From dfc33655936c99ccb99cd6a80048a8f8dca87af2 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Thu, 11 Jul 2019 11:05:15 +0900 Subject: [PATCH 1/2] network: ip6tnl and vti6 does not support the case both Local= and Remote= are any This partially revert feb0c8b86f05330c8c7581463b8adf35ea68e5a9. This also drop assertions about Tunnel.family. --- src/network/netdev/tunnel.c | 32 ++++++++++++-------------------- 1 file changed, 12 insertions(+), 20 deletions(-) diff --git a/src/network/netdev/tunnel.c b/src/network/netdev/tunnel.c index 9ea4d19a2e..c2525408ba 100644 --- a/src/network/netdev/tunnel.c +++ b/src/network/netdev/tunnel.c @@ -44,7 +44,6 @@ static int netdev_ipip_sit_fill_message_create(NetDev *netdev, Link *link, sd_ne assert(m); assert(t); - assert(t->family == AF_INET); if (link || t->assign_to_loopback) { r = sd_netlink_message_append_u32(m, IFLA_IPTUN_LINK, link ? link->ifindex : LOOPBACK_IFINDEX); @@ -136,7 +135,6 @@ static int netdev_gre_erspan_fill_message_create(NetDev *netdev, Link *link, sd_ } assert(t); - assert(t->family == AF_INET); if (link || t->assign_to_loopback) { r = sd_netlink_message_append_u32(m, IFLA_GRE_LINK, link ? link->ifindex : LOOPBACK_IFINDEX); @@ -239,7 +237,6 @@ static int netdev_ip6gre_fill_message_create(NetDev *netdev, Link *link, sd_netl t = IP6GRETAP(netdev); assert(t); - assert(t->family == AF_INET6); assert(m); if (link || t->assign_to_loopback) { @@ -287,8 +284,6 @@ static int netdev_vti_fill_message_create(NetDev *netdev, Link *link, sd_netlink t = VTI6(netdev); assert(t); - assert((netdev->kind == NETDEV_KIND_VTI && t->family == AF_INET) || - (netdev->kind == NETDEV_KIND_VTI6 && t->family == AF_INET6)); if (link || t->assign_to_loopback) { r = sd_netlink_message_append_u32(m, IFLA_VTI_LINK, link ? link->ifindex : LOOPBACK_IFINDEX); @@ -330,7 +325,6 @@ static int netdev_ip6tnl_fill_message_create(NetDev *netdev, Link *link, sd_netl assert(netdev); assert(m); assert(t); - assert(t->family == AF_INET6); if (link || t->assign_to_loopback) { r = sd_netlink_message_append_u32(m, IFLA_IPTUN_LINK, link ? link->ifindex : LOOPBACK_IFINDEX); @@ -435,26 +429,20 @@ static int netdev_tunnel_verify(NetDev *netdev, const char *filename) { assert(t); - if (IN_SET(netdev->kind, NETDEV_KIND_VTI, NETDEV_KIND_IPIP, NETDEV_KIND_SIT, NETDEV_KIND_GRE)) { - if (t->family == AF_UNSPEC) - t->family = AF_INET; - if (t->family != AF_INET) - return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL), - "vti/ipip/sit/gre tunnel without a local/remote IPv4 address configured in %s. Ignoring", filename); - } + if (IN_SET(netdev->kind, NETDEV_KIND_VTI, NETDEV_KIND_IPIP, NETDEV_KIND_SIT, NETDEV_KIND_GRE) && + !IN_SET(t->family, AF_UNSPEC, AF_INET)) + return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL), + "vti/ipip/sit/gre tunnel without a local/remote IPv4 address configured in %s. Ignoring", filename); if (IN_SET(netdev->kind, NETDEV_KIND_GRETAP, NETDEV_KIND_ERSPAN) && (t->family != AF_INET || in_addr_is_null(t->family, &t->remote))) return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL), "gretap/erspan tunnel without a remote IPv4 address configured in %s. Ignoring", filename); - if (IN_SET(netdev->kind, NETDEV_KIND_VTI6, NETDEV_KIND_IP6TNL, NETDEV_KIND_IP6GRE)) { - if (t->family == AF_UNSPEC) - t->family = AF_INET6; - if (t->family != AF_INET6) - return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL), - "vti6/ip6tnl/ip6gre tunnel without a local/remote IPv6 address configured in %s. Ignoring", filename); - } + if ((IN_SET(netdev->kind, NETDEV_KIND_VTI6, NETDEV_KIND_IP6TNL) && t->family != AF_INET6) || + (netdev->kind == NETDEV_KIND_IP6GRE && !IN_SET(t->family, AF_UNSPEC, AF_INET6))) + return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL), + "vti6/ip6tnl/ip6gre tunnel without a local/remote IPv6 address configured in %s. Ignoring", filename); if (netdev->kind == NETDEV_KIND_IP6GRETAP && (t->family != AF_INET6 || in_addr_is_null(t->family, &t->remote))) @@ -473,6 +461,10 @@ static int netdev_tunnel_verify(NetDev *netdev, const char *filename) { if (netdev->kind == NETDEV_KIND_ERSPAN && (t->erspan_index >= (1 << 20) || t->erspan_index == 0)) return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL), "Invalid erspan index %d. Ignoring", t->erspan_index); + /* netlink_message_append_in_addr_union() is used for vti/vti6. So, t->family cannot be AF_UNSPEC. */ + if (netdev->kind == NETDEV_KIND_VTI) + t->family = AF_INET; + return 0; } From 42a29fcb12b29af19ae576228e06879c37512aef Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Thu, 11 Jul 2019 11:39:27 +0900 Subject: [PATCH 2/2] test-network: add testcases Tunnel.Remote=any and Local=any --- .../conf/25-gre-tunnel-any-any.netdev | 9 ++++ .../conf/25-ip6gre-tunnel-any-any.netdev | 7 +++ .../conf/25-ipip-tunnel-any-any.netdev | 8 +++ .../conf/25-sit-tunnel-any-any.netdev | 7 +++ .../conf/25-tunnel-any-any.network | 8 +++ .../conf/25-vti-tunnel-any-any.netdev | 7 +++ test/test-network/conf/gretun.network | 1 + test/test-network/conf/ip6gretun.network | 1 + test/test-network/conf/ipip.network | 1 + test/test-network/conf/sit.network | 1 + test/test-network/conf/vti.network | 1 + test/test-network/systemd-networkd-tests.py | 54 +++++++++++++++---- 12 files changed, 95 insertions(+), 10 deletions(-) create mode 100644 test/test-network/conf/25-gre-tunnel-any-any.netdev create mode 100644 test/test-network/conf/25-ip6gre-tunnel-any-any.netdev create mode 100644 test/test-network/conf/25-ipip-tunnel-any-any.netdev create mode 100644 test/test-network/conf/25-sit-tunnel-any-any.netdev create mode 100644 test/test-network/conf/25-tunnel-any-any.network create mode 100644 test/test-network/conf/25-vti-tunnel-any-any.netdev diff --git a/test/test-network/conf/25-gre-tunnel-any-any.netdev b/test/test-network/conf/25-gre-tunnel-any-any.netdev new file mode 100644 index 0000000000..3467b169fc --- /dev/null +++ b/test/test-network/conf/25-gre-tunnel-any-any.netdev @@ -0,0 +1,9 @@ +[NetDev] +Name=gretun96 +Kind=gre + +[Tunnel] +Local=any +Remote=any +Key=106 +SerializeTunneledPackets=false diff --git a/test/test-network/conf/25-ip6gre-tunnel-any-any.netdev b/test/test-network/conf/25-ip6gre-tunnel-any-any.netdev new file mode 100644 index 0000000000..519474feed --- /dev/null +++ b/test/test-network/conf/25-ip6gre-tunnel-any-any.netdev @@ -0,0 +1,7 @@ +[NetDev] +Name=ip6gretun96 +Kind=ip6gre + +[Tunnel] +Local=any +Remote=any diff --git a/test/test-network/conf/25-ipip-tunnel-any-any.netdev b/test/test-network/conf/25-ipip-tunnel-any-any.netdev new file mode 100644 index 0000000000..8803dd12e9 --- /dev/null +++ b/test/test-network/conf/25-ipip-tunnel-any-any.netdev @@ -0,0 +1,8 @@ +[NetDev] +Name=ipiptun96 +Kind=ipip +MTUBytes=1480 + +[Tunnel] +Local=any +Remote=any diff --git a/test/test-network/conf/25-sit-tunnel-any-any.netdev b/test/test-network/conf/25-sit-tunnel-any-any.netdev new file mode 100644 index 0000000000..e961dcbd38 --- /dev/null +++ b/test/test-network/conf/25-sit-tunnel-any-any.netdev @@ -0,0 +1,7 @@ +[NetDev] +Name=sittun96 +Kind=sit + +[Tunnel] +Local=any +Remote=any diff --git a/test/test-network/conf/25-tunnel-any-any.network b/test/test-network/conf/25-tunnel-any-any.network new file mode 100644 index 0000000000..7a9e39e9d2 --- /dev/null +++ b/test/test-network/conf/25-tunnel-any-any.network @@ -0,0 +1,8 @@ +[Match] +Name=*tun96 + +[Network] +IPv6AcceptRA=no +Address=2001:db8:0:f102::19/64 +Address=10.3.2.6/16 +LinkLocalAddressing=yes diff --git a/test/test-network/conf/25-vti-tunnel-any-any.netdev b/test/test-network/conf/25-vti-tunnel-any-any.netdev new file mode 100644 index 0000000000..3cac374bef --- /dev/null +++ b/test/test-network/conf/25-vti-tunnel-any-any.netdev @@ -0,0 +1,7 @@ +[NetDev] +Name=vtitun96 +Kind=vti + +[Tunnel] +Local=any +Remote=any diff --git a/test/test-network/conf/gretun.network b/test/test-network/conf/gretun.network index 00bb03cab2..5510b1c9b6 100644 --- a/test/test-network/conf/gretun.network +++ b/test/test-network/conf/gretun.network @@ -5,3 +5,4 @@ Name=dummy98 Tunnel=gretun99 Tunnel=gretun98 Tunnel=gretun97 +Tunnel=gretun96 diff --git a/test/test-network/conf/ip6gretun.network b/test/test-network/conf/ip6gretun.network index 6d39bbd777..8fbee98851 100644 --- a/test/test-network/conf/ip6gretun.network +++ b/test/test-network/conf/ip6gretun.network @@ -5,3 +5,4 @@ Name=dummy98 Tunnel=ip6gretun99 Tunnel=ip6gretun98 Tunnel=ip6gretun97 +Tunnel=ip6gretun96 diff --git a/test/test-network/conf/ipip.network b/test/test-network/conf/ipip.network index ec6c958114..ea4b3a1353 100644 --- a/test/test-network/conf/ipip.network +++ b/test/test-network/conf/ipip.network @@ -5,3 +5,4 @@ Name=dummy98 Tunnel=ipiptun99 Tunnel=ipiptun98 Tunnel=ipiptun97 +Tunnel=ipiptun96 diff --git a/test/test-network/conf/sit.network b/test/test-network/conf/sit.network index 8d97823a5a..79909fcd6b 100644 --- a/test/test-network/conf/sit.network +++ b/test/test-network/conf/sit.network @@ -5,3 +5,4 @@ Name=dummy98 Tunnel=sittun99 Tunnel=sittun98 Tunnel=sittun97 +Tunnel=sittun96 diff --git a/test/test-network/conf/vti.network b/test/test-network/conf/vti.network index 1e0b8405c5..761362e482 100644 --- a/test/test-network/conf/vti.network +++ b/test/test-network/conf/vti.network @@ -5,3 +5,4 @@ Name=dummy98 Tunnel=vtitun99 Tunnel=vtitun98 Tunnel=vtitun97 +Tunnel=vtitun96 diff --git a/test/test-network/systemd-networkd-tests.py b/test/test-network/systemd-networkd-tests.py index 2139c5f9d3..d9cf7bedd5 100755 --- a/test/test-network/systemd-networkd-tests.py +++ b/test/test-network/systemd-networkd-tests.py @@ -483,6 +483,7 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities): 'gretun99', 'ip6gretap98', 'ip6gretap99', + 'ip6gretun96', 'ip6gretun97', 'ip6gretun98', 'ip6gretun99', @@ -513,6 +514,7 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities): 'vti6tun97', 'vti6tun98', 'vti6tun99', + 'vtitun96', 'vtitun97', 'vtitun98', 'vtitun99', @@ -552,17 +554,21 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities): '25-geneve.netdev', '25-gretap-tunnel-local-any.netdev', '25-gretap-tunnel.netdev', + '25-gre-tunnel-any-any.netdev', '25-gre-tunnel-local-any.netdev', '25-gre-tunnel-remote-any.netdev', '25-gre-tunnel.netdev', '25-ip6gretap-tunnel-local-any.netdev', '25-ip6gretap-tunnel.netdev', + '25-ip6gre-tunnel-any-any.netdev', '25-ip6gre-tunnel-local-any.netdev', '25-ip6gre-tunnel-remote-any.netdev', '25-ip6gre-tunnel.netdev', - '25-ip6tnl-tunnel-remote-any.netdev', + '25-ip6tnl-tunnel-any-any.netdev', '25-ip6tnl-tunnel-local-any.netdev', + '25-ip6tnl-tunnel-remote-any.netdev', '25-ip6tnl-tunnel.netdev', + '25-ipip-tunnel-any-any.netdev', '25-ipip-tunnel-independent.netdev', '25-ipip-tunnel-independent-loopback.netdev', '25-ipip-tunnel-local-any.netdev', @@ -575,6 +581,7 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities): '25-macsec.netdev', '25-macsec.network', '25-nlmon.netdev', + '25-sit-tunnel-any-any.netdev', '25-sit-tunnel-local-any.netdev', '25-sit-tunnel-remote-any.netdev', '25-sit-tunnel.netdev', @@ -586,9 +593,11 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities): '25-vcan.netdev', '25-veth.netdev', '25-vrf.netdev', + '25-vti6-tunnel-any-any.netdev', '25-vti6-tunnel-local-any.netdev', '25-vti6-tunnel-remote-any.netdev', '25-vti6-tunnel.netdev', + '25-vti-tunnel-any-any.netdev', '25-vti-tunnel-local-any.netdev', '25-vti-tunnel-remote-any.netdev', '25-vti-tunnel.netdev', @@ -916,9 +925,10 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities): copy_unit_to_networkd_unit_path('12-dummy.netdev', 'ipip.network', '25-ipip-tunnel.netdev', '25-tunnel.network', '25-ipip-tunnel-local-any.netdev', '25-tunnel-local-any.network', - '25-ipip-tunnel-remote-any.netdev', '25-tunnel-remote-any.network') + '25-ipip-tunnel-remote-any.netdev', '25-tunnel-remote-any.network', + '25-ipip-tunnel-any-any.netdev', '25-tunnel-any-any.network') start_networkd() - wait_online(['ipiptun99:routable', 'ipiptun98:routable', 'ipiptun97:routable', 'dummy98:degraded']) + wait_online(['ipiptun99:routable', 'ipiptun98:routable', 'ipiptun97:routable', 'ipiptun96:routable', 'dummy98:degraded']) output = check_output('ip -d link show ipiptun99') print(output) @@ -929,14 +939,18 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities): output = check_output('ip -d link show ipiptun97') print(output) self.assertRegex(output, 'ipip (?:ipip |)remote any local 192.168.223.238 dev dummy98') + output = check_output('ip -d link show ipiptun96') + print(output) + self.assertRegex(output, 'ipip (?:ipip |)remote any local any dev dummy98') def test_gre_tunnel(self): copy_unit_to_networkd_unit_path('12-dummy.netdev', 'gretun.network', '25-gre-tunnel.netdev', '25-tunnel.network', '25-gre-tunnel-local-any.netdev', '25-tunnel-local-any.network', - '25-gre-tunnel-remote-any.netdev', '25-tunnel-remote-any.network') + '25-gre-tunnel-remote-any.netdev', '25-tunnel-remote-any.network', + '25-gre-tunnel-any-any.netdev', '25-tunnel-any-any.network') start_networkd() - wait_online(['gretun99:routable', 'gretun98:routable', 'gretun97:routable', 'dummy98:degraded']) + wait_online(['gretun99:routable', 'gretun98:routable', 'gretun97:routable', 'gretun96:routable', 'dummy98:degraded']) output = check_output('ip -d link show gretun99') print(output) @@ -959,12 +973,20 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities): self.assertRegex(output, 'okey 0.0.0.105') self.assertNotRegex(output, 'iseq') self.assertNotRegex(output, 'oseq') + output = check_output('ip -d link show gretun96') + print(output) + self.assertRegex(output, 'gre remote any local any dev dummy98') + self.assertRegex(output, 'ikey 0.0.0.106') + self.assertRegex(output, 'okey 0.0.0.106') + self.assertNotRegex(output, 'iseq') + self.assertNotRegex(output, 'oseq') def test_ip6gre_tunnel(self): copy_unit_to_networkd_unit_path('12-dummy.netdev', 'ip6gretun.network', '25-ip6gre-tunnel.netdev', '25-tunnel.network', '25-ip6gre-tunnel-local-any.netdev', '25-tunnel-local-any.network', - '25-ip6gre-tunnel-remote-any.netdev', '25-tunnel-remote-any.network') + '25-ip6gre-tunnel-remote-any.netdev', '25-tunnel-remote-any.network', + '25-ip6gre-tunnel-any-any.netdev', '25-tunnel-any-any.network') start_networkd(5) # Old kernels seem not to support IPv6LL address on ip6gre tunnel, So please do not use wait_online() here. @@ -973,6 +995,7 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities): self.check_link_exists('ip6gretun99') self.check_link_exists('ip6gretun98') self.check_link_exists('ip6gretun97') + self.check_link_exists('ip6gretun96') output = check_output('ip -d link show ip6gretun99') print(output) @@ -983,6 +1006,9 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities): output = check_output('ip -d link show ip6gretun97') print(output) self.assertRegex(output, 'ip6gre remote any local 2a00:ffde:4567:edde::4987 dev dummy98') + output = check_output('ip -d link show ip6gretun96') + print(output) + self.assertRegex(output, 'ip6gre remote any local any dev dummy98') def test_gretap_tunnel(self): copy_unit_to_networkd_unit_path('12-dummy.netdev', 'gretap.network', @@ -1024,9 +1050,10 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities): copy_unit_to_networkd_unit_path('12-dummy.netdev', 'vti.network', '25-vti-tunnel.netdev', '25-tunnel.network', '25-vti-tunnel-local-any.netdev', '25-tunnel-local-any.network', - '25-vti-tunnel-remote-any.netdev', '25-tunnel-remote-any.network') + '25-vti-tunnel-remote-any.netdev', '25-tunnel-remote-any.network', + '25-vti-tunnel-any-any.netdev', '25-tunnel-any-any.network') start_networkd() - wait_online(['vtitun99:routable', 'vtitun98:routable', 'vtitun97:routable', 'dummy98:degraded']) + wait_online(['vtitun99:routable', 'vtitun98:routable', 'vtitun97:routable', 'vtitun96:routable', 'dummy98:degraded']) output = check_output('ip -d link show vtitun99') print(output) @@ -1037,6 +1064,9 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities): output = check_output('ip -d link show vtitun97') print(output) self.assertRegex(output, 'vti remote any local 10.65.223.238 dev dummy98') + output = check_output('ip -d link show vtitun96') + print(output) + self.assertRegex(output, 'vti remote any local any dev dummy98') def test_vti6_tunnel(self): copy_unit_to_networkd_unit_path('12-dummy.netdev', 'vti6.network', @@ -1078,9 +1108,10 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities): copy_unit_to_networkd_unit_path('12-dummy.netdev', 'sit.network', '25-sit-tunnel.netdev', '25-tunnel.network', '25-sit-tunnel-local-any.netdev', '25-tunnel-local-any.network', - '25-sit-tunnel-remote-any.netdev', '25-tunnel-remote-any.network') + '25-sit-tunnel-remote-any.netdev', '25-tunnel-remote-any.network', + '25-sit-tunnel-any-any.netdev', '25-tunnel-any-any.network') start_networkd() - wait_online(['sittun99:routable', 'sittun98:routable', 'sittun97:routable', 'dummy98:degraded']) + wait_online(['sittun99:routable', 'sittun98:routable', 'sittun97:routable', 'sittun96:routable', 'dummy98:degraded']) output = check_output('ip -d link show sittun99') print(output) @@ -1091,6 +1122,9 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities): output = check_output('ip -d link show sittun97') print(output) self.assertRegex(output, "sit (?:ip6ip |)remote any local 10.65.223.238 dev dummy98") + output = check_output('ip -d link show sittun96') + print(output) + self.assertRegex(output, "sit (?:ip6ip |)remote any local any dev dummy98") def test_isatap_tunnel(self): copy_unit_to_networkd_unit_path('12-dummy.netdev', 'isatap.network',