From cc9be6701d01bc5a229f339d21746bc9250972b5 Mon Sep 17 00:00:00 2001 From: Jernej Jakob Date: Mon, 11 May 2020 17:37:45 +0200 Subject: interface: T2449: add ability to set accept_ra --- python/vyos/ifconfig/interface.py | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) (limited to 'python') diff --git a/python/vyos/ifconfig/interface.py b/python/vyos/ifconfig/interface.py index 7b42e3399..61f2c6482 100644 --- a/python/vyos/ifconfig/interface.py +++ b/python/vyos/ifconfig/interface.py @@ -134,8 +134,12 @@ class Interface(Control): 'validate': assert_boolean, 'location': '/proc/sys/net/ipv4/conf/{ifname}/arp_ignore', }, + 'ipv6_accept_ra': { + 'validate': lambda ara: assert_range(ara,0,3), + 'location': '/proc/sys/net/ipv6/conf/{ifname}/accept_ra', + }, 'ipv6_autoconf': { - 'validate': lambda fwd: assert_range(fwd,0,2), + 'validate': lambda aco: assert_range(aco,0,2), 'location': '/proc/sys/net/ipv6/conf/{ifname}/autoconf', }, 'ipv6_forwarding': { @@ -409,6 +413,21 @@ class Interface(Control): """ return self.set_interface('arp_ignore', arp_ignore) + def set_ipv6_accept_ra(self, accept_ra): + """ + Accept Router Advertisements; autoconfigure using them. + + It also determines whether or not to transmit Router Solicitations. + If and only if the functional setting is to accept Router + Advertisements, Router Solicitations will be transmitted. + + 0 - Do not accept Router Advertisements. + 1 - (default) Accept Router Advertisements if forwarding is disabled. + 2 - Overrule forwarding behaviour. Accept Router Advertisements even if + forwarding is enabled. + """ + return self.set_interface('ipv6_accept_ra', accept_ra) + def set_ipv6_autoconf(self, autoconf): """ Autoconfigure addresses using Prefix Information in Router -- cgit v1.2.3 From 126f2a3bdd2b91d828b7057d6b53a96f957a23df Mon Sep 17 00:00:00 2001 From: Jernej Jakob Date: Mon, 11 May 2020 17:38:59 +0200 Subject: configdict: T2449: set accept_ra=2 if ipv6 address autoconf or dhcpv6 is set To make SLAAC and DHCPv6 work when forwarding=1, accept_ra must be 2 (default for accept_ra is 1). --- python/vyos/configdict.py | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'python') diff --git a/python/vyos/configdict.py b/python/vyos/configdict.py index 5ca369f66..7c1ecdd5d 100644 --- a/python/vyos/configdict.py +++ b/python/vyos/configdict.py @@ -348,6 +348,11 @@ def intf_to_dict(conf, default): # If the interface does not exist, it could not have changed pass + # to make IPv6 SLAAC and DHCPv6 work with forwarding=1, + # accept_ra must be 2 + if intf['ipv6_autoconf'] or 'dhcpv6' in intf['address']: + intf['ipv6_accept_ra'] = 2 + return intf, disable -- cgit v1.2.3 From 86e6b946ffeda358264adf07a5c73aae90db1b46 Mon Sep 17 00:00:00 2001 From: Jernej Jakob Date: Mon, 11 May 2020 17:42:23 +0200 Subject: vlan: T2449: set accept_ra on vlan interfaces --- python/vyos/configdict.py | 1 + python/vyos/ifconfig_vlan.py | 2 ++ 2 files changed, 3 insertions(+) (limited to 'python') diff --git a/python/vyos/configdict.py b/python/vyos/configdict.py index 7c1ecdd5d..8325355e8 100644 --- a/python/vyos/configdict.py +++ b/python/vyos/configdict.py @@ -122,6 +122,7 @@ vlan_default = { 'ip_enable_arp_announce': 0, 'ip_enable_arp_ignore': 0, 'ip_proxy_arp': 0, + 'ipv6_accept_ra': 1, 'ipv6_autoconf': 0, 'ipv6_eui64_prefix': [], 'ipv6_eui64_prefix_remove': [], diff --git a/python/vyos/ifconfig_vlan.py b/python/vyos/ifconfig_vlan.py index bb93121e7..6410be9aa 100644 --- a/python/vyos/ifconfig_vlan.py +++ b/python/vyos/ifconfig_vlan.py @@ -101,6 +101,8 @@ def apply_vlan_config(vlan, config): vlan.set_arp_ignore(config['ip_enable_arp_ignore']) # configure Proxy ARP vlan.set_proxy_arp(config['ip_proxy_arp']) + # IPv6 accept RA + vlan.set_ipv6_accept_ra(config['ipv6_accept_ra']) # IPv6 address autoconfiguration vlan.set_ipv6_autoconf(config['ipv6_autoconf']) # IPv6 forwarding -- cgit v1.2.3 From 49fc2c83adfa2c5dc169cae675f65c8e36a7d6c4 Mon Sep 17 00:00:00 2001 From: Jernej Jakob Date: Mon, 11 May 2020 17:58:28 +0200 Subject: ifconfig/dhcp: T2449: remove accept_ra logic as it was wrong Currently accept_ra was set to 0 if 'address dhcpv6' was set on an interface. This is wrong, as without RA, the system will get no routes to the DHCPv6-obtained prefix. Since the logic for accept_ra was moved to the interface scripts, it can be removed from the dhclient code. --- python/vyos/ifconfig/dhcp.py | 6 ------ 1 file changed, 6 deletions(-) (limited to 'python') diff --git a/python/vyos/ifconfig/dhcp.py b/python/vyos/ifconfig/dhcp.py index bf6566c07..57e488cc7 100644 --- a/python/vyos/ifconfig/dhcp.py +++ b/python/vyos/ifconfig/dhcp.py @@ -114,9 +114,6 @@ class _DHCPv6 (Control): render(self.options['options_file'], 'dhcp-client/daemon-options.tmpl', self.options) render(self.options['conf_file'], 'dhcp-client/ipv6.tmpl', self.options) - # no longer accept router announcements on this interface - self._write_sysfs('/proc/sys/net/ipv6/conf/{ifname}/accept_ra'.format(**self.options), 0) - return self._cmd('systemctl restart dhclient6@{ifname}.service'.format(**self.options)) def delete(self): @@ -136,9 +133,6 @@ class _DHCPv6 (Control): self._cmd('systemctl stop dhclient6@{ifname}.service'.format(**self.options)) - # accept router announcements on this interface - self._write_sysfs('/proc/sys/net/ipv6/conf/{ifname}/accept_ra'.format(**self.options), 1) - # cleanup old config files for name in ('conf_file', 'options_file', 'pid_file', 'lease_file'): if os.path.isfile(self.options[name]): -- cgit v1.2.3