diff options
| author | Christian Poessinger <christian@poessinger.com> | 2021-07-02 22:24:35 +0200 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2021-07-02 22:24:35 +0200 |
| commit | 13924804aafa9a43b4a300fb9afbdf29b69603fb (patch) | |
| tree | f8a6c797ffdb4c1d72ece6a1d0d5d6143a355ccc | |
| parent | bc01277bdfdf49be8950fe2cbf3749d42da2850d (diff) | |
| download | vyos-1x-13924804aafa9a43b4a300fb9afbdf29b69603fb.tar.gz vyos-1x-13924804aafa9a43b4a300fb9afbdf29b69603fb.zip | |
conntrack: T3535: add support for multiple failsave links
| -rw-r--r-- | data/templates/conntrackd/conntrackd.conf.tmpl | 21 | ||||
| -rwxr-xr-x | src/conf_mode/conntrack_sync.py | 15 |
2 files changed, 25 insertions, 11 deletions
diff --git a/data/templates/conntrackd/conntrackd.conf.tmpl b/data/templates/conntrackd/conntrackd.conf.tmpl index ff6f785d5..45b7bff09 100644 --- a/data/templates/conntrackd/conntrackd.conf.tmpl +++ b/data/templates/conntrackd/conntrackd.conf.tmpl @@ -6,28 +6,31 @@ Sync { DisableExternalCache {{ 'on' if disable_external_cache is defined else 'off' }} } {% for iface, iface_config in interface.items() %} -{% if loop.first %} -{% if iface_config.peer is defined and iface_config.peer is not none %} +{% if iface_config.peer is defined and iface_config.peer is not none %} UDP { -{% if listen_address is defined and listen_address is not none %} +{% if listen_address is defined and listen_address is not none %} IPv4_address {{ listen_address }} -{% endif %} +{% endif %} IPv4_Destination_Address {{ iface_config.peer }} Port {{ iface_config.port if iface_config.port is defined else '3780' }} -{% else %} -{% set ip_address = iface | get_ipv4 %} + Interface {{ iface }} + SndSocketBuffer {{ sync_queue_size | int *1024 *1024 }} + RcvSocketBuffer {{ sync_queue_size | int *1024 *1024 }} + Checksum on + } +{% else %} Multicast { +{% set ip_address = iface | get_ipv4 %} IPv4_address {{ mcast_group }} Group {{ iface_config.port if iface_config.port is defined else '3780' }} IPv4_interface {{ ip_address[0] | ip_from_cidr }} -{% endif %} Interface {{ iface }} -{% endif %} -{% endfor %} SndSocketBuffer {{ sync_queue_size | int *1024 *1024 }} RcvSocketBuffer {{ sync_queue_size | int *1024 *1024 }} Checksum on } +{% endif %} +{% endfor %} {% if expect_sync is defined and expect_sync is not none %} Options { {% if 'all' in expect_sync %} diff --git a/src/conf_mode/conntrack_sync.py b/src/conf_mode/conntrack_sync.py index 7f22fa2dd..f82a077e6 100755 --- a/src/conf_mode/conntrack_sync.py +++ b/src/conf_mode/conntrack_sync.py @@ -71,15 +71,26 @@ def verify(conntrack): if 'interface' not in conntrack: raise ConfigError('Interface not defined!') - for interface in conntrack['interface']: + has_peer = False + for interface, interface_config in conntrack['interface'].items(): verify_interface_exists(interface) # Interface must not only exist, it must also carry an IP address if len(get_ipv4(interface)) < 1: raise ConfigError(f'Interface {interface} requires an IP address!') + if 'peer' in interface_config: + has_peer = True + + # If one interface runs in unicast mode instead of multicast, so must all the + # others, else conntrackd will error out with: "cannot use UDP with other + # dedicated link protocols" + if has_peer: + for interface, interface_config in conntrack['interface'].items(): + if 'peer' not in interface_config: + raise ConfigError('Can not mix unicast and multicast mode!') if 'expect_sync' in conntrack: if len(conntrack['expect_sync']) > 1 and 'all' in conntrack['expect_sync']: - raise ConfigError('Cannot configure all with other protocol') + raise ConfigError('Can not configure expect-sync "all" with other protocols!') if 'listen_address' in conntrack: address = conntrack['listen_address'] |