diff options
31 files changed, 1330 insertions, 856 deletions
@@ -40,16 +40,12 @@ interface_definitions: $(config_xml_obj) # XXX: delete top level node.def's that now live in other packages rm -f $(TMPL_DIR)/firewall/node.def rm -f $(TMPL_DIR)/interfaces/node.def - rm -f $(TMPL_DIR)/protocols/node.def - rm -f $(TMPL_DIR)/protocols/static/node.def rm -f $(TMPL_DIR)/policy/node.def rm -f $(TMPL_DIR)/system/node.def rm -f $(TMPL_DIR)/vpn/node.def rm -f $(TMPL_DIR)/vpn/ipsec/node.def rm -rf $(TMPL_DIR)/vpn/nipsec - rm -rf $(TMPL_DIR)/protocols/nvrf rm -rf $(TMPL_DIR)/protocols/nripng - rm -rf $(TMPL_DIR)/protocols/nstatic # XXX: required until OSPF and RIP is migrated from vyatta-cfg-quagga to vyos-1x mkdir $(TMPL_DIR)/interfaces/loopback/node.tag/ipv6 diff --git a/data/configd-include.json b/data/configd-include.json index 3da80603f..495000961 100644 --- a/data/configd-include.json +++ b/data/configd-include.json @@ -40,7 +40,9 @@ "protocols_ospfv3.py", "protocols_pim.py", "protocols_rip.py", +"protocols_static.py", "protocols_static_multicast.py", +"protocols_vrf.py", "salt-minion.py", "service_console-server.py", "service_ids_fastnetmon.py", diff --git a/data/templates/frr/static.frr.tmpl b/data/templates/frr/static.frr.tmpl new file mode 100644 index 000000000..bb0ec80a5 --- /dev/null +++ b/data/templates/frr/static.frr.tmpl @@ -0,0 +1,38 @@ +{% from 'frr/static_routes_macro.j2' import static_routes %} +! +{# IPv4 routing #} +{% if route is defined and route is not none %} +{% for prefix, prefix_config in route.items() %} +{{ static_routes('ip', prefix, prefix_config) }} +{%- endfor -%} +{% endif %} +! +{# IPv6 routing #} +{% if route6 is defined and route6 is not none %} +{% for prefix, prefix_config in route6.items() %} +{{ static_routes('ipv6', prefix, prefix_config) }} +{%- endfor -%} +{% endif %} +! +{# Policy route tables #} +{% if table is defined and table is not none %} +{% for table_id, table_config in table.items() %} +{% if table_config.route is defined and table_config.route is not none %} +{% for prefix, prefix_config in table_config.route.items() %} +{{ static_routes('ip', prefix, prefix_config, table_id) }} +{%- endfor -%} +{% endif %} +! +{% if table_config.route6 is defined and table_config.route6 is not none %} +{% for prefix, prefix_config in table_config.route6.items() %} +{{ static_routes('ipv6', prefix, prefix_config, table_id) }} +{%- endfor -%} +{% endif %} +! +{% endfor %} +{% endif %} +! +{% if route_map is defined and route_map is not none %} +ip protocol static route-map {{ route_map }} +! +{% endif %} diff --git a/data/templates/frr/static_routes_macro.j2 b/data/templates/frr/static_routes_macro.j2 new file mode 100644 index 000000000..aadb2805e --- /dev/null +++ b/data/templates/frr/static_routes_macro.j2 @@ -0,0 +1,15 @@ +{% macro static_routes(ip_ipv6, prefix, prefix_config, table=None) %}
+{% if prefix_config.blackhole is defined %}
+{{ ip_ipv6 }} route {{ prefix }} blackhole {{ prefix_config.blackhole.distance if prefix_config.blackhole.distance is defined }} {{ 'tag ' + prefix_config.blackhole.tag if prefix_config.blackhole.tag is defined }} {{ 'table ' + table if table is defined and table is not none }}
+{% endif %}
+{% if prefix_config.interface is defined and prefix_config.interface is not none %}
+{% for interface, interface_config in prefix_config.interface.items() if interface_config.disable is not defined %}
+{{ ip_ipv6 }} route {{ prefix }} {{ interface }} {{ interface_config.distance if interface_config.distance is defined }} {{ 'nexthop-vrf ' + interface_config.vrf if interface_config.vrf is defined }} {{ 'table ' + table if table is defined and table is not none }}
+{% endfor %}
+{% endif %}
+{% if prefix_config.next_hop is defined and prefix_config.next_hop is not none %}
+{% for next_hop, next_hop_config in prefix_config.next_hop.items() if next_hop_config.disable is not defined %}
+{{ ip_ipv6 }} route {{ prefix }} {{ next_hop }} {{ next_hop_config.interface if next_hop_config.interface is defined }} {{ next_hop_config.distance if next_hop_config.distance is defined }} {{ 'nexthop-vrf ' + next_hop_config.vrf if next_hop_config.vrf is defined }} {{ 'table ' + table if table is defined and table is not none }}
+{% endfor %}
+{% endif %}
+{% endmacro %}
diff --git a/data/templates/frr/vrf.frr.tmpl b/data/templates/frr/vrf.frr.tmpl new file mode 100644 index 000000000..0c8726908 --- /dev/null +++ b/data/templates/frr/vrf.frr.tmpl @@ -0,0 +1,22 @@ +{% from 'frr/static_routes_macro.j2' import static_routes %} +! +{% if vrf is defined and vrf is not none %} +{% for vrf_name, vrf_config in vrf.items() %} +vrf {{ vrf_name }} +{% if vrf_config.static is defined and vrf_config.static is not none %} +{# IPv4 routes #} +{% if vrf_config.static.route is defined and vrf_config.static.route is not none %} +{% for prefix, prefix_config in vrf_config.static.route.items() %} + {{ static_routes('ip', prefix, prefix_config) }} +{%- endfor -%} +{% endif %} +{# IPv6 routes #} +{% if vrf_config.static.route6 is defined and vrf_config.static.route6 is not none %} +{% for prefix, prefix_config in vrf_config.static.route6.items() %} + {{ static_routes('ipv6', prefix, prefix_config) }} +{%- endfor -%} +{% endif %} +{% endif %} +{% endfor %} +{% endif %} +! diff --git a/interface-definitions/include/accel-radius-additions-disable-accounting.xlm.in b/interface-definitions/include/accel-radius-additions-disable-accounting.xlm.in index 026f67453..0b5797483 100644 --- a/interface-definitions/include/accel-radius-additions-disable-accounting.xlm.in +++ b/interface-definitions/include/accel-radius-additions-disable-accounting.xlm.in @@ -1,7 +1,8 @@ +<!-- included start from accel-radius-additions-disable-accounting.xlm.in --> <leafNode name="disable-accounting"> <properties> <help>Disable accounting</help> <valueless/> </properties> </leafNode> - +<!-- included end --> diff --git a/interface-definitions/include/bgp-update-source.xml.i b/interface-definitions/include/bgp-update-source.xml.i index c1db2e2c1..a8b212720 100644 --- a/interface-definitions/include/bgp-update-source.xml.i +++ b/interface-definitions/include/bgp-update-source.xml.i @@ -21,7 +21,7 @@ <constraint> <validator name="ipv4-address"/> <validator name="ipv6-address"/> - <regex>^(br|bond|dum|en|eth|gnv|peth|tun|vti|vxlan|wg|wlan)[0-9]+|lo$</regex> + <validator name="interface-name"/> </constraint> </properties> </leafNode> diff --git a/interface-definitions/include/static-route-blackhole.xml.i b/interface-definitions/include/static-route-blackhole.xml.i new file mode 100644 index 000000000..c880ee778 --- /dev/null +++ b/interface-definitions/include/static-route-blackhole.xml.i @@ -0,0 +1,10 @@ +<!-- included start from static-route-blackhole.xml.i -->
+<node name="blackhole">
+ <properties>
+ <help>Silently discard packets when matched</help>
+ </properties>
+ <children>
+ #include <include/static-route-distance.xml.i>
+ </children>
+</node>
+<!-- included end -->
diff --git a/interface-definitions/include/static-route-disable.xml.i b/interface-definitions/include/static-route-disable.xml.i deleted file mode 100644 index 100ca3cbf..000000000 --- a/interface-definitions/include/static-route-disable.xml.i +++ /dev/null @@ -1,8 +0,0 @@ -<!-- included start from static-route-disable.xml.i.xml.i --> -<leafNode name="disable"> - <properties> - <help>Disable interface static route</help> - <valueless/> - </properties> -</leafNode> -<!-- included end --> diff --git a/interface-definitions/include/static-route-interface.xml.i b/interface-definitions/include/static-route-interface.xml.i new file mode 100644 index 000000000..0f10837df --- /dev/null +++ b/interface-definitions/include/static-route-interface.xml.i @@ -0,0 +1,17 @@ +<!-- included start from static-route-interface.xml.i --> +<leafNode name="interface"> + <properties> + <help>Gateway interface name</help> + <completionHelp> + <script>${vyos_completion_dir}/list_interfaces.py</script> + </completionHelp> + <valueHelp> + <format>txt</format> + <description>Gateway interface name</description> + </valueHelp> + <constraint> + <validator name="interface-name"/> + </constraint> + </properties> +</leafNode> +<!-- included end --> diff --git a/interface-definitions/include/static-route-next-hop-vrf.xml.i b/interface-definitions/include/static-route-vrf.xml.i index c90140856..70f8b0be8 100644 --- a/interface-definitions/include/static-route-next-hop-vrf.xml.i +++ b/interface-definitions/include/static-route-vrf.xml.i @@ -1,16 +1,18 @@ -<!-- included start from static-route-next-hop-vrf.xml.i --> -<leafNode name="next-hop-vrf"> +<!-- included start from static-route-vrf.xml.i --> +<leafNode name="vrf"> <properties> <help>VRF to leak route</help> + <completionHelp> + <list>default</list> + <path>vrf name</path> + </completionHelp> <valueHelp> <format>txt</format> <description>Name of VRF to leak to</description> </valueHelp> - <completionHelp> - <path>protocols vrf</path> - </completionHelp> <constraint> - <regex>^[a-zA-Z0-9\-_]{1,100}$</regex> + <regex>^(default)$</regex> + <validator name="vrf-name"/> </constraint> </properties> </leafNode> diff --git a/interface-definitions/include/static-route.xml.i b/interface-definitions/include/static-route.xml.i new file mode 100644 index 000000000..6225025ca --- /dev/null +++ b/interface-definitions/include/static-route.xml.i @@ -0,0 +1,75 @@ +<!-- included start from static-route.xml.i -->
+<tagNode name="route">
+ <properties>
+ <help>VRF static IPv4 route</help>
+ <valueHelp>
+ <format>ipv4net</format>
+ <description>IPv4 static route</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-prefix"/>
+ </constraint>
+ </properties>
+ <children>
+ <node name="blackhole">
+ <properties>
+ <help>Silently discard pkts when matched</help>
+ </properties>
+ <children>
+ #include <include/static-route-distance.xml.i>
+ <leafNode name="tag">
+ <properties>
+ <help>Tag value for this route</help>
+ <valueHelp>
+ <format>u32:1-4294967295</format>
+ <description>Tag value for this route</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-4294967295"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
+ <tagNode name="interface">
+ <properties>
+ <help>Next-hop IPv4 router interface</help>
+ <completionHelp>
+ <script>${vyos_completion_dir}/list_interfaces.py</script>
+ </completionHelp>
+ <valueHelp>
+ <format>txt</format>
+ <description>Gateway interface name</description>
+ </valueHelp>
+ <constraint>
+ <validator name="interface-name"/>
+ </constraint>
+ </properties>
+ <children>
+ #include <include/generic-disable-node.xml.i>
+ #include <include/static-route-distance.xml.i>
+ #include <include/static-route-vrf.xml.i>
+ </children>
+ </tagNode>
+ <tagNode name="next-hop">
+ <properties>
+ <help>Next-hop IPv4 router address</help>
+ <valueHelp>
+ <format>ipv4</format>
+ <description>Next-hop router address</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-address"/>
+ </constraint>
+ </properties>
+ <children>
+ #include <include/generic-disable-node.xml.i>
+ #include <include/static-route-distance.xml.i>
+ #include <include/static-route-interface.xml.i>
+ #include <include/static-route-vrf.xml.i>
+ </children>
+ </tagNode>
+ </children>
+</tagNode>
+<!-- included end -->
+
diff --git a/interface-definitions/include/static-route6.xml.i b/interface-definitions/include/static-route6.xml.i new file mode 100644 index 000000000..25d4d22a2 --- /dev/null +++ b/interface-definitions/include/static-route6.xml.i @@ -0,0 +1,75 @@ +<!-- included start from static-route6.xml.i -->
+<tagNode name="route6">
+ <properties>
+ <help>VRF static IPv6 route</help>
+ <valueHelp>
+ <format>ipv6net</format>
+ <description>IPv6 static route</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv6-prefix"/>
+ </constraint>
+ </properties>
+ <children>
+ <node name="blackhole">
+ <properties>
+ <help>Silently discard pkts when matched</help>
+ </properties>
+ <children>
+ #include <include/static-route-distance.xml.i>
+ <leafNode name="tag">
+ <properties>
+ <help>Tag value for this route</help>
+ <valueHelp>
+ <format>u32:1-4294967295</format>
+ <description>Tag value for this route</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-4294967295"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
+ <tagNode name="interface">
+ <properties>
+ <help>IPv6 gateway interface name</help>
+ <completionHelp>
+ <script>${vyos_completion_dir}/list_interfaces.py</script>
+ </completionHelp>
+ <valueHelp>
+ <format>txt</format>
+ <description>Gateway interface name</description>
+ </valueHelp>
+ <constraint>
+ <validator name="interface-name"/>
+ </constraint>
+ </properties>
+ <children>
+ #include <include/generic-disable-node.xml.i>
+ #include <include/static-route-distance.xml.i>
+ #include <include/static-route-vrf.xml.i>
+ </children>
+ </tagNode>
+ <tagNode name="next-hop">
+ <properties>
+ <help>IPv6 gateway address</help>
+ <valueHelp>
+ <format>ipv6</format>
+ <description>Next-hop IPv6 router</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv6-address"/>
+ </constraint>
+ </properties>
+ <children>
+ #include <include/generic-disable-node.xml.i>
+ #include <include/static-route-distance.xml.i>
+ #include <include/static-route-interface.xml.i>
+ #include <include/static-route-vrf.xml.i>
+ </children>
+ </tagNode>
+ </children>
+</tagNode>
+<!-- included end -->
+
diff --git a/interface-definitions/protocols-bgp.xml.in b/interface-definitions/protocols-bgp.xml.in index 3edacb0ca..e5122fe8d 100644 --- a/interface-definitions/protocols-bgp.xml.in +++ b/interface-definitions/protocols-bgp.xml.in @@ -307,7 +307,7 @@ <constraint> <validator name="ipv4-address"/> <validator name="ipv6-address"/> - <regex>^(br|bond|dum|en|eth|gnv|peth|tun|vti|vxlan|wg|wlan)[0-9]+|lo$</regex> + <validator name="interface-name"/> </constraint> </properties> <children> diff --git a/interface-definitions/protocols-multicast.xml.in b/interface-definitions/protocols-multicast.xml.in index a06f2b287..bf0ead78f 100644 --- a/interface-definitions/protocols-multicast.xml.in +++ b/interface-definitions/protocols-multicast.xml.in @@ -1,5 +1,4 @@ <?xml version="1.0"?> -<!-- Multicast static routing configuration --> <interfaceDefinition> <node name="protocols"> <children> diff --git a/interface-definitions/protocols-ospf.xml.in b/interface-definitions/protocols-ospf.xml.in index 7a5cef6ef..ca848c289 100644 --- a/interface-definitions/protocols-ospf.xml.in +++ b/interface-definitions/protocols-ospf.xml.in @@ -697,7 +697,8 @@ <description>Default to suppress routing updates on all interfaces</description> </valueHelp> <constraint> - <regex>^(br|bond|dum|en|eth|gnv|peth|tun|vti|vxlan|wg|wlan)[0-9]+|lo|default$</regex> + <regex>^(default)$</regex> + <validator name="interface-name"/> </constraint> <multi/> </properties> @@ -713,7 +714,7 @@ <description>Interface to be passive (i.e. suppress routing updates)</description> </valueHelp> <constraint> - <regex>^(br|bond|dum|en|eth|gnv|peth|tun|vti|vxlan|wg|wlan)[0-9]+|lo$</regex> + <validator name="interface-name"/> </constraint> <multi/> </properties> diff --git a/interface-definitions/protocols-ospfv3.xml.in b/interface-definitions/protocols-ospfv3.xml.in index 7f80f9f9d..bd6a55b45 100644 --- a/interface-definitions/protocols-ospfv3.xml.in +++ b/interface-definitions/protocols-ospfv3.xml.in @@ -52,7 +52,7 @@ <description>Interface used for routing information exchange</description> </valueHelp> <constraint> - <regex>^(br|bond|dum|en|eth|gnv|peth|tun|vti|vxlan|wg|wlan)[0-9]+|lo$</regex> + <validator name="interface-name"/> </constraint> <multi/> </properties> diff --git a/interface-definitions/arp.xml.in b/interface-definitions/protocols-static-arp.xml.in index 082afe00f..e5e8a9ad9 100644 --- a/interface-definitions/arp.xml.in +++ b/interface-definitions/protocols-static-arp.xml.in @@ -18,7 +18,7 @@ <children> <leafNode name="hwaddr"> <properties> - <help>mac address to translate to</help> + <help>Translation MAC address</help> <valueHelp> <format>macaddr</format> <description>Hardware (MAC) address</description> diff --git a/interface-definitions/protocols-static.xml.in b/interface-definitions/protocols-static.xml.in index 2a9f7014f..59a7927a5 100644 --- a/interface-definitions/protocols-static.xml.in +++ b/interface-definitions/protocols-static.xml.in @@ -1,193 +1,15 @@ -<?xml version="1.0" encoding="utf-8"?> -<!-- Protocol STATIC configuration --> +<?xml version="1.0"?> <interfaceDefinition> <node name="protocols"> <children> - <node name="nstatic" owner="${vyos_conf_scripts_dir}/protocols_static.py"> + <node name="static" owner="${vyos_conf_scripts_dir}/protocols_static.py"> <properties> <help>Static route parameters</help> </properties> <children> - <tagNode name="interface-route"> - <properties> - <help>Interface based static route</help> - <valueHelp> - <format>ipv4net</format> - <description>Interface based static route</description> - </valueHelp> - <constraint> - <validator name="ipv4-prefix"/> - </constraint> - </properties> - <children> - <tagNode name="next-hop-interface"> - <properties> - <help>Next-hop interface [REQUIRED]</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces.py</script> - </completionHelp> - </properties> - <children> - #include <include/static-route-disable.xml.i> - #include <include/static-route-distance.xml.i> - #include <include/static-route-next-hop-vrf.xml.i> - </children> - </tagNode> - </children> - </tagNode> - <tagNode name="interface-route6"> - <properties> - <help>Interface based IPv6 static route</help> - <valueHelp> - <format>ipv6net</format> - <description>Interface based IPv6 static route</description> - </valueHelp> - <constraint> - <validator name="ipv6-prefix"/> - </constraint> - </properties> - <children> - <tagNode name="next-hop-interface"> - <properties> - <help>Next-hop interface [REQUIRED]</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces.py</script> - </completionHelp> - </properties> - <children> - #include <include/static-route-disable.xml.i> - #include <include/static-route-distance.xml.i> - </children> - </tagNode> - </children> - </tagNode> #include <include/static-route-map.xml.i> - <tagNode name="route"> - <properties> - <help>Static route</help> - <valueHelp> - <format>ipv4net</format> - <description>Static route</description> - </valueHelp> - <constraint> - <validator name="ipv4-prefix"/> - </constraint> - </properties> - <children> - <node name="blackhole"> - <properties> - <help>Silently discard pkts when matched</help> - </properties> - <children> - #include <include/static-route-distance.xml.i> - <leafNode name="tag"> - <properties> - <help>Tag value for this route</help> - <valueHelp> - <format>u32:1-4294967295</format> - <description>Tag value for this route</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-4294967295"/> - </constraint> - </properties> - </leafNode> - </children> - </node> - <leafNode name="dhcp-interface"> - <properties> - <help>DHCP interface that supplies the next-hop IP address for this static route</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces.py</script> - </completionHelp> - <valueHelp> - <format>txt</format> - <description>DHCP interface</description> - </valueHelp> - </properties> - </leafNode> - <tagNode name="next-hop"> - <properties> - <help>Next-hop router</help> - <valueHelp> - <format>ipv4</format> - <description>Next-hop router</description> - </valueHelp> - <constraint> - <validator name="ipv4-address"/> - </constraint> - </properties> - <children> - #include <include/static-route-disable.xml.i> - #include <include/static-route-distance.xml.i> - <leafNode name="next-hop-interface"> - <properties> - <help>IPv4 gateway interface name</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces.py</script> - </completionHelp> - <valueHelp> - <format>txt</format> - <description>IPv4 gateway interface name</description> - </valueHelp> - </properties> - </leafNode> - #include <include/static-route-next-hop-vrf.xml.i> - </children> - </tagNode> - </children> - </tagNode> - <tagNode name="route6"> - <properties> - <help>Static IPv6 route</help> - <valueHelp> - <format>ipv6net</format> - <description>Static IPv6 route</description> - </valueHelp> - <constraint> - <validator name="ipv6-prefix"/> - </constraint> - </properties> - <children> - <node name="blackhole"> - <properties> - <help>Silently discard pkts when matched</help> - </properties> - <children> - #include <include/static-route-distance.xml.i> - </children> - </node> - <tagNode name="next-hop"> - <properties> - <help>Next-hop IPv6 router [REQUIRED]</help> - <valueHelp> - <format>ipv6</format> - <description>Next-hop IPv6 router [REQUIRED]</description> - </valueHelp> - <constraint> - <validator name="ipv6-address"/> - </constraint> - </properties> - <children> - #include <include/static-route-disable.xml.i> - #include <include/static-route-distance.xml.i> - <leafNode name="interface"> - <properties> - <help>IPv6 gateway interface name</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces.py</script> - </completionHelp> - <valueHelp> - <format>txt</format> - <description>IPv6 gateway interface name</description> - </valueHelp> - </properties> - </leafNode> - #include <include/static-route-next-hop-vrf.xml.i> - </children> - </tagNode> - </children> - </tagNode> + #include <include/static-route.xml.i> + #include <include/static-route6.xml.i> <tagNode name="table"> <properties> <help>Policy route table number</help> @@ -200,159 +22,8 @@ </constraint> </properties> <children> - <tagNode name="interface-route"> - <properties> - <help>Interface based static route</help> - <valueHelp> - <format>ipv4net</format> - <description>Interface based static route</description> - </valueHelp> - <constraint> - <validator name="ipv4-prefix"/> - </constraint> - </properties> - <children> - <tagNode name="next-hop-interface"> - <properties> - <help>Next-hop interface [REQUIRED]</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces.py</script> - </completionHelp> - </properties> - <children> - #include <include/static-route-disable.xml.i> - #include <include/static-route-distance.xml.i> - </children> - </tagNode> - </children> - </tagNode> - <tagNode name="interface-route6"> - <properties> - <help>Interface based IPv6 static route</help> - <valueHelp> - <format>ipv6net</format> - <description>Interface based IPv6 static route</description> - </valueHelp> - <constraint> - <validator name="ipv6-prefix"/> - </constraint> - </properties> - <children> - <tagNode name="next-hop-interface"> - <properties> - <help>Next-hop interface [REQUIRED]</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces.py</script> - </completionHelp> - </properties> - <children> - #include <include/static-route-disable.xml.i> - #include <include/static-route-distance.xml.i> - </children> - </tagNode> - </children> - </tagNode> - <tagNode name="route"> - <properties> - <help>Static route</help> - <valueHelp> - <format>ipv4net</format> - <description>Static route</description> - </valueHelp> - <constraint> - <validator name="ipv4-prefix"/> - </constraint> - </properties> - <children> - <node name="blackhole"> - <properties> - <help>Silently discard pkts when matched</help> - </properties> - <children> - #include <include/static-route-distance.xml.i> - </children> - </node> - <leafNode name="dhcp-interface"> - <properties> - <help>DHCP interface that supplies the next-hop IP address for this static route</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces.py</script> - </completionHelp> - <valueHelp> - <format>txt</format> - <description>DHCP interface</description> - </valueHelp> - </properties> - </leafNode> - <tagNode name="next-hop"> - <properties> - <help>Next-hop router</help> - <valueHelp> - <format>ipv4</format> - <description>Next-hop router</description> - </valueHelp> - <constraint> - <validator name="ipv4-address"/> - </constraint> - </properties> - <children> - #include <include/static-route-disable.xml.i> - #include <include/static-route-distance.xml.i> - <leafNode name="next-hop-interface"> - <properties> - <help>IPv4 gateway interface name</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces.py</script> - </completionHelp> - <valueHelp> - <format>txt</format> - <description>IPv4 gateway interface name</description> - </valueHelp> - </properties> - </leafNode> - #include <include/static-route-next-hop-vrf.xml.i> - </children> - </tagNode> - </children> - </tagNode> - <tagNode name="route6"> - <properties> - <help>Static IPv6 route</help> - <valueHelp> - <format>ipv6net</format> - <description>Static IPv6 route</description> - </valueHelp> - <constraint> - <validator name="ipv6-prefix"/> - </constraint> - </properties> - <children> - <node name="blackhole"> - <properties> - <help>Silently discard pkts when matched</help> - </properties> - <children> - #include <include/static-route-distance.xml.i> - </children> - </node> - <tagNode name="next-hop"> - <properties> - <help>Next-hop IPv6 router [REQUIRED]</help> - <valueHelp> - <format>ipv6</format> - <description>Next-hop IPv6 router [REQUIRED]</description> - </valueHelp> - <constraint> - <validator name="ipv6-address"/> - </constraint> - </properties> - <children> - #include <include/static-route-disable.xml.i> - #include <include/static-route-distance.xml.i> - </children> - </tagNode> - </children> - </tagNode> + #include <include/static-route.xml.i> + #include <include/static-route6.xml.i> </children> </tagNode> </children> diff --git a/interface-definitions/protocols-vrf.xml.in b/interface-definitions/protocols-vrf.xml.in index d58f85b02..81942d124 100644 --- a/interface-definitions/protocols-vrf.xml.in +++ b/interface-definitions/protocols-vrf.xml.in @@ -1,18 +1,21 @@ <?xml version="1.0" encoding="utf-8"?> -<!-- Protocol VRF configuration --> <interfaceDefinition> <node name="protocols"> <children> - <tagNode name="nvrf" owner="${vyos_conf_scripts_dir}/vrf.py"> + <tagNode name="vrf" owner="${vyos_conf_scripts_dir}/protocols_vrf.py"> <properties> <help>Name of VRF to add route for</help> + <completionHelp> + <path>vrf name</path> + </completionHelp> <valueHelp> <format>txt</format> - <description>Name of VRF to add route for</description> + <description>VRF instance name</description> </valueHelp> - <completionHelp> - <path>protocols vrf</path> - </completionHelp> + <constraint> + <validator name="vrf-name"/> + </constraint> + <constraintErrorMessage>VRF instance name must be 15 characters or less and can not\nbe named as regular network interfaces.\n</constraintErrorMessage> </properties> <children> <node name="static"> @@ -20,336 +23,8 @@ <help>Static route parameters</help> </properties> <children> - <tagNode name="interface-route"> - <properties> - <help>Interface based static route</help> - <valueHelp> - <format>ipv4net</format> - <description>Interface based static route</description> - </valueHelp> - <constraint> - <validator name="ipv4-prefix"/> - </constraint> - </properties> - <children> - <tagNode name="next-hop-interface"> - <properties> - <help>Next-hop interface [REQUIRED]</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces.py</script> - </completionHelp> - </properties> - <children> - <leafNode name="disable"> - <properties> - <help>Disable IPv4 interface static route</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="distance"> - <properties> - <help>Distance for this route</help> - <valueHelp> - <format>u32:1-255</format> - <description>Distance for this route</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-255"/> - </constraint> - </properties> - </leafNode> - <leafNode name="next-hop-vrf"> - <properties> - <help>VRF to leak route</help> - <valueHelp> - <format>txt</format> - <description>Name of VRF to leak to</description> - </valueHelp> - <valueHelp> - <format>default</format> - <description>Name of VRF to leak to</description> - </valueHelp> - <completionHelp> - <list>default</list> - <path>protocols vrf</path> - </completionHelp> - <constraint> - <regex>^[a-zA-Z0-9\-_]{1,100}$</regex> - </constraint> - </properties> - </leafNode> - </children> - </tagNode> - </children> - </tagNode> - <tagNode name="interface-route6"> - <properties> - <help>Interface based IPv6 static route</help> - <valueHelp> - <format>ipv6net</format> - <description>Interface based IPv6 static route</description> - </valueHelp> - <constraint> - <validator name="ipv6-prefix"/> - </constraint> - </properties> - <children> - <tagNode name="next-hop-interface"> - <properties> - <help>Next-hop interface [REQUIRED]</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces.py</script> - </completionHelp> - </properties> - <children> - <leafNode name="disable"> - <properties> - <help>Disable IPv6 interface static route</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="distance"> - <properties> - <help>Distance for this route</help> - <valueHelp> - <format>u32:1-255</format> - <description>Distance for this route</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-255"/> - </constraint> - </properties> - </leafNode> - <leafNode name="next-hop-vrf"> - <properties> - <help>VRF to leak route</help> - <valueHelp> - <format>txt</format> - <description>Name of VRF to leak to</description> - </valueHelp> - <valueHelp> - <format>default</format> - <description>Name of VRF to leak to</description> - </valueHelp> - <completionHelp> - <list>default</list> - <path>protocols vrf</path> - </completionHelp> - <constraint> - <regex>^[a-zA-Z0-9\-_]{1,100}$</regex> - </constraint> - </properties> - </leafNode> - </children> - </tagNode> - </children> - </tagNode> - <tagNode name="route"> - <properties> - <help>VRF static IPv4 route</help> - <valueHelp> - <format>ipv4net</format> - <description>VRF static IPv4 route</description> - </valueHelp> - <constraint> - <validator name="ipv4-prefix"/> - </constraint> - </properties> - <children> - <node name="blackhole"> - <properties> - <help>Silently discard pkts when matched</help> - </properties> - <children> - <leafNode name="distance"> - <properties> - <help>Distance value for this route</help> - <valueHelp> - <format>u32:1-255</format> - <description>Distance for this route</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-255"/> - </constraint> - </properties> - </leafNode> - </children> - </node> - <leafNode name="dhcp-interface"> - <properties> - <help>DHCP interface that supplies the next-hop IP address for this static route</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces.py</script> - </completionHelp> - <valueHelp> - <format>txt</format> - <description>DHCP interface</description> - </valueHelp> - </properties> - </leafNode> - <tagNode name="next-hop"> - <properties> - <help>Next-hop router</help> - <valueHelp> - <format>ipv4</format> - <description>Next-hop router</description> - </valueHelp> - <constraint> - <validator name="ipv4-address"/> - </constraint> - </properties> - <children> - <leafNode name="disable"> - <properties> - <help>Disable IPv4 interface static route</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="distance"> - <properties> - <help>Distance for this route</help> - <valueHelp> - <format>u32:1-255</format> - <description>Distance for this route</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-255"/> - </constraint> - </properties> - </leafNode> - <leafNode name="next-hop-interface"> - <properties> - <help>IPv4 gateway interface name</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces.py</script> - </completionHelp> - <valueHelp> - <format>txt</format> - <description>IPv4 gateway interface name</description> - </valueHelp> - </properties> - </leafNode> - <leafNode name="next-hop-vrf"> - <properties> - <help>VRF to leak route</help> - <valueHelp> - <format>txt</format> - <description>Name of VRF to leak to</description> - </valueHelp> - <valueHelp> - <format>default</format> - <description>Name of VRF to leak to</description> - </valueHelp> - <completionHelp> - <list>default</list> - <path>protocols vrf</path> - </completionHelp> - <constraint> - <regex>^[a-zA-Z0-9\-_]{1,100}$</regex> - </constraint> - </properties> - </leafNode> - </children> - </tagNode> - </children> - </tagNode> - <tagNode name="route6"> - <properties> - <help>VRF static IPv6 route</help> - <valueHelp> - <format>ipv6net</format> - <description>VRF static IPv6 route</description> - </valueHelp> - <constraint> - <validator name="ipv6-prefix"/> - </constraint> - </properties> - <children> - <node name="blackhole"> - <properties> - <help>Silently discard pkts when matched</help> - </properties> - <children> - <leafNode name="distance"> - <properties> - <help>Distance value for this route</help> - <valueHelp> - <format>u32:1-255</format> - <description>Distance for this route</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-255"/> - </constraint> - </properties> - </leafNode> - </children> - </node> - <tagNode name="next-hop"> - <properties> - <help>Next-hop IPv6 router [REQUIRED]</help> - <valueHelp> - <format>ipv6</format> - <description>Next-hop IPv6 router [REQUIRED]</description> - </valueHelp> - <constraint> - <validator name="ipv6-address"/> - </constraint> - </properties> - <children> - <leafNode name="disable"> - <properties> - <help>Disable IPv6 interface static route</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="distance"> - <properties> - <help>Distance for this route</help> - <valueHelp> - <format>u32:1-255</format> - <description>Distance for this route</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-255"/> - </constraint> - </properties> - </leafNode> - <leafNode name="interface"> - <properties> - <help>IPv6 gateway interface name</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces.py</script> - </completionHelp> - <valueHelp> - <format>txt</format> - <description>IPv6 gateway interface name</description> - </valueHelp> - </properties> - </leafNode> - <leafNode name="next-hop-vrf"> - <properties> - <help>VRF to leak route</help> - <valueHelp> - <format>txt</format> - <description>Name of VRF to leak to</description> - </valueHelp> - <valueHelp> - <format>default</format> - <description>Name of VRF to leak to</description> - </valueHelp> - <completionHelp> - <list>default</list> - <path>protocols vrf</path> - </completionHelp> - <constraint> - <regex>^[a-zA-Z0-9\-_]{1,100}$</regex> - </constraint> - </properties> - </leafNode> - </children> - </tagNode> - </children> - </tagNode> + #include <include/static-route.xml.i> + #include <include/static-route6.xml.i> </children> </node> </children> diff --git a/interface-definitions/vrf.xml.in b/interface-definitions/vrf.xml.in index 81c89d94b..eca9e75a7 100644 --- a/interface-definitions/vrf.xml.in +++ b/interface-definitions/vrf.xml.in @@ -21,7 +21,7 @@ </constraint> <constraintErrorMessage>VRF instance name must be 15 characters or less and can not\nbe named as regular network interfaces.\n</constraintErrorMessage> <valueHelp> - <format>name</format> + <format>txt</format> <description>Instance name</description> </valueHelp> </properties> diff --git a/smoketest/configs/vrf-basic b/smoketest/configs/vrf-basic new file mode 100644 index 000000000..ded33f683 --- /dev/null +++ b/smoketest/configs/vrf-basic @@ -0,0 +1,231 @@ +interfaces { + ethernet eth0 { + address 192.0.2.1/24 + } + ethernet eth1 { + duplex auto + speed auto + vrf green + } + ethernet eth2 { + vrf red + } +} +protocols { + static { + route 0.0.0.0/0 { + next-hop 192.0.2.254 { + distance 10 + } + } + table 10 { + interface-route 1.0.0.0/8 { + next-hop-interface eth0 { + distance 20 + } + } + interface-route 2.0.0.0/8 { + next-hop-interface eth0 { + distance 20 + } + } + interface-route 3.0.0.0/8 { + next-hop-interface eth0 { + distance 20 + } + } + } + table 20 { + interface-route 4.0.0.0/8 { + next-hop-interface eth0 { + distance 20 + } + } + interface-route 5.0.0.0/8 { + next-hop-interface eth0 { + distance 50 + } + } + interface-route 6.0.0.0/8 { + next-hop-interface eth0 { + distance 60 + } + } + interface-route6 2001:db8:100::/40 { + next-hop-interface eth1 { + distance 20 + } + } + interface-route6 2001:db8::/40 { + next-hop-interface eth1 { + distance 10 + } + } + route 11.0.0.0/8 { + next-hop 1.1.1.1 { + next-hop-interface eth0 + } + } + route 12.0.0.0/8 { + next-hop 1.1.1.1 { + next-hop-interface eth0 + } + } + route 13.0.0.0/8 { + next-hop 1.1.1.1 { + next-hop-interface eth0 + } + } + } + table 30 { + interface-route6 2001:db8:200::/40 { + next-hop-interface eth1 { + distance 20 + } + } + route 14.0.0.0/8 { + next-hop 2.2.1.1 { + next-hop-interface eth1 + } + } + route 15.0.0.0/8 { + next-hop 2.2.1.1 { + next-hop-interface eth1 + } + } + } + } + vrf green { + static { + interface-route 100.0.0.0/8 { + next-hop-interface eth0 { + distance 200 + next-hop-vrf default + } + } + interface-route 101.0.0.0/8 { + next-hop-interface eth0 { + next-hop-vrf default + } + next-hop-interface eth1 { + } + } + interface-route6 2001:db8:300::/40 { + next-hop-interface eth1 { + distance 20 + next-hop-vrf default + } + } + route 20.0.0.0/8 { + next-hop 1.1.1.1 { + next-hop-interface eth1 + next-hop-vrf default + } + } + route 21.0.0.0/8 { + next-hop 2.2.1.1 { + next-hop-interface eth1 + next-hop-vrf default + } + } + route6 2001:db8:100::/40 { + next-hop fe80::1 { + interface eth0 + next-hop-vrf default + } + } + } + } + vrf red { + static { + interface-route 103.0.0.0/8 { + next-hop-interface eth0 { + distance 201 + next-hop-vrf default + } + } + interface-route 104.0.0.0/8 { + next-hop-interface eth0 { + next-hop-vrf default + } + next-hop-interface eth1 { + next-hop-vrf default + } + } + interface-route6 2001:db8:400::/40 { + next-hop-interface eth1 { + distance 24 + next-hop-vrf default + } + } + route 30.0.0.0/8 { + next-hop 1.1.1.1 { + next-hop-interface eth1 + } + } + route 40.0.0.0/8 { + next-hop 2.2.1.1 { + next-hop-interface eth1 + next-hop-vrf default + } + } + route6 2001:db8:100::/40 { + next-hop fe80::1 { + interface eth0 + next-hop-vrf default + } + } + } + } +} +system { + config-management { + commit-revisions 100 + } + console { + device ttyS0 { + speed 115200 + } + } + host-name vyos + login { + user vyos { + authentication { + encrypted-password $6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0 + plaintext-password "" + } + } + } + nt + ntp { + server 0.pool.ntp.org { + } + server 1.pool.ntp.org { + } + server 2.pool.ntp.org { + } + } + syslog { + global { + facility all { + level info + } + facility protocols { + level debug + } + } + } + time-zone Europe/Berlin +} +vrf { + name green { + table 1000 + } + name red { + table 2000 + } +} + +// Warning: Do not remove the following line. +// vyos-config-version: "broadcast-relay@1:cluster@1:config-management@1:conntrack@1:conntrack-sync@1:dhcp-relay@2:dhcp-server@5:dhcpv6-server@1:dns-forwarding@3:firewall@5:https@2:interfaces@18:ipoe-server@1:ipsec@5:l2tp@3:lldp@1:mdns@1:nat@5:ntp@1:pppoe-server@5:pptp@2:qos@1:quagga@6:salt@1:snmp@2:ssh@2:sstp@3:system@20:vrrp@2:vyos-accel-ppp@2:wanloadbalance@3:webproxy@2:zone-policy@1" +// Release version: 1.3-beta-202101231023 diff --git a/smoketest/scripts/cli/test_protocols_static.py b/smoketest/scripts/cli/test_protocols_static.py index 100fd3387..a4c320a62 100755 --- a/smoketest/scripts/cli/test_protocols_static.py +++ b/smoketest/scripts/cli/test_protocols_static.py @@ -14,141 +14,382 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. -import re import os -import json import unittest -from netifaces import interfaces - from vyos.configsession import ConfigSession from vyos.configsession import ConfigSessionError -from vyos.ifconfig import Interface -from vyos.ifconfig import Section from vyos.template import is_ipv6 from vyos.util import cmd -from vyos.util import read_file -from vyos.validate import is_intf_addr_assigned -dummy_if = 'dum08765' base_path = ['protocols', 'static'] +vrf_path = ['protocols', 'vrf'] + +def getFRRCconfig(vrf=None): + if vrf: + return cmd(f'vtysh -c "show run" | sed -n "/^vrf {vrf}/,/^!/p"') + else: + return cmd(f'vtysh -c "show run" | sed -n "/^ip route/,/^!/p"') routes = { '10.0.0.0/8' : { - 'next_hop' : '192.0.2.2', - 'distance' : '200', + 'next_hop' : { + '192.0.2.100' : { 'distance' : '100' }, + '192.0.2.110' : { 'distance' : '110', 'interface' : 'eth0' }, + '192.0.2.120' : { 'distance' : '120', 'disable' : '' }, + }, + 'interface' : { + 'eth0' : { 'distance' : '130' }, + 'eth1' : { 'distance' : '140' }, + }, + 'blackhole' : { 'distance' : '250', 'tag' : '500' }, }, '172.16.0.0/12' : { - 'next_hop' : '192.0.2.3', - }, - '192.168.0.0/16' : { - 'next_hop' : '192.0.2.3', - }, - '2001:db8:1000::/48' : { - 'next_hop' : '2001:db8::1000', + 'interface' : { + 'eth0' : { 'distance' : '50', 'vrf' : 'black' }, + 'eth1' : { 'distance' : '60', 'vrf' : 'black' }, + }, + 'blackhole' : { 'distance' : '90' }, }, - '2001:db8:2000::/48' : { - 'next_hop' : '2001:db8::2000', - }, -} - -interface_routes = { - '10.0.0.0/8' : { - 'next_hop' : dummy_if, - 'distance' : '200', + '192.0.2.0/24' : { + 'interface' : { + 'eth0' : { 'distance' : '50', 'vrf' : 'black' }, + 'eth1' : { 'disable' : '' }, + }, + 'blackhole' : { 'distance' : '90' }, }, - '172.16.0.0/12' : { - 'next_hop' : dummy_if, + '100.64.0.0/10' : { + 'blackhole' : { }, }, - '192.168.0.0/16' : { - 'next_hop' : dummy_if, + '2001:db8:100::/40' : { + 'next_hop' : { + '2001:db8::1' : { 'distance' : '10' }, + '2001:db8::2' : { 'distance' : '20', 'interface' : 'eth0' }, + '2001:db8::3' : { 'distance' : '30', 'disable' : '' }, + }, + 'interface' : { + 'eth0' : { 'distance' : '40', 'vrf' : 'black' }, + 'eth1' : { 'distance' : '50', 'disable' : '' }, + }, + 'blackhole' : { 'distance' : '250', 'tag' : '500' }, }, - '2001:db8:1000::/48' : { - 'next_hop' : dummy_if, + '2001:db8:200::/40' : { + 'interface' : { + 'eth0' : { 'distance' : '40' }, + 'eth1' : { 'distance' : '50', 'disable' : '' }, + }, + 'blackhole' : { 'distance' : '250', 'tag' : '500' }, }, - '2001:db8:2000::/48' : { - 'next_hop' : dummy_if, + '2001:db8::/32' : { + 'blackhole' : { 'distance' : '200', 'tag' : '600' }, }, } +vrfs = ['red', 'green', 'blue'] +tables = ['80', '81', '82'] class StaticRouteTest(unittest.TestCase): def setUp(self): self.session = ConfigSession(os.getpid()) - # we need an alive next-hop interface - self.session.set(['interfaces', 'dummy', dummy_if, 'address', '192.0.2.1/24']) - self.session.set(['interfaces', 'dummy', dummy_if, 'address', '2001:db8::1/64']) def tearDown(self): - self.session.delete(['interfaces', 'dummy', dummy_if]) + for route, route_config in routes.items(): + route_type = 'route' + if is_ipv6(route): + route_type = 'route6' + self.session.delete(base_path + [route_type, route]) + + for vrf in vrfs: + self.session.delete(vrf_path + [vrf]) + + for table in tables: + self.session.delete(base_path + ['table', table]) + self.session.commit() + del self.session - def test_static_routes(self): + def test_protocols_static(self): for route, route_config in routes.items(): route_type = 'route' if is_ipv6(route): route_type = 'route6' - self.session.set(base_path + [route_type, route, 'next-hop', route_config['next_hop']]) - if 'distance' in route_config: - self.session.set(base_path + [route_type, route, 'next-hop', route_config['next_hop'], 'distance', route_config['distance']]) + base = base_path + [route_type, route] + if 'next_hop' in route_config: + for next_hop, next_hop_config in route_config['next_hop'].items(): + self.session.set(base + ['next-hop', next_hop]) + if 'disable' in next_hop_config: + self.session.set(base + ['next-hop', next_hop, 'disable']) + if 'distance' in next_hop_config: + self.session.set(base + ['next-hop', next_hop, 'distance', next_hop_config['distance']]) + if 'interface' in next_hop_config: + self.session.set(base + ['next-hop', next_hop, 'interface', next_hop_config['interface']]) + if 'vrf' in next_hop_config: + self.session.set(base + ['next-hop', next_hop, 'vrf', next_hop_config['vrf']]) + + + if 'interface' in route_config: + for interface, interface_config in route_config['interface'].items(): + self.session.set(base + ['interface', interface]) + if 'disable' in interface_config: + self.session.set(base + ['interface', interface, 'disable']) + if 'distance' in interface_config: + self.session.set(base + ['interface', interface, 'distance', interface_config['distance']]) + if 'vrf' in interface_config: + self.session.set(base + ['interface', interface, 'vrf', interface_config['vrf']]) + + if 'blackhole' in route_config: + self.session.set(base + ['blackhole']) + if 'distance' in route_config['blackhole']: + self.session.set(base + ['blackhole', 'distance', route_config['blackhole']['distance']]) + if 'tag' in route_config['blackhole']: + self.session.set(base + ['blackhole', 'tag', route_config['blackhole']['tag']]) # commit changes self.session.commit() + # Verify FRR bgpd configuration + frrconfig = getFRRCconfig() + # Verify routes for route, route_config in routes.items(): - ip_ver = '-4' + ip_ipv6 = 'ip' if is_ipv6(route): - ip_ver = '-6' - tmp = json.loads(cmd(f'ip {ip_ver} -d -j route show {route}')) + ip_ipv6 = 'ipv6' - found = False - for result in tmp: - # unfortunately iproute2 does not return the distance - if 'dst' in result and result['dst'] == route: - if 'gateway' in result and result['gateway'] == route_config['next_hop']: - found = True + if 'next_hop' in route_config: + for next_hop, next_hop_config in route_config['next_hop'].items(): + tmp = f'{ip_ipv6} route {route} {next_hop}' + if 'interface' in next_hop_config: + tmp += ' ' + next_hop_config['interface'] + if 'distance' in next_hop_config: + tmp += ' ' + next_hop_config['distance'] + if 'vrf' in next_hop_config: + tmp += ' nexthop-vrf ' + next_hop_config['vrf'] - self.assertTrue(found) + if 'disable' in next_hop_config: + self.assertNotIn(tmp, frrconfig) + else: + self.assertIn(tmp, frrconfig) - route_type = 'route' - if is_ipv6(route): - route_type = 'route6' - self.session.delete(base_path + [route_type, route]) + if 'interface' in route_config: + for interface, interface_config in route_config['interface'].items(): + tmp = f'{ip_ipv6} route {route} {interface}' + if 'interface' in interface_config: + tmp += ' ' + interface_config['interface'] + if 'distance' in interface_config: + tmp += ' ' + interface_config['distance'] + if 'vrf' in interface_config: + tmp += ' nexthop-vrf ' + interface_config['vrf'] - def test_interface_routes(self): - for route, route_config in interface_routes.items(): - route_type = 'interface-route' - if is_ipv6(route): - route_type = 'interface-route6' - self.session.set(base_path + [route_type, route, 'next-hop-interface', route_config['next_hop']]) - if 'distance' in route_config: - self.session.set(base_path + [route_type, route, 'next-hop-interface', route_config['next_hop'], 'distance', route_config['distance']]) + if 'disable' in interface_config: + self.assertNotIn(tmp, frrconfig) + else: + self.assertIn(tmp, frrconfig) + + if 'blackhole' in route_config: + tmp = f'{ip_ipv6} route {route} blackhole' + if 'tag' in route_config['blackhole']: + tmp += ' tag ' + route_config['blackhole']['tag'] + if 'distance' in route_config['blackhole']: + tmp += ' ' + route_config['blackhole']['distance'] + + self.assertIn(tmp, frrconfig) + + def test_protocols_static_table(self): + for table in tables: + for route, route_config in routes.items(): + route_type = 'route' + if is_ipv6(route): + route_type = 'route6' + base = base_path + ['table', table, route_type, route] + + if 'next_hop' in route_config: + for next_hop, next_hop_config in route_config['next_hop'].items(): + self.session.set(base + ['next-hop', next_hop]) + if 'disable' in next_hop_config: + self.session.set(base + ['next-hop', next_hop, 'disable']) + if 'distance' in next_hop_config: + self.session.set(base + ['next-hop', next_hop, 'distance', next_hop_config['distance']]) + if 'interface' in next_hop_config: + self.session.set(base + ['next-hop', next_hop, 'interface', next_hop_config['interface']]) + + # This is currently not supported because of an FRR issue: + # https://github.com/FRRouting/frr/issues/8016 + # if 'vrf' in next_hop_config: + # self.session.set(base + ['next-hop', next_hop, 'vrf', next_hop_config['vrf']]) + + + if 'interface' in route_config: + for interface, interface_config in route_config['interface'].items(): + self.session.set(base + ['interface', interface]) + if 'disable' in interface_config: + self.session.set(base + ['interface', interface, 'disable']) + if 'distance' in interface_config: + self.session.set(base + ['interface', interface, 'distance', interface_config['distance']]) + + # This is currently not supported because of an FRR issue: + # https://github.com/FRRouting/frr/issues/8016 + # if 'vrf' in interface_config: + # self.session.set(base + ['interface', interface, 'vrf', interface_config['vrf']]) + + if 'blackhole' in route_config: + self.session.set(base + ['blackhole']) + if 'distance' in route_config['blackhole']: + self.session.set(base + ['blackhole', 'distance', route_config['blackhole']['distance']]) + if 'tag' in route_config['blackhole']: + self.session.set(base + ['blackhole', 'tag', route_config['blackhole']['tag']]) # commit changes self.session.commit() - # Verify routes - for route, route_config in interface_routes.items(): - ip_ver = '-4' - if is_ipv6(route): - ip_ver = '-6' - tmp = json.loads(cmd(f'ip {ip_ver} -d -j route show {route}')) + # Verify FRR bgpd configuration + frrconfig = getFRRCconfig() - found = False - for result in tmp: - # unfortunately iproute2 does not return the distance - if 'dst' in result and result['dst'] == route: - if 'dev' in result and result['dev'] == route_config['next_hop']: - found = True - break + for table in tables: + # Verify routes + for route, route_config in routes.items(): + ip_ipv6 = 'ip' + if is_ipv6(route): + ip_ipv6 = 'ipv6' - self.assertTrue(found) + if 'next_hop' in route_config: + for next_hop, next_hop_config in route_config['next_hop'].items(): + tmp = f'{ip_ipv6} route {route} {next_hop}' + if 'interface' in next_hop_config: + tmp += ' ' + next_hop_config['interface'] + if 'distance' in next_hop_config: + tmp += ' ' + next_hop_config['distance'] + # This is currently not supported because of an FRR issue: + # https://github.com/FRRouting/frr/issues/8016 + # if 'vrf' in next_hop_config: + # tmp += ' nexthop-vrf ' + next_hop_config['vrf'] + + tmp += ' table ' + table + if 'disable' in next_hop_config: + self.assertNotIn(tmp, frrconfig) + else: + self.assertIn(tmp, frrconfig) + + if 'interface' in route_config: + for interface, interface_config in route_config['interface'].items(): + tmp = f'{ip_ipv6} route {route} {interface}' + if 'interface' in interface_config: + tmp += ' ' + interface_config['interface'] + if 'distance' in interface_config: + tmp += ' ' + interface_config['distance'] + # This is currently not supported because of an FRR issue: + # https://github.com/FRRouting/frr/issues/8016 + # if 'vrf' in interface_config: + # tmp += ' nexthop-vrf ' + interface_config['vrf'] + + tmp += ' table ' + table + if 'disable' in interface_config: + self.assertNotIn(tmp, frrconfig) + else: + self.assertIn(tmp, frrconfig) + + if 'blackhole' in route_config: + tmp = f'{ip_ipv6} route {route} blackhole' + if 'tag' in route_config['blackhole']: + tmp += ' tag ' + route_config['blackhole']['tag'] + if 'distance' in route_config['blackhole']: + tmp += ' ' + route_config['blackhole']['distance'] + + tmp += ' table ' + table + self.assertIn(tmp, frrconfig) + + + def test_protocols_vrf_static(self): + for vrf in vrfs: + for route, route_config in routes.items(): + route_type = 'route' + if is_ipv6(route): + route_type = 'route6' + base = vrf_path + [vrf, 'static', route_type, route] + + if 'next_hop' in route_config: + for next_hop, next_hop_config in route_config['next_hop'].items(): + self.session.set(base + ['next-hop', next_hop]) + if 'disable' in next_hop_config: + self.session.set(base + ['next-hop', next_hop, 'disable']) + if 'distance' in next_hop_config: + self.session.set(base + ['next-hop', next_hop, 'distance', next_hop_config['distance']]) + if 'interface' in next_hop_config: + self.session.set(base + ['next-hop', next_hop, 'interface', next_hop_config['interface']]) + if 'vrf' in next_hop_config: + self.session.set(base + ['next-hop', next_hop, 'vrf', next_hop_config['vrf']]) + + + if 'interface' in route_config: + for interface, interface_config in route_config['interface'].items(): + self.session.set(base + ['interface', interface]) + if 'disable' in interface_config: + self.session.set(base + ['interface', interface, 'disable']) + if 'distance' in interface_config: + self.session.set(base + ['interface', interface, 'distance', interface_config['distance']]) + if 'vrf' in interface_config: + self.session.set(base + ['interface', interface, 'vrf', interface_config['vrf']]) + + if 'blackhole' in route_config: + self.session.set(base + ['blackhole']) + if 'distance' in route_config['blackhole']: + self.session.set(base + ['blackhole', 'distance', route_config['blackhole']['distance']]) + if 'tag' in route_config['blackhole']: + self.session.set(base + ['blackhole', 'tag', route_config['blackhole']['tag']]) + + # commit changes + self.session.commit() + + for vrf in vrfs: + # Verify FRR bgpd configuration + frrconfig = getFRRCconfig(vrf) + self.assertIn(f'vrf {vrf}', frrconfig) + + # Verify routes + for route, route_config in routes.items(): + ip_ipv6 = 'ip' + if is_ipv6(route): + ip_ipv6 = 'ipv6' + + if 'next_hop' in route_config: + for next_hop, next_hop_config in route_config['next_hop'].items(): + tmp = f'{ip_ipv6} route {route} {next_hop}' + if 'interface' in next_hop_config: + tmp += ' ' + next_hop_config['interface'] + if 'distance' in next_hop_config: + tmp += ' ' + next_hop_config['distance'] + if 'vrf' in next_hop_config: + tmp += ' nexthop-vrf ' + next_hop_config['vrf'] + + if 'disable' in next_hop_config: + self.assertNotIn(tmp, frrconfig) + else: + self.assertIn(tmp, frrconfig) + + if 'interface' in route_config: + for interface, interface_config in route_config['interface'].items(): + tmp = f'{ip_ipv6} route {route} {interface}' + if 'interface' in interface_config: + tmp += ' ' + interface_config['interface'] + if 'distance' in interface_config: + tmp += ' ' + interface_config['distance'] + if 'vrf' in interface_config: + tmp += ' nexthop-vrf ' + interface_config['vrf'] + + if 'disable' in interface_config: + self.assertNotIn(tmp, frrconfig) + else: + self.assertIn(tmp, frrconfig) + + if 'blackhole' in route_config: + tmp = f'{ip_ipv6} route {route} blackhole' + if 'tag' in route_config['blackhole']: + tmp += ' tag ' + route_config['blackhole']['tag'] + if 'distance' in route_config['blackhole']: + tmp += ' ' + route_config['blackhole']['distance'] + + self.assertIn(tmp, frrconfig) - route_type = 'interface-route' - if is_ipv6(route): - route_type = 'interface-route6' - self.session.delete(base_path + [route_type, route]) if __name__ == '__main__': - unittest.main(verbosity=2, failfast=True) + unittest.main(verbosity=2) diff --git a/smoketest/scripts/cli/test_vrf.py b/smoketest/scripts/cli/test_vrf.py index 856baa070..8e977d407 100755 --- a/smoketest/scripts/cli/test_vrf.py +++ b/smoketest/scripts/cli/test_vrf.py @@ -166,76 +166,5 @@ class VRFTest(unittest.TestCase): section = Section.section(interface) self.session.delete(['interfaces', section, interface, 'vrf']) - def test_vrf_static_routes(self): - routes = { - '10.0.0.0/8' : { - 'next_hop' : '192.0.2.2', - 'distance' : '200', - 'next_hop_vrf' : 'default', - }, - '172.16.0.0/12' : { - 'next_hop' : '192.0.2.3', - 'next_hop_vrf' : 'default', - }, - '192.168.0.0/16' : { - 'next_hop' : '192.0.2.3', - }, - '2001:db8:1000::/48' : { - 'next_hop' : '2001:db8::2', - }, - } - - table = '2000' - for vrf in vrfs: - base = base_path + ['name', vrf] - self.session.set(base + ['table', str(table)]) - - # required interface for leaking to default table - self.session.set(['interfaces', 'ethernet', 'eth0', 'address', '192.0.2.1/24']) - - # we also need an interface in "UP" state to install routes - self.session.set(['interfaces', 'dummy', f'dum{table}', 'vrf', vrf]) - self.session.set(['interfaces', 'dummy', f'dum{table}', 'address', '192.0.2.1/24']) - self.session.set(['interfaces', 'dummy', f'dum{table}', 'address', '2001:db8::1/64']) - table = str(int(table) + 1) - - proto_base = ['protocols', 'vrf', vrf, 'static'] - for route, route_config in routes.items(): - route_type = 'route' - if is_ipv6(route): - route_type = 'route6' - self.session.set(proto_base + [route_type, route, 'next-hop', route_config['next_hop']]) - if 'distance' in route_config: - self.session.set(proto_base + [route_type, route, 'next-hop', route_config['next_hop'], 'distance', route_config['distance']]) - if 'next_hop_vrf' in route_config: - self.session.set(proto_base + [route_type, route, 'next-hop', route_config['next_hop'], 'next-hop-vrf', route_config['next_hop_vrf']]) - - # commit changes - self.session.commit() - - # Verify routes - table = '2000' - for vrf in vrfs: - for route, route_config in routes.items(): - if is_ipv6(route): - tmp = get_vrf_ipv6_routes(vrf) - else: - tmp = get_vrf_ipv4_routes(vrf) - - found = False - for result in tmp: - if 'dst' in result and result['dst'] == route: - if 'gateway' in result and result['gateway'] == route_config['next_hop']: - found = True - - self.assertTrue(found) - - # Cleanup - self.session.delete(['protocols', 'vrf', vrf]) - self.session.delete(['interfaces', 'dummy', f'dum{table}']) - self.session.delete(['interfaces', 'ethernet', 'eth0', 'address', '192.0.2.1/24']) - - table = str(int(table) + 1) - if __name__ == '__main__': unittest.main(verbosity=2) diff --git a/src/conf_mode/protocols_static.py b/src/conf_mode/protocols_static.py new file mode 100755 index 000000000..62a3fecd7 --- /dev/null +++ b/src/conf_mode/protocols_static.py @@ -0,0 +1,102 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2021 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +import os + +from sys import exit + +from vyos.config import Config +from vyos.template import render +from vyos.template import render_to_string +from vyos.util import call +from vyos.configverify import verify_route_maps +from vyos import ConfigError +from vyos import frr +from vyos import airbag +airbag.enable() + +config_file = r'/tmp/static.frr' +frr_daemon = 'staticd' + +DEBUG = os.path.exists('/tmp/static.debug') +if DEBUG: + import logging + lg = logging.getLogger("vyos.frr") + lg.setLevel(logging.DEBUG) + ch = logging.StreamHandler() + lg.addHandler(ch) + +def get_config(config=None): + if config: + conf = config + else: + conf = Config() + base = ['protocols', 'static'] + static = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True) + return static + +def verify(static): + verify_route_maps(static) + return None + +def generate(static): + # render(config) not needed, its only for debug + render(config_file, 'frr/static.frr.tmpl', static) + static['new_frr_config'] = render_to_string('frr/static.frr.tmpl', static) + + return None + +def apply(static): + # Save original configuration prior to starting any commit actions + frr_cfg = frr.FRRConfig() + frr_cfg.load_configuration(frr_daemon) + frr_cfg.modify_section(r'^ip route .*', '') + frr_cfg.modify_section(r'^ipv6 route .*', '') + frr_cfg.add_before(r'(interface .*|line vty)', static['new_frr_config']) + + # Debugging + if DEBUG: + from pprint import pprint + print('') + print('--------- DEBUGGING ----------') + pprint(dir(frr_cfg)) + print('Existing config:\n') + for line in frr_cfg.original_config: + print(line) + print(f'Replacement config:\n') + print(f'{static["new_frr_config"]}') + print(f'Modified config:\n') + print(f'{frr_cfg}') + + frr_cfg.commit_configuration(frr_daemon) + + # If FRR config is blank, rerun the blank commit x times due to frr-reload + # behavior/bug not properly clearing out on one commit. + if static['new_frr_config'] == '': + for a in range(5): + frr_cfg.commit_configuration(frr_daemon) + + return None + +if __name__ == '__main__': + try: + c = get_config() + verify(c) + generate(c) + apply(c) + except ConfigError as e: + print(e) + exit(1) diff --git a/src/conf_mode/protocols_vrf.py b/src/conf_mode/protocols_vrf.py new file mode 100755 index 000000000..7c32c7013 --- /dev/null +++ b/src/conf_mode/protocols_vrf.py @@ -0,0 +1,100 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2021 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +import os + +from sys import exit + +from vyos.config import Config +from vyos.template import render +from vyos.template import render_to_string +from vyos.util import call +from vyos import ConfigError +from vyos import frr +from vyos import airbag +airbag.enable() + +config_file = r'/tmp/vrf.frr' +frr_daemon = 'staticd' + +DEBUG = os.path.exists('/tmp/vrf.debug') +if DEBUG: + import logging + lg = logging.getLogger("vyos.frr") + lg.setLevel(logging.DEBUG) + ch = logging.StreamHandler() + lg.addHandler(ch) + +def get_config(config=None): + if config: + conf = config + else: + conf = Config() + base = ['protocols', 'vrf'] + vrf = conf.get_config_dict(base, key_mangling=('-', '_')) + return vrf + +def verify(vrf): + + return None + +def generate(vrf): + # render(config) not needed, its only for debug + render(config_file, 'frr/vrf.frr.tmpl', vrf) + vrf['new_frr_config'] = render_to_string('frr/vrf.frr.tmpl', vrf) + + return None + +def apply(vrf): + # Save original configuration prior to starting any commit actions + frr_cfg = frr.FRRConfig() + frr_cfg.load_configuration(frr_daemon) + frr_cfg.modify_section(r'vrf \S+', '') + frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', vrf['new_frr_config']) + + # Debugging + if DEBUG: + from pprint import pprint + print('') + print('--------- DEBUGGING ----------') + pprint(dir(frr_cfg)) + print('Existing config:\n') + for line in frr_cfg.original_config: + print(line) + print(f'Replacement config:\n') + print(f'{vrf["new_frr_config"]}') + print(f'Modified config:\n') + print(f'{frr_cfg}') + + frr_cfg.commit_configuration(frr_daemon) + + # If FRR config is blank, rerun the blank commit x times due to frr-reload + # behavior/bug not properly clearing out on one commit. + if vrf['new_frr_config'] == '': + for a in range(5): + frr_cfg.commit_configuration(frr_daemon) + + return None + +if __name__ == '__main__': + try: + c = get_config() + verify(c) + generate(c) + apply(c) + except ConfigError as e: + print(e) + exit(1) diff --git a/src/migration-scripts/interfaces/18-to-19 b/src/migration-scripts/interfaces/18-to-19 index e24421c90..965b76a04 100755 --- a/src/migration-scripts/interfaces/18-to-19 +++ b/src/migration-scripts/interfaces/18-to-19 @@ -14,7 +14,8 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. -from sys import exit, argv +from sys import argv +from sys import exit from vyos.configtree import ConfigTree if __name__ == '__main__': @@ -41,6 +42,11 @@ if __name__ == '__main__': config.copy(ip_ospf, ['protocols', 'ospf', 'interface', interface]) config.delete(ip_ospf) + # if "ip ospf" was the only setting, we can clean out the empty + # ip node afterwards + if len(config.list_nodes(ip_ospf[:-1])) == 0: + config.delete(ip_ospf[:-1]) + vif_path = ['interfaces', type, interface, 'vif'] if config.exists(vif_path): for vif in config.list_nodes(vif_path): @@ -51,6 +57,11 @@ if __name__ == '__main__': config.copy(vif_ospf_path, ['protocols', 'ospf', 'interface', f'{interface}.{vif}']) config.delete(vif_ospf_path) + # if "ip ospf" was the only setting, we can clean out the empty + # ip node afterwards + if len(config.list_nodes(vif_ospf_path[:-1])) == 0: + config.delete(vif_ospf_path[:-1]) + vif_s_path = ['interfaces', type, interface, 'vif-s'] if config.exists(vif_s_path): for vif_s in config.list_nodes(vif_s_path): @@ -70,8 +81,18 @@ if __name__ == '__main__': config.copy(vif_c_ospf_path, ['protocols', 'ospf', 'interface', f'{interface}.{vif_s}.{vif_c}']) config.delete(vif_c_ospf_path) + # if "ip ospf" was the only setting, we can clean out the empty + # ip node afterwards + if len(config.list_nodes(vif_c_ospf_path[:-1])) == 0: + config.delete(vif_c_ospf_path[:-1]) + config.delete(vif_s_ospf_path) + # if "ip ospf" was the only setting, we can clean out the empty + # ip node afterwards + if len(config.list_nodes(vif_s_ospf_path[:-1])) == 0: + config.delete(vif_s_ospf_path[:-1]) + try: with open(file_name, 'w') as f: f.write(config.to_string()) diff --git a/src/migration-scripts/quagga/7-to-8 b/src/migration-scripts/quagga/7-to-8 new file mode 100755 index 000000000..9c277a6f1 --- /dev/null +++ b/src/migration-scripts/quagga/7-to-8 @@ -0,0 +1,122 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2021 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +# - T2450: drop interface-route and interface-route6 from "protocols static" + +from sys import argv +from sys import exit + +from vyos.configtree import ConfigTree + +def migrate_interface_route(config, base, path, route_route6): + """ Generic migration function which can be called on every instance of + interface-route, beeing it ipv4, ipv6 or nested under the "static table" nodes. + + What we do? + - Drop 'interface-route' or 'interface-route6' and migrate the route unter the + 'route' or 'route6' tag node. + """ + if config.exists(base + path): + for route in config.list_nodes(base + path): + interface = config.list_nodes(base + path + [route, 'next-hop-interface']) + + tmp = base + path + [route, 'next-hop-interface'] + for interface in config.list_nodes(tmp): + new_base = base + [route_route6, route, 'interface'] + config.set(new_base) + config.set_tag(base + [route_route6]) + config.set_tag(new_base) + config.copy(tmp + [interface], new_base + [interface]) + + config.delete(base + path) + +def migrate_route(config, base, path, route_route6): + """ Generic migration function which can be called on every instance of + route, beeing it ipv4, ipv6 or even nested under the static table nodes. + + What we do? + - for consistency reasons rename next-hop-interface to interface + - for consistency reasons rename next-hop-vrf to vrf + """ + if config.exists(base + path): + for route in config.list_nodes(base + path): + next_hop = base + path + [route, 'next-hop'] + if config.exists(next_hop): + for gateway in config.list_nodes(next_hop): + # IPv4 routes calls it next-hop-interface, rename this to + # interface instead so it's consitent with IPv6 + interface_path = next_hop + [gateway, 'next-hop-interface'] + if config.exists(interface_path): + config.rename(interface_path, 'interface') + + # When VRFs got introduced, I (c-po) named it next-hop-vrf, + # we can also call it vrf which is simply shorter. + vrf_path = next_hop + [gateway, 'next-hop-vrf'] + if config.exists(vrf_path): + config.rename(vrf_path, 'vrf') + + +if (len(argv) < 2): + print("Must specify file name!") + exit(1) + +file_name = argv[1] + +with open(file_name, 'r') as f: + config_file = f.read() + +base = ['protocols', 'static'] + +config = ConfigTree(config_file) +if not config.exists(base): + # Nothing to do + exit(0) + +# Migrate interface-route into route +migrate_interface_route(config, base, ['interface-route'], 'route') + +# Migrate interface-route6 into route6 +migrate_interface_route(config, base, ['interface-route6'], 'route6') + +# Cleanup nodes inside route +migrate_route(config, base, ['route'], 'route') + +# Cleanup nodes inside route6 +migrate_route(config, base, ['route6'], 'route6') + +# +# PBR table cleanup +table_path = base + ['table'] +if config.exists(table_path): + for table in config.list_nodes(table_path): + # Migrate interface-route into route + migrate_interface_route(config, table_path + [table], ['interface-route'], 'route') + + # Migrate interface-route6 into route6 + migrate_interface_route(config, table_path + [table], ['interface-route6'], 'route6') + + # Cleanup nodes inside route + migrate_route(config, table_path + [table], ['route'], 'route') + + # Cleanup nodes inside route6 + migrate_route(config, table_path + [table], ['route6'], 'route6') + +try: + with open(file_name, 'w') as f: + f.write(config.to_string()) +except OSError as e: + print("Failed to save the modified config: {}".format(e)) + exit(1) diff --git a/src/migration-scripts/vrf/0-to-1 b/src/migration-scripts/vrf/0-to-1 new file mode 100755 index 000000000..29b2fab74 --- /dev/null +++ b/src/migration-scripts/vrf/0-to-1 @@ -0,0 +1,112 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2021 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +# - T2450: drop interface-route and interface-route6 from "protocols vrf" + +from sys import argv +from sys import exit +from vyos.configtree import ConfigTree + +if (len(argv) < 2): + print("Must specify file name!") + exit(1) + +file_name = argv[1] + +with open(file_name, 'r') as f: + config_file = f.read() + +base = ['protocols', 'vrf'] +config = ConfigTree(config_file) + +if not config.exists(base): + # Nothing to do + exit(0) + +for vrf in config.list_nodes(base): + static_base = base + [vrf, 'static'] + if not config.exists(static_base): + continue + + # + # Migrate interface-route into route + # + interface_route_path = static_base + ['interface-route'] + if config.exists(interface_route_path): + for route in config.list_nodes(interface_route_path): + interface = config.list_nodes(interface_route_path + [route, 'next-hop-interface']) + + tmp = interface_route_path + [route, 'next-hop-interface'] + for interface in config.list_nodes(tmp): + new_base = static_base + ['route', route, 'interface'] + config.set(new_base) + config.set_tag(new_base) + config.copy(tmp + [interface], new_base + [interface]) + + config.delete(interface_route_path) + + # + # Migrate interface-route6 into route6 + # + interface_route_path = static_base + ['interface-route6'] + if config.exists(interface_route_path): + for route in config.list_nodes(interface_route_path): + interface = config.list_nodes(interface_route_path + [route, 'next-hop-interface']) + + tmp = interface_route_path + [route, 'next-hop-interface'] + for interface in config.list_nodes(tmp): + new_base = static_base + ['route6', route, 'interface'] + config.set(new_base) + config.set_tag(new_base) + config.copy(tmp + [interface], new_base + [interface]) + + config.delete(interface_route_path) + + # + # Cleanup nodes inside route + # + route_path = static_base + ['route'] + if config.exists(route_path): + for route in config.list_nodes(route_path): + next_hop = route_path + [route, 'next-hop'] + if config.exists(next_hop): + for gateway in config.list_nodes(next_hop): + interface_path = next_hop + [gateway, 'next-hop-interface'] + if config.exists(interface_path): + config.rename(interface_path, 'interface') + vrf_path = next_hop + [gateway, 'next-hop-vrf'] + if config.exists(vrf_path): + config.rename(vrf_path, 'vrf') + + # + # Cleanup nodes inside route6 + # + route_path = static_base + ['route6'] + if config.exists(route_path): + for route in config.list_nodes(route_path): + next_hop = route_path + [route, 'next-hop'] + if config.exists(next_hop): + for gateway in config.list_nodes(next_hop): + vrf_path = next_hop + [gateway, 'next-hop-vrf'] + if config.exists(vrf_path): + config.rename(vrf_path, 'vrf') + +try: + with open(file_name, 'w') as f: + f.write(config.to_string()) +except OSError as e: + print("Failed to save the modified config: {}".format(e)) + exit(1) diff --git a/src/validators/fqdn b/src/validators/fqdn index 347ffda42..66276c093 100755 --- a/src/validators/fqdn +++ b/src/validators/fqdn @@ -17,11 +17,9 @@ import re import sys - # pattern copied from: https://www.regextester.com/103452 pattern = "(?=^.{4,253}$)(^((?!-)[a-zA-Z0-9-]{0,62}[a-zA-Z0-9]\.)+[a-zA-Z]{2,63}$)" - if __name__ == '__main__': if len(sys.argv) != 2: sys.exit(1) diff --git a/src/validators/interface-name b/src/validators/interface-name new file mode 100755 index 000000000..32cd42fbd --- /dev/null +++ b/src/validators/interface-name @@ -0,0 +1,27 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2021 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +import re +import sys + +pattern = '^(br|bond|dum|en|eth|gnv|peth|pppoe|tun|vti|vtun|vxlan|wg|wlan)[0-9]+|lo$' + +if __name__ == '__main__': + if len(sys.argv) != 2: + sys.exit(1) + if not re.match(pattern, sys.argv[1]): + sys.exit(1) + sys.exit(0) |