summaryrefslogtreecommitdiff
path: root/src/conf_mode
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2020-12-06 13:44:56 +0100
committerChristian Poessinger <christian@poessinger.com>2020-12-06 13:44:56 +0100
commiteecec6b5caeaef14a03ddbb1d09f9c599273b998 (patch)
tree577090ffd8f2f495a49d02c36c91dbd853c7e514 /src/conf_mode
parentb83c988a1390efc6f7d881fa9cc06eddb825f827 (diff)
downloadvyos-1x-eecec6b5caeaef14a03ddbb1d09f9c599273b998.tar.gz
vyos-1x-eecec6b5caeaef14a03ddbb1d09f9c599273b998.zip
dhcp: T2562: add "listen-address" CLI node for better DHCP relay support
Running ISC DHCP server as backend server for multiple pools served to relay agents requires DHCPd to explicitly listen on give interfaces or a "transit" subnet declaration facing the network where we receive the DHCPREQ messages on. This implements a new "listen-address" CLI node, the given address is validated if it is assigned to the system and upon success, a proper "subnet { }" statement is added into dhcpd.conf
Diffstat (limited to 'src/conf_mode')
-rwxr-xr-xsrc/conf_mode/dhcp_server.py16
1 files changed, 13 insertions, 3 deletions
diff --git a/src/conf_mode/dhcp_server.py b/src/conf_mode/dhcp_server.py
index 9be586cdf..1ab2d8d16 100755
--- a/src/conf_mode/dhcp_server.py
+++ b/src/conf_mode/dhcp_server.py
@@ -26,6 +26,7 @@ from vyos.template import render
from vyos.util import call
from vyos.util import dict_search
from vyos.validate import is_subnet_connected
+from vyos.validate import is_addr_assigned
from vyos.xml import defaults
from vyos import ConfigError
from vyos import airbag
@@ -246,10 +247,19 @@ def verify(dhcp):
if net.overlaps(net2):
raise ConfigError('Conflicting subnet ranges: "{net}" overlaps "{net2}"!')
+ for address in (dict_search('listen_address', dhcp) or []):
+ if is_addr_assigned(address):
+ listen_ok = True
+ # no need to probe further networks, we have one that is valid
+ continue
+ else:
+ raise ConfigError(f'listen-address "{address}" not configured on any interface')
+
+
if not listen_ok:
- raise ConfigError('DHCP server configuration error! None of the configured\n' \
- 'subnets have an appropriate primary IP address on any\n'
- 'broadcast interface.')
+ raise ConfigError('None of the configured subnets have an appropriate primary IP address on any\n'
+ 'broadcast interface configured, nor was there an explicit listen-address\n'
+ 'configured for serving DHCP relay packets!')
return None