diff options
| author | hagbard <vyosdev@derith.de> | 2019-07-02 13:09:11 -0700 |
|---|---|---|
| committer | hagbard <vyosdev@derith.de> | 2019-07-02 13:09:11 -0700 |
| commit | c35d1b7a1d958327f67c806740428929ff86b151 (patch) | |
| tree | f1a6c38cb9b107b30094e31fd97fd893a022a9db | |
| parent | 7ba6c4a71cf29f58b0b5eae33eca0187372d5a94 (diff) | |
| download | vyos-1x-c35d1b7a1d958327f67c806740428929ff86b151.tar.gz vyos-1x-c35d1b7a1d958327f67c806740428929ff86b151.zip | |
[IPoE] T1495 - IA-PD via IPoE implemented
| -rw-r--r-- | interface-definitions/ipoe-server.xml | 52 | ||||
| -rwxr-xr-x | src/conf_mode/ipoe_server.py | 52 |
2 files changed, 101 insertions, 3 deletions
diff --git a/interface-definitions/ipoe-server.xml b/interface-definitions/ipoe-server.xml index 4884b5915..46ac2357a 100644 --- a/interface-definitions/ipoe-server.xml +++ b/interface-definitions/ipoe-server.xml @@ -107,7 +107,7 @@ </leafNode> <leafNode name="server-2"> <properties> - <help>IP address of the primary DNS server</help> + <help>IP address of the secondary DNS server</help> <constraint> <validator name="ipv4-address"/> </constraint> @@ -115,6 +115,56 @@ </leafNode> </children> </node> + <node name="dnsv6-server"> + <properties> + <help>DNSv6 servers offered via internal DHCPv6</help> + </properties> + <children> + <leafNode name="server-1"> + <properties> + <help>IP address of the primary DNS server</help> + <constraint> + <validator name="ipv6-address"/> + </constraint> + </properties> + </leafNode> + <leafNode name="server-2"> + <properties> + <help>IP address of the secondary DNS server</help> + <constraint> + <validator name="ipv6-address"/> + </constraint> + </properties> + </leafNode> + <leafNode name="server-3"> + <properties> + <help>IP address of the tertiary DNS server</help> + <constraint> + <validator name="ipv6-address"/> + </constraint> + </properties> + </leafNode> + </children> + </node> + <node name="client-ipv6-pool"> + <properties> + <help>Pool of client IPv6 addresses</help> + </properties> + <children> + <leafNode name="prefix"> + <properties> + <help>Format: ipv6prefix/mask,prefix_len (e.g.: fc00:0:1::/48,64 - divides prefix into /64 subnets for clients)</help> + <multi /> + </properties> + </leafNode> + <leafNode name="delegate-prefix"> + <properties> + <help>Format: ipv6prefix/mask,prefix_len (delegates prefix to clients via DHCPv6 prefix delegation</help> + <multi /> + </properties> + </leafNode> + </children> + </node> <node name="authentication"> <properties> <help>Client authentication methods</help> diff --git a/src/conf_mode/ipoe_server.py b/src/conf_mode/ipoe_server.py index 478fc139e..45c64c617 100755 --- a/src/conf_mode/ipoe_server.py +++ b/src/conf_mode/ipoe_server.py @@ -44,6 +44,9 @@ log_syslog ippool ipoe shaper +ipv6pool +ipv6_nd +ipv6_dhcp {% if auth['mech'] == 'radius' %} radius {% endif -%} @@ -67,7 +70,8 @@ shared={{interfaces[intfc]['shared']}},\ mode={{interfaces[intfc]['mode']}},\ ifcfg={{interfaces[intfc]['ifcfg']}},\ range={{interfaces[intfc]['range']}},\ -start={{interfaces[intfc]['sess_start']}} +start={{interfaces[intfc]['sess_start']}},\ +ipv6=1 {% endfor %} {% if auth['mech'] == 'noauth' %} noauth=1 @@ -87,6 +91,29 @@ dns2={{dns['server2']}} {% endif -%} {% endif -%} +{% if (dnsv6['server1']) or (dnsv6['server2']) or (dnsv6['server3']) %} +[dnsv6] +dns={{dnsv6['server1']}} +dns={{dnsv6['server2']}} +dns={{dnsv6['server3']}} +{% endif %} + +[ipv6-nd] +verbose=1 + +[ipv6-dhcp] +verbose=1 + +{% if ipv6['prfx'] %} +[ipv6-pool] +{% for prfx in ipv6['prfx'] %} +{{prfx}} +{% endfor %} +{% for pd in ipv6['pd'] %} +delegate={{pd}} +{% endfor %} +{% endif %} + {% if auth['mech'] == 'local' %} [chap-secrets] chap-secrets=/etc/accel-ppp/ipoe/chap-secrets @@ -209,6 +236,15 @@ def get_config(): 'server1' : None, 'server2' : None } + config_data['dnsv6'] = { + 'server1' : None, + 'server2' : None, + 'server3' : None + } + config_data['ipv6'] = { + 'prfx' : [], + 'pd' : [], + } config_data['auth'] = { 'auth_if' : {}, 'mech' : 'noauth', @@ -228,6 +264,12 @@ def get_config(): config_data['dns']['server1'] = c.return_value('dns-server server-1') if c.exists('dns-server server-2'): config_data['dns']['server2'] = c.return_value('dns-server server-2') + if c.exists('dnsv6-server server-1'): + config_data['dnsv6']['server1'] = c.return_value('dnsv6-server server-1') + if c.exists('dnsv6-server server-2'): + config_data['dnsv6']['server2'] = c.return_value('dnsv6-server server-2') + if c.exists('dnsv6-server server-3'): + config_data['dnsv6']['server3'] = c.return_value('dnsv6-server server-3') if not c.exists('authentication mode noauth'): config_data['auth']['mech'] = c.return_value('authentication mode') if c.exists('authentication mode local'): @@ -274,6 +316,11 @@ def get_config(): config_data['auth']['radsettings']['dae-server']['port'] = c.return_value('authentication radius-settings dae-server port') if c.exists('authentication radius-settings dae-server secret'): config_data['auth']['radsettings']['dae-server']['secret'] = c.return_value('authentication radius-settings dae-server secret') + + if c.exists('client-ipv6-pool prefix'): + config_data['ipv6']['prfx'] = c.return_values('client-ipv6-pool prefix') + if c.exists('client-ipv6-pool delegate-prefix'): + config_data['ipv6']['pd'] = c.return_values('client-ipv6-pool delegate-prefix') return config_data @@ -288,7 +335,6 @@ def generate(c): tmpl = jinja2.Template(ipoe_config, trim_blocks=True) config_text = tmpl.render(c) - open(ipoe_cnf,'w').write(config_text) return c @@ -325,6 +371,8 @@ def verify(c): except: raise ConfigError("service ipoe-server authentication radius-settings dae-server port value required") + if len(c['ipv6']['pd']) != 0 and len(c['ipv6']['prfx']) == 0: + raise ConfigError("service ipoe-server client-ipv6-pool prefix needs a value") return c |