Merge pull request #232454 from quentinmit/bridge-vlan

nixos/networkd: Fix typo in BridgeVLAN options

nixos/modules/system/boot/networkd.nix

@@ -1897,7 +1897,7 @@ let
 
   bridgeVLANOptions = {
     options = {
-      bridgeMDBConfig = mkOption {
+      bridgeVLANConfig = mkOption {
         default = {};
         example = { VLAN = 20; };
         type = types.addCheck (types.attrsOf unitOption) check.network.sectionBridgeVLAN;
@@ -2388,17 +2388,6 @@ let
       '';
     };
 
-    bridgeVLANConfig = mkOption {
-      default = {};
-      example = { VLAN = "10-20"; };
-      type = types.addCheck (types.attrsOf unitOption) check.network.sectionBridgeVLAN;
-      description = lib.mdDoc ''
-        Each attribute in this set specifies an option in the
-        `[BridgeVLAN]` section of the unit.  See
-        {manpage}`systemd.network(5)` for details.
-      '';
-    };
-
     bridgeVLANs = mkOption {
       default = [];
       example = [ { bridgeVLANConfig = { VLAN = "10-20"; }; } ];

nixos/tests/systemd-networkd-dhcpserver.nix

@@ -1,6 +1,12 @@
 # This test predominantly tests systemd-networkd DHCP server, by
 # setting up a DHCP server and client, and ensuring they are mutually
 # reachable via the DHCP allocated address.
+# Two DHCP servers are set up on bridge VLANs, testing to make sure that
+# bridge VLAN settings are correctly applied.
+#
+# br0 ----untagged---v
+#                    +---PVID 1+VLAN 2---[bridge]---PVID 2---eth1
+# vlan2 ---VLAN 2----^
 import ./make-test-python.nix ({pkgs, ...}: {
   name = "systemd-networkd-dhcpserver";
   meta = with pkgs.lib.maintainers; {
@@ -16,6 +22,28 @@ import ./make-test-python.nix ({pkgs, ...}: {
         firewall.enable = false;
       };
       systemd.network = {
+        netdevs = {
+          br0 = {
+            enable = true;
+            netdevConfig = {
+              Name = "br0";
+              Kind = "bridge";
+            };
+            extraConfig = ''
+              [Bridge]
+              VLANFiltering=yes
+              DefaultPVID=none
+            '';
+          };
+          vlan2 = {
+            enable = true;
+            netdevConfig = {
+              Name = "vlan2";
+              Kind = "vlan";
+            };
+            vlanConfig.Id = 2;
+          };
+        };
         networks = {
           # systemd-networkd will load the first network unit file
           # that matches, ordered lexiographically by filename.
@@ -24,9 +52,32 @@ import ./make-test-python.nix ({pkgs, ...}: {
           # however, hence why this network is named such.
           "01-eth1" = {
             name = "eth1";
+            networkConfig.Bridge = "br0";
+            bridgeVLANs = [
+              { bridgeVLANConfig = { PVID = 2; EgressUntagged = 2; }; }
+            ];
+          };
+          "02-br0" = {
+            name = "br0";
             networkConfig = {
               DHCPServer = true;
               Address = "10.0.0.1/24";
+              VLAN = ["vlan2"];
+            };
+            dhcpServerConfig = {
+              PoolOffset = 100;
+              PoolSize = 1;
+            };
+            bridgeVLANs = [
+              { bridgeVLANConfig = { PVID = 1; EgressUntagged = 1; }; }
+              { bridgeVLANConfig = { VLAN = 2; }; }
+            ];
+          };
+          "02-vlan2" = {
+            name = "vlan2";
+            networkConfig = {
+              DHCPServer = true;
+              Address = "10.0.2.1/24";
             };
             dhcpServerConfig = {
               PoolOffset = 100;
@@ -52,7 +103,7 @@ import ./make-test-python.nix ({pkgs, ...}: {
     start_all()
     router.wait_for_unit("systemd-networkd-wait-online.service")
     client.wait_for_unit("systemd-networkd-wait-online.service")
-    client.wait_until_succeeds("ping -c 5 10.0.0.1")
+    client.wait_until_succeeds("ping -c 5 10.0.2.1")
-    router.wait_until_succeeds("ping -c 5 10.0.0.100")
+    router.wait_until_succeeds("ping -c 5 10.0.2.100")
   '';
 })