From ece0e768f36e52f8964823d891264d7c187204ec Mon Sep 17 00:00:00 2001
From: Christian Breunig <christian@breunig.cc>
Date: Thu, 15 Feb 2024 22:54:58 +0100
Subject: T6001: add option to disable next-hop-tracking resolve-via-default

* set system ip nht no-resolve-via-default
* set system ipv6 nht no-resolve-via-default
---
 data/templates/frr/zebra.route-map.frr.j2 | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'data')

diff --git a/data/templates/frr/zebra.route-map.frr.j2 b/data/templates/frr/zebra.route-map.frr.j2
index 8e18abbde..669d58354 100644
--- a/data/templates/frr/zebra.route-map.frr.j2
+++ b/data/templates/frr/zebra.route-map.frr.j2
@@ -1,4 +1,8 @@
 !
+{% if nht.no_resolve_via_default is vyos_defined %}
+no {{ afi }} nht resolve-via-default
+{% endif %}
+!
 {% if protocol is vyos_defined %}
 {%     for protocol_name, protocol_config in protocol.items() %}
 {%         if protocol_name is vyos_defined('ospfv3') %}
@@ -7,3 +11,4 @@
 {{ afi }} protocol {{ protocol_name }} route-map {{ protocol_config.route_map }}
 {%     endfor %}
 {% endif %}
+!
-- 
cgit v1.2.3


From 0fafc4bcdb9efc03796ddab0832471b11ba1bbe0 Mon Sep 17 00:00:00 2001
From: Christian Breunig <christian@breunig.cc>
Date: Fri, 16 Feb 2024 08:31:58 +0100
Subject: T6001: add option to disable next-hop-tracking resolve-via-default in
 VRF context

* set vrf name <name> ip nht no-resolve-via-default
* set vrf name <name> ipv6 nht no-resolve-via-default
---
 data/templates/frr/zebra.vrf.route-map.frr.j2 |  6 +++++
 interface-definitions/vrf.xml.in              |  2 ++
 smoketest/scripts/cli/test_vrf.py             | 35 ++++++++++++++++++++++++++-
 3 files changed, 42 insertions(+), 1 deletion(-)

(limited to 'data')

diff --git a/data/templates/frr/zebra.vrf.route-map.frr.j2 b/data/templates/frr/zebra.vrf.route-map.frr.j2
index 4e1206374..f1cc6fe66 100644
--- a/data/templates/frr/zebra.vrf.route-map.frr.j2
+++ b/data/templates/frr/zebra.vrf.route-map.frr.j2
@@ -6,6 +6,12 @@
 {%             continue %}
 {%         endif %}
 vrf {{ vrf }}
+{%         if vrf_config.ip.nht.no_resolve_via_default is vyos_defined %}
+ no ip nht resolve-via-default
+{%         endif %}
+{%         if vrf_config.ipv6.nht.no_resolve_via_default is vyos_defined %}
+ no ipv6 nht resolve-via-default
+{%         endif %}
 {%         if vrf_config.ip.protocol is vyos_defined %}
 {%             for protocol_name, protocol_config in vrf_config.ip.protocol.items() %}
  ip protocol {{ protocol_name }} route-map {{ protocol_config.route_map }}
diff --git a/interface-definitions/vrf.xml.in b/interface-definitions/vrf.xml.in
index e5ec539d3..25f26d0cc 100644
--- a/interface-definitions/vrf.xml.in
+++ b/interface-definitions/vrf.xml.in
@@ -34,6 +34,7 @@
             </properties>
             <children>
               #include <include/interface/disable-forwarding.xml.i>
+              #include <include/system-ip-nht.xml.i>
               #include <include/system-ip-protocol.xml.i>
             </children>
           </node>
@@ -43,6 +44,7 @@
             </properties>
             <children>
               #include <include/interface/disable-forwarding.xml.i>
+              #include <include/system-ip-nht.xml.i>
               #include <include/system-ipv6-protocol.xml.i>
             </children>
           </node>
diff --git a/smoketest/scripts/cli/test_vrf.py b/smoketest/scripts/cli/test_vrf.py
index a3090ee41..438387f2d 100755
--- a/smoketest/scripts/cli/test_vrf.py
+++ b/smoketest/scripts/cli/test_vrf.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 #
-# Copyright (C) 2020-2023 VyOS maintainers and contributors
+# Copyright (C) 2020-2024 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
@@ -495,6 +495,39 @@ class VRFTest(VyOSUnitTestSHIM.TestCase):
             frrconfig = self.getFRRconfig(f'vrf {vrf}')
             self.assertNotIn('vni', frrconfig)
 
+    def test_vrf_ip_ipv6_nht(self):
+        table = '6910'
+
+        for vrf in vrfs:
+            base = base_path + ['name', vrf]
+            self.cli_set(base + ['table', table])
+            self.cli_set(base + ['ip', 'nht', 'no-resolve-via-default'])
+            self.cli_set(base + ['ipv6', 'nht', 'no-resolve-via-default'])
+
+            table = str(int(table) + 1)
+
+        self.cli_commit()
+
+        # Verify route-map properly applied to FRR
+        for vrf in vrfs:
+            frrconfig = self.getFRRconfig(f'vrf {vrf}', daemon='zebra')
+            self.assertIn(f'vrf {vrf}', frrconfig)
+            self.assertIn(f' no ip nht resolve-via-default', frrconfig)
+            self.assertIn(f' no ipv6 nht resolve-via-default', frrconfig)
+
+        # Delete route-maps
+        for vrf in vrfs:
+            base = base_path + ['name', vrf]
+            self.cli_delete(base + ['ip'])
+            self.cli_delete(base + ['ipv6'])
+
+        self.cli_commit()
+
+        # Verify route-map properly is removed from FRR
+        for vrf in vrfs:
+            frrconfig = self.getFRRconfig(f'vrf {vrf}', daemon='zebra')
+            self.assertNotIn(f' no ip nht resolve-via-default', frrconfig)
+            self.assertNotIn(f' no ipv6 nht resolve-via-default', frrconfig)
 
 if __name__ == '__main__':
     unittest.main(verbosity=2)
-- 
cgit v1.2.3