From 5adcc4ca30676338fca9a06409bbc72af4f68a1f Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Wed, 17 Mar 2021 20:58:18 +0100 Subject: vyos.configverify: T3344: verify_vrf() must handle "default" VRF We can leak routes back to the default VRF, thus the check added by commit 9184dfb5 ("static: vrf: T3344: add target vrf verify()") must have a "bail out" option when one want's to leak routes into the default VRF. --- python/vyos/configverify.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'python/vyos/configverify.py') diff --git a/python/vyos/configverify.py b/python/vyos/configverify.py index 7cf2cb8f9..718b7445d 100644 --- a/python/vyos/configverify.py +++ b/python/vyos/configverify.py @@ -80,7 +80,7 @@ def verify_vrf(config): recurring validation of VRF configuration. """ from netifaces import interfaces - if 'vrf' in config: + if 'vrf' in config and config['vrf'] != 'default': if config['vrf'] not in interfaces(): raise ConfigError('VRF "{vrf}" does not exist'.format(**config)) -- cgit v1.2.3