summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorZeling Feng <zeling@google.com>2021-03-11 22:35:26 -0800
committergVisor bot <gvisor-bot@google.com>2021-03-11 22:37:10 -0800
commitab488702a68b139ee3fffb04931cfd749571ff9a (patch)
tree33154a9b86e942532bb5808bbb990868d5b486cf
parent002df130655ff5e10196d0a057659a4d7c4f6364 (diff)
Support ICMP echo sockets on Linux DUT
By default net.ipv4.ping_group_range is set to "1 0" and no one (even the root) can create an ICMP socket. Setting it to "0 0" allows root, which we are inside the container, to create ICMP sockets for packetimpact tests. PiperOrigin-RevId: 362454201
-rw-r--r--test/packetimpact/runner/dut.go10
1 files changed, 9 insertions, 1 deletions
diff --git a/test/packetimpact/runner/dut.go b/test/packetimpact/runner/dut.go
index 2e8ffe883..1064ca976 100644
--- a/test/packetimpact/runner/dut.go
+++ b/test/packetimpact/runner/dut.go
@@ -249,6 +249,7 @@ func TestWithDUT(ctx context.Context, t *testing.T, mkDevice func(*dockerutil.Co
testbenchContainer,
testbenchAddr,
dockerNetworks,
+ nil, /* sysctls */
"tail", "-f", "/dev/null",
); err != nil {
t.Fatalf("cannot start testbench container: %s", err)
@@ -428,6 +429,10 @@ func (dut *DockerDUT) Prepare(ctx context.Context, _ *testing.T, runOpts dockeru
dut.c,
DUTAddr,
[]*dockerutil.Network{ctrlNet, testNet},
+ map[string]string{
+ // This enables creating ICMP sockets on Linux.
+ "net.ipv4.ping_group_range": "0 0",
+ },
containerPosixServerBinary,
"--ip=0.0.0.0",
fmt.Sprintf("--port=%d", CtrlPort),
@@ -590,11 +595,14 @@ func createDockerNetwork(ctx context.Context, n *dockerutil.Network) error {
// StartContainer will create a container instance from runOpts, connect it
// with the specified docker networks and start executing the specified cmd.
-func StartContainer(ctx context.Context, runOpts dockerutil.RunOpts, c *dockerutil.Container, containerAddr net.IP, ns []*dockerutil.Network, cmd ...string) error {
+func StartContainer(ctx context.Context, runOpts dockerutil.RunOpts, c *dockerutil.Container, containerAddr net.IP, ns []*dockerutil.Network, sysctls map[string]string, cmd ...string) error {
conf, hostconf, netconf := c.ConfigsFrom(runOpts, cmd...)
_ = netconf
hostconf.AutoRemove = true
hostconf.Sysctls = map[string]string{"net.ipv6.conf.all.disable_ipv6": "0"}
+ for k, v := range sysctls {
+ hostconf.Sysctls[k] = v
+ }
if err := c.CreateFrom(ctx, runOpts.Image, conf, hostconf, nil); err != nil {
return fmt.Errorf("unable to create container %s: %w", c.Name, err)