From 46d92ac80bdaa23d11b10b9261aa12a24c5cc5a1 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 17 May 2020 17:34:21 +0200 Subject: dhcpv6-pd: T421: migrate from ISC dhclient to wide-dhcpv6-client ISC does not support running the client on PPP(oE) interfaces which makes it unusable for DHCPv6 Prefix Delegation tasks. Internet Systems Consortium DHCP Client 4.4.1 Copyright 2004-2018 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ Unsupported device type 512 for "pppoe0" --- src/systemd/dhclient6@.service | 18 ------------------ src/systemd/dhcp6c@.service | 16 ++++++++++++++++ 2 files changed, 16 insertions(+), 18 deletions(-) delete mode 100644 src/systemd/dhclient6@.service create mode 100644 src/systemd/dhcp6c@.service (limited to 'src') diff --git a/src/systemd/dhclient6@.service b/src/systemd/dhclient6@.service deleted file mode 100644 index fd69e4d48..000000000 --- a/src/systemd/dhclient6@.service +++ /dev/null @@ -1,18 +0,0 @@ -[Unit] -Description=DHCPv6 client on %i -Documentation=man:dhclient(8) -ConditionPathExists=/var/lib/dhcp/dhclient_v6_%i.conf -ConditionPathExists=/var/lib/dhcp/dhclient_v6_%i.options -After=vyos-router.service - -[Service] -WorkingDirectory=/var/lib/dhcp -Type=exec -EnvironmentFile=-/var/lib/dhcp/dhclient_v6_%i.options -PIDFile=/var/lib/dhcp/dhclient_v6_%i.pid -ExecStart=/sbin/dhclient -6 $DHCLIENT_OPTS -ExecStop=/sbin/dhclient -6 $DHCLIENT_OPTS -r -Restart=always - -[Install] -WantedBy=multi-user.target diff --git a/src/systemd/dhcp6c@.service b/src/systemd/dhcp6c@.service new file mode 100644 index 000000000..08c0d57fa --- /dev/null +++ b/src/systemd/dhcp6c@.service @@ -0,0 +1,16 @@ +[Unit] +Description=WIDE DHCPv6 client on %i +Documentation=man:dhcp6c(8) man:dhcp6c.conf(5) +ConditionPathExists=/run/dhcp6c/dhcp6c.%i.conf +After=vyos-router.service + +[Service] +WorkingDirectory=/run/dhcp6c +Type=exec +PIDFile=/run/dhcp6c/dhcp6c.%i.pid +ExecStart=/usr/sbin/dhcp6c -D -k /run/dhcp6c/dhcp6c.%i.sock -c /run/dhcp6c/dhcp6c.%i.conf -p /run/dhcp6c/dhcp6c.%i.pid %i + +Restart=always + +[Install] +WantedBy=multi-user.target -- cgit v1.2.3 From faa85accc99d6ff777f12f5dd9e43a6dd8f7e7a2 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 17 May 2020 20:15:45 +0200 Subject: pppoe: dhcpv6-pd: T421: initial support The following configuration will assign a /64 prefix out of a /56 delegation to eth0. The IPv6 address assigned to eth0 will be ::ffff/64. If you do not know the prefix size delegated to you, start with sla-len 0. pppoe pppoe0 { authentication { password vyos user vyos } description sadfas dhcpv6-options { delegate eth0 { interface-id 65535 sla-id 0 sla-len 8 } } ipv6 { address { autoconf } enable } source-interface eth1 } vyos@vyos:~$ show interfaces Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down Interface IP Address S/L Description --------- ---------- --- ----------- eth0 2001:db8:8003:400::ffff/64 u/u --- data/templates/dhcp-client/ipv6.tmpl | 35 +++++++++++++++++- interface-definitions/interfaces-pppoe.xml.in | 53 +++++++++++++++++++++++++++ python/vyos/ifconfig/dhcp.py | 3 +- src/conf_mode/interfaces-pppoe.py | 27 ++++++++++++++ 4 files changed, 115 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/data/templates/dhcp-client/ipv6.tmpl b/data/templates/dhcp-client/ipv6.tmpl index 8485c9d78..6cfe24d3e 100644 --- a/data/templates/dhcp-client/ipv6.tmpl +++ b/data/templates/dhcp-client/ipv6.tmpl @@ -1,10 +1,41 @@ # generated by dhcp.py +# man https://www.unix.com/man-page/debian/5/dhcp6c.conf/ + interface {{ ifname }} { - request domain-name-servers,domain-name; + request domain-name-servers; + request domain-name; {% if dhcpv6_prm_only %} information-only; {% endif %} {% if not dhcpv6_temporary %} - send ia-na 0; + send ia-na 1; # non-temporary address {% endif %} +{% if dhcpv6_pd %} + send ia-pd 2; # prefix delegation +{% endif %} +}; + +{% if not dhcpv6_temporary %} +id-assoc na 1 { + # Identity association NA }; +{% endif %} + +{% if dhcpv6_pd %} +id-assoc pd 2 { +{% for intf in dhcpv6_pd %} + prefix-interface {{ intf.ifname }} { +{% if intf.sla_id %} + sla-id {{ intf.sla_id }}; +{% endif %} +{% if intf.sla_len %} + sla-len {{ intf.sla_len }}; +{% endif %} +{% if intf.if_id %} + ifid {{ intf.if_id }}; +{% endif %} + }; +{% endfor %} +}; +{% endif %} + diff --git a/interface-definitions/interfaces-pppoe.xml.in b/interface-definitions/interfaces-pppoe.xml.in index d69e0b42c..4337b6fc7 100644 --- a/interface-definitions/interfaces-pppoe.xml.in +++ b/interface-definitions/interfaces-pppoe.xml.in @@ -72,6 +72,59 @@ + + + DHCPv6 options + + + + + Delegate IPv6 prefix from provider to this interface + + + + + + + + Interface address identifier + + 0- + Used to form IPv6 interface address (default: EUI-64) + + + + + + + + + Interface site-Level aggregator (SLA) + + 0-128 + Decimal integer which fits in the length of SLA IDs + + + + + + + + + Site-Level aggregator (SLA) length + + 0-128 + Length of delegated prefix + + + + + + + + + + #include #include #include diff --git a/python/vyos/ifconfig/dhcp.py b/python/vyos/ifconfig/dhcp.py index 95623a76e..f8fdeb6a9 100644 --- a/python/vyos/ifconfig/dhcp.py +++ b/python/vyos/ifconfig/dhcp.py @@ -86,6 +86,7 @@ class _DHCPv6 (Control): 'ifname': ifname, 'dhcpv6_prm_only': False, 'dhcpv6_temporary': False, + 'dhcpv6_pd': [], }) self._conf_file = f'/run/dhcp6c/dhcp6c.{ifname}.conf' @@ -107,7 +108,7 @@ class _DHCPv6 (Control): raise Exception( 'DHCPv6 temporary and parameters-only options are mutually exclusive!') - render(self._conf_file, 'dhcp-client/ipv6.tmpl', self.options) + render(self._conf_file, 'dhcp-client/ipv6.tmpl', self.options, trim_blocks=True) return self._cmd('systemctl restart dhcp6c@{ifname}.service'.format(**self.options)) def delete(self): diff --git a/src/conf_mode/interfaces-pppoe.py b/src/conf_mode/interfaces-pppoe.py index e72540f66..baa07e283 100755 --- a/src/conf_mode/interfaces-pppoe.py +++ b/src/conf_mode/interfaces-pppoe.py @@ -36,6 +36,7 @@ default_config_data = { 'deleted': False, 'description': '\0', 'disable': False, + 'dhcpv6_pd': [], 'intf': '', 'idle_timeout': '', 'ipv6_autoconf': False, @@ -138,6 +139,27 @@ def get_config(): if conf.exists('vrf'): pppoe['vrf'] = conf.return_value(['vrf']) + if conf.exists(['dhcpv6-options', 'delegate']): + for interface in conf.list_nodes(['dhcpv6-options', 'delegate']): + pd = { + 'ifname': interface, + 'sla_id': '', + 'sla_len': '', + 'if_id': '' + } + conf.set_level(base_path + [pppoe['intf'], 'dhcpv6-options', 'delegate', interface]) + + if conf.exists(['sla-id']): + pd['sla_id'] = conf.return_value(['sla-id']) + + if conf.exists(['sla-len']): + pd['sla_len'] = conf.return_value(['sla-len']) + + if conf.exists(['interface-id']): + pd['if_id'] = conf.return_value(['interface-id']) + + pppoe['dhcpv6_pd'].append(pd) + return pppoe def verify(pppoe): @@ -201,6 +223,11 @@ def generate(pppoe): render(script_pppoe_ipv6_up, 'pppoe/ipv6-up.script.tmpl', pppoe, trim_blocks=True, permission=0o755) + if len(pppoe['dhcpv6_pd']) > 0: + ifname = pppoe['intf'] + pppoe['ifname'] = ifname + render(f'/run/dhcp6c/dhcp6c.{ifname}.conf', 'dhcp-client/ipv6.tmpl', pppoe, trim_blocks=True) + return None def apply(pppoe): -- cgit v1.2.3 From 9bcdb58c13b7094a79ae2855a5682f29facab51d Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 17 May 2020 20:27:59 +0200 Subject: pppoe: dhcpv6-pd: T421: start/stop delegation with interface status --- data/templates/pppoe/ip-down.script.tmpl | 5 +++++ data/templates/pppoe/ipv6-up.script.tmpl | 5 +++++ src/conf_mode/interfaces-pppoe.py | 4 ++++ 3 files changed, 14 insertions(+) (limited to 'src') diff --git a/data/templates/pppoe/ip-down.script.tmpl b/data/templates/pppoe/ip-down.script.tmpl index a68fc099c..fe8fd7584 100644 --- a/data/templates/pppoe/ip-down.script.tmpl +++ b/data/templates/pppoe/ip-down.script.tmpl @@ -26,3 +26,8 @@ fi # Always delete default route when interface goes down vtysh -c "conf t" ${VRF_NAME} -c "no ip route 0.0.0.0/0 {{ intf }} ${VRF_NAME}" {% endif %} + +{% if dhcpv6_pd %} +# Start wide dhcpv6 client +systemctl stop dhcp6c@{{ intf }}.service +{% endif %} diff --git a/data/templates/pppoe/ipv6-up.script.tmpl b/data/templates/pppoe/ipv6-up.script.tmpl index a4b08ddaf..90873229a 100644 --- a/data/templates/pppoe/ipv6-up.script.tmpl +++ b/data/templates/pppoe/ipv6-up.script.tmpl @@ -39,3 +39,8 @@ echo 2 > /proc/sys/net/ipv6/conf/{{ intf }}/accept_ra # Autoconfigure addresses using Prefix Information in Router Advertisements. echo 1 > /proc/sys/net/ipv6/conf/{{ intf }}/autoconfigure {% endif %} + +{% if dhcpv6_pd %} +# Start wide dhcpv6 client +systemctl start dhcp6c@{{ intf }}.service +{% endif %} diff --git a/src/conf_mode/interfaces-pppoe.py b/src/conf_mode/interfaces-pppoe.py index baa07e283..ab96211ac 100755 --- a/src/conf_mode/interfaces-pppoe.py +++ b/src/conf_mode/interfaces-pppoe.py @@ -195,6 +195,10 @@ def generate(pppoe): config_files = [config_pppoe, script_pppoe_pre_up, script_pppoe_ip_up, script_pppoe_ip_down, script_pppoe_ipv6_up] + # Shutdown DHCPv6 prefix delegation client + if pppoe['dhcpv6_pd']: + cmd(f'systemctl stop dhcp6c@{intf}.service') + # Always hang-up PPPoE connection prior generating new configuration file cmd(f'systemctl stop ppp@{intf}.service') -- cgit v1.2.3 From 2d47eb1eba4fb19f6ee9d424fcfd90b08f38f060 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 17 May 2020 20:38:24 +0200 Subject: pppoe: dhcpv6-pd: T421: stop service when config is removed --- src/conf_mode/interfaces-pppoe.py | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'src') diff --git a/src/conf_mode/interfaces-pppoe.py b/src/conf_mode/interfaces-pppoe.py index ab96211ac..e46d52d19 100755 --- a/src/conf_mode/interfaces-pppoe.py +++ b/src/conf_mode/interfaces-pppoe.py @@ -191,14 +191,16 @@ def generate(pppoe): script_pppoe_ip_up = f'/etc/ppp/ip-up.d/1000-vyos-pppoe-{intf}' script_pppoe_ip_down = f'/etc/ppp/ip-down.d/1000-vyos-pppoe-{intf}' script_pppoe_ipv6_up = f'/etc/ppp/ipv6-up.d/1000-vyos-pppoe-{intf}' + config_wide_dhcp6c = f'/run/dhcp6c/dhcp6c.{intf}.conf' config_files = [config_pppoe, script_pppoe_pre_up, script_pppoe_ip_up, - script_pppoe_ip_down, script_pppoe_ipv6_up] + script_pppoe_ip_down, script_pppoe_ipv6_up, config_wide_dhcp6c] # Shutdown DHCPv6 prefix delegation client - if pppoe['dhcpv6_pd']: + if not pppoe['dhcpv6_pd']: cmd(f'systemctl stop dhcp6c@{intf}.service') + # Always hang-up PPPoE connection prior generating new configuration file cmd(f'systemctl stop ppp@{intf}.service') @@ -228,9 +230,10 @@ def generate(pppoe): pppoe, trim_blocks=True, permission=0o755) if len(pppoe['dhcpv6_pd']) > 0: - ifname = pppoe['intf'] - pppoe['ifname'] = ifname - render(f'/run/dhcp6c/dhcp6c.{ifname}.conf', 'dhcp-client/ipv6.tmpl', pppoe, trim_blocks=True) + # ipv6.tmpl relies on ifname - this should be made consitent in the + # future better then double key-ing the same value + pppoe['ifname'] = intf + render(config_wide_dhcp6c, 'dhcp-client/ipv6.tmpl', pppoe, trim_blocks=True) return None -- cgit v1.2.3 From 8f1fd7ce8e9202a20913fe2f9c701af7a0b9fc72 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 17 May 2020 20:39:51 +0200 Subject: pppoe: dhcpv6-pd: T421: change system type to forking Wide dhcp client forks by itself --- src/systemd/dhcp6c@.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src') diff --git a/src/systemd/dhcp6c@.service b/src/systemd/dhcp6c@.service index 08c0d57fa..1a4175461 100644 --- a/src/systemd/dhcp6c@.service +++ b/src/systemd/dhcp6c@.service @@ -6,7 +6,7 @@ After=vyos-router.service [Service] WorkingDirectory=/run/dhcp6c -Type=exec +Type=forking PIDFile=/run/dhcp6c/dhcp6c.%i.pid ExecStart=/usr/sbin/dhcp6c -D -k /run/dhcp6c/dhcp6c.%i.sock -c /run/dhcp6c/dhcp6c.%i.conf -p /run/dhcp6c/dhcp6c.%i.pid %i -- cgit v1.2.3