From cdfe017ea6bfc7d4306d9e73c44f40671f41fdbc Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 13 Oct 2019 12:30:24 +0200 Subject: Python/ifconfig: T1557: bugfix when configuring accept_ra on VLAN interfaces --- python/vyos/ifconfig.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'python/vyos') diff --git a/python/vyos/ifconfig.py b/python/vyos/ifconfig.py index cc214908a..8f5161d03 100644 --- a/python/vyos/ifconfig.py +++ b/python/vyos/ifconfig.py @@ -597,8 +597,8 @@ class Interface: sleep(5) # no longer accept router announcements on this interface - cmd = 'sysctl -q -w net.ipv6.conf.{}.accept_ra=0'.format(self._ifname) - self._cmd(cmd) + self._write_sysfs('/proc/sys/net/ipv6/conf/{}/accept_ra' + .format(self._ifname), 0) # assemble command-line to start DHCPv6 client (dhclient) cmd = 'start-stop-daemon --start --quiet --pidfile ' + \ @@ -634,8 +634,8 @@ class Interface: self._cmd(cmd) # accept router announcements on this interface - cmd = 'sysctl -q -w net.ipv6.conf.{}.accept_ra=1'.format(self._ifname) - self._cmd(cmd) + self._write_sysfs('/proc/sys/net/ipv6/conf/{}/accept_ra' + .format(self._ifname), 1) # cleanup old config file if os.path.isfile(self._dhcpv6_cfg_file): -- cgit v1.2.3 From 67ca26dc6f6e548dfd0a1bc787aa039d96450b97 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 13 Oct 2019 12:34:10 +0200 Subject: Python/ifconfig: T1557: add support for DHCPv6 client options --- python/vyos/configdict.py | 4 +-- python/vyos/ifconfig.py | 46 ++++++++++++++++++++++++++++++---- src/conf_mode/interface-bonding.py | 43 ++++++++++++++++++++++++++++++-- src/conf_mode/interface-bridge.py | 22 ++++++++++++++--- src/conf_mode/interface-ethernet.py | 49 ++++++++++++++++++++++++++++++++----- 5 files changed, 145 insertions(+), 19 deletions(-) (limited to 'python/vyos') diff --git a/python/vyos/configdict.py b/python/vyos/configdict.py index 1022b88de..983906923 100644 --- a/python/vyos/configdict.py +++ b/python/vyos/configdict.py @@ -152,11 +152,11 @@ def vlan_to_dict(conf): # DHCPv6 only acquire config parameters, no address if conf.exists('dhcpv6-options parameters-only'): - vlan['dhcpv6_prm_only'] = conf.return_value('dhcpv6-options parameters-only') + vlan['dhcpv6_prm_only'] = True # DHCPv6 temporary IPv6 address if conf.exists('dhcpv6-options temporary'): - vlan['dhcpv6_temporary'] = conf.return_value('dhcpv6-options temporary') + vlan['dhcpv6_temporary'] = True # ignore link state changes if conf.exists('disable-link-detect'): diff --git a/python/vyos/ifconfig.py b/python/vyos/ifconfig.py index 8f5161d03..3225971ef 100644 --- a/python/vyos/ifconfig.py +++ b/python/vyos/ifconfig.py @@ -98,6 +98,13 @@ class Interface: 'vendor_class_id' : '' } + # DHCPv6 options + self._dhcpv6_options = { + 'intf' : self._ifname, + 'dhcpv6_prm_only' : False, + 'dhcpv6_temporary' : False + } + def _debug_msg(self, msg): if os.path.isfile('/tmp/vyos.ifconfig.debug'): print('DEBUG/{:<6} {}'.format(self._ifname, msg)) @@ -474,6 +481,7 @@ class Interface: def get_dhcp_options(self): """ Return dictionary with supported DHCP options. + Dictionary should be altered and send back via set_dhcp_options() so those options are applied when DHCP is run. """ @@ -485,6 +493,21 @@ class Interface: """ self._dhcp_options = options + def get_dhcpv6_options(self): + """ + Return dictionary with supported DHCPv6 options. + + Dictionary should be altered and send back via set_dhcp_options() + so those options are applied when DHCP is run. + """ + return self._dhcpv6_options + + def set_dhcpv6_options(self, options): + """ + Store new DHCP options used by next run of DHCP client. + """ + self._dhcpv6_options = options + # replace dhcpv4/v6 with systemd.networkd? def _set_dhcp(self): """ @@ -579,9 +602,14 @@ class Interface: >>> j = Interface('eth0') >>> j.set_dhcpv6() """ - dhcpv6 = { - 'intf': self._ifname - } + dhcpv6 = self.get_dhcpv6_options() + import pprint + pprint.pprint(dhcpv6) + + # better save then sorry .. should be checked in interface script + # but if you missed it we are safe! + if dhcpv6['dhcpv6_prm_only'] and dhcpv6['dhcpv6_temporary']: + raise Exception('DHCPv6 temporary and parameters-only options are mutually exclusive!') # render DHCP configuration tmpl = jinja2.Template(dhcpv6_cfg) @@ -605,8 +633,16 @@ class Interface: self._dhcpv6_pid_file cmd += ' --exec /sbin/dhclient --' # now pass arguments to dhclient binary - cmd += ' -6 -nw -cf {} -pf {} -lf {} {}'.format( - self._dhcpv6_cfg_file, self._dhcpv6_pid_file, self._dhcpv6_lease_file, self._ifname) + cmd += ' -6 -nw -cf {} -pf {} -lf {}'.format( + self._dhcpv6_cfg_file, self._dhcpv6_pid_file, self._dhcpv6_lease_file) + + # add optional arguments + if dhcpv6['dhcpv6_prm_only']: + cmd += ' -S' + if dhcpv6['dhcpv6_temporary']: + cmd += ' -T' + + cmd += ' {}'.format(self._ifname) return self._cmd(cmd) diff --git a/src/conf_mode/interface-bonding.py b/src/conf_mode/interface-bonding.py index 19817da8d..8a0f9f84d 100755 --- a/src/conf_mode/interface-bonding.py +++ b/src/conf_mode/interface-bonding.py @@ -99,6 +99,18 @@ def apply_vlan_config(vlan, config): # store DHCP config dictionary - used later on when addresses are aquired vlan.set_dhcp_options(opt) + # get DHCPv6 config dictionary and update values + opt = vlan.get_dhcpv6_options() + + if config['dhcpv6_prm_only']: + opt['dhcpv6_prm_only'] = True + + if config['dhcpv6_temporary']: + opt['dhcpv6_temporary'] = True + + # store DHCPv6 config dictionary - used later on when addresses are aquired + vlan.set_dhcpv6_options(opt) + # update interface description used e.g. within SNMP vlan.set_alias(config['description']) # ignore link state changes @@ -186,11 +198,11 @@ def get_config(): # DHCPv6 only acquire config parameters, no address if conf.exists('dhcpv6-options parameters-only'): - bond['dhcpv6_prm_only'] = conf.return_value('dhcpv6-options parameters-only') + bond['dhcpv6_prm_only'] = True # DHCPv6 temporary IPv6 address if conf.exists('dhcpv6-options temporary'): - bond['dhcpv6_temporary'] = conf.return_value('dhcpv6-options temporary') + bond['dhcpv6_temporary'] = True # ignore link state changes if conf.exists('disable-link-detect'): @@ -280,6 +292,21 @@ def verify(bond): raise ConfigError('Interface "{}" is not part of the bond' \ .format(bond['primary'])) + + # DHCPv6 parameters-only and temporary address are mutually exclusive + for vif_s in bond['vif_s']: + if vif_s['dhcpv6_prm_only'] and vif_s['dhcpv6_temporary']: + raise ConfigError('DHCPv6 temporary and parameters-only options are mutually exclusive!') + + for vif_c in vif_s['vif_c']: + if vif_c['dhcpv6_prm_only'] and vif_c['dhcpv6_temporary']: + raise ConfigError('DHCPv6 temporary and parameters-only options are mutually exclusive!') + + for vif in bond['vif']: + if vif['dhcpv6_prm_only'] and vif['dhcpv6_temporary']: + raise ConfigError('DHCPv6 temporary and parameters-only options are mutually exclusive!') + + for vif_s in bond['vif_s']: for vif in bond['vif']: if vif['id'] == vif_s['id']: @@ -403,6 +430,18 @@ def apply(bond): # store DHCP config dictionary - used later on when addresses are aquired b.set_dhcp_options(opt) + # get DHCPv6 config dictionary and update values + opt = b.get_dhcpv6_options() + + if bond['dhcpv6_prm_only']: + opt['dhcpv6_prm_only'] = True + + if bond['dhcpv6_temporary']: + opt['dhcpv6_temporary'] = True + + # store DHCPv6 config dictionary - used later on when addresses are aquired + b.set_dhcpv6_options(opt) + # ignore link state changes b.set_link_detect(bond['disable_link_detect']) # Bonding transmit hash policy diff --git a/src/conf_mode/interface-bridge.py b/src/conf_mode/interface-bridge.py index 57ac98444..70bf4f528 100755 --- a/src/conf_mode/interface-bridge.py +++ b/src/conf_mode/interface-bridge.py @@ -100,11 +100,11 @@ def get_config(): # DHCPv6 only acquire config parameters, no address if conf.exists('dhcpv6-options parameters-only'): - bridge['dhcpv6_prm_only'] = conf.return_value('dhcpv6-options parameters-only') + bridge['dhcpv6_prm_only'] = True # DHCPv6 temporary IPv6 address if conf.exists('dhcpv6-options temporary'): - bridge['dhcpv6_temporary'] = conf.return_value('dhcpv6-options temporary') + bridge['dhcpv6_temporary'] = True # Disable this bridge interface if conf.exists('disable'): @@ -174,6 +174,9 @@ def get_config(): return bridge def verify(bridge): + if bridge['dhcpv6_prm_only'] and bridge['dhcpv6_temporary']: + raise ConfigError('DHCPv6 temporary and parameters-only options are mutually exclusive!') + conf = Config() for br in conf.list_nodes('interfaces bridge'): # it makes no sense to verify ourself in this case @@ -240,10 +243,21 @@ def apply(bridge): if bridge['dhcp_vendor_class_id']: opt['vendor_class_id'] = bridge['dhcp_vendor_class_id'] - # store DHCP config dictionary - used later on when addresses - # are requested + # store DHCPv6 config dictionary - used later on when addresses are aquired br.set_dhcp_options(opt) + # get DHCPv6 config dictionary and update values + opt = br.get_dhcpv6_options() + + if bridge['dhcpv6_prm_only']: + opt['dhcpv6_prm_only'] = True + + if bridge['dhcpv6_temporary']: + opt['dhcpv6_temporary'] = True + + # store DHCPv6 config dictionary - used later on when addresses are aquired + br.set_dhcpv6_options(opt) + # Change interface MAC address if bridge['mac']: br.set_mac(bridge['mac']) diff --git a/src/conf_mode/interface-ethernet.py b/src/conf_mode/interface-ethernet.py index 267f5cb3b..cd40aff3e 100755 --- a/src/conf_mode/interface-ethernet.py +++ b/src/conf_mode/interface-ethernet.py @@ -79,10 +79,21 @@ def apply_vlan_config(vlan, config): if config['dhcp_vendor_class_id']: opt['vendor_class_id'] = config['dhcp_vendor_class_id'] - # store DHCP config dictionary - used later on when addresses - # are requested + # store DHCP config dictionary - used later on when addresses are aquired vlan.set_dhcp_options(opt) + # get DHCPv6 config dictionary and update values + opt = vlan.get_dhcpv6_options() + + if config['dhcpv6_prm_only']: + opt['dhcpv6_prm_only'] = True + + if config['dhcpv6_temporary']: + opt['dhcpv6_temporary'] = True + + # store DHCPv6 config dictionary - used later on when addresses are aquired + vlan.set_dhcpv6_options(opt) + # update interface description used e.g. within SNMP vlan.set_alias(config['description']) # ignore link state changes @@ -157,11 +168,11 @@ def get_config(): # DHCPv6 only acquire config parameters, no address if conf.exists('dhcpv6-options parameters-only'): - eth['dhcpv6_prm_only'] = conf.return_value('dhcpv6-options parameters-only') + eth['dhcpv6_prm_only'] = True # DHCPv6 temporary IPv6 address if conf.exists('dhcpv6-options temporary'): - eth['dhcpv6_temporary'] = conf.return_value('dhcpv6-options temporary') + eth['dhcpv6_temporary'] = True # ignore link state changes if conf.exists('disable-link-detect'): @@ -270,6 +281,9 @@ def verify(eth): if eth['speed'] != 'auto': raise ConfigError('If duplex is hardcoded, speed must be hardcoded, too') + if eth['dhcpv6_prm_only'] and eth['dhcpv6_temporary']: + raise ConfigError('DHCPv6 temporary and parameters-only options are mutually exclusive!') + conf = Config() # some options can not be changed when interface is enslaved to a bond for bond in conf.list_nodes('interfaces bonding'): @@ -279,6 +293,18 @@ def verify(eth): if eth['address']: raise ConfigError('Can not assign address to interface {} which is a member of {}').format(eth['intf'], bond) + # DHCPv6 parameters-only and temporary address are mutually exclusive + for vif_s in eth['vif_s']: + if vif_s['dhcpv6_prm_only'] and vif_s['dhcpv6_temporary']: + raise ConfigError('DHCPv6 temporary and parameters-only options are mutually exclusive!') + + for vif_c in vif_s['vif_c']: + if vif_c['dhcpv6_prm_only'] and vif_c['dhcpv6_temporary']: + raise ConfigError('DHCPv6 temporary and parameters-only options are mutually exclusive!') + + for vif in eth['vif']: + if vif['dhcpv6_prm_only'] and vif['dhcpv6_temporary']: + raise ConfigError('DHCPv6 temporary and parameters-only options are mutually exclusive!') return None @@ -306,10 +332,21 @@ def apply(eth): if eth['dhcp_vendor_class_id']: opt['vendor_class_id'] = eth['dhcp_vendor_class_id'] - # store DHCP config dictionary - used later on when addresses - # are requested + # store DHCP config dictionary - used later on when addresses are aquired e.set_dhcp_options(opt) + # get DHCPv6 config dictionary and update values + opt = e.get_dhcpv6_options() + + if eth['dhcpv6_prm_only']: + opt['dhcpv6_prm_only'] = True + + if eth['dhcpv6_temporary']: + opt['dhcpv6_temporary'] = True + + # store DHCPv6 config dictionary - used later on when addresses are aquired + e.set_dhcpv6_options(opt) + # ignore link state changes e.set_link_detect(eth['disable_link_detect']) # disable ethernet flow control (pause frames) -- cgit v1.2.3