diff options
Diffstat (limited to 'data/templates')
-rw-r--r-- | data/templates/dhcp-client/ipv6.tmpl | 9 | ||||
-rw-r--r-- | data/templates/frr/bgp.frr.tmpl | 1 | ||||
-rw-r--r-- | data/templates/pppoe/ip-down.script.tmpl | 5 | ||||
-rw-r--r-- | data/templates/pppoe/ip-pre-up.script.tmpl | 1 | ||||
-rw-r--r-- | data/templates/pppoe/ip-up.script.tmpl | 14 | ||||
-rw-r--r-- | data/templates/pppoe/ipv6-up.script.tmpl | 45 | ||||
-rw-r--r-- | data/templates/ssh/sshd_config.tmpl | 1 |
7 files changed, 62 insertions, 14 deletions
diff --git a/data/templates/dhcp-client/ipv6.tmpl b/data/templates/dhcp-client/ipv6.tmpl index 6cfe24d3e..490f14726 100644 --- a/data/templates/dhcp-client/ipv6.tmpl +++ b/data/templates/dhcp-client/ipv6.tmpl @@ -10,7 +10,7 @@ interface {{ ifname }} { {% if not dhcpv6_temporary %} send ia-na 1; # non-temporary address {% endif %} -{% if dhcpv6_pd %} +{% if dhcpv6_pd_interfaces %} send ia-pd 2; # prefix delegation {% endif %} }; @@ -21,9 +21,12 @@ id-assoc na 1 { }; {% endif %} -{% if dhcpv6_pd %} +{% if dhcpv6_pd_interfaces %} id-assoc pd 2 { -{% for intf in dhcpv6_pd %} +{% if dhcpv6_pd_length %} + prefix ::/{{ dhcpv6_pd_length }} infinity; +{% endif %} +{% for intf in dhcpv6_pd_interfaces %} prefix-interface {{ intf.ifname }} { {% if intf.sla_id %} sla-id {{ intf.sla_id }}; diff --git a/data/templates/frr/bgp.frr.tmpl b/data/templates/frr/bgp.frr.tmpl new file mode 100644 index 000000000..cd6f31c93 --- /dev/null +++ b/data/templates/frr/bgp.frr.tmpl @@ -0,0 +1 @@ +!
diff --git a/data/templates/pppoe/ip-down.script.tmpl b/data/templates/pppoe/ip-down.script.tmpl index fe8fd7584..9e6bd2a8e 100644 --- a/data/templates/pppoe/ip-down.script.tmpl +++ b/data/templates/pppoe/ip-down.script.tmpl @@ -25,9 +25,12 @@ fi # Always delete default route when interface goes down vtysh -c "conf t" ${VRF_NAME} -c "no ip route 0.0.0.0/0 {{ intf }} ${VRF_NAME}" +{% if ipv6_enable %} +vtysh -c "conf t" ${VRF_NAME} -c "no ipv6 route ::/0 {{ intf }} ${VRF_NAME}" +{% endif %} {% endif %} -{% if dhcpv6_pd %} +{% if dhcpv6_pd_interfaces %} # Start wide dhcpv6 client systemctl stop dhcp6c@{{ intf }}.service {% endif %} diff --git a/data/templates/pppoe/ip-pre-up.script.tmpl b/data/templates/pppoe/ip-pre-up.script.tmpl index 9a7ba7d57..6a2d2af94 100644 --- a/data/templates/pppoe/ip-pre-up.script.tmpl +++ b/data/templates/pppoe/ip-pre-up.script.tmpl @@ -2,7 +2,6 @@ # As PPPoE is an "on demand" interface we need to re-configure it when it # becomes up - if [ "$6" != "{{ intf }}" ]; then exit fi diff --git a/data/templates/pppoe/ip-up.script.tmpl b/data/templates/pppoe/ip-up.script.tmpl index 697ebcc20..a274296b6 100644 --- a/data/templates/pppoe/ip-up.script.tmpl +++ b/data/templates/pppoe/ip-up.script.tmpl @@ -7,13 +7,14 @@ if [ "$6" != "{{ intf }}" ]; then fi {% if not on_demand %} -# See https://phabricator.vyos.net/T2248 & T2220. Determine if we are enslaved -# to a VRF, this is needed to properly insert the default route. - # add some info to syslog DIALER_PID=$(cat /var/run/{{ intf }}.pid) logger -t pppd[$DIALER_PID] "executing $0" +{% if default_route != 'none' -%} +# See https://phabricator.vyos.net/T2248 & T2220. Determine if we are enslaved +# to a VRF, this is needed to properly insert the default route. + SED_OPT="^ip route" VRF_NAME="" if [ -d /sys/class/net/{{ intf }}/upper_* ]; then @@ -27,21 +28,22 @@ if [ -d /sys/class/net/{{ intf }}/upper_* ]; then VRF_NAME="vrf ${VRF}" fi -{% if 'auto' in default_route -%} +{% if default_route == 'auto' -%} # Only insert a new default route if there is no default route configured routes=$(vtysh -c "show running-config" | sed -n "/${SED_OPT}/,/!/p" | grep 0.0.0.0/0 | wc -l) if [ "$routes" -ne 0 ]; then exit 1 fi -{% elif 'force' in default_route -%} +{% elif default_route == 'force' -%} # Retrieve current static default routes and remove it from the routing table vtysh -c "show running-config" | sed -n "/${SED_OPT}/,/!/p" | grep 0.0.0.0/0 | while read route ; do vtysh -c "conf t" ${VTY_OPT} -c "no ${route} ${VRF_NAME}" done -{% endif %} +{% endif %} # Add default route to default or VRF routing table vtysh -c "conf t" ${VTY_OPT} -c "ip route 0.0.0.0/0 {{ intf }} ${VRF_NAME}" logger -t pppd[$DIALER_PID] "added default route via {{ intf }} ${VRF_NAME}" +{% endif %} {% endif %} diff --git a/data/templates/pppoe/ipv6-up.script.tmpl b/data/templates/pppoe/ipv6-up.script.tmpl index 90873229a..097f1d4c3 100644 --- a/data/templates/pppoe/ipv6-up.script.tmpl +++ b/data/templates/pppoe/ipv6-up.script.tmpl @@ -7,6 +7,8 @@ if [ "$6" != "{{ intf }}" ]; then exit fi +set -x + {% if ipv6_autoconf -%} # add some info to syslog DIALER_PID=$(cat /var/run/{{ intf }}.pid) @@ -37,10 +39,49 @@ echo 1 > /proc/sys/net/ipv6/conf/{{ intf }}/forwarding echo 2 > /proc/sys/net/ipv6/conf/{{ intf }}/accept_ra # Autoconfigure addresses using Prefix Information in Router Advertisements. -echo 1 > /proc/sys/net/ipv6/conf/{{ intf }}/autoconfigure +echo 1 > /proc/sys/net/ipv6/conf/{{ intf }}/autoconf {% endif %} -{% if dhcpv6_pd %} +{% if dhcpv6_pd_interfaces %} # Start wide dhcpv6 client systemctl start dhcp6c@{{ intf }}.service {% endif %} + + +{% if default_route != 'none' -%} +# See https://phabricator.vyos.net/T2248 & T2220. Determine if we are enslaved +# to a VRF, this is needed to properly insert the default route. + +SED_OPT="^ipv6 route" +VRF_NAME="" +if [ -d /sys/class/net/{{ intf }}/upper_* ]; then + # Determine upper (VRF) interface + VRF=$(basename $(ls -d /sys/class/net/{{ intf }}/upper_*)) + # Remove upper_ prefix from result string + VRF=${VRF#"upper_"} + # generate new SED command + SED_OPT="vrf ${VRF}" + # generate vtysh option + VRF_NAME="vrf ${VRF}" +fi + +{% if default_route == 'auto' -%} +# Only insert a new default route if there is no default route configured +routes=$(vtysh -c "show running-config" | sed -n "/${SED_OPT}/,/!/p" | grep ::/0 | wc -l) +if [ "$routes" -ne 0 ]; then + exit 1 +fi + +{% elif default_route == 'force' -%} +# Retrieve current static default routes and remove it from the routing table +vtysh -c "show running-config" | sed -n "/${SED_OPT}/,/!/p" | grep ::/0 | while read route ; do + vtysh -c "conf t" ${VTY_OPT} -c "no ${route} ${VRF_NAME}" +done +{% endif %} + +# Add default route to default or VRF routing table +vtysh -c "conf t" ${VTY_OPT} -c "ipv6 route ::/0 {{ intf }} ${VRF_NAME}" +logger -t pppd[$DIALER_PID] "added default route via {{ intf }} ${VRF_NAME}" +{% endif %} + + diff --git a/data/templates/ssh/sshd_config.tmpl b/data/templates/ssh/sshd_config.tmpl index 5deb5232a..949a8558f 100644 --- a/data/templates/ssh/sshd_config.tmpl +++ b/data/templates/ssh/sshd_config.tmpl @@ -22,7 +22,6 @@ TCPKeepAlive yes Banner /etc/issue.net Subsystem sftp /usr/lib/openssh/sftp-server UsePAM yes -HostKey /etc/ssh/ssh_host_rsa_key # Specifies whether sshd should look up the remote host name, # and to check that the resolved host name for the remote IP |