diff options
author | Christian Poessinger <christian@poessinger.com> | 2020-03-28 12:06:41 +0100 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2020-03-28 12:06:41 +0100 |
commit | 792c00a018d0b237996e60845edf8ad970c4afbb (patch) | |
tree | 15bea8859399c540db517c46bd78e75a5e005e78 /src | |
parent | a0424f9c6a4cf813934d5a3bc877fddae6eb99de (diff) | |
parent | 822e171a0023c3f8f335cda08bcbf70b2d6d4070 (diff) | |
download | vyos-1x-792c00a018d0b237996e60845edf8ad970c4afbb.tar.gz vyos-1x-792c00a018d0b237996e60845edf8ad970c4afbb.zip |
Merge branch 't1831-ipv6' into current
* t1831-ipv6:
ipv6: T1831: migrate eui64 addressing to XML and python
vyos.util: import cleanup
ipv6: T1831: migrate autoconf node
ipv6: T1831: use integers over bool in interface configuration
ipv6: T1831: migrate forwarding and dup-addr-detect-transmits nodes
ipv6: T1831: Makefile: remove node.def files in ipv6 folder
ifconfig: T2057: explicity name state functions
ifconfig: T2167: get_mac was not returning
ifconfig: T2057: add get_alias function
ifconfig: T2057: option forcing
merge config: T2169: remove redundant use of show_config
Diffstat (limited to 'src')
-rwxr-xr-x | src/conf_mode/interfaces-bonding.py | 34 | ||||
-rwxr-xr-x | src/conf_mode/interfaces-bridge.py | 32 | ||||
-rwxr-xr-x | src/conf_mode/interfaces-dummy.py | 4 | ||||
-rwxr-xr-x | src/conf_mode/interfaces-ethernet.py | 32 | ||||
-rwxr-xr-x | src/conf_mode/interfaces-geneve.py | 2 | ||||
-rwxr-xr-x | src/conf_mode/interfaces-l2tpv3.py | 30 | ||||
-rwxr-xr-x | src/conf_mode/interfaces-openvpn.py | 35 | ||||
-rwxr-xr-x | src/conf_mode/interfaces-pseudo-ethernet.py | 32 | ||||
-rwxr-xr-x | src/conf_mode/interfaces-tunnel.py | 2 | ||||
-rwxr-xr-x | src/conf_mode/interfaces-vxlan.py | 30 | ||||
-rwxr-xr-x | src/conf_mode/interfaces-wireguard.py | 2 | ||||
-rwxr-xr-x | src/conf_mode/interfaces-wireless.py | 30 | ||||
-rwxr-xr-x | src/helpers/vyos-merge-config.py | 5 |
13 files changed, 247 insertions, 23 deletions
diff --git a/src/conf_mode/interfaces-bonding.py b/src/conf_mode/interfaces-bonding.py index 03df6e16a..cc119b91a 100755 --- a/src/conf_mode/interfaces-bonding.py +++ b/src/conf_mode/interfaces-bonding.py @@ -48,6 +48,10 @@ default_config_data = { 'ip_enable_arp_ignore': 0, 'ip_proxy_arp': 0, 'ip_proxy_arp_pvlan': 0, + 'ipv6_autoconf': 0, + 'ipv6_eui64_prefix': '', + 'ipv6_forwarding': 1, + 'ipv6_dup_addr_detect': 1, 'intf': '', 'mac': '', 'mode': '802.3ad', @@ -189,6 +193,22 @@ def get_config(): if conf.exists('ip proxy-arp-pvlan'): bond['ip_proxy_arp_pvlan'] = 1 + # Enable acquisition of IPv6 address using stateless autoconfig (SLAAC) + if conf.exists('ipv6 address autoconf'): + bond['ipv6_autoconf'] = 1 + + # Get prefix for IPv6 addressing based on MAC address (EUI-64) + if conf.exists('ipv6 address eui64'): + bond['ipv6_eui64_prefix'] = conf.return_value('ipv6 address eui64') + + # Disable IPv6 forwarding on this interface + if conf.exists('ipv6 disable-forwarding'): + bond['ipv6_forwarding'] = 0 + + # IPv6 Duplicate Address Detection (DAD) tries + if conf.exists('ipv6 dup-addr-detect-transmits'): + bond['ipv6_dup_addr_detect'] = int(conf.return_value('ipv6 dup-addr-detect-transmits')) + # Media Access Control (MAC) address if conf.exists('mac'): bond['mac'] = conf.return_value('mac') @@ -416,6 +436,14 @@ def apply(bond): b.set_proxy_arp(bond['ip_proxy_arp']) # Enable private VLAN proxy ARP on this interface b.set_proxy_arp_pvlan(bond['ip_proxy_arp_pvlan']) + # IPv6 address autoconfiguration + b.set_ipv6_autoconf(bond['ipv6_autoconf']) + # IPv6 EUI-based address + b.set_ipv6_eui64_address(bond['ipv6_eui64_prefix']) + # IPv6 forwarding + b.set_ipv6_forwarding(bond['ipv6_forwarding']) + # IPv6 Duplicate Address Detection (DAD) tries + b.set_ipv6_dad_messages(bond['ipv6_dup_addr_detect']) # Change interface MAC address if bond['mac']: @@ -431,7 +459,7 @@ def apply(bond): # Some parameters can not be changed when the bond is up. if bond['shutdown_required']: # Disable bond prior changing of certain properties - b.set_state('down') + b.set_admin_state('down') # The bonding mode can not be changed when there are interfaces enslaved # to this bond, thus we will free all interfaces from the bond first! @@ -449,9 +477,9 @@ def apply(bond): # parameters we will only re-enable the interface if it is not # administratively disabled if not bond['disable']: - b.set_state('up') + b.set_admin_state('up') else: - b.set_state('down') + b.set_admin_state('down') # Configure interface address(es) # - not longer required addresses get removed first diff --git a/src/conf_mode/interfaces-bridge.py b/src/conf_mode/interfaces-bridge.py index c45ab13a8..28e5957e4 100755 --- a/src/conf_mode/interfaces-bridge.py +++ b/src/conf_mode/interfaces-bridge.py @@ -46,6 +46,10 @@ default_config_data = { 'ip_enable_arp_accept': 0, 'ip_enable_arp_announce': 0, 'ip_enable_arp_ignore': 0, + 'ipv6_autoconf': 0, + 'ipv6_eui64_prefix': '', + 'ipv6_forwarding': 1, + 'ipv6_dup_addr_detect': 1, 'igmp_querier': 0, 'intf': '', 'mac' : '', @@ -152,6 +156,22 @@ def get_config(): if conf.exists('ip enable-arp-ignore'): bridge['ip_enable_arp_ignore'] = 1 + # Enable acquisition of IPv6 address using stateless autoconfig (SLAAC) + if conf.exists('ipv6 address autoconf'): + bridge['ipv6_autoconf'] = 1 + + # Get prefix for IPv6 addressing based on MAC address (EUI-64) + if conf.exists('ipv6 address eui64'): + bridge['ipv6_eui64_prefix'] = conf.return_value('ipv6 address eui64') + + # Disable IPv6 forwarding on this interface + if conf.exists('ipv6 disable-forwarding'): + bridge['ipv6_forwarding'] = 0 + + # IPv6 Duplicate Address Detection (DAD) tries + if conf.exists('ipv6 dup-addr-detect-transmits'): + bridge['ipv6_dup_addr_detect'] = int(conf.return_value('ipv6 dup-addr-detect-transmits')) + # Media Access Control (MAC) address if conf.exists('mac'): bridge['mac'] = conf.return_value('mac') @@ -243,7 +263,7 @@ def apply(bridge): br.remove() else: # enable interface - br.set_state('up') + br.set_admin_state('up') # set ageing time br.set_ageing_time(bridge['aging']) # set bridge forward delay @@ -258,6 +278,14 @@ def apply(bridge): br.set_arp_announce(bridge['ip_enable_arp_announce']) # configure ARP ignore br.set_arp_ignore(bridge['ip_enable_arp_ignore']) + # IPv6 address autoconfiguration + br.set_ipv6_autoconf(bridge['ipv6_autoconf']) + # IPv6 EUI-based address + br.set_ipv6_eui64_address(bridge['ipv6_eui64_prefix']) + # IPv6 forwarding + br.set_ipv6_forwarding(bridge['ipv6_forwarding']) + # IPv6 Duplicate Address Detection (DAD) tries + br.set_ipv6_dad_messages(bridge['ipv6_dup_addr_detect']) # set max message age br.set_max_age(bridge['max_age']) # set bridge priority @@ -313,7 +341,7 @@ def apply(bridge): # up/down interface if bridge['disable']: - br.set_state('down') + br.set_admin_state('down') # Configure interface address(es) # - not longer required addresses get removed first diff --git a/src/conf_mode/interfaces-dummy.py b/src/conf_mode/interfaces-dummy.py index bf55b13ec..b7b75517d 100755 --- a/src/conf_mode/interfaces-dummy.py +++ b/src/conf_mode/interfaces-dummy.py @@ -110,9 +110,9 @@ def apply(dummy): # disable interface on demand if dummy['disable']: - d.set_state('down') + d.set_admin_state('down') else: - d.set_state('up') + d.set_admin_state('up') return None diff --git a/src/conf_mode/interfaces-ethernet.py b/src/conf_mode/interfaces-ethernet.py index 2f5d796b4..286cab88e 100755 --- a/src/conf_mode/interfaces-ethernet.py +++ b/src/conf_mode/interfaces-ethernet.py @@ -48,6 +48,10 @@ default_config_data = { 'ip_enable_arp_ignore': 0, 'ip_proxy_arp': 0, 'ip_proxy_arp_pvlan': 0, + 'ipv6_autoconf': 0, + 'ipv6_eui64_prefix': '', + 'ipv6_forwarding': 1, + 'ipv6_dup_addr_detect': 1, 'intf': '', 'mac': '', 'mtu': 1500, @@ -167,6 +171,22 @@ def get_config(): if conf.exists('ip proxy-arp-pvlan'): eth['ip_proxy_arp_pvlan'] = 1 + # Enable acquisition of IPv6 address using stateless autoconfig (SLAAC) + if conf.exists('ipv6 address autoconf'): + eth['ipv6_autoconf'] = 1 + + # Get prefix for IPv6 addressing based on MAC address (EUI-64) + if conf.exists('ipv6 address eui64'): + eth['ipv6_eui64_prefix'] = conf.return_value('ipv6 address eui64') + + # Disable IPv6 forwarding on this interface + if conf.exists('ipv6 disable-forwarding'): + eth['ipv6_forwarding'] = 0 + + # IPv6 Duplicate Address Detection (DAD) tries + if conf.exists('ipv6 dup-addr-detect-transmits'): + eth['ipv6_dup_addr_detect'] = int(conf.return_value('ipv6 dup-addr-detect-transmits')) + # Media Access Control (MAC) address if conf.exists('mac'): eth['mac'] = conf.return_value('mac') @@ -326,6 +346,14 @@ def apply(eth): e.set_proxy_arp(eth['ip_proxy_arp']) # Enable private VLAN proxy ARP on this interface e.set_proxy_arp_pvlan(eth['ip_proxy_arp_pvlan']) + # IPv6 address autoconfiguration + e.set_ipv6_autoconf(eth['ipv6_autoconf']) + # IPv6 EUI-based address + e.set_ipv6_eui64_address(eth['ipv6_eui64_prefix']) + # IPv6 forwarding + e.set_ipv6_forwarding(eth['ipv6_forwarding']) + # IPv6 Duplicate Address Detection (DAD) tries + e.set_ipv6_dad_messages(eth['ipv6_dup_addr_detect']) # Change interface MAC address - re-set to real hardware address (hw-id) # if custom mac is removed @@ -357,9 +385,9 @@ def apply(eth): # Enable/Disable interface if eth['disable']: - e.set_state('down') + e.set_admin_state('down') else: - e.set_state('up') + e.set_admin_state('up') # Configure interface address(es) # - not longer required addresses get removed first diff --git a/src/conf_mode/interfaces-geneve.py b/src/conf_mode/interfaces-geneve.py index 8278b54b0..eaa678d3e 100755 --- a/src/conf_mode/interfaces-geneve.py +++ b/src/conf_mode/interfaces-geneve.py @@ -148,7 +148,7 @@ def apply(geneve): # parameters we will only re-enable the interface if it is not # administratively disabled if not geneve['disable']: - g.set_state('up') + g.set_admin_state('up') return None diff --git a/src/conf_mode/interfaces-l2tpv3.py b/src/conf_mode/interfaces-l2tpv3.py index 3bc3faca8..af1d3f482 100755 --- a/src/conf_mode/interfaces-l2tpv3.py +++ b/src/conf_mode/interfaces-l2tpv3.py @@ -33,6 +33,10 @@ default_config_data = { 'local_address': '', 'local_port': 5000, 'intf': '', + 'ipv6_autoconf': 0, + 'ipv6_eui64_prefix': '', + 'ipv6_forwarding': 1, + 'ipv6_dup_addr_detect': 1, 'mtu': 1488, 'peer_session_id': '', 'peer_tunnel_id': '', @@ -101,6 +105,22 @@ def get_config(): if conf.exists('local-ip'): l2tpv3['local_address'] = conf.return_value('local-ip') + # Enable acquisition of IPv6 address using stateless autoconfig (SLAAC) + if conf.exists('ipv6 address autoconf'): + l2tpv3['ipv6_autoconf'] = 1 + + # Get prefix for IPv6 addressing based on MAC address (EUI-64) + if conf.exists('ipv6 address eui64'): + l2tpv3['ipv6_eui64_prefix'] = conf.return_value('ipv6 address eui64') + + # Disable IPv6 forwarding on this interface + if conf.exists('ipv6 disable-forwarding'): + l2tpv3['ipv6_forwarding'] = 0 + + # IPv6 Duplicate Address Detection (DAD) tries + if conf.exists('ipv6 dup-addr-detect-transmits'): + l2tpv3['ipv6_dup_addr_detect'] = int(conf.return_value('ipv6 dup-addr-detect-transmits')) + # Maximum Transmission Unit (MTU) if conf.exists('mtu'): l2tpv3['mtu'] = int(conf.return_value('mtu')) @@ -193,6 +213,14 @@ def apply(l2tpv3): l.set_alias(l2tpv3['description']) # Maximum Transfer Unit (MTU) l.set_mtu(l2tpv3['mtu']) + # IPv6 address autoconfiguration + l.set_ipv6_autoconf(l2tpv3['ipv6_autoconf']) + # IPv6 EUI-based address + l.set_ipv6_eui64_address(l2tpv3['ipv6_eui64_prefix']) + # IPv6 forwarding + l.set_ipv6_forwarding(l2tpv3['ipv6_forwarding']) + # IPv6 Duplicate Address Detection (DAD) tries + l.set_ipv6_dad_messages(l2tpv3['ipv6_dup_addr_detect']) # Configure interface address(es) - no need to implicitly delete the # old addresses as they have already been removed by deleting the @@ -204,7 +232,7 @@ def apply(l2tpv3): # we will only re-enable the interface if it is not administratively # disabled if not l2tpv3['disable']: - l.set_state('up') + l.set_admin_state('up') return None diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py index 155101f1d..17aa4697f 100755 --- a/src/conf_mode/interfaces-openvpn.py +++ b/src/conf_mode/interfaces-openvpn.py @@ -294,6 +294,10 @@ default_config_data = { 'encryption': '', 'hash': '', 'intf': '', + 'ipv6_autoconf': 0, + 'ipv6_eui64_prefix': '', + 'ipv6_forwarding': 1, + 'ipv6_dup_addr_detect': 1, 'ping_restart': '60', 'ping_interval': '10', 'local_address': '', @@ -490,6 +494,22 @@ def get_config(): if conf.exists('local-port'): openvpn['local_port'] = conf.return_value('local-port') + # Enable acquisition of IPv6 address using stateless autoconfig (SLAAC) + if conf.exists('ipv6 address autoconf'): + openvpn['ipv6_autoconf'] = 1 + + # Get prefix for IPv6 addressing based on MAC address (EUI-64) + if conf.exists('ipv6 address eui64'): + openvpn['ipv6_eui64_prefix'] = conf.return_value('ipv6 address eui64') + + # Disable IPv6 forwarding on this interface + if conf.exists('ipv6 disable-forwarding'): + openvpn['ipv6_forwarding'] = 0 + + # IPv6 Duplicate Address Detection (DAD) tries + if conf.exists('ipv6 dup-addr-detect-transmits'): + openvpn['ipv6_dup_addr_detect'] = int(conf.return_value('ipv6 dup-addr-detect-transmits')) + # OpenVPN operation mode if conf.exists('mode'): mode = conf.return_value('mode') @@ -1036,14 +1056,25 @@ def apply(openvpn): try: # we need to catch the exception if the interface is not up due to # reason stated above - VTunIf(openvpn['intf']).set_alias(openvpn['description']) + o = VTunIf(openvpn['intf']) + # update interface description used e.g. within SNMP + o.set_alias(openvpn['description']) + # IPv6 address autoconfiguration + o.set_ipv6_autoconf(openvpn['ipv6_autoconf']) + # IPv6 EUI-based address + o.set_ipv6_eui64_address(openvpn['ipv6_eui64_prefix']) + # IPv6 forwarding + o.set_ipv6_forwarding(openvpn['ipv6_forwarding']) + # IPv6 Duplicate Address Detection (DAD) tries + o.set_ipv6_dad_messages(openvpn['ipv6_dup_addr_detect']) + except: pass # TAP interface needs to be brought up explicitly if openvpn['type'] == 'tap': if not openvpn['disable']: - VTunIf(openvpn['intf']).set_state('up') + VTunIf(openvpn['intf']).set_admin_state('up') return None diff --git a/src/conf_mode/interfaces-pseudo-ethernet.py b/src/conf_mode/interfaces-pseudo-ethernet.py index 0afae8388..56d4fdfc3 100755 --- a/src/conf_mode/interfaces-pseudo-ethernet.py +++ b/src/conf_mode/interfaces-pseudo-ethernet.py @@ -45,6 +45,10 @@ default_config_data = { 'ip_enable_arp_ignore': 0, 'ip_proxy_arp': 0, 'ip_proxy_arp_pvlan': 0, + 'ipv6_autoconf': 0, + 'ipv6_eui64_prefix': '', + 'ipv6_forwarding': 1, + 'ipv6_dup_addr_detect': 1, 'intf': '', 'link': '', 'link_changed': False, @@ -145,6 +149,22 @@ def get_config(): if conf.exists(['ip', 'proxy-arp-pvlan']): peth['ip_proxy_arp_pvlan'] = 1 + # Enable acquisition of IPv6 address using stateless autoconfig (SLAAC) + if conf.exists('ipv6 address autoconf'): + peth['ipv6_autoconf'] = 1 + + # Get prefix for IPv6 addressing based on MAC address (EUI-64) + if conf.exists('ipv6 address eui64'): + peth['ipv6_eui64_prefix'] = conf.return_value('ipv6 address eui64') + + # Disable IPv6 forwarding on this interface + if conf.exists('ipv6 disable-forwarding'): + peth['ipv6_forwarding'] = 0 + + # IPv6 Duplicate Address Detection (DAD) tries + if conf.exists('ipv6 dup-addr-detect-transmits'): + peth['ipv6_dup_addr_detect'] = int(conf.return_value('ipv6 dup-addr-detect-transmits')) + # Lower link device if conf.exists(['link']): peth['link'] = conf.return_value(['link']) @@ -296,6 +316,14 @@ def apply(peth): p.set_proxy_arp(peth['ip_proxy_arp']) # Enable private VLAN proxy ARP on this interface p.set_proxy_arp_pvlan(peth['ip_proxy_arp_pvlan']) + # IPv6 address autoconfiguration + p.set_ipv6_autoconf(peth['ipv6_autoconf']) + # IPv6 EUI-based address + p.set_ipv6_eui64_address(peth['ipv6_eui64_prefix']) + # IPv6 forwarding + p.set_ipv6_forwarding(peth['ipv6_forwarding']) + # IPv6 Duplicate Address Detection (DAD) tries + p.set_ipv6_dad_messages(peth['ipv6_dup_addr_detect']) # assign/remove VRF p.set_vrf(peth['vrf']) @@ -309,9 +337,9 @@ def apply(peth): # Enable/Disable interface if peth['disable']: - p.set_state('down') + p.set_admin_state('down') else: - p.set_state('up') + p.set_admin_state('up') # Configure interface address(es) # - not longer required addresses get removed first diff --git a/src/conf_mode/interfaces-tunnel.py b/src/conf_mode/interfaces-tunnel.py index 90c1f8f71..4cbb51f4a 100755 --- a/src/conf_mode/interfaces-tunnel.py +++ b/src/conf_mode/interfaces-tunnel.py @@ -478,7 +478,7 @@ def apply(conf): tunnel.add_addr(addr) # now bring it up (or not) - tunnel.set_state(options['state']) + tunnel.set_admin_state(options['state']) if __name__ == '__main__': diff --git a/src/conf_mode/interfaces-vxlan.py b/src/conf_mode/interfaces-vxlan.py index c9ef0fe9c..3d2638c6f 100755 --- a/src/conf_mode/interfaces-vxlan.py +++ b/src/conf_mode/interfaces-vxlan.py @@ -37,6 +37,10 @@ default_config_data = { 'ip_enable_arp_announce': 0, 'ip_enable_arp_ignore': 0, 'ip_proxy_arp': 0, + 'ipv6_autoconf': 0, + 'ipv6_eui64_prefix': '', + 'ipv6_forwarding': 1, + 'ipv6_dup_addr_detect': 1, 'link': '', 'mtu': 1450, 'remote': '', @@ -103,6 +107,22 @@ def get_config(): if conf.exists('ip enable-proxy-arp'): vxlan['ip_proxy_arp'] = 1 + # Enable acquisition of IPv6 address using stateless autoconfig (SLAAC) + if conf.exists('ipv6 address autoconf'): + vxlan['ipv6_autoconf'] = 1 + + # Get prefix for IPv6 addressing based on MAC address (EUI-64) + if conf.exists('ipv6 address eui64'): + vxlan['ipv6_eui64_prefix'] = conf.return_value('ipv6 address eui64') + + # Disable IPv6 forwarding on this interface + if conf.exists('ipv6 disable-forwarding'): + vxlan['ipv6_forwarding'] = 0 + + # IPv6 Duplicate Address Detection (DAD) tries + if conf.exists('ipv6 dup-addr-detect-transmits'): + vxlan['ipv6_dup_addr_detect'] = int(conf.return_value('ipv6 dup-addr-detect-transmits')) + # VXLAN underlay interface if conf.exists('link'): vxlan['link'] = conf.return_value('link') @@ -201,6 +221,14 @@ def apply(vxlan): v.set_arp_ignore(vxlan['ip_enable_arp_ignore']) # Enable proxy-arp on this interface v.set_proxy_arp(vxlan['ip_proxy_arp']) + # IPv6 address autoconfiguration + v.set_ipv6_autoconf(vxlan['ipv6_autoconf']) + # IPv6 EUI-based address + v.set_ipv6_eui64_address(vxlan['ipv6_eui64_prefix']) + # IPv6 forwarding + v.set_ipv6_forwarding(vxlan['ipv6_forwarding']) + # IPv6 Duplicate Address Detection (DAD) tries + v.set_ipv6_dad_messages(vxlan['ipv6_dup_addr_detect']) # Configure interface address(es) - no need to implicitly delete the # old addresses as they have already been removed by deleting the @@ -212,7 +240,7 @@ def apply(vxlan): # parameters we will only re-enable the interface if it is not # administratively disabled if not vxlan['disable']: - v.set_state('up') + v.set_admin_state('up') return None diff --git a/src/conf_mode/interfaces-wireguard.py b/src/conf_mode/interfaces-wireguard.py index 0d6373d89..d8c327e19 100755 --- a/src/conf_mode/interfaces-wireguard.py +++ b/src/conf_mode/interfaces-wireguard.py @@ -269,7 +269,7 @@ def apply(c): intfc.update() # interface state - intfc.set_state(c['state']) + intfc.set_admin_state(c['state']) return None diff --git a/src/conf_mode/interfaces-wireless.py b/src/conf_mode/interfaces-wireless.py index 2d05e722d..2c67c39ae 100755 --- a/src/conf_mode/interfaces-wireless.py +++ b/src/conf_mode/interfaces-wireless.py @@ -827,6 +827,10 @@ default_config_data = { 'ip_enable_arp_accept': 0, 'ip_enable_arp_announce': 0, 'ip_enable_arp_ignore': 0, + 'ipv6_autoconf': 0, + 'ipv6_eui64_prefix': '', + 'ipv6_forwarding': 1, + 'ipv6_dup_addr_detect': 1, 'mac' : '', 'max_stations' : '', 'mgmt_frame_protection' : 'disabled', @@ -1136,10 +1140,26 @@ def get_config(): if conf.exists('ip enable-arp-announce'): wifi['ip_enable_arp_announce'] = 1 + # Enable acquisition of IPv6 address using stateless autoconfig (SLAAC) + if conf.exists('ipv6 address autoconf'): + wifi['ipv6_autoconf'] = 1 + + # Get prefix for IPv6 addressing based on MAC address (EUI-64) + if conf.exists('ipv6 address eui64'): + wifi['ipv6_eui64_prefix'] = conf.return_value('ipv6 address eui64') + # ARP enable ignore if conf.exists('ip enable-arp-ignore'): wifi['ip_enable_arp_ignore'] = 1 + # Disable IPv6 forwarding on this interface + if conf.exists('ipv6 disable-forwarding'): + wifi['ipv6_forwarding'] = 0 + + # IPv6 Duplicate Address Detection (DAD) tries + if conf.exists('ipv6 dup-addr-detect-transmits'): + wifi['ipv6_dup_addr_detect'] = int(conf.return_value('ipv6 dup-addr-detect-transmits')) + # Wireless physical device if conf.exists('physical-device'): wifi['phy'] = conf.return_value('physical-device') @@ -1487,6 +1507,14 @@ def apply(wifi): w.set_arp_announce(wifi['ip_enable_arp_announce']) # configure ARP ignore w.set_arp_ignore(wifi['ip_enable_arp_ignore']) + # IPv6 address autoconfiguration + w.set_ipv6_autoconf(wifi['ipv6_autoconf']) + # IPv6 EUI-based address + w.set_ipv6_eui64_address(wifi['ipv6_eui64_prefix']) + # IPv6 forwarding + w.set_ipv6_forwarding(wifi['ipv6_forwarding']) + # IPv6 Duplicate Address Detection (DAD) tries + w.set_ipv6_dad_messages(wifi['ipv6_dup_addr_detect']) # Configure interface address(es) # - not longer required addresses get removed first @@ -1518,7 +1546,7 @@ def apply(wifi): # Enable/Disable interface - interface is always placed in # administrative down state in WiFiIf class if not wifi['disable']: - w.set_state('up') + w.set_admin_state('up') # Physical interface is now configured. Proceed by starting hostapd or # wpa_supplicant daemon. When type is monitor we can just skip this. diff --git a/src/helpers/vyos-merge-config.py b/src/helpers/vyos-merge-config.py index 7ae62cfb3..c5216daa6 100755 --- a/src/helpers/vyos-merge-config.py +++ b/src/helpers/vyos-merge-config.py @@ -70,10 +70,7 @@ with tempfile.NamedTemporaryFile() as file_to_migrate: merge_config_tree = ConfigTree(config_file) effective_config = Config() - -output_effective_config = effective_config.show_config() - -effective_config_tree = ConfigTree(output_effective_config) +effective_config_tree = effective_config._running_config effective_cmds = effective_config_tree.to_commands() merge_cmds = merge_config_tree.to_commands() |