diff options
Diffstat (limited to 'src/conf_mode/interfaces-bonding.py')
| -rwxr-xr-x | src/conf_mode/interfaces-bonding.py | 182 |
1 files changed, 43 insertions, 139 deletions
diff --git a/src/conf_mode/interfaces-bonding.py b/src/conf_mode/interfaces-bonding.py index fd1f218d1..a174e33e4 100755 --- a/src/conf_mode/interfaces-bonding.py +++ b/src/conf_mode/interfaces-bonding.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2019 VyOS maintainers and contributors +# Copyright (C) 2019-2020 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -20,12 +20,12 @@ from copy import deepcopy from sys import exit from netifaces import interfaces -from vyos.ifconfig import BondIf +from vyos.ifconfig import BondIf, Section from vyos.ifconfig_vlan import apply_vlan_config, verify_vlan_config -from vyos.configdict import list_diff, vlan_to_dict +from vyos.configdict import list_diff, intf_to_dict, add_to_dict from vyos.config import Config -from vyos.util import is_bridge_member -from vyos.util import call +from vyos.util import call, cmd +from vyos.validate import is_bridge_member from vyos import ConfigError default_config_data = { @@ -43,6 +43,7 @@ default_config_data = { 'disable': False, 'disable_link_detect': 1, 'hash_policy': 'layer2', + 'intf': '', 'ip_arp_cache_tmo': 30, 'ip_disable_arp_filter': 1, 'ip_enable_arp_accept': 0, @@ -51,10 +52,11 @@ default_config_data = { 'ip_proxy_arp': 0, 'ip_proxy_arp_pvlan': 0, 'ipv6_autoconf': 0, - 'ipv6_eui64_prefix': '', + 'ipv6_eui64_prefix': [], + 'ipv6_eui64_prefix_remove': [], 'ipv6_forwarding': 1, 'ipv6_dup_addr_detect': 1, - 'intf': '', + 'is_bridge_member': False, 'mac': '', 'mode': '802.3ad', 'member': [], @@ -88,6 +90,13 @@ def get_bond_mode(mode): raise ConfigError('invalid bond mode "{}"'.format(mode)) def get_config(): + # determine tagNode instance + if 'VYOS_TAGNODE_VALUE' not in os.environ: + raise ConfigError('Interface (VYOS_TAGNODE_VALUE) not specified') + + ifname = os.environ['VYOS_TAGNODE_VALUE'] + conf = Config() + # initialize kernel module if not loaded if not os.path.isfile('/sys/class/net/bonding_masters'): import syslog @@ -96,32 +105,21 @@ def get_config(): syslog.syslog(syslog.LOG_NOTICE, "failed loading bonding kernel module") raise ConfigError("failed loading bonding kernel module") - bond = deepcopy(default_config_data) - conf = Config() - - # determine tagNode instance - if 'VYOS_TAGNODE_VALUE' not in os.environ: - raise ConfigError('Interface (VYOS_TAGNODE_VALUE) not specified') - - bond['intf'] = os.environ['VYOS_TAGNODE_VALUE'] - # check if bond has been removed - cfg_base = 'interfaces bonding ' + bond['intf'] + cfg_base = 'interfaces bonding ' + ifname if not conf.exists(cfg_base): + bond = deepcopy(default_config_data) + bond['intf'] = ifname bond['deleted'] = True + # check if interface is member if a bridge + bond['is_bridge_member'] = is_bridge_member(conf, ifname) return bond # set new configuration level conf.set_level(cfg_base) - # retrieve configured interface addresses - if conf.exists('address'): - bond['address'] = conf.return_values('address') - - # get interface addresses (currently effective) - to determine which - # address is no longer valid and needs to be removed - eff_addr = conf.return_effective_values('address') - bond['address_remove'] = list_diff(eff_addr, bond['address']) + bond, disabled = intf_to_dict(conf, default_config_data) + bond['intf'] = ifname # ARP link monitoring frequency in milliseconds if conf.exists('arp-monitor interval'): @@ -131,38 +129,6 @@ def get_config(): if conf.exists('arp-monitor target'): bond['arp_mon_tgt'] = conf.return_values('arp-monitor target') - # retrieve interface description - if conf.exists('description'): - bond['description'] = conf.return_value('description') - - # get DHCP client identifier - if conf.exists('dhcp-options client-id'): - bond['dhcp_client_id'] = conf.return_value('dhcp-options client-id') - - # DHCP client host name (overrides the system host name) - if conf.exists('dhcp-options host-name'): - bond['dhcp_hostname'] = conf.return_value('dhcp-options host-name') - - # DHCP client vendor identifier - if conf.exists('dhcp-options vendor-class-id'): - bond['dhcp_vendor_class_id'] = conf.return_value('dhcp-options vendor-class-id') - - # DHCPv6 only acquire config parameters, no address - if conf.exists('dhcpv6-options parameters-only'): - bond['dhcpv6_prm_only'] = True - - # DHCPv6 temporary IPv6 address - if conf.exists('dhcpv6-options temporary'): - bond['dhcpv6_temporary'] = True - - # ignore link state changes - if conf.exists('disable-link-detect'): - bond['disable_link_detect'] = 2 - - # disable bond interface - if conf.exists('disable'): - bond['disable'] = True - # Bonding transmit hash policy if conf.exists('hash-policy'): bond['hash_policy'] = conf.return_value('hash-policy') @@ -171,50 +137,10 @@ def get_config(): if conf.exists('ip arp-cache-timeout'): bond['ip_arp_cache_tmo'] = int(conf.return_value('ip arp-cache-timeout')) - # ARP filter configuration - if conf.exists('ip disable-arp-filter'): - bond['ip_disable_arp_filter'] = 0 - - # ARP enable accept - if conf.exists('ip enable-arp-accept'): - bond['ip_enable_arp_accept'] = 1 - - # ARP enable announce - if conf.exists('ip enable-arp-announce'): - bond['ip_enable_arp_announce'] = 1 - - # ARP enable ignore - if conf.exists('ip enable-arp-ignore'): - bond['ip_enable_arp_ignore'] = 1 - - # Enable proxy-arp on this interface - if conf.exists('ip enable-proxy-arp'): - bond['ip_proxy_arp'] = 1 - # Enable private VLAN proxy ARP on this interface if conf.exists('ip proxy-arp-pvlan'): bond['ip_proxy_arp_pvlan'] = 1 - # Enable acquisition of IPv6 address using stateless autoconfig (SLAAC) - if conf.exists('ipv6 address autoconf'): - bond['ipv6_autoconf'] = 1 - - # Get prefix for IPv6 addressing based on MAC address (EUI-64) - if conf.exists('ipv6 address eui64'): - bond['ipv6_eui64_prefix'] = conf.return_value('ipv6 address eui64') - - # Disable IPv6 forwarding on this interface - if conf.exists('ipv6 disable-forwarding'): - bond['ipv6_forwarding'] = 0 - - # IPv6 Duplicate Address Detection (DAD) tries - if conf.exists('ipv6 dup-addr-detect-transmits'): - bond['ipv6_dup_addr_detect'] = int(conf.return_value('ipv6 dup-addr-detect-transmits')) - - # Media Access Control (MAC) address - if conf.exists('mac'): - bond['mac'] = conf.return_value('mac') - # Bonding mode if conf.exists('mode'): act_mode = conf.return_value('mode') @@ -224,10 +150,6 @@ def get_config(): bond['mode'] = get_bond_mode(act_mode) - # Maximum Transmission Unit (MTU) - if conf.exists('mtu'): - bond['mtu'] = int(conf.return_value('mtu')) - # determine bond member interfaces (currently configured) if conf.exists('member interface'): bond['member'] = conf.return_values('member interface') @@ -244,48 +166,18 @@ def get_config(): if conf.exists('primary'): bond['primary'] = conf.return_value('primary') - # retrieve VRF instance - if conf.exists('vrf'): - bond['vrf'] = conf.return_value('vrf') - - # get vif-s interfaces (currently effective) - to determine which vif-s - # interface is no longer present and needs to be removed - eff_intf = conf.list_effective_nodes('vif-s') - act_intf = conf.list_nodes('vif-s') - bond['vif_s_remove'] = list_diff(eff_intf, act_intf) - - if conf.exists('vif-s'): - for vif_s in conf.list_nodes('vif-s'): - # set config level to vif-s interface - conf.set_level(cfg_base + ' vif-s ' + vif_s) - bond['vif_s'].append(vlan_to_dict(conf)) - - # re-set configuration level to parse new nodes - conf.set_level(cfg_base) - # Determine vif interfaces (currently effective) - to determine which - # vif interface is no longer present and needs to be removed - eff_intf = conf.list_effective_nodes('vif') - act_intf = conf.list_nodes('vif') - bond['vif_remove'] = list_diff(eff_intf, act_intf) - - if conf.exists('vif'): - for vif in conf.list_nodes('vif'): - # set config level to vif interface - conf.set_level(cfg_base + ' vif ' + vif) - bond['vif'].append(vlan_to_dict(conf)) + add_to_dict(conf, disabled, bond, 'vif', 'vif') + add_to_dict(conf, disabled, bond, 'vif-s', 'vif_s') return bond def verify(bond): if bond['deleted']: - interface = bond['intf'] - is_member, bridge = is_bridge_member(interface) - if is_member: - # can not use a f'' formatted-string here as bridge would not get - # expanded in the print statement - raise ConfigError('Can not delete interface "{0}" as it ' \ - 'is a member of bridge "{1}"!'.format(interface, bridge)) + if bond['is_bridge_member']: + interface = bond['intf'] + bridge = bond['is_bridge_member'] + raise ConfigError(f'Interface "{interface}" can not be deleted as it belongs to bridge "{bridge}"!') return None if len (bond['arp_mon_tgt']) > 16: @@ -434,17 +326,23 @@ def apply(bond): b.set_proxy_arp_pvlan(bond['ip_proxy_arp_pvlan']) # IPv6 address autoconfiguration b.set_ipv6_autoconf(bond['ipv6_autoconf']) - # IPv6 EUI-based address - b.set_ipv6_eui64_address(bond['ipv6_eui64_prefix']) # IPv6 forwarding b.set_ipv6_forwarding(bond['ipv6_forwarding']) # IPv6 Duplicate Address Detection (DAD) tries b.set_ipv6_dad_messages(bond['ipv6_dup_addr_detect']) + # Delete old IPv6 EUI64 addresses before changing MAC + for addr in bond['ipv6_eui64_prefix_remove']: + b.del_ipv6_eui64_address(addr) + # Change interface MAC address if bond['mac']: b.set_mac(bond['mac']) + # Add IPv6 EUI-based addresses + for addr in bond['ipv6_eui64_prefix']: + b.add_ipv6_eui64_address(addr) + # Maximum Transmission Unit (MTU) b.set_mtu(bond['mtu']) @@ -467,6 +365,12 @@ def apply(bond): # Add (enslave) interfaces to bond for intf in bond['member']: + # flushes only children of Interfaces class (e.g. vlan are not) + if intf in Section.interfaces(): + klass = Section.klass(intf, vlan=False) + klass(intf, create=False).flush_addrs() + # flushes also vlan interfaces + call(f'ip addr flush dev "{intf}"') b.add_port(intf) # As the bond interface is always disabled first when changing |