vti: ipsec: T2816: interfaces must be created using the vyos.ifconfig library

1 files changed, 32 insertions, 0 deletions

diff --git a/python/vyos/ifconfig/vti.py b/python/vyos/ifconfig/vti.py
index e2090c889..9eafcd11b 100644
--- a/python/vyos/ifconfig/vti.py
+++ b/python/vyos/ifconfig/vti.py
@@ -14,6 +14,7 @@
 # License along with this library.  If not, see <http://www.gnu.org/licenses/>.
 
 from vyos.ifconfig.interface import Interface
+from vyos.util import dict_search
 
 @Interface.register
 class VTIIf(Interface):
@@ -25,3 +26,34 @@ class VTIIf(Interface):
             'prefixes': ['vti', ],
         },
     }
+
+    def _create(self):
+        # This table represents a mapping from VyOS internal config dict to
+        # arguments used by iproute2. For more information please refer to:
+        # - https://man7.org/linux/man-pages/man8/ip-link.8.html
+        # - https://man7.org/linux/man-pages/man8/ip-tunnel.8.html
+        mapping = {
+            'source_address'                  : 'local',
+            'source_interface'                : 'dev',
+            'remote'                          : 'remote',
+            'key'                             : 'key',
+        }
+
+        cmd = 'ip link add {ifname} type vti'
+        for vyos_key, iproute2_key in mapping.items():
+            # dict_search will return an empty dict "{}" for valueless nodes like
+            # "parameters.nolearning" - thus we need to test the nodes existence
+            # by using isinstance()
+            tmp = dict_search(vyos_key, self.config)
+            if isinstance(tmp, dict):
+                cmd += f' {iproute2_key}'
+            elif tmp != None:
+                cmd += f' {iproute2_key} {tmp}'
+
+        self._cmd(cmd.format(**self.config))
+        self.set_interface('admin_state', 'down')
+
+    def set_admin_state(self, state):
+        # function is not implemented for VTI interfaces as this is entirely
+        # handled by the ipsec up/down scripts
+        pass