diff options
author | sarthurdev <965089+sarthurdev@users.noreply.github.com> | 2024-01-24 00:14:52 +0100 |
---|---|---|
committer | sarthurdev <965089+sarthurdev@users.noreply.github.com> | 2024-01-24 22:17:25 +0100 |
commit | 7253c8a3d4649e2c253a4d26c8123a65aedd46e7 (patch) | |
tree | d9f4eaaf3d77543f49929bb1659948c78b496529 /src/conf_mode | |
parent | 8e2112261c68189c2c78455c3e1f32d7f5447ab9 (diff) | |
download | vyos-1x-7253c8a3d4649e2c253a4d26c8123a65aedd46e7.tar.gz vyos-1x-7253c8a3d4649e2c253a4d26c8123a65aedd46e7.zip |
dhcpv6: T3316: Add support for excluded-prefix in prefix delegation
Diffstat (limited to 'src/conf_mode')
-rwxr-xr-x | src/conf_mode/service_dhcpv6-server.py | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/src/conf_mode/service_dhcpv6-server.py b/src/conf_mode/service_dhcpv6-server.py index 214531904..add83eb0d 100755 --- a/src/conf_mode/service_dhcpv6-server.py +++ b/src/conf_mode/service_dhcpv6-server.py @@ -144,6 +144,23 @@ def verify(dhcpv6): if prefix_config['prefix_length'] > prefix_config['delegated_length']: raise ConfigError('Length of delegated IPv6 prefix must be within parent prefix') + if 'excluded_prefix' in prefix_config: + if 'excluded_prefix_length' not in prefix_config: + raise ConfigError('Length of excluded IPv6 prefix must be configured') + + prefix_len = prefix_config['prefix_length'] + prefix_obj = ip_network(f'{prefix}/{prefix_len}') + + excluded_prefix = prefix_config['excluded_prefix'] + excluded_len = prefix_config['excluded_prefix_length'] + excluded_obj = ip_network(f'{excluded_prefix}/{excluded_len}') + + if excluded_len <= prefix_config['delegated_length']: + raise ConfigError('Excluded IPv6 prefix must be smaller than delegated prefix') + + if not excluded_obj.subnet_of(prefix_obj): + raise ConfigError(f'Excluded prefix "{excluded_prefix}" does not exist in the prefix') + # Static mappings don't require anything (but check if IP is in subnet if it's set) if 'static_mapping' in subnet_config: for mapping, mapping_config in subnet_config['static_mapping'].items(): |