From d4c40adfeac4686174388878520138b640884c45 Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Wed, 3 Mar 2021 20:35:21 +0100
Subject: tunnel: T2966: add ip6gretap encapsulation support

---
 interface-definitions/interfaces-tunnel.xml.in  | 10 +++++++---
 python/vyos/configverify.py                     |  4 ++--
 python/vyos/ifconfig/tunnel.py                  |  6 +++---
 smoketest/scripts/cli/test_interfaces_tunnel.py | 11 +++++++++--
 src/conf_mode/interfaces-tunnel.py              |  2 +-
 5 files changed, 22 insertions(+), 11 deletions(-)

diff --git a/interface-definitions/interfaces-tunnel.xml.in b/interface-definitions/interfaces-tunnel.xml.in
index c2d03c5ea..047e06b86 100644
--- a/interface-definitions/interfaces-tunnel.xml.in
+++ b/interface-definitions/interfaces-tunnel.xml.in
@@ -80,7 +80,7 @@
             <properties>
               <help>Encapsulation of this tunnel interface</help>
               <completionHelp>
-                <list>gre gretap ip6gre ip6ip6 ipip ipip6 sit</list>
+                <list>gre gretap ip6gre ip6gretap ip6ip6 ipip ipip6 sit</list>
               </completionHelp>
               <valueHelp>
                 <format>gre</format>
@@ -94,6 +94,10 @@
                 <format>ip6gre</format>
                 <description>GRE over IPv6 network</description>
               </valueHelp>
+              <valueHelp>
+                <format>ip6gretap</format>
+                <description>Generic Routing Encapsulation over IPv6 (virtual L2 tunnel)</description>
+              </valueHelp>
               <valueHelp>
                 <format>ip6ip6</format>
                 <description>IP6 in IP6 encapsulation</description>
@@ -111,9 +115,9 @@
                 <description>Simple Internet Transition encapsulation</description>
               </valueHelp>
               <constraint>
-                <regex>^(gre|gretap|ip6gre|ip6ip6|ipip|ipip6|sit)$</regex>
+                <regex>^(gre|gretap|ip6gre|ip6gretap|ip6ip6|ipip|ipip6|sit)$</regex>
               </constraint>
-              <constraintErrorMessage>Invalid encapsulation, must be one of: gre, gretap, ipip, sit, ipip6, ip6ip6, ip6gre</constraintErrorMessage>
+              <constraintErrorMessage>Invalid encapsulation, must be one of: gre, gretap, ip6gre, ip6gretap, ipip, sit, ipip6 or ip6ip6</constraintErrorMessage>
             </properties>
           </leafNode>
           <leafNode name="multicast">
diff --git a/python/vyos/configverify.py b/python/vyos/configverify.py
index db3e7cc57..7cf2cb8f9 100644
--- a/python/vyos/configverify.py
+++ b/python/vyos/configverify.py
@@ -109,7 +109,7 @@ def verify_tunnel(config):
     if {'source_address', 'dhcp_interface'} <= set(config):
         raise ConfigError('Can not use both source-address and dhcp-interface')
 
-    if config['encapsulation'] in ['ipip6', 'ip6ip6', 'ip6gre', 'ip6erspan']:
+    if config['encapsulation'] in ['ipip6', 'ip6ip6', 'ip6gre', 'ip6gretap', 'ip6erspan']:
         error_ipv6 = 'Encapsulation mode requires IPv6'
         if 'source_address' in config and not is_ipv6(config['source_address']):
             raise ConfigError(f'{error_ipv6} source-address')
@@ -124,7 +124,7 @@ def verify_tunnel(config):
         if 'remote' in config and not is_ipv4(config['remote']):
             raise ConfigError(f'{error_ipv4} remote address')
 
-    if config['encapsulation'] in ['sit', 'gretap']:
+    if config['encapsulation'] in ['sit', 'gretap', 'ip6gretap']:
         if 'source_interface' in config:
             encapsulation = config['encapsulation']
             raise ConfigError(f'Option source-interface can not be used with ' \
diff --git a/python/vyos/ifconfig/tunnel.py b/python/vyos/ifconfig/tunnel.py
index b9d5ab983..439d88dbc 100644
--- a/python/vyos/ifconfig/tunnel.py
+++ b/python/vyos/ifconfig/tunnel.py
@@ -94,7 +94,7 @@ class TunnelIf(Interface):
         super().__init__(ifname, **kargs)
 
         # The gretap interface has the possibility to act as L2 bridge
-        if self.iftype == 'gretap':
+        if self.iftype in ['gretap', 'ip6gretap']:
             # no multicast, ttl or tos for gretap
             self.definition = {
                 **TunnelIf.definition,
@@ -111,7 +111,7 @@ class TunnelIf(Interface):
             mapping = { **self.mapping, **self.mapping_ipv4 }
 
         cmd = 'ip tunnel add {ifname} mode {encapsulation}'
-        if self.iftype == 'gretap':
+        if self.iftype in ['gretap', 'ip6gretap']:
             cmd = 'ip link add name {ifname} type {encapsulation}'
         for vyos_key, iproute2_key in mapping.items():
             # dict_search will return an empty dict "{}" for valueless nodes like
@@ -129,7 +129,7 @@ class TunnelIf(Interface):
 
     def _change_options(self):
         # gretap interfaces do not support changing any parameter
-        if self.iftype == 'gretap':
+        if self.iftype in ['gretap', 'ip6gretap']:
             return
 
         if self.config['encapsulation'] in ['ipip6', 'ip6ip6', 'ip6gre']:
diff --git a/smoketest/scripts/cli/test_interfaces_tunnel.py b/smoketest/scripts/cli/test_interfaces_tunnel.py
index b5ee3e412..cad6764e6 100755
--- a/smoketest/scripts/cli/test_interfaces_tunnel.py
+++ b/smoketest/scripts/cli/test_interfaces_tunnel.py
@@ -105,7 +105,7 @@ class TunnelInterfaceTest(BasicInterfaceTest.BaseTest):
 
         interface = f'tun1010'
         local_if_addr = f'10.10.200.1/24'
-        for encapsulation in ['ipip6', 'ip6ip6', 'ip6gre']:
+        for encapsulation in ['ipip6', 'ip6ip6', 'ip6gre', 'ip6gretap']:
             self.session.set(self._base_path + [interface, 'address', local_if_addr])
             self.session.set(self._base_path + [interface, 'encapsulation', encapsulation])
             self.session.set(self._base_path + [interface, 'source-address', self.local_v4])
@@ -123,14 +123,21 @@ class TunnelInterfaceTest(BasicInterfaceTest.BaseTest):
 
             # Configure Tunnel Source interface
             self.session.set(self._base_path + [interface, 'source-interface', source_if])
+            # Source interface can not be used with ip6gretap
+            if encapsulation in ['ip6gretap']:
+                with self.assertRaises(ConfigSessionError):
+                    self.session.commit()
+                self.session.delete(self._base_path + [interface, 'source-interface'])
 
             # Check if commit is ok
             self.session.commit()
 
             conf = get_json_iface_options(interface)
+            if encapsulation not in ['ip6gretap']:
+                self.assertEqual(source_if, conf['link'])
+
             self.assertEqual(interface, conf['ifname'])
             self.assertEqual(mtu, conf['mtu'])
-            self.assertEqual(source_if, conf['link'])
 
             # Not applicable for ip6gre
             if 'proto' in conf['linkinfo']['info_data']:
diff --git a/src/conf_mode/interfaces-tunnel.py b/src/conf_mode/interfaces-tunnel.py
index 0ffff06a1..7958f61ea 100755
--- a/src/conf_mode/interfaces-tunnel.py
+++ b/src/conf_mode/interfaces-tunnel.py
@@ -105,7 +105,7 @@ def apply(tunnel):
     tmp = get_json_iface_options(interface)
     if tmp: encap = dict_search('linkinfo.info_kind', tmp)
 
-    if 'deleted' in tunnel or 'encapsulation_changed' in tunnel or encap == 'gretap':
+    if 'deleted' in tunnel or 'encapsulation_changed' in tunnel or encap in ['gretap', 'ip6gretap']:
         if interface in interfaces():
             tmp = Interface(interface)
             tmp.remove()
-- 
cgit v1.2.3