forked from google/ndprbrd
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.travis.yml
180 lines (165 loc) · 8.4 KB
/
.travis.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
# Copyright 2016 Google Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
language: cpp
sudo: required
dist: trusty
services:
- docker
compiler:
- gcc
- clang
install:
- sudo add-apt-repository -y ppa:george-edison55/cmake-3.x
- if [[ "$CC" == * ]]; then sudo add-apt-repository -y ppa:ubuntu-toolchain-r/test; fi
- sudo apt-get update
- sudo apt-get install -y cmake moreutils # moreutils for "ts" and "mispipe"
- if [[ "$CC" == clang* ]]; then sudo apt-get install -y libstdc++-4.9-dev; fi
- if [[ "$CC" == gcc* ]]; then sudo apt-get install -y g++-4.9; fi
- if [[ "$CC" == gcc* ]]; then export CC=gcc-4.9 CXX=g++-4.9; fi
# Smaller Alpine won't work here, because we reuse binary compiled on
# Travis-Ubuntu-Trusty.
# Other VMs will just reuse the same image.
- docker pull ubuntu:14.04
script:
- mkdir build
- cd build
- cmake ..
- make
- ./ndprbrd --help
- docker run -dti --name=router --device=/dev/net/tun --cap-add=NET_ADMIN -v $TRAVIS_BUILD_DIR:/dir:ro ubuntu:14.04 bash
- docker run -dti --name=isp --net=none ubuntu:14.04 bash # ISP without network :-)
- docker run -dti --name=host1 --net=none ubuntu:14.04 bash
- docker run -dti --name=host2 --net=none ubuntu:14.04 bash
- docker run -dti --name=bridges --cap-add=NET_ADMIN ubuntu:14.04 bash
- docker ps -a
- docker exec router apt-get update
- docker exec router apt-get install -y software-properties-common # add-apt-repository
- docker exec router add-apt-repository -y ppa:jonathonf/zerotier # ndppd
- docker exec router apt-get update
- docker exec router apt-get install -y radvd ndppd tcpdump
# Connect the hosts with networks
# Not using "docker network" to reduce confusion of which interface has which name, as multiple will be connected to router
# Bridging is done in another container, because kernel on Travis's "host" breaks IPv6
#
# ┏━━━━━━━┓
# ┃ isp ┃
# ┗━━wani━┛
# |
# ┏━━━━━━━━wanr━━━━━━━━┓
# ┃ router ┃
# ┗━lan1r━━━━━━━━lan2r━┛
# | |
# ┌┄┄┄|┄┄┄┄┄┄┄┄┄┄┄┄|┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┐
# ┊┌─lan1rb─┐ ┌─lan2rb─┐ ┊
# ┊│ lan1br │ │ lan2br │ L2 bridges ┊
# ┊└─lan1hb─┘ └─lan2hb─┘ ┊
# └┄┄┄|┄┄┄┄┄┄┄┄┄┄┄┄|┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┘
# | |
# ┏━lan1h━┓ ┏━lan2h━┓
# ┃ host1 ┃ ┃ host2 ┃
# ┗━━━━━━━┛ ┗━━━━━━━┛
#
- sudo ip link add lan1r type veth peer name lan1rb
- sudo ip link add lan2r type veth peer name lan2rb
- sudo ip link add lan1h type veth peer name lan1hb
- sudo ip link add lan2h type veth peer name lan2hb
- sudo ip link add wanr type veth peer name wani
- ifconfig -a
# Teach "ip" command the names of our network netspaces
- sudo mkdir -p /run/netns
- sudo ln -s /proc/$(docker inspect -f '{{.State.Pid}}' router)/ns/net /run/netns/router
- sudo ln -s /proc/$(docker inspect -f '{{.State.Pid}}' isp)/ns/net /run/netns/isp
- sudo ln -s /proc/$(docker inspect -f '{{.State.Pid}}' host1)/ns/net /run/netns/host1
- sudo ln -s /proc/$(docker inspect -f '{{.State.Pid}}' host2)/ns/net /run/netns/host2
- sudo ln -s /proc/$(docker inspect -f '{{.State.Pid}}' bridges)/ns/net /run/netns/bridges
- sudo ip link set lan1r netns router
- sudo ip link set lan1h netns host1
- sudo ip link set lan2r netns router
- sudo ip link set lan2h netns host2
- sudo ip link set wanr netns router
- sudo ip link set wani netns isp
- sudo ip link set lan1rb netns bridges
- sudo ip link set lan2rb netns bridges
- sudo ip link set lan1hb netns bridges
- sudo ip link set lan2hb netns bridges
- docker exec bridges ip link add lan1br type bridge
- docker exec bridges ip link add lan2br type bridge
- docker exec bridges ip link set dev lan1br up
- docker exec bridges ip link set dev lan2br up
- docker exec bridges ip link set dev lan1rb up
- docker exec bridges ip link set dev lan2rb up
- docker exec bridges ip link set dev lan1hb up
- docker exec bridges ip link set dev lan2hb up
- docker exec bridges ip link set dev lan1rb master lan1br
- docker exec bridges ip link set dev lan2rb master lan2br
- docker exec bridges ip link set dev lan1hb master lan1br
- docker exec bridges ip link set dev lan2hb master lan2br
- docker exec bridges bridge -d link
# fd61:67f4:e87e:b396::/64 is network which isp gave us, which we'll share using ndprbrd+ndppd
# fd7d:4bec:f525:dd8e::1 is some external host; for simplicity it will also belong to isp
- sudo ip netns exec isp ip addr add fd61:67f4:e87e:b396::1/64 dev wani
- sudo ip netns exec isp ip addr add fd7d:4bec:f525:dd8e::1 dev wani
- sudo ip netns exec router ip addr add fd61:67f4:e87e:b396::2/128 dev wanr
- sudo ip netns exec isp ip link set wani up
- sudo ip netns exec router ip link set wanr up
- sudo ip netns exec router ip link set lan1r up
- sudo ip netns exec router ip link set lan2r up
- sudo ip netns exec host1 ip link set lan1h up
- sudo ip netns exec host2 ip link set lan2h up
- ifconfig
- docker exec isp ifconfig
- docker exec router ifconfig
- docker exec host1 ifconfig
- docker exec host2 ifconfig
- docker exec bridges ifconfig
# Router has enabled forwarding, and can't accept RA from ISP, setup a static route as-if it got configured via RA
- sudo ip netns exec router sysctl net.ipv6.conf.all.forwarding=1
- docker exec isp ip addr show dev wani | perl -n -E 'm|inet6 (fe80:[^/]+)| and say $1'
- sudo ip netns exec router ip route add default via $(docker exec isp ip a show dev wani | perl -n -E 'm|inet6 (fe80:[^/]+)| and say $1') dev wanr
- docker exec router ip -6 route
- docker exec -d router sh -c 'tcpdump -vv -i wanr > /var/log/wanr.log'
- docker exec -d router sh -c 'tcpdump -vv -i lan1r > /var/log/lan1r.log'
- docker exec -d router sh -c 'tcpdump -vv -i lan2r > /var/log/lan2r.log'
# Setup daemons
- docker exec -d router sh -c '/dir/build/ndprbrd --interface=lan1r --interface=lan2r --prefix=fd61:67f4:e87e:b396::/64 --expire=90 > /var/log/ndprbrd.log 2>&1'
- docker exec router cp /dir/testdata/ndppd.conf /etc/
- docker exec router cp /dir/testdata/radvd.conf /etc/
- docker exec router ndppd -d
- docker exec router radvd
- sleep 5
- docker exec router ps aux
- docker exec router ifconfig
- docker exec router ip -6 route
- docker exec -d router sh -c 'tcpdump -vv -i ndprbrd0 > /var/log/ndprbrd0.log'
# Test!
- mispipe "docker exec host1 ping6 -c90 -O fd7d:4bec:f525:dd8e::1" ts
# Test another direction; note that the source is outside of subnet
- docker exec host2 ip addr show dev lan2h | perl -n -E 'm|inet6 (fd61:[^/]+)| and say $1'
- mispipe "docker exec isp ping6 -c60 -I fd7d:4bec:f525:dd8e::1 -O $(docker exec host2 ip addr show dev lan2h | perl -n -E 'm|inet6 (fd61:[^/]+)| and say $1')" ts
- docker exec router ip -6 route
# Swap hosts between LANs and continue pinging.
- docker exec bridges ip link set dev lan1hb master lan2br
- docker exec bridges ip link set dev lan2hb master lan1br
- docker exec bridges ifconfig
- docker exec bridges bridge -d link
- mispipe "docker exec host1 ping6 -c600 -O fd7d:4bec:f525:dd8e::1" ts
- docker exec router ip -6 route
- mispipe "docker exec isp ping6 -c60 -I fd7d:4bec:f525:dd8e::1 -O $(docker exec host2 ip addr show dev lan2h | perl -n -E 'm|inet6 (fd61:[^/]+)| and say $1')" ts
- docker exec router ip -6 route
- docker exec router pkill tcpdump
- docker exec router cat /var/log/wanr.log
- docker exec router cat /var/log/lan1r.log
- docker exec router cat /var/log/lan2r.log
- docker exec router cat /var/log/ndprbrd0.log
- docker exec router cat /var/log/ndprbrd.log