-
Notifications
You must be signed in to change notification settings - Fork 47
Open
Labels
Description
@aequitas first spotted and solved this bug in 6fcd182, 172.42.0. got replaced by 172.16.42., but 172.43.0. is still in use (and also outside of the 172.16.0.0/12 Private-Use as defined by RFC 1918 - Address Allocation for Private Internets - §3 Private Address Space / IANA IPv4 special registry ):
All IP addresses used in the isolated network are in private address ranges (`172.43.0.0/24`, `fd00:43:1::/64`) and all domain names use the `.test` domain. The internal `resolver` runs dnsmasq to provide routing of the internal domain and stub records for external services (eg: Cymru origin ASN query). The resolver configuration file is `docker/integration-tests/dnsmasq/entrypoint.sh`. Lines 23 to 36 in c2162fd
IPV4_SUBNET_PUBLIC=172.43.0.0/16 IPV4_IP_PUBLIC=172.43.0.100 IPV4_WEBSERVER_IP_PUBLIC=172.43.0.100 IPV4_UNBOUND_IP_PUBLIC=172.43.0.101 IPV6_UNBOUND_IP_PUBLIC=fd00:43:1::101 # use fixed IPv4 addresses for internal networking to prevent resolving cache issues when recreating containers IPV4_SUBNET_INTERNAL=192.168.43.0/24 IPV4_IP_MOCK_RESOLVER_PUBLIC=172.43.0.114 IPV6_IP_MOCK_RESOLVER_PUBLIC=fd00:43:1::114 IPV4_IP_TEST_TARGET_PUBLIC=172.43.0.51 IPV4_IP_TEST_TARGET_MAIL_PUBLIC=172.43.0.52 Internet.nl/docker/batch-test.env
Lines 24 to 37 in c2162fd
IPV4_SUBNET_PUBLIC=172.43.0.0/16 IPV4_IP_PUBLIC=172.43.0.100 IPV4_WEBSERVER_IP_PUBLIC=172.43.0.100 IPV4_UNBOUND_IP_PUBLIC=172.43.0.101 IPV6_UNBOUND_IP_PUBLIC=fd00:43:1::101 # use fixed IPv4 addresses for internal networking to prevent resolving cache issues when recreating containers IPV4_SUBNET_INTERNAL=192.168.43.0/24 IPV4_IP_MOCK_RESOLVER_PUBLIC=172.43.0.114 IPV6_IP_MOCK_RESOLVER_PUBLIC=fd00:43:1::114 IPV4_IP_TEST_TARGET_PUBLIC=172.43.0.51 IPV4_IP_TEST_TARGET_MAIL_PUBLIC=172.43.0.52 Internet.nl/docker/integration-tests/mock-resolver/test.zone
Lines 5 to 65 in c2162fd
internet A 172.43.0.100 ; IPV6_IP_PUBLIC AAAA fd00:43:1::100 ; all it's subdomains nl.internet CNAME internet en.internet CNAME internet www.internet CNAME internet ; IPv6 only address ; IPV6_IP_PUBLIC ipv6.internet AAAA fd00:43:1::100 ; and it's subdomains nl.ipv6.internet CNAME ipv6.internet en.ipv6.internet CNAME ipv6.internet www.ipv6.internet CNAME ipv6.internet ; connection test domain and subdomains conn.internet CNAME internet nl.conn.internet CNAME internet en.conn.internet CNAME internet www.conn.internet CNAME internet ; and the IPv6 only subdomains conn.ipv6.internet CNAME ipv6.internet conn.nl.ipv6.internet CNAME ipv6.internet conn.en.ipv6.internet CNAME ipv6.internet conn.www.ipv6.internet CNAME ipv6.internet ; nameserver setup for the connection test test-ns-signed.internet NS ns.test-ns-signed.internet ; IPV4_UNBOUND_IP_PUBLIC ns.test-ns-signed.internet A 172.43.0.101 ; IPV6_UNBOUND_IP_PUBLIC AAAA fd00:43:1::101 test-ns6-signed.internet NS ns.test-ns6-signed.internet ; IPV6_UNBOUND_IP_PUBLIC ns.test-ns6-signed.internet AAAA fd00:43:1::101 platforminternet CNAME internet ; configure DNS for targets that are tested by the internet.test instance ; normal 100% website test target ; IPV4_IP_TEST_TARGET_PUBLIC target A 172.43.0.51 ; IPV6_IP_TEST_TARGET_PUBLIC AAAA fd00:43:1::51 *.target CNAME target ; normal 100% email test target *.mail-target MX 10 mx.mail-target.test. ; IPV4_IP_TEST_TARGET_MAIL_PUBLIC mx.mail-target A 172.43.0.52 ; IPV6_IP_TEST_TARGET_MAIL_PUBLIC AAAA fd00:43:1::52 ; unhappy flows ; badly configured IPv6 DNS servers bad-ipv6-ns NS good-ns1.bad-ipv6-ns NS bad-ns2.bad-ipv6-ns NS bad-ns3.bad-ipv6-ns ; IPV4_IP_MOCK_RESOLVER_PUBLIC good-ns1.bad-ipv6-ns A 172.43.0.114 good-ns1 A 172.43.0.114 good-ns1 AAAA fd00:43:1::114 bad-ns1 AAAA fd00:90::1 bad-ns2 AAAA fd00:90::2 ; IPV4_IP_TEST_TARGET_PUBLIC * A 172.43.0.51
BTW 172.43.0. also occurs in /integration_tests/batch/results.py which should be replaced with the new addresses.