summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-02-10 21:05:28 +0100
committerChristian Poessinger <christian@poessinger.com>2021-02-10 21:05:28 +0100
commit4f884631d937b16258f352e085db79e4398c0971 (patch)
tree757423df1feb0000cf84a9aa86e6d3c3b698790e
parentc79a61a67468ba84ad19e6b09097fdbaec1aa649 (diff)
downloadvyos-1x-4f884631d937b16258f352e085db79e4398c0971.tar.gz
vyos-1x-4f884631d937b16258f352e085db79e4398c0971.zip
ripng: T3281: migrate to get_config_dict() and FRR reload
-rw-r--r--Makefile1
-rw-r--r--data/configd-include.json1
-rw-r--r--data/templates/frr/ripng.frr.tmpl82
-rw-r--r--interface-definitions/protocols-ripng.xml.in4
-rwxr-xr-xsmoketest/scripts/cli/test_protocols_ripng.py8
-rwxr-xr-xsrc/conf_mode/protocols_ripng.py133
6 files changed, 222 insertions, 7 deletions
diff --git a/Makefile b/Makefile
index ad71219eb..882d5311b 100644
--- a/Makefile
+++ b/Makefile
@@ -45,7 +45,6 @@ interface_definitions: $(config_xml_obj)
rm -f $(TMPL_DIR)/vpn/node.def
rm -f $(TMPL_DIR)/vpn/ipsec/node.def
rm -rf $(TMPL_DIR)/vpn/nipsec
- rm -rf $(TMPL_DIR)/protocols/nripng
# XXX: required until OSPF and RIP is migrated from vyatta-cfg-quagga to vyos-1x
mkdir $(TMPL_DIR)/interfaces/loopback/node.tag/ipv6
diff --git a/data/configd-include.json b/data/configd-include.json
index 495000961..e50dbf1b2 100644
--- a/data/configd-include.json
+++ b/data/configd-include.json
@@ -40,6 +40,7 @@
"protocols_ospfv3.py",
"protocols_pim.py",
"protocols_rip.py",
+"protocols_ripng.py",
"protocols_static.py",
"protocols_static_multicast.py",
"protocols_vrf.py",
diff --git a/data/templates/frr/ripng.frr.tmpl b/data/templates/frr/ripng.frr.tmpl
new file mode 100644
index 000000000..ac14dfd3f
--- /dev/null
+++ b/data/templates/frr/ripng.frr.tmpl
@@ -0,0 +1,82 @@
+!
+router ripng
+{% if default_information is defined and default_information.originate is defined %}
+ default-information originate
+{% endif %}
+{% if default_metric is defined and default_metric is not none %}
+ default-metric {{ default_metric }}
+{% endif %}
+{% if aggregate_address is defined and aggregate_address is not none %}
+{% for prefix in aggregate_address %}
+ aggregate-address {{ prefix }}
+{% endfor %}
+{% endif %}
+{% if passive_interface is defined and passive_interface is not none %}
+{% for ifname in passive_interface %}
+ passive-interface {{ ifname }}
+{% endfor %}
+{% endif %}
+{% if interface is defined and interface is not none %}
+{% for ifname in interface %}
+ network {{ ifname }}
+{% endfor %}
+{% endif %}
+{% if network is defined and network is not none %}
+{% for net in network %}
+ network {{ net }}
+{% endfor %}
+{% endif %}
+{% if route is defined and route is not none %}
+{% for prefix in route %}
+ route {{ prefix }}
+{% endfor %}
+{% endif %}
+{% if redistribute is defined and redistribute is not none %}
+{% for protocol, protocol_config in redistribute.items() %}
+{% if protocol == 'ospfv3' %}
+{% set protocol = 'ospf6' %}
+{% endif %}
+ redistribute {{ protocol }} {{ 'metric ' + protocol_config.metric if protocol_config.metric is defined }} {{ 'route-map ' + protocol_config.route_map if protocol_config.route_map is defined }}
+{% endfor %}
+{% endif %}
+{# timers have default values #}
+ timers basic {{ timers['update'] }} {{ timers.timeout }} {{ timers.garbage_collection }}
+{% if distribute_list is defined and distribute_list is not none %}
+{% if distribute_list.access_list is defined and distribute_list.access_list is not none %}
+{% if distribute_list.access_list.in is defined and distribute_list.access_list.in is not none %}
+ ipv6 distribute-list {{ distribute_list.access_list.in }} in
+{% endif %}
+{% if distribute_list.access_list.out is defined and distribute_list.access_list.out is not none %}
+ ipv6 distribute-list {{ distribute_list.access_list.out }} out
+{% endif %}
+{% endif %}
+{% if distribute_list.interface is defined and distribute_list.interface is not none %}
+{% for interface, interface_config in distribute_list.interface.items() %}
+{% if interface_config.access_list is defined and interface_config.access_list is not none %}
+{% if interface_config.access_list.in is defined and interface_config.access_list.in is not none %}
+ ipv6 distribute-list {{ interface_config.access_list.in }} in {{ interface }}
+{% endif %}
+{% if interface_config.access_list.out is defined and interface_config.access_list.out is not none %}
+ ipv6 distribute-list {{ interface_config.access_list.out }} out {{ interface }}
+{% endif %}
+{% endif %}
+{% if interface_config.prefix_list is defined and interface_config.prefix_list is not none %}
+{% if interface_config.prefix_list.in is defined and interface_config.prefix_list.in is not none %}
+ ipv6 distribute-list prefix {{ interface_config.prefix_list.in }} in {{ interface }}
+{% endif %}
+{% if interface_config.prefix_list.out is defined and interface_config.prefix_list.out is not none %}
+ ipv6 distribute-list prefix {{ interface_config.prefix_list.out }} out {{ interface }}
+{% endif %}
+{% endif %}
+{% endfor %}
+{% endif %}
+{% if distribute_list.prefix_list is defined and distribute_list.prefix_list is not none %}
+{% if distribute_list.prefix_list.in is defined and distribute_list.prefix_list.in is not none %}
+ ipv6 distribute-list prefix {{ distribute_list.prefix_list.in }} in
+{% endif %}
+{% if distribute_list.prefix_list.out is defined and distribute_list.prefix_list.out is not none %}
+ ipv6 distribute-list prefix {{ distribute_list.prefix_list.out }} out
+{% endif %}
+{% endif %}
+{% endif %}
+!
diff --git a/interface-definitions/protocols-ripng.xml.in b/interface-definitions/protocols-ripng.xml.in
index 74f720e89..e456c3f3b 100644
--- a/interface-definitions/protocols-ripng.xml.in
+++ b/interface-definitions/protocols-ripng.xml.in
@@ -1,8 +1,8 @@
-<!-- Routing Information Protocol (RIPng) configuration -->
+<?xml version="1.0"?>
<interfaceDefinition>
<node name="protocols">
<children>
- <node name="nripng" owner="${vyos_conf_scripts_dir}/protocols_ripng.py">
+ <node name="ripng" owner="${vyos_conf_scripts_dir}/protocols_ripng.py">
<properties>
<help>Routing Information Protocol (RIPng) parameters</help>
</properties>
diff --git a/smoketest/scripts/cli/test_protocols_ripng.py b/smoketest/scripts/cli/test_protocols_ripng.py
index 90cbaccd8..6850b60d3 100755
--- a/smoketest/scripts/cli/test_protocols_ripng.py
+++ b/smoketest/scripts/cli/test_protocols_ripng.py
@@ -107,10 +107,10 @@ class TestProtocolsRIPng(unittest.TestCase):
self.assertIn(f'router ripng', frrconfig)
self.assertIn(f' default-information originate', frrconfig)
self.assertIn(f' default-metric {metric}', frrconfig)
- self.assertIn(f' distribute-list {acl_in} in', frrconfig)
- self.assertIn(f' distribute-list {acl_out} out', frrconfig)
- self.assertIn(f' distribute-list prefix {prefix_list_in} in', frrconfig)
- self.assertIn(f' distribute-list prefix {prefix_list_out} out', frrconfig)
+ self.assertIn(f' ipv6 distribute-list {acl_in} in', frrconfig)
+ self.assertIn(f' ipv6 distribute-list {acl_out} out', frrconfig)
+ self.assertIn(f' ipv6 distribute-list prefix {prefix_list_in} in', frrconfig)
+ self.assertIn(f' ipv6 distribute-list prefix {prefix_list_out} out', frrconfig)
self.assertIn(f' passive-interface default', frrconfig)
self.assertIn(f' timers basic {timer_update} {timer_timeout} {timer_garbage}', frrconfig)
for aggregate in aggregates:
diff --git a/src/conf_mode/protocols_ripng.py b/src/conf_mode/protocols_ripng.py
new file mode 100755
index 000000000..8cc5de64a
--- /dev/null
+++ b/src/conf_mode/protocols_ripng.py
@@ -0,0 +1,133 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2021 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import os
+
+from sys import exit
+
+from vyos.config import Config
+from vyos.configdict import dict_merge
+from vyos.configverify import verify_route_maps
+from vyos.util import call
+from vyos.util import dict_search
+from vyos.xml import defaults
+from vyos.template import render_to_string
+from vyos import ConfigError
+from vyos import frr
+from vyos import airbag
+airbag.enable()
+
+frr_daemon = 'ripngd'
+
+def get_config(config=None):
+ if config:
+ conf = config
+ else:
+ conf = Config()
+ base = ['protocols', 'ripng']
+ ripng = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True)
+
+ # Bail out early if configuration tree does not exist
+ if not conf.exists(base):
+ return ripng
+
+ # We have gathered the dict representation of the CLI, but there are default
+ # options which we need to update into the dictionary retrived.
+ default_values = defaults(base)
+ # merge in remaining default values
+ ripng = dict_merge(default_values, ripng)
+
+ # We also need some additional information from the config, prefix-lists
+ # and route-maps for instance. They will be used in verify()
+ base = ['policy']
+ tmp = conf.get_config_dict(base, key_mangling=('-', '_'))
+ # Merge policy dict into OSPF dict
+ ripng = dict_merge(tmp, ripng)
+
+ import pprint
+ pprint.pprint(ripng)
+ return ripng
+
+def verify(ripng):
+ if not ripng:
+ return None
+
+ acl_in = dict_search('distribute_list.access_list.in', ripng)
+ if acl_in and acl_in not in (dict_search('policy.access_list6', ripng) or []):
+ raise ConfigError(f'Inbound access-list6 "{acl_in}" does not exist!')
+
+ acl_out = dict_search('distribute_list.access_list.out', ripng)
+ if acl_out and acl_out not in (dict_search('policy.access_list6', ripng) or []):
+ raise ConfigError(f'Outbound access-list6 "{acl_out}" does not exist!')
+
+ prefix_list_in = dict_search('distribute_list.prefix_list.in', ripng)
+ if prefix_list_in and prefix_list_in.replace('-','_') not in (dict_search('policy.prefix_list6', ripng) or []):
+ raise ConfigError(f'Inbound prefix-list6 "{prefix_list_in}" does not exist!')
+
+ prefix_list_out = dict_search('distribute_list.prefix_list.out', ripng)
+ if prefix_list_out and prefix_list_out.replace('-','_') not in (dict_search('policy.prefix_list6', ripng) or []):
+ raise ConfigError(f'Outbound prefix-list6 "{prefix_list_out}" does not exist!')
+
+ if 'interface' in ripng:
+ for interface, interface_options in ripng['interface'].items():
+ if 'authentication' in interface_options:
+ if {'md5', 'plaintext_password'} <= set(interface_options['authentication']):
+ raise ConfigError('Can not use both md5 and plaintext-password at the same time!')
+ if 'split_horizon' in interface_options:
+ if {'disable', 'poison_reverse'} <= set(interface_options['split_horizon']):
+ raise ConfigError(f'You can not have "split-horizon poison-reverse" enabled ' \
+ f'with "split-horizon disable" for "{interface}"!')
+
+ verify_route_maps(ripng)
+
+def generate(ripng):
+ if not ripng:
+ ripng['new_frr_config'] = ''
+ return None
+
+ ripng['new_frr_config'] = render_to_string('frr/ripng.frr.tmpl', ripng)
+ import pprint
+ pprint.pprint(ripng['new_frr_config'])
+
+ return None
+
+def apply(ripng):
+ # Save original configuration prior to starting any commit actions
+ frr_cfg = frr.FRRConfig()
+ frr_cfg.load_configuration(frr_daemon)
+ frr_cfg.modify_section(r'key chain \S+', '')
+ frr_cfg.modify_section(r'interface \S+', '')
+ frr_cfg.modify_section('router ripng', '')
+ frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', ripng['new_frr_config'])
+ frr_cfg.commit_configuration(frr_daemon)
+
+ # If FRR config is blank, rerun the blank commit x times due to frr-reload
+ # behavior/bug not properly clearing out on one commit.
+ if ripng['new_frr_config'] == '':
+ for a in range(5):
+ frr_cfg.commit_configuration(frr_daemon)
+
+ return None
+
+if __name__ == '__main__':
+ try:
+ c = get_config()
+ verify(c)
+ generate(c)
+ apply(c)
+ except ConfigError as e:
+ print(e)
+ exit(1)