diff options
author | Christian Breunig <christian@breunig.cc> | 2024-02-16 09:36:18 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-02-16 09:36:18 +0100 |
commit | 8c860fa7c423cc2bd72f9e71a5f8c52f43e02dfa (patch) | |
tree | 4d0c0d0e7517c7cef73134771336672e3c3bcee7 | |
parent | 2ff7d80f44aa1bc8429b18417cd63eb6f7105eef (diff) | |
parent | 0fafc4bcdb9efc03796ddab0832471b11ba1bbe0 (diff) | |
download | vyos-1x-8c860fa7c423cc2bd72f9e71a5f8c52f43e02dfa.tar.gz vyos-1x-8c860fa7c423cc2bd72f9e71a5f8c52f43e02dfa.zip |
Merge pull request #3016 from c-po/nht
T6001: add option to disable next-hop-tracking resolve-via-default
-rw-r--r-- | data/templates/frr/zebra.route-map.frr.j2 | 5 | ||||
-rw-r--r-- | data/templates/frr/zebra.vrf.route-map.frr.j2 | 6 | ||||
-rw-r--r-- | interface-definitions/include/system-ip-nht.xml.i | 15 | ||||
-rw-r--r-- | interface-definitions/system_ip.xml.in | 1 | ||||
-rw-r--r-- | interface-definitions/system_ipv6.xml.in | 1 | ||||
-rw-r--r-- | interface-definitions/vrf.xml.in | 2 | ||||
-rw-r--r-- | smoketest/configs/egp-igp-route-maps (renamed from smoketest/configs/egb-igp-route-maps) | 0 | ||||
-rwxr-xr-x | smoketest/scripts/cli/test_system_ip.py | 15 | ||||
-rwxr-xr-x | smoketest/scripts/cli/test_system_ipv6.py | 15 | ||||
-rwxr-xr-x | smoketest/scripts/cli/test_vrf.py | 35 | ||||
-rwxr-xr-x | src/conf_mode/system_ip.py | 1 | ||||
-rwxr-xr-x | src/conf_mode/system_ipv6.py | 1 |
12 files changed, 94 insertions, 3 deletions
diff --git a/data/templates/frr/zebra.route-map.frr.j2 b/data/templates/frr/zebra.route-map.frr.j2 index 8e18abbde..669d58354 100644 --- a/data/templates/frr/zebra.route-map.frr.j2 +++ b/data/templates/frr/zebra.route-map.frr.j2 @@ -1,4 +1,8 @@ ! +{% if nht.no_resolve_via_default is vyos_defined %} +no {{ afi }} nht resolve-via-default +{% endif %} +! {% if protocol is vyos_defined %} {% for protocol_name, protocol_config in protocol.items() %} {% if protocol_name is vyos_defined('ospfv3') %} @@ -7,3 +11,4 @@ {{ afi }} protocol {{ protocol_name }} route-map {{ protocol_config.route_map }} {% endfor %} {% endif %} +! diff --git a/data/templates/frr/zebra.vrf.route-map.frr.j2 b/data/templates/frr/zebra.vrf.route-map.frr.j2 index 4e1206374..f1cc6fe66 100644 --- a/data/templates/frr/zebra.vrf.route-map.frr.j2 +++ b/data/templates/frr/zebra.vrf.route-map.frr.j2 @@ -6,6 +6,12 @@ {% continue %} {% endif %} vrf {{ vrf }} +{% if vrf_config.ip.nht.no_resolve_via_default is vyos_defined %} + no ip nht resolve-via-default +{% endif %} +{% if vrf_config.ipv6.nht.no_resolve_via_default is vyos_defined %} + no ipv6 nht resolve-via-default +{% endif %} {% if vrf_config.ip.protocol is vyos_defined %} {% for protocol_name, protocol_config in vrf_config.ip.protocol.items() %} ip protocol {{ protocol_name }} route-map {{ protocol_config.route_map }} diff --git a/interface-definitions/include/system-ip-nht.xml.i b/interface-definitions/include/system-ip-nht.xml.i new file mode 100644 index 000000000..4074043cd --- /dev/null +++ b/interface-definitions/include/system-ip-nht.xml.i @@ -0,0 +1,15 @@ +<!-- include start from syslog-facility.xml.i --> +<node name="nht"> + <properties> + <help>Filter Next Hop tracking route resolution</help> + </properties> + <children> + <leafNode name="no-resolve-via-default"> + <properties> + <help>Do not resolve via default route</help> + <valueless/> + </properties> + </leafNode> + </children> +</node> +<!-- include end --> diff --git a/interface-definitions/system_ip.xml.in b/interface-definitions/system_ip.xml.in index 6e3b7d5d0..015eb270f 100644 --- a/interface-definitions/system_ip.xml.in +++ b/interface-definitions/system_ip.xml.in @@ -48,6 +48,7 @@ </leafNode> </children> </node> + #include <include/system-ip-nht.xml.i> <node name="tcp"> <properties> <help>IPv4 TCP parameters</help> diff --git a/interface-definitions/system_ipv6.xml.in b/interface-definitions/system_ipv6.xml.in index 8957cb6a7..dda00af38 100644 --- a/interface-definitions/system_ipv6.xml.in +++ b/interface-definitions/system_ipv6.xml.in @@ -36,6 +36,7 @@ #include <include/arp-ndp-table-size.xml.i> </children> </node> + #include <include/system-ip-nht.xml.i> #include <include/system-ipv6-protocol.xml.i> <leafNode name="strict-dad"> <properties> diff --git a/interface-definitions/vrf.xml.in b/interface-definitions/vrf.xml.in index e5ec539d3..25f26d0cc 100644 --- a/interface-definitions/vrf.xml.in +++ b/interface-definitions/vrf.xml.in @@ -34,6 +34,7 @@ </properties> <children> #include <include/interface/disable-forwarding.xml.i> + #include <include/system-ip-nht.xml.i> #include <include/system-ip-protocol.xml.i> </children> </node> @@ -43,6 +44,7 @@ </properties> <children> #include <include/interface/disable-forwarding.xml.i> + #include <include/system-ip-nht.xml.i> #include <include/system-ipv6-protocol.xml.i> </children> </node> diff --git a/smoketest/configs/egb-igp-route-maps b/smoketest/configs/egp-igp-route-maps index ca36691d4..ca36691d4 100644 --- a/smoketest/configs/egb-igp-route-maps +++ b/smoketest/configs/egp-igp-route-maps diff --git a/smoketest/scripts/cli/test_system_ip.py b/smoketest/scripts/cli/test_system_ip.py index 567416774..ac8b74236 100755 --- a/smoketest/scripts/cli/test_system_ip.py +++ b/smoketest/scripts/cli/test_system_ip.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2020-2023 VyOS maintainers and contributors +# Copyright (C) 2020-2024 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -120,5 +120,18 @@ class TestSystemIP(VyOSUnitTestSHIM.TestCase): # Commit again self.cli_commit() + def test_system_ip_nht(self): + self.cli_set(base_path + ['nht', 'no-resolve-via-default']) + self.cli_commit() + # Verify CLI config applied to FRR + frrconfig = self.getFRRconfig('', end='', daemon='zebra') + self.assertIn(f'no ip nht resolve-via-default', frrconfig) + + self.cli_delete(base_path + ['nht', 'no-resolve-via-default']) + self.cli_commit() + # Verify CLI config removed to FRR + frrconfig = self.getFRRconfig('', end='', daemon='zebra') + self.assertNotIn(f'no ip nht resolve-via-default', frrconfig) + if __name__ == '__main__': unittest.main(verbosity=2) diff --git a/smoketest/scripts/cli/test_system_ipv6.py b/smoketest/scripts/cli/test_system_ipv6.py index 225c2d666..bc0f7aa8c 100755 --- a/smoketest/scripts/cli/test_system_ipv6.py +++ b/smoketest/scripts/cli/test_system_ipv6.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2021-2023 VyOS maintainers and contributors +# Copyright (C) 2021-2024 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -131,5 +131,18 @@ class TestSystemIPv6(VyOSUnitTestSHIM.TestCase): # Commit again self.cli_commit() + def test_system_ipv6_nht(self): + self.cli_set(base_path + ['nht', 'no-resolve-via-default']) + self.cli_commit() + # Verify CLI config applied to FRR + frrconfig = self.getFRRconfig('', end='', daemon='zebra') + self.assertIn(f'no ipv6 nht resolve-via-default', frrconfig) + + self.cli_delete(base_path + ['nht', 'no-resolve-via-default']) + self.cli_commit() + # Verify CLI config removed to FRR + frrconfig = self.getFRRconfig('', end='', daemon='zebra') + self.assertNotIn(f'no ipv6 nht resolve-via-default', frrconfig) + if __name__ == '__main__': unittest.main(verbosity=2) diff --git a/smoketest/scripts/cli/test_vrf.py b/smoketest/scripts/cli/test_vrf.py index a3090ee41..438387f2d 100755 --- a/smoketest/scripts/cli/test_vrf.py +++ b/smoketest/scripts/cli/test_vrf.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2020-2023 VyOS maintainers and contributors +# Copyright (C) 2020-2024 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -495,6 +495,39 @@ class VRFTest(VyOSUnitTestSHIM.TestCase): frrconfig = self.getFRRconfig(f'vrf {vrf}') self.assertNotIn('vni', frrconfig) + def test_vrf_ip_ipv6_nht(self): + table = '6910' + + for vrf in vrfs: + base = base_path + ['name', vrf] + self.cli_set(base + ['table', table]) + self.cli_set(base + ['ip', 'nht', 'no-resolve-via-default']) + self.cli_set(base + ['ipv6', 'nht', 'no-resolve-via-default']) + + table = str(int(table) + 1) + + self.cli_commit() + + # Verify route-map properly applied to FRR + for vrf in vrfs: + frrconfig = self.getFRRconfig(f'vrf {vrf}', daemon='zebra') + self.assertIn(f'vrf {vrf}', frrconfig) + self.assertIn(f' no ip nht resolve-via-default', frrconfig) + self.assertIn(f' no ipv6 nht resolve-via-default', frrconfig) + + # Delete route-maps + for vrf in vrfs: + base = base_path + ['name', vrf] + self.cli_delete(base + ['ip']) + self.cli_delete(base + ['ipv6']) + + self.cli_commit() + + # Verify route-map properly is removed from FRR + for vrf in vrfs: + frrconfig = self.getFRRconfig(f'vrf {vrf}', daemon='zebra') + self.assertNotIn(f' no ip nht resolve-via-default', frrconfig) + self.assertNotIn(f' no ipv6 nht resolve-via-default', frrconfig) if __name__ == '__main__': unittest.main(verbosity=2) diff --git a/src/conf_mode/system_ip.py b/src/conf_mode/system_ip.py index 7612e2c0d..833f89554 100755 --- a/src/conf_mode/system_ip.py +++ b/src/conf_mode/system_ip.py @@ -127,6 +127,7 @@ def apply(opt): # The route-map used for the FIB (zebra) is part of the zebra daemon frr_cfg.load_configuration(zebra_daemon) + frr_cfg.modify_section(r'no ip nht resolve-via-default') frr_cfg.modify_section(r'ip protocol \w+ route-map [-a-zA-Z0-9.]+', stop_pattern='(\s|!)') if 'frr_zebra_config' in opt: frr_cfg.add_before(frr.default_add_before, opt['frr_zebra_config']) diff --git a/src/conf_mode/system_ipv6.py b/src/conf_mode/system_ipv6.py index 90a1a8087..00d440e35 100755 --- a/src/conf_mode/system_ipv6.py +++ b/src/conf_mode/system_ipv6.py @@ -104,6 +104,7 @@ def apply(opt): # The route-map used for the FIB (zebra) is part of the zebra daemon frr_cfg.load_configuration(zebra_daemon) + frr_cfg.modify_section(r'no ipv6 nht resolve-via-default') frr_cfg.modify_section(r'ipv6 protocol \w+ route-map [-a-zA-Z0-9.]+', stop_pattern='(\s|!)') if 'frr_zebra_config' in opt: frr_cfg.add_before(frr.default_add_before, opt['frr_zebra_config']) |