diff options
| author | Christian Poessinger <christian@poessinger.com> | 2021-02-04 17:30:46 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-02-04 17:30:46 +0100 |
| commit | 8413278c90132d2a1eb5e4322d14f207ab485fa4 (patch) | |
| tree | 77171e2375ec0a3753195b8b9e08c823a5849022 /python/vyos/configverify.py | |
| parent | 7650ba287273eb0072b272bad171ddcfe13aa0fd (diff) | |
| parent | c7d0865455c9bbf078765b7a53811286cf3dfb8b (diff) | |
| download | vyos-1x-8413278c90132d2a1eb5e4322d14f207ab485fa4.tar.gz vyos-1x-8413278c90132d2a1eb5e4322d14f207ab485fa4.zip | |
Merge pull request #620 from jack9603301/T3030
tunnel: T3030: Add erspan protocol support
Diffstat (limited to 'python/vyos/configverify.py')
| -rw-r--r-- | python/vyos/configverify.py | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/python/vyos/configverify.py b/python/vyos/configverify.py index efcf403ce..5a4d14c68 100644 --- a/python/vyos/configverify.py +++ b/python/vyos/configverify.py @@ -89,6 +89,49 @@ def verify_vrf(config): 'Interface "{ifname}" cannot be both a member of VRF "{vrf}" ' 'and bridge "{is_bridge_member}"!'.format(**config)) +def verify_tunnel(config): + """ + This helper is used to verify the common part of the tunnel + """ + from vyos.template import is_ipv4 + from vyos.template import is_ipv6 + + if 'encapsulation' not in config: + raise ConfigError('Must configure the tunnel encapsulation for '\ + '{ifname}!'.format(**config)) + + if 'local_ip' not in config and 'dhcp_interface' not in config: + raise ConfigError('local-ip is mandatory for tunnel') + + if 'remote_ip' not in config and config['encapsulation'] != 'gre': + raise ConfigError('remote-ip is mandatory for tunnel') + + if {'local_ip', 'dhcp_interface'} <= set(config): + raise ConfigError('Can not use both local-ip and dhcp-interface') + + if config['encapsulation'] in ['ipip6', 'ip6ip6', 'ip6gre', 'ip6erspan']: + error_ipv6 = 'Encapsulation mode requires IPv6' + if 'local_ip' in config and not is_ipv6(config['local_ip']): + raise ConfigError(f'{error_ipv6} local-ip') + + if 'remote_ip' in config and not is_ipv6(config['remote_ip']): + raise ConfigError(f'{error_ipv6} remote-ip') + else: + error_ipv4 = 'Encapsulation mode requires IPv4' + if 'local_ip' in config and not is_ipv4(config['local_ip']): + raise ConfigError(f'{error_ipv4} local-ip') + + if 'remote_ip' in config and not is_ipv4(config['remote_ip']): + raise ConfigError(f'{error_ipv4} remote-ip') + + if config['encapsulation'] in ['sit', 'gre-bridge']: + if 'source_interface' in config: + raise ConfigError('Option source-interface can not be used with ' \ + 'encapsulation "sit" or "gre-bridge"') + elif config['encapsulation'] == 'gre': + if 'local_ip' in config and is_ipv6(config['local_ip']): + raise ConfigError('Can not use local IPv6 address is for mGRE tunnels') + def verify_eapol(config): """ Common helper function used by interface implementations to perform |