summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniil Baturin <daniil@baturin.org>2014-09-20 09:44:57 +0700
committerDaniil Baturin <daniil@baturin.org>2014-09-20 09:44:57 +0700
commit6d98a53c04e4921adebd4f62e39f9ceb8fcb2fd9 (patch)
treeb702cb4c80f7617b459269e9242ff4383b7c0523
parent8e80ffd364a3c4b4c7ca9cc2b112b13567f9d77e (diff)
parent3d515e3cc128a6cd47c399ff01f49f733e3eafbd (diff)
downloadvyatta-cfg-system-6d98a53c04e4921adebd4f62e39f9ceb8fcb2fd9.tar.gz
vyatta-cfg-system-6d98a53c04e4921adebd4f62e39f9ceb8fcb2fd9.zip
Merge pull request #19 from upa/helium-vxlan-cli
Add support for VXLAN
-rw-r--r--sysconf/netdevice1
-rw-r--r--templates/interfaces/vxlan/node.def49
-rw-r--r--templates/interfaces/vxlan/node.tag/address/node.def18
-rw-r--r--templates/interfaces/vxlan/node.tag/bridge-group/bridge/node.def12
-rw-r--r--templates/interfaces/vxlan/node.tag/bridge-group/cost/node.def4
-rw-r--r--templates/interfaces/vxlan/node.tag/bridge-group/node.def3
-rw-r--r--templates/interfaces/vxlan/node.tag/bridge-group/priority/node.def4
-rw-r--r--templates/interfaces/vxlan/node.tag/description/node.def8
-rw-r--r--templates/interfaces/vxlan/node.tag/dev/node.def10
-rw-r--r--templates/interfaces/vxlan/node.tag/group/node.def9
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/disable-arp-filter/node.def3
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/enable-arp-accept/node.def3
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/enable-arp-announce/node.def3
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/enable-arp-ignore/node.def3
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/enable-proxy-arp/node.def3
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/node.def1
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/ospf/authentication/md5/key-id/node.def10
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/ospf/authentication/md5/key-id/node.tag/md5-key/node.def20
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/ospf/authentication/md5/node.def10
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/ospf/authentication/node.def2
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/ospf/authentication/plaintext-password/node.def10
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/ospf/bandwidth/node.def7
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/ospf/cost/node.def11
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/ospf/dead-interval/node.def8
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/ospf/hello-interval/node.def8
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/ospf/mtu-ignore/node.def3
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/ospf/network/node.def11
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/ospf/node.def1
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/ospf/priority/node.def8
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/ospf/retransmit-interval/node.def10
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/ospf/transmit-delay/node.def8
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/rip/authentication/md5/node.def8
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/rip/authentication/md5/node.tag/password/node.def17
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/rip/authentication/node.def1
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/rip/authentication/plaintext-password/node.def13
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/rip/node.def1
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/rip/split-horizon/disable/node.def8
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/rip/split-horizon/node.def1
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/rip/split-horizon/poison-reverse/node.def9
-rw-r--r--templates/interfaces/vxlan/node.tag/ip/source-validation/node.def34
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/address/autoconf/node.def27
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/address/eui64/node.def15
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/address/node.def1
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/disable-forwarding/node.def31
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/dup-addr-detect-transmits/node.def17
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/node.def1
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/ospfv3/cost/node.def8
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/ospfv3/dead-interval/node.def10
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/ospfv3/hello-interval/node.def10
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/ospfv3/ifmtu/node.def7
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/ospfv3/instance-id/node.def8
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/ospfv3/mtu-ignore/node.def4
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/ospfv3/node.def1
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/ospfv3/passive/node.def3
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/ospfv3/priority/node.def8
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/ospfv3/retransmit-interval/node.def10
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/ospfv3/transmit-delay/node.def10
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/ripng/node.def1
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/ripng/split-horizon/disable/node.def6
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/ripng/split-horizon/node.def1
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/ripng/split-horizon/poison-reverse/node.def9
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/router-advert/cur-hop-limit/node.def10
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/router-advert/default-lifetime/node.def9
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/router-advert/default-preference/node.def10
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/router-advert/link-mtu/node.def10
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/router-advert/managed-flag/node.def10
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/router-advert/max-interval/node.def9
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/router-advert/min-interval/node.def10
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/router-advert/name-server/node.def6
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/router-advert/node.def36
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/router-advert/other-config-flag/node.def9
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/router-advert/prefix/node.def7
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/router-advert/prefix/node.tag/autonomous-flag/node.def9
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/router-advert/prefix/node.tag/on-link-flag/node.def9
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/router-advert/prefix/node.tag/preferred-lifetime/node.def11
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/router-advert/prefix/node.tag/valid-lifetime/node.def10
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/router-advert/reachable-time/node.def9
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/router-advert/retrans-timer/node.def7
-rw-r--r--templates/interfaces/vxlan/node.tag/ipv6/router-advert/send-advert/node.def16
-rw-r--r--templates/interfaces/vxlan/node.tag/mtu/node.def14
-rw-r--r--templates/interfaces/vxlan/node.tag/policy/ipv6-route/node.def17
-rw-r--r--templates/interfaces/vxlan/node.tag/policy/node.def1
-rw-r--r--templates/interfaces/vxlan/node.tag/policy/route/node.def17
-rw-r--r--templates/interfaces/vxlan/node.tag/vni/node.def10
84 files changed, 797 insertions, 0 deletions
diff --git a/sysconf/netdevice b/sysconf/netdevice
index e1447faa..71fc310d 100644
--- a/sysconf/netdevice
+++ b/sysconf/netdevice
@@ -13,3 +13,4 @@ wlan wireless
pppoe pppoe
dum dummy
l2tpeth l2tpv3
+vxlan vxlan
diff --git a/templates/interfaces/vxlan/node.def b/templates/interfaces/vxlan/node.def
new file mode 100644
index 00000000..f7c9b7c7
--- /dev/null
+++ b/templates/interfaces/vxlan/node.def
@@ -0,0 +1,49 @@
+tag:
+priority: 460
+type: txt
+help: Virtual eXtensible LAN interface
+val_help: <vxlanN>; VXLAN interface name
+syntax:expression: pattern $VAR(@) "vxlan[0-9]+$"
+
+commit:expression: $VAR(./group/) != ""; \
+ "Must configure vxlan group for $VAR(@)"
+commit:expression: $VAR(./vni/) != ""; \
+ "Must configure vxlan vni for $VAR(@)"
+
+begin:
+ [ -d /sys/module/vxlan ] || sudo modprobe vxlan
+
+
+create:
+ if [ -e /sys/class/net/$VAR(@) ]; then
+ echo "VXLAN interface \"$VAR(@)\" already exists."
+ exit 1
+ fi
+
+ VXLAN_VNI="id $VAR(./vni/@)"
+ VXLAN_GROUP="group $VAR(./group/@)"
+ VXLAN_TTL="ttl 16"
+
+ if [ ! $VAR(./dev/) == "" ]; then
+ VXLAN_DEV="dev $VAR(./dev/@)"
+ fi
+
+ ip link add name $VAR(@) type vxlan \
+ $VXLAN_VNI $VXLAN_GROUP $VXLAN_TTL $VXLAN_DEV
+ ip link set $VAR(@) up
+
+ touch /tmp/vxlan-$VAR(@)-create
+
+
+delete:
+ if [ ! -e /sys/class/net/$VAR(@) ]; then
+ echo "VXLAN interface \"$VAR(@)\" does not exist."
+ else
+ ip link del dev $VAR(@)
+ fi
+
+
+end:
+ if [ -e /tmp/vxlan-$VAR(@)-create ]; then
+ rm /tmp/vxlan-$VAR(@)-create
+ fi
diff --git a/templates/interfaces/vxlan/node.tag/address/node.def b/templates/interfaces/vxlan/node.tag/address/node.def
new file mode 100644
index 00000000..3cf32ef7
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/address/node.def
@@ -0,0 +1,18 @@
+multi:
+type: txt
+help: IP address
+
+syntax:expression: exec "/opt/vyatta/sbin/valid_address $VAR(@)"
+
+commit:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-commit $VAR(@@) --dev $VAR(../@)"
+
+create: sudo /opt/vyatta/sbin/vyatta-address add $VAR(../@) $VAR(@)
+
+delete: sudo /opt/vyatta/sbin/vyatta-address delete $VAR(../@) $VAR(@)
+
+allowed: echo "dhcp dhcpv6 <>"
+
+val_help: ipv4net; IP address and prefix length
+val_help: ipv6net; IPv6 address and prefix length
+val_help: dhcp; Dynamic Host Configuration Protocol
+val_help: dhcpv6; Dynamic Host Configuration Protocol for IPv6
diff --git a/templates/interfaces/vxlan/node.tag/bridge-group/bridge/node.def b/templates/interfaces/vxlan/node.tag/bridge-group/bridge/node.def
new file mode 100644
index 00000000..d58e8f07
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/bridge-group/bridge/node.def
@@ -0,0 +1,12 @@
+type: txt
+
+help: Bridge group name
+
+syntax:expression: pattern $VAR(@) "^br[0-9]+$" \
+ ; "$VAR(@): not a valid name for a bridge"
+
+commit:expression: exec \
+ "/opt/vyatta/sbin/vyatta-interfaces.pl --dev=$VAR(@) --check=bridge"
+
+allowed: /opt/vyatta/sbin/vyatta-interfaces.pl --show=bridge
+
diff --git a/templates/interfaces/vxlan/node.tag/bridge-group/cost/node.def b/templates/interfaces/vxlan/node.tag/bridge-group/cost/node.def
new file mode 100644
index 00000000..22bac5a2
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/bridge-group/cost/node.def
@@ -0,0 +1,4 @@
+type: u32
+help: Bridge port cost
+syntax:expression: $VAR(@) >= 1 && $VAR(@) < 65536 ; "Bridge cost value must be between 1 and 65535"
+val_help: u32:1-65535; Path cost value for Spanning Tree Protocol
diff --git a/templates/interfaces/vxlan/node.tag/bridge-group/node.def b/templates/interfaces/vxlan/node.tag/bridge-group/node.def
new file mode 100644
index 00000000..74ecab4d
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/bridge-group/node.def
@@ -0,0 +1,3 @@
+help: Add this interface to a bridge group
+
+end: /opt/vyatta/sbin/vyatta-bridge.pl ${COMMIT_ACTION} $VAR(../@)
diff --git a/templates/interfaces/vxlan/node.tag/bridge-group/priority/node.def b/templates/interfaces/vxlan/node.tag/bridge-group/priority/node.def
new file mode 100644
index 00000000..be0ff479
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/bridge-group/priority/node.def
@@ -0,0 +1,4 @@
+type: u32
+help: Bridge port priority
+syntax:expression: $VAR(@) >= 0 &&$VAR(@) < 64; "Port priority must be between 0-63"
+val_help: u32:0-63; Bridge port priority
diff --git a/templates/interfaces/vxlan/node.tag/description/node.def b/templates/interfaces/vxlan/node.tag/description/node.def
new file mode 100644
index 00000000..7d88db80
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/description/node.def
@@ -0,0 +1,8 @@
+type: txt
+help: Description
+
+syntax:expression: pattern $VAR(@) "^.{1,256}$" \
+ ; "interface description is too long (limit 256 characters)"
+
+update: sudo sh -c "echo \"$VAR(@)\" >/sys/class/net/$VAR(../@)/ifalias"
+delete: sudo sh -c "echo '' >/sys/class/net/$VAR(../@)/ifalias"
diff --git a/templates/interfaces/vxlan/node.tag/dev/node.def b/templates/interfaces/vxlan/node.tag/dev/node.def
new file mode 100644
index 00000000..d21c7d98
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/dev/node.def
@@ -0,0 +1,10 @@
+type: txt
+help: Underlay device name of this VXLAN interface
+allowed: ${vyatta_sbindir}/vyatta-interfaces.pl --show all && echo default
+val_help:<interface>; Interface to be used as underlay of VXLAN interface
+
+update:
+ if [ ! -e /tmp/vxlan-$VAR(../@)-create ]; then
+ echo "Chainging dev requires delete/create this vxlan interface"
+ exit 1
+ fi
diff --git a/templates/interfaces/vxlan/node.tag/group/node.def b/templates/interfaces/vxlan/node.tag/group/node.def
new file mode 100644
index 00000000..717babd7
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/group/node.def
@@ -0,0 +1,9 @@
+type: ipv4
+help: Multicast group address for this VXLAN interface [REQUIRED]
+val_help: ipv4; Multicast group address for this VXLAN [REQUIRED]
+
+update:
+ if [ ! -e /tmp/vxlan-$VAR(../@)-create ]; then
+ echo "Chainging group requires delete/create this vxlan interface"
+ exit 1
+ fi
diff --git a/templates/interfaces/vxlan/node.tag/ip/disable-arp-filter/node.def b/templates/interfaces/vxlan/node.tag/ip/disable-arp-filter/node.def
new file mode 100644
index 00000000..435998f7
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/disable-arp-filter/node.def
@@ -0,0 +1,3 @@
+help: Disable arp-filter on this interface
+create:expression: "sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/$VAR(../../@)/arp_filter\" "
+delete:expression: "sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/$VAR(../../@)/arp_filter\" "
diff --git a/templates/interfaces/vxlan/node.tag/ip/enable-arp-accept/node.def b/templates/interfaces/vxlan/node.tag/ip/enable-arp-accept/node.def
new file mode 100644
index 00000000..6ae32491
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/enable-arp-accept/node.def
@@ -0,0 +1,3 @@
+help: Enable arp-accept on this interface
+create:expression: "sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/$VAR(../../@)/arp_accept\" "
+delete:expression: "sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/$VAR(../../@)/arp_accept\" "
diff --git a/templates/interfaces/vxlan/node.tag/ip/enable-arp-announce/node.def b/templates/interfaces/vxlan/node.tag/ip/enable-arp-announce/node.def
new file mode 100644
index 00000000..7471e799
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/enable-arp-announce/node.def
@@ -0,0 +1,3 @@
+help: Enable arp-announce on this interface
+create:expression: "sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/$VAR(../../@)/arp_announce\" "
+delete:expression: "sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/$VAR(../../@)/arp_announce\" "
diff --git a/templates/interfaces/vxlan/node.tag/ip/enable-arp-ignore/node.def b/templates/interfaces/vxlan/node.tag/ip/enable-arp-ignore/node.def
new file mode 100644
index 00000000..b3ab0a56
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/enable-arp-ignore/node.def
@@ -0,0 +1,3 @@
+help: Enable arp-ignore on this interface
+create:expression: "sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/$VAR(../../@)/arp_ignore\" "
+delete:expression: "sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/$VAR(../../@)/arp_ignore\" "
diff --git a/templates/interfaces/vxlan/node.tag/ip/enable-proxy-arp/node.def b/templates/interfaces/vxlan/node.tag/ip/enable-proxy-arp/node.def
new file mode 100644
index 00000000..ae7ba09a
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/enable-proxy-arp/node.def
@@ -0,0 +1,3 @@
+help: Enable proxy-arp on this interface
+create:expression: "sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/$VAR(../../@)/proxy_arp\" "
+delete:expression: "sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/$VAR(../../@)/proxy_arp\" "
diff --git a/templates/interfaces/vxlan/node.tag/ip/node.def b/templates/interfaces/vxlan/node.tag/ip/node.def
new file mode 100644
index 00000000..85dfeded
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/node.def
@@ -0,0 +1 @@
+help: IPv4 routing parameters
diff --git a/templates/interfaces/vxlan/node.tag/ip/ospf/authentication/md5/key-id/node.def b/templates/interfaces/vxlan/node.tag/ip/ospf/authentication/md5/key-id/node.def
new file mode 100644
index 00000000..bc47e563
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/ospf/authentication/md5/key-id/node.def
@@ -0,0 +1,10 @@
+tag:
+type: u32
+help: MD5 key id
+
+syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 255; "ID must be between (1-255)"
+val_help: u32:1-255; MD5 key id
+
+commit:expression: $VAR(md5-key/) != ""; \
+ "Must add the md5-key for key-id $VAR(@)"
+
diff --git a/templates/interfaces/vxlan/node.tag/ip/ospf/authentication/md5/key-id/node.tag/md5-key/node.def b/templates/interfaces/vxlan/node.tag/ip/ospf/authentication/md5/key-id/node.tag/md5-key/node.def
new file mode 100644
index 00000000..bb8bed21
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/ospf/authentication/md5/key-id/node.tag/md5-key/node.def
@@ -0,0 +1,20 @@
+type: txt
+help: MD5 key
+syntax:expression: pattern $VAR(@) "^[^[:space:]]{1,16}$"; "MD5 key must be 16 characters or less"
+val_help: MD5 Key (16 characters or less)
+
+# If this node is created
+create:
+ vtysh -c "configure terminal" -c "interface $VAR(../../../../../../@)" \
+ -c "ip ospf message-digest-key $VAR(../@) md5 $VAR(@)"
+
+# If the value of this node is changed
+update:
+ vtysh -c "configure terminal" -c "interface $VAR(../../../../../../@)" \
+ -c "no ip ospf message-digest-key $VAR(../@)" \
+ -c "ip ospf message-digest-key $VAR(../@) md5 $VAR(@)"
+
+# If this node is deleted
+delete:
+ vtysh -c "configure terminal" -c "interface $VAR(../../../../../../@)" \
+ -c "no ip ospf message-digest-key $VAR(../@)"
diff --git a/templates/interfaces/vxlan/node.tag/ip/ospf/authentication/md5/node.def b/templates/interfaces/vxlan/node.tag/ip/ospf/authentication/md5/node.def
new file mode 100644
index 00000000..a31bd2ec
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/ospf/authentication/md5/node.def
@@ -0,0 +1,10 @@
+help: MD5 parameters
+
+create: vtysh -c "configure terminal" \
+ -c "interface $VAR(../../../../@)" \
+ -c "no ip ospf authentication" \
+ -c "ip ospf authentication message-digest"
+
+delete: vtysh -c "configure terminal" \
+ -c "interface $VAR(../../../../@)" \
+ -c "no ip ospf authentication"
diff --git a/templates/interfaces/vxlan/node.tag/ip/ospf/authentication/node.def b/templates/interfaces/vxlan/node.tag/ip/ospf/authentication/node.def
new file mode 100644
index 00000000..abf04eab
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/ospf/authentication/node.def
@@ -0,0 +1,2 @@
+help: OSPF interface authentication
+
diff --git a/templates/interfaces/vxlan/node.tag/ip/ospf/authentication/plaintext-password/node.def b/templates/interfaces/vxlan/node.tag/ip/ospf/authentication/plaintext-password/node.def
new file mode 100644
index 00000000..a2ba2f71
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/ospf/authentication/plaintext-password/node.def
@@ -0,0 +1,10 @@
+type: txt
+help: Plain text password
+syntax:expression: pattern $VAR(@) "^[^[:space:]]{1,8}$" ; "Password must be 8 characters or less"
+val_help: Plain text password (8 characters or less)
+
+update:vtysh -c "configure terminal" -c "interface $VAR(../../../../@)" \
+ -c "no ip ospf authentication " -c "ip ospf authentication " \
+ -c "ip ospf authentication-key $VAR(@)"
+delete:vtysh -c "configure terminal" -c "interface $VAR(../../../../@)" \
+ -c "no ip ospf authentication " -c "no ip ospf authentication-key"
diff --git a/templates/interfaces/vxlan/node.tag/ip/ospf/bandwidth/node.def b/templates/interfaces/vxlan/node.tag/ip/ospf/bandwidth/node.def
new file mode 100644
index 00000000..30a6db86
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/ospf/bandwidth/node.def
@@ -0,0 +1,7 @@
+type: u32
+help: Bandwidth of interface (kilobits/sec)
+syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 10000000; "Must be between 1-10000000"
+val_help: u32:1-10000000; Bandwidth in kilobits/sec (for calculating OSPF cost)
+
+update: vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "bandwidth $VAR(@)"
+delete: vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "no bandwidth"
diff --git a/templates/interfaces/vxlan/node.tag/ip/ospf/cost/node.def b/templates/interfaces/vxlan/node.tag/ip/ospf/cost/node.def
new file mode 100644
index 00000000..9de07739
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/ospf/cost/node.def
@@ -0,0 +1,11 @@
+type: u32
+help: Interface cost
+syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "Must be between 1-65535"
+val_help: u32:1-65535; OSPF interface cost
+
+update:vtysh -c "configure terminal" \
+ -c "interface $VAR(../../../@)" \
+ -c "ip ospf cost $VAR(@)"
+delete:vtysh -c "configure terminal" \
+ -c "interface $VAR(../../../@)" \
+ -c "no ip ospf cost"
diff --git a/templates/interfaces/vxlan/node.tag/ip/ospf/dead-interval/node.def b/templates/interfaces/vxlan/node.tag/ip/ospf/dead-interval/node.def
new file mode 100644
index 00000000..434ab8d1
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/ospf/dead-interval/node.def
@@ -0,0 +1,8 @@
+type: u32
+help: Interval after which neighbor is dead
+default: 40
+syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "Must be between 1-65535"
+val_help: u32:1-65535; OSPF dead interval in seconds (default 40)
+
+update:vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "ip ospf dead-interval $VAR(@)"
+delete:vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "no ip ospf dead-interval"
diff --git a/templates/interfaces/vxlan/node.tag/ip/ospf/hello-interval/node.def b/templates/interfaces/vxlan/node.tag/ip/ospf/hello-interval/node.def
new file mode 100644
index 00000000..4178c082
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/ospf/hello-interval/node.def
@@ -0,0 +1,8 @@
+type: u32
+help: Interval between hello packets
+default: 10
+syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "Must be between 1-65535"
+val_help: u32:1-65535; Interval between OSPF hello packets in seconds (default 10)
+
+update:vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "ip ospf hello-interval $VAR(@)"
+delete:vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "no ip ospf hello-interval"
diff --git a/templates/interfaces/vxlan/node.tag/ip/ospf/mtu-ignore/node.def b/templates/interfaces/vxlan/node.tag/ip/ospf/mtu-ignore/node.def
new file mode 100644
index 00000000..15518da6
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/ospf/mtu-ignore/node.def
@@ -0,0 +1,3 @@
+help: Disable Maximum Transmission Unit (MTU) mismatch detection
+create:vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "ip ospf mtu-ignore"
+delete:vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "no ip ospf mtu-ignore"
diff --git a/templates/interfaces/vxlan/node.tag/ip/ospf/network/node.def b/templates/interfaces/vxlan/node.tag/ip/ospf/network/node.def
new file mode 100644
index 00000000..ce36466f
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/ospf/network/node.def
@@ -0,0 +1,11 @@
+type: txt
+help: Network type
+syntax:expression: $VAR(@) in "broadcast", "non-broadcast", "point-to-multipoint", "point-to-point"; \
+ "Must be (broadcast|non-broadcast|point-to-multipoint|point-to-point)"
+update:vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "ip ospf network $VAR(@)"
+delete:vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "no ip ospf network"
+
+val_help: broadcast; Broadcast network type
+val_help: non-broadcast; Non-broadcast network type
+val_help: point-to-multipoint; Point-to-multipoint network type
+val_help: point-to-point; Point-to-point network type
diff --git a/templates/interfaces/vxlan/node.tag/ip/ospf/node.def b/templates/interfaces/vxlan/node.tag/ip/ospf/node.def
new file mode 100644
index 00000000..8eaece24
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/ospf/node.def
@@ -0,0 +1 @@
+help: Open Shortest Path First (OSPF) parameters
diff --git a/templates/interfaces/vxlan/node.tag/ip/ospf/priority/node.def b/templates/interfaces/vxlan/node.tag/ip/ospf/priority/node.def
new file mode 100644
index 00000000..c4a13909
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/ospf/priority/node.def
@@ -0,0 +1,8 @@
+type: u32
+help: Router priority
+default: 1
+syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 255; "Must be between 0-255"
+val_help: u32:0-255; Priority (default 1)
+
+update:vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "ip ospf priority $VAR(@)"
+delete:vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "no ip ospf priority"
diff --git a/templates/interfaces/vxlan/node.tag/ip/ospf/retransmit-interval/node.def b/templates/interfaces/vxlan/node.tag/ip/ospf/retransmit-interval/node.def
new file mode 100644
index 00000000..6df594fb
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/ospf/retransmit-interval/node.def
@@ -0,0 +1,10 @@
+type: u32
+help: Interval between retransmitting lost link state advertisements
+default: 5
+syntax:expression: $VAR(@) >= 3 && $VAR(@) <= 65535; "Must be between 3-65535"
+val_help: u32: 3-65535; Retransmit interval in seconds (default 5)
+
+update: vtysh -c "configure terminal" -c "interface $VAR(../../../@)" \
+ -c "ip ospf retransmit-interval $VAR(@)"
+delete: vtysh -c "configure terminal" -c "interface $VAR(../../../@)" \
+ -c "no ip ospf retransmit-interval"
diff --git a/templates/interfaces/vxlan/node.tag/ip/ospf/transmit-delay/node.def b/templates/interfaces/vxlan/node.tag/ip/ospf/transmit-delay/node.def
new file mode 100644
index 00000000..0785ce54
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/ospf/transmit-delay/node.def
@@ -0,0 +1,8 @@
+type: u32
+help: Link state transmit delay
+default: 1
+syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "Must be between 1-65535"
+val_help: u32:1-65535; Transmit delay in seconds (default 1)
+
+update:vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "ip ospf transmit-delay $VAR(@)"
+delete:vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "no ip ospf transmit-delay"
diff --git a/templates/interfaces/vxlan/node.tag/ip/rip/authentication/md5/node.def b/templates/interfaces/vxlan/node.tag/ip/rip/authentication/md5/node.def
new file mode 100644
index 00000000..ad45eb1b
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/rip/authentication/md5/node.def
@@ -0,0 +1,8 @@
+tag:
+type: u32
+help: MD5 authentication parameters
+syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 255; \
+ "ID must be between 1 and 255"
+
+commit:expression: $VAR(../plaintext-password/) == "" ; \
+ "plaintext-password already set"
diff --git a/templates/interfaces/vxlan/node.tag/ip/rip/authentication/md5/node.tag/password/node.def b/templates/interfaces/vxlan/node.tag/ip/rip/authentication/md5/node.tag/password/node.def
new file mode 100644
index 00000000..5af81f70
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/rip/authentication/md5/node.tag/password/node.def
@@ -0,0 +1,17 @@
+type: txt
+help: Authentication password
+syntax:expression: pattern $VAR(@) "^[^[:space:]]{1,16}$" ; "MD5 key must be 16 characters or less"
+val_help: MD5 Key (16 characters or less)
+
+update:vtysh \
+ -c "configure terminal" -c "interface $VAR(../../../../../@)" \
+ -c "ip rip authentication mode md5" \
+ -c "ip rip authentication key-chain $VAR(../../../../../@)-rip" \
+ -c "key chain $VAR(../../../../../@)-rip" -c "key $VAR(../@)" \
+ -c "key-string $VAR(@)"
+
+delete:vtysh --noerror \
+ -c "configure terminal" -c "interface $VAR(../../../../../@)" \
+ -c "no ip rip authentication mode md5" \
+ -c "no ip rip authentication key-chain $VAR(../../../../../@)-rip" \
+ -c "no key chain $VAR(../../../../../@)-rip"
diff --git a/templates/interfaces/vxlan/node.tag/ip/rip/authentication/node.def b/templates/interfaces/vxlan/node.tag/ip/rip/authentication/node.def
new file mode 100644
index 00000000..22039cf7
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/rip/authentication/node.def
@@ -0,0 +1 @@
+help: Authentication method
diff --git a/templates/interfaces/vxlan/node.tag/ip/rip/authentication/plaintext-password/node.def b/templates/interfaces/vxlan/node.tag/ip/rip/authentication/plaintext-password/node.def
new file mode 100644
index 00000000..747da810
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/rip/authentication/plaintext-password/node.def
@@ -0,0 +1,13 @@
+type: txt
+help: Plain text password
+syntax:expression: pattern $VAR(@) "^[^[:space:]]{1,16}$" ; "Password must be 16 characters or less"
+commit:expression: $VAR(../md5/) == "" ; "md5 password already set"
+val_help: Password (16 characters or less)
+
+update: vtysh -c "configure terminal" -c "interface $VAR(../../../../@)" \
+ -c "ip rip authentication mode text" \
+ -c "ip rip authentication string $VAR(@)"
+
+delete: vtysh -c "configure terminal" -c "interface $VAR(../../../../@)" \
+ -c "no ip rip authentication mode" \
+ -c "no ip rip authentication string $VAR(@)"
diff --git a/templates/interfaces/vxlan/node.tag/ip/rip/node.def b/templates/interfaces/vxlan/node.tag/ip/rip/node.def
new file mode 100644
index 00000000..d6a4eb34
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/rip/node.def
@@ -0,0 +1 @@
+help: Routing Information Protocol (RIP)
diff --git a/templates/interfaces/vxlan/node.tag/ip/rip/split-horizon/disable/node.def b/templates/interfaces/vxlan/node.tag/ip/rip/split-horizon/disable/node.def
new file mode 100644
index 00000000..eb231e35
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/rip/split-horizon/disable/node.def
@@ -0,0 +1,8 @@
+help: Disable split horizon on specified interface
+create: vtysh -c "configure terminal" -c "interface $VAR(../../../../@)" \
+ -c "no ip rip split-horizon"
+delete: vtysh -c "configure terminal" -c "interface $VAR(../../../../@)" \
+ -c "ip rip split-horizon"
+
+commit:expression: ($VAR(../poison-reverse/) == ""); \
+ "You cannot have 'split-horizon poison-reverse' enabled with 'split-horizon' disabled for $VAR(../../../../@)"
diff --git a/templates/interfaces/vxlan/node.tag/ip/rip/split-horizon/node.def b/templates/interfaces/vxlan/node.tag/ip/rip/split-horizon/node.def
new file mode 100644
index 00000000..c4fb5ddc
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/rip/split-horizon/node.def
@@ -0,0 +1 @@
+help: Split horizon parameters
diff --git a/templates/interfaces/vxlan/node.tag/ip/rip/split-horizon/poison-reverse/node.def b/templates/interfaces/vxlan/node.tag/ip/rip/split-horizon/poison-reverse/node.def
new file mode 100644
index 00000000..7ae46127
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/rip/split-horizon/poison-reverse/node.def
@@ -0,0 +1,9 @@
+help: Enable poison reverse for split-horizon
+create:vtysh -c "configure terminal" -c "interface $VAR(../../../../@)" \
+ -c "ip rip split-horizon poisoned-reverse"
+
+delete:vtysh -c "configure terminal" -c "interface $VAR(../../../../@)" \
+ -c "no ip rip split-horizon" -c "ip rip split-horizon "
+
+commit:expression: ($VAR(../disable/) == ""); \
+ "You cannot have 'split-horizon poison-reverse' enabled with 'split-horizon' disabled for $VAR(../../../../@)"
diff --git a/templates/interfaces/vxlan/node.tag/ip/source-validation/node.def b/templates/interfaces/vxlan/node.tag/ip/source-validation/node.def
new file mode 100644
index 00000000..fdd0ef92
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ip/source-validation/node.def
@@ -0,0 +1,34 @@
+# rp_filter
+# default value - 0
+# conf/all/rp_filter and conf/[interface]/rp_filter both must be set to
+# a value greater than 0 to do source validation on the interface
+
+
+type: txt
+
+help: Policy for source validation by reversed path, as specified in RFC3704
+
+val_help: strict; Enable Strict Reverse Path Forwarding as defined in RFC3704
+val_help: loose; Enable Loose Reverse Path Forwarding as defined in RFC3704
+val_help: disable; No source validation
+
+syntax:expression: $VAR(@) in "strict", "loose", "disable"; "source-validation must be set to 'loose', 'strict' or 'disable'"
+
+update:
+ if [ x$VAR(@) == xstrict ]; then
+ sudo sh -c "echo 1 > \
+ /proc/sys/net/ipv4/conf/all/rp_filter"
+ sudo sh -c "echo 1 > \
+ /proc/sys/net/ipv4/conf/$VAR(../../@)/rp_filter"
+ elif [ x$VAR(@) == xloose ]; then
+ sudo sh -c "echo 2 > \
+ /proc/sys/net/ipv4/conf/all/rp_filter"
+ sudo sh -c "echo 2 > \
+ /proc/sys/net/ipv4/conf/$VAR(../../@)/rp_filter"
+ else
+ sudo sh -c "echo 0 > \
+ /proc/sys/net/ipv4/conf/all/rp_filter"
+ fi
+
+delete:
+ sudo sh -c "echo 0 > /proc/sys/net/ipv4/conf/$VAR(../../@)/rp_filter"
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/address/autoconf/node.def b/templates/interfaces/vxlan/node.tag/ipv6/address/autoconf/node.def
new file mode 100644
index 00000000..9beeb3d8
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/address/autoconf/node.def
@@ -0,0 +1,27 @@
+#
+# This is a valueless node, hence has no type associated with it.
+#
+
+help: Enable acquisition of IPv6 address using stateless autoconfig
+
+update:
+ if [ -e /proc/sys/net/ipv6/conf/$VAR(../../../@)/autoconf ]; then
+ echo "Enabling address auto-configuration for $VAR(../../../@)"
+ sudo sh -c "echo 1 > /proc/sys/net/ipv6/conf/$VAR(../../../@)/autoconf"
+ forwarding=`cat /proc/sys/net/ipv6/conf/$VAR(../../../@)/forwarding`
+ if [ $forwarding = 1 ]; then
+ echo "Warning: IPv6 forwarding is currently enabled."
+ echo " IPv6 address auto-configuration will not be performed"
+ echo " unless IPv6 forwarding is disabled."
+ fi
+ else
+ echo "Address auto-configuration will be enabled when interface comes up."
+ fi
+
+delete:
+ if [ -e /proc/sys/net/ipv6/conf/$VAR(../../../@)/autoconf ]; then
+ sudo sh -c "echo 0 > /proc/sys/net/ipv6/conf/$VAR(../../../@)/autoconf"
+ else
+ echo "Address auto-configuration will be disabled when interface comes up."
+ fi
+
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/address/eui64/node.def b/templates/interfaces/vxlan/node.tag/ipv6/address/eui64/node.def
new file mode 100644
index 00000000..c28bd55f
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/address/eui64/node.def
@@ -0,0 +1,15 @@
+multi:
+type: ipv6net
+help: Assign IPv6 address using EUI-64 based on MAC address
+
+val_help: <h:h:h:h/64>; 64-bit IPv6 prefix to use with EUI-64 to make address
+
+create:
+ if [ -e /proc/sys/net/ipv6/conf/$VAR(../../../@) ]; then
+ sudo /opt/vyatta/sbin/vyatta-ipv6-eui64.pl --create $VAR(../../../@) $VAR(@)
+ else
+ echo "EUI-64 based address will be assigned when interface comes up."
+ fi
+
+delete:
+ sudo /opt/vyatta/sbin/vyatta-ipv6-eui64.pl --delete $VAR(../../../@) $VAR(@)
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/address/node.def b/templates/interfaces/vxlan/node.tag/ipv6/address/node.def
new file mode 100644
index 00000000..26064025
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/address/node.def
@@ -0,0 +1 @@
+help: IPv6 address auto-configuration modes
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/disable-forwarding/node.def b/templates/interfaces/vxlan/node.tag/ipv6/disable-forwarding/node.def
new file mode 100644
index 00000000..cc76d2cf
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/disable-forwarding/node.def
@@ -0,0 +1,31 @@
+
+help: Disable IPv6 forwarding on this interface only
+
+create:
+ procfile=/proc/sys/net/ipv6/conf/$VAR(../../@)/forwarding
+ if [ -e $procfile ]; then
+ echo "Disabling IPv6 forwarding for $VAR(../../@)"
+ sudo sh -c "echo 0 > $procfile"
+ else
+ echo "IPv6 forwarding will be disabled when $VAR(../../@) comes up"
+ fi
+ touch /var/run/vyatta/ipv6_no_fwd.$VAR(../../@)
+
+delete:
+ procfile=/proc/sys/net/ipv6/conf/$VAR(../../@)/forwarding
+ if [ -e $procfile ]; then
+ # Only re-enable forwarding if global disable-forwarding switch
+ # is not set.
+ global=`cat /proc/sys/net/ipv6/conf/default/forwarding`
+ if [ "$global" = "1" ]; then
+ echo "Re-enabling IPv6 forwarding for $VAR(../../@)"
+ sudo sh -c "echo 1 > /proc/sys/net/ipv6/conf/$VAR(../../@)/forwarding"
+ else
+ echo "Not re-enabling IPv6 forwarding for $VAR(../../@) because it is still"
+ echo "globally disabled."
+ fi
+ else
+ echo "IPv6 forwarding will be re-enabled when $VAR(../../@) comes up"
+ fi
+ rm /var/run/vyatta/ipv6_no_fwd.$VAR(../../@)
+
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/dup-addr-detect-transmits/node.def b/templates/interfaces/vxlan/node.tag/ipv6/dup-addr-detect-transmits/node.def
new file mode 100644
index 00000000..fa9e57b5
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/dup-addr-detect-transmits/node.def
@@ -0,0 +1,17 @@
+type: u32
+help: Number of NS messages to send while performing DAD
+
+val_help: <1-N>; Number of NS messages to send while performing DAD
+val_help: 0; Disable Duplicate Address Dectection (DAD)
+
+default: 1
+
+syntax:expression: ($VAR(@) >= 0) ; "Value must be >= 0"
+
+update:
+ procfile=/proc/sys/net/ipv6/conf/$VAR(../../@)/dad_transmits
+ if [ -e $procfile ]; then
+ sudo sh -c "echo $VAR(@) > $procfile"
+ else
+ echo "Will set dup_addr_detect_transmits when $VAR(../../@) comes up"
+ fi
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/node.def b/templates/interfaces/vxlan/node.tag/ipv6/node.def
new file mode 100644
index 00000000..539673c9
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/node.def
@@ -0,0 +1 @@
+help: IPv6 routing parameters
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/cost/node.def b/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/cost/node.def
new file mode 100644
index 00000000..a40e2a60
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/cost/node.def
@@ -0,0 +1,8 @@
+type: u32
+help: Interface cost
+default: 1
+syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "Must be between 1-65535"
+val_help: u32:1-65535; OSPFv3 cost
+
+update: vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "ipv6 ospf6 cost $VAR(@)"
+
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/dead-interval/node.def b/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/dead-interval/node.def
new file mode 100644
index 00000000..5bac9d1c
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/dead-interval/node.def
@@ -0,0 +1,10 @@
+type: u32
+help: Interval after which neighbor is declared dead
+default: 40
+syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "Must be between 1-65535"
+val_help: u32:1-65535; Neighbor dead interval in seconds (default 40)
+
+update: vtysh -c "configure terminal" -c "interface $VAR(../../../@)" \
+ -c "ipv6 ospf6 dead-interval $VAR(@)"
+delete: vtysh -c "configure terminal" -c "interface $VAR(../../../@)" \
+ -c "ipv6 ospf6 dead-interval 40"
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/hello-interval/node.def b/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/hello-interval/node.def
new file mode 100644
index 00000000..165dc10b
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/hello-interval/node.def
@@ -0,0 +1,10 @@
+type: u32
+help: Interval between hello packets
+default: 10
+syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "Must be between 1-65535"
+val_help: u32:1-65535; Interval between OSPFv3 hello packets in seconds (default 10)
+
+update: vtysh -c "configure terminal" -c "interface $VAR(../../../@)" \
+ -c "ipv6 ospf6 hello-interval $VAR(@)"
+delete: vtysh -c "configure terminal" -c "interface $VAR(../../../@)" \
+ -c "ipv6 ospf6 hello-interval 10"
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/ifmtu/node.def b/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/ifmtu/node.def
new file mode 100644
index 00000000..0fd15658
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/ifmtu/node.def
@@ -0,0 +1,7 @@
+type: u32
+help: Interface MTU
+syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "Must be between 1-65535"
+val_help: u32:1-65535; Interface MTU
+
+update: vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "ipv6 ospf6 ifmtu $VAR(@)"
+delete: vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "no ipv6 ospf6 ifmtu"
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/instance-id/node.def b/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/instance-id/node.def
new file mode 100644
index 00000000..bdd7aa5c
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/instance-id/node.def
@@ -0,0 +1,8 @@
+type: u32
+help: Instance-id
+default: 0
+syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 255; "Must be between 0-255"
+val_help: u32:0-255; Instance Id (default 0)
+
+update: vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "ipv6 ospf6 instance-id $VAR(@)"
+delete: vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "ipv6 ospf6 instance-id 0"
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/mtu-ignore/node.def b/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/mtu-ignore/node.def
new file mode 100644
index 00000000..ad1bd4f3
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/mtu-ignore/node.def
@@ -0,0 +1,4 @@
+help: Disable Maximum Transmission Unit mismatch detection
+create:vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "ipv6 ospf6 mtu-ignore"
+delete:vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "no ipv6 ospf6 mtu-ignore"
+
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/node.def b/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/node.def
new file mode 100644
index 00000000..43905a53
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/node.def
@@ -0,0 +1 @@
+help: IPv6 Open Shortest Path First (OSPFv3)
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/passive/node.def b/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/passive/node.def
new file mode 100644
index 00000000..711ff19f
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/passive/node.def
@@ -0,0 +1,3 @@
+help: Disable forming of adjacency
+create: vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "ipv6 ospf6 passive"
+delete: vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "no ipv6 ospf6 passive"
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/priority/node.def b/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/priority/node.def
new file mode 100644
index 00000000..6c5397bd
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/priority/node.def
@@ -0,0 +1,8 @@
+type: u32
+help: Router priority
+default: 1
+syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 255; "Must be between 0-255"
+val_help: u32:0-255; Priority (default 1)
+
+update: vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "ipv6 ospf6 priority $VAR(@)"
+delete: vtysh -c "configure terminal" -c "interface $VAR(../../../@)" -c "ipv6 ospf6 priority 1"
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/retransmit-interval/node.def b/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/retransmit-interval/node.def
new file mode 100644
index 00000000..070e8029
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/retransmit-interval/node.def
@@ -0,0 +1,10 @@
+type: u32
+help: Interval between retransmitting lost link state advertisements
+default: 5
+syntax:expression: $VAR(@) >= 3 && $VAR(@) <= 65535; "Must be between 3-65535"
+val_help: u32:3-65535; Retransmit interval in seconds (default 5)
+
+update: vtysh -c "configure terminal" -c "interface $VAR(../../../@)" \
+ -c "ipv6 ospf6 retransmit-interval $VAR(@)"
+delete: vtysh -c "configure terminal" -c "interface $VAR(../../../@)" \
+ -c "ipv6 ospf6 retransmit-interval 5"
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/transmit-delay/node.def b/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/transmit-delay/node.def
new file mode 100644
index 00000000..296ae391
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/ospfv3/transmit-delay/node.def
@@ -0,0 +1,10 @@
+type: u32
+help: Link state transmit delay
+default: 1
+syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "Must be between 1-65535"
+val_help: u32:1-65535; Link state transmit delay (default 1)
+
+update: vtysh -c "configure terminal" -c "interface $VAR(../../../@)" \
+ -c "ipv6 ospf6 transmit-delay $VAR(@)"
+delete: vtysh -c "configure terminal" -c "interface $VAR(../../../@)" \
+ -c "ipv6 ospf6 transmit-delay 1"
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/ripng/node.def b/templates/interfaces/vxlan/node.tag/ipv6/ripng/node.def
new file mode 100644
index 00000000..69d49298
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/ripng/node.def
@@ -0,0 +1 @@
+help: Routing Information Protocol (RIPng)
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/ripng/split-horizon/disable/node.def b/templates/interfaces/vxlan/node.tag/ipv6/ripng/split-horizon/disable/node.def
new file mode 100644
index 00000000..a8d39171
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/ripng/split-horizon/disable/node.def
@@ -0,0 +1,6 @@
+help: Disable split horizon
+create: vtysh -c "configure terminal" -c "interface $VAR(../../../../@)" -c "no ipv6 ripng split-horizon"
+delete: vtysh -c "configure terminal" -c "interface $VAR(../../../../@)" -c "ipv6 ripng split-horizon"
+
+commit:expression: ($VAR(../poison-reverse/) == ""); \
+ "You cannot have 'split-horizon poison-reverse' enabled with 'split-horizon' disabled for $VAR(../../../../@)"
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/ripng/split-horizon/node.def b/templates/interfaces/vxlan/node.tag/ipv6/ripng/split-horizon/node.def
new file mode 100644
index 00000000..c4fb5ddc
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/ripng/split-horizon/node.def
@@ -0,0 +1 @@
+help: Split horizon parameters
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/ripng/split-horizon/poison-reverse/node.def b/templates/interfaces/vxlan/node.tag/ipv6/ripng/split-horizon/poison-reverse/node.def
new file mode 100644
index 00000000..ffd27c2e
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/ripng/split-horizon/poison-reverse/node.def
@@ -0,0 +1,9 @@
+help: Enable poison reverse for split-horizon
+create: vtysh -c "configure terminal" -c "interface $VAR(../../../../@)" \
+ -c "ipv6 ripng split-horizon poisoned-reverse"
+
+delete: vtysh -c "configure terminal" -c "interface $VAR(../../../../@)" \
+ -c "no ipv6 ripng split-horizon" -c "ipv6 ripng split-horizon"
+
+commit:expression: ($VAR(../disable/) == ""); \
+ "You cannot have 'split-horizon poison-reverse' enabled with 'split-horizon' disabled for $VAR(../../../../@)"
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/router-advert/cur-hop-limit/node.def b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/cur-hop-limit/node.def
new file mode 100644
index 00000000..1ae51001
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/cur-hop-limit/node.def
@@ -0,0 +1,10 @@
+type: u32
+help: Value to be placed in the "Current Hop Limit" field in RAs
+
+# Default value per Assignned Numbers RFC
+default: 64
+
+val_help: u32:1-255; Value to place in the "Current Hop Limit" field in RAs
+val_help: 0; Place 0, meaning "unspecified", in "Current Hop Limit" field
+
+syntax:expression: ($VAR(@) >= 0 && $VAR(@) <= 255) ; "Value must be between 0 and 255"
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/router-advert/default-lifetime/node.def b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/default-lifetime/node.def
new file mode 100644
index 00000000..205f964e
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/default-lifetime/node.def
@@ -0,0 +1,9 @@
+type: u32
+help: Value to be placed in "Router Lifetime" field in RAs
+
+# No default value. Value will be determined algorithmically based on
+# value of MaxRtrAdvInterval if left unspecified by the user.
+
+val_help: u32:4-9000; Value in seconds to be placed in "Router Lifetime" field in RAs
+val_help: 0; Place 0, meaning "not a default router", in Router Lifetime field
+syntax:expression: ($VAR(@) == 0 || ($VAR(@) >= 4 && $VAR(@) <= 9000)) ; "Value must be 0 or between 4 and 9000"
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/router-advert/default-preference/node.def b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/default-preference/node.def
new file mode 100644
index 00000000..cc025735
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/default-preference/node.def
@@ -0,0 +1,10 @@
+type: txt
+help: Default router preference
+
+syntax:expression: $VAR(@) in "low", "medium", "high"; \
+ "Must be (low|medium|high)"
+
+val_help: low; Default router is low preference
+val_help: medium; Default router is medium preference (Default)
+val_help: high; Default router is high preference
+
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/router-advert/link-mtu/node.def b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/link-mtu/node.def
new file mode 100644
index 00000000..bd32fd59
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/link-mtu/node.def
@@ -0,0 +1,10 @@
+type: u32
+help: Value of link MTU to place in RAs
+
+# Default value per RFC-4861.
+default: 0
+
+val_help: <1-MAX>; Value of link MTU to place in RAs
+val_help: 0; Do not send MTU options in RAs
+
+syntax:expression: ($VAR(@) == 0 || $VAR(@) >= 1280) ; "Value must be 0 or 1280 or greater"
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/router-advert/managed-flag/node.def b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/managed-flag/node.def
new file mode 100644
index 00000000..b020c53d
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/managed-flag/node.def
@@ -0,0 +1,10 @@
+type: bool
+help: Value for "managed address configuration" flag in RAs
+
+# Default value per RFC-4861.
+default: false
+allowed: echo -n "true false"
+
+val_help: true; Place "true" in "managed address configuration" flag in RAs
+val_help: false; Place "false" in "managed address configuration" flag in RAs
+
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/router-advert/max-interval/node.def b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/max-interval/node.def
new file mode 100644
index 00000000..1ba8e681
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/max-interval/node.def
@@ -0,0 +1,9 @@
+type: u32
+help: Maximum interval between unsolicited multicast RAs
+
+# Default value per RFC-4861
+default: 600
+
+val_help: u32:4-1800; Maximum interval in seconds between unsolicited multicast RAs
+
+syntax:expression: ($VAR(@) >= 4 && $VAR(@) <= 1800) ; "Value must be between 4 and 1800"
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/router-advert/min-interval/node.def b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/min-interval/node.def
new file mode 100644
index 00000000..2ae72f7a
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/min-interval/node.def
@@ -0,0 +1,10 @@
+type: u32
+help: Minimum interval between unsolicited multicast RAs
+
+# No default value. Value will be determined algorithmically based
+# on the value of MaxRtrAdvInterval if not set by the user. Algorithm
+# is specified in RFC-4861.
+
+val_help: u32:3-1350; Minimum interval in seconds between unsolicited multicast RAs
+
+syntax:expression: ($VAR(@) >= 3 && $VAR(@) <= 1350) ; "Value must be between 3 and 1350"
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/router-advert/name-server/node.def b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/name-server/node.def
new file mode 100644
index 00000000..08899352
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/name-server/node.def
@@ -0,0 +1,6 @@
+
+multi:
+
+type: ipv6
+
+help: IPv6 address of a Recursive DNS Server
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/router-advert/node.def b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/node.def
new file mode 100644
index 00000000..63135593
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/node.def
@@ -0,0 +1,36 @@
+
+priority: 999 # Run after parent interface is configured
+
+help: Configure parameters for sending Router Advertisements (RAs)
+
+end:
+ if [ "$COMMIT_ACTION" = "SET" -o "$COMMIT_ACTION" = "ACTIVE" ]; then
+ echo "Re-generating radvd config file for interface $VAR(../../@)..."
+ sudo /opt/vyatta/sbin/vyatta_gen_radvd.pl --generate $VAR(../../@)
+ if [ $? != 0 ]; then
+ exit 1
+ fi
+ elif [ "$COMMIT_ACTION" = "DELETE" ]; then
+ echo "Deleting entry for interface $VAR(../../@) from radv config file..."
+ sudo /opt/vyatta/sbin/vyatta_gen_radvd.pl --delete $VAR(../../@)
+ if [ $? != 0 ]; then
+ exit 1
+ fi
+ fi
+
+ if [ -e /var/run/radvd/radvd.pid ]; then
+ if [ -s /etc/radvd.conf ]; then
+ echo "Re-starting radvd..."
+ sudo /etc/init.d/radvd restart
+ else
+ echo "Stopping radvd..."
+ sudo /etc/init.d/radvd stop
+ fi
+ else
+ if [ -s /etc/radvd.conf ]; then
+ echo "Starting radvd..."
+ sudo /etc/init.d/radvd start
+ else
+ echo "Not starting radvd."
+ fi
+ fi
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/router-advert/other-config-flag/node.def b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/other-config-flag/node.def
new file mode 100644
index 00000000..d5488d7f
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/other-config-flag/node.def
@@ -0,0 +1,9 @@
+type: bool
+help: Value to be placed in the "other configuration" flag in RAs
+
+# Default value per RFC-4861.
+default: false
+allowed: echo -n "true false"
+
+val_help: true; Place "true" in "other configuration" flag in RAs
+val_help: false; Place "false" in "other configuration" flag in RAs
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/router-advert/prefix/node.def b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/prefix/node.def
new file mode 100644
index 00000000..90242c35
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/prefix/node.def
@@ -0,0 +1,7 @@
+tag:
+type: ipv6net
+
+help: IPv6 prefix to be advertised in Router Advertisements (RAs)
+
+val_help: ipv6net; IPv6 prefix to be advertized in Router Advertisements (RAs)
+
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/router-advert/prefix/node.tag/autonomous-flag/node.def b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/prefix/node.tag/autonomous-flag/node.def
new file mode 100644
index 00000000..5964d23a
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/prefix/node.tag/autonomous-flag/node.def
@@ -0,0 +1,9 @@
+type: bool
+
+help: Whether prefix can be used for address auto-configuration
+
+# Default value per RFC-4861.
+default: true
+
+val_help: true; Prefix can be used for stateless address auto-configuration
+val_help: false; Prefix can not be used for stateless address auto-configuration
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/router-advert/prefix/node.tag/on-link-flag/node.def b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/prefix/node.tag/on-link-flag/node.def
new file mode 100644
index 00000000..948e3c3d
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/prefix/node.tag/on-link-flag/node.def
@@ -0,0 +1,9 @@
+type: bool
+help: Flag that prefix can be used for on-link determination
+
+# Default value per RFC-4861.
+default: true
+
+val_help: true; Prefix can be used for on-link determination
+val_help: false; Prefix can not be used for on-link determination
+
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/router-advert/prefix/node.tag/preferred-lifetime/node.def b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/prefix/node.tag/preferred-lifetime/node.def
new file mode 100644
index 00000000..1fc0620b
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/prefix/node.tag/preferred-lifetime/node.def
@@ -0,0 +1,11 @@
+type: txt
+help: Time in seconds that the prefix will remain preferred
+
+# Default value will be set by back-end script based on value of
+# AdvValidLifetime following guidelines in RFC-4861 if this value
+# is left unspecified by the user.
+
+val_help: <0-MAX>; Time in seconds that the prefix will remain preferred
+val_help: infinity; Prefix will remain preferred forever
+
+syntax:expression: ($VAR(@) == "infinity" || (pattern $VAR(@) "[0-9]*")) ; "Must be 'infinity' or a number"
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/router-advert/prefix/node.tag/valid-lifetime/node.def b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/prefix/node.tag/valid-lifetime/node.def
new file mode 100644
index 00000000..efcf5e19
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/prefix/node.tag/valid-lifetime/node.def
@@ -0,0 +1,10 @@
+type: txt
+help: Time in seconds that the prefix will remain valid
+
+# Default per RFC-4861.
+default: "2592000"
+
+val_help: <0-MAX>; Time in seconds that the prefix will remain valid
+val_help: infinity; Prefix will remain valid forever
+
+syntax:expression: ($VAR(@) == "infinity" || (pattern $VAR(@) "[0-9]*")) ; "Must be 'infinity' or a number"
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/router-advert/reachable-time/node.def b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/reachable-time/node.def
new file mode 100644
index 00000000..903771cf
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/reachable-time/node.def
@@ -0,0 +1,9 @@
+type: u32
+help: Value to be placed in "Reachable Time" field in RAs
+
+default: 0
+
+val_help: u32:1-3600000; Reachable Time value in RAs (in milliseconds)
+val_help: 0; Reachable Time 0 (i.e., unspecified by this router)
+
+syntax:expression: ($VAR(@) >= 0 && $VAR(@) <= 3600000) ; "Value must be between 0 and 3,600,000 milliseconds (1 hour)"
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/router-advert/retrans-timer/node.def b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/retrans-timer/node.def
new file mode 100644
index 00000000..ab7793d9
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/retrans-timer/node.def
@@ -0,0 +1,7 @@
+type: u32
+help: Value to place in "Retrans Timer" field in RAs.
+
+default: 0
+
+val_help: <1-MAX>; Value in milliseconds to place in "Retrans Timer" field in RAs
+val_help: 0; Place 0, meaning "unspecified", in in "Retrans Timer" field in RAs
diff --git a/templates/interfaces/vxlan/node.tag/ipv6/router-advert/send-advert/node.def b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/send-advert/node.def
new file mode 100644
index 00000000..8bcdeefb
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/ipv6/router-advert/send-advert/node.def
@@ -0,0 +1,16 @@
+type: bool
+
+help: Enable/disable sending RAs
+
+# RFC-4861 default value is false, but since the router-advert tree is
+# absent by default, that serves to meet the requirement that router
+# adverts not be sent unless the system administrator explicitly configures
+# the router to send them. So, configuring router-advert and leaving
+# this value unspecified serves to enable sending route adverts.
+
+default: true
+allowed: echo -n "true false"
+
+val_help: true; Enable sending RAs
+val_help: false; Disable sending RAs
+
diff --git a/templates/interfaces/vxlan/node.tag/mtu/node.def b/templates/interfaces/vxlan/node.tag/mtu/node.def
new file mode 100644
index 00000000..c9fbc76f
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/mtu/node.def
@@ -0,0 +1,14 @@
+type: u32
+priority: 461
+help: Maximum Transmission Unit (MTU)
+syntax:expression: $VAR(@) >= 68 && $VAR(@) <= 9000; "Must be between 68-9000"
+val_help: u32:68-9000; Maximum Transmission Unit (MTU)
+
+update:
+ if [ -d /sys/class/net/$VAR(../@) ] ; then
+ ip link set $VAR(../@) mtu $VAR(@)
+ fi
+delete:
+ if [ -d /sys/class/net/$VAR(../@) ] ; then
+ ip link set $VAR(../@) mtu 1500
+ fi
diff --git a/templates/interfaces/vxlan/node.tag/policy/ipv6-route/node.def b/templates/interfaces/vxlan/node.tag/policy/ipv6-route/node.def
new file mode 100644
index 00000000..fdc9c8aa
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/policy/ipv6-route/node.def
@@ -0,0 +1,17 @@
+type: txt
+help: IPv6 policy route ruleset for interface
+allowed: local -a params
+ eval "params=($(cli-shell-api listActiveNodes policy ipv6-route))"
+ echo -n "${params[@]}"
+create: ifname=$VAR(../../@)
+ sudo /opt/vyatta/sbin/vyatta-firewall.pl --update-interfaces \
+ update $ifname in $VAR(@) "policy ipv6-route"
+
+update: ifname=$VAR(../../@)
+ sudo /opt/vyatta/sbin/vyatta-firewall.pl --update-interfaces \
+ update $ifname in $VAR(@) "policy ipv6-route"
+
+
+delete: ifname=$VAR(../../@)
+ sudo /opt/vyatta/sbin/vyatta-firewall.pl --update-interfaces \
+ delete $ifname in $VAR(@) "policy ipv6-route"
diff --git a/templates/interfaces/vxlan/node.tag/policy/node.def b/templates/interfaces/vxlan/node.tag/policy/node.def
new file mode 100644
index 00000000..94c62dbe
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/policy/node.def
@@ -0,0 +1 @@
+help: Policy route options
diff --git a/templates/interfaces/vxlan/node.tag/policy/route/node.def b/templates/interfaces/vxlan/node.tag/policy/route/node.def
new file mode 100644
index 00000000..1ce44d37
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/policy/route/node.def
@@ -0,0 +1,17 @@
+type: txt
+help: IPv4 policy route ruleset for interface
+allowed: local -a params
+ eval "params=($(cli-shell-api listActiveNodes policy route))"
+ echo -n "${params[@]}"
+create: ifname=$VAR(../../@)
+ sudo /opt/vyatta/sbin/vyatta-firewall.pl --update-interfaces \
+ update $ifname in $VAR(@) "policy route"
+
+update: ifname=$VAR(../../@)
+ sudo /opt/vyatta/sbin/vyatta-firewall.pl --update-interfaces \
+ update $ifname in $VAR(@) "policy route"
+
+
+delete: ifname=$VAR(../../@)
+ sudo /opt/vyatta/sbin/vyatta-firewall.pl --update-interfaces \
+ delete $ifname in $VAR(@) "policy route"
diff --git a/templates/interfaces/vxlan/node.tag/vni/node.def b/templates/interfaces/vxlan/node.tag/vni/node.def
new file mode 100644
index 00000000..cc54b4b8
--- /dev/null
+++ b/templates/interfaces/vxlan/node.tag/vni/node.def
@@ -0,0 +1,10 @@
+type: u32
+help: Virtual network identifier [REQUIRED]
+syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 16777216; "Must be between 0-16777216"
+val_help: u32: 0-16777214; Virtual network identifier of this VXLAN interface [REQUIRED]
+
+update:
+ if [ ! -e /tmp/vxlan-$VAR(../@)-create ]; then
+ echo "Chainging vni requires delete/create this vxlan interface"
+ exit 1
+ fi