summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas <vyos-git@justsecure.de>2021-12-29 18:02:06 +0100
committerChristian Poessinger <christian@poessinger.com>2022-02-21 18:31:10 +0100
commit1d4b567b219678cafebfa0117be6779de30f9017 (patch)
tree93842e9bf975c20c5592f2fa21e0b0cc5feb1e3d
parent2b646cd462577e713b6caf6b5a67d6f6bebdcb1c (diff)
downloadvyos-1x-1d4b567b219678cafebfa0117be6779de30f9017.tar.gz
vyos-1x-1d4b567b219678cafebfa0117be6779de30f9017.zip
vxlan: T4120: add ability to set multiple remotes (PR #1127)
VXLAN does support using multiple remotes but VyOS does not. Add the ability to set multiple remotes and add their flood lists using "bridge" command. (cherry picked from commit 0ecddff7cffa8900d351d5c15e32420f9d780c0b)
-rw-r--r--interface-definitions/include/interface/tunnel-remotes.xml.i19
-rw-r--r--interface-definitions/include/tunnel-remote.xml.i2
-rw-r--r--interface-definitions/interfaces-vxlan.xml.in2
-rw-r--r--python/vyos/ifconfig/vxlan.py7
-rwxr-xr-xsmoketest/scripts/cli/test_interfaces_vxlan.py2
-rwxr-xr-xsrc/conf_mode/interfaces-vxlan.py34
6 files changed, 64 insertions, 2 deletions
diff --git a/interface-definitions/include/interface/tunnel-remotes.xml.i b/interface-definitions/include/interface/tunnel-remotes.xml.i
new file mode 100644
index 000000000..ae8481898
--- /dev/null
+++ b/interface-definitions/include/interface/tunnel-remotes.xml.i
@@ -0,0 +1,19 @@
+<!-- include start from interface/tunnel-remotes.xml.i -->
+<leafNode name="remote">
+ <properties>
+ <help>Tunnel remote address</help>
+ <valueHelp>
+ <format>ipv4</format>
+ <description>Tunnel remote IPv4 address</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ipv6</format>
+ <description>Tunnel remote IPv6 address</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ip-address"/>
+ </constraint>
+ <multi/>
+ </properties>
+</leafNode>
+<!-- include end -->
diff --git a/interface-definitions/include/tunnel-remote.xml.i b/interface-definitions/include/tunnel-remote.xml.i
index 324d100d4..2a8891b85 100644
--- a/interface-definitions/include/tunnel-remote.xml.i
+++ b/interface-definitions/include/tunnel-remote.xml.i
@@ -1,4 +1,4 @@
-<!-- include start from tunnel-remote.xml.i -->
+<!-- include start from interface/tunnel-remote.xml.i -->
<leafNode name="remote">
<properties>
<help>Tunnel remote address</help>
diff --git a/interface-definitions/interfaces-vxlan.xml.in b/interface-definitions/interfaces-vxlan.xml.in
index 6dcc3f5a0..a676a274e 100644
--- a/interface-definitions/interfaces-vxlan.xml.in
+++ b/interface-definitions/interfaces-vxlan.xml.in
@@ -59,7 +59,7 @@
</leafNode>
#include <include/source-address-ipv4-ipv6.xml.i>
#include <include/source-interface.xml.i>
- #include <include/tunnel-remote.xml.i>
+ #include <include/interface/tunnel-remotes.xml.i>
<leafNode name="vni">
<properties>
<help>Virtual Network Identifier</help>
diff --git a/python/vyos/ifconfig/vxlan.py b/python/vyos/ifconfig/vxlan.py
index d73fb47b8..93d5b20c8 100644
--- a/python/vyos/ifconfig/vxlan.py
+++ b/python/vyos/ifconfig/vxlan.py
@@ -79,3 +79,10 @@ class VXLANIf(Interface):
self._cmd(cmd.format(**self.config))
# interface is always A/D down. It needs to be enabled explicitly
self.set_admin_state('down')
+
+ other_remotes = self.config.get('other_remotes')
+ if other_remotes:
+ for rem in other_remotes:
+ self.config['rem'] = rem
+ cmd2 = 'bridge fdb append to 00:00:00:00:00:00 dst {rem} port {port} dev {ifname}'
+ self._cmd(cmd2.format(**self.config))
diff --git a/smoketest/scripts/cli/test_interfaces_vxlan.py b/smoketest/scripts/cli/test_interfaces_vxlan.py
index 184b411d7..673041bd1 100755
--- a/smoketest/scripts/cli/test_interfaces_vxlan.py
+++ b/smoketest/scripts/cli/test_interfaces_vxlan.py
@@ -32,6 +32,8 @@ class VXLANInterfaceTest(BasicInterfaceTest.TestCase):
'vxlan10': ['vni 10', 'remote 127.0.0.2'],
'vxlan20': ['vni 20', 'group 239.1.1.1', 'source-interface eth0'],
'vxlan30': ['vni 30', 'remote 2001:db8:2000::1', 'source-address 2001:db8:1000::1'],
+ 'vxlan40': ['vni 40', 'remote 127.0.0.2', 'remote 127.0.0.3'],
+ 'vxlan50': ['vni 50', 'remote 2001:db8:2000::1', 'remote 2001:db8:2000::2', 'parameters ipv6 flowlabel 0x1000'],
}
cls._interfaces = list(cls._options)
# call base-classes classmethod
diff --git a/src/conf_mode/interfaces-vxlan.py b/src/conf_mode/interfaces-vxlan.py
index c035557f0..ee8f26d21 100755
--- a/src/conf_mode/interfaces-vxlan.py
+++ b/src/conf_mode/interfaces-vxlan.py
@@ -44,6 +44,13 @@ def get_config(config=None):
base = ['interfaces', 'vxlan']
vxlan = get_interface_dict(conf, base)
+ # leave first remote in dict and put the other ones (if they exists) to "other_remotes"
+ remotes = vxlan.get('remote')
+ if remotes:
+ vxlan['remote'] = remotes[0]
+ if len(remotes) > 1:
+ del remotes[0]
+ vxlan['other_remotes'] = remotes
return vxlan
def verify(vxlan):
@@ -81,6 +88,33 @@ def verify(vxlan):
raise ConfigError(f'Underlaying device MTU is to small ({lower_mtu} '\
f'bytes) for VXLAN overhead ({vxlan_overhead} bytes!)')
+ # Check for mixed IPv4 and IPv6 addresses
+ protocol = None
+ if 'source_address' in vxlan:
+ if is_ipv6(vxlan['source_address']):
+ protocol = 'ipv6'
+ else:
+ protocol = 'ipv4'
+ if 'remote' in vxlan:
+ if is_ipv6(vxlan['remote']):
+ if protocol == 'ipv4':
+ raise ConfigError('IPv4 and IPV6 cannot be mixed')
+ protocol = 'ipv6'
+ else:
+ if protocol == 'ipv6':
+ raise ConfigError('IPv4 and IPV6 cannot be mixed')
+ protocol = 'ipv4'
+ if 'other_remotes' in vxlan:
+ for rem in vxlan['other_remotes']:
+ if is_ipv6(rem):
+ if protocol == 'ipv4':
+ raise ConfigError('IPv4 and IPV6 cannot be mixed')
+ protocol = 'ipv6'
+ else:
+ if protocol == 'ipv6':
+ raise ConfigError('IPv4 and IPV6 cannot be mixed')
+ protocol = 'ipv4'
+
verify_mtu_ipv6(vxlan)
verify_address(vxlan)
return None