diff options
-rw-r--r-- | python/vyos/util.py | 28 | ||||
-rwxr-xr-x | src/conf_mode/vrrp.py | 16 |
2 files changed, 43 insertions, 1 deletions
diff --git a/python/vyos/util.py b/python/vyos/util.py index 20c743b35..e83a17e18 100644 --- a/python/vyos/util.py +++ b/python/vyos/util.py @@ -920,6 +920,34 @@ def is_ipv6_enabled() -> bool: """ Check if IPv6 support on the system is enabled or not """ return (sysctl_read('net.ipv6.conf.all.disable_ipv6') == '0') +def is_ipv6_tentative(iface: str, ipv6_address: str) -> bool: + """Check if IPv6 address is in tentative state. + This function checks if an IPv6 address on a specific network interface is + in the tentative state. IPv6 tentative addresses are not fully configured + and are undergoing Duplicate Address Detection (DAD) to ensure they are + unique on the network. + Args: + iface (str): The name of the network interface. + ipv6_address (str): The IPv6 address to check. + Returns: + bool: True if the IPv6 address is tentative, False otherwise. + """ + import json + from vyos.util import rc_cmd + + rc, out = rc_cmd(f'ip -6 --json address show dev {iface} scope global') + if rc: + return False + + data = json.loads(out) + for addr_info in data[0]['addr_info']: + if ( + addr_info.get('local') == ipv6_address and + addr_info.get('tentative', False) + ): + return True + return False + def interface_exists(interface) -> bool: import os return os.path.exists(f'/sys/class/net/{interface}') diff --git a/src/conf_mode/vrrp.py b/src/conf_mode/vrrp.py index ad38adaec..86b11b6c4 100755 --- a/src/conf_mode/vrrp.py +++ b/src/conf_mode/vrrp.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2018-2021 VyOS maintainers and contributors +# Copyright (C) 2018-2023 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -15,6 +15,7 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. import os +import time from sys import exit from ipaddress import ip_interface @@ -28,6 +29,7 @@ from vyos.template import render from vyos.template import is_ipv4 from vyos.template import is_ipv6 from vyos.util import call +from vyos.util import is_ipv6_tentative from vyos.util import is_systemd_service_running from vyos.xml import defaults from vyos import ConfigError @@ -147,6 +149,18 @@ def apply(vrrp): call(f'systemctl stop {service_name}') return None + # Check if IPv6 address is tentative T5533 + for group, group_config in vrrp['group'].items(): + if 'hello_source_address' in group_config: + if is_ipv6(group_config['hello_source_address']): + ipv6_address = group_config['hello_source_address'] + interface = group_config['interface'] + checks = 20 + interval = 0.1 + for _ in range(checks): + if is_ipv6_tentative(interface, ipv6_address): + time.sleep(interval) + # XXX: T3944 - reload keepalived configuration if service is already running # to not cause any service disruption when applying changes. if is_systemd_service_running(service_name): |