From c87a5a1e1f52cddf113f427ea902f45a2e2a8445 Mon Sep 17 00:00:00 2001 From: Jernej Jakob Date: Wed, 22 Apr 2020 12:41:07 +0200 Subject: interfaces: T2362: add node to delete the default IPv6 link-local address --- interface-definitions/include/ipv6-address.xml.i | 6 ++++++ python/vyos/configdict.py | 8 ++++++-- src/conf_mode/interfaces-bonding.py | 8 ++++++-- src/conf_mode/interfaces-bridge.py | 8 ++++++-- src/conf_mode/interfaces-ethernet.py | 8 ++++++-- src/conf_mode/interfaces-l2tpv3.py | 6 ++++-- src/conf_mode/interfaces-openvpn.py | 8 ++++++-- src/conf_mode/interfaces-pseudo-ethernet.py | 8 ++++++-- src/conf_mode/interfaces-vxlan.py | 6 ++++-- src/conf_mode/interfaces-wireless.py | 8 ++++++-- 10 files changed, 56 insertions(+), 18 deletions(-) diff --git a/interface-definitions/include/ipv6-address.xml.i b/interface-definitions/include/ipv6-address.xml.i index ffc6ef933..34f54e4c1 100644 --- a/interface-definitions/include/ipv6-address.xml.i +++ b/interface-definitions/include/ipv6-address.xml.i @@ -19,5 +19,11 @@ + + + Remove the default link-local address from the interface + + + diff --git a/python/vyos/configdict.py b/python/vyos/configdict.py index 9ea89194f..2ce8a795f 100644 --- a/python/vyos/configdict.py +++ b/python/vyos/configdict.py @@ -210,8 +210,12 @@ def vlan_to_dict(conf): eff_addr = conf.return_effective_values('ipv6 address eui64') vlan['ipv6_eui64_prefix_remove'] = list_diff(eff_addr, vlan['ipv6_eui64_prefix']) - # add the link-local by default to make IPv6 work - vlan['ipv6_eui64_prefix'].append('fe80::/64') + # Remove the default link-local address if set. + if conf.exists('ipv6 address no-default-link-local'): + vlan['ipv6_eui64_prefix_remove'].append('fe80::/64') + else: + # add the link-local by default to make IPv6 work + vlan['ipv6_eui64_prefix'].append('fe80::/64') # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): diff --git a/src/conf_mode/interfaces-bonding.py b/src/conf_mode/interfaces-bonding.py index 6693f3a13..4aef486b4 100755 --- a/src/conf_mode/interfaces-bonding.py +++ b/src/conf_mode/interfaces-bonding.py @@ -212,8 +212,12 @@ def get_config(): eff_addr = conf.return_effective_values('ipv6 address eui64') bond['ipv6_eui64_prefix_remove'] = list_diff(eff_addr, bond['ipv6_eui64_prefix']) - # add the link-local by default to make IPv6 work - bond['ipv6_eui64_prefix'].append('fe80::/64') + # Remove the default link-local address if set. + if conf.exists('ipv6 address no-default-link-local'): + bond['ipv6_eui64_prefix_remove'].append('fe80::/64') + else: + # add the link-local by default to make IPv6 work + bond['ipv6_eui64_prefix'].append('fe80::/64') # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): diff --git a/src/conf_mode/interfaces-bridge.py b/src/conf_mode/interfaces-bridge.py index d4470ef26..da49415f7 100755 --- a/src/conf_mode/interfaces-bridge.py +++ b/src/conf_mode/interfaces-bridge.py @@ -170,8 +170,12 @@ def get_config(): eff_addr = conf.return_effective_values('ipv6 address eui64') bridge['ipv6_eui64_prefix_remove'] = list_diff(eff_addr, bridge['ipv6_eui64_prefix']) - # add the link-local by default to make IPv6 work - bridge['ipv6_eui64_prefix'].append('fe80::/64') + # Remove the default link-local address if set. + if conf.exists('ipv6 address no-default-link-local'): + bridge['ipv6_eui64_prefix_remove'].append('fe80::/64') + else: + # add the link-local by default to make IPv6 work + bridge['ipv6_eui64_prefix'].append('fe80::/64') # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): diff --git a/src/conf_mode/interfaces-ethernet.py b/src/conf_mode/interfaces-ethernet.py index db8e2cd3c..43d97916d 100755 --- a/src/conf_mode/interfaces-ethernet.py +++ b/src/conf_mode/interfaces-ethernet.py @@ -185,8 +185,12 @@ def get_config(): eff_addr = conf.return_effective_values('ipv6 address eui64') eth['ipv6_eui64_prefix_remove'] = list_diff(eff_addr, eth['ipv6_eui64_prefix']) - # add the link-local by default to make IPv6 work - eth['ipv6_eui64_prefix'].append('fe80::/64') + # Remove the default link-local address if set. + if conf.exists('ipv6 address no-default-link-local'): + eth['ipv6_eui64_prefix_remove'].append('fe80::/64') + else: + # add the link-local by default to make IPv6 work + eth['ipv6_eui64_prefix'].append('fe80::/64') # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): diff --git a/src/conf_mode/interfaces-l2tpv3.py b/src/conf_mode/interfaces-l2tpv3.py index a18cc6161..8c3a8279e 100755 --- a/src/conf_mode/interfaces-l2tpv3.py +++ b/src/conf_mode/interfaces-l2tpv3.py @@ -117,8 +117,10 @@ def get_config(): if conf.exists('ipv6 address eui64'): l2tpv3['ipv6_eui64_prefix'] = conf.return_values('ipv6 address eui64') - # add the link-local by default to make IPv6 work - l2tpv3['ipv6_eui64_prefix'].append('fe80::/64') + # Remove the default link-local address if set. + if not conf.exists('ipv6 address no-default-link-local'): + # add the link-local by default to make IPv6 work + l2tpv3['ipv6_eui64_prefix'].append('fe80::/64') # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py index 668dcabb4..029bc1d69 100755 --- a/src/conf_mode/interfaces-openvpn.py +++ b/src/conf_mode/interfaces-openvpn.py @@ -325,8 +325,12 @@ def get_config(): eff_addr = conf.return_effective_values('ipv6 address eui64') openvpn['ipv6_eui64_prefix_remove'] = list_diff(eff_addr, openvpn['ipv6_eui64_prefix']) - # add the link-local by default to make IPv6 work - openvpn['ipv6_eui64_prefix'].append('fe80::/64') + # Remove the default link-local address if set. + if conf.exists('ipv6 address no-default-link-local'): + openvpn['ipv6_eui64_prefix_remove'].append('fe80::/64') + else: + # add the link-local by default to make IPv6 work + openvpn['ipv6_eui64_prefix'].append('fe80::/64') # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): diff --git a/src/conf_mode/interfaces-pseudo-ethernet.py b/src/conf_mode/interfaces-pseudo-ethernet.py index 2f86a3bea..57b282291 100755 --- a/src/conf_mode/interfaces-pseudo-ethernet.py +++ b/src/conf_mode/interfaces-pseudo-ethernet.py @@ -167,8 +167,12 @@ def get_config(): eff_addr = conf.return_effective_values('ipv6 address eui64') peth['ipv6_eui64_prefix_remove'] = list_diff(eff_addr, peth['ipv6_eui64_prefix']) - # add the link-local by default to make IPv6 work - peth['ipv6_eui64_prefix'].append('fe80::/64') + # Remove the default link-local address if set. + if conf.exists('ipv6 address no-default-link-local'): + peth['ipv6_eui64_prefix_remove'].append('fe80::/64') + else: + # add the link-local by default to make IPv6 work + peth['ipv6_eui64_prefix'].append('fe80::/64') # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): diff --git a/src/conf_mode/interfaces-vxlan.py b/src/conf_mode/interfaces-vxlan.py index 3ff051eed..74eae4281 100755 --- a/src/conf_mode/interfaces-vxlan.py +++ b/src/conf_mode/interfaces-vxlan.py @@ -120,8 +120,10 @@ def get_config(): if conf.exists('ipv6 address eui64'): vxlan['ipv6_eui64_prefix'] = conf.return_values('ipv6 address eui64') - # add the link-local by default to make IPv6 work - vxlan['ipv6_eui64_prefix'].append('fe80::/64') + # Remove the default link-local address if set. + if not conf.exists('ipv6 address no-default-link-local'): + # add the link-local by default to make IPv6 work + vxlan['ipv6_eui64_prefix'].append('fe80::/64') # Disable IPv6 forwarding on this interface if conf.exists('ipv6 disable-forwarding'): diff --git a/src/conf_mode/interfaces-wireless.py b/src/conf_mode/interfaces-wireless.py index b25a094e2..148a7f6e0 100755 --- a/src/conf_mode/interfaces-wireless.py +++ b/src/conf_mode/interfaces-wireless.py @@ -378,8 +378,12 @@ def get_config(): eff_addr = conf.return_effective_values('ipv6 address eui64') wifi['ipv6_eui64_prefix_remove'] = list_diff(eff_addr, wifi['ipv6_eui64_prefix']) - # add the link-local by default to make IPv6 work - wifi['ipv6_eui64_prefix'].append('fe80::/64') + # Remove the default link-local address if set. + if conf.exists('ipv6 address no-default-link-local'): + wifi['ipv6_eui64_prefix_remove'].append('fe80::/64') + else: + # add the link-local by default to make IPv6 work + wifi['ipv6_eui64_prefix'].append('fe80::/64') # ARP enable ignore if conf.exists('ip enable-arp-ignore'): -- cgit v1.2.3