tstest/natlab/vmtest: add more subnet router tests
Add two tests building on TestExitNode's framework: TestSubnetRouterPublicIP brings up a client, a subnet router, and a webserver, each on its own NAT'd network with distinct WAN IPs. The subnet router advertises the webserver's network as a route. The test toggles the client's --accept-routes preference and asserts that the webserver's echoed source IP switches between the client's own WAN (direct dial) and the subnet router's WAN (forwarded through the router and SNAT'd). TestSubnetRouterAndExitNode adds a fourth node, an exit node that advertises 0.0.0.0/0 + ::/0, and uses a table-driven layout with subtests to cover the four combinations of (exit on/off, subnet on/off). The case where both are on confirms longest-prefix match wins: the subnet router's /24 takes precedence over the exit node's /0. The exit node itself is configured with --accept-routes=off so that, in the exit-only case, it forwards directly to the simulated internet rather than re-routing the forwarded traffic via the subnet router (which would otherwise mask the exit node's WAN as the observed source). Adds an Env.SetAcceptRoutes helper for toggling the RouteAll pref via EditPrefs, used by both tests. Updates #13038 Change-Id: Ifc2726db1df2f039c477c222484f535bebc40445 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
This commit is contained in:
committed by
Brad Fitzpatrick
parent
c0e6ffed0d
commit
d0ae993334
@@ -426,6 +426,23 @@ func (e *Env) SetExitNode(client, exitNode *Node) {
|
||||
}
|
||||
}
|
||||
|
||||
// SetAcceptRoutes toggles the node's RouteAll preference (the
|
||||
// --accept-routes flag), controlling whether it installs subnet routes
|
||||
// advertised by peers.
|
||||
func (e *Env) SetAcceptRoutes(n *Node, on bool) {
|
||||
e.t.Helper()
|
||||
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
||||
defer cancel()
|
||||
|
||||
if _, err := n.agent.EditPrefs(ctx, &ipn.MaskedPrefs{
|
||||
Prefs: ipn.Prefs{RouteAll: on},
|
||||
RouteAllSet: true,
|
||||
}); err != nil {
|
||||
e.t.Fatalf("SetAcceptRoutes(%s, %v): %v", n.name, on, err)
|
||||
}
|
||||
e.t.Logf("[%s] accept-routes=%v", n.name, on)
|
||||
}
|
||||
|
||||
// ApproveRoutes tells the test control server to approve subnet routes
|
||||
// for the given node. The routes should be CIDR strings.
|
||||
func (e *Env) ApproveRoutes(n *Node, routes ...string) {
|
||||
|
||||
Reference in New Issue
Block a user