[slapformat] Make sure routing is OK withVM inside VM

if we have host2 inside host1 inside host0 then routing from host0 to host2 needs to specify 'via' address because the destination address (of host2) is not directly seen through slaptap of host0 (because it goes only to host1).

this commit introduces a new constraint: users must now put the IPv6 address `network::1` on their ethernet interface inside the VM.

/cc @jm @rafael @alain.takoudjou

/reviewed-on nexedi/slapos.core!102

slapos/format.py

@@ -632,7 +632,8 @@ class Computer(object):
               netmask_len = lenNetmaskIpv6(self.interface.getGlobalScopeAddressList()[0]['netmask']) + 16
               prefix = binFromIpv6(partition.tap.ipv6_addr)[:netmask_len]
               network_addr = ipv6FromBin(prefix)
-              partition.tap.ipv6_gateway = partition.tap.ipv6_addr
+              partition.tap.ipv6_gateway = "{}1".format(network_addr) # address network::1 will be inside the VM
+              partition.tap.ipv6_gateway = ipv6FromBin(binFromIpv6(partition.tap.ipv6_gateway)) # correctly format the IPv6
               partition.tap.ipv6_network = "{}/{}".format(network_addr, netmask_len)
             else:
               partition.tap.ipv6_addr = ''
@@ -910,10 +911,18 @@ class Tap(object):
 
     if self.ipv6_network:
       # Check if this route exits
+      code, result = callAndRead(['ip', '-6', 'route', 'show', self.ipv6_gateway],
+                                 raise_on_error=False)
+      if code != 0 or self.name not in result:
+        callAndRead(['ip', '-6', 'route', 'add', self.ipv6_gateway, 'dev', self.name])
+
       code, result = callAndRead(['ip', '-6', 'route', 'show', self.ipv6_network],
                                  raise_on_error=False)
-      if code != 0 or self.ipv6_network not in result or self.name not in result:
-        callAndRead(['ip', '-6', 'route', 'add', self.ipv6_network, 'dev', self.name])
+      if code != 0 or 'via {}'.format(self.ipv6_gateway) not in result or 'dev {}'.format(self.name) not in result:
+        if 'dev {}'.format(self.name) in result:
+          callAndRead(['ip', '-6', 'route', 'del', self.ipv6_network, 'dev', self.name]) # remove old route without the "via" option
+        callAndRead(['ip', '-6', 'route', 'add', self.ipv6_network, 'dev', self.name, 'via', self.ipv6_gateway])
+
 
 
 class Tun(Tap):

slapos/tests/test_slapformat.py

@@ -124,8 +124,13 @@ class FakeCallAndRead:
     elif argument_list[:3] == ['ip', '-6', 'route']:
       retval = 0, 'OK'
       ip = argument_list[4]
-      netmask = int(ip.split('/')[1])
-      argument_list[4] = 'ip/%s' % netmask
+      if '/' in ip:
+        netmask = int(ip.split('/')[1])
+        argument_list[4] = 'ip/%s' % netmask
+      else:
+        argument_list[4] = 'ip'
+      if len(argument_list) > 7:
+        argument_list[8] = 'gateway'
     elif argument_list[:3] == ['route', 'add', '-host']:
       retval = 0, 'OK'
     self.external_command_list.append(' '.join(argument_list))
@@ -489,8 +494,10 @@ class TestComputer(SlapformatMixin):
         'ip -6 addr list tap',
         'ip route show 10.0.0.2',
         'ip route add 10.0.0.2 dev tap',
+        'ip -6 route show ip',
+        'ip -6 route add ip dev tap',
         'ip -6 route show ip/80',
-        'ip -6 route add ip/80 dev tap',
+        'ip -6 route add ip/80 dev tap via gateway',
         'ip addr add ip/255.255.255.255 dev myinterface',
         # 'ip addr list myinterface',
         'ip addr add ip/ffff:ffff:ffff:ffff:: dev myinterface',
@@ -544,8 +551,10 @@ class TestComputer(SlapformatMixin):
         'ip -6 addr list tap',
         'ip route show 10.8.0.2',
         'ip route add 10.8.0.2 dev tap',
+        'ip -6 route show ip',
+        'ip -6 route add ip dev tap',
         'ip -6 route show ip/96',
-        'ip -6 route add ip/96 dev tap',
+        'ip -6 route add ip/96 dev tap via gateway',
         'ip addr add ip/255.255.255.255 dev iface',
         'ip addr add ip/ffff:ffff:ffff:ffff:ffff:: dev iface',
         'ip -6 addr list iface'