From 900e75e387939a1d1d4d5b0b79809b8bb2305b91 Mon Sep 17 00:00:00 2001 From: Jernej Jakob Date: Sun, 3 May 2020 13:46:47 +0200 Subject: validate: T2241: rewrite is_bridge_member to generic is_member - rewrite the function to support both bridge and bonding interface types, if the type is passed it searches only that type, otherwise it searches both - move is_member check out of the deleted condition - move is_member check to intf_from_dict for interfaces that use it --- src/conf_mode/interfaces-vxlan.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'src/conf_mode/interfaces-vxlan.py') diff --git a/src/conf_mode/interfaces-vxlan.py b/src/conf_mode/interfaces-vxlan.py index 74eae4281..334e418ab 100755 --- a/src/conf_mode/interfaces-vxlan.py +++ b/src/conf_mode/interfaces-vxlan.py @@ -22,7 +22,7 @@ from netifaces import interfaces from vyos.config import Config from vyos.ifconfig import VXLANIf, Interface -from vyos.validate import is_bridge_member +from vyos.validate import is_member from vyos import ConfigError default_config_data = { @@ -62,11 +62,12 @@ def get_config(): vxlan['intf'] = os.environ['VYOS_TAGNODE_VALUE'] + # check if interface is member if a bridge + vxlan['is_bridge_member'] = is_member(conf, vxlan['intf'], 'bridge') + # Check if interface has been removed if not conf.exists('interfaces vxlan ' + vxlan['intf']): vxlan['deleted'] = True - # check if interface is member if a bridge - vxlan['is_bridge_member'] = is_bridge_member(conf, vxlan['intf']) return vxlan # set new configuration level -- cgit v1.2.3 From 1a170e9172eac154322c49d8c196e09f5804bc4a Mon Sep 17 00:00:00 2001 From: Jernej Jakob Date: Fri, 1 May 2020 19:54:53 +0200 Subject: vxlan: T2241: make address and bridge membership mutually exclusive Bridge members should not have any addresses assigned. --- src/conf_mode/interfaces-vxlan.py | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'src/conf_mode/interfaces-vxlan.py') diff --git a/src/conf_mode/interfaces-vxlan.py b/src/conf_mode/interfaces-vxlan.py index 334e418ab..5bf1f2fb6 100755 --- a/src/conf_mode/interfaces-vxlan.py +++ b/src/conf_mode/interfaces-vxlan.py @@ -122,7 +122,8 @@ def get_config(): vxlan['ipv6_eui64_prefix'] = conf.return_values('ipv6 address eui64') # Remove the default link-local address if set. - if not conf.exists('ipv6 address no-default-link-local'): + if not ( conf.exists('ipv6 address no-default-link-local') + or vxlan['is_bridge_member'] ): # add the link-local by default to make IPv6 work vxlan['ipv6_eui64_prefix'].append('fe80::/64') @@ -194,6 +195,14 @@ def verify(vxlan): raise ConfigError('VXLAN has a 50 byte overhead, underlaying device ' \ 'MTU is to small ({})'.format(underlay_mtu)) + if ( vxlan['is_bridge_member'] + and ( vxlan['address'] + or vxlan['ipv6_eui64_prefix'] + or vxlan['ipv6_autoconf'] ) ): + raise ConfigError(( + f'Cannot assign address to interface "{vxlan["intf"]}" ' + f'as it is a member of bridge "{vxlan["is_bridge_member"]}"!')) + return None -- cgit v1.2.3 From 3a3b3c3ffaea0a6e77f6dbf5ee6a3de121b5b9a9 Mon Sep 17 00:00:00 2001 From: Jernej Jakob Date: Fri, 1 May 2020 19:55:48 +0200 Subject: vxlan: T2241: fix falling out of bridge when changing settings Previously, the interface was always deleted and recreated, which removed it from the bridge. - always re-add the interface back to any bridge it is part of --- src/conf_mode/interfaces-vxlan.py | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'src/conf_mode/interfaces-vxlan.py') diff --git a/src/conf_mode/interfaces-vxlan.py b/src/conf_mode/interfaces-vxlan.py index 5bf1f2fb6..8abd2b46e 100755 --- a/src/conf_mode/interfaces-vxlan.py +++ b/src/conf_mode/interfaces-vxlan.py @@ -274,6 +274,10 @@ def apply(vxlan): if not vxlan['disable']: v.set_admin_state('up') + # re-add ourselves to any bridge we might have fallen out of + if vxlan['is_bridge_member']: + v.add_to_bridge(vxlan['is_bridge_member']) + return None -- cgit v1.2.3 From 08bb34e392989ccefa4706ac017449148e8f61fe Mon Sep 17 00:00:00 2001 From: Jernej Jakob Date: Fri, 1 May 2020 19:56:47 +0200 Subject: vxlan: T2241: cleanup verify section - make error output more user friendly - replace .format with f-strings - split into lines less than ~80 characters long --- src/conf_mode/interfaces-vxlan.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'src/conf_mode/interfaces-vxlan.py') diff --git a/src/conf_mode/interfaces-vxlan.py b/src/conf_mode/interfaces-vxlan.py index 8abd2b46e..fabfaa9df 100755 --- a/src/conf_mode/interfaces-vxlan.py +++ b/src/conf_mode/interfaces-vxlan.py @@ -165,9 +165,9 @@ def get_config(): def verify(vxlan): if vxlan['deleted']: if vxlan['is_bridge_member']: - interface = vxlan['intf'] - bridge = vxlan['is_bridge_member'] - raise ConfigError(f'Interface "{interface}" can not be deleted as it belongs to bridge "{bridge}"!') + raise ConfigError(( + f'Cannot delete interface "{vxlan["intf"]}" as it is a ' + f'member of bridge "{vxlan["is_bridge_member"]}"!') return None -- cgit v1.2.3