diff options
Diffstat (limited to 'src')
-rwxr-xr-x | src/conf_mode/interfaces-wireless.py | 9 | ||||
-rwxr-xr-x | src/conf_mode/vrf.py | 48 |
2 files changed, 37 insertions, 20 deletions
diff --git a/src/conf_mode/interfaces-wireless.py b/src/conf_mode/interfaces-wireless.py index 5289208d9..2e82c6fc9 100755 --- a/src/conf_mode/interfaces-wireless.py +++ b/src/conf_mode/interfaces-wireless.py @@ -1248,6 +1248,9 @@ def get_config(): conf.set_level(cfg_base + ' vif ' + vif) wifi['vif'].append(vlan_to_dict(conf)) + # disable interface + if conf.exists('disable'): + wifi['disable'] = True # retrieve configured regulatory domain conf.set_level('system') @@ -1406,8 +1409,10 @@ def apply(wifi): # configure ARP ignore w.set_arp_ignore(wifi['ip_enable_arp_ignore']) - # enable interface - if not wifi['disable']: + # Enable/Disable interface + if wifi['disable']: + w.set_state('down') + else: w.set_state('up') # Configure interface address(es) diff --git a/src/conf_mode/vrf.py b/src/conf_mode/vrf.py index bdd57177c..8b91d73bb 100755 --- a/src/conf_mode/vrf.py +++ b/src/conf_mode/vrf.py @@ -19,7 +19,8 @@ import jinja2 from sys import exit from copy import deepcopy -from subprocess import check_call, CalledProcessError +from json import loads +from subprocess import check_output, CalledProcessError from vyos.config import Config from vyos.configdict import list_diff @@ -50,14 +51,16 @@ default_config_data = { } def _cmd(command): - """ - Run any arbitrary command on the system - """ try: - check_call(command.split()) + check_output(command.split()) except CalledProcessError as e: raise ConfigError(f'Error changing VRF: {e}') +def list_rules(): + command = 'ip -j -4 rule show' + answer = loads(check_output(command.split()).decode()) + return [_ for _ in answer if _] + def interfaces_with_vrf(match): matched = [] config = Config() @@ -174,7 +177,12 @@ def generate(vrf_config): return None def apply(vrf_config): - # https://github.com/torvalds/linux/blob/master/Documentation/networking/vrf.txt + # Documentation + # + # - https://github.com/torvalds/linux/blob/master/Documentation/networking/vrf.txt + # - https://github.com/Mellanox/mlxsw/wiki/Virtual-Routing-and-Forwarding-(VRF) + # - https://netdevconf.info/1.1/proceedings/slides/ahern-vrf-tutorial.pdf + # - https://netdevconf.info/1.2/slides/oct6/02_ahern_what_is_l3mdev_slides.pdf # set the default VRF global behaviour bind_all = vrf_config['bind_to_all'] @@ -217,20 +225,24 @@ def apply(vrf_config): # re-arrange the tables and move the local lookup furhter down once VRFs # are enabled. - # set "normal" non VRF table lookups - add_pref = '0' - del_pref = '32765' + # get current preference on local table + local_pref = [r.get('priority') for r in list_rules() if r.get('table') == 'local'][0] + + # change preference when VRFs are enabled and local lookup table is default + if not local_pref and vrf_config['vrf_add']: + for af in ['-4', '-6']: + _cmd(f'ip {af} rule add pref 32765 table local') + _cmd(f'ip {af} rule del pref 0') - # Lookup table is adjusted if we are in VRF mode - if vrf_config['vrf_add']: - add_pref = '32765' - del_pref = '0' + # return to default lookup preference when no VRF is configured + if not vrf_config['vrf_add']: + for af in ['-4', '-6']: + _cmd(f'ip {af} rule add pref 0 table local') + _cmd(f'ip {af} rule del pref 32765') - # Configure table lookups - _cmd(f'ip -4 rule add pref {add_pref} table local') - _cmd(f'ip -4 rule del pref {del_pref}') - _cmd(f'ip -6 rule add pref {add_pref} table local') - _cmd(f'ip -6 rule del pref {del_pref}') + # clean out l3mdev-table rule if present + if 1000 in [r.get('priority') for r in list_rules() if r.get('priority') == 1000]: + _cmd(f'ip {af} rule del pref 1000') return None |