2 files changed, 52 insertions, 6 deletions

diff --git a/python/vyos/ifconfig/interface.py b/python/vyos/ifconfig/interface.py
index edc99d6f7..91c7f0c33 100755
--- a/python/vyos/ifconfig/interface.py
+++ b/python/vyos/ifconfig/interface.py
@@ -37,6 +37,7 @@ from vyos.util import mac2eui64
 from vyos.util import dict_search
 from vyos.util import read_file
 from vyos.util import get_interface_config
+from vyos.util import get_interface_namespace
 from vyos.util import is_systemd_service_active
 from vyos.template import is_ipv4
 from vyos.template import is_ipv6
@@ -135,6 +136,9 @@ class Interface(Control):
             'validate': assert_mtu,
             'shellcmd': 'ip link set dev {ifname} mtu {value}',
         },
+        'netns': {
+            'shellcmd': 'ip link set dev {ifname} netns {value}',
+        },
         'vrf': {
             'convert': lambda v: f'master {v}' if v else 'nomaster',
             'shellcmd': 'ip link set dev {ifname} {value}',
@@ -512,6 +516,35 @@ class Interface(Control):
         if prev_state == 'up':
             self.set_admin_state('up')
 
+    def del_netns(self, netns):
+        """
+        Remove interface from given NETNS.
+        """
+
+        # If NETNS does not exist then there is nothing to delete
+        if not os.path.exists(f'/run/netns/{netns}'):
+            return None
+
+        # As a PoC we only allow 'dummy' interfaces
+        if 'dum' not in self.ifname:
+            return None
+
+        # Check if interface realy exists in namespace
+        if get_interface_namespace(self.ifname) != None:
+            self._cmd(f'ip netns exec {get_interface_namespace(self.ifname)} ip link del dev {self.ifname}')
+            return
+
+    def set_netns(self, netns):
+        """
+        Add interface from given NETNS.
+
+        Example:
+        >>> from vyos.ifconfig import Interface
+        >>> Interface('dum0').set_netns('foo')
+        """
+
+        self.set_interface('netns', netns)
+
     def set_vrf(self, vrf):
         """
         Add/Remove interface from given VRF instance.
@@ -1264,8 +1297,8 @@ class Interface(Control):
             source_if = next(iter(self._config['is_mirror_intf']))
             config = self._config['is_mirror_intf'][source_if].get('mirror', None)
 
-        # Check configuration stored by old perl code before delete T3782
-        if not 'redirect' in self._config:
+        # Check configuration stored by old perl code before delete T3782/T4056
+        if not 'redirect' in self._config and not 'traffic_policy' in self._config:
             # Please do not clear the 'set $? = 0 '. It's meant to force a return of 0
             # Remove existing mirroring rules
             delete_tc_cmd  = f'tc qdisc del dev {source_if} handle ffff: ingress 2> /dev/null;'
@@ -1346,6 +1379,16 @@ class Interface(Control):
             if mac:
                 self.set_mac(mac)
 
+        # If interface is connected to NETNS we don't have to check all other
+        # settings like MTU/IPv6/sysctl values, etc.
+        # Since the interface is pushed onto a separate logical stack
+        # Configure NETNS
+        if dict_search('netns', config) != None:
+            self.set_netns(config.get('netns', ''))
+            return
+        else:
+            self.del_netns(config.get('netns', ''))
+
         # Update interface description
         self.set_alias(config.get('description', ''))
 
diff --git a/python/vyos/ifconfig/vxlan.py b/python/vyos/ifconfig/vxlan.py
index d73fb47b8..0c5282db4 100644
--- a/python/vyos/ifconfig/vxlan.py
+++ b/python/vyos/ifconfig/vxlan.py
@@ -54,18 +54,21 @@ class VXLANIf(Interface):
         # arguments used by iproute2. For more information please refer to:
         # - https://man7.org/linux/man-pages/man8/ip-link.8.html
         mapping = {
-            'source_address'             : 'local',
-            'source_interface'           : 'dev',
-            'remote'                     : 'remote',
             'group'                      : 'group',
+            'external'                   : 'external',
+            'gpe'                        : 'gpe',
             'parameters.ip.dont_fragment': 'df set',
             'parameters.ip.tos'          : 'tos',
             'parameters.ip.ttl'          : 'ttl',
             'parameters.ipv6.flowlabel'  : 'flowlabel',
             'parameters.nolearning'      : 'nolearning',
+            'remote'                     : 'remote',
+            'source_address'             : 'local',
+            'source_interface'           : 'dev',
+            'vni'                        : 'id',
         }
 
-        cmd = 'ip link add {ifname} type {type} id {vni} dstport {port}'
+        cmd = 'ip link add {ifname} type {type} dstport {port}'
         for vyos_key, iproute2_key in mapping.items():
             # dict_search will return an empty dict "{}" for valueless nodes like
             # "parameters.nolearning" - thus we need to test the nodes existence