diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-09-18 15:18:21 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2021-09-18 15:18:21 +0200 |
commit | 6f3130ea5c8c3043e4a5377c972b96233f22a5fc (patch) | |
tree | ee380c8eb98dd8907ea36799a50d4eec27ea136f /python/vyos | |
parent | dda9f655f94968b07043887a03e3bba176eb94d5 (diff) | |
download | vyos-1x-6f3130ea5c8c3043e4a5377c972b96233f22a5fc.tar.gz vyos-1x-6f3130ea5c8c3043e4a5377c972b96233f22a5fc.zip |
ipsec: vti: T3831: avoid usinf xfrm if_id 0 - implement shift by one
The key defaults to 0 and will match any policies which similarly do not have
a lookup key configuration. This means that a vti0 named interface will pull in
all traffic and others will stop working. Thus we simply shift the key by one
to also support a vti0 interface.
Diffstat (limited to 'python/vyos')
-rw-r--r-- | python/vyos/ifconfig/vti.py | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/python/vyos/ifconfig/vti.py b/python/vyos/ifconfig/vti.py index 470ebbff3..c50cd5ce9 100644 --- a/python/vyos/ifconfig/vti.py +++ b/python/vyos/ifconfig/vti.py @@ -35,8 +35,11 @@ class VTIIf(Interface): mapping = { 'source_interface' : 'dev', } - if_id = self.ifname.lstrip('vti') + # The key defaults to 0 and will match any policies which similarly do + # not have a lookup key configuration - thus we shift the key by one + # to also support a vti0 interface + if_id = str(int(if_id) +1) cmd = f'ip link add {self.ifname} type xfrm if_id {if_id}' for vyos_key, iproute2_key in mapping.items(): # dict_search will return an empty dict "{}" for valueless nodes like |