0"; prefixLength = 16; options = { mtu = "1500"; }; } 547 + { address = "192.168.2.0"; prefixLength = 24; via = "192.168.1.1"; } 548 + ]; 549 + }; 550 + virtualisation.vlans = [ ]; 551 + }; 552 + 553 + testScript = '' 554 + my $targetIPv4Table = <<'END'; 555 + 10.0.0.0/16 scope link mtu 1500 556 + 192.168.1.0/24 proto kernel scope link src 192.168.1.2 557 + 192.168.2.0/24 via 192.168.1.1 558 + END 559 + 560 + my $targetIPv6Table = <<'END'; 561 + 2001:1470:fffd:2097::/64 proto kernel metric 256 pref medium 562 + 2001:1470:fffd:2098::/64 via fdfd:b3f0::1 metric 1024 pref medium 563 + fdfd:b3f0::/48 metric 1024 pref medium 564 + END 565 + 566 + $machine->start; 567 + $machine->waitForUnit("network.target"); 568 + 569 + # test routing tables 570 + my $ipv4Table = $machine->succeed("ip -4 route list dev eth0 | head -n3"); 571 + my $ipv6Table = $machine->succeed("ip -6 route list dev eth0 | head -n3"); 572 + "$ipv4Table" eq "$targetIPv4Table" or die( 573 + "The IPv4 routing table does not match the expected one:\n", 574 + "Result:\n", "$ipv4Table\n", 575 + "Expected:\n", "$targetIPv4Table\n" 576 + ); 577 + "$ipv6Table" eq "$targetIPv6Table" or die( 578 + "The IPv6 routing table does not match the expected one:\n", 579 + "Result:\n", "$ipv6Table\n", 580 + "Expected:\n", "$targetIPv6Table\n" 581 + ); 582 + 583 + # test clean-up of the tables 584 + $machine->succeed("systemctl stop network-addresses-eth0"); 585 + my $ipv4Residue = $machine->succeed("ip -4 route list dev eth0 | head -n-3"); 586 + my $ipv6Residue = $machine->succeed("ip -6 route list dev eth0 | head -n-3"); 587 + $ipv4Residue eq "" or die( 588 + "The IPv4 routing table has not been properly cleaned:\n", 589 + "$ipv4Residue\n" 590 + ); 591 + $ipv6Residue eq "" or die( 592 + "The IPv6 routing table has not been properly cleaned:\n", 593 + "$ipv6Residue\n" 594 + ); 595 + ''; 596 }; 597 }; 598

+14 -8

nixos/tests/nsd.nix

··· 15 clientv4 = { lib, nodes, ... }: { 16 imports = [ common ]; 17 networking.nameservers = lib.mkForce [ 18 - nodes.server.config.networking.interfaces.eth1.ipAddress 19 ]; 20 - networking.interfaces.eth1.ipAddress = "192.168.0.2"; 21 - networking.interfaces.eth1.prefixLength = 24; 22 }; 23 24 clientv6 = { lib, nodes, ... }: { 25 imports = [ common ]; 26 networking.nameservers = lib.mkForce [ 27 - nodes.server.config.networking.interfaces.eth1.ipv6Address 28 ]; 29 - networking.interfaces.eth1.ipv6Address = "dead:beef::2"; 30 }; 31 32 server = { lib, ... }: { 33 imports = [ common ]; 34 - networking.interfaces.eth1.ipAddress = "192.168.0.1"; 35 - networking.interfaces.eth1.prefixLength = 24; 36 - networking.interfaces.eth1.ipv6Address = "dead:beef::1"; 37 services.nsd.enable = true; 38 services.nsd.interfaces = lib.mkForce []; 39 services.nsd.zones."example.com.".data = ''

··· 15 clientv4 = { lib, nodes, ... }: { 16 imports = [ common ]; 17 networking.nameservers = lib.mkForce [ 18 + (lib.head nodes.server.config.networking.interfaces.eth1.ipv4.addresses).address 19 ]; 20 + networking.interfaces.eth1.ipv4.addresses = [ 21 + { address = "192.168.0.2"; prefixLength = 24; } 22 + ]; 23 }; 24 25 clientv6 = { lib, nodes, ... }: { 26 imports = [ common ]; 27 networking.nameservers = lib.mkForce [ 28 + (lib.head nodes.server.config.networking.interfaces.eth1.ipv6.addresses).address 29 ]; 30 + networking.interfaces.eth1.ipv4.addresses = [ 31 + { address = "dead:beef::2"; prefixLength = 24; } 32 + ]; 33 }; 34 35 server = { lib, ... }: { 36 imports = [ common ]; 37 + networking.interfaces.eth1.ipv4.addresses = [ 38 + { address = "192.168.0.1"; prefixLength = 24; } 39 + ]; 40 + networking.interfaces.eth1.ipv6.addresses = [ 41 + { address = "dead:beef::1"; prefixLength = 64; } 42 + ]; 43 services.nsd.enable = true; 44 services.nsd.interfaces = lib.mkForce []; 45 services.nsd.zones."example.com.".data = ''

+1 -1

nixos/tests/quagga.nix

··· 8 import ./make-test.nix ({ pkgs, ... }: 9 let 10 11 - ifAddr = node: iface: (pkgs.lib.head node.config.networking.interfaces.${iface}.ip4).address; 12 13 ospfConf = '' 14 interface eth2

··· 8 import ./make-test.nix ({ pkgs, ... }: 9 let 10 11 + ifAddr = node: iface: (pkgs.lib.head node.config.networking.interfaces.${iface}.ipv4.addresses).address; 12 13 ospfConf = '' 14 interface eth2