summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2024-02-29 16:45:27 +0100
committerGitHub <noreply@github.com>2024-02-29 16:45:27 +0100
commitbb70f9964fd845bca0a5396dde7ca50e3daa2db3 (patch)
treef3fb3c800023f895eb09c60c0b19af320ebdd7c8
parentbeb120958f0a6556db30a2aaf8dcd997506b2035 (diff)
parent195428e467c24e4bac59ea639891b0ada898bd30 (diff)
downloadvyos-1x-bb70f9964fd845bca0a5396dde7ca50e3daa2db3.tar.gz
vyos-1x-bb70f9964fd845bca0a5396dde7ca50e3daa2db3.zip
Merge pull request #3064 from vyos/mergify/bp/sagitta/pr-3056
T5504: Keepalived VRRP ability to set more than one peer-address (backport #3056)
-rw-r--r--data/templates/high-availability/keepalived.conf.j26
-rw-r--r--interface-definitions/high-availability.xml.in1
-rwxr-xr-xsmoketest/scripts/cli/test_high-availability_vrrp.py27
-rwxr-xr-xsrc/conf_mode/high-availability.py10
4 files changed, 39 insertions, 5 deletions
diff --git a/data/templates/high-availability/keepalived.conf.j2 b/data/templates/high-availability/keepalived.conf.j2
index d54f575b5..f34ce64e2 100644
--- a/data/templates/high-availability/keepalived.conf.j2
+++ b/data/templates/high-availability/keepalived.conf.j2
@@ -82,7 +82,11 @@ vrrp_instance {{ name }} {
nopreempt
{% endif %}
{% if group_config.peer_address is vyos_defined %}
- unicast_peer { {{ group_config.peer_address }} }
+ unicast_peer {
+{% for peer_address in group_config.peer_address %}
+ {{ peer_address }}
+{% endfor %}
+ }
{% endif %}
{% if group_config.hello_source_address is vyos_defined %}
{% if group_config.peer_address is vyos_defined %}
diff --git a/interface-definitions/high-availability.xml.in b/interface-definitions/high-availability.xml.in
index 59f0f1052..aef57f8ae 100644
--- a/interface-definitions/high-availability.xml.in
+++ b/interface-definitions/high-availability.xml.in
@@ -195,6 +195,7 @@
<constraint>
<validator name="ip-address"/>
</constraint>
+ <multi/>
</properties>
</leafNode>
<leafNode name="no-preempt">
diff --git a/smoketest/scripts/cli/test_high-availability_vrrp.py b/smoketest/scripts/cli/test_high-availability_vrrp.py
index 98259d830..1bb35e422 100755
--- a/smoketest/scripts/cli/test_high-availability_vrrp.py
+++ b/smoketest/scripts/cli/test_high-availability_vrrp.py
@@ -237,5 +237,32 @@ class TestVRRP(VyOSUnitTestSHIM.TestCase):
self.assertIn(f'track_interface', config)
self.assertIn(f' {none_vrrp_interface}', config)
+ def test_05_set_multiple_peer_address(self):
+ group = 'VyOS-WAN'
+ vlan_id = '24'
+ vip = '100.64.24.1/24'
+ peer_address_1 = '192.0.2.1'
+ peer_address_2 = '192.0.2.2'
+ vrid = '150'
+ group_base = base_path + ['vrrp', 'group', group]
+
+ self.cli_set(['interfaces', 'ethernet', vrrp_interface, 'vif', vlan_id, 'address', '100.64.24.11/24'])
+ self.cli_set(group_base + ['interface', vrrp_interface])
+ self.cli_set(group_base + ['address', vip])
+ self.cli_set(group_base + ['peer-address', peer_address_1])
+ self.cli_set(group_base + ['peer-address', peer_address_2])
+ self.cli_set(group_base + ['vrid', vrid])
+
+ # commit changes
+ self.cli_commit()
+
+ config = getConfig(f'vrrp_instance {group}')
+
+ self.assertIn(f'interface {vrrp_interface}', config)
+ self.assertIn(f'virtual_router_id {vrid}', config)
+ self.assertIn(f'unicast_peer', config)
+ self.assertIn(f' {peer_address_1}', config)
+ self.assertIn(f' {peer_address_2}', config)
+
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/src/conf_mode/high-availability.py b/src/conf_mode/high-availability.py
index b3b27b14e..59d49ea67 100755
--- a/src/conf_mode/high-availability.py
+++ b/src/conf_mode/high-availability.py
@@ -125,8 +125,9 @@ def verify(ha):
raise ConfigError(f'VRRP group "{group}" uses IPv4 but hello-source-address is IPv6!')
if 'peer_address' in group_config:
- if is_ipv6(group_config['peer_address']):
- raise ConfigError(f'VRRP group "{group}" uses IPv4 but peer-address is IPv6!')
+ for peer_address in group_config['peer_address']:
+ if is_ipv6(peer_address):
+ raise ConfigError(f'VRRP group "{group}" uses IPv4 but peer-address is IPv6!')
if vaddrs6:
tmp = {'interface': interface, 'vrid': vrid, 'ipver': 'IPv6'}
@@ -139,8 +140,9 @@ def verify(ha):
raise ConfigError(f'VRRP group "{group}" uses IPv6 but hello-source-address is IPv4!')
if 'peer_address' in group_config:
- if is_ipv4(group_config['peer_address']):
- raise ConfigError(f'VRRP group "{group}" uses IPv6 but peer-address is IPv4!')
+ for peer_address in group_config['peer_address']:
+ if is_ipv4(peer_address):
+ raise ConfigError(f'VRRP group "{group}" uses IPv6 but peer-address is IPv4!')
# Check sync groups
if 'vrrp' in ha and 'sync_group' in ha['vrrp']:
for sync_group, sync_config in ha['vrrp']['sync_group'].items():