tstest/natlab/vnet: add more tests

This adds tests for DNS requests, and ignoring IPv6 packets on v4-only networks. No behavior changes. But some things are pulled out into functions. And the mkPacket helpers previously just for tests are moved into non-test code to be used elsewhere to reduce duplication, doing the checksum stuff automatically. Updates #13038 Change-Id: I4dd0b73c75b2b9567b4be3f05a2792999d83f6a3 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2025-08-13 22:47:30 +00:00 · 2024-08-28 12:55:46 -07:00
parent d21ebc28af
commit 82c2c5c597
3 changed files with 155 additions and 31 deletions
--- a/tstest/natlab/vnet/vnet.go
+++ b/tstest/natlab/vnet/vnet.go
@@ -1218,18 +1218,11 @@ func (n *network) serializedUDPPacket(src, dst netip.AddrPort, payload []byte, e
 		SrcPort: layers.UDPPort(src.Port()),
 		DstPort: layers.UDPPort(dst.Port()),
 	}
-	udp.SetNetworkLayerForChecksum(ip)
-
-	buffer := gopacket.NewSerializeBuffer()
-	options := gopacket.SerializeOptions{FixLengths: true, ComputeChecksums: true}
-	layers := []gopacket.SerializableLayer{eth, ip, udp, gopacket.Payload(payload)}
 	if eth == nil {
-		layers = layers[1:]
+		return mkPacketErr(ip, udp, gopacket.Payload(payload))
+	} else {
+		return mkPacketErr(eth, ip, udp, gopacket.Payload(payload))
 	}
-	if err := gopacket.SerializeLayers(buffer, options, layers...); err != nil {
-		return nil, fmt.Errorf("serializing UDP from %v to %v: %v", src, dst, err)
-	}
-	return buffer.Bytes(), nil
 }

 // HandleEthernetPacketForRouter handles a packet that is
@@ -1434,14 +1427,12 @@ func (n *network) handleIPv6RouterSolicitation(ep EthernetPacket, rs *layers.ICM
 			},
 		},
 	}
-	icmp.SetNetworkLayerForChecksum(ip)
-	buffer := gopacket.NewSerializeBuffer()
-	options := gopacket.SerializeOptions{FixLengths: true, ComputeChecksums: true}
-	if err := gopacket.SerializeLayers(buffer, options, eth, ip, icmp, ra); err != nil {
+	pkt, err := mkPacketErr(eth, ip, icmp, ra)
+	if err != nil {
 		n.logf("serializing ICMPv6 RA: %v", err)
 		return
 	}
-	n.writeEth(buffer.Bytes())
+	n.writeEth(pkt)
 }

 func (n *network) handleIPv6NeighborSolicitation(ep EthernetPacket, ns *layers.ICMPv6NeighborSolicitation) {
@@ -2203,3 +2194,35 @@ func (c *NodeAgentClient) EnableHostFirewall(ctx context.Context) error {
 	}
 	return nil
 }
+
+func mkPacket(layers ...gopacket.SerializableLayer) []byte {
+	return must.Get(mkPacketErr(layers...))
+}
+
+func mkPacketErr(ll ...gopacket.SerializableLayer) ([]byte, error) {
+	var nl gopacket.NetworkLayer
+	for _, la := range ll {
+		switch la := la.(type) {
+		case *layers.IPv4:
+			nl = la
+		case *layers.IPv6:
+			nl = la
+		}
+	}
+	for _, la := range ll {
+		switch la := la.(type) {
+		case *layers.TCP:
+			la.SetNetworkLayerForChecksum(nl)
+		case *layers.UDP:
+			la.SetNetworkLayerForChecksum(nl)
+		case *layers.ICMPv6:
+			la.SetNetworkLayerForChecksum(nl)
+		}
+	}
+	buf := gopacket.NewSerializeBuffer()
+	opts := gopacket.SerializeOptions{FixLengths: true, ComputeChecksums: true}
+	if err := gopacket.SerializeLayers(buf, opts, ll...); err != nil {
+		return nil, fmt.Errorf("serializing packet: %v", err)
+	}
+	return buf.Bytes(), nil
+}