From ce5fe544e4d6c0bd8e6425ec97d0bdfd130630a4 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Fri, 28 May 2021 21:52:42 +0200 Subject: vti: ipsec: T2816: interfaces must be created using the vyos.ifconfig library --- python/vyos/ifconfig/vti.py | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) (limited to 'python') diff --git a/python/vyos/ifconfig/vti.py b/python/vyos/ifconfig/vti.py index e2090c889..9eafcd11b 100644 --- a/python/vyos/ifconfig/vti.py +++ b/python/vyos/ifconfig/vti.py @@ -14,6 +14,7 @@ # License along with this library. If not, see . from vyos.ifconfig.interface import Interface +from vyos.util import dict_search @Interface.register class VTIIf(Interface): @@ -25,3 +26,34 @@ class VTIIf(Interface): 'prefixes': ['vti', ], }, } + + def _create(self): + # This table represents a mapping from VyOS internal config dict to + # arguments used by iproute2. For more information please refer to: + # - https://man7.org/linux/man-pages/man8/ip-link.8.html + # - https://man7.org/linux/man-pages/man8/ip-tunnel.8.html + mapping = { + 'source_address' : 'local', + 'source_interface' : 'dev', + 'remote' : 'remote', + 'key' : 'key', + } + + cmd = 'ip link add {ifname} type vti' + for vyos_key, iproute2_key in mapping.items(): + # dict_search will return an empty dict "{}" for valueless nodes like + # "parameters.nolearning" - thus we need to test the nodes existence + # by using isinstance() + tmp = dict_search(vyos_key, self.config) + if isinstance(tmp, dict): + cmd += f' {iproute2_key}' + elif tmp != None: + cmd += f' {iproute2_key} {tmp}' + + self._cmd(cmd.format(**self.config)) + self.set_interface('admin_state', 'down') + + def set_admin_state(self, state): + # function is not implemented for VTI interfaces as this is entirely + # handled by the ipsec up/down scripts + pass -- cgit v1.2.3