InTheForest/moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2026-01-11 18:51:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #50929 from robmry/mac_ip_vlan_gateway_config

Browse Source 
macvlan, ipvlan-l2: only configure a default route when a gateway address is supplied
This commit is contained in:
Rob Murray
2025-09-16 18:09:30 +01:00
committed by GitHub
parent 44357bb101 aa78f19066
commit 07453abab3
12 changed files with 145 additions and 113 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
integration/network/ipvlan/ipvlan_test.go
View File

@@ -92,7 +92,7 @@ func TestDockerNetworkIpvlan(t *testing.T) {
name: "L3MultiSubnet",
test: testIpvlanL3MultiSubnet,
}, {
name: "L2Addressing",
name: "L2Gateway",
test: testIpvlanL2Addressing,
}, {
name: "L3Addressing",
@@ -270,17 +270,10 @@ func testIpvlanL2MultiSubnet(t *testing.T, ctx context.Context, client dclient.A
)
c1, err := client.ContainerInspect(ctx, id1)
assert.NilError(t, err)
if parent == "" {
// Inspect the v4 gateway to ensure no default GW was assigned
assert.Check(t, is.Equal(c1.NetworkSettings.Networks[netName].Gateway, ""))
// Inspect the v6 gateway to ensure no default GW was assigned
assert.Check(t, is.Equal(c1.NetworkSettings.Networks[netName].IPv6Gateway, ""))
} else {
// Inspect the v4 gateway to ensure the proper default GW was assigned
assert.Check(t, is.Equal(c1.NetworkSettings.Networks[netName].Gateway, "172.28.200.1"))
// Inspect the v6 gateway to ensure the proper default GW was assigned
assert.Check(t, is.Equal(c1.NetworkSettings.Networks[netName].IPv6Gateway, "2001:db8:abc8::1"))
}
// Inspect the v4 gateway to ensure no default GW was assigned
assert.Check(t, is.Equal(c1.NetworkSettings.Networks[netName].Gateway, ""))
// Inspect the v6 gateway to ensure no default GW was assigned
assert.Check(t, is.Equal(c1.NetworkSettings.Networks[netName].IPv6Gateway, ""))
// verify ipv4 connectivity to the explicit --ip address second to first
_, err = container.Exec(ctx, client, id2, []string{"ping", "-c", "1", c1.NetworkSettings.Networks[netName].IPAddress})
@@ -405,14 +398,15 @@ func testIpvlanL2Addressing(t *testing.T, ctx context.Context, client dclient.AP
id := container.Run(ctx, t, client,
container.WithNetworkMode(netNameL2),
)
// Validate ipvlan l2 mode defaults gateway sets the default IPAM next-hop inferred from the subnet
// Check the supplied IPv4 gateway address is used in a default route.
result, err := container.Exec(ctx, client, id, []string{"ip", "route"})
assert.NilError(t, err)
assert.Check(t, is.Contains(result.Combined(), "default via 172.28.140.254 dev eth0"))
// Validate ipvlan l2 mode sets the v6 gateway to the user specified default gateway/next-hop
// No gateway address was supplied for IPv6, check that no default gateway was set up.
result, err = container.Exec(ctx, client, id, []string{"ip", "-6", "route"})
assert.NilError(t, err)
assert.Check(t, is.Contains(result.Combined(), "default via 2001:db8:abcb::1 dev eth0"))
assert.Check(t, !strings.Contains(result.Combined(), "default via"),
"result: %s", result.Combined())
}
// Validate ipvlan l3 mode sets the v4 gateway to dev eth0 and disregards any explicit or inferred next-hops

20
integration/network/macvlan/macvlan_test.go
View File

@@ -358,17 +358,10 @@ func testMacvlanMultiSubnet(t *testing.T, ctx context.Context, client client.API
)
c1, err := client.ContainerInspect(ctx, id1)
assert.NilError(t, err)
if parent == "" {
// Inspect the v4 gateway to ensure no default GW was assigned
assert.Check(t, is.Equal(c1.NetworkSettings.Networks["dualstackbridge"].Gateway, ""))
// Inspect the v6 gateway to ensure no default GW was assigned
assert.Check(t, is.Equal(c1.NetworkSettings.Networks["dualstackbridge"].IPv6Gateway, ""))
} else {
// Inspect the v4 gateway to ensure the proper default GW was assigned
assert.Check(t, is.Equal(c1.NetworkSettings.Networks["dualstackbridge"].Gateway, "172.28.100.1"))
// Inspect the v6 gateway to ensure the proper default GW was assigned
assert.Check(t, is.Equal(c1.NetworkSettings.Networks["dualstackbridge"].IPv6Gateway, "2001:db8:abc2::1"))
}
// Inspect the v4 gateway to ensure no default GW was assigned
assert.Check(t, is.Equal(c1.NetworkSettings.Networks["dualstackbridge"].Gateway, ""))
// Inspect the v6 gateway to ensure no default GW was assigned
assert.Check(t, is.Equal(c1.NetworkSettings.Networks["dualstackbridge"].IPv6Gateway, ""))
// verify ipv4 connectivity to the explicit --ip address second to first
_, err = container.Exec(ctx, client, id2, []string{"ping", "-c", "1", c1.NetworkSettings.Networks["dualstackbridge"].IPAddress})
@@ -430,10 +423,11 @@ func testMacvlanAddressing(t *testing.T, ctx context.Context, client client.APIC
container.WithNetworkMode("dualstackbridge"),
)
// Validate macvlan bridge mode defaults gateway sets the default IPAM next-hop inferred from the subnet
// No gateway address was supplied for IPv4, check that no default gateway was set up.
result, err := container.Exec(ctx, client, id1, []string{"ip", "route"})
assert.NilError(t, err)
assert.Check(t, is.Contains(result.Combined(), "default via 172.28.130.1 dev eth0"))
assert.Check(t, !strings.Contains(result.Combined(), "default via"),
"result: %s", result.Combined())
// Validate macvlan bridge mode sets the v6 gateway to the user specified default gateway/next-hop
result, err = container.Exec(ctx, client, id1, []string{"ip", "-6", "route"})
assert.NilError(t, err)