T6001: add option to disable next-hop-tracking resolve-via-default

* set system ip nht no-resolve-via-default * set system ipv6 nht no-resolve-via-default
author: Christian Breunig <christian@breunig.cc> 2024-02-15 22:54:58 +0100
committer: Christian Breunig <christian@breunig.cc> 2024-02-16 08:32:52 +0100
commit: ece0e768f36e52f8964823d891264d7c187204ec (patch)
tree: cbd7c0a54e048aef17b27ba728b38e9352a0f8b1
parent: 56654191613113764415d7eddadcbd8c97e126de (diff)
download: vyos-1x-ece0e768f36e52f8964823d891264d7c187204ec.tar.gz
vyos-1x-ece0e768f36e52f8964823d891264d7c187204ec.zip
8 files changed, 52 insertions, 2 deletions
diff --git a/data/templates/frr/zebra.route-map.frr.j2 b/data/templates/frr/zebra.route-map.frr.j2
index 8e18abbde..669d58354 100644
--- a/data/templates/frr/zebra.route-map.frr.j2
+++ b/data/templates/frr/zebra.route-map.frr.j2
@@ -1,4 +1,8 @@
 !
+{% if nht.no_resolve_via_default is vyos_defined %}
+no {{ afi }} nht resolve-via-default
+{% endif %}
+!
 {% if protocol is vyos_defined %}
 {%     for protocol_name, protocol_config in protocol.items() %}
 {%         if protocol_name is vyos_defined('ospfv3') %}
@@ -7,3 +11,4 @@
 {{ afi }} protocol {{ protocol_name }} route-map {{ protocol_config.route_map }}
 {%     endfor %}
 {% endif %}
+!
diff --git a/interface-definitions/include/system-ip-nht.xml.i b/interface-definitions/include/system-ip-nht.xml.i
new file mode 100644
index 000000000..4074043cd
--- /dev/null
+++ b/interface-definitions/include/system-ip-nht.xml.i
@@ -0,0 +1,15 @@
+<!-- include start from syslog-facility.xml.i -->
+<node name="nht">
+  <properties>
+    <help>Filter Next Hop tracking route resolution</help>
+  </properties>
+  <children>
+    <leafNode name="no-resolve-via-default">
+      <properties>
+        <help>Do not resolve via default route</help>
+        <valueless/>
+      </properties>
+    </leafNode>
+  </children>
+</node>
+<!-- include end -->
diff --git a/interface-definitions/system_ip.xml.in b/interface-definitions/system_ip.xml.in
index 6e3b7d5d0..015eb270f 100644
--- a/interface-definitions/system_ip.xml.in
+++ b/interface-definitions/system_ip.xml.in
@@ -48,6 +48,7 @@
               </leafNode>
             </children>
           </node>
+          #include <include/system-ip-nht.xml.i>
           <node name="tcp">
             <properties>
               <help>IPv4 TCP parameters</help>
diff --git a/interface-definitions/system_ipv6.xml.in b/interface-definitions/system_ipv6.xml.in
index 8957cb6a7..dda00af38 100644
--- a/interface-definitions/system_ipv6.xml.in
+++ b/interface-definitions/system_ipv6.xml.in
@@ -36,6 +36,7 @@
               #include <include/arp-ndp-table-size.xml.i>
             </children>
           </node>
+          #include <include/system-ip-nht.xml.i>
           #include <include/system-ipv6-protocol.xml.i>
           <leafNode name="strict-dad">
             <properties>
diff --git a/smoketest/scripts/cli/test_system_ip.py b/smoketest/scripts/cli/test_system_ip.py
index 567416774..ac8b74236 100755
--- a/smoketest/scripts/cli/test_system_ip.py
+++ b/smoketest/scripts/cli/test_system_ip.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 #
-# Copyright (C) 2020-2023 VyOS maintainers and contributors
+# Copyright (C) 2020-2024 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
@@ -120,5 +120,18 @@ class TestSystemIP(VyOSUnitTestSHIM.TestCase):
         # Commit again
         self.cli_commit()
 
+    def test_system_ip_nht(self):
+        self.cli_set(base_path + ['nht', 'no-resolve-via-default'])
+        self.cli_commit()
+        # Verify CLI config applied to FRR
+        frrconfig = self.getFRRconfig('', end='', daemon='zebra')
+        self.assertIn(f'no ip nht resolve-via-default', frrconfig)
+
+        self.cli_delete(base_path + ['nht', 'no-resolve-via-default'])
+        self.cli_commit()
+        # Verify CLI config removed to FRR
+        frrconfig = self.getFRRconfig('', end='', daemon='zebra')
+        self.assertNotIn(f'no ip nht resolve-via-default', frrconfig)
+
 if __name__ == '__main__':
     unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_system_ipv6.py b/smoketest/scripts/cli/test_system_ipv6.py
index 225c2d666..bc0f7aa8c 100755
--- a/smoketest/scripts/cli/test_system_ipv6.py
+++ b/smoketest/scripts/cli/test_system_ipv6.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 #
-# Copyright (C) 2021-2023 VyOS maintainers and contributors
+# Copyright (C) 2021-2024 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
@@ -131,5 +131,18 @@ class TestSystemIPv6(VyOSUnitTestSHIM.TestCase):
         # Commit again
         self.cli_commit()
 
+    def test_system_ipv6_nht(self):
+        self.cli_set(base_path + ['nht', 'no-resolve-via-default'])
+        self.cli_commit()
+        # Verify CLI config applied to FRR
+        frrconfig = self.getFRRconfig('', end='', daemon='zebra')
+        self.assertIn(f'no ipv6 nht resolve-via-default', frrconfig)
+
+        self.cli_delete(base_path + ['nht', 'no-resolve-via-default'])
+        self.cli_commit()
+        # Verify CLI config removed to FRR
+        frrconfig = self.getFRRconfig('', end='', daemon='zebra')
+        self.assertNotIn(f'no ipv6 nht resolve-via-default', frrconfig)
+
 if __name__ == '__main__':
     unittest.main(verbosity=2)
diff --git a/src/conf_mode/system_ip.py b/src/conf_mode/system_ip.py
index 7612e2c0d..833f89554 100755
--- a/src/conf_mode/system_ip.py
+++ b/src/conf_mode/system_ip.py
@@ -127,6 +127,7 @@ def apply(opt):
 
         # The route-map used for the FIB (zebra) is part of the zebra daemon
         frr_cfg.load_configuration(zebra_daemon)
+        frr_cfg.modify_section(r'no ip nht resolve-via-default')
         frr_cfg.modify_section(r'ip protocol \w+ route-map [-a-zA-Z0-9.]+', stop_pattern='(\s|!)')
         if 'frr_zebra_config' in opt:
             frr_cfg.add_before(frr.default_add_before, opt['frr_zebra_config'])
diff --git a/src/conf_mode/system_ipv6.py b/src/conf_mode/system_ipv6.py
index 90a1a8087..00d440e35 100755
--- a/src/conf_mode/system_ipv6.py
+++ b/src/conf_mode/system_ipv6.py
@@ -104,6 +104,7 @@ def apply(opt):
 
         # The route-map used for the FIB (zebra) is part of the zebra daemon
         frr_cfg.load_configuration(zebra_daemon)
+        frr_cfg.modify_section(r'no ipv6 nht resolve-via-default')
         frr_cfg.modify_section(r'ipv6 protocol \w+ route-map [-a-zA-Z0-9.]+', stop_pattern='(\s|!)')
         if 'frr_zebra_config' in opt:
             frr_cfg.add_before(frr.default_add_before, opt['frr_zebra_config'])
author	Christian Breunig <christian@breunig.cc>	2024-02-15 22:54:58 +0100
committer	Christian Breunig <christian@breunig.cc>	2024-02-16 08:32:52 +0100
commit	ece0e768f36e52f8964823d891264d7c187204ec (patch)
tree	cbd7c0a54e048aef17b27ba728b38e9352a0f8b1
parent	56654191613113764415d7eddadcbd8c97e126de (diff)
download	vyos-1x-ece0e768f36e52f8964823d891264d7c187204ec.tar.gz vyos-1x-ece0e768f36e52f8964823d891264d7c187204ec.zip