summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2023-08-11 22:25:53 +0200
committerChristian Breunig <christian@breunig.cc>2023-08-11 23:01:21 +0200
commit073961a5c833ca820a197c3635138b14e2b16cd7 (patch)
tree43949641142fe6b21dc47f43055a2cbcf4247882
parent63a8d17b89597e990e44f5b0111419778917e689 (diff)
downloadvyos-1x-073961a5c833ca820a197c3635138b14e2b16cd7.tar.gz
vyos-1x-073961a5c833ca820a197c3635138b14e2b16cd7.zip
ipv6: T5464: add support for per-interface dad (duplicate address detection) setting
-rw-r--r--interface-definitions/include/interface/ipv6-accept-dad.xml.i20
-rw-r--r--interface-definitions/include/interface/ipv6-options.xml.i1
-rw-r--r--python/vyos/ifconfig/interface.py26
-rw-r--r--smoketest/scripts/cli/base_interfaces_test.py8
4 files changed, 53 insertions, 2 deletions
diff --git a/interface-definitions/include/interface/ipv6-accept-dad.xml.i b/interface-definitions/include/interface/ipv6-accept-dad.xml.i
new file mode 100644
index 000000000..7554b270a
--- /dev/null
+++ b/interface-definitions/include/interface/ipv6-accept-dad.xml.i
@@ -0,0 +1,20 @@
+<!-- include start from interface/ipv6-accept-dad.xml.i -->
+<leafNode name="accept-dad">
+ <properties>
+ <help>Accept Duplicate Address Detection</help>
+ <valueHelp>
+ <format>0</format>
+ <description>Disable DAD</description>
+ </valueHelp>
+ <valueHelp>
+ <format>1</format>
+ <description>Enable DAD</description>
+ </valueHelp>
+ <valueHelp>
+ <format>2</format>
+ <description>Enable DAD - disable IPv6 if MAC-based duplicate link-local address found</description>
+ </valueHelp>
+ </properties>
+ <defaultValue>1</defaultValue>
+</leafNode>
+<!-- include end -->
diff --git a/interface-definitions/include/interface/ipv6-options.xml.i b/interface-definitions/include/interface/ipv6-options.xml.i
index f740ce0c2..d2e47de91 100644
--- a/interface-definitions/include/interface/ipv6-options.xml.i
+++ b/interface-definitions/include/interface/ipv6-options.xml.i
@@ -6,6 +6,7 @@
<children>
#include <include/interface/adjust-mss.xml.i>
#include <include/interface/disable-forwarding.xml.i>
+ #include <include/interface/ipv6-accept-dad.xml.i>
#include <include/interface/ipv6-address.xml.i>
#include <include/interface/ipv6-dup-addr-detect-transmits.xml.i>
</children>
diff --git a/python/vyos/ifconfig/interface.py b/python/vyos/ifconfig/interface.py
index 6e85b7a9d..cc6149428 100644
--- a/python/vyos/ifconfig/interface.py
+++ b/python/vyos/ifconfig/interface.py
@@ -191,6 +191,10 @@ class Interface(Control):
'validate': lambda fwd: assert_range(fwd,0,2),
'location': '/proc/sys/net/ipv6/conf/{ifname}/forwarding',
},
+ 'ipv6_accept_dad': {
+ 'validate': lambda dad: assert_range(dad,0,3),
+ 'location': '/proc/sys/net/ipv6/conf/{ifname}/accept_dad',
+ },
'ipv6_dad_transmits': {
'validate': assert_positive,
'location': '/proc/sys/net/ipv6/conf/{ifname}/dad_transmits',
@@ -256,6 +260,9 @@ class Interface(Control):
'ipv6_forwarding': {
'location': '/proc/sys/net/ipv6/conf/{ifname}/forwarding',
},
+ 'ipv6_accept_dad': {
+ 'location': '/proc/sys/net/ipv6/conf/{ifname}/accept_dad',
+ },
'ipv6_dad_transmits': {
'location': '/proc/sys/net/ipv6/conf/{ifname}/dad_transmits',
},
@@ -846,6 +853,13 @@ class Interface(Control):
return None
return self.set_interface('ipv6_forwarding', forwarding)
+ def set_ipv6_dad_accept(self, dad):
+ """Whether to accept DAD (Duplicate Address Detection)"""
+ tmp = self.get_interface('ipv6_accept_dad')
+ if tmp == dad:
+ return None
+ return self.set_interface('ipv6_accept_dad', dad)
+
def set_ipv6_dad_messages(self, dad):
"""
The amount of Duplicate Address Detection probes to send.
@@ -1551,9 +1565,17 @@ class Interface(Control):
value = '1' if (tmp != None) else '0'
self.set_ipv6_autoconf(value)
- # IPv6 Duplicate Address Detection (DAD) tries
+ # Whether to accept IPv6 DAD (Duplicate Address Detection) packets
+ tmp = dict_search('ipv6.accept_dad', config)
+ # Not all interface types got this CLI option, but if they do, there
+ # is an XML defaultValue available
+ if (tmp != None): self.set_ipv6_dad_accept(tmp)
+
+ # IPv6 DAD tries
tmp = dict_search('ipv6.dup_addr_detect_transmits', config)
- self.set_ipv6_dad_messages(tmp)
+ # Not all interface types got this CLI option, but if they do, there
+ # is an XML defaultValue available
+ if (tmp != None): self.set_ipv6_dad_messages(tmp)
# Delete old IPv6 EUI64 addresses before changing MAC
for addr in (dict_search('ipv6.address.eui64_old', config) or []):
diff --git a/smoketest/scripts/cli/base_interfaces_test.py b/smoketest/scripts/cli/base_interfaces_test.py
index cef61e42b..b5b65e253 100644
--- a/smoketest/scripts/cli/base_interfaces_test.py
+++ b/smoketest/scripts/cli/base_interfaces_test.py
@@ -843,6 +843,7 @@ class BasicInterfaceTest:
mss = '1400'
dad_transmits = '10'
+ accept_dad = '0'
for interface in self._interfaces:
path = self._base_path + [interface]
@@ -853,6 +854,9 @@ class BasicInterfaceTest:
if cli_defined(self._base_path + ['ipv6'], 'adjust-mss'):
self.cli_set(path + ['ipv6', 'adjust-mss', mss])
+ if cli_defined(self._base_path + ['ipv6'], 'accept-dad'):
+ self.cli_set(path + ['ipv6', 'accept-dad', accept_dad])
+
if cli_defined(self._base_path + ['ipv6'], 'dup-addr-detect-transmits'):
self.cli_set(path + ['ipv6', 'dup-addr-detect-transmits', dad_transmits])
@@ -870,6 +874,10 @@ class BasicInterfaceTest:
if line.startswith(base_options):
self.assertIn(f'tcp option maxseg size set {mss}', line)
+ if cli_defined(self._base_path + ['ipv6'], 'accept-dad'):
+ tmp = read_file(f'{proc_base}/accept_dad')
+ self.assertEqual(accept_dad, tmp)
+
if cli_defined(self._base_path + ['ipv6'], 'dup-addr-detect-transmits'):
tmp = read_file(f'{proc_base}/dad_transmits')
self.assertEqual(dad_transmits, tmp)