diff options
24 files changed, 1532 insertions, 436 deletions
@@ -69,17 +69,17 @@ op_mode_definitions: # XXX: delete top level op mode node.def's that now live in other packages rm -f $(OP_TMPL_DIR)/add/node.def - rm -f $(OP_TMPL_DIR)/clear/node.def rm -f $(OP_TMPL_DIR)/clear/interfaces/node.def + rm -f $(OP_TMPL_DIR)/clear/node.def + rm -f $(OP_TMPL_DIR)/delete/node.def + rm -f $(OP_TMPL_DIR)/generate/node.def + rm -f $(OP_TMPL_DIR)/monitor/node.def + rm -f $(OP_TMPL_DIR)/reset/vpn/node.def rm -f $(OP_TMPL_DIR)/set/node.def - rm -f $(OP_TMPL_DIR)/show/node.def rm -f $(OP_TMPL_DIR)/show/interfaces/node.def - rm -f $(OP_TMPL_DIR)/monitor/node.def - rm -f $(OP_TMPL_DIR)/generate/node.def + rm -f $(OP_TMPL_DIR)/show/node.def rm -f $(OP_TMPL_DIR)/show/system/node.def rm -f $(OP_TMPL_DIR)/show/vpn/node.def - rm -f $(OP_TMPL_DIR)/delete/node.def - rm -f $(OP_TMPL_DIR)/reset/vpn/node.def # XXX: ping must be able to recursivly call itself as the # options are provided from the script itself diff --git a/interface-definitions/interfaces-tunnel.xml.in b/interface-definitions/interfaces-tunnel.xml.in index 8effa68b2..3a4db6f09 100644 --- a/interface-definitions/interfaces-tunnel.xml.in +++ b/interface-definitions/interfaces-tunnel.xml.in @@ -36,7 +36,7 @@ <description>Local IPv6 address for this tunnel [NOTICE: unavailable for mGRE tunnels]</description> </valueHelp> <completionHelp> - <script>${vyos_completion_dir}/list_local_ips.sh</script> + <script>${vyos_completion_dir}/list_local_ips.sh --both</script> </completionHelp> <constraint> <validator name="ip-address"/> diff --git a/op-mode-definitions/show-ipv6-bgp.xml b/op-mode-definitions/show-ipv6-bgp.xml new file mode 100644 index 000000000..aad61b97a --- /dev/null +++ b/op-mode-definitions/show-ipv6-bgp.xml @@ -0,0 +1,203 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="show"> + <children> + <node name="ipv6"> + <properties> + <help>Show IPv6 routing information</help> + </properties> + <children> + <node name="bgp"> + <properties> + <help>Show Border Gateway Protocol (BGP) information</help> + </properties> + <command>vtysh -c "show bgp ipv6"</command> + <children> + <leafNode name="summary"> + <properties> + <help>Show summary of BGP neighbor status</help> + </properties> + <command>vtysh -c "show bgp ipv6 summary"</command> + </leafNode> + <tagNode name="regexp"> + <properties> + <help>Show routes matching AS path regular expression</help> + </properties> + <command>vtysh -c "show bgp ipv6 regexp $5"</command> + </tagNode> + <tagNode name="prefix-list"> + <properties> + <help>Show routes matching the IPv6 prefix-list name</help> + <completionHelp> + <path>policy prefix-list6</path> + </completionHelp> + </properties> + <command>vtysh -c "show bgp ipv6 prefix-list $5"</command> + </tagNode> + <tagNode name="neighbors"> + <properties> + <help>Show detailed information on TCP and BGP neighbor connections for given address</help> + <completionHelp> + <script>vtysh -c "show bgp ipv6 summary" | awk '{print $1}' | grep -oE "\b([0-9a-f]{1,4}\:{0,2}){0,20}\b"</script> + </completionHelp> + </properties> + <command>vtysh -c "show bgp ipv6 neighbor $5"</command> + <children> + <leafNode name="advertised-routes"> + <properties> + <help>Show routes advertised to a BGP neighbor</help> + </properties> + <command>vtysh -c "show bgp ipv6 neighbor $5 advertised-routes"</command> + </leafNode> + <leafNode name="filtered-routes"> + <properties> + <help>Show routes filtered from a BGP neighbor</help> + </properties> + <command>vtysh -c "show bgp ipv6 neighbor $5 filtered-routes"</command> + </leafNode> + <leafNode name="dampened-routes"> + <properties> + <help>Show dampened routes received from BGP neighbor</help> + </properties> + <command>vtysh -c "show bgp ipv6 neighbor $5 dampened-routes"</command> + </leafNode> + <leafNode name="flap-statistics"> + <properties> + <help>Show flap statistics of the routes learned from BGP neighbor</help> + </properties> + <command>vtysh -c "show bgp ipv6 neighbor $5 flap-statistics"</command> + </leafNode> + <leafNode name="prefix-counts"> + <properties> + <help>Show detailed prefix count information for BGP neighbor</help> + </properties> + <command>vtysh -c "show bgp ipv6 neighbor $5 prefix-counts"</command> + </leafNode> + <node name="received"> + <properties> + <help>Show information received from BGP neighbor</help> + </properties> + <children> + <leafNode name="prefix-filter"> + <properties> + <help>Show prefixlist filter</help> + </properties> + <command>vtysh -c "show bgp ipv6 neighbor $5 received prefix-filter"</command> + </leafNode> + </children> + </node> + <leafNode name="received-routes"> + <properties> + <help>Show received routes from BGP neighbor</help> + </properties> + <command>vtysh -c "show bgp ipv6 neighbor $5 received-routes"</command> + </leafNode> + <leafNode name="routes"> + <properties> + <help>Show routes learned from BGP neighbor</help> + </properties> + <command>vtysh -c "show bgp ipv6 neighbor $5 routes"</command> + </leafNode> + </children> + </tagNode> + <tagNode name="large-community"> + <properties> + <help>Show routes matching the large-community-list number or name</help> + </properties> + <command>vtysh -c "show bgp ipv6 large-community-list $5"</command> + <children> + <node name="exact-match"> + <properties> + <help>Show routes matching the large-community-list number or name</help> + </properties> + <command>vtysh -c "show bgp ipv6 large-community-list $5 exact-match"</command> + </node> + </children> + </tagNode> + <tagNode name="large-community-list"> + <properties> + <help>Show routes matching the large-community-list number or name</help> + </properties> + <command>vtysh -c "show bgp ipv6 large-community-list $5"</command> + <children> + <node name="exact-match"> + <properties> + <help>Show routes matching the large-community-list number or name</help> + </properties> + <command>vtysh -c "show bgp ipv6 large-community-list $5 exact-match"</command> + </node> + </children> + </tagNode> + <tagNode name="filter-list"> + <properties> + <help>Show routes conforming to regular expression access list name</help> + </properties> + <command>vtysh -c "show bgp ipv6 filter-list $5"</command> + </tagNode> + <tagNode name="community"> + <properties> + <help>Show BGP information for specified community number</help> + <completionHelp> + <list><AA:NN> local-AS no-advertise no-export</list> + </completionHelp> + </properties> + <command>vtysh -c "show bgp ipv6 community $5"</command> + <children> + <node name="exact-match"> + <properties> + <help>Show routes from community that exactly matches the community number</help> + </properties> + <command>vtysh -c "show bgp ipv6 community $5 exact-match"</command> + </node> + </children> + </tagNode> + <tagNode name="community-list"> + <properties> + <help>Show routes matching the community-list number or name</help> + </properties> + <command>vtysh -c "show bgp ipv6 community-list $5"</command> + <children> + <node name="exact-match"> + <properties> + <help>Show routes exactly matching the community-list name or number</help> + </properties> + <command>vtysh -c "show bgp ipv6 community-list $5 exact-match"</command> + </node> + </children> + </tagNode> + <tagNode name="route-map"> + <properties> + <help>Show BGP routes matching the specified route map</help> + <completionHelp> + <path>policy route-map</path> + </completionHelp> + </properties> + <command>vtysh -c "show bgp ipv6 route-map $5"</command> + </tagNode> + </children> + </node> + <tagNode name="bgp"> + <properties> + <help>Show BGP information for specified IP address or prefix</help> + <completionHelp> + <list><h:h:h:h:h:h:h:h> <h:h:h:h:h:h:h:h/x></list> + </completionHelp> + </properties> + <command>vtysh -c "show bgp ipv6 $4"</command> + <children> + <node name="longer-prefixes"> + <properties> + <help>Show route and more specific routes</help> + <completionHelp> + <list><h:h:h:h:h:h:h:h> <h:h:h:h:h:h:h:h/x></list> + </completionHelp> + </properties> + <command>vtysh -c "show bgp ipv6 $4 longer-prefixes"</command> + </node> + </children> + </tagNode> + </children> + </node> + </children> + </node> +</interfaceDefinition> diff --git a/op-mode-definitions/show-ipv6-ospfv3.xml b/op-mode-definitions/show-ipv6-ospfv3.xml new file mode 100644 index 000000000..36bb5b40e --- /dev/null +++ b/op-mode-definitions/show-ipv6-ospfv3.xml @@ -0,0 +1,777 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="show"> + <children> + <node name="ipv6"> + <properties> + <help>Show IPv6 routing information</help> + </properties> + <children> + <node name="ospfv3"> + <properties> + <help>Show IPv6 Open Shortest Path First (OSPF)</help> + </properties> + <command>vtysh -c "show ipv6 ospf6"</command> + <children> + <node name="area"> + <properties> + <help>Show Shortest Path First tree information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 spf tree"</command> + </node> + <tagNode name="area"> + <properties> + <help>Area ID (as an IPv4 notation)</help> + <completionHelp> + <path>protocols ospfv3 area</path> + </completionHelp> + </properties> + <command>vtysh -c "show ipv6 ospf6 area $4 spf tree"</command> + <children> + <tagNode name="router"> + <properties> + <help> Simulate view point (Router ID)</help> + <completionHelp> + <list><x.x.x.x></list> + </completionHelp> + </properties> + <command>vtysh -c "show ipv6 ospf6 simulate spf-tree $7 $4 $5"</command> + </tagNode> + </children> + </tagNode> + <node name="border-routers"> + <properties> + <help>Show OSPFv3 border-router (ABR and ASBR) information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 border-routers"</command> + <children> + <node name="detail"> + <properties> + <help>Show OSPFv3 detailed border-router information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 border-routers detail"</command> + </node> + </children> + </node> + <tagNode name="border-routers"> + <properties> + <help>Border router ID</help> + <completionHelp> + <list><x.x.x.x></list> + </completionHelp> + </properties> + <command>vtysh -c "show ipv6 ospf6 border-routers $5"</command> + </tagNode> + <node name="database"> + <properties> + <help>Show OSPFv3 Link state database information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database"</command> + <children> + <tagNode name="adv-router"> + <properties> + <help>Search by Advertising Router ID</help> + <completionHelp> + <list><x.x.x.x></list> + </completionHelp> + </properties> + <children> + <tagNode name="linkstate-id"> + <properties> + <help>Search by Link state ID</help> + <completionHelp> + <list><x.x.x.x></list> + </completionHelp> + </properties> + <children> + <node name="detail"> + <properties> + <help>Show details of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database adv-router $6 linkstate-id $8 detail"</command> + </node> + <node name="dump"> + <properties> + <help>Show dump of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database adv-router $6 linkstate-id $8 dump"</command> + </node> + <node name="internal"> + <properties> + <help>Show LSAs internal information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database adv-router $6 linkstate-id $8 internal"</command> + </node> + </children> + </tagNode> + </children> + </tagNode> + <node name="any"> + <properties> + <help>Search by Any Link state Type</help> + </properties> + <children> + <tagNode name="any"> + <properties> + <help>Search by Link state ID</help> + <completionHelp> + <list><x.x.x.x></list> + </completionHelp> + </properties> + <children> + <node name="detail"> + <properties> + <help>Show details of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database * * $7 detail"</command> + </node> + <node name="dump"> + <properties> + <help>Show dump of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database * * $7 dump"</command> + </node> + <node name="internal"> + <properties> + <help>Show LSAs internal information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database * * $7 internal"</command> + </node> + </children> + </tagNode> + </children> + </node> + <tagNode name="any"> + <properties> + <help>Search by Link state ID</help> + <completionHelp> + <list><x.x.x.x></list> + </completionHelp> + </properties> + <command>vtysh -c "show ipv6 ospf6 database * $6"</command> + <children> + <node name="detail"> + <properties> + <help>Show details of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database * $6 detail"</command> + </node> + <node name="dump"> + <properties> + <help>Show dump of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database * $6 dump"</command> + </node> + <node name="internal"> + <properties> + <help>Show LSAs internal information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database * $6 internal"</command> + </node> + <node name="node.tag"> + <properties> + <help>Search by Advertising Router ID</help> + <completionHelp> + <list><x.x.x.x></list> + </completionHelp> + </properties> + <command>vtysh -c "show ipv6 ospf6 database * $6 $7"</command> + <children> + <node name="detail"> + <properties> + <help>Show details of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database * $6 $7 detail"</command> + </node> + <node name="dump"> + <properties> + <help>Show dump of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database * $6 $7 dump"</command> + </node> + <node name="internal"> + <properties> + <help>Show LSAs internal information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database * $6 $7 internal"</command> + </node> + </children> + </node> + </children> + </tagNode> + + + + + + <node name="as-external"> + <properties> + <help>Show AS-External LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external"</command> + <children> + <tagNode name="adv-router"> + <properties> + <help>Search by Advertising Router ID</help> + <completionHelp> + <list><x.x.x.x></list> + </completionHelp> + </properties> + <children> + <tagNode name="linkstate-id"> + <properties> + <help>Search by Link state ID</help> + <completionHelp> + <list><x.x.x.x></list> + </completionHelp> + </properties> + <children> + <node name="dump"> + <properties> + <help>Show dump of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external adv-router $7 linkstate-id $9 dump"</command> + </node> + <node name="internal"> + <properties> + <help>Show LSAs internal information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external adv-router $7 linkstate-id $9 internal"</command> + </node> + </children> + </tagNode> + </children> + </tagNode> + <tagNode name="any"> + <properties> + <help>Search by Advertising Router ID</help> + <completionHelp> + <list><x.x.x.x></list> + </completionHelp> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external * $7"</command> + <children> + <node name="detail"> + <properties> + <help>Show details of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external * $7 detail"</command> + </node> + <node name="dump"> + <properties> + <help>Show dump of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external * $7 dump"</command> + </node> + <node name="internal"> + <properties> + <help>Show LSAs internal information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external * $7 internal"</command> + </node> + </children> + </tagNode> + <node name="detail"> + <properties> + <help>Show details of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external detail"</command> + </node> + <node name="dump"> + <properties> + <help>Show dump of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external dump"</command> + </node> + <node name="internal"> + <properties> + <help>Show LSAs internal information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external internal"</command> + </node> + <tagNode name="linkstate-id"> + <properties> + <help>Search by Link state ID</help> + <completionHelp> + <list><x.x.x.x></list> + </completionHelp> + </properties> + <children> + <node name="detail"> + <properties> + <help>Show details of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external linkstate-id $7 detail"</command> + </node> + <node name="dump"> + <properties> + <help>Show dump of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external linkstate-id $7 dump"</command> + </node> + <node name="internal"> + <properties> + <help>Show LSAs internal information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external linkstate-id $7 internal"</command> + </node> + </children> + </tagNode> + <node name="self-originated"> + <properties> + <help>Show Self-originated LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external self-originated"</command> + <children> + <node name="detail"> + <properties> + <help>Show details of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external self-originated detail"</command> + </node> + <node name="dump"> + <properties> + <help>Show dump of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external self-originated dump"</command> + </node> + <node name="internal"> + <properties> + <help>Show LSAs internal information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external self-originated internal"</command> + </node> + <tagNode name="linkstate-id"> + <properties> + <help>Search by Link state ID</help> + <completionHelp> + <list><x.x.x.x></list> + </completionHelp> + </properties> + <children> + <node name="detail"> + <properties> + <help>Show details of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external self-originated linkstate-id $8 detail"</command> + </node> + <node name="dump"> + <properties> + <help>Show dump of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external self-originated linkstate-id $8 dump"</command> + </node> + <node name="internal"> + <properties> + <help>Show LSAs internal information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external self-originated linkstate-id $8 internal"</command> + </node> + </children> + </tagNode> + </children> + </node> + </children> + </node> + <tagNode name="as-external"> + <properties> + <help>Search by Advertising Router IDs</help> + <completionHelp> + <list><x.x.x.x></list> + </completionHelp> + </properties> + <children> + <node name="detail"> + <properties> + <help>Show details of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external $6 detail"</command> + </node> + <node name="dump"> + <properties> + <help>Show dump of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external $6 dump"</command> + </node> + <node name="internal"> + <properties> + <help>Show LSAs internal information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external $6 internal"</command> + </node> + <node name="self-originated"> + <properties> + <help>Show Self-originated LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external $6 self-originated"</command> + <children> + <node name="detail"> + <properties> + <help>Show details of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external $6 self-originated detail"</command> + </node> + <node name="dump"> + <properties> + <help>Show dump of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external $6 self-originated dump"</command> + </node> + <node name="internal"> + <properties> + <help>Show LSAs internal information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database as-external $6 self-originated internal"</command> + </node> + </children> + </node> + <node name="node.tag"> + <properties> + <help>Search by Advertising Router ID</help> + <completionHelp> + <list><x.x.x.x></list> + </completionHelp> + </properties> + <children> + <node name="dump"> + <properties> + <help>Show dump of LSAs</help> + </properties> + <command>echo vtysh -c "show ipv6 ospf6 database as-external $6 $7 dump"</command> + </node> + <node name="internal"> + <properties> + <help>Show LSAs internal information</help> + </properties> + <command>echo vtysh -c "show ipv6 ospf6 database as-external $6 $7 internal"</command> + </node> + </children> + </node> + </children> + </tagNode> + <node name="detail"> + <properties> + <help>Show details of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database detail"</command> + </node> + <node name="dump"> + <properties> + <help>Show dump of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database dump"</command> + </node> + <tagNode name="linkstate-id"> + <properties> + <help>Search by Link state ID</help> + <completionHelp> + <list><x.x.x.x></list> + </completionHelp> + </properties> + <children> + <node name="detail"> + <properties> + <help>Show details of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database linkstate-id $6 detail"</command> + </node> + <node name="dump"> + <properties> + <help>Show dump of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database linkstate-id $6 dump"</command> + </node> + <node name="internal"> + <properties> + <help>Show LSAs internal information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database linkstate-id $6 internal"</command> + </node> + </children> + </tagNode> + <node name="self-originated"> + <properties> + <help>Show Self-originated LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database self-originated"</command> + <children> + <node name="detail"> + <properties> + <help>Show details of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database self-originated detail"</command> + </node> + <node name="dump"> + <properties> + <help>Show dump of LSAs</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database self-originated dump"</command> + </node> + <node name="internal"> + <properties> + <help>Show LSAs internal information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 database self-originated internal"</command> + </node> + </children> + </node> + </children> + </node> + <node name="interface"> + <properties> + <help>Show OSPFv3 interface information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 interface"</command> + <children> + <node name="prefix"> + <properties> + <help>Show connected prefixes to advertise</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 interface prefix"</command> + <children> + <node name="detail"> + <properties> + <help>More detailed interface prefix information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 interface prefix detail"</command> + </node> + </children> + </node> + <tagNode name="prefix"> + <properties> + <help>Show interface prefix route specific information</help> + <completionHelp> + <list><h:h:h:h:h:h:h:h> <h:h:h:h:h:h:h:h/x></list> + </completionHelp> + </properties> + <command>vtysh -c "show ipv6 ospf6 interface prefix $6"</command> + <children> + <node name="detail"> + <properties> + <help>More detailed information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 interface prefix $6 detail"</command> + </node> + <node name="match"> + <properties> + <help>Matched interface prefix information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 interface prefix $6 match"</command> + </node> + </children> + </tagNode> + </children> + </node> + <tagNode name="interface"> + <properties> + <help>Specific insterface to examine</help> + <completionHelp> + <script>${vyos_completion_dir}/list_interfaces.py</script> + </completionHelp> + </properties> + <command>vtysh -c "show ipv6 ospf6 interface $5"</command> + <children> + <node name="prefix"> + <properties> + <help>Show connected prefixes to advertise</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 interface $5 prefix"</command> + <children> + <node name="detail"> + <properties> + <help>More detailed interface prefix information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 interface $5 prefix detail"</command> + </node> + </children> + </node> + <tagNode name="prefix"> + <properties> + <help>Show interface prefix route specific information</help> + <completionHelp> + <list><h:h:h:h:h:h:h:h> <h:h:h:h:h:h:h:h/x></list> + </completionHelp> + </properties> + <command>vtysh -c "show ipv6 ospf6 interface $5 prefix $7"</command> + <children> + <node name="detail"> + <properties> + <help>More detailed information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 interface $5 prefix $7 detail"</command> + </node> + <node name="match"> + <properties> + <help>Matched interface prefix information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 interface $5 prefix $7 match"</command> + </node> + </children> + </tagNode> + </children> + </tagNode> + <node name="linkstate"> + <properties> + <help>Show OSPFv3 linkstate routing information</help> + </properties> + <children> + <node name="detail"> + <properties> + <help>Show detailed linkstate information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 linkstate detail"</command> + </node> + <node name="network"> + <properties> + <help>Show linkstate Network information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 linkstate network"</command> + </node> + <node name="router"> + <properties> + <help>Show linkstate Router information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 linkstate router"</command> + </node> + </children> + </node> + <node name="neighbor"> + <properties> + <help>Show OSPFv3 neighbor information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 neighbor"</command> + <children> + <node name="detail"> + <properties> + <help>Show detailed neighbor information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 neighbor detail"</command> + </node> + <node name="drchoice"> + <properties> + <help>Show neighbor DR choice information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 neighbor drchoice"</command> + </node> + </children> + </node> + <node name="redistribute"> + <properties> + <help>Show OSPFv3 redistribute external information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 redistribute"</command> + </node> + <node name="route"> + <properties> + <help>Show OSPFv3 routing table information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 route"</command> + <children> + <node name="external-1"> + <properties> + <help>Show Type-1 External route information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 route external-1"</command> + <children> + <node name="detail"> + <properties> + <help>Show detailed Type-1 External route information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 route external-1 detail"</command> + </node> + </children> + </node> + <node name="external-2"> + <properties> + <help>Show Type-2 External route information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 route external-2"</command> + <children> + <node name="detail"> + <properties> + <help>Show detailed Type-2 External route information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 route external-2 detail"</command> + </node> + </children> + </node> + <node name="inter-area"> + <properties> + <help>Show Inter-Area route information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 route inter-area"</command> + <children> + <node name="detail"> + <properties> + <help>Show detailed Inter-Area route information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 route inter-area detail"</command> + </node> + </children> + </node> + <node name="intra-area"> + <properties> + <help>Show Intra-Area route information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 route intra-area"</command> + <children> + <node name="detail"> + <properties> + <help>Show detailed Intra-Area route information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 route intra-area detail"</command> + </node> + </children> + </node> + <node name="detail"> + <properties> + <help>Show detailed route information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 route detail"</command> + </node> + <node name="summary"> + <properties> + <help>Show route table summary</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 route summary"</command> + </node> + </children> + </node> + <tagNode name="route"> + <properties> + <help>Show specified route/prefix information</help> + <completionHelp> + <list><h:h:h:h:h:h:h:h> <h:h:h:h:h:h:h:h/x></list> + </completionHelp> + </properties> + <command>vtysh -c "show ipv6 ospf6 route $5"</command> + <children> + <node name="longer"> + <properties> + <help>Show routes longer than specified prefix</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 route $5 longer"</command> + </node> + <node name="match"> + <properties> + <help>Show routes matching specified prefix</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 route $5 match"</command> + <children> + <node name="detail"> + <properties> + <help>Detailed information</help> + </properties> + <command>vtysh -c "show ipv6 ospf6 route $5 match detail"</command> + </node> + </children> + </node> + </children> + </tagNode> + </children> + </node> + </children> + </node> + </children> + </node> +</interfaceDefinition> diff --git a/op-mode-definitions/show-ipv6-prefix-list.xml b/op-mode-definitions/show-ipv6-prefix-list.xml new file mode 100644 index 000000000..e003ad110 --- /dev/null +++ b/op-mode-definitions/show-ipv6-prefix-list.xml @@ -0,0 +1,92 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="show"> + <children> + <node name="ipv6"> + <properties> + <help>Show IPv6 routing information</help> + </properties> + <children> + <node name="prefix-list"> + <properties> + <help>Show IPv6 prefix-lists</help> + </properties> + <command>vtysh -c "show ipv6 prefix-list"</command> + <children> + <node name="detail"> + <properties> + <help>Show detail of IPv6 prefix-lists</help> + </properties> + <command>vtysh -c "show ipv6 prefix-list detail"</command> + </node> + <tagNode name="detail"> + <properties> + <help>Show detail of specified IPv6 prefix-list</help> + </properties> + <command>vtysh -c "show ipv6 prefix-list detail $5"</command> + </tagNode> + <node name="summary"> + <properties> + <help>Show summary of IPv6 prefix-lists</help> + </properties> + <command>vtysh -c "show ipv6 prefix-list summary"</command> + </node> + <tagNode name="summary"> + <properties> + <help>Show summary of specified IPv6 prefix-list</help> + </properties> + <command>vtysh -c "show ipv6 prefix-list summary $5"</command> + </tagNode> + </children> + </node> + <tagNode name="prefix-list"> + <properties> + <help>Show specified IPv6 prefix-list</help> + <completionHelp> + <list>WORD</list> + </completionHelp> + </properties> + <command>vtysh -c "show ipv6 prefix-list $4"</command> + <children> + <node name="node.tag"> + <properties> + <help>Show select prefix of specified IPv6 prefix-list</help> + <completionHelp> + <list><h:h:h:h:h:h:h:h/x></list> + </completionHelp> + </properties> + <command>vtysh -c "show ipv6 prefix-list $4 $5"</command> + <children> + <node name="first-match"> + <properties> + <help>Show first-match from select prefix of named IPv6 prefix-list</help> + </properties> + <command>vtysh -c "show ipv6 prefix-list $4 $5 first-match"</command> + </node> + <node name="longer"> + <properties> + <help>Show longer match of select prefix from named IPv6 prefix-list</help> + </properties> + <command>vtysh -c "show ipv6 prefix-list $4 $5 longer"</command> + </node> + </children> + </node> + <node name="seq"> + <properties> + <help>Show specified sequence from specified IPv6 prefix-list</help> + </properties> + <command>vtysh -c "show ipv6 prefix-list $4 seq"</command> + </node> + <tagNode name="seq"> + <properties> + <help>Show specified sequence from specified IPv6 prefix-list</help> + </properties> + <command>vtysh -c "show ipv6 prefix-list $4 seq $6"</command> + </tagNode> + </children> + </tagNode> + </children> + </node> + </children> + </node> +</interfaceDefinition> diff --git a/op-mode-definitions/show-ipv6-route.xml b/op-mode-definitions/show-ipv6-route.xml new file mode 100644 index 000000000..fafd615ea --- /dev/null +++ b/op-mode-definitions/show-ipv6-route.xml @@ -0,0 +1,117 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="show"> + <children> + <node name="ipv6"> + <properties> + <help>Show IPv6 routing information</help> + </properties> + <children> + <tagNode name="route"> + <properties> + <help>Show IPv6 routes of given address or prefix</help> + <completionHelp> + <list><h:h:h:h:h:h:h:h> <h:h:h:h:h:h:h:h/x></list> + </completionHelp> + </properties> + <children> + <node name="longer-prefixes"> + <properties> + <help>Show longer prefixes of routes for given address or prefix</help> + </properties> + <command>vtysh -c "show ipv6 route $4 longer-prefixes"</command> + </node> + </children> + <command>vtysh -c "show ipv6 route $4"</command> + </tagNode> + <node name="route"> + <properties> + <help>Show IPv6 routes</help> + </properties> + <command>vtysh -c "show ipv6 route"</command> + <children> + <node name="bgp"> + <properties> + <help>Show IPv6 BGP routes</help> + </properties> + <command>vtysh -c "show ipv6 route bgp"</command> + </node> + <node name="connected"> + <properties> + <help>Show IPv6 connected routes</help> + </properties> + <command>vtysh -c "show ipv6 route connected"</command> + </node> + <node name="isis"> + <properties> + <help>Show IPv6 IS-IS routes</help> + </properties> + <command>vtysh -c "show ipv6 route isis"</command> + </node> + <node name="kernel"> + <properties> + <help>Show IPv6 Kernel routes</help> + </properties> + <command>vtysh -c "show ipv6 route kernel"</command> + </node> + <node name="ospfv3"> + <properties> + <help>Show IPv6 OSPF routes</help> + </properties> + <command>vtysh -c "show ipv6 route ospf6"</command> + </node> + <node name="ripng"> + <properties> + <help>Show IPv6 RIPNG routes</help> + </properties> + <command>vtysh -c "show ipv6 route ripng"</command> + </node> + <node name="static"> + <properties> + <help>Show IPv6 static routes</help> + </properties> + <command>vtysh -c "show ipv6 route static"</command> + </node> + <node name="summary"> + <properties> + <help>Show IPv6 routes summary</help> + </properties> + <command>vtysh -c "show ipv6 route summary"</command> + </node> + <node name="table"> + <properties> + <help>Show IPv6 routes in policy tables</help> + </properties> + <command>vtysh -c "show ipv6 route table all"</command> + </node> + <tagNode name="table"> + <properties> + <help>Show IPv6 routes in specific policy table</help> + <completionHelp> + <path>protocols static table</path> + </completionHelp> + </properties> + <command>vtysh -c "show ipv6 route table $5"</command> + </tagNode> + <node name="vrf"> + <properties> + <help>Show IPv6 routes in VRFs</help> + </properties> + <command>vtysh -c "show ipv6 route vrf all"</command> + </node> + <tagNode name="vrf"> + <properties> + <help>Show IPv6 routes in specific VRF</help> + <completionHelp> + <path>vrf name</path> + </completionHelp> + </properties> + <command>vtysh -c "show ipv6 route vrf $5"</command> + </tagNode> + </children> + </node> + </children> + </node> + </children> + </node> +</interfaceDefinition> diff --git a/op-mode-definitions/show-ipv6.xml b/op-mode-definitions/show-ipv6.xml index 357e4e979..a59c8df0c 100644 --- a/op-mode-definitions/show-ipv6.xml +++ b/op-mode-definitions/show-ipv6.xml @@ -22,195 +22,6 @@ </properties> <command>vtysh -c "show ipv6 access-list $4"</command> </tagNode> - <node name="bgp"> - <properties> - <help>Show Border Gateway Protocol (BGP) information</help> - </properties> - <command>vtysh -c "show bgp ipv6"</command> - <children> - <leafNode name="summary"> - <properties> - <help>Show summary of BGP neighbor status</help> - </properties> - <command>vtysh -c "show bgp ipv6 summary"</command> - </leafNode> - <tagNode name="regexp"> - <properties> - <help>Show routes matching AS path regular expression</help> - </properties> - <command>vtysh -c "show bgp ipv6 regexp $5"</command> - </tagNode> - <tagNode name="prefix-list"> - <properties> - <help>Show routes matching the IPv6 prefix-list name</help> - <completionHelp> - <path>policy prefix-list6</path> - </completionHelp> - </properties> - <command>vtysh -c "show bgp ipv6 prefix-list $5"</command> - </tagNode> - <tagNode name="neighbors"> - <properties> - <help>Show detailed information on TCP and BGP neighbor connections for given address</help> - <completionHelp> - <script>vtysh -c "show bgp ipv6 summary" | awk '{print $1}' | grep -oE "\b([0-9a-f]{1,4}\:{0,2}){0,20}\b"</script> - </completionHelp> - </properties> - <command>vtysh -c "show bgp ipv6 neighbor $5"</command> - <children> - <leafNode name="advertised-routes"> - <properties> - <help>Show routes advertised to a BGP neighbor</help> - </properties> - <command>vtysh -c "show bgp ipv6 neighbor $5 advertised-routes"</command> - </leafNode> - <leafNode name="filtered-routes"> - <properties> - <help>Show routes filtered from a BGP neighbor</help> - </properties> - <command>vtysh -c "show bgp ipv6 neighbor $5 filtered-routes"</command> - </leafNode> - <leafNode name="dampened-routes"> - <properties> - <help>Show dampened routes received from BGP neighbor</help> - </properties> - <command>vtysh -c "show bgp ipv6 neighbor $5 dampened-routes"</command> - </leafNode> - <leafNode name="flap-statistics"> - <properties> - <help>Show flap statistics of the routes learned from BGP neighbor</help> - </properties> - <command>vtysh -c "show bgp ipv6 neighbor $5 flap-statistics"</command> - </leafNode> - <leafNode name="prefix-counts"> - <properties> - <help>Show detailed prefix count information for BGP neighbor</help> - </properties> - <command>vtysh -c "show bgp ipv6 neighbor $5 prefix-counts"</command> - </leafNode> - <node name="received"> - <properties> - <help>Show information received from BGP neighbor</help> - </properties> - <children> - <leafNode name="prefix-filter"> - <properties> - <help>Show prefixlist filter</help> - </properties> - <command>vtysh -c "show bgp ipv6 neighbor $5 received prefix-filter"</command> - </leafNode> - </children> - </node> - <leafNode name="received-routes"> - <properties> - <help>Show received routes from BGP neighbor</help> - </properties> - <command>vtysh -c "show bgp ipv6 neighbor $5 received-routes"</command> - </leafNode> - <leafNode name="routes"> - <properties> - <help>Show routes learned from BGP neighbor</help> - </properties> - <command>vtysh -c "show bgp ipv6 neighbor $5 routes"</command> - </leafNode> - </children> - </tagNode> - <tagNode name="large-community"> - <properties> - <help>Show routes matching the large-community-list number or name</help> - </properties> - <command>vtysh -c "show bgp ipv6 large-community-list $5"</command> - <children> - <node name="exact-match"> - <properties> - <help>Show routes matching the large-community-list number or name</help> - </properties> - <command>vtysh -c "show bgp ipv6 large-community-list $5 exact-match"</command> - </node> - </children> - </tagNode> - <tagNode name="large-community-list"> - <properties> - <help>Show routes matching the large-community-list number or name</help> - </properties> - <command>vtysh -c "show bgp ipv6 large-community-list $5"</command> - <children> - <node name="exact-match"> - <properties> - <help>Show routes matching the large-community-list number or name</help> - </properties> - <command>vtysh -c "show bgp ipv6 large-community-list $5 exact-match"</command> - </node> - </children> - </tagNode> - <tagNode name="filter-list"> - <properties> - <help>Show routes conforming to regular expression access list name</help> - </properties> - <command>vtysh -c "show bgp ipv6 filter-list $5"</command> - </tagNode> - <tagNode name="community"> - <properties> - <help>Show BGP information for specified community number</help> - <completionHelp> - <list><AA:NN> local-AS no-advertise no-export</list> - </completionHelp> - </properties> - <command>vtysh -c "show bgp ipv6 community $5"</command> - <children> - <node name="exact-match"> - <properties> - <help>Show routes from community that exactly matches the community number</help> - </properties> - <command>vtysh -c "show bgp ipv6 community $5 exact-match"</command> - </node> - </children> - </tagNode> - <tagNode name="community-list"> - <properties> - <help>Show routes matching the community-list number or name</help> - </properties> - <command>vtysh -c "show bgp ipv6 community-list $5"</command> - <children> - <node name="exact-match"> - <properties> - <help>Show routes exactly matching the community-list name or number</help> - </properties> - <command>vtysh -c "show bgp ipv6 community-list $5 exact-match"</command> - </node> - </children> - </tagNode> - <tagNode name="route-map"> - <properties> - <help>Show BGP routes matching the specified route map</help> - <completionHelp> - <path>policy route-map</path> - </completionHelp> - </properties> - <command>vtysh -c "show bgp ipv6 route-map $5"</command> - </tagNode> - </children> - </node> - <tagNode name="bgp"> - <properties> - <help>Show BGP information for specified IP address or prefix</help> - <completionHelp> - <list><h:h:h:h:h:h:h:h> <h:h:h:h:h:h:h:h/x></list> - </completionHelp> - </properties> - <command>vtysh -c "show bgp ipv6 $4"</command> - <children> - <node name="longer-prefixes"> - <properties> - <help>Show route and more specific routes</help> - <completionHelp> - <list><h:h:h:h:h:h:h:h> <h:h:h:h:h:h:h:h/x></list> - </completionHelp> - </properties> - <command>vtysh -c "show bgp ipv6 $4 longer-prefixes"</command> - </node> - </children> - </tagNode> <node name="forwarding"> <properties> <help>Show IPv6 forwarding status</help> @@ -231,187 +42,6 @@ </node> </children> </node> - <node name="prefix-list"> - <properties> - <help>Show IPv6 prefix-lists</help> - </properties> - <command>vtysh -c "show ipv6 prefix-list"</command> - <children> - <node name="detail"> - <properties> - <help>Show detail of IPv6 prefix-lists</help> - </properties> - <command>vtysh -c "show ipv6 prefix-list detail"</command> - </node> - <tagNode name="detail"> - <properties> - <help>Show detail of specified IPv6 prefix-list</help> - </properties> - <command>vtysh -c "show ipv6 prefix-list detail $5"</command> - </tagNode> - <node name="summary"> - <properties> - <help>Show summary of IPv6 prefix-lists</help> - </properties> - <command>vtysh -c "show ipv6 prefix-list summary"</command> - </node> - <tagNode name="summary"> - <properties> - <help>Show summary of specified IPv6 prefix-list</help> - </properties> - <command>vtysh -c "show ipv6 prefix-list summary $5"</command> - </tagNode> - </children> - </node> - <tagNode name="prefix-list"> - <properties> - <help>Show specified IPv6 prefix-list</help> - <completionHelp> - <list>WORD</list> - </completionHelp> - </properties> - <command>vtysh -c "show ipv6 prefix-list $4"</command> - <children> - <node name="node.tag"> - <properties> - <help>Show select prefix of specified IPv6 prefix-list</help> - <completionHelp> - <list><h:h:h:h:h:h:h:h/x></list> - </completionHelp> - </properties> - <command>vtysh -c "show ipv6 prefix-list $4 $5"</command> - <children> - <node name="first-match"> - <properties> - <help>Show first-match from select prefix of named IPv6 prefix-list</help> - </properties> - <command>vtysh -c "show ipv6 prefix-list $4 $5 first-match"</command> - </node> - <node name="longer"> - <properties> - <help>Show longer match of select prefix from named IPv6 prefix-list</help> - </properties> - <command>vtysh -c "show ipv6 prefix-list $4 $5 longer"</command> - </node> - </children> - </node> - <node name="seq"> - <properties> - <help>Show specified sequence from specified IPv6 prefix-list</help> - </properties> - <command>vtysh -c "show ipv6 prefix-list $4 seq"</command> - </node> - <tagNode name="seq"> - <properties> - <help>Show specified sequence from specified IPv6 prefix-list</help> - </properties> - <command>vtysh -c "show ipv6 prefix-list $4 seq $6"</command> - </tagNode> - </children> - </tagNode> - <tagNode name="route"> - <properties> - <help>Show IPv6 routes of given address or prefix</help> - <completionHelp> - <list><h:h:h:h:h:h:h:h> <h:h:h:h:h:h:h:h/x></list> - </completionHelp> - </properties> - <children> - <node name="longer-prefixes"> - <properties> - <help>Show longer prefixes of routes for given address or prefix</help> - </properties> - <command>vtysh -c "show ipv6 route $4 longer-prefixes"</command> - </node> - </children> - <command>vtysh -c "show ipv6 route $4"</command> - </tagNode> - <node name="route"> - <properties> - <help>Show IPv6 routes</help> - </properties> - <command>vtysh -c "show ipv6 route"</command> - <children> - <node name="bgp"> - <properties> - <help>Show IPv6 BGP routes</help> - </properties> - <command>vtysh -c "show ipv6 route bgp"</command> - </node> - <node name="connected"> - <properties> - <help>Show IPv6 connected routes</help> - </properties> - <command>vtysh -c "show ipv6 route connected"</command> - </node> - <node name="isis"> - <properties> - <help>Show IPv6 IS-IS routes</help> - </properties> - <command>vtysh -c "show ipv6 route isis"</command> - </node> - <node name="kernel"> - <properties> - <help>Show IPv6 Kernel routes</help> - </properties> - <command>vtysh -c "show ipv6 route kernel"</command> - </node> - <node name="ospfv3"> - <properties> - <help>Show IPv6 OSPF routes</help> - </properties> - <command>vtysh -c "show ipv6 route ospf6"</command> - </node> - <node name="ripng"> - <properties> - <help>Show IPv6 RIPNG routes</help> - </properties> - <command>vtysh -c "show ipv6 route ripng"</command> - </node> - <node name="static"> - <properties> - <help>Show IPv6 static routes</help> - </properties> - <command>vtysh -c "show ipv6 route static"</command> - </node> - <node name="summary"> - <properties> - <help>Show IPv6 routes summary</help> - </properties> - <command>vtysh -c "show ipv6 route summary"</command> - </node> - <node name="table"> - <properties> - <help>Show IPv6 routes in policy tables</help> - </properties> - <command>vtysh -c "show ipv6 route table all"</command> - </node> - <tagNode name="table"> - <properties> - <help>Show IPv6 routes in specific policy table</help> - <completionHelp> - <path>protocols static table</path> - </completionHelp> - </properties> - <command>vtysh -c "show ipv6 route table $5"</command> - </tagNode> - <node name="vrf"> - <properties> - <help>Show IPv6 routes in VRFs</help> - </properties> - <command>vtysh -c "show ipv6 route vrf all"</command> - </node> - <tagNode name="vrf"> - <properties> - <help>Show IPv6 routes in specific VRF</help> - <completionHelp> - <path>vrf name</path> - </completionHelp> - </properties> - <command>vtysh -c "show ipv6 route vrf $5"</command> - </tagNode> - </children> - </node> </children> </node> </children> diff --git a/python/vyos/configverify.py b/python/vyos/configverify.py index 96eeb6bb1..a425ca671 100644 --- a/python/vyos/configverify.py +++ b/python/vyos/configverify.py @@ -99,6 +99,20 @@ def verify_eapol(config): raise ConfigError('Both cert and key-file must be specified '\ 'when using EAPoL!') +def verify_mirror(config): + """ + Common helper function used by interface implementations to perform + recurring validation of mirror interface configuration. + + It makes no sense to mirror traffic back at yourself! + """ + if 'mirror' in config: + for direction, mirror_interface in config['mirror'].items(): + if mirror_interface == config['ifname']: + raise ConfigError(f'Can not mirror "{direction}" traffic back ' \ + 'the originating interface!') + + def verify_address(config): """ Common helper function used by interface implementations to perform diff --git a/python/vyos/ifconfig/interface.py b/python/vyos/ifconfig/interface.py index 163ab2f6a..35a964110 100644 --- a/python/vyos/ifconfig/interface.py +++ b/python/vyos/ifconfig/interface.py @@ -1019,7 +1019,7 @@ class Interface(Control): if 'is_mirror_intf' in self._config: source_if = next(iter(self._config['is_mirror_intf'])) - config = self._config['is_mirror_intf'][source_if] + config = self._config['is_mirror_intf'][source_if].get('mirror', None) # Remove existing mirroring rules delete_tc_cmd = f'tc qdisc del dev {source_if} handle ffff: ingress; ' diff --git a/python/vyos/validate.py b/python/vyos/validate.py index acd6086ff..23e88b5ac 100644 --- a/python/vyos/validate.py +++ b/python/vyos/validate.py @@ -13,9 +13,6 @@ # You should have received a copy of the GNU Lesser General Public # License along with this library. If not, see <http://www.gnu.org/licenses/>. -import netifaces -from vyos.util import cmd - # Important note when you are adding new validation functions: # # The Control class will analyse the signature of the function in this file @@ -59,6 +56,9 @@ def _is_intf_addr_assigned(intf, address, netmask=''): address 192.0.2.1/24. """ from vyos.template import is_ipv4 + from netifaces import ifaddresses + from netifaces import AF_INET + from netifaces import AF_INET6 # check if the requested address type is configured at all # { @@ -67,13 +67,13 @@ def _is_intf_addr_assigned(intf, address, netmask=''): # 10: [{'addr': 'fe80::a00:27ff:fed9:5b04%eth0', 'netmask': 'ffff:ffff:ffff:ffff::'}] # } try: - ifaces = netifaces.ifaddresses(intf) + ifaces = ifaddresses(intf) except ValueError as e: print(e) return False # determine IP version (AF_INET or AF_INET6) depending on passed address - addr_type = netifaces.AF_INET if is_ipv4(address) else netifaces.AF_INET6 + addr_type = AF_INET if is_ipv4(address) else AF_INET6 # Check every IP address on this interface for a match for ip in ifaces.get(addr_type,[]): @@ -103,8 +103,8 @@ def is_addr_assigned(addr): """ Verify if the given IPv4/IPv6 address is assigned to any interface """ - - for intf in netifaces.interfaces(): + from netifaces import interfaces + for intf in interfaces(): tmp = is_intf_addr_assigned(intf, addr) if tmp == True: return True @@ -129,28 +129,34 @@ def is_subnet_connected(subnet, primary=False): """ from ipaddress import ip_address from ipaddress import ip_network + + from netifaces import ifaddresses + from netifaces import interfaces + from netifaces import AF_INET + from netifaces import AF_INET6 + from vyos.template import is_ipv6 # determine IP version (AF_INET or AF_INET6) depending on passed address - addr_type = netifaces.AF_INET + addr_type = AF_INET if is_ipv6(subnet): - addr_type = netifaces.AF_INET6 + addr_type = AF_INET6 - for interface in netifaces.interfaces(): + for interface in interfaces(): # check if the requested address type is configured at all - if addr_type not in netifaces.ifaddresses(interface).keys(): + if addr_type not in ifaddresses(interface).keys(): continue # An interface can have multiple addresses, but some software components # only support the primary address :( if primary: - ip = netifaces.ifaddresses(interface)[addr_type][0]['addr'] + ip = ifaddresses(interface)[addr_type][0]['addr'] if ip_address(ip) in ip_network(subnet): return True else: # Check every assigned IP address if it is connected to the subnet # in question - for ip in netifaces.ifaddresses(interface)[addr_type]: + for ip in ifaddresses(interface)[addr_type]: # remove interface extension (e.g. %eth0) that gets thrown on the end of _some_ addrs addr = ip['addr'].split('%')[0] if ip_address(addr) in ip_network(subnet): @@ -190,6 +196,7 @@ def assert_mtu(mtu, ifname): assert_number(mtu) import json + from vyos.util import cmd out = cmd(f'ip -j -d link show dev {ifname}') # [{"ifindex":2,"ifname":"eth0","flags":["BROADCAST","MULTICAST","UP","LOWER_UP"],"mtu":1500,"qdisc":"pfifo_fast","operstate":"UP","linkmode":"DEFAULT","group":"default","txqlen":1000,"link_type":"ether","address":"08:00:27:d9:5b:04","broadcast":"ff:ff:ff:ff:ff:ff","promiscuity":0,"min_mtu":46,"max_mtu":16110,"inet6_addr_gen_mode":"none","num_tx_queues":1,"num_rx_queues":1,"gso_max_size":65536,"gso_max_segs":65535}] parsed = json.loads(out)[0] diff --git a/smoketest/scripts/cli/base_interfaces_test.py b/smoketest/scripts/cli/base_interfaces_test.py index a784140f3..8ee5395d0 100644 --- a/smoketest/scripts/cli/base_interfaces_test.py +++ b/smoketest/scripts/cli/base_interfaces_test.py @@ -25,6 +25,7 @@ from netifaces import AF_INET6 from vyos.configsession import ConfigSession from vyos.ifconfig import Interface +from vyos.ifconfig import Section from vyos.util import read_file from vyos.util import cmd from vyos.util import dict_search @@ -32,6 +33,25 @@ from vyos.util import process_named_running from vyos.validate import is_intf_addr_assigned from vyos.validate import is_ipv6_link_local +def is_mirrored_to(interface, mirror_if, qdisc): + """ + Ask TC if we are mirroring traffic to a discrete interface. + + interface: source interface + mirror_if: destination where we mirror our data to + qdisc: must be ffff or 1 for ingress/egress + """ + if qdisc not in ['ffff', '1']: + raise ValueError() + + ret_val = False + tmp = cmd(f'tc -s -p filter ls dev {interface} parent {qdisc}: | grep mirred') + tmp = tmp.lower() + if mirror_if in tmp: + ret_val = True + return ret_val + + dhcp6c_config_file = '/run/dhcp6c/dhcp6c.{}.conf' def get_dhcp6c_config_value(interface, key): tmp = read_file(dhcp6c_config_file.format(interface)) @@ -56,25 +76,53 @@ class BasicInterfaceTest: _interfaces = [] _qinq_range = ['10', '20', '30'] _vlan_range = ['100', '200', '300', '2000'] + _test_addr = ['192.0.2.1/26', '192.0.2.255/31', '192.0.2.64/32', + '2001:db8:1::ffff/64', '2001:db8:101::1/112'] + + _mirror_interfaces = [] # choose IPv6 minimum MTU value for tests - this must always work _mtu = '1280' def setUp(self): self.session = ConfigSession(os.getpid()) - self._test_addr = ['192.0.2.1/26', '192.0.2.255/31', '192.0.2.64/32', - '2001:db8:1::ffff/64', '2001:db8:101::1/112'] - self._test_mtu = False - self._options = {} + # Setup mirror interfaces for SPAN (Switch Port Analyzer) + for span in self._mirror_interfaces: + section = Section.section(span) + self.session.set(['interfaces', section, span]) def tearDown(self): # Ethernet is handled in its derived class if 'ethernet' not in self._base_path: self.session.delete(self._base_path) + # Tear down mirror interfaces for SPAN (Switch Port Analyzer) + for span in self._mirror_interfaces: + section = Section.section(span) + self.session.delete(['interfaces', section, span]) + self.session.commit() del self.session + def test_span_mirror(self): + if not self._mirror_interfaces: + return None + + # Check the two-way mirror rules of ingress and egress + for mirror in self._mirror_interfaces: + for interface in self._interfaces: + self.session.set(self._base_path + [interface, 'mirror', 'ingress', mirror]) + self.session.set(self._base_path + [interface, 'mirror', 'egress', mirror]) + + self.session.commit() + + # Verify config + for mirror in self._mirror_interfaces: + for interface in self._interfaces: + self.assertTrue(is_mirrored_to(interface, mirror, 'ffff')) + self.assertTrue(is_mirrored_to(interface, mirror, '1')) + + def test_interface_description(self): # Check if description can be added to interface and # can be read back diff --git a/smoketest/scripts/cli/test_interfaces_bonding.py b/smoketest/scripts/cli/test_interfaces_bonding.py index d38e11a63..a35682b7c 100755 --- a/smoketest/scripts/cli/test_interfaces_bonding.py +++ b/smoketest/scripts/cli/test_interfaces_bonding.py @@ -26,17 +26,15 @@ from vyos.util import read_file class BondingInterfaceTest(BasicInterfaceTest.BaseTest): def setUp(self): - super().setUp() - - self._base_path = ['interfaces', 'bonding'] - self._interfaces = ['bond0'] self._test_mtu = True self._test_vlan = True self._test_qinq = True self._test_ipv6 = True - self._test_mirror = True - + self._base_path = ['interfaces', 'bonding'] + self._interfaces = ['bond0'] + self._mirror_interfaces = ['dum21354'] self._members = [] + # we need to filter out VLAN interfaces identified by a dot (.) # in their name - just in case! if 'TEST_ETH' in os.environ: @@ -50,6 +48,8 @@ class BondingInterfaceTest(BasicInterfaceTest.BaseTest): for member in self._members: self._options['bond0'].append(f'member interface {member}') + super().setUp() + def test_add_single_ip_address(self): super().test_add_single_ip_address() diff --git a/smoketest/scripts/cli/test_interfaces_bridge.py b/smoketest/scripts/cli/test_interfaces_bridge.py index 394d50025..7444701c1 100755 --- a/smoketest/scripts/cli/test_interfaces_bridge.py +++ b/smoketest/scripts/cli/test_interfaces_bridge.py @@ -28,17 +28,13 @@ from vyos.util import read_file class BridgeInterfaceTest(BasicInterfaceTest.BaseTest): def setUp(self): - super().setUp() - self._test_ipv6 = True self._test_vlan = True self._test_qinq = True - self._test_mirror = True - self._base_path = ['interfaces', 'bridge'] - self._interfaces = ['br0'] - + self._mirror_interfaces = ['dum21354'] self._members = [] + # we need to filter out VLAN interfaces identified by a dot (.) # in their name - just in case! if 'TEST_ETH' in os.environ: @@ -51,7 +47,9 @@ class BridgeInterfaceTest(BasicInterfaceTest.BaseTest): self._options['br0'] = [] for member in self._members: self._options['br0'].append(f'member interface {member}') + self._interfaces = list(self._options) + super().setUp() def test_add_remove_bridge_member(self): # Add member interfaces to bridge and set STP cost/priority @@ -188,5 +186,5 @@ class BridgeInterfaceTest(BasicInterfaceTest.BaseTest): self.session.delete(['interfaces', 'ethernet', member, 'vif', vif]) if __name__ == '__main__': - unittest.main(verbosity=2) + unittest.main(verbosity=2, failfast=True) diff --git a/smoketest/scripts/cli/test_interfaces_dummy.py b/smoketest/scripts/cli/test_interfaces_dummy.py index 97f5344ac..c482a6f0b 100755 --- a/smoketest/scripts/cli/test_interfaces_dummy.py +++ b/smoketest/scripts/cli/test_interfaces_dummy.py @@ -20,9 +20,9 @@ from base_interfaces_test import BasicInterfaceTest class DummyInterfaceTest(BasicInterfaceTest.BaseTest): def setUp(self): - super().setUp() self._base_path = ['interfaces', 'dummy'] self._interfaces = ['dum0', 'dum1', 'dum2'] + super().setUp() if __name__ == '__main__': unittest.main(verbosity=2) diff --git a/smoketest/scripts/cli/test_interfaces_ethernet.py b/smoketest/scripts/cli/test_interfaces_ethernet.py index 2d0a4827d..3c4796283 100755 --- a/smoketest/scripts/cli/test_interfaces_ethernet.py +++ b/smoketest/scripts/cli/test_interfaces_ethernet.py @@ -35,16 +35,13 @@ def get_wpa_supplicant_value(interface, key): class EthernetInterfaceTest(BasicInterfaceTest.BaseTest): def setUp(self): - super().setUp() - - self._base_path = ['interfaces', 'ethernet'] self._test_ip = True self._test_mtu = True self._test_vlan = True self._test_qinq = True self._test_ipv6 = True - self._test_mirror = True - self._interfaces = [] + self._base_path = ['interfaces', 'ethernet'] + self._mirror_interfaces = ['dum21354'] # we need to filter out VLAN interfaces identified by a dot (.) # in their name - just in case! @@ -66,6 +63,8 @@ class EthernetInterfaceTest(BasicInterfaceTest.BaseTest): mac = read_file(f'/sys/class/net/{interface}/address') self._macs[interface] = mac + super().setUp() + def tearDown(self): for interface in self._interfaces: diff --git a/smoketest/scripts/cli/test_interfaces_geneve.py b/smoketest/scripts/cli/test_interfaces_geneve.py index 7e0389a63..98f55210f 100755 --- a/smoketest/scripts/cli/test_interfaces_geneve.py +++ b/smoketest/scripts/cli/test_interfaces_geneve.py @@ -14,24 +14,20 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. -import os import unittest -from vyos.configsession import ConfigSession, ConfigSessionError +from vyos.configsession import ConfigSession from base_interfaces_test import BasicInterfaceTest - class GeneveInterfaceTest(BasicInterfaceTest.BaseTest): def setUp(self): - super().setUp() - self._base_path = ['interfaces', 'geneve'] self._options = { 'gnv0': ['vni 10', 'remote 127.0.1.1'], 'gnv1': ['vni 20', 'remote 127.0.1.2'], } self._interfaces = list(self._options) - + super().setUp() if __name__ == '__main__': unittest.main(verbosity=2) diff --git a/smoketest/scripts/cli/test_interfaces_l2tpv3.py b/smoketest/scripts/cli/test_interfaces_l2tpv3.py index be9565d00..c756bfdd5 100755 --- a/smoketest/scripts/cli/test_interfaces_l2tpv3.py +++ b/smoketest/scripts/cli/test_interfaces_l2tpv3.py @@ -15,7 +15,6 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. import json -import jmespath import unittest from base_interfaces_test import BasicInterfaceTest @@ -23,8 +22,6 @@ from vyos.util import cmd class GeneveInterfaceTest(BasicInterfaceTest.BaseTest): def setUp(self): - super().setUp() - self._base_path = ['interfaces', 'l2tpv3'] self._options = { 'l2tpeth10': ['local-ip 127.0.0.1', 'remote-ip 127.10.10.10', @@ -37,6 +34,7 @@ class GeneveInterfaceTest(BasicInterfaceTest.BaseTest): 'source-port 2020', 'destination-port 20202'], } self._interfaces = list(self._options) + super().setUp() def test_add_single_ip_address(self): super().test_add_single_ip_address() diff --git a/smoketest/scripts/cli/test_interfaces_pseudo_ethernet.py b/smoketest/scripts/cli/test_interfaces_pseudo_ethernet.py index c1711c5a3..85e5e70bd 100755 --- a/smoketest/scripts/cli/test_interfaces_pseudo_ethernet.py +++ b/smoketest/scripts/cli/test_interfaces_pseudo_ethernet.py @@ -19,22 +19,19 @@ import unittest from base_interfaces_test import BasicInterfaceTest class PEthInterfaceTest(BasicInterfaceTest.BaseTest): - def setUp(self): - super().setUp() - self._base_path = ['interfaces', 'pseudo-ethernet'] - self._test_ip = True self._test_ipv6 = True self._test_mtu = True self._test_vlan = True self._test_qinq = True - + self._base_path = ['interfaces', 'pseudo-ethernet'] self._options = { 'peth0': ['source-interface eth1'], 'peth1': ['source-interface eth1'], } self._interfaces = list(self._options) + super().setUp() if __name__ == '__main__': unittest.main(verbosity=2) diff --git a/smoketest/scripts/cli/test_interfaces_tunnel.py b/smoketest/scripts/cli/test_interfaces_tunnel.py index 45679e280..f7b7f99ca 100755 --- a/smoketest/scripts/cli/test_interfaces_tunnel.py +++ b/smoketest/scripts/cli/test_interfaces_tunnel.py @@ -62,11 +62,8 @@ def tunnel_conf(interface): class TunnelInterfaceTest(BasicInterfaceTest.BaseTest): def setUp(self): - super().setUp() - - self._base_path = ['interfaces', 'tunnel'] self._test_mtu = True - + self._base_path = ['interfaces', 'tunnel'] self.local_v4 = '192.0.2.1' self.local_v6 = '2001:db8::1' @@ -79,6 +76,7 @@ class TunnelInterfaceTest(BasicInterfaceTest.BaseTest): } self._interfaces = list(self._options) + super().setUp() def tearDown(self): self.session.delete(['interfaces', 'dummy', source_if]) diff --git a/smoketest/scripts/cli/test_interfaces_vxlan.py b/smoketest/scripts/cli/test_interfaces_vxlan.py index f41c180ad..a9b0fc5a1 100755 --- a/smoketest/scripts/cli/test_interfaces_vxlan.py +++ b/smoketest/scripts/cli/test_interfaces_vxlan.py @@ -21,8 +21,6 @@ from base_interfaces_test import BasicInterfaceTest class VXLANInterfaceTest(BasicInterfaceTest.BaseTest): def setUp(self): - super().setUp() - self._test_mtu = True self._base_path = ['interfaces', 'vxlan'] self._options = { @@ -30,6 +28,7 @@ class VXLANInterfaceTest(BasicInterfaceTest.BaseTest): 'vxlan1': ['vni 20', 'group 239.1.1.1', 'source-interface eth0'], } self._interfaces = list(self._options) + super().setUp() if __name__ == '__main__': unittest.main(verbosity=2) diff --git a/smoketest/scripts/cli/test_interfaces_wireless.py b/smoketest/scripts/cli/test_interfaces_wireless.py index 9d2f4ea59..ffaa7d523 100755 --- a/smoketest/scripts/cli/test_interfaces_wireless.py +++ b/smoketest/scripts/cli/test_interfaces_wireless.py @@ -33,8 +33,6 @@ def get_config_value(interface, key): class WirelessInterfaceTest(BasicInterfaceTest.BaseTest): def setUp(self): - super().setUp() - self._base_path = ['interfaces', 'wireless'] self._options = { 'wlan0': ['physical-device phy0', 'ssid VyOS-WIFI-0', @@ -47,6 +45,7 @@ class WirelessInterfaceTest(BasicInterfaceTest.BaseTest): 'type access-point', 'address 192.0.2.13/30', 'channel 0'], } self._interfaces = list(self._options) + super().setUp() def test_wireless_add_single_ip_address(self): # derived method to check if member interfaces are enslaved properly diff --git a/smoketest/scripts/cli/test_protocols_bgp.py b/smoketest/scripts/cli/test_protocols_bgp.py new file mode 100755 index 000000000..941d7828f --- /dev/null +++ b/smoketest/scripts/cli/test_protocols_bgp.py @@ -0,0 +1,221 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2021 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +import os +import unittest + +from vyos.configsession import ConfigSession +from vyos.configsession import ConfigSessionError +from vyos.util import cmd +from vyos.util import process_named_running + +PROCESS_NAME = 'bgpd' +ASN = '64512' +base_path = ['protocols', 'bgp', ASN] + +neighbor_config = { + '192.0.2.1' : { + 'remote_as' : '100', + 'adv_interv' : '400', + 'passive' : '', + 'password' : 'VyOS-Secure123', + 'shutdown' : '', + 'cap_over' : '', + 'ttl_security': '5', + }, + '192.0.2.2' : { + 'remote_as' : '200', + 'shutdown' : '', + 'no_cap_nego' : '', + 'port' : '667', + 'cap_strict' : '', + }, + '192.0.2.3' : { +# XXX: not available in current Perl backend +# 'description' : 'foo bar baz', + 'remote_as' : '200', + 'passive' : '', + 'multi_hop' : '5', + }, +} + +peer_group_config = { + 'foo' : { + 'remote_as' : '100', + 'passive' : '', + 'password' : 'VyOS-Secure123', + 'shutdown' : '', + 'cap_over' : '', +# XXX: not available in current Perl backend +# 'ttl_security': '5', + }, + 'bar' : { + 'remote_as' : '200', + 'shutdown' : '', + 'no_cap_nego' : '', + }, + 'baz' : { + 'remote_as' : '200', + 'passive' : '', + 'multi_hop' : '5', + }, +} + + +def getFRRBGPconfig(): + return cmd(f'vtysh -c "show run" | sed -n "/router bgp {ASN}/,/^!/p"') + +class TestProtocolsBGP(unittest.TestCase): + def setUp(self): + self.session = ConfigSession(os.getpid()) + + def tearDown(self): + self.session.delete(base_path) + self.session.commit() + del self.session + + def test_bgp_01_simple(self): + router_id = '127.0.0.1' + local_pref = '500' + + self.session.set(base_path + ['parameters', 'router-id', router_id]) + self.session.set(base_path + ['parameters', 'log-neighbor-changes']) + # Default local preference (higher=more preferred) + self.session.set(base_path + ['parameters', 'default', 'local-pref', local_pref]) + # Deactivate IPv4 unicast for a peer by default + self.session.set(base_path + ['parameters', 'default', 'no-ipv4-unicast']) + + # commit changes + self.session.commit() + + # Verify FRR bgpd configuration + frrconfig = getFRRBGPconfig() + self.assertIn(f'router bgp {ASN}', frrconfig) + self.assertIn(f' bgp router-id {router_id}', frrconfig) + self.assertIn(f' bgp log-neighbor-changes', frrconfig) + self.assertIn(f' bgp default local-preference {local_pref}', frrconfig) + self.assertIn(f' no bgp default ipv4-unicast', frrconfig) + + # Check for running process + self.assertTrue(process_named_running(PROCESS_NAME)) + + def test_bgp_02_neighbors(self): + for neighbor, config in neighbor_config.items(): + if 'remote_as' in config: + self.session.set(base_path + ['neighbor', neighbor, 'remote-as', config["remote_as"]]) + if 'description' in config: + self.session.set(base_path + ['neighbor', neighbor, 'description', config["description"]]) + if 'passive' in config: + self.session.set(base_path + ['neighbor', neighbor, 'passive']) + if 'password' in config: + self.session.set(base_path + ['neighbor', neighbor, 'password', config["password"]]) + if 'shutdown' in config: + self.session.set(base_path + ['neighbor', neighbor, 'shutdown']) + if 'adv_interv' in config: + self.session.set(base_path + ['neighbor', neighbor, 'advertisement-interval', config["adv_interv"]]) + if 'no_cap_nego' in config: + self.session.set(base_path + ['neighbor', neighbor, 'disable-capability-negotiation']) + if 'port' in config: + self.session.set(base_path + ['neighbor', neighbor, 'port', config["port"]]) + if 'multi_hop' in config: + self.session.set(base_path + ['neighbor', neighbor, 'ebgp-multihop', config["multi_hop"]]) + if 'cap_over' in config: + self.session.set(base_path + ['neighbor', neighbor, 'override-capability']) + if 'cap_strict' in config: + self.session.set(base_path + ['neighbor', neighbor, 'strict-capability-match']) + if 'ttl_security' in config: + self.session.set(base_path + ['neighbor', neighbor, 'ttl-security', 'hops', config["ttl_security"]]) + + # commit changes + self.session.commit() + + # Verify FRR bgpd configuration + frrconfig = getFRRBGPconfig() + self.assertIn(f'router bgp {ASN}', frrconfig) + + for neighbor, config in neighbor_config.items(): + if 'remote_as' in config: + self.assertIn(f' neighbor {neighbor} remote-as {config["remote_as"]}', frrconfig) + if 'description' in config: + self.assertIn(f' neighbor {neighbor} description {config["description"]}', frrconfig) + if 'passive' in config: + self.assertIn(f' neighbor {neighbor} passive', frrconfig) + if 'password' in config: + self.assertIn(f' neighbor {neighbor} password {config["password"]}', frrconfig) + if 'shutdown' in config: + self.assertIn(f' neighbor {neighbor} shutdown', frrconfig) + if 'adv_interv' in config: + self.assertIn(f' neighbor {neighbor} advertisement-interval {config["adv_interv"]}', frrconfig) + if 'no_cap_nego' in config: + self.assertIn(f' neighbor {neighbor} dont-capability-negotiate', frrconfig) + if 'port' in config: + self.assertIn(f' neighbor {neighbor} port {config["port"]}', frrconfig) + if 'multi_hop' in config: + self.assertIn(f' neighbor {neighbor} ebgp-multihop {config["multi_hop"]}', frrconfig) + if 'cap_over' in config: + self.assertIn(f' neighbor {neighbor} override-capability', frrconfig) + if 'cap_strict' in config: + self.assertIn(f' neighbor {neighbor} strict-capability-match', frrconfig) + if 'ttl_security' in config: + self.assertIn(f' neighbor {neighbor} ttl-security hops {config["ttl_security"]}', frrconfig) + + def test_bgp_03_peer_groups(self): + for peer_group, config in peer_group_config.items(): + self.session.set(base_path + ['peer-group', peer_group, 'remote-as', config["remote_as"]]) + if 'passive' in config: + self.session.set(base_path + ['peer-group', peer_group, 'passive']) + if 'password' in config: + self.session.set(base_path + ['peer-group', peer_group, 'password', config["password"]]) + if 'shutdown' in config: + self.session.set(base_path + ['peer-group', peer_group, 'shutdown']) + if 'no_cap_nego' in config: + self.session.set(base_path + ['peer-group', peer_group, 'disable-capability-negotiation']) + if 'multi_hop' in config: + self.session.set(base_path + ['peer-group', peer_group, 'ebgp-multihop', config["multi_hop"]]) + if 'cap_over' in config: + self.session.set(base_path + ['peer-group', peer_group, 'override-capability']) + if 'ttl_security' in config: + self.session.set(base_path + ['peer-group', peer_group, 'ttl-security', 'hops', config["ttl_security"]]) + + # commit changes + self.session.commit() + + # Verify FRR bgpd configuration + frrconfig = getFRRBGPconfig() + self.assertIn(f'router bgp {ASN}', frrconfig) + + for peer_group, config in peer_group_config.items(): + self.assertIn(f' neighbor {peer_group} peer-group', frrconfig) + + if 'remote_as' in config: + self.assertIn(f' neighbor {peer_group} remote-as {config["remote_as"]}', frrconfig) + if 'passive' in config: + self.assertIn(f' neighbor {peer_group} passive', frrconfig) + if 'password' in config: + self.assertIn(f' neighbor {peer_group} password {config["password"]}', frrconfig) + if 'shutdown' in config: + self.assertIn(f' neighbor {peer_group} shutdown', frrconfig) + if 'no_cap_nego' in config: + self.assertIn(f' neighbor {peer_group} dont-capability-negotiate', frrconfig) + if 'multi_hop' in config: + self.assertIn(f' neighbor {peer_group} ebgp-multihop {config["multi_hop"]}', frrconfig) + if 'cap_over' in config: + self.assertIn(f' neighbor {peer_group} override-capability', frrconfig) + if 'ttl_security' in config: + self.assertIn(f' neighbor {peer_group} ttl-security hops {config["ttl_security"]}', frrconfig) + +if __name__ == '__main__': + unittest.main(verbosity=2) diff --git a/src/conf_mode/interfaces-ethernet.py b/src/conf_mode/interfaces-ethernet.py index ed6396acf..bc102826f 100755 --- a/src/conf_mode/interfaces-ethernet.py +++ b/src/conf_mode/interfaces-ethernet.py @@ -29,6 +29,7 @@ from vyos.configverify import verify_mtu_ipv6 from vyos.configverify import verify_vlan_config from vyos.configverify import verify_vrf from vyos.configverify import verify_eapol +from vyos.configverify import verify_mirror from vyos.ifconfig import EthernetIf from vyos.template import render from vyos.util import call @@ -74,6 +75,7 @@ def verify(ethernet): verify_address(ethernet) verify_vrf(ethernet) verify_eapol(ethernet) + verify_mirror(ethernet) ifname = ethernet['ifname'] # verify offloading capabilities diff --git a/src/op_mode/show_ipsec_sa.py b/src/op_mode/show_ipsec_sa.py index e319cc38d..b7927fcc2 100755 --- a/src/op_mode/show_ipsec_sa.py +++ b/src/op_mode/show_ipsec_sa.py @@ -107,5 +107,6 @@ for sa in sas: sa_data.append(data) headers = ["Connection", "State", "Uptime", "Bytes In/Out", "Packets In/Out", "Remote address", "Remote ID", "Proposal"] +sa_data = sorted(sa_data, key=lambda peer: peer[0]) output = tabulate.tabulate(sa_data, headers) print(output) |