From 9541355433e202fade4692851bffa33ba9d48f44 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 20 Dec 2020 12:33:18 +0100 Subject: dhcpv6: T3134: add missing duid support --- python/vyos/ifconfig/interface.py | 44 ++++++++++++++++++++++++++------------- 1 file changed, 29 insertions(+), 15 deletions(-) (limited to 'python') diff --git a/python/vyos/ifconfig/interface.py b/python/vyos/ifconfig/interface.py index 7026223b1..18357125b 100644 --- a/python/vyos/ifconfig/interface.py +++ b/python/vyos/ifconfig/interface.py @@ -13,14 +13,15 @@ # You should have received a copy of the GNU Lesser General Public # License along with this library. If not, see . -from netifaces import interfaces import os import re import json import jmespath +from binascii import unhexlify from copy import deepcopy from glob import glob +from netifaces import interfaces from ipaddress import IPv4Network from ipaddress import IPv6Address @@ -733,7 +734,7 @@ class Interface(Control): >>> Interface('eth0').set_proxy_arp_pvlan(1) """ self.set_interface('proxy_arp_pvlan', enable) - + def get_addr(self): """ @@ -889,7 +890,7 @@ class Interface(Control): # drop all interface addresses first self.flush_addrs() - + ifname = self.ifname for bridge, bridge_config in bridge_dict.items(): @@ -903,18 +904,18 @@ class Interface(Control): # set bridge port path priority if 'priority' in bridge_config: self.set_path_cost(bridge_config['priority']) - + vlan_filter = 0 vlan_add = set() - + del_ifname_vlan_ids = get_vlan_ids(ifname) bridge_vlan_filter = Section.klass(bridge)(bridge, create=True).get_vlan_filter() - + if bridge_vlan_filter: if 1 in del_ifname_vlan_ids: del_ifname_vlan_ids.remove(1) vlan_filter = 1 - + for vlan in del_ifname_vlan_ids: cmd = f'bridge vlan del dev {ifname} vid {vlan}' self._cmd(cmd) @@ -937,13 +938,13 @@ class Interface(Control): cmd = f'bridge vlan add dev {self.ifname} vid {vlan} master' self._cmd(cmd) vlan_add.add(vlan) - + if vlan_filter: # Setting VLAN ID for the bridge for vlan in vlan_add: cmd = f'bridge vlan add dev {bridge} vid {vlan} self' self._cmd(cmd) - + # enable/disable Vlan Filter # When the VLAN aware option is not detected, the setting of `bridge` should not be overwritten Section.klass(bridge)(bridge, create=True).set_vlan_filter(vlan_filter) @@ -999,11 +1000,22 @@ class Interface(Control): ifname = self.ifname config_file = f'/run/dhcp6c/dhcp6c.{ifname}.conf' + duid_file = f'/var/lib/dhcpv6/dhcp6c_duid' if enable and 'disable' not in self._config: render(config_file, 'dhcp-client/ipv6.tmpl', self._config) + duid = dict_search('dhcpv6_options.duid', self._config) + if duid != None: + # DUID file path hardcoded and must be written as binary. + # https://github.com/jinmei/wide-dhcpv6/blob/24ee2a4f0009bc/dhcp6c.h#L33 + with open(duid_file, 'wb') as f: + f.write(unhexlify(duid.replace(':', '').encode())) + else: + if os.path.isfile(duid_file): + os.remove(duid_file) + # We must ignore any return codes. This is required to enable DHCPv6-PD # for interfaces which are yet not up and running. return self._popen(f'systemctl restart dhcp6c@{ifname}.service') @@ -1012,6 +1024,8 @@ class Interface(Control): if os.path.isfile(config_file): os.remove(config_file) + if os.path.isfile(duid_file): + os.remove(duid_file) def get_tc_config(self,objectname): # Parse configuration @@ -1041,7 +1055,7 @@ class Interface(Control): # Remove existing mirroring rules self.del_tc_qdisc(ifname,'ingress','ffff:') self.del_tc_qdisc(ifname,'prio','1:') - + # Setting up packet mirroring ingress_mirror = dict_search('mirror.ingress', self._config) # if interface does yet not exist bail out early and @@ -1053,7 +1067,7 @@ class Interface(Control): # Export the mirrored traffic to the interface mirror_cmd = f'tc filter add dev {ifname} parent ffff: protocol all prio 10 u32 match u32 0 0 flowid 1:1 action mirred egress mirror dev {ingress_mirror}' self._cmd(mirror_cmd) - + egress_mirror = dict_search('mirror.egress', self._config) # if interface does yet not exist bail out early and # add it later @@ -1071,14 +1085,14 @@ class Interface(Control): # https://man7.org/linux/man-pages/man8/tc-mirred.8.html ifname = self._config['ifname'] mirror_rules = self._config.get('is_monitor_intf') - + # Remove existing mirroring rules # The rule must be completely deleted first for rule in mirror_rules: for intf, dire in rule.items(): self.del_tc_qdisc(intf,'ingress','ffff:') self.del_tc_qdisc(intf,'prio','1:') - + # Setting mirror rules for rule in mirror_rules: for intf, dire in rule.items(): @@ -1265,11 +1279,11 @@ class Interface(Control): if 'is_bridge_member' in config: bridge_dict = config.get('is_bridge_member') self.add_to_bridge(bridge_dict) - + # Re-set rules for the mirror monitoring interface if 'is_monitor_intf' in config: self.apply_mirror_of_monitor() - + # remove no longer required 802.1ad (Q-in-Q VLANs) ifname = config['ifname'] for vif_s_id in config.get('vif_s_remove', {}): -- cgit v1.2.3