interfaces: T6592: moving an interface between VRF instances failed

To reproduce:

    set vrf name mgmt table '150'
    set vrf name no-mgmt table '151'
    set interfaces ethernet eth2 vrf 'mgmt'
    commit

    set interfaces ethernet eth2 vrf no-mgmt
    commit

This resulted in an error while interacting with nftables:
[Errno 1] failed to run command: nft add element inet vrf_zones ct_iface_map { "eth2" : 151 }

The reason is that the old mapping entry still exists and was not removed.

This commit adds a new utility function get_vrf_tableid() and compares the
current and new VRF table IDs assigned to an interface. If the IDs do not
match, the nftables ct_iface_map entry is removed before the new entry is added.

(cherry picked from commit 452068ce78581bb6fba2df4dba197e95b9aeb33d)

# Conflicts:
#	python/vyos/ifconfig/interface.py
#	python/vyos/utils/network.py

1 files changed, 13 insertions, 0 deletions

diff --git a/python/vyos/utils/network.py b/python/vyos/utils/network.py
index a3bd5c58f..8befe370f 100644
--- a/python/vyos/utils/network.py
+++ b/python/vyos/utils/network.py
@@ -70,6 +70,19 @@ def get_interface_vrf(interface):
         return tmp['master']
     return 'default'
 
+def get_vrf_tableid(interface: str):
+    """ Return VRF table ID for given interface name or None """
+    from vyos.utils.dict import dict_search
+    table = None
+    tmp = get_interface_config(interface)
+    # Check if we are "the" VRF interface
+    if dict_search('linkinfo.info_kind', tmp) == 'vrf':
+        table = tmp['linkinfo']['info_data']['table']
+    # or an interface bound to a VRF
+    elif dict_search('linkinfo.info_slave_kind', tmp) == 'vrf':
+        table = tmp['linkinfo']['info_slave_data']['table']
+    return table
+
 def get_interface_config(interface):
     """ Returns the used encapsulation protocol for given interface.
         If interface does not exist, None is returned.