mirror/CumulusNetworks-ifupdown2
1
0
Fork 0
mirror of https://github.com/CumulusNetworks/ifupdown2.git synced 2024-05-06 15:54:50 +00:00
Code Activity

addons: address: new policy default_loopback_scope

Browse Source 
The loopback addresses on VRF devices is added with scope global.
The scope must be host to prevent the kernel using the address on external routing/addresses.

Since this change is CL specific we need to control this behavior via policy.
We will re-evaluate later if we make this the default behavior for upstream as well.

Signed-off-by: Julien Fortin <jfortin@nvidia.com>
This commit is contained in:
Julien Fortin
2023-10-03 00:42:04 +02:00
parent b63d4b4f0b
commit 582b0acb9e
2 changed files with 26 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
ifupdown2/addons/address.py
View File

@@ -256,6 +256,13 @@ class address(AddonWithIpBlackList, moduleBase):
attr="check_l3_svi_ip_forwarding")
)
self.default_loopback_scope = policymanager.policymanager_api.get_module_globals(
module_name=self.__class__.__name__,
attr="default_loopback_scope"
)
self.logger.debug(f"policy: default_loopback_scope set to {self.default_loopback_scope}")
self.valid_scopes = self.get_mod_subattr("scope", "validvals")
def __policy_get_default_mtu(self):
default_mtu = policymanager.policymanager_api.get_attr_default(
module_name=self.__class__.__name__,
@@ -520,6 +527,18 @@ class address(AddonWithIpBlackList, moduleBase):
if attr_value:
addr_attributes[attr_name] = attr_value
scope = None
if addr_obj.ip.is_loopback and "scope" not in addr_attributes and self.default_loopback_scope:
scope = addr_attributes["scope"] = self.default_loopback_scope
if scope and scope not in self.valid_scopes:
self.logger.warning(f"{ifname}: invalid scope ({scope}) for {addr}")
self.logger.warning(f"valid scopes: {self.valid_scopes}")
try:
del addr_attributes["scope"]
except:
pass
pointopoint = ifaceobj.get_attr_value_n("pointopoint", index)
try:
if pointopoint: