diff options
| author | Christian Poessinger <christian@poessinger.com> | 2021-02-28 12:17:28 +0100 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2021-02-28 18:10:08 +0100 |
| commit | 49bc3f1e3ff8416908fc986bb60b444a75a1722d (patch) | |
| tree | c7149a6951535d84579208aa8d0ec19dc2e2d66c | |
| parent | f13cc56d665a91ff3fac47df260301afefb1a3a5 (diff) | |
| download | vyos-1x-49bc3f1e3ff8416908fc986bb60b444a75a1722d.tar.gz vyos-1x-49bc3f1e3ff8416908fc986bb60b444a75a1722d.zip | |
vif: T3349: use fixed ordering when enabling parent and child interface
When a VIF/VLAN interface is placed in admin down state but the lower
interface, serving the vlan, is moved from admin down -> admin up, all its
vlan interfaces will be placed in admin up state, too.
This is bad as a VLAN interface will become admin up even if its specified as
admin down after a reboot.
To reproduce:
set interfaces ethernet eth1 vif 20 disable
set interfaces ethernet eth1 disable
commit
delete interfaces ethernet eth1 disable
commit
Now check the interface state and it returns UP,LOWER_UP
7: eth1.20@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:50:56:b3:09:07 brd ff:ff:ff:ff:ff:ff
inet6 fe80::250:56ff:feb3:907/64 scope link
valid_lft forever preferred_lft forever
| -rw-r--r-- | python/vyos/ifconfig/bond.py | 14 | ||||
| -rw-r--r-- | python/vyos/ifconfig/bridge.py | 17 | ||||
| -rw-r--r-- | python/vyos/ifconfig/dummy.py | 19 | ||||
| -rwxr-xr-x | python/vyos/ifconfig/erspan.py | 19 | ||||
| -rw-r--r-- | python/vyos/ifconfig/ethernet.py | 14 | ||||
| -rw-r--r-- | python/vyos/ifconfig/geneve.py | 19 | ||||
| -rw-r--r-- | python/vyos/ifconfig/interface.py | 29 | ||||
| -rw-r--r-- | python/vyos/ifconfig/l2tpv3.py | 21 | ||||
| -rw-r--r-- | python/vyos/ifconfig/loopback.py | 10 | ||||
| -rw-r--r-- | python/vyos/ifconfig/macsec.py | 19 | ||||
| -rw-r--r-- | python/vyos/ifconfig/macvlan.py | 19 | ||||
| -rw-r--r-- | python/vyos/ifconfig/tunnel.py | 10 | ||||
| -rw-r--r-- | python/vyos/ifconfig/vtun.py | 19 | ||||
| -rw-r--r-- | python/vyos/ifconfig/vxlan.py | 19 | ||||
| -rw-r--r-- | python/vyos/ifconfig/wireguard.py | 11 | ||||
| -rw-r--r-- | python/vyos/ifconfig/wireless.py | 10 | ||||
| -rw-r--r-- | smoketest/scripts/cli/base_interfaces_test.py | 36 |
17 files changed, 53 insertions, 252 deletions
diff --git a/python/vyos/ifconfig/bond.py b/python/vyos/ifconfig/bond.py index 28b5da3ee..bfa3b0025 100644 --- a/python/vyos/ifconfig/bond.py +++ b/python/vyos/ifconfig/bond.py @@ -341,9 +341,6 @@ class BondIf(Interface): if 'shutdown_required' in config: self.set_admin_state('down') - # call base class first - super().update(config) - # ARP monitor targets need to be synchronized between sysfs and CLI. # Unfortunately an address can't be send twice to sysfs as this will # result in the following exception: OSError: [Errno 22] Invalid argument. @@ -402,12 +399,5 @@ class BondIf(Interface): value = config.get('primary') if value: self.set_primary(value) - # Enable/Disable of an interface must always be done at the end of the - # derived class to make use of the ref-counting set_admin_state() - # function. We will only enable the interface if 'up' was called as - # often as 'down'. This is required by some interface implementations - # as certain parameters can only be changed when the interface is - # in admin-down state. This ensures the link does not flap during - # reconfiguration. - state = 'down' if 'disable' in config else 'up' - self.set_admin_state(state) + # call base class first + super().update(config) diff --git a/python/vyos/ifconfig/bridge.py b/python/vyos/ifconfig/bridge.py index 69f652547..600bd3db8 100644 --- a/python/vyos/ifconfig/bridge.py +++ b/python/vyos/ifconfig/bridge.py @@ -233,11 +233,6 @@ class BridgeIf(Interface): interface setup code and provide a single point of entry when workin on any interface. """ - # call base class first - super().update(config) - - ifname = config['ifname'] - # Set ageing time value = config.get('aging') self.set_ageing_time(value) @@ -277,6 +272,7 @@ class BridgeIf(Interface): vlan_filter = '1' if 'enable_vlan' in config else '0' self.set_vlan_filter(vlan_filter) + ifname = config['ifname'] if int(vlan_filter): add_vlan = [] cur_vlan_ids = get_vlan_ids(ifname) @@ -364,12 +360,5 @@ class BridgeIf(Interface): cmd = f'bridge vlan add dev {interface} vid {native_vlan_id} pvid untagged master' self._cmd(cmd) - # Enable/Disable of an interface must always be done at the end of the - # derived class to make use of the ref-counting set_admin_state() - # function. We will only enable the interface if 'up' was called as - # often as 'down'. This is required by some interface implementations - # as certain parameters can only be changed when the interface is - # in admin-down state. This ensures the link does not flap during - # reconfiguration. - state = 'down' if 'disable' in config else 'up' - self.set_admin_state(state) + # call base class first + super().update(config) diff --git a/python/vyos/ifconfig/dummy.py b/python/vyos/ifconfig/dummy.py index 0019fc52b..d45769931 100644 --- a/python/vyos/ifconfig/dummy.py +++ b/python/vyos/ifconfig/dummy.py @@ -31,22 +31,3 @@ class DummyIf(Interface): 'prefixes': ['dum', ], }, } - - def update(self, config): - """ General helper function which works on a dictionary retrived by - get_config_dict(). It's main intention is to consolidate the scattered - interface setup code and provide a single point of entry when workin - on any interface. """ - - # call base class first - super().update(config) - - # Enable/Disable of an interface must always be done at the end of the - # derived class to make use of the ref-counting set_admin_state() - # function. We will only enable the interface if 'up' was called as - # often as 'down'. This is required by some interface implementations - # as certain parameters can only be changed when the interface is - # in admin-down state. This ensures the link does not flap during - # reconfiguration. - state = 'down' if 'disable' in config else 'up' - self.set_admin_state(state) diff --git a/python/vyos/ifconfig/erspan.py b/python/vyos/ifconfig/erspan.py index 9e24cf6cd..03b2acdbf 100755 --- a/python/vyos/ifconfig/erspan.py +++ b/python/vyos/ifconfig/erspan.py @@ -47,25 +47,6 @@ class _ERSpan(Interface): def change_options(self): pass - def update(self, config): - """ General helper function which works on a dictionary retrived by - get_config_dict(). It's main intention is to consolidate the scattered - interface setup code and provide a single point of entry when workin - on any interface. """ - - # call base class first - super().update(config) - - # Enable/Disable of an interface must always be done at the end of the - # derived class to make use of the ref-counting set_admin_state() - # function. We will only enable the interface if 'up' was called as - # often as 'down'. This is required by some interface implementations - # as certain parameters can only be changed when the interface is - # in admin-down state. This ensures the link does not flap during - # reconfiguration. - state = 'down' if 'disable' in config else 'up' - self.set_admin_state(state) - def _create(self): pass diff --git a/python/vyos/ifconfig/ethernet.py b/python/vyos/ifconfig/ethernet.py index aca0aeead..b89ca5a5c 100644 --- a/python/vyos/ifconfig/ethernet.py +++ b/python/vyos/ifconfig/ethernet.py @@ -318,9 +318,6 @@ class EthernetIf(Interface): interface setup code and provide a single point of entry when workin on any interface. """ - # call base class first - super().update(config) - # disable ethernet flow control (pause frames) value = 'off' if 'disable_flow_control' in config else 'on' self.set_flow_control(value) @@ -354,12 +351,5 @@ class EthernetIf(Interface): for b_type in config['ring_buffer']: self.set_ring_buffer(b_type, config['ring_buffer'][b_type]) - # Enable/Disable of an interface must always be done at the end of the - # derived class to make use of the ref-counting set_admin_state() - # function. We will only enable the interface if 'up' was called as - # often as 'down'. This is required by some interface implementations - # as certain parameters can only be changed when the interface is - # in admin-down state. This ensures the link does not flap during - # reconfiguration. - state = 'down' if 'disable' in config else 'up' - self.set_admin_state(state) + # call base class first + super().update(config) diff --git a/python/vyos/ifconfig/geneve.py b/python/vyos/ifconfig/geneve.py index 1b3ee0dc9..6747d2bd6 100644 --- a/python/vyos/ifconfig/geneve.py +++ b/python/vyos/ifconfig/geneve.py @@ -42,22 +42,3 @@ class GeneveIf(Interface): # interface is always A/D down. It needs to be enabled explicitly self.set_admin_state('down') - - def update(self, config): - """ General helper function which works on a dictionary retrived by - get_config_dict(). It's main intention is to consolidate the scattered - interface setup code and provide a single point of entry when workin - on any interface. """ - - # call base class first - super().update(config) - - # Enable/Disable of an interface must always be done at the end of the - # derived class to make use of the ref-counting set_admin_state() - # function. We will only enable the interface if 'up' was called as - # often as 'down'. This is required by some interface implementations - # as certain parameters can only be changed when the interface is - # in admin-down state. This ensures the link does not flap during - # reconfiguration. - state = 'down' if 'disable' in config else 'up' - self.set_admin_state(state) diff --git a/python/vyos/ifconfig/interface.py b/python/vyos/ifconfig/interface.py index 9c0ee2ab1..dff9fa810 100644 --- a/python/vyos/ifconfig/interface.py +++ b/python/vyos/ifconfig/interface.py @@ -1241,6 +1241,16 @@ class Interface(Control): # configure port mirror self.set_mirror() + # Enable/Disable of an interface must always be done at the end of the + # derived class to make use of the ref-counting set_admin_state() + # function. We will only enable the interface if 'up' was called as + # often as 'down'. This is required by some interface implementations + # as certain parameters can only be changed when the interface is + # in admin-down state. This ensures the link does not flap during + # reconfiguration. + state = 'down' if 'disable' in config else 'up' + self.set_admin_state(state) + # remove no longer required 802.1ad (Q-in-Q VLANs) ifname = config['ifname'] for vif_s_id in config.get('vif_s_remove', {}): @@ -1359,22 +1369,3 @@ class VLANIf(Interface): def set_mirror(self): return - - def update(self, config): - """ General helper function which works on a dictionary retrived by - get_config_dict(). It's main intention is to consolidate the scattered - interface setup code and provide a single point of entry when workin - on any interface. """ - - # call base class first - super().update(config) - - # Enable/Disable of an interface must always be done at the end of the - # derived class to make use of the ref-counting set_admin_state() - # function. We will only enable the interface if 'up' was called as - # often as 'down'. This is required by some interface implementations - # as certain parameters can only be changed when the interface is - # in admin-down state. This ensures the link does not flap during - # reconfiguration. - state = 'down' if 'disable' in config else 'up' - self.set_admin_state(state) diff --git a/python/vyos/ifconfig/l2tpv3.py b/python/vyos/ifconfig/l2tpv3.py index b717394a6..7ff0fdd0e 100644 --- a/python/vyos/ifconfig/l2tpv3.py +++ b/python/vyos/ifconfig/l2tpv3.py @@ -78,24 +78,3 @@ class L2TPv3If(Interface): if 'tunnel_id' in self.config: cmd = 'ip l2tp del tunnel tunnel_id {tunnel_id}' self._cmd(cmd.format(**self.config)) - - - def update(self, config): - """ General helper function which works on a dictionary retrived by - get_config_dict(). It's main intention is to consolidate the scattered - interface setup code and provide a single point of entry when workin - on any interface. """ - - # call base class first - super().update(config) - - # Enable/Disable of an interface must always be done at the end of the - # derived class to make use of the ref-counting set_admin_state() - # function. We will only enable the interface if 'up' was called as - # often as 'down'. This is required by some interface implementations - # as certain parameters can only be changed when the interface is - # in admin-down state. This ensures the link does not flap during - # reconfiguration. - state = 'down' if 'disable' in config else 'up' - self.set_admin_state(state) - diff --git a/python/vyos/ifconfig/loopback.py b/python/vyos/ifconfig/loopback.py index d323feed8..192c12f5c 100644 --- a/python/vyos/ifconfig/loopback.py +++ b/python/vyos/ifconfig/loopback.py @@ -66,13 +66,3 @@ class LoopbackIf(Interface): # call base class super().update(config) - - # Enable/Disable of an interface must always be done at the end of the - # derived class to make use of the ref-counting set_admin_state() - # function. We will only enable the interface if 'up' was called as - # often as 'down'. This is required by some interface implementations - # as certain parameters can only be changed when the interface is - # in admin-down state. This ensures the link does not flap during - # reconfiguration. - state = 'down' if 'disable' in config else 'up' - self.set_admin_state(state) diff --git a/python/vyos/ifconfig/macsec.py b/python/vyos/ifconfig/macsec.py index c15273080..1a78d18d8 100644 --- a/python/vyos/ifconfig/macsec.py +++ b/python/vyos/ifconfig/macsec.py @@ -48,22 +48,3 @@ class MACsecIf(Interface): # interface is always A/D down. It needs to be enabled explicitly self.set_admin_state('down') - - def update(self, config): - """ General helper function which works on a dictionary retrived by - get_config_dict(). It's main intention is to consolidate the scattered - interface setup code and provide a single point of entry when workin - on any interface. """ - - # call base class first - super().update(config) - - # Enable/Disable of an interface must always be done at the end of the - # derived class to make use of the ref-counting set_admin_state() - # function. We will only enable the interface if 'up' was called as - # often as 'down'. This is required by some interface implementations - # as certain parameters can only be changed when the interface is - # in admin-down state. This ensures the link does not flap during - # reconfiguration. - state = 'down' if 'disable' in config else 'up' - self.set_admin_state(state) diff --git a/python/vyos/ifconfig/macvlan.py b/python/vyos/ifconfig/macvlan.py index 73e2eea9e..776014bc3 100644 --- a/python/vyos/ifconfig/macvlan.py +++ b/python/vyos/ifconfig/macvlan.py @@ -38,22 +38,3 @@ class MACVLANIf(Interface): ifname = self.config['ifname'] cmd = f'ip link set dev {ifname} type macvlan mode {mode}' return self._cmd(cmd) - - def update(self, config): - """ General helper function which works on a dictionary retrived by - get_config_dict(). It's main intention is to consolidate the scattered - interface setup code and provide a single point of entry when workin - on any interface. """ - - # call base class first - super().update(config) - - # Enable/Disable of an interface must always be done at the end of the - # derived class to make use of the ref-counting set_admin_state() - # function. We will only enable the interface if 'up' was called as - # often as 'down'. This is required by some interface implementations - # as certain parameters can only be changed when the interface is - # in admin-down state. This ensures the link does not flap during - # reconfiguration. - state = 'down' if 'disable' in config else 'up' - self.set_admin_state(state) diff --git a/python/vyos/ifconfig/tunnel.py b/python/vyos/ifconfig/tunnel.py index bb940b0cf..b9d5ab983 100644 --- a/python/vyos/ifconfig/tunnel.py +++ b/python/vyos/ifconfig/tunnel.py @@ -184,13 +184,3 @@ class TunnelIf(Interface): # call base class first super().update(config) - - # Enable/Disable of an interface must always be done at the end of the - # derived class to make use of the ref-counting set_admin_state() - # function. We will only enable the interface if 'up' was called as - # often as 'down'. This is required by some interface implementations - # as certain parameters can only be changed when the interface is - # in admin-down state. This ensures the link does not flap during - # reconfiguration. - state = 'down' if 'disable' in config else 'up' - self.set_admin_state(state) diff --git a/python/vyos/ifconfig/vtun.py b/python/vyos/ifconfig/vtun.py index 8f027cf9d..6fb414e56 100644 --- a/python/vyos/ifconfig/vtun.py +++ b/python/vyos/ifconfig/vtun.py @@ -47,22 +47,3 @@ class VTunIf(Interface): def del_addr(self, addr): # IP addresses are managed by OpenVPN daemon pass - - def update(self, config): - """ General helper function which works on a dictionary retrived by - get_config_dict(). It's main intention is to consolidate the scattered - interface setup code and provide a single point of entry when workin - on any interface. """ - - # call base class first - super().update(config) - - # Enable/Disable of an interface must always be done at the end of the - # derived class to make use of the ref-counting set_admin_state() - # function. We will only enable the interface if 'up' was called as - # often as 'down'. This is required by some interface implementations - # as certain parameters can only be changed when the interface is - # in admin-down state. This ensures the link does not flap during - # reconfiguration. - state = 'down' if 'disable' in config else 'up' - self.set_admin_state(state) diff --git a/python/vyos/ifconfig/vxlan.py b/python/vyos/ifconfig/vxlan.py index e17643aca..6556aff5a 100644 --- a/python/vyos/ifconfig/vxlan.py +++ b/python/vyos/ifconfig/vxlan.py @@ -78,22 +78,3 @@ class VXLANIf(Interface): self._cmd(cmd.format(**self.config)) self.set_admin_state('down') - - def update(self, config): - """ General helper function which works on a dictionary retrived by - get_config_dict(). It's main intention is to consolidate the scattered - interface setup code and provide a single point of entry when workin - on any interface. """ - - # call base class first - super().update(config) - - # Enable/Disable of an interface must always be done at the end of the - # derived class to make use of the ref-counting set_admin_state() - # function. We will only enable the interface if 'up' was called as - # often as 'down'. This is required by some interface implementations - # as certain parameters can only be changed when the interface is - # in admin-down state. This ensures the link does not flap during - # reconfiguration. - state = 'down' if 'disable' in config else 'up' - self.set_admin_state(state) diff --git a/python/vyos/ifconfig/wireguard.py b/python/vyos/ifconfig/wireguard.py index f377e2b1d..e5b9c4408 100644 --- a/python/vyos/ifconfig/wireguard.py +++ b/python/vyos/ifconfig/wireguard.py @@ -247,14 +247,3 @@ class WireGuardIf(Interface): # call base class super().update(config) - - # Enable/Disable of an interface must always be done at the end of the - # derived class to make use of the ref-counting set_admin_state() - # function. We will only enable the interface if 'up' was called as - # often as 'down'. This is required by some interface implementations - # as certain parameters can only be changed when the interface is - # in admin-down state. This ensures the link does not flap during - # reconfiguration. - state = 'down' if 'disable' in config else 'up' - self.set_admin_state(state) - diff --git a/python/vyos/ifconfig/wireless.py b/python/vyos/ifconfig/wireless.py index 6c0eeec44..748b6e02d 100644 --- a/python/vyos/ifconfig/wireless.py +++ b/python/vyos/ifconfig/wireless.py @@ -63,13 +63,3 @@ class WiFiIf(Interface): # re-add ourselves to any bridge we might have fallen out of if bridge_member: self.add_to_bridge(bridge_member) - - # Enable/Disable of an interface must always be done at the end of the - # derived class to make use of the ref-counting set_admin_state() - # function. We will only enable the interface if 'up' was called as - # often as 'down'. This is required by some interface implementations - # as certain parameters can only be changed when the interface is - # in admin-down state. This ensures the link does not flap during - # reconfiguration. - state = 'down' if 'disable' in config else 'up' - self.set_admin_state(state) diff --git a/smoketest/scripts/cli/base_interfaces_test.py b/smoketest/scripts/cli/base_interfaces_test.py index 0c6f43427..d038e9cb8 100644 --- a/smoketest/scripts/cli/base_interfaces_test.py +++ b/smoketest/scripts/cli/base_interfaces_test.py @@ -292,6 +292,42 @@ class BasicInterfaceTest: self.assertEqual(tmp, self._mtu) self.assertEqual(Interface(vif).get_admin_state(), 'up') + def test_vif_8021q_lower_up_down(self): + # Testcase for https://phabricator.vyos.net/T3349 + if not self._test_vlan: + self.skipTest('not supported') + + for interface in self._interfaces: + base = self._base_path + [interface] + for option in self._options.get(interface, []): + self.session.set(base + option.split()) + + # disable the lower interface + self.session.set(base + ['disable']) + + for vlan in self._vlan_range: + vlan_base = self._base_path + [interface, 'vif', vlan] + # disable the vlan interface + self.session.set(vlan_base + ['disable']) + + self.session.commit() + + # re-enable all lower interfaces + for interface in self._interfaces: + base = self._base_path + [interface] + self.session.delete(base + ['disable']) + + self.session.commit() + + # verify that the lower interfaces are admin up and the vlan + # interfaces are all admin down + for interface in self._interfaces: + self.assertEqual(Interface(interface).get_admin_state(), 'up') + + for vlan in self._vlan_range: + ifname = f'{interface}.{vlan}' + self.assertEqual(Interface(ifname).get_admin_state(), 'down') + def test_vif_s_8021ad_vlan_interfaces(self): # XXX: This testcase is not allowed to run as first testcase, reason |