From 64c8318b94d91b37ddc60632aa1203f37e65ccd7 Mon Sep 17 00:00:00 2001 From: Christian Breunig Date: Thu, 15 Feb 2024 22:54:58 +0100 Subject: T6001: add option to disable next-hop-tracking resolve-via-default * set system ip nht no-resolve-via-default * set system ipv6 nht no-resolve-via-default (cherry picked from commit ece0e768f36e52f8964823d891264d7c187204ec) --- interface-definitions/include/system-ip-nht.xml.i | 15 +++++++++++++++ interface-definitions/system_ip.xml.in | 1 + interface-definitions/system_ipv6.xml.in | 1 + 3 files changed, 17 insertions(+) create mode 100644 interface-definitions/include/system-ip-nht.xml.i (limited to 'interface-definitions') diff --git a/interface-definitions/include/system-ip-nht.xml.i b/interface-definitions/include/system-ip-nht.xml.i new file mode 100644 index 000000000..4074043cd --- /dev/null +++ b/interface-definitions/include/system-ip-nht.xml.i @@ -0,0 +1,15 @@ + + + + Filter Next Hop tracking route resolution + + + + + Do not resolve via default route + + + + + + diff --git a/interface-definitions/system_ip.xml.in b/interface-definitions/system_ip.xml.in index 6e3b7d5d0..015eb270f 100644 --- a/interface-definitions/system_ip.xml.in +++ b/interface-definitions/system_ip.xml.in @@ -48,6 +48,7 @@ + #include IPv4 TCP parameters diff --git a/interface-definitions/system_ipv6.xml.in b/interface-definitions/system_ipv6.xml.in index 8957cb6a7..dda00af38 100644 --- a/interface-definitions/system_ipv6.xml.in +++ b/interface-definitions/system_ipv6.xml.in @@ -36,6 +36,7 @@ #include + #include #include -- cgit v1.2.3 From 42e83b8b2cca6ba73c2663629cf92b3b2b225898 Mon Sep 17 00:00:00 2001 From: Christian Breunig Date: Fri, 16 Feb 2024 08:31:58 +0100 Subject: T6001: add option to disable next-hop-tracking resolve-via-default in VRF context * set vrf name ip nht no-resolve-via-default * set vrf name ipv6 nht no-resolve-via-default (cherry picked from commit 0fafc4bcdb9efc03796ddab0832471b11ba1bbe0) --- data/templates/frr/zebra.vrf.route-map.frr.j2 | 6 +++++ interface-definitions/vrf.xml.in | 2 ++ smoketest/scripts/cli/test_vrf.py | 35 ++++++++++++++++++++++++++- 3 files changed, 42 insertions(+), 1 deletion(-) (limited to 'interface-definitions') diff --git a/data/templates/frr/zebra.vrf.route-map.frr.j2 b/data/templates/frr/zebra.vrf.route-map.frr.j2 index 4e1206374..f1cc6fe66 100644 --- a/data/templates/frr/zebra.vrf.route-map.frr.j2 +++ b/data/templates/frr/zebra.vrf.route-map.frr.j2 @@ -6,6 +6,12 @@ {% continue %} {% endif %} vrf {{ vrf }} +{% if vrf_config.ip.nht.no_resolve_via_default is vyos_defined %} + no ip nht resolve-via-default +{% endif %} +{% if vrf_config.ipv6.nht.no_resolve_via_default is vyos_defined %} + no ipv6 nht resolve-via-default +{% endif %} {% if vrf_config.ip.protocol is vyos_defined %} {% for protocol_name, protocol_config in vrf_config.ip.protocol.items() %} ip protocol {{ protocol_name }} route-map {{ protocol_config.route_map }} diff --git a/interface-definitions/vrf.xml.in b/interface-definitions/vrf.xml.in index e5ec539d3..25f26d0cc 100644 --- a/interface-definitions/vrf.xml.in +++ b/interface-definitions/vrf.xml.in @@ -34,6 +34,7 @@ #include + #include #include @@ -43,6 +44,7 @@ #include + #include #include diff --git a/smoketest/scripts/cli/test_vrf.py b/smoketest/scripts/cli/test_vrf.py index a3090ee41..438387f2d 100755 --- a/smoketest/scripts/cli/test_vrf.py +++ b/smoketest/scripts/cli/test_vrf.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2020-2023 VyOS maintainers and contributors +# Copyright (C) 2020-2024 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -495,6 +495,39 @@ class VRFTest(VyOSUnitTestSHIM.TestCase): frrconfig = self.getFRRconfig(f'vrf {vrf}') self.assertNotIn('vni', frrconfig) + def test_vrf_ip_ipv6_nht(self): + table = '6910' + + for vrf in vrfs: + base = base_path + ['name', vrf] + self.cli_set(base + ['table', table]) + self.cli_set(base + ['ip', 'nht', 'no-resolve-via-default']) + self.cli_set(base + ['ipv6', 'nht', 'no-resolve-via-default']) + + table = str(int(table) + 1) + + self.cli_commit() + + # Verify route-map properly applied to FRR + for vrf in vrfs: + frrconfig = self.getFRRconfig(f'vrf {vrf}', daemon='zebra') + self.assertIn(f'vrf {vrf}', frrconfig) + self.assertIn(f' no ip nht resolve-via-default', frrconfig) + self.assertIn(f' no ipv6 nht resolve-via-default', frrconfig) + + # Delete route-maps + for vrf in vrfs: + base = base_path + ['name', vrf] + self.cli_delete(base + ['ip']) + self.cli_delete(base + ['ipv6']) + + self.cli_commit() + + # Verify route-map properly is removed from FRR + for vrf in vrfs: + frrconfig = self.getFRRconfig(f'vrf {vrf}', daemon='zebra') + self.assertNotIn(f' no ip nht resolve-via-default', frrconfig) + self.assertNotIn(f' no ipv6 nht resolve-via-default', frrconfig) if __name__ == '__main__': unittest.main(verbosity=2) -- cgit v1.2.3