summaryrefslogtreecommitdiff
path: root/python/vyos/ifconfig/bridge.py
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-03-19 17:09:59 +0100
committerChristian Poessinger <christian@poessinger.com>2021-03-19 17:09:59 +0100
commit5717ece9dc79b43a2a319eaf592e4215c8d722c8 (patch)
treec96cc6d11e06093f806761c26cda44b82b738a9c /python/vyos/ifconfig/bridge.py
parentfbc10c8ccdcba6b8625cc8286d59bd854e8b30f2 (diff)
downloadvyos-1x-5717ece9dc79b43a2a319eaf592e4215c8d722c8.tar.gz
vyos-1x-5717ece9dc79b43a2a319eaf592e4215c8d722c8.zip
bridge: T3415: add port isolation / private-vlan option
Private VLAN, also known as port isolation, is a technique in computer networking where a VLAN contains switch ports that are restricted such that they can only communicate with a given "uplink". The restricted ports are called "private ports". Each private VLAN typically contains many private ports, and a single uplink. The uplink will typically be a port (or link aggregation group) connected to a router, firewall, server, provider network, or similar central resource. Q: https://en.wikipedia.org/wiki/Private_VLAN
Diffstat (limited to 'python/vyos/ifconfig/bridge.py')
-rw-r--r--python/vyos/ifconfig/bridge.py6
1 files changed, 6 insertions, 0 deletions
diff --git a/python/vyos/ifconfig/bridge.py b/python/vyos/ifconfig/bridge.py
index 600bd3db8..14f64a8de 100644
--- a/python/vyos/ifconfig/bridge.py
+++ b/python/vyos/ifconfig/bridge.py
@@ -312,9 +312,15 @@ class BridgeIf(Interface):
# not have any addresses configured by CLI so just flush any
# remaining ones
lower.flush_addrs()
+
# enslave interface port to bridge
self.add_port(interface)
+ # always set private-vlan/port isolation
+ tmp = dict_search('isolated', interface_config)
+ value = 'on' if (tmp != None) else 'off'
+ lower.set_port_isolation(value)
+
# set bridge port path cost
if 'cost' in interface_config:
value = interface_config.get('cost')