From 3b27442674e086a873f8ed7df4169363ad8c5c51 Mon Sep 17 00:00:00 2001
From: Viacheslav Hletenko <v.gletenko@vyos.io>
Date: Thu, 9 Mar 2023 10:45:14 +0000
Subject: T5063: IPoE-server ethX vlan must not be used with client-subnet

IPoE-server 'interface ethX vlan xxx' (aka vlan-mon) must not be
used with 'interface ethX client-subnet'
So instead of shared pool accel-ppp uses the same pool for each
dynamically added VLAN

  eth1 client-subnet '192.0.2.0/24'
  eth1 vlan '2000-2021'

It cause this issue:
eth1.2000 range 192.0.2.0/24 (the first client gets address from 192.0.2.2)
eth2.2001 range 192.0.2.0/24 (the first client gets address from 192.0.2.2)

Only named pools with vlan option must be used.
---
 src/conf_mode/service_ipoe-server.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/conf_mode/service_ipoe-server.py b/src/conf_mode/service_ipoe-server.py
index e9afd6a55..9cdfa08ef 100755
--- a/src/conf_mode/service_ipoe-server.py
+++ b/src/conf_mode/service_ipoe-server.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 #
-# Copyright (C) 2018-2022 VyOS maintainers and contributors
+# Copyright (C) 2018-2023 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
@@ -53,8 +53,11 @@ def verify(ipoe):
     if 'interface' not in ipoe:
         raise ConfigError('No IPoE interface configured')
 
-    for interface in ipoe['interface']:
+    for interface, iface_config in ipoe['interface'].items():
         verify_interface_exists(interface)
+        if 'client_subnet' in iface_config and 'vlan' in iface_config:
+            raise ConfigError('Option "client-subnet" incompatible with "vlan"!'
+                              'Use "ipoe client-ip-pool" instead.')
 
     #verify_accel_ppp_base_service(ipoe, local_users=False)
 
-- 
cgit v1.2.3