From 7f9ce3017ff4bc99c66e4d5ddfd6a9904ca8542c Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Wed, 25 Mar 2020 19:32:34 +0100 Subject: ipv6: T1831: migrate forwarding and dup-addr-detect-transmits nodes ... to new XML and Python based frontend/backend. --- python/vyos/configdict.py | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'python/vyos/configdict.py') diff --git a/python/vyos/configdict.py b/python/vyos/configdict.py index a1499479a..705fecd9b 100644 --- a/python/vyos/configdict.py +++ b/python/vyos/configdict.py @@ -123,6 +123,8 @@ def vlan_to_dict(conf): 'ip_enable_arp_accept': 0, 'ip_enable_arp_announce': 0, 'ip_enable_arp_ignore': 0, + 'ipv6_forwarding': True, + 'ipv6_dup_addr_detect': '1', 'ingress_qos': '', 'ingress_qos_changed': False, 'mac': '', @@ -187,6 +189,14 @@ def vlan_to_dict(conf): if conf.exists('ip enable-arp-ignore'): vlan['ip_enable_arp_ignore'] = 1 + # Disable IPv6 forwarding on this interface + if conf.exists('ipv6 disable-forwarding'): + vlan['ipv6_forwarding'] = False + + # IPv6 Duplicate Address Detection (DAD) tries + if conf.exists('ipv6 dup-addr-detect-transmits'): + vlan['ipv6_dup_addr_detect'] = conf.return_value('dup-addr-detect-transmits') + # Media Access Control (MAC) address if conf.exists('mac'): vlan['mac'] = conf.return_value('mac') -- cgit v1.2.3 From adc09e4ecaf91bc93b3994eac4f2f2ac2786a1c7 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Wed, 25 Mar 2020 19:41:54 +0100 Subject: ipv6: T1831: use integers over bool in interface configuration --- Makefile | 3 +++ python/vyos/configdict.py | 8 ++++---- python/vyos/ifconfig/interface.py | 6 +++--- python/vyos/ifconfig_vlan.py | 4 ++-- src/conf_mode/interfaces-bonding.py | 8 ++++---- src/conf_mode/interfaces-bridge.py | 8 ++++---- src/conf_mode/interfaces-ethernet.py | 8 ++++---- src/conf_mode/interfaces-l2tpv3.py | 8 ++++---- src/conf_mode/interfaces-openvpn.py | 8 ++++---- src/conf_mode/interfaces-pseudo-ethernet.py | 8 ++++---- src/conf_mode/interfaces-vxlan.py | 8 ++++---- src/conf_mode/interfaces-wireless.py | 12 ++++++------ 12 files changed, 46 insertions(+), 43 deletions(-) (limited to 'python/vyos/configdict.py') diff --git a/Makefile b/Makefile index 8c4362a18..71c28f220 100644 --- a/Makefile +++ b/Makefile @@ -51,6 +51,8 @@ interface_definitions: $(BUILD_DIR) $(obj) rm -f $(TMPL_DIR)/interfaces/ethernet/node.tag/vif-s/node.tag/ipv6/node.def rm -f $(TMPL_DIR)/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/ip/node.def rm -f $(TMPL_DIR)/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/ipv6/node.def + rm -f $(TMPL_DIR)/interfaces/l2tpv3/node.tag/ipv6/node.def + rm -f $(TMPL_DIR)/interfaces/openvpn/node.tag/ipv6/node.def rm -f $(TMPL_DIR)/interfaces/pppoe/node.tag/ip/node.def rm -f $(TMPL_DIR)/interfaces/pppoe/node.tag/ipv6/node.def rm -f $(TMPL_DIR)/interfaces/pseudo-ethernet/node.tag/ip/node.def @@ -61,6 +63,7 @@ interface_definitions: $(BUILD_DIR) $(obj) rm -f $(TMPL_DIR)/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/ipv6/node.def rm -f $(TMPL_DIR)/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/ip/node.def rm -f $(TMPL_DIR)/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/ipv6/node.def + rm -f $(TMPL_DIR)/interfaces/tunnel/node.tag/ipv6/node.def rm -f $(TMPL_DIR)/interfaces/vxlan/node.tag/ip/node.def rm -f $(TMPL_DIR)/interfaces/vxlan/node.tag/ipv6/node.def rm -f $(TMPL_DIR)/interfaces/wireless/node.tag/ip/node.def diff --git a/python/vyos/configdict.py b/python/vyos/configdict.py index 705fecd9b..b0214ded4 100644 --- a/python/vyos/configdict.py +++ b/python/vyos/configdict.py @@ -123,8 +123,8 @@ def vlan_to_dict(conf): 'ip_enable_arp_accept': 0, 'ip_enable_arp_announce': 0, 'ip_enable_arp_ignore': 0, - 'ipv6_forwarding': True, - 'ipv6_dup_addr_detect': '1', + 'ipv6_forwarding': 1, + 'ipv6_dup_addr_detect': 1, 'ingress_qos': '', 'ingress_qos_changed': False, 'mac': '', @@ -191,11 +191,11 @@ def vlan_to_dict(conf): # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): - vlan['ipv6_forwarding'] = False + vlan['ipv6_forwarding'] = 0 # IPv6 Duplicate Address Detection (DAD) tries if conf.exists('ipv6 dup-addr-detect-transmits'): - vlan['ipv6_dup_addr_detect'] = conf.return_value('dup-addr-detect-transmits') + vlan['ipv6_dup_addr_detect'] = int(conf.return_value('ipv6 dup-addr-detect-transmits')) # Media Access Control (MAC) address if conf.exists('mac'): diff --git a/python/vyos/ifconfig/interface.py b/python/vyos/ifconfig/interface.py index ae0b652b0..da6b54e69 100644 --- a/python/vyos/ifconfig/interface.py +++ b/python/vyos/ifconfig/interface.py @@ -116,11 +116,11 @@ class Interface(DHCP): 'location': '/proc/sys/net/ipv4/conf/{ifname}/arp_ignore', }, 'ipv6_forwarding': { - 'validate': assert_boolean, + 'validate': lambda fwd: assert_range(fwd,0,2), 'location': '/proc/sys/net/ipv6/conf/{ifname}/forwarding', }, 'ipv6_dad_transmits': { - 'validate': assert_boolean, + 'validate': assert_positive, 'location': '/proc/sys/net/ipv6/conf/{ifname}/dad_transmits', }, 'proxy_arp': { @@ -409,7 +409,7 @@ class Interface(DHCP): """ return self.set_interface('ipv6_forwarding', forwarding) - def set_dad_messages(self, dad): + def set_ipv6_dad_messages(self, dad): """ The amount of Duplicate Address Detection probes to send. Default: 1 diff --git a/python/vyos/ifconfig_vlan.py b/python/vyos/ifconfig_vlan.py index 11143f0bf..b3c5f3b76 100644 --- a/python/vyos/ifconfig_vlan.py +++ b/python/vyos/ifconfig_vlan.py @@ -65,9 +65,9 @@ def apply_vlan_config(vlan, config): # configure ARP ignore vlan.set_arp_ignore(config['ip_enable_arp_ignore']) # Disable IPv6 forwarding on this interface - vlan.ipv6_forwarding(bond['ipv6_forwarding']) + vlan.set_ipv6_forwarding(config['ipv6_forwarding']) # IPv6 Duplicate Address Detection (DAD) tries - vlan.ipv6_dad_messages(bond['ipv6_dup_addr_detect']) + vlan.set_ipv6_dad_messages(config['ipv6_dup_addr_detect']) # Maximum Transmission Unit (MTU) vlan.set_mtu(config['mtu']) diff --git a/src/conf_mode/interfaces-bonding.py b/src/conf_mode/interfaces-bonding.py index 9349241bd..a570371ab 100755 --- a/src/conf_mode/interfaces-bonding.py +++ b/src/conf_mode/interfaces-bonding.py @@ -48,8 +48,8 @@ default_config_data = { 'ip_enable_arp_ignore': 0, 'ip_proxy_arp': 0, 'ip_proxy_arp_pvlan': 0, - 'ipv6_forwarding': True, - 'ipv6_dup_addr_detect': '1', + 'ipv6_forwarding': 1, + 'ipv6_dup_addr_detect': 1, 'intf': '', 'mac': '', 'mode': '802.3ad', @@ -193,11 +193,11 @@ def get_config(): # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): - bond['ipv6_forwarding'] = False + bond['ipv6_forwarding'] = 0 # IPv6 Duplicate Address Detection (DAD) tries if conf.exists('ipv6 dup-addr-detect-transmits'): - bond['ipv6_dup_addr_detect'] = conf.return_value('dup-addr-detect-transmits') + bond['ipv6_dup_addr_detect'] = int(conf.return_value('ipv6 dup-addr-detect-transmits')) # Media Access Control (MAC) address if conf.exists('mac'): diff --git a/src/conf_mode/interfaces-bridge.py b/src/conf_mode/interfaces-bridge.py index 79b5e85e7..af669bc0e 100755 --- a/src/conf_mode/interfaces-bridge.py +++ b/src/conf_mode/interfaces-bridge.py @@ -46,8 +46,8 @@ default_config_data = { 'ip_enable_arp_accept': 0, 'ip_enable_arp_announce': 0, 'ip_enable_arp_ignore': 0, - 'ipv6_forwarding': True, - 'ipv6_dup_addr_detect': '1', + 'ipv6_forwarding': 1, + 'ipv6_dup_addr_detect': 1, 'igmp_querier': 0, 'intf': '', 'mac' : '', @@ -156,11 +156,11 @@ def get_config(): # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): - bridge['ipv6_forwarding'] = False + bridge['ipv6_forwarding'] = 0 # IPv6 Duplicate Address Detection (DAD) tries if conf.exists('ipv6 dup-addr-detect-transmits'): - bridge['ipv6_dup_addr_detect'] = conf.return_value('dup-addr-detect-transmits') + bridge['ipv6_dup_addr_detect'] = int(conf.return_value('ipv6 dup-addr-detect-transmits')) # Media Access Control (MAC) address if conf.exists('mac'): diff --git a/src/conf_mode/interfaces-ethernet.py b/src/conf_mode/interfaces-ethernet.py index 84e7d1c44..e2017173a 100755 --- a/src/conf_mode/interfaces-ethernet.py +++ b/src/conf_mode/interfaces-ethernet.py @@ -48,8 +48,8 @@ default_config_data = { 'ip_enable_arp_ignore': 0, 'ip_proxy_arp': 0, 'ip_proxy_arp_pvlan': 0, - 'ipv6_forwarding': True, - 'ipv6_dup_addr_detect': '1', + 'ipv6_forwarding': 1, + 'ipv6_dup_addr_detect': 1, 'intf': '', 'mac': '', 'mtu': 1500, @@ -171,11 +171,11 @@ def get_config(): # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): - eth['ipv6_forwarding'] = False + eth['ipv6_forwarding'] = 0 # IPv6 Duplicate Address Detection (DAD) tries if conf.exists('ipv6 dup-addr-detect-transmits'): - eth['ipv6_dup_addr_detect'] = conf.return_value('dup-addr-detect-transmits') + eth['ipv6_dup_addr_detect'] = int(conf.return_value('ipv6 dup-addr-detect-transmits')) # Media Access Control (MAC) address if conf.exists('mac'): diff --git a/src/conf_mode/interfaces-l2tpv3.py b/src/conf_mode/interfaces-l2tpv3.py index 5334472d3..d0c610625 100755 --- a/src/conf_mode/interfaces-l2tpv3.py +++ b/src/conf_mode/interfaces-l2tpv3.py @@ -33,8 +33,8 @@ default_config_data = { 'local_address': '', 'local_port': 5000, 'intf': '', - 'ipv6_forwarding': True, - 'ipv6_dup_addr_detect': '1', + 'ipv6_forwarding': 1, + 'ipv6_dup_addr_detect': 1, 'mtu': 1488, 'peer_session_id': '', 'peer_tunnel_id': '', @@ -105,11 +105,11 @@ def get_config(): # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): - l2tpv3['ipv6_forwarding'] = False + l2tpv3['ipv6_forwarding'] = 0 # IPv6 Duplicate Address Detection (DAD) tries if conf.exists('ipv6 dup-addr-detect-transmits'): - l2tpv3['ipv6_dup_addr_detect'] = conf.return_value('dup-addr-detect-transmits') + l2tpv3['ipv6_dup_addr_detect'] = int(conf.return_value('ipv6 dup-addr-detect-transmits')) # Maximum Transmission Unit (MTU) if conf.exists('mtu'): diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py index 84de67e46..143bf9ae9 100755 --- a/src/conf_mode/interfaces-openvpn.py +++ b/src/conf_mode/interfaces-openvpn.py @@ -294,8 +294,8 @@ default_config_data = { 'encryption': '', 'hash': '', 'intf': '', - 'ipv6_forwarding': True, - 'ipv6_dup_addr_detect': '1', + 'ipv6_forwarding': 1, + 'ipv6_dup_addr_detect': 1, 'ping_restart': '60', 'ping_interval': '10', 'local_address': '', @@ -494,11 +494,11 @@ def get_config(): # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): - openvpn['ipv6_forwarding'] = False + openvpn['ipv6_forwarding'] = 0 # IPv6 Duplicate Address Detection (DAD) tries if conf.exists('ipv6 dup-addr-detect-transmits'): - openvpn['ipv6_dup_addr_detect'] = conf.return_value('dup-addr-detect-transmits') + openvpn['ipv6_dup_addr_detect'] = int(conf.return_value('ipv6 dup-addr-detect-transmits')) # OpenVPN operation mode if conf.exists('mode'): diff --git a/src/conf_mode/interfaces-pseudo-ethernet.py b/src/conf_mode/interfaces-pseudo-ethernet.py index 19c8bbedc..14b868b0a 100755 --- a/src/conf_mode/interfaces-pseudo-ethernet.py +++ b/src/conf_mode/interfaces-pseudo-ethernet.py @@ -45,8 +45,8 @@ default_config_data = { 'ip_enable_arp_ignore': 0, 'ip_proxy_arp': 0, 'ip_proxy_arp_pvlan': 0, - 'ipv6_forwarding': True, - 'ipv6_dup_addr_detect': '1', + 'ipv6_forwarding': 1, + 'ipv6_dup_addr_detect': 1, 'intf': '', 'link': '', 'link_changed': False, @@ -149,11 +149,11 @@ def get_config(): # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): - peth['ipv6_forwarding'] = False + peth['ipv6_forwarding'] = 0 # IPv6 Duplicate Address Detection (DAD) tries if conf.exists('ipv6 dup-addr-detect-transmits'): - peth['ipv6_dup_addr_detect'] = conf.return_value('dup-addr-detect-transmits') + peth['ipv6_dup_addr_detect'] = int(conf.return_value('ipv6 dup-addr-detect-transmits')) # Lower link device if conf.exists(['link']): diff --git a/src/conf_mode/interfaces-vxlan.py b/src/conf_mode/interfaces-vxlan.py index 48271ff65..e1d31369e 100755 --- a/src/conf_mode/interfaces-vxlan.py +++ b/src/conf_mode/interfaces-vxlan.py @@ -37,8 +37,8 @@ default_config_data = { 'ip_enable_arp_announce': 0, 'ip_enable_arp_ignore': 0, 'ip_proxy_arp': 0, - 'ipv6_forwarding': True, - 'ipv6_dup_addr_detect': '1', + 'ipv6_forwarding': 1, + 'ipv6_dup_addr_detect': 1, 'link': '', 'mtu': 1450, 'remote': '', @@ -107,11 +107,11 @@ def get_config(): # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): - vxlan['ipv6_forwarding'] = False + vxlan['ipv6_forwarding'] = 0 # IPv6 Duplicate Address Detection (DAD) tries if conf.exists('ipv6 dup-addr-detect-transmits'): - vxlan['ipv6_dup_addr_detect'] = conf.return_value('dup-addr-detect-transmits') + vxlan['ipv6_dup_addr_detect'] = int(conf.return_value('ipv6 dup-addr-detect-transmits')) # VXLAN underlay interface if conf.exists('link'): diff --git a/src/conf_mode/interfaces-wireless.py b/src/conf_mode/interfaces-wireless.py index 29257141d..2d0b2ade7 100755 --- a/src/conf_mode/interfaces-wireless.py +++ b/src/conf_mode/interfaces-wireless.py @@ -827,8 +827,8 @@ default_config_data = { 'ip_enable_arp_accept': 0, 'ip_enable_arp_announce': 0, 'ip_enable_arp_ignore': 0, - 'ipv6_forwarding': True, - 'ipv6_dup_addr_detect': '1', + 'ipv6_forwarding': 1, + 'ipv6_dup_addr_detect': 1, 'mac' : '', 'max_stations' : '', 'mgmt_frame_protection' : 'disabled', @@ -1144,11 +1144,11 @@ def get_config(): # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): - wifi['ipv6_forwarding'] = False + wifi['ipv6_forwarding'] = 0 # IPv6 Duplicate Address Detection (DAD) tries if conf.exists('ipv6 dup-addr-detect-transmits'): - wifi['ipv6_dup_addr_detect'] = conf.return_value('dup-addr-detect-transmits') + wifi['ipv6_dup_addr_detect'] = int(conf.return_value('ipv6 dup-addr-detect-transmits')) # Wireless physical device if conf.exists('physical-device'): @@ -1498,9 +1498,9 @@ def apply(wifi): # configure ARP ignore w.set_arp_ignore(wifi['ip_enable_arp_ignore']) # Disable IPv6 forwarding on this interface - w.set_ipv6_forwarding(bond['ipv6_forwarding']) + w.set_ipv6_forwarding(wifi['ipv6_forwarding']) # IPv6 Duplicate Address Detection (DAD) tries - w.set_ipv6_dad_messages(bond['ipv6_dup_addr_detect']) + w.set_ipv6_dad_messages(wifi['ipv6_dup_addr_detect']) # Configure interface address(es) # - not longer required addresses get removed first -- cgit v1.2.3 From 09a0cecf02972fa9019fcfd900c50b27797f40e2 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Fri, 27 Mar 2020 17:03:24 +0100 Subject: ipv6: T1831: migrate autoconf node Autoconfigure addresses using Prefix Information in Router Advertisements. --- interface-definitions/include/ipv6-address.xml.i | 10 ++++++++++ interface-definitions/include/vif.xml.i | 1 + interface-definitions/interfaces-bonding.xml.in | 1 + interface-definitions/interfaces-bridge.xml.in | 1 + interface-definitions/interfaces-ethernet.xml.in | 1 + interface-definitions/interfaces-l2tpv3.xml.in | 1 + interface-definitions/interfaces-openvpn.xml.in | 1 + interface-definitions/interfaces-pseudo-ethernet.xml.in | 1 + interface-definitions/interfaces-tunnel.xml.in | 1 + interface-definitions/interfaces-vxlan.xml.in | 1 + interface-definitions/interfaces-wireless.xml.in | 1 + python/vyos/configdict.py | 5 +++++ python/vyos/ifconfig/interface.py | 11 +++++++++++ python/vyos/ifconfig_vlan.py | 4 +++- src/conf_mode/interfaces-bonding.py | 9 ++++++++- src/conf_mode/interfaces-bridge.py | 9 ++++++++- src/conf_mode/interfaces-ethernet.py | 8 ++++++++ src/conf_mode/interfaces-l2tpv3.py | 9 ++++++++- src/conf_mode/interfaces-openvpn.py | 9 ++++++++- src/conf_mode/interfaces-pseudo-ethernet.py | 9 ++++++++- src/conf_mode/interfaces-vxlan.py | 9 ++++++++- src/conf_mode/interfaces-wireless.py | 9 ++++++++- 22 files changed, 103 insertions(+), 8 deletions(-) create mode 100644 interface-definitions/include/ipv6-address.xml.i (limited to 'python/vyos/configdict.py') diff --git a/interface-definitions/include/ipv6-address.xml.i b/interface-definitions/include/ipv6-address.xml.i new file mode 100644 index 000000000..31629830e --- /dev/null +++ b/interface-definitions/include/ipv6-address.xml.i @@ -0,0 +1,10 @@ + + + + + Enable acquisition of IPv6 address using stateless autoconfig (SLAAC) + + + + + diff --git a/interface-definitions/include/vif.xml.i b/interface-definitions/include/vif.xml.i index 3316dd784..819534dc1 100644 --- a/interface-definitions/include/vif.xml.i +++ b/interface-definitions/include/vif.xml.i @@ -53,6 +53,7 @@ + #include #include #include diff --git a/interface-definitions/interfaces-bonding.xml.in b/interface-definitions/interfaces-bonding.xml.in index 641125d25..166f23285 100644 --- a/interface-definitions/interfaces-bonding.xml.in +++ b/interface-definitions/interfaces-bonding.xml.in @@ -91,6 +91,7 @@ + #include #include #include diff --git a/interface-definitions/interfaces-bridge.xml.in b/interface-definitions/interfaces-bridge.xml.in index 52ba0436f..f41110a3f 100644 --- a/interface-definitions/interfaces-bridge.xml.in +++ b/interface-definitions/interfaces-bridge.xml.in @@ -88,6 +88,7 @@ + #include #include #include diff --git a/interface-definitions/interfaces-ethernet.xml.in b/interface-definitions/interfaces-ethernet.xml.in index 2f649b006..2b461cfaa 100644 --- a/interface-definitions/interfaces-ethernet.xml.in +++ b/interface-definitions/interfaces-ethernet.xml.in @@ -81,6 +81,7 @@ + #include #include #include diff --git a/interface-definitions/interfaces-l2tpv3.xml.in b/interface-definitions/interfaces-l2tpv3.xml.in index 92ea946e8..161a37df8 100644 --- a/interface-definitions/interfaces-l2tpv3.xml.in +++ b/interface-definitions/interfaces-l2tpv3.xml.in @@ -53,6 +53,7 @@ + #include #include #include diff --git a/interface-definitions/interfaces-openvpn.xml.in b/interface-definitions/interfaces-openvpn.xml.in index a500c629c..cd5b5f29e 100644 --- a/interface-definitions/interfaces-openvpn.xml.in +++ b/interface-definitions/interfaces-openvpn.xml.in @@ -164,6 +164,7 @@ + #include #include #include diff --git a/interface-definitions/interfaces-pseudo-ethernet.xml.in b/interface-definitions/interfaces-pseudo-ethernet.xml.in index 53ff9f036..772056bd2 100644 --- a/interface-definitions/interfaces-pseudo-ethernet.xml.in +++ b/interface-definitions/interfaces-pseudo-ethernet.xml.in @@ -35,6 +35,7 @@ + #include #include #include diff --git a/interface-definitions/interfaces-tunnel.xml.in b/interface-definitions/interfaces-tunnel.xml.in index fc6528193..fe4a81f92 100644 --- a/interface-definitions/interfaces-tunnel.xml.in +++ b/interface-definitions/interfaces-tunnel.xml.in @@ -24,6 +24,7 @@ #include + #include #include #include diff --git a/interface-definitions/interfaces-vxlan.xml.in b/interface-definitions/interfaces-vxlan.xml.in index a69c0feed..70c45d1fd 100644 --- a/interface-definitions/interfaces-vxlan.xml.in +++ b/interface-definitions/interfaces-vxlan.xml.in @@ -47,6 +47,7 @@ + #include #include #include diff --git a/interface-definitions/interfaces-wireless.xml.in b/interface-definitions/interfaces-wireless.xml.in index 08259b31a..2c224987e 100644 --- a/interface-definitions/interfaces-wireless.xml.in +++ b/interface-definitions/interfaces-wireless.xml.in @@ -471,6 +471,7 @@ + #include #include #include diff --git a/python/vyos/configdict.py b/python/vyos/configdict.py index b0214ded4..66da52ff3 100644 --- a/python/vyos/configdict.py +++ b/python/vyos/configdict.py @@ -123,6 +123,7 @@ def vlan_to_dict(conf): 'ip_enable_arp_accept': 0, 'ip_enable_arp_announce': 0, 'ip_enable_arp_ignore': 0, + 'ipv6_autoconf': 0, 'ipv6_forwarding': 1, 'ipv6_dup_addr_detect': 1, 'ingress_qos': '', @@ -189,6 +190,10 @@ def vlan_to_dict(conf): if conf.exists('ip enable-arp-ignore'): vlan['ip_enable_arp_ignore'] = 1 + # Enable acquisition of IPv6 address using stateless autoconfig (SLAAC) + if conf.exists('ipv6 address autoconf'): + vlan['ipv6_autoconf'] = 1 + # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): vlan['ipv6_forwarding'] = 0 diff --git a/python/vyos/ifconfig/interface.py b/python/vyos/ifconfig/interface.py index da6b54e69..a2d202466 100644 --- a/python/vyos/ifconfig/interface.py +++ b/python/vyos/ifconfig/interface.py @@ -115,6 +115,10 @@ class Interface(DHCP): 'validate': assert_boolean, 'location': '/proc/sys/net/ipv4/conf/{ifname}/arp_ignore', }, + 'ipv6_autoconf': { + 'validate': lambda fwd: assert_range(fwd,0,2), + 'location': '/proc/sys/net/ipv6/conf/{ifname}/autoconf', + }, 'ipv6_forwarding': { 'validate': lambda fwd: assert_range(fwd,0,2), 'location': '/proc/sys/net/ipv6/conf/{ifname}/forwarding', @@ -382,6 +386,13 @@ class Interface(DHCP): """ return self.set_interface('arp_ignore', arp_ignore) + def set_ipv6_autoconf(self, autoconf): + """ + Autoconfigure addresses using Prefix Information in Router + Advertisements. + """ + return self.set_interface('ipv6_autoconf', autoconf) + def set_ipv6_forwarding(self, forwarding): """ Configure IPv6 interface-specific Host/Router behaviour. diff --git a/python/vyos/ifconfig_vlan.py b/python/vyos/ifconfig_vlan.py index b3c5f3b76..00270cf58 100644 --- a/python/vyos/ifconfig_vlan.py +++ b/python/vyos/ifconfig_vlan.py @@ -64,7 +64,9 @@ def apply_vlan_config(vlan, config): vlan.set_arp_announce(config['ip_enable_arp_announce']) # configure ARP ignore vlan.set_arp_ignore(config['ip_enable_arp_ignore']) - # Disable IPv6 forwarding on this interface + # IPv6 address autoconfiguration + vlan.set_ipv6_autoconf(config['ipv6_autoconf']) + # IPv6 forwarding vlan.set_ipv6_forwarding(config['ipv6_forwarding']) # IPv6 Duplicate Address Detection (DAD) tries vlan.set_ipv6_dad_messages(config['ipv6_dup_addr_detect']) diff --git a/src/conf_mode/interfaces-bonding.py b/src/conf_mode/interfaces-bonding.py index a570371ab..ab58b9159 100755 --- a/src/conf_mode/interfaces-bonding.py +++ b/src/conf_mode/interfaces-bonding.py @@ -48,6 +48,7 @@ default_config_data = { 'ip_enable_arp_ignore': 0, 'ip_proxy_arp': 0, 'ip_proxy_arp_pvlan': 0, + 'ipv6_autoconf': 0, 'ipv6_forwarding': 1, 'ipv6_dup_addr_detect': 1, 'intf': '', @@ -191,6 +192,10 @@ def get_config(): if conf.exists('ip proxy-arp-pvlan'): bond['ip_proxy_arp_pvlan'] = 1 + # Enable acquisition of IPv6 address using stateless autoconfig (SLAAC) + if conf.exists('ipv6 address autoconf'): + bond['ipv6_autoconf'] = 1 + # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): bond['ipv6_forwarding'] = 0 @@ -426,7 +431,9 @@ def apply(bond): b.set_proxy_arp(bond['ip_proxy_arp']) # Enable private VLAN proxy ARP on this interface b.set_proxy_arp_pvlan(bond['ip_proxy_arp_pvlan']) - # Disable IPv6 forwarding on this interface + # IPv6 address autoconfiguration + b.set_ipv6_autoconf(bond['ipv6_autoconf']) + # IPv6 forwarding b.set_ipv6_forwarding(bond['ipv6_forwarding']) # IPv6 Duplicate Address Detection (DAD) tries b.set_ipv6_dad_messages(bond['ipv6_dup_addr_detect']) diff --git a/src/conf_mode/interfaces-bridge.py b/src/conf_mode/interfaces-bridge.py index af669bc0e..1e143e30c 100755 --- a/src/conf_mode/interfaces-bridge.py +++ b/src/conf_mode/interfaces-bridge.py @@ -46,6 +46,7 @@ default_config_data = { 'ip_enable_arp_accept': 0, 'ip_enable_arp_announce': 0, 'ip_enable_arp_ignore': 0, + 'ipv6_autoconf': 0, 'ipv6_forwarding': 1, 'ipv6_dup_addr_detect': 1, 'igmp_querier': 0, @@ -154,6 +155,10 @@ def get_config(): if conf.exists('ip enable-arp-ignore'): bridge['ip_enable_arp_ignore'] = 1 + # Enable acquisition of IPv6 address using stateless autoconfig (SLAAC) + if conf.exists('ipv6 address autoconf'): + bridge['ipv6_autoconf'] = 1 + # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): bridge['ipv6_forwarding'] = 0 @@ -268,7 +273,9 @@ def apply(bridge): br.set_arp_announce(bridge['ip_enable_arp_announce']) # configure ARP ignore br.set_arp_ignore(bridge['ip_enable_arp_ignore']) - # Disable IPv6 forwarding on this interface + # IPv6 address autoconfiguration + br.set_ipv6_autoconf(bridge['ipv6_autoconf']) + # IPv6 forwarding br.set_ipv6_forwarding(bridge['ipv6_forwarding']) # IPv6 Duplicate Address Detection (DAD) tries br.set_ipv6_dad_messages(bridge['ipv6_dup_addr_detect']) diff --git a/src/conf_mode/interfaces-ethernet.py b/src/conf_mode/interfaces-ethernet.py index e2017173a..c7fabce60 100755 --- a/src/conf_mode/interfaces-ethernet.py +++ b/src/conf_mode/interfaces-ethernet.py @@ -48,6 +48,7 @@ default_config_data = { 'ip_enable_arp_ignore': 0, 'ip_proxy_arp': 0, 'ip_proxy_arp_pvlan': 0, + 'ipv6_autoconf': 0, 'ipv6_forwarding': 1, 'ipv6_dup_addr_detect': 1, 'intf': '', @@ -169,6 +170,10 @@ def get_config(): if conf.exists('ip proxy-arp-pvlan'): eth['ip_proxy_arp_pvlan'] = 1 + # Enable acquisition of IPv6 address using stateless autoconfig (SLAAC) + if conf.exists('ipv6 address autoconf'): + eth['ipv6_autoconf'] = 1 + # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): eth['ipv6_forwarding'] = 0 @@ -337,6 +342,9 @@ def apply(eth): # Enable private VLAN proxy ARP on this interface e.set_proxy_arp_pvlan(eth['ip_proxy_arp_pvlan']) # Disable IPv6 forwarding on this interface + # IPv6 address autoconfiguration + e.set_ipv6_autoconf(eth['ipv6_autoconf']) + # IPv6 forwarding e.set_ipv6_forwarding(eth['ipv6_forwarding']) # IPv6 Duplicate Address Detection (DAD) tries e.set_ipv6_dad_messages(eth['ipv6_dup_addr_detect']) diff --git a/src/conf_mode/interfaces-l2tpv3.py b/src/conf_mode/interfaces-l2tpv3.py index d0c610625..18ae1f4d8 100755 --- a/src/conf_mode/interfaces-l2tpv3.py +++ b/src/conf_mode/interfaces-l2tpv3.py @@ -33,6 +33,7 @@ default_config_data = { 'local_address': '', 'local_port': 5000, 'intf': '', + 'ipv6_autoconf': 0, 'ipv6_forwarding': 1, 'ipv6_dup_addr_detect': 1, 'mtu': 1488, @@ -103,6 +104,10 @@ def get_config(): if conf.exists('local-ip'): l2tpv3['local_address'] = conf.return_value('local-ip') + # Enable acquisition of IPv6 address using stateless autoconfig (SLAAC) + if conf.exists('ipv6 address autoconf'): + l2tpv3['ipv6_autoconf'] = 1 + # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): l2tpv3['ipv6_forwarding'] = 0 @@ -203,7 +208,9 @@ def apply(l2tpv3): l.set_alias(l2tpv3['description']) # Maximum Transfer Unit (MTU) l.set_mtu(l2tpv3['mtu']) - # Disable IPv6 forwarding on this interface + # IPv6 address autoconfiguration + l.set_ipv6_autoconf(l2tpv3['ipv6_autoconf']) + # IPv6 forwarding l.set_ipv6_forwarding(l2tpv3['ipv6_forwarding']) # IPv6 Duplicate Address Detection (DAD) tries l.set_ipv6_dad_messages(l2tpv3['ipv6_dup_addr_detect']) diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py index 143bf9ae9..a91cc2d73 100755 --- a/src/conf_mode/interfaces-openvpn.py +++ b/src/conf_mode/interfaces-openvpn.py @@ -294,6 +294,7 @@ default_config_data = { 'encryption': '', 'hash': '', 'intf': '', + 'ipv6_autoconf': 0, 'ipv6_forwarding': 1, 'ipv6_dup_addr_detect': 1, 'ping_restart': '60', @@ -492,6 +493,10 @@ def get_config(): if conf.exists('local-port'): openvpn['local_port'] = conf.return_value('local-port') + # Enable acquisition of IPv6 address using stateless autoconfig (SLAAC) + if conf.exists('ipv6 address autoconf'): + openvpn['ipv6_autoconf'] = 1 + # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): openvpn['ipv6_forwarding'] = 0 @@ -1049,7 +1054,9 @@ def apply(openvpn): o = VTunIf(openvpn['intf']) # update interface description used e.g. within SNMP o.set_alias(openvpn['description']) - # Disable IPv6 forwarding on this interface + # IPv6 address autoconfiguration + o.set_ipv6_autoconf(openvpn['ipv6_autoconf']) + # IPv6 forwarding o.set_ipv6_forwarding(openvpn['ipv6_forwarding']) # IPv6 Duplicate Address Detection (DAD) tries o.set_ipv6_dad_messages(openvpn['ipv6_dup_addr_detect']) diff --git a/src/conf_mode/interfaces-pseudo-ethernet.py b/src/conf_mode/interfaces-pseudo-ethernet.py index 14b868b0a..4b1abc553 100755 --- a/src/conf_mode/interfaces-pseudo-ethernet.py +++ b/src/conf_mode/interfaces-pseudo-ethernet.py @@ -45,6 +45,7 @@ default_config_data = { 'ip_enable_arp_ignore': 0, 'ip_proxy_arp': 0, 'ip_proxy_arp_pvlan': 0, + 'ipv6_autoconf': 0, 'ipv6_forwarding': 1, 'ipv6_dup_addr_detect': 1, 'intf': '', @@ -147,6 +148,10 @@ def get_config(): if conf.exists(['ip', 'proxy-arp-pvlan']): peth['ip_proxy_arp_pvlan'] = 1 + # Enable acquisition of IPv6 address using stateless autoconfig (SLAAC) + if conf.exists('ipv6 address autoconf'): + peth['ipv6_autoconf'] = 1 + # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): peth['ipv6_forwarding'] = 0 @@ -306,7 +311,9 @@ def apply(peth): p.set_proxy_arp(peth['ip_proxy_arp']) # Enable private VLAN proxy ARP on this interface p.set_proxy_arp_pvlan(peth['ip_proxy_arp_pvlan']) - # Disable IPv6 forwarding on this interface + # IPv6 address autoconfiguration + p.set_ipv6_autoconf(peth['ipv6_autoconf']) + # IPv6 forwarding p.set_ipv6_forwarding(peth['ipv6_forwarding']) # IPv6 Duplicate Address Detection (DAD) tries p.set_ipv6_dad_messages(peth['ipv6_dup_addr_detect']) diff --git a/src/conf_mode/interfaces-vxlan.py b/src/conf_mode/interfaces-vxlan.py index e1d31369e..294864bc1 100755 --- a/src/conf_mode/interfaces-vxlan.py +++ b/src/conf_mode/interfaces-vxlan.py @@ -37,6 +37,7 @@ default_config_data = { 'ip_enable_arp_announce': 0, 'ip_enable_arp_ignore': 0, 'ip_proxy_arp': 0, + 'ipv6_autoconf': 0, 'ipv6_forwarding': 1, 'ipv6_dup_addr_detect': 1, 'link': '', @@ -105,6 +106,10 @@ def get_config(): if conf.exists('ip enable-proxy-arp'): vxlan['ip_proxy_arp'] = 1 + # Enable acquisition of IPv6 address using stateless autoconfig (SLAAC) + if conf.exists('ipv6 address autoconf'): + vxlan['ipv6_autoconf'] = 1 + # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): vxlan['ipv6_forwarding'] = 0 @@ -211,7 +216,9 @@ def apply(vxlan): v.set_arp_ignore(vxlan['ip_enable_arp_ignore']) # Enable proxy-arp on this interface v.set_proxy_arp(vxlan['ip_proxy_arp']) - # Disable IPv6 forwarding on this interface + # IPv6 address autoconfiguration + v.set_ipv6_autoconf(vxlan['ipv6_autoconf']) + # IPv6 forwarding v.set_ipv6_forwarding(vxlan['ipv6_forwarding']) # IPv6 Duplicate Address Detection (DAD) tries v.set_ipv6_dad_messages(vxlan['ipv6_dup_addr_detect']) diff --git a/src/conf_mode/interfaces-wireless.py b/src/conf_mode/interfaces-wireless.py index 2d0b2ade7..d368cfa5d 100755 --- a/src/conf_mode/interfaces-wireless.py +++ b/src/conf_mode/interfaces-wireless.py @@ -827,6 +827,7 @@ default_config_data = { 'ip_enable_arp_accept': 0, 'ip_enable_arp_announce': 0, 'ip_enable_arp_ignore': 0, + 'ipv6_autoconf': 0, 'ipv6_forwarding': 1, 'ipv6_dup_addr_detect': 1, 'mac' : '', @@ -1138,6 +1139,10 @@ def get_config(): if conf.exists('ip enable-arp-announce'): wifi['ip_enable_arp_announce'] = 1 + # Enable acquisition of IPv6 address using stateless autoconfig (SLAAC) + if conf.exists('ipv6 address autoconf'): + wifi['ipv6_autoconf'] = 1 + # ARP enable ignore if conf.exists('ip enable-arp-ignore'): wifi['ip_enable_arp_ignore'] = 1 @@ -1497,7 +1502,9 @@ def apply(wifi): w.set_arp_announce(wifi['ip_enable_arp_announce']) # configure ARP ignore w.set_arp_ignore(wifi['ip_enable_arp_ignore']) - # Disable IPv6 forwarding on this interface + # IPv6 address autoconfiguration + w.set_ipv6_autoconf(wifi['ipv6_autoconf']) + # IPv6 forwarding w.set_ipv6_forwarding(wifi['ipv6_forwarding']) # IPv6 Duplicate Address Detection (DAD) tries w.set_ipv6_dad_messages(wifi['ipv6_dup_addr_detect']) -- cgit v1.2.3