summaryrefslogtreecommitdiff
path: root/python/vyos
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2020-03-25 19:32:34 +0100
committerChristian Poessinger <christian@poessinger.com>2020-03-28 11:28:55 +0100
commit7f9ce3017ff4bc99c66e4d5ddfd6a9904ca8542c (patch)
treeec72438e73d56a585d93535c338300f6caba76a5 /python/vyos
parentd1df92fa0668e351256175cbaa70b19707c0f53c (diff)
downloadvyos-1x-7f9ce3017ff4bc99c66e4d5ddfd6a9904ca8542c.tar.gz
vyos-1x-7f9ce3017ff4bc99c66e4d5ddfd6a9904ca8542c.zip
ipv6: T1831: migrate forwarding and dup-addr-detect-transmits nodes
... to new XML and Python based frontend/backend.
Diffstat (limited to 'python/vyos')
-rw-r--r--python/vyos/configdict.py10
-rw-r--r--python/vyos/ifconfig/interface.py42
-rw-r--r--python/vyos/ifconfig_vlan.py4
3 files changed, 56 insertions, 0 deletions
diff --git a/python/vyos/configdict.py b/python/vyos/configdict.py
index a1499479a..705fecd9b 100644
--- a/python/vyos/configdict.py
+++ b/python/vyos/configdict.py
@@ -123,6 +123,8 @@ def vlan_to_dict(conf):
'ip_enable_arp_accept': 0,
'ip_enable_arp_announce': 0,
'ip_enable_arp_ignore': 0,
+ 'ipv6_forwarding': True,
+ 'ipv6_dup_addr_detect': '1',
'ingress_qos': '',
'ingress_qos_changed': False,
'mac': '',
@@ -187,6 +189,14 @@ def vlan_to_dict(conf):
if conf.exists('ip enable-arp-ignore'):
vlan['ip_enable_arp_ignore'] = 1
+ # Disable IPv6 forwarding on this interface
+ if conf.exists('ipv6 disable-forwarding'):
+ vlan['ipv6_forwarding'] = False
+
+ # IPv6 Duplicate Address Detection (DAD) tries
+ if conf.exists('ipv6 dup-addr-detect-transmits'):
+ vlan['ipv6_dup_addr_detect'] = conf.return_value('dup-addr-detect-transmits')
+
# Media Access Control (MAC) address
if conf.exists('mac'):
vlan['mac'] = conf.return_value('mac')
diff --git a/python/vyos/ifconfig/interface.py b/python/vyos/ifconfig/interface.py
index 0fddc67f3..ae0b652b0 100644
--- a/python/vyos/ifconfig/interface.py
+++ b/python/vyos/ifconfig/interface.py
@@ -115,6 +115,14 @@ class Interface(DHCP):
'validate': assert_boolean,
'location': '/proc/sys/net/ipv4/conf/{ifname}/arp_ignore',
},
+ 'ipv6_forwarding': {
+ 'validate': assert_boolean,
+ 'location': '/proc/sys/net/ipv6/conf/{ifname}/forwarding',
+ },
+ 'ipv6_dad_transmits': {
+ 'validate': assert_boolean,
+ 'location': '/proc/sys/net/ipv6/conf/{ifname}/dad_transmits',
+ },
'proxy_arp': {
'validate': assert_boolean,
'location': '/proc/sys/net/ipv4/conf/{ifname}/proxy_arp',
@@ -374,6 +382,40 @@ class Interface(DHCP):
"""
return self.set_interface('arp_ignore', arp_ignore)
+ def set_ipv6_forwarding(self, forwarding):
+ """
+ Configure IPv6 interface-specific Host/Router behaviour.
+
+ False:
+
+ By default, Host behaviour is assumed. This means:
+
+ 1. IsRouter flag is not set in Neighbour Advertisements.
+ 2. If accept_ra is TRUE (default), transmit Router
+ Solicitations.
+ 3. If accept_ra is TRUE (default), accept Router
+ Advertisements (and do autoconfiguration).
+ 4. If accept_redirects is TRUE (default), accept Redirects.
+
+ True:
+
+ If local forwarding is enabled, Router behaviour is assumed.
+ This means exactly the reverse from the above:
+
+ 1. IsRouter flag is set in Neighbour Advertisements.
+ 2. Router Solicitations are not sent unless accept_ra is 2.
+ 3. Router Advertisements are ignored unless accept_ra is 2.
+ 4. Redirects are ignored.
+ """
+ return self.set_interface('ipv6_forwarding', forwarding)
+
+ def set_dad_messages(self, dad):
+ """
+ The amount of Duplicate Address Detection probes to send.
+ Default: 1
+ """
+ return self.set_interface('ipv6_dad_transmits', dad)
+
def set_link_detect(self, link_filter):
"""
Configure kernel response in packets received on interfaces that are 'down'
diff --git a/python/vyos/ifconfig_vlan.py b/python/vyos/ifconfig_vlan.py
index 015f4d4af..11143f0bf 100644
--- a/python/vyos/ifconfig_vlan.py
+++ b/python/vyos/ifconfig_vlan.py
@@ -64,6 +64,10 @@ def apply_vlan_config(vlan, config):
vlan.set_arp_announce(config['ip_enable_arp_announce'])
# configure ARP ignore
vlan.set_arp_ignore(config['ip_enable_arp_ignore'])
+ # Disable IPv6 forwarding on this interface
+ vlan.ipv6_forwarding(bond['ipv6_forwarding'])
+ # IPv6 Duplicate Address Detection (DAD) tries
+ vlan.ipv6_dad_messages(bond['ipv6_dup_addr_detect'])
# Maximum Transmission Unit (MTU)
vlan.set_mtu(config['mtu'])