From 2b002b2b2309942f3ee137e5c2e8427c44038935 Mon Sep 17 00:00:00 2001
From: Jernej Jakob <jernej.jakob@gmail.com>
Date: Fri, 1 May 2020 18:11:13 +0200
Subject: ethernet: T2241: make VRF and bond/bridge membership mutually
 exclusive

---
 src/conf_mode/interfaces-ethernet.py | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/src/conf_mode/interfaces-ethernet.py b/src/conf_mode/interfaces-ethernet.py
index cc6a824dc..468a9040a 100755
--- a/src/conf_mode/interfaces-ethernet.py
+++ b/src/conf_mode/interfaces-ethernet.py
@@ -167,9 +167,7 @@ def verify(eth):
     if eth['dhcpv6_prm_only'] and eth['dhcpv6_temporary']:
         raise ConfigError('DHCPv6 temporary and parameters-only options are mutually exclusive!')
 
-    vrf_name = eth['vrf']
-    if vrf_name and vrf_name not in interfaces():
-        raise ConfigError(f'VRF "{vrf_name}" does not exist')
+    memberof = eth['is_bridge_member'] if eth['is_bridge_member'] else eth['is_bond_member']
 
     conf = Config()
     # some options can not be changed when interface is enslaved to a bond
@@ -180,6 +178,15 @@ def verify(eth):
                 if eth['address']:
                     raise ConfigError(f"Can not assign address to interface {eth['intf']} which is a member of {bond}")
 
+    if eth['vrf']:
+        if eth['vrf'] not in interfaces():
+            raise ConfigError(f'VRF "{eth["vrf"]}" does not exist')
+
+        if memberof:
+            raise ConfigError((
+                    f'Interface "{eth["intf"]}" cannot be member of VRF "{eth["vrf"]}" '
+                    f'and "{memberof}" at the same time!'))
+
     # use common function to verify VLAN configuration
     verify_vlan_config(eth)
     return None
-- 
cgit v1.2.3