summaryrefslogtreecommitdiff
path: root/src/conf_mode
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2022-07-04 20:23:27 +0200
committerChristian Poessinger <christian@poessinger.com>2022-07-04 20:36:35 +0200
commit2aab1a726a2083e943df1f6c4200e1ba30b50f33 (patch)
tree4074cfb6bcd8fe1ba99fc4bdf9982b16c9a68516 /src/conf_mode
parentf315714d0c680ad80a79dcdac21576407794dcd1 (diff)
downloadvyos-1x-2aab1a726a2083e943df1f6c4200e1ba30b50f33.tar.gz
vyos-1x-2aab1a726a2083e943df1f6c4200e1ba30b50f33.zip
ntp: T4456: support listening on specified interface
When clients only use DHCP for interface addressing we can not bind NTPd to an address - as it will fail if the address changes. This commit adds support to bind ntpd to a given interface in addition to a given address. set system ntp interface <name> (cherry picked from commit 6732df1edd632b56d3d02970939f51d05d4262e9)
Diffstat (limited to 'src/conf_mode')
-rwxr-xr-xsrc/conf_mode/ntp.py19
1 files changed, 17 insertions, 2 deletions
diff --git a/src/conf_mode/ntp.py b/src/conf_mode/ntp.py
index 52070aabc..d5f21d1b2 100755
--- a/src/conf_mode/ntp.py
+++ b/src/conf_mode/ntp.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2018-2021 VyOS maintainers and contributors
+# Copyright (C) 2018-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -18,9 +18,11 @@ import os
from vyos.config import Config
from vyos.configverify import verify_vrf
-from vyos import ConfigError
+from vyos.configverify import verify_interface_exists
from vyos.util import call
+from vyos.util import get_interface_config
from vyos.template import render
+from vyos import ConfigError
from vyos import airbag
airbag.enable()
@@ -48,6 +50,19 @@ def verify(ntp):
if 'allow_clients' in ntp and 'server' not in ntp:
raise ConfigError('NTP server not configured')
+ if 'interface' in ntp:
+ # If ntpd should listen on a given interface, ensure it exists
+ for interface in ntp['interface']:
+ verify_interface_exists(interface)
+
+ # If we run in a VRF, our interface must belong to this VRF, too
+ if 'vrf' in ntp:
+ tmp = get_interface_config(interface)
+ vrf_name = ntp['vrf']
+ if 'master' not in tmp or tmp['master'] != vrf_name:
+ raise ConfigError(f'NTP runs in VRF "{vrf_name}" - "{interface}" '\
+ f'does not belong to this VRF!')
+
verify_vrf(ntp)
return None