summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2020-03-25 19:32:34 +0100
committerChristian Poessinger <christian@poessinger.com>2020-03-28 11:28:55 +0100
commit7f9ce3017ff4bc99c66e4d5ddfd6a9904ca8542c (patch)
treeec72438e73d56a585d93535c338300f6caba76a5 /src
parentd1df92fa0668e351256175cbaa70b19707c0f53c (diff)
downloadvyos-1x-7f9ce3017ff4bc99c66e4d5ddfd6a9904ca8542c.tar.gz
vyos-1x-7f9ce3017ff4bc99c66e4d5ddfd6a9904ca8542c.zip
ipv6: T1831: migrate forwarding and dup-addr-detect-transmits nodes
... to new XML and Python based frontend/backend.
Diffstat (limited to 'src')
-rwxr-xr-xsrc/conf_mode/interfaces-bonding.py14
-rwxr-xr-xsrc/conf_mode/interfaces-bridge.py14
-rwxr-xr-xsrc/conf_mode/interfaces-ethernet.py14
-rwxr-xr-xsrc/conf_mode/interfaces-l2tpv3.py14
-rwxr-xr-xsrc/conf_mode/interfaces-openvpn.py19
-rwxr-xr-xsrc/conf_mode/interfaces-pseudo-ethernet.py14
-rwxr-xr-xsrc/conf_mode/interfaces-vxlan.py14
-rwxr-xr-xsrc/conf_mode/interfaces-wireless.py14
8 files changed, 116 insertions, 1 deletions
diff --git a/src/conf_mode/interfaces-bonding.py b/src/conf_mode/interfaces-bonding.py
index 9b6401ab6..9349241bd 100755
--- a/src/conf_mode/interfaces-bonding.py
+++ b/src/conf_mode/interfaces-bonding.py
@@ -48,6 +48,8 @@ default_config_data = {
'ip_enable_arp_ignore': 0,
'ip_proxy_arp': 0,
'ip_proxy_arp_pvlan': 0,
+ 'ipv6_forwarding': True,
+ 'ipv6_dup_addr_detect': '1',
'intf': '',
'mac': '',
'mode': '802.3ad',
@@ -189,6 +191,14 @@ def get_config():
if conf.exists('ip proxy-arp-pvlan'):
bond['ip_proxy_arp_pvlan'] = 1
+ # Disable IPv6 forwarding on this interface
+ if conf.exists('ipv6 disable-forwarding'):
+ bond['ipv6_forwarding'] = False
+
+ # IPv6 Duplicate Address Detection (DAD) tries
+ if conf.exists('ipv6 dup-addr-detect-transmits'):
+ bond['ipv6_dup_addr_detect'] = conf.return_value('dup-addr-detect-transmits')
+
# Media Access Control (MAC) address
if conf.exists('mac'):
bond['mac'] = conf.return_value('mac')
@@ -416,6 +426,10 @@ def apply(bond):
b.set_proxy_arp(bond['ip_proxy_arp'])
# Enable private VLAN proxy ARP on this interface
b.set_proxy_arp_pvlan(bond['ip_proxy_arp_pvlan'])
+ # Disable IPv6 forwarding on this interface
+ b.set_ipv6_forwarding(bond['ipv6_forwarding'])
+ # IPv6 Duplicate Address Detection (DAD) tries
+ b.set_ipv6_dad_messages(bond['ipv6_dup_addr_detect'])
# Change interface MAC address
if bond['mac']:
diff --git a/src/conf_mode/interfaces-bridge.py b/src/conf_mode/interfaces-bridge.py
index f53175452..79b5e85e7 100755
--- a/src/conf_mode/interfaces-bridge.py
+++ b/src/conf_mode/interfaces-bridge.py
@@ -46,6 +46,8 @@ default_config_data = {
'ip_enable_arp_accept': 0,
'ip_enable_arp_announce': 0,
'ip_enable_arp_ignore': 0,
+ 'ipv6_forwarding': True,
+ 'ipv6_dup_addr_detect': '1',
'igmp_querier': 0,
'intf': '',
'mac' : '',
@@ -152,6 +154,14 @@ def get_config():
if conf.exists('ip enable-arp-ignore'):
bridge['ip_enable_arp_ignore'] = 1
+ # Disable IPv6 forwarding on this interface
+ if conf.exists('ipv6 disable-forwarding'):
+ bridge['ipv6_forwarding'] = False
+
+ # IPv6 Duplicate Address Detection (DAD) tries
+ if conf.exists('ipv6 dup-addr-detect-transmits'):
+ bridge['ipv6_dup_addr_detect'] = conf.return_value('dup-addr-detect-transmits')
+
# Media Access Control (MAC) address
if conf.exists('mac'):
bridge['mac'] = conf.return_value('mac')
@@ -258,6 +268,10 @@ def apply(bridge):
br.set_arp_announce(bridge['ip_enable_arp_announce'])
# configure ARP ignore
br.set_arp_ignore(bridge['ip_enable_arp_ignore'])
+ # Disable IPv6 forwarding on this interface
+ br.set_ipv6_forwarding(bridge['ipv6_forwarding'])
+ # IPv6 Duplicate Address Detection (DAD) tries
+ br.set_ipv6_dad_messages(bridge['ipv6_dup_addr_detect'])
# set max message age
br.set_max_age(bridge['max_age'])
# set bridge priority
diff --git a/src/conf_mode/interfaces-ethernet.py b/src/conf_mode/interfaces-ethernet.py
index f7d1093e2..84e7d1c44 100755
--- a/src/conf_mode/interfaces-ethernet.py
+++ b/src/conf_mode/interfaces-ethernet.py
@@ -48,6 +48,8 @@ default_config_data = {
'ip_enable_arp_ignore': 0,
'ip_proxy_arp': 0,
'ip_proxy_arp_pvlan': 0,
+ 'ipv6_forwarding': True,
+ 'ipv6_dup_addr_detect': '1',
'intf': '',
'mac': '',
'mtu': 1500,
@@ -167,6 +169,14 @@ def get_config():
if conf.exists('ip proxy-arp-pvlan'):
eth['ip_proxy_arp_pvlan'] = 1
+ # Disable IPv6 forwarding on this interface
+ if conf.exists('ipv6 disable-forwarding'):
+ eth['ipv6_forwarding'] = False
+
+ # IPv6 Duplicate Address Detection (DAD) tries
+ if conf.exists('ipv6 dup-addr-detect-transmits'):
+ eth['ipv6_dup_addr_detect'] = conf.return_value('dup-addr-detect-transmits')
+
# Media Access Control (MAC) address
if conf.exists('mac'):
eth['mac'] = conf.return_value('mac')
@@ -326,6 +336,10 @@ def apply(eth):
e.set_proxy_arp(eth['ip_proxy_arp'])
# Enable private VLAN proxy ARP on this interface
e.set_proxy_arp_pvlan(eth['ip_proxy_arp_pvlan'])
+ # Disable IPv6 forwarding on this interface
+ e.set_ipv6_forwarding(eth['ipv6_forwarding'])
+ # IPv6 Duplicate Address Detection (DAD) tries
+ e.set_ipv6_dad_messages(eth['ipv6_dup_addr_detect'])
# Change interface MAC address - re-set to real hardware address (hw-id)
# if custom mac is removed
diff --git a/src/conf_mode/interfaces-l2tpv3.py b/src/conf_mode/interfaces-l2tpv3.py
index 468a893c5..5334472d3 100755
--- a/src/conf_mode/interfaces-l2tpv3.py
+++ b/src/conf_mode/interfaces-l2tpv3.py
@@ -33,6 +33,8 @@ default_config_data = {
'local_address': '',
'local_port': 5000,
'intf': '',
+ 'ipv6_forwarding': True,
+ 'ipv6_dup_addr_detect': '1',
'mtu': 1488,
'peer_session_id': '',
'peer_tunnel_id': '',
@@ -101,6 +103,14 @@ def get_config():
if conf.exists('local-ip'):
l2tpv3['local_address'] = conf.return_value('local-ip')
+ # Disable IPv6 forwarding on this interface
+ if conf.exists('ipv6 disable-forwarding'):
+ l2tpv3['ipv6_forwarding'] = False
+
+ # IPv6 Duplicate Address Detection (DAD) tries
+ if conf.exists('ipv6 dup-addr-detect-transmits'):
+ l2tpv3['ipv6_dup_addr_detect'] = conf.return_value('dup-addr-detect-transmits')
+
# Maximum Transmission Unit (MTU)
if conf.exists('mtu'):
l2tpv3['mtu'] = int(conf.return_value('mtu'))
@@ -193,6 +203,10 @@ def apply(l2tpv3):
l.set_alias(l2tpv3['description'])
# Maximum Transfer Unit (MTU)
l.set_mtu(l2tpv3['mtu'])
+ # Disable IPv6 forwarding on this interface
+ l.set_ipv6_forwarding(l2tpv3['ipv6_forwarding'])
+ # IPv6 Duplicate Address Detection (DAD) tries
+ l.set_ipv6_dad_messages(l2tpv3['ipv6_dup_addr_detect'])
# Configure interface address(es) - no need to implicitly delete the
# old addresses as they have already been removed by deleting the
diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py
index d5121ab75..84de67e46 100755
--- a/src/conf_mode/interfaces-openvpn.py
+++ b/src/conf_mode/interfaces-openvpn.py
@@ -294,6 +294,8 @@ default_config_data = {
'encryption': '',
'hash': '',
'intf': '',
+ 'ipv6_forwarding': True,
+ 'ipv6_dup_addr_detect': '1',
'ping_restart': '60',
'ping_interval': '10',
'local_address': '',
@@ -490,6 +492,14 @@ def get_config():
if conf.exists('local-port'):
openvpn['local_port'] = conf.return_value('local-port')
+ # Disable IPv6 forwarding on this interface
+ if conf.exists('ipv6 disable-forwarding'):
+ openvpn['ipv6_forwarding'] = False
+
+ # IPv6 Duplicate Address Detection (DAD) tries
+ if conf.exists('ipv6 dup-addr-detect-transmits'):
+ openvpn['ipv6_dup_addr_detect'] = conf.return_value('dup-addr-detect-transmits')
+
# OpenVPN operation mode
if conf.exists('mode'):
mode = conf.return_value('mode')
@@ -1036,7 +1046,14 @@ def apply(openvpn):
try:
# we need to catch the exception if the interface is not up due to
# reason stated above
- VTunIf(openvpn['intf']).set_alias(openvpn['description'])
+ o = VTunIf(openvpn['intf'])
+ # update interface description used e.g. within SNMP
+ o.set_alias(openvpn['description'])
+ # Disable IPv6 forwarding on this interface
+ o.set_ipv6_forwarding(openvpn['ipv6_forwarding'])
+ # IPv6 Duplicate Address Detection (DAD) tries
+ o.set_ipv6_dad_messages(openvpn['ipv6_dup_addr_detect'])
+
except:
pass
diff --git a/src/conf_mode/interfaces-pseudo-ethernet.py b/src/conf_mode/interfaces-pseudo-ethernet.py
index 55b80b959..19c8bbedc 100755
--- a/src/conf_mode/interfaces-pseudo-ethernet.py
+++ b/src/conf_mode/interfaces-pseudo-ethernet.py
@@ -45,6 +45,8 @@ default_config_data = {
'ip_enable_arp_ignore': 0,
'ip_proxy_arp': 0,
'ip_proxy_arp_pvlan': 0,
+ 'ipv6_forwarding': True,
+ 'ipv6_dup_addr_detect': '1',
'intf': '',
'link': '',
'link_changed': False,
@@ -145,6 +147,14 @@ def get_config():
if conf.exists(['ip', 'proxy-arp-pvlan']):
peth['ip_proxy_arp_pvlan'] = 1
+ # Disable IPv6 forwarding on this interface
+ if conf.exists('ipv6 disable-forwarding'):
+ peth['ipv6_forwarding'] = False
+
+ # IPv6 Duplicate Address Detection (DAD) tries
+ if conf.exists('ipv6 dup-addr-detect-transmits'):
+ peth['ipv6_dup_addr_detect'] = conf.return_value('dup-addr-detect-transmits')
+
# Lower link device
if conf.exists(['link']):
peth['link'] = conf.return_value(['link'])
@@ -296,6 +306,10 @@ def apply(peth):
p.set_proxy_arp(peth['ip_proxy_arp'])
# Enable private VLAN proxy ARP on this interface
p.set_proxy_arp_pvlan(peth['ip_proxy_arp_pvlan'])
+ # Disable IPv6 forwarding on this interface
+ p.set_ipv6_forwarding(peth['ipv6_forwarding'])
+ # IPv6 Duplicate Address Detection (DAD) tries
+ p.set_ipv6_dad_messages(peth['ipv6_dup_addr_detect'])
# assign/remove VRF
p.set_vrf(peth['vrf'])
diff --git a/src/conf_mode/interfaces-vxlan.py b/src/conf_mode/interfaces-vxlan.py
index f45493587..48271ff65 100755
--- a/src/conf_mode/interfaces-vxlan.py
+++ b/src/conf_mode/interfaces-vxlan.py
@@ -37,6 +37,8 @@ default_config_data = {
'ip_enable_arp_announce': 0,
'ip_enable_arp_ignore': 0,
'ip_proxy_arp': 0,
+ 'ipv6_forwarding': True,
+ 'ipv6_dup_addr_detect': '1',
'link': '',
'mtu': 1450,
'remote': '',
@@ -103,6 +105,14 @@ def get_config():
if conf.exists('ip enable-proxy-arp'):
vxlan['ip_proxy_arp'] = 1
+ # Disable IPv6 forwarding on this interface
+ if conf.exists('ipv6 disable-forwarding'):
+ vxlan['ipv6_forwarding'] = False
+
+ # IPv6 Duplicate Address Detection (DAD) tries
+ if conf.exists('ipv6 dup-addr-detect-transmits'):
+ vxlan['ipv6_dup_addr_detect'] = conf.return_value('dup-addr-detect-transmits')
+
# VXLAN underlay interface
if conf.exists('link'):
vxlan['link'] = conf.return_value('link')
@@ -201,6 +211,10 @@ def apply(vxlan):
v.set_arp_ignore(vxlan['ip_enable_arp_ignore'])
# Enable proxy-arp on this interface
v.set_proxy_arp(vxlan['ip_proxy_arp'])
+ # Disable IPv6 forwarding on this interface
+ v.set_ipv6_forwarding(vxlan['ipv6_forwarding'])
+ # IPv6 Duplicate Address Detection (DAD) tries
+ v.set_ipv6_dad_messages(vxlan['ipv6_dup_addr_detect'])
# Configure interface address(es) - no need to implicitly delete the
# old addresses as they have already been removed by deleting the
diff --git a/src/conf_mode/interfaces-wireless.py b/src/conf_mode/interfaces-wireless.py
index 1e99ae12a..29257141d 100755
--- a/src/conf_mode/interfaces-wireless.py
+++ b/src/conf_mode/interfaces-wireless.py
@@ -827,6 +827,8 @@ default_config_data = {
'ip_enable_arp_accept': 0,
'ip_enable_arp_announce': 0,
'ip_enable_arp_ignore': 0,
+ 'ipv6_forwarding': True,
+ 'ipv6_dup_addr_detect': '1',
'mac' : '',
'max_stations' : '',
'mgmt_frame_protection' : 'disabled',
@@ -1140,6 +1142,14 @@ def get_config():
if conf.exists('ip enable-arp-ignore'):
wifi['ip_enable_arp_ignore'] = 1
+ # Disable IPv6 forwarding on this interface
+ if conf.exists('ipv6 disable-forwarding'):
+ wifi['ipv6_forwarding'] = False
+
+ # IPv6 Duplicate Address Detection (DAD) tries
+ if conf.exists('ipv6 dup-addr-detect-transmits'):
+ wifi['ipv6_dup_addr_detect'] = conf.return_value('dup-addr-detect-transmits')
+
# Wireless physical device
if conf.exists('physical-device'):
wifi['phy'] = conf.return_value('physical-device')
@@ -1487,6 +1497,10 @@ def apply(wifi):
w.set_arp_announce(wifi['ip_enable_arp_announce'])
# configure ARP ignore
w.set_arp_ignore(wifi['ip_enable_arp_ignore'])
+ # Disable IPv6 forwarding on this interface
+ w.set_ipv6_forwarding(bond['ipv6_forwarding'])
+ # IPv6 Duplicate Address Detection (DAD) tries
+ w.set_ipv6_dad_messages(bond['ipv6_dup_addr_detect'])
# Configure interface address(es)
# - not longer required addresses get removed first