And adopt the tests to add an interface and remove it again. It should work when deactivating rstp, it will not work when activating rstp for the first bridge as then the userspace daemon is not yet available. But once one bridge is active with stp, it should work with the reload for any further bridge. Fixes #21745. Also see #22547.
115 lines
3.6 KiB
115 lines
3.6 KiB
# Test for NixOS' container support.
client_base = rec {
networking.firewall.enable = false;
containers.webserver = {
autoStart = true;
privateNetwork = true;
hostBridge = "br0";
config = {
networking.firewall.enable = false;
networking.firewall.allowPing = true;
networking.interfaces.eth0.ip4 = [
{ address = ""; prefixLength = 24; }
in import ./make-test.nix ({ pkgs, lib, ...} :
name = "containers-restart_networking";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ kampfschlaefer ];
nodes = {
client = { lib, pkgs, ... }: client_base // {
virtualisation.vlans = [ 1 ];
networking.bridges.br0 = {
interfaces = [];
rstp = false;
networking.interfaces = {
eth1.ip4 = lib.mkOverride 0 [ ];
br0.ip4 = [{ address = ""; prefixLength = 24; }];
client_eth1 = { lib, pkgs, ... }: client_base // {
networking.bridges.br0 = {
interfaces = [ "eth1" ];
rstp = false;
networking.interfaces = {
eth1.ip4 = lib.mkOverride 0 [ ];
br0.ip4 = [{ address = ""; prefixLength = 24; }];
client_eth1_rstp = { lib, pkgs, ... }: client_base // {
networking.bridges.br0 = {
interfaces = [ "eth1" ];
rstp = true;
networking.interfaces = {
eth1.ip4 = lib.mkOverride 0 [ ];
br0.ip4 = [{ address = ""; prefixLength = 24; }];
testScript = {nodes, ...}: let
originalSystem = nodes.client.config.system.build.toplevel;
eth1_bridged = nodes.client_eth1.config.system.build.toplevel;
eth1_rstp = nodes.client_eth1_rstp.config.system.build.toplevel;
in ''
subtest "initial state", sub {
$client->succeed("ping -c 1 -n >&2");
$client->succeed("nixos-container run webserver -- ping -c 1 -n >&2");
$client->fail("ip l show eth1 |grep \"master br0\" >&2");
$client->fail("grep eth1 /run/br0.interfaces >&2");
subtest "interfaces without stp", sub {
$client->succeed("${eth1_bridged}/bin/switch-to-configuration test >&2");
$client->succeed("ping -c 1 -n >&2");
$client->succeed("nixos-container run webserver -- ping -c 1 -n >&2");
$client->succeed("ip l show eth1 |grep \"master br0\" >&2");
$client->succeed("grep eth1 /run/br0.interfaces >&2");
# activating rstp needs another service, therefor the bridge will restart and the container will loose its connectivity
#subtest "interfaces with rstp", sub {
# $client->succeed("${eth1_rstp}/bin/switch-to-configuration test >&2");
# $client->execute("ip -4 a >&2");
# $client->execute("ip l >&2");
# $client->succeed("ping -c 1 -n >&2");
# $client->succeed("nixos-container run webserver -- ping -c 1 -n >&2");
# $client->succeed("ip l show eth1 |grep \"master br0\" >&2");
# $client->succeed("grep eth1 /run/br0.interfaces >&2");
subtest "back to no interfaces and no stp", sub {
$client->succeed("${originalSystem}/bin/switch-to-configuration test >&2");
$client->succeed("ping -c 1 -n >&2");
$client->succeed("nixos-container run webserver -- ping -c 1 -n >&2");
$client->fail("ip l show eth1 |grep \"master br0\" >&2");
$client->fail("grep eth1 /run/br0.interfaces >&2");