diff options
Diffstat (limited to 'src/conf_mode/interfaces-ethernet.py')
| -rwxr-xr-x | src/conf_mode/interfaces-ethernet.py | 81 |
1 files changed, 57 insertions, 24 deletions
diff --git a/src/conf_mode/interfaces-ethernet.py b/src/conf_mode/interfaces-ethernet.py index e4f6e5ff2..15e9b4185 100755 --- a/src/conf_mode/interfaces-ethernet.py +++ b/src/conf_mode/interfaces-ethernet.py @@ -16,11 +16,12 @@ import os -from copy import deepcopy from sys import exit +from copy import deepcopy +from netifaces import interfaces from vyos.ifconfig import EthernetIf -from vyos.ifconfig_vlan import apply_vlan_config +from vyos.ifconfig_vlan import apply_vlan_config, verify_vlan_config from vyos.configdict import list_diff, vlan_to_dict from vyos.config import Config from vyos import ConfigError @@ -47,6 +48,10 @@ default_config_data = { 'ip_enable_arp_ignore': 0, 'ip_proxy_arp': 0, 'ip_proxy_arp_pvlan': 0, + 'ipv6_autoconf': 0, + 'ipv6_eui64_prefix': '', + 'ipv6_forwarding': 1, + 'ipv6_dup_addr_detect': 1, 'intf': '', 'mac': '', 'mtu': 1500, @@ -59,7 +64,8 @@ default_config_data = { 'vif_s': [], 'vif_s_remove': [], 'vif': [], - 'vif_remove': [] + 'vif_remove': [], + 'vrf': '' } def get_config(): @@ -67,10 +73,10 @@ def get_config(): conf = Config() # determine tagNode instance - try: - eth['intf'] = os.environ['VYOS_TAGNODE_VALUE'] - except KeyError as E: - print("Interface not specified") + if 'VYOS_TAGNODE_VALUE' not in os.environ: + raise ConfigError('Interface (VYOS_TAGNODE_VALUE) not specified') + + eth['intf'] = os.environ['VYOS_TAGNODE_VALUE'] # check if ethernet interface has been removed cfg_base = ['interfaces', 'ethernet', eth['intf']] @@ -165,6 +171,22 @@ def get_config(): if conf.exists('ip proxy-arp-pvlan'): eth['ip_proxy_arp_pvlan'] = 1 + # Enable acquisition of IPv6 address using stateless autoconfig (SLAAC) + if conf.exists('ipv6 address autoconf'): + eth['ipv6_autoconf'] = 1 + + # Get prefix for IPv6 addressing based on MAC address (EUI-64) + if conf.exists('ipv6 address eui64'): + eth['ipv6_eui64_prefix'] = conf.return_value('ipv6 address eui64') + + # Disable IPv6 forwarding on this interface + if conf.exists('ipv6 disable-forwarding'): + eth['ipv6_forwarding'] = 0 + + # IPv6 Duplicate Address Detection (DAD) tries + if conf.exists('ipv6 dup-addr-detect-transmits'): + eth['ipv6_dup_addr_detect'] = int(conf.return_value('ipv6 dup-addr-detect-transmits')) + # Media Access Control (MAC) address if conf.exists('mac'): eth['mac'] = conf.return_value('mac') @@ -197,6 +219,10 @@ def get_config(): if conf.exists('speed'): eth['speed'] = conf.return_value('speed') + # retrieve VRF instance + if conf.exists('vrf'): + eth['vrf'] = conf.return_value('vrf') + # re-set configuration level to parse new nodes conf.set_level(cfg_base) # get vif-s interfaces (currently effective) - to determine which vif-s @@ -232,6 +258,9 @@ def verify(eth): if eth['deleted']: return None + if eth['intf'] not in interfaces(): + raise ConfigError(f"Interface ethernet {eth['intf']} does not exist") + if eth['speed'] == 'auto': if eth['duplex'] != 'auto': raise ConfigError('If speed is hardcoded, duplex must be hardcoded, too') @@ -243,6 +272,10 @@ def verify(eth): if eth['dhcpv6_prm_only'] and eth['dhcpv6_temporary']: raise ConfigError('DHCPv6 temporary and parameters-only options are mutually exclusive!') + vrf_name = eth['vrf'] + if vrf_name and vrf_name not in interfaces(): + raise ConfigError(f'VRF "{vrf_name}" does not exist') + conf = Config() # some options can not be changed when interface is enslaved to a bond for bond in conf.list_nodes('interfaces bonding'): @@ -250,21 +283,10 @@ def verify(eth): bond_member = conf.return_values('interfaces bonding ' + bond + ' member interface') if eth['intf'] in bond_member: if eth['address']: - raise ConfigError('Can not assign address to interface {} which is a member of {}').format(eth['intf'], bond) - - # DHCPv6 parameters-only and temporary address are mutually exclusive - for vif_s in eth['vif_s']: - if vif_s['dhcpv6_prm_only'] and vif_s['dhcpv6_temporary']: - raise ConfigError('DHCPv6 temporary and parameters-only options are mutually exclusive!') - - for vif_c in vif_s['vif_c']: - if vif_c['dhcpv6_prm_only'] and vif_c['dhcpv6_temporary']: - raise ConfigError('DHCPv6 temporary and parameters-only options are mutually exclusive!') - - for vif in eth['vif']: - if vif['dhcpv6_prm_only'] and vif['dhcpv6_temporary']: - raise ConfigError('DHCPv6 temporary and parameters-only options are mutually exclusive!') + raise ConfigError(f"Can not assign address to interface {eth['intf']} which is a member of {bond}") + # use common function to verify VLAN configuration + verify_vlan_config(eth) return None def generate(eth): @@ -324,12 +346,20 @@ def apply(eth): e.set_proxy_arp(eth['ip_proxy_arp']) # Enable private VLAN proxy ARP on this interface e.set_proxy_arp_pvlan(eth['ip_proxy_arp_pvlan']) + # IPv6 address autoconfiguration + e.set_ipv6_autoconf(eth['ipv6_autoconf']) + # IPv6 EUI-based address + e.set_ipv6_eui64_address(eth['ipv6_eui64_prefix']) + # IPv6 forwarding + e.set_ipv6_forwarding(eth['ipv6_forwarding']) + # IPv6 Duplicate Address Detection (DAD) tries + e.set_ipv6_dad_messages(eth['ipv6_dup_addr_detect']) # Change interface MAC address - re-set to real hardware address (hw-id) # if custom mac is removed if eth['mac']: e.set_mac(eth['mac']) - else: + elif eth['hw_id']: e.set_mac(eth['hw_id']) # Maximum Transmission Unit (MTU) @@ -355,9 +385,9 @@ def apply(eth): # Enable/Disable interface if eth['disable']: - e.set_state('down') + e.set_admin_state('down') else: - e.set_state('up') + e.set_admin_state('up') # Configure interface address(es) # - not longer required addresses get removed first @@ -367,6 +397,9 @@ def apply(eth): for addr in eth['address']: e.add_addr(addr) + # assign/remove VRF + e.set_vrf(eth['vrf']) + # remove no longer required service VLAN interfaces (vif-s) for vif_s in eth['vif_s_remove']: e.del_vlan(vif_s) |