b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge pull request #164367 from jpathy/patch-2

Browse source 
networking.greTunnels: support ip6gre*
This commit is contained in:
pennae 2022-03-18 15:43:03 +00:00 committed by GitHub
parent 4585fc03be 0a62de4cd5
commit e8bfc4d4a8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 44 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
nixos/modules/tasks/network-interfaces.nix
View file

@ -1021,6 +1021,12 @@ in
dev = "enp4s0f0"; dev = "enp4s0f0";
type = "tap"; type = "tap";
}; };
gre6Tunnel = {
remote = "fd7a:5634::1";
local = "fd7a:5634::2";
dev = "enp4s0f0";
type = "tun6";
};
} }
''; '';
description = '' description = ''
@ -1058,10 +1064,15 @@ in
}; };
type = mkOption { type = mkOption {
type = with types; enum [ "tun" "tap" ]; type = with types; enum [ "tun" "tap" "tun6" "tap6" ];
default = "tap"; default = "tap";
example = "tap"; example = "tap";
apply = v: if v == "tun" then "gre" else "gretap"; apply = v: {
tun = "gre";
tap = "gretap";
tun6 = "ip6gre";
tap6 = "ip6gretap";
}.${v};
description = '' description = ''
Whether the tunnel routes layer 2 (tap) or layer 3 (tun) traffic. Whether the tunnel routes layer 2 (tap) or layer 3 (tun) traffic.
''; '';

33
nixos/tests/networking.nix
View file

@ -498,6 +498,7 @@ let
networking = { networking = {
useNetworkd = networkd; useNetworkd = networkd;
useDHCP = false; useDHCP = false;
firewall.extraCommands = "ip6tables -A nixos-fw -p gre -j nixos-fw-accept";
}; };
}; };
in { in {
@ -506,7 +507,7 @@ let
mkMerge [ mkMerge [
(node args) (node args)
{ {
virtualisation.vlans = [ 1 2 ]; virtualisation.vlans = [ 1 2 4 ];
networking = { networking = {
greTunnels = { greTunnels = {
greTunnel = { greTunnel = {
@ -515,12 +516,24 @@ let
dev = "eth2"; dev = "eth2";
type = "tap"; type = "tap";
}; };
gre6Tunnel = {
local = "fd00:1234:5678:4::1";
remote = "fd00:1234:5678:4::2";
dev = "eth3";
type = "tun6";
};
}; };
bridges.bridge.interfaces = [ "greTunnel" "eth1" ]; bridges.bridge.interfaces = [ "greTunnel" "eth1" ];
interfaces.eth1.ipv4.addresses = mkOverride 0 []; interfaces.eth1.ipv4.addresses = mkOverride 0 [];
interfaces.bridge.ipv4.addresses = mkOverride 0 [ interfaces.bridge.ipv4.addresses = mkOverride 0 [
{ address = "192.168.1.1"; prefixLength = 24; } { address = "192.168.1.1"; prefixLength = 24; }
]; ];
interfaces.eth3.ipv6.addresses = [
{ address = "fd00:1234:5678:4::1"; prefixLength = 64; }
];
interfaces.gre6Tunnel.ipv6.addresses = mkOverride 0 [
{ address = "fc00::1"; prefixLength = 64; }
];
}; };
} }
]; ];
@ -528,7 +541,7 @@ let
mkMerge [ mkMerge [
(node args) (node args)
{ {
virtualisation.vlans = [ 2 3 ]; virtualisation.vlans = [ 2 3 4 ];
networking = { networking = {
greTunnels = { greTunnels = {
greTunnel = { greTunnel = {
@ -537,12 +550,24 @@ let
dev = "eth1"; dev = "eth1";
type = "tap"; type = "tap";
}; };
gre6Tunnel = {
local = "fd00:1234:5678:4::2";
remote = "fd00:1234:5678:4::1";
dev = "eth3";
type = "tun6";
};
}; };
bridges.bridge.interfaces = [ "greTunnel" "eth2" ]; bridges.bridge.interfaces = [ "greTunnel" "eth2" ];
interfaces.eth2.ipv4.addresses = mkOverride 0 []; interfaces.eth2.ipv4.addresses = mkOverride 0 [];
interfaces.bridge.ipv4.addresses = mkOverride 0 [ interfaces.bridge.ipv4.addresses = mkOverride 0 [
{ address = "192.168.1.2"; prefixLength = 24; } { address = "192.168.1.2"; prefixLength = 24; }
]; ];
interfaces.eth3.ipv6.addresses = [
{ address = "fd00:1234:5678:4::2"; prefixLength = 64; }
];
interfaces.gre6Tunnel.ipv6.addresses = mkOverride 0 [
{ address = "fc00::2"; prefixLength = 64; }
];
}; };
} }
]; ];
@ -562,6 +587,10 @@ let
client1.wait_until_succeeds("ping -c 1 192.168.1.2") client1.wait_until_succeeds("ping -c 1 192.168.1.2")
client2.wait_until_succeeds("ping -c 1 192.168.1.1") client2.wait_until_succeeds("ping -c 1 192.168.1.1")
client1.wait_until_succeeds("ping -c 1 fc00::2")
client2.wait_until_succeeds("ping -c 1 fc00::1")
''; '';
}; };
vlan = let vlan = let