diff options
Diffstat (limited to 'src/conf_mode/interfaces-bonding.py')
-rwxr-xr-x | src/conf_mode/interfaces-bonding.py | 100 |
1 files changed, 64 insertions, 36 deletions
diff --git a/src/conf_mode/interfaces-bonding.py b/src/conf_mode/interfaces-bonding.py index 6cdfb764c..32aa2826b 100755 --- a/src/conf_mode/interfaces-bonding.py +++ b/src/conf_mode/interfaces-bonding.py @@ -21,9 +21,11 @@ from sys import exit from netifaces import interfaces from vyos.ifconfig import BondIf -from vyos.ifconfig_vlan import apply_vlan_config +from vyos.ifconfig_vlan import apply_vlan_config, verify_vlan_config from vyos.configdict import list_diff, vlan_to_dict from vyos.config import Config +from vyos.util import is_bridge_member +from vyos.util import call from vyos import ConfigError default_config_data = { @@ -48,6 +50,10 @@ default_config_data = { 'ip_enable_arp_ignore': 0, 'ip_proxy_arp': 0, 'ip_proxy_arp_pvlan': 0, + 'ipv6_autoconf': 0, + 'ipv6_eui64_prefix': '', + 'ipv6_forwarding': 1, + 'ipv6_dup_addr_detect': 1, 'intf': '', 'mac': '', 'mode': '802.3ad', @@ -58,7 +64,8 @@ default_config_data = { 'vif_s': [], 'vif_s_remove': [], 'vif': [], - 'vif_remove': [] + 'vif_remove': [], + 'vrf': '' } @@ -85,7 +92,7 @@ def get_config(): if not os.path.isfile('/sys/class/net/bonding_masters'): import syslog syslog.syslog(syslog.LOG_NOTICE, "loading bonding kernel module") - if os.system('modprobe bonding max_bonds=0 miimon=250') != 0: + if call('modprobe bonding max_bonds=0 miimon=250') != 0: syslog.syslog(syslog.LOG_NOTICE, "failed loading bonding kernel module") raise ConfigError("failed loading bonding kernel module") @@ -93,10 +100,10 @@ def get_config(): conf = Config() # determine tagNode instance - try: - bond['intf'] = os.environ['VYOS_TAGNODE_VALUE'] - except KeyError as E: - print("Interface not specified") + if 'VYOS_TAGNODE_VALUE' not in os.environ: + raise ConfigError('Interface (VYOS_TAGNODE_VALUE) not specified') + + bond['intf'] = os.environ['VYOS_TAGNODE_VALUE'] # check if bond has been removed cfg_base = 'interfaces bonding ' + bond['intf'] @@ -188,6 +195,22 @@ def get_config(): if conf.exists('ip proxy-arp-pvlan'): bond['ip_proxy_arp_pvlan'] = 1 + # Enable acquisition of IPv6 address using stateless autoconfig (SLAAC) + if conf.exists('ipv6 address autoconf'): + bond['ipv6_autoconf'] = 1 + + # Get prefix for IPv6 addressing based on MAC address (EUI-64) + if conf.exists('ipv6 address eui64'): + bond['ipv6_eui64_prefix'] = conf.return_value('ipv6 address eui64') + + # Disable IPv6 forwarding on this interface + if conf.exists('ipv6 disable-forwarding'): + bond['ipv6_forwarding'] = 0 + + # IPv6 Duplicate Address Detection (DAD) tries + if conf.exists('ipv6 dup-addr-detect-transmits'): + bond['ipv6_dup_addr_detect'] = int(conf.return_value('ipv6 dup-addr-detect-transmits')) + # Media Access Control (MAC) address if conf.exists('mac'): bond['mac'] = conf.return_value('mac') @@ -221,8 +244,10 @@ def get_config(): if conf.exists('primary'): bond['primary'] = conf.return_value('primary') - # re-set configuration level to parse new nodes - conf.set_level(cfg_base) + # retrieve VRF instance + if conf.exists('vrf'): + bond['vrf'] = conf.return_value('vrf') + # get vif-s interfaces (currently effective) - to determine which vif-s # interface is no longer present and needs to be removed eff_intf = conf.list_effective_nodes('vif-s') @@ -253,38 +278,30 @@ def get_config(): def verify(bond): + if bond['deleted']: + interface = bond['intf'] + is_member, bridge = is_bridge_member(interface) + if is_member: + # can not use a f'' formatted-string here as bridge would not get + # expanded in the print statement + raise ConfigError('Can not delete interface "{0}" as it ' \ + 'is a member of bridge "{1}"!'.format(interface, bridge)) + return None + if len (bond['arp_mon_tgt']) > 16: raise ConfigError('The maximum number of targets that can be specified is 16') if bond['primary']: if bond['mode'] not in ['active-backup', 'balance-tlb', 'balance-alb']: raise ConfigError('Mode dependency failed, primary not supported ' \ - 'in this mode.'.format()) - - if bond['primary'] not in bond['member']: - raise ConfigError('Interface "{}" is not part of the bond' \ - .format(bond['primary'])) - - - # DHCPv6 parameters-only and temporary address are mutually exclusive - for vif_s in bond['vif_s']: - if vif_s['dhcpv6_prm_only'] and vif_s['dhcpv6_temporary']: - raise ConfigError('DHCPv6 temporary and parameters-only options are mutually exclusive!') + 'in mode "{}"!'.format(bond['mode'])) - for vif_c in vif_s['vif_c']: - if vif_c['dhcpv6_prm_only'] and vif_c['dhcpv6_temporary']: - raise ConfigError('DHCPv6 temporary and parameters-only options are mutually exclusive!') - - for vif in bond['vif']: - if vif['dhcpv6_prm_only'] and vif['dhcpv6_temporary']: - raise ConfigError('DHCPv6 temporary and parameters-only options are mutually exclusive!') - - - for vif_s in bond['vif_s']: - for vif in bond['vif']: - if vif['id'] == vif_s['id']: - raise ConfigError('Can not use identical ID on vif and vif-s interface') + vrf_name = bond['vrf'] + if vrf_name and vrf_name not in interfaces(): + raise ConfigError(f'VRF "{vrf_name}" does not exist') + # use common function to verify VLAN configuration + verify_vlan_config(bond) conf = Config() for intf in bond['member']: @@ -427,6 +444,14 @@ def apply(bond): b.set_proxy_arp(bond['ip_proxy_arp']) # Enable private VLAN proxy ARP on this interface b.set_proxy_arp_pvlan(bond['ip_proxy_arp_pvlan']) + # IPv6 address autoconfiguration + b.set_ipv6_autoconf(bond['ipv6_autoconf']) + # IPv6 EUI-based address + b.set_ipv6_eui64_address(bond['ipv6_eui64_prefix']) + # IPv6 forwarding + b.set_ipv6_forwarding(bond['ipv6_forwarding']) + # IPv6 Duplicate Address Detection (DAD) tries + b.set_ipv6_dad_messages(bond['ipv6_dup_addr_detect']) # Change interface MAC address if bond['mac']: @@ -442,7 +467,7 @@ def apply(bond): # Some parameters can not be changed when the bond is up. if bond['shutdown_required']: # Disable bond prior changing of certain properties - b.set_state('down') + b.set_admin_state('down') # The bonding mode can not be changed when there are interfaces enslaved # to this bond, thus we will free all interfaces from the bond first! @@ -460,9 +485,9 @@ def apply(bond): # parameters we will only re-enable the interface if it is not # administratively disabled if not bond['disable']: - b.set_state('up') + b.set_admin_state('up') else: - b.set_state('down') + b.set_admin_state('down') # Configure interface address(es) # - not longer required addresses get removed first @@ -472,6 +497,9 @@ def apply(bond): for addr in bond['address']: b.add_addr(addr) + # assign/remove VRF + b.set_vrf(bond['vrf']) + # remove no longer required service VLAN interfaces (vif-s) for vif_s in bond['vif_s_remove']: b.del_vlan(vif_s) |