Merge pull request #747 from c-po/vxlan-tunnel-parameters

vyos.ifconfig: cleanup and tunnel refactoring
author: Christian Poessinger <christian@poessinger.com> 2021-02-28 00:54:59 +0100
committer: GitHub <noreply@github.com> 2021-02-28 00:54:59 +0100
commit: 9cf1651454895442d911e07120a2bfd9ae12a756 (patch)
tree: d5e05819a56869512a3c87d906e9f6d75d5c7e63 /interface-definitions
parent: 46af54fe7545913226585230dfffd7e722280d81 (diff)
parent: 5bcc549edeaeaa767d77a68b33751e834d467c34 (diff)
download: vyos-1x-9cf1651454895442d911e07120a2bfd9ae12a756.tar.gz
vyos-1x-9cf1651454895442d911e07120a2bfd9ae12a756.zip
10 files changed, 90 insertions, 75 deletions
diff --git a/interface-definitions/include/interface-parameters-flowlabel.xml.i b/interface-definitions/include/interface-parameters-flowlabel.xml.i
index ae65c27c9..0723c4b47 100644
--- a/interface-definitions/include/interface-parameters-flowlabel.xml.i
+++ b/interface-definitions/include/interface-parameters-flowlabel.xml.i
@@ -11,6 +11,5 @@
     </constraint>
     <constraintErrorMessage>Must be 'inherit' or a number</constraintErrorMessage>
   </properties>
-  <defaultValue>inherit</defaultValue>
 </leafNode>
 <!-- included end -->
diff --git a/interface-definitions/include/radius-server-ipv4-ipv6.xml.i b/interface-definitions/include/radius-server-ipv4-ipv6.xml.i
index ab3c6d72a..c57d39b6b 100644
--- a/interface-definitions/include/radius-server-ipv4-ipv6.xml.i
+++ b/interface-definitions/include/radius-server-ipv4-ipv6.xml.i
@@ -26,7 +26,27 @@
         #include <include/radius-server-port.xml.i>
       </children>
     </tagNode>
-    #include <include/source-address-ipv4-ipv6.xml.i>
+    <leafNode name="source-address">
+      <properties>
+        <help>Source IP address used to initiate connection</help>
+        <completionHelp>
+          <script>${vyos_completion_dir}/list_local_ips.sh --both</script>
+        </completionHelp>
+        <valueHelp>
+          <format>ipv4</format>
+          <description>IPv4 source address</description>
+        </valueHelp>
+        <valueHelp>
+          <format>ipv6</format>
+          <description>IPv6 source address</description>
+        </valueHelp>
+        <constraint>
+          <validator name="ipv4-address"/>
+          <validator name="ipv6-address"/>
+        </constraint>
+        <multi/>
+      </properties>
+    </leafNode>
   </children>
 </node>
 <!-- included end -->
diff --git a/interface-definitions/include/source-address-ipv4-ipv6.xml.i b/interface-definitions/include/source-address-ipv4-ipv6.xml.i
index 4da4698c2..004e04f7b 100644
--- a/interface-definitions/include/source-address-ipv4-ipv6.xml.i
+++ b/interface-definitions/include/source-address-ipv4-ipv6.xml.i
@@ -17,7 +17,6 @@
       <validator name="ipv4-address"/>
       <validator name="ipv6-address"/>
     </constraint>
-    <multi/>
   </properties>
 </leafNode>
 <!-- included end -->
diff --git a/interface-definitions/include/tunnel-local-remote-ip.xml.i b/interface-definitions/include/tunnel-local-remote-ip.xml.i
deleted file mode 100644
index 85c20f482..000000000
--- a/interface-definitions/include/tunnel-local-remote-ip.xml.i
+++ /dev/null
@@ -1,37 +0,0 @@
-<!-- included start from tunnel-local-remote-ip.xml.i -->
-<leafNode name="local-ip">
-  <properties>
-    <help>Local IP address for this tunnel</help>
-    <valueHelp>
-      <format>ipv4</format>
-      <description>Local IPv4 address for this tunnel</description>
-    </valueHelp>
-    <valueHelp>
-      <format>ipv6</format>
-      <description>Local IPv6 address for this tunnel</description>
-    </valueHelp>
-    <completionHelp>
-      <script>${vyos_completion_dir}/list_local_ips.sh --both</script>
-    </completionHelp>
-    <constraint>
-      <validator name="ip-address"/>
-    </constraint>
-  </properties>
-</leafNode>
-<leafNode name="remote-ip">
-  <properties>
-    <help>Remote IP address for this tunnel</help>
-    <valueHelp>
-      <format>ipv4</format>
-      <description>Remote IPv4 address for this tunnel</description>
-    </valueHelp>
-    <valueHelp>
-      <format>ipv6</format>
-      <description>Remote IPv6 address for this tunnel</description>
-    </valueHelp>
-    <constraint>
-      <!-- does it need fixing/changing to be more restrictive ? -->
-      <validator name="ip-address"/>
-    </constraint>
-  </properties>
-</leafNode>
diff --git a/interface-definitions/include/tunnel-remote.xml.i b/interface-definitions/include/tunnel-remote.xml.i
new file mode 100644
index 000000000..d5b50d3f6
--- /dev/null
+++ b/interface-definitions/include/tunnel-remote.xml.i
@@ -0,0 +1,18 @@
+<!-- included start from tunnel-remote.xml.i -->
+<leafNode name="remote">
+  <properties>
+    <help>Tunnel remote address</help>
+    <valueHelp>
+      <format>ipv4</format>
+      <description>Tunnel remote IPv4 address</description>
+    </valueHelp>
+    <valueHelp>
+      <format>ipv6</format>
+      <description>Tunnel remote IPv6 address</description>
+    </valueHelp>
+    <constraint>
+      <validator name="ip-address"/>
+    </constraint>
+  </properties>
+</leafNode>
+<!-- included end -->
diff --git a/interface-definitions/interfaces-erspan.xml.in b/interface-definitions/interfaces-erspan.xml.in
index e36a64d3a..2394d3534 100644
--- a/interface-definitions/interfaces-erspan.xml.in
+++ b/interface-definitions/interfaces-erspan.xml.in
@@ -20,7 +20,8 @@
           #include <include/interface-disable.xml.i>
           #include <include/interface-disable-link-detect.xml.i>
           #include <include/interface-mtu-64-8024.xml.i>
-          #include <include/tunnel-local-remote-ip.xml.i>
+          #include <include/source-address-ipv4-ipv6.xml.i>
+          #include <include/tunnel-remote.xml.i>
           <leafNode name="encapsulation">
             <properties>
               <help>Encapsulation of this tunnel interface</help>
diff --git a/interface-definitions/interfaces-geneve.xml.in b/interface-definitions/interfaces-geneve.xml.in
index 1064b2c18..5894f580c 100644
--- a/interface-definitions/interfaces-geneve.xml.in
+++ b/interface-definitions/interfaces-geneve.xml.in
@@ -23,18 +23,7 @@
           #include <include/interface-ipv6-options.xml.i>
           #include <include/interface-mac.xml.i>
           #include <include/interface-mtu-1450-16000.xml.i>
-          <leafNode name="remote">
-            <properties>
-              <help>Remote address of GENEVE tunnel</help>
-              <valueHelp>
-                <format>ipv4</format>
-                <description>Remote address of GENEVE tunnel</description>
-              </valueHelp>
-              <constraint>
-                <validator name="ipv4-address"/>
-              </constraint>
-            </properties>
-          </leafNode>
+          #include <include/tunnel-remote.xml.i>
           #include <include/vni.xml.i>
         </children>
       </tagNode>
diff --git a/interface-definitions/interfaces-macsec.xml.in b/interface-definitions/interfaces-macsec.xml.in
index 94d78c6dd..3f2e5bb69 100644
--- a/interface-definitions/interfaces-macsec.xml.in
+++ b/interface-definitions/interfaces-macsec.xml.in
@@ -28,14 +28,18 @@
                 <properties>
                   <help>Cipher suite used</help>
                   <completionHelp>
-                    <list>gcm-aes-128</list>
+                    <list>gcm-aes-128 gcm-aes-256</list>
                   </completionHelp>
                   <valueHelp>
                     <format>gcm-aes-128</format>
                     <description>Galois/Counter Mode of AES cipher with 128-bit key (default)</description>
                   </valueHelp>
+                  <valueHelp>
+                    <format>gcm-aes-256</format>
+                    <description>Galois/Counter Mode of AES cipher with 256-bit key</description>
+                  </valueHelp>
                   <constraint>
-                    <regex>(gcm-aes-128)</regex>
+                    <regex>^(gcm-aes-128|gcm-aes-256)$</regex>
                   </constraint>
                 </properties>
               </leafNode>
diff --git a/interface-definitions/interfaces-tunnel.xml.in b/interface-definitions/interfaces-tunnel.xml.in
index 7a97980a2..c2d03c5ea 100644
--- a/interface-definitions/interfaces-tunnel.xml.in
+++ b/interface-definitions/interfaces-tunnel.xml.in
@@ -27,7 +27,8 @@
           </leafNode>
           #include <include/interface-ipv4-options.xml.i>
           #include <include/interface-ipv6-options.xml.i>
-          #include <include/tunnel-local-remote-ip.xml.i>
+          #include <include/source-address-ipv4-ipv6.xml.i>
+          #include <include/tunnel-remote.xml.i>
           <leafNode name="source-interface">
             <properties>
               <help>Physical Interface used for underlaying traffic</help>
@@ -79,15 +80,15 @@
             <properties>
               <help>Encapsulation of this tunnel interface</help>
               <completionHelp>
-                <list>gre gre-bridge ip6gre ip6ip6 ipip ipip6 sit</list>
+                <list>gre gretap ip6gre ip6ip6 ipip ipip6 sit</list>
               </completionHelp>
               <valueHelp>
                 <format>gre</format>
                 <description>Generic Routing Encapsulation</description>
               </valueHelp>
               <valueHelp>
-                <format>gre-bridge</format>
-                <description>Generic Routing Encapsulation bridge interface</description>
+                <format>gretap</format>
+                <description>Generic Routing Encapsulation (virtual L2 tunnel)</description>
               </valueHelp>
               <valueHelp>
                 <format>ip6gre</format>
@@ -110,9 +111,9 @@
                 <description>Simple Internet Transition encapsulation</description>
               </valueHelp>
               <constraint>
-                <regex>^(gre|gre-bridge|ip6gre|ip6ip6|ipip|ipip6|sit)$</regex>
+                <regex>^(gre|gretap|ip6gre|ip6ip6|ipip|ipip6|sit)$</regex>
               </constraint>
-              <constraintErrorMessage>Invalid encapsulation, must be one of: gre, gre-bridge, ipip, sit, ipip6, ip6ip6, ip6gre</constraintErrorMessage>
+              <constraintErrorMessage>Invalid encapsulation, must be one of: gre, gretap, ipip, sit, ipip6, ip6ip6, ip6gre</constraintErrorMessage>
             </properties>
           </leafNode>
           <leafNode name="multicast">
diff --git a/interface-definitions/interfaces-vxlan.xml.in b/interface-definitions/interfaces-vxlan.xml.in
index 234770971..efe6218e1 100644
--- a/interface-definitions/interfaces-vxlan.xml.in
+++ b/interface-definitions/interfaces-vxlan.xml.in
@@ -44,22 +44,43 @@
           <leafNode name="mtu">
             <defaultValue>1450</defaultValue>
           </leafNode>
-          <leafNode name="remote">
+          #include <include/tunnel-remote.xml.i>
+          <node name="parameters">
             <properties>
-              <help>Remote address of VXLAN tunnel</help>
-              <valueHelp>
-                <format>ipv4</format>
-                <description>Remote IPv4 address of VXLAN tunnel</description>
-              </valueHelp>
-              <valueHelp>
-                <format>ipv6</format>
-                <description>Remote IPv6 address of VXLAN tunnel</description>
-              </valueHelp>
-              <constraint>
-                <validator name="ip-address"/>
-              </constraint>
+              <help>VXLAN tunnel parameters</help>
             </properties>
-          </leafNode>
+            <children>
+              <node name="ip">
+                <properties>
+                  <help>IPv4 specific tunnel parameters</help>
+                </properties>
+                <children>
+                  <leafNode name="df">
+                    <properties>
+                      <help>Specifies the usage of the do not fragment (DF) bit</help>
+                      <valueless/>
+                    </properties>
+                  </leafNode>
+                  #include <include/interface-parameters-tos.xml.i>
+                  #include <include/interface-parameters-ttl.xml.i>
+                </children>
+              </node>
+              <node name="ipv6">
+                <properties>
+                  <help>IPv6 specific tunnel parameters</help>
+                </properties>
+                <children>
+                  #include <include/interface-parameters-flowlabel.xml.i>
+                </children>
+              </node>
+              <leafNode name="nolearning">
+                <properties>
+                  <help>Do not add unknown addresses into forwarding database</help>
+                  <valueless/>
+                </properties>
+              </leafNode>
+            </children>
+          </node>
           <leafNode name="port">
             <properties>
               <help>Destination port of VXLAN tunnel (default: 8472)</help>
author	Christian Poessinger <christian@poessinger.com>	2021-02-28 00:54:59 +0100
committer	GitHub <noreply@github.com>	2021-02-28 00:54:59 +0100
commit	9cf1651454895442d911e07120a2bfd9ae12a756 (patch)
tree	d5e05819a56869512a3c87d906e9f6d75d5c7e63 /interface-definitions
parent	46af54fe7545913226585230dfffd7e722280d81 (diff)
parent	5bcc549edeaeaa767d77a68b33751e834d467c34 (diff)
download	vyos-1x-9cf1651454895442d911e07120a2bfd9ae12a756.tar.gz vyos-1x-9cf1651454895442d911e07120a2bfd9ae12a756.zip