import os
import signal
-import errno
-import subprocess
+import errno
+import fcntl
import atexit
+import re
+from sets import Set
from ifupdown.iface import *
+from ifupdown.utils import utils
import ifupdown.policymanager as policymanager
import ifupdownaddons
-import ifupdown.rtnetlink_api as rtnetlink_api
+from ifupdown.netlink import netlink
import ifupdown.ifupdownflags as ifupdownflags
from ifupdownaddons.modulebase import moduleBase
from ifupdownaddons.bondutil import bondutil
from ifupdownaddons.iproute2 import iproute2
from ifupdownaddons.dhclient import dhclient
+from ifupdownaddons.utilsbase import *
class vrfPrivFlags:
PROCESSED = 0x1
'creating a vrf device. ' +
'Table id is either \'auto\' or '+
'\'valid routing table id\'',
+ 'validvals': ['auto', '<number>'],
'example': ['vrf-table auto', 'vrf-table 1001']},
'vrf':
{'help' : 'vrf the interface is part of.',
+ 'validvals': ['<text>'],
'example': ['vrf blue']}}}
iproute2_vrf_filename = '/etc/iproute2/rt_tables.d/ifupdown2_vrf_map.conf'
self.bondcmd = None
self.dhclientcmd = None
self.name = self.__class__.__name__
- if ifupdownflags.flags.PERFMODE:
- # if perf mode is set, remove vrf map file.
- # start afresh. PERFMODE is set at boot
+ self.vrf_mgmt_devname = policymanager.policymanager_api.get_module_globals(module_name=self.__class__.__name__, attr='vrf-mgmt-devname')
+
+ if (ifupdownflags.flags.PERFMODE and
+ not (self.vrf_mgmt_devname and os.path.exists('/sys/class/net/%s'
+ %self.vrf_mgmt_devname))):
+ # if perf mode is set (PERFMODE is set at boot), and this is the first
+ # time we are calling ifup at boot (check for mgmt vrf existance at
+ # boot, make sure this is really the first invocation at boot.
+ # ifup is called with PERFMODE at boot multiple times (once for mgmt vrf
+ # and the second time with all auto interfaces). We want to delete
+ # the map file only the first time. This is to avoid accidently
+ # deleting map file with a valid mgmt vrf entry
if os.path.exists(self.iproute2_vrf_filename):
try:
self.logger.info('vrf: removing file %s'
self.logger.debug('vrf: removing file failed (%s)'
%str(e))
try:
- ip_rules = self.exec_command('/sbin/ip rule show').splitlines()
+ ip_rules = utils.exec_command('/sbin/ip rule show').splitlines()
self.ip_rule_cache = [' '.join(r.split()) for r in ip_rules]
except Exception, e:
self.ip_rule_cache = []
- self.logger.warn('%s' %str(e))
+ self.logger.warn('vrf: cache v4: %s' % str(e))
try:
- ip_rules = self.exec_command('/sbin/ip -6 rule show').splitlines()
+ ip_rules = utils.exec_command('/sbin/ip -6 rule show').splitlines()
self.ip6_rule_cache = [' '.join(r.split()) for r in ip_rules]
except Exception, e:
self.ip6_rule_cache = []
- self.logger.warn('%s' %str(e))
+ self.logger.warn('vrf: cache v6: %s' % str(e))
#self.logger.debug("vrf: ip rule cache")
#self.logger.info(self.ip_rule_cache)
#self.logger.info("vrf: ip -6 rule cache")
#self.logger.info(self.ip6_rule_cache)
+ self.l3mdev_checked = False
+ self.l3mdev4_rule = False
+ if self._l3mdev_rule(self.ip_rule_cache):
+ self.l3mdev4_rule = True
+ self.l3mdev_checked = True
+ self.l3mdev6_rule = False
+ if self._l3mdev_rule(self.ip6_rule_cache):
+ self.l3mdev6_rule = True
+ self.l3mdev_checked = True
self._iproute2_vrf_map_initialized = False
self.iproute2_vrf_map = {}
self.iproute2_vrf_map_fd = None
self.vrf_fix_local_table = True
self.vrf_count = 0
- self.vrf_mgmt_devname = policymanager.policymanager_api.get_module_globals(module_name=self.__class__.__name__, attr='vrf-mgmt-devname')
self.vrf_helper = policymanager.policymanager_api.get_module_globals(module_name=self.__class__.__name__, attr='vrf-helper')
+ self.vrf_close_socks_on_down = policymanager.policymanager_api.get_module_globals(module_name=self.__class__.__name__, attr='vrf-close-socks-on-down')
+ self.warn_on_vrf_map_write_err = True
def _iproute2_vrf_map_initialize(self, writetodisk=True):
if self._iproute2_vrf_map_initialized:
iproute2_vrf_map_force_rewrite = False
# read or create /etc/iproute2/rt_tables.d/ifupdown2.vrf_map
if os.path.exists(self.iproute2_vrf_filename):
- vrf_map_fd = open(self.iproute2_vrf_filename, 'r+')
- lines = vrf_map_fd.readlines()
- for l in lines:
- l = l.strip()
- if l[0] == '#':
- continue
- try:
- (table, vrf_name) = l.strip().split()
- if self.iproute2_vrf_map.get(int(table)):
- # looks like the existing file has
- # duplicate entries, force rewrite of the
- # file
- iproute2_vrf_map_force_rewrite = True
+ with open(self.iproute2_vrf_filename, 'r+') as vrf_map_fd:
+ lines = vrf_map_fd.readlines()
+ for l in lines:
+ l = l.strip()
+ if l[0] == '#':
continue
- self.iproute2_vrf_map[int(table)] = vrf_name
- except Exception, e:
- self.logger.info('vrf: iproute2_vrf_map: unable to parse %s'
- %l)
- pass
+ try:
+ (table, vrf_name) = l.strip().split()
+ if self.iproute2_vrf_map.get(int(table)):
+ # looks like the existing file has
+ # duplicate entries, force rewrite of the
+ # file
+ iproute2_vrf_map_force_rewrite = True
+ continue
+ self.iproute2_vrf_map[int(table)] = vrf_name
+ except Exception, e:
+ self.logger.info('vrf: iproute2_vrf_map: unable to parse %s (%s)' %(l, str(e)))
+ pass
vrfs = self.ipcmd.link_get_vrfs()
running_vrf_map = {}
self._iproute2_vrf_map_initialized = True
self.vrf_count = len(self.iproute2_vrf_map)
+ def _iproute2_map_warn(self, errstr):
+ if self.warn_on_vrf_map_write_err:
+ if not os.path.exists('/etc/iproute2/rt_tables.d/'):
+ self.logger.info('unable to save iproute2 vrf to table ' +
+ 'map (%s)\n' %errstr)
+ self.logger.info('cannot find /etc/iproute2/rt_tables.d.' +
+ ' pls check if your iproute2 version' +
+ ' supports rt_tables.d')
+ else:
+ self.logger.warn('unable to open iproute2 vrf to table ' +
+ 'map (%s)\n' %errstr)
+ self.warn_on_vrf_map_write_err = False
+
def _iproute2_vrf_map_sync_to_disk(self):
if (ifupdownflags.flags.DRYRUN or
not self.iproute2_vrf_map_sync_to_disk):
return
self.logger.info('vrf: syncing table map to %s'
%self.iproute2_vrf_filename)
- with open(self.iproute2_vrf_filename, 'w') as f:
- f.write(self.iproute2_vrf_filehdr %(self.vrf_table_id_start,
- self.vrf_table_id_end))
- for t, v in self.iproute2_vrf_map.iteritems():
- f.write('%s %s\n' %(t, v))
- f.flush()
+ try:
+ with open(self.iproute2_vrf_filename, 'w') as f:
+ f.write(self.iproute2_vrf_filehdr %(self.vrf_table_id_start,
+ self.vrf_table_id_end))
+ for t, v in self.iproute2_vrf_map.iteritems():
+ f.write('%s %s\n' %(t, v))
+ f.flush()
+ except Exception, e:
+ self._iproute2_map_warn(str(e))
+ pass
def _iproute2_vrf_map_open(self, sync_vrfs=False, append=False):
self.logger.info('vrf: syncing table map to %s'
try:
self.iproute2_vrf_map_fd = open(self.iproute2_vrf_filename,
'%s' %fmode)
+ fcntl.fcntl(self.iproute2_vrf_map_fd, fcntl.F_SETFD, fcntl.FD_CLOEXEC)
except Exception, e:
- self.log_warn('vrf: error opening %s (%s)'
- %(self.iproute2_vrf_filename, str(e)))
+ self._iproute2_map_warn(str(e))
return
if not append:
self.iproute2_vrf_map_fd.flush()
self.vrf_count += 1
return
-
if old_vrf_name != vrfifaceobj.name:
self.log_error('table id %d already assigned to vrf dev %s'
%(table_id, old_vrf_name))
self.iproute2_vrf_map_sync_to_disk = True
del self.iproute2_vrf_map[int(table_id)]
except Exception, e:
- self.logger.info('vrf: iproute2 vrf map del failed for %d (%s)'
+ self.logger.info('vrf: iproute2 vrf map del failed for %s (%s)'
%(table_id, str(e)))
pass
return True
def _up_vrf_slave_without_master(self, ifacename, vrfname, ifaceobj,
- ifaceobj_getfunc):
+ vrf_master_objs):
""" If we have a vrf slave that has dhcp configured, bring up the
vrf master now. This is needed because vrf has special handling
in dhclient hook which requires the vrf master to be present """
self.logger.info('%s: vrf master %s exists returning'
%(ifacename, vrf_master))
return
- vrf_master_objs = ifaceobj_getfunc(vrf_master)
- if not vrf_master_objs:
- self.logger.warn('%s: vrf master ifaceobj not found' %ifacename)
- return
self.logger.info('%s: bringing up vrf master %s'
%(ifacename, vrf_master))
for mobj in vrf_master_objs:
raise
break
self._handle_existing_connections(ifaceobj, vrfname)
- self.ipcmd.link_set(ifacename, 'master', vrfname)
+ netlink.link_set_master(ifacename, vrfname)
return
def _down_dhcp_slave(self, ifaceobj, vrfname):
try:
master_exists = True
if vrf_exists or self.ipcmd.link_exists(vrfname):
- upper = self.ipcmd.link_get_upper(ifacename)
- if not upper or upper != vrfname:
+ uppers = self.ipcmd.link_get_uppers(ifacename)
+ if not uppers or vrfname not in uppers:
self._handle_existing_connections(ifaceobj, vrfname)
- self.ipcmd.link_set(ifacename, 'master', vrfname)
- elif ifupdownflags.flags.ALL and ifaceobj:
- self._up_vrf_slave_without_master(ifacename, vrfname, ifaceobj,
- ifaceobj_getfunc)
+ netlink.link_set_master(ifacename, vrfname)
+ elif ifaceobj:
+ vrf_master_objs = ifaceobj_getfunc(vrfname)
+ if not vrf_master_objs:
+ # this is the case where vrf is assigned to an interface
+ # but user has not provided a vrf interface.
+ # people expect you to warn them but go ahead with the
+ # rest of the config on that interface
+ netlink.link_set_updown(ifacename, "up")
+ self.log_error('vrf master ifaceobj %s not found'
+ %vrfname)
+ return
+ if (ifupdownflags.flags.ALL or
+ ifupdownflags.flags.WITH_DEPENDS or
+ (ifupdownflags.flags.CLASS and
+ ifaceobj.classes and vrf_master_objs[0].classes and
+ Set(ifaceobj.classes).intersection(vrf_master_objs[0].classes))):
+ self._up_vrf_slave_without_master(ifacename, vrfname,
+ ifaceobj,
+ vrf_master_objs)
+ else:
+ master_exists = False
else:
master_exists = False
if master_exists:
- rtnetlink_api.rtnl_api.link_set(ifacename, "up")
+ netlink.link_set_updown(ifacename, "up")
else:
self.log_error('vrf %s not around, skipping vrf config'
%(vrfname), ifaceobj)
if rule in self.ip_rule_cache:
rule_cmd = ip_rule_cmd %('', pref, 'oif', vrf_dev_name,
vrf_dev_name)
- self.exec_command(rule_cmd)
+ utils.exec_command(rule_cmd)
rule = ip_rule_out_format %(pref, 'iif', vrf_dev_name, vrf_dev_name)
if rule in self.ip_rule_cache:
rule_cmd = ip_rule_cmd %('', pref, 'iif', vrf_dev_name,
vrf_dev_name)
- self.exec_command(rule_cmd)
+ utils.exec_command(rule_cmd)
rule = ip_rule_out_format %(pref, 'oif', vrf_dev_name, vrf_dev_name)
if rule in self.ip6_rule_cache:
rule_cmd = ip_rule_cmd %('-6', pref, 'oif', vrf_dev_name,
vrf_dev_name)
- self.exec_command(rule_cmd)
+ utils.exec_command(rule_cmd)
rule = ip_rule_out_format %(pref, 'iif', vrf_dev_name, vrf_dev_name)
if rule in self.ip6_rule_cache:
rule_cmd = ip_rule_cmd %('-6', pref, 'iif', vrf_dev_name,
vrf_dev_name)
- self.exec_command(rule_cmd)
+ utils.exec_command(rule_cmd)
+
+ def _l3mdev_rule(self, ip_rules):
+ for rule in ip_rules:
+ if not re.search(r"\d.*from\s+all\s+lookup\s+\W?l3mdev-table\W?",
+ rule):
+ continue
+ return True
+ return False
+
+ def _rule_cache_fill(self):
+ ip_rules = utils.exec_command('/sbin/ip rule show').splitlines()
+ self.ip_rule_cache = [' '.join(r.split()) for r in ip_rules]
+ self.l3mdev4_rule = self._l3mdev_rule(self.ip_rule_cache)
+ ip_rules = utils.exec_command('/sbin/ip -6 rule show').splitlines()
+ self.ip6_rule_cache = [' '.join(r.split()) for r in ip_rules]
+ self.l3mdev6_rule = self._l3mdev_rule(self.ip6_rule_cache)
def _add_vrf_rules(self, vrf_dev_name, vrf_table):
pref = 200
rule = '0: from all lookup local'
if rule in self.ip_rule_cache:
try:
- self.exec_command('ip rule del pref 0')
- self.exec_command('ip rule add pref 32765 table local')
+ utils.exec_command('ip rule del pref 0')
+ utils.exec_command('ip rule add pref 32765 table local')
except Exception, e:
- self.logger.info('%s' %str(e))
+ self.logger.info('%s: %s' % (vrf_dev_name, str(e)))
pass
if rule in self.ip6_rule_cache:
try:
- self.exec_command('ip -6 rule del pref 0')
- self.exec_command('ip -6 rule add pref 32765 table local')
+ utils.exec_command('ip -6 rule del pref 0')
+ utils.exec_command('ip -6 rule add pref 32765 table local')
except Exception, e:
- self.logger.info('%s' %str(e))
+ self.logger.info('%s: %s' % (vrf_dev_name, str(e)))
pass
+ if not self.l3mdev_checked:
+ self._rule_cache_fill()
+ self.l3mdev_checked = True
#Example ip rule
#200: from all oif blue lookup blue
#200: from all iif blue lookup blue
rule = ip_rule_out_format %(pref, 'oif', vrf_dev_name, vrf_dev_name)
- if rule not in self.ip_rule_cache:
+ if not self.l3mdev4_rule and rule not in self.ip_rule_cache:
rule_cmd = ip_rule_cmd %('', pref, 'oif', vrf_dev_name,
vrf_dev_name)
- self.exec_command(rule_cmd)
+ utils.exec_command(rule_cmd)
rule = ip_rule_out_format %(pref, 'iif', vrf_dev_name, vrf_dev_name)
- if rule not in self.ip_rule_cache:
+ if not self.l3mdev4_rule and rule not in self.ip_rule_cache:
rule_cmd = ip_rule_cmd %('', pref, 'iif', vrf_dev_name,
vrf_dev_name)
- self.exec_command(rule_cmd)
+ utils.exec_command(rule_cmd)
rule = ip_rule_out_format %(pref, 'oif', vrf_dev_name, vrf_dev_name)
- if rule not in self.ip6_rule_cache:
+ if not self.l3mdev6_rule and rule not in self.ip6_rule_cache:
rule_cmd = ip_rule_cmd %('-6', pref, 'oif', vrf_dev_name,
vrf_dev_name)
- self.exec_command(rule_cmd)
+ utils.exec_command(rule_cmd)
rule = ip_rule_out_format %(pref, 'iif', vrf_dev_name, vrf_dev_name)
- if rule not in self.ip6_rule_cache:
+ if not self.l3mdev6_rule and rule not in self.ip6_rule_cache:
rule_cmd = ip_rule_cmd %('-6', pref, 'iif', vrf_dev_name,
vrf_dev_name)
- self.exec_command(rule_cmd)
+ utils.exec_command(rule_cmd)
+
+ def _is_address_virtual_slaves(self, vrfobj, config_vrfslaves,
+ vrfslave):
+ # Address virtual lines on a vrf slave will create
+ # macvlan devices on the vrf slave and enslave them
+ # to the vrf master. This function checks if the
+ # vrf slave is such a macvlan interface.
+ # XXX: additional possible checks that can be done here
+ # are:
+ # - check if it is also a macvlan device of the
+ # format <vrf_slave>-v<int> created by the
+ # address virtual module
+ vrfslave_lowers = self.ipcmd.link_get_lowers(vrfslave)
+ if vrfslave_lowers:
+ if vrfslave_lowers[0] in config_vrfslaves:
+ return True
+ return False
def _add_vrf_slaves(self, ifaceobj, ifaceobj_getfunc=None):
running_slaves = self.ipcmd.link_get_lowers(ifaceobj.name)
if del_slaves:
for s in del_slaves:
try:
+ if self._is_address_virtual_slaves(ifaceobj,
+ config_slaves, s):
+ continue
sobj = None
if ifaceobj_getfunc:
sobj = ifaceobj_getfunc(s)
if ifaceobj.link_type == ifaceLinkType.LINK_MASTER:
for s in config_slaves:
try:
- rtnetlink_api.rtnl_api.link_set(s, "up")
+ netlink.link_set_updown(s, "up")
except Exception, e:
- self.logger.debug('%s: %s: link set up (%s)'
- %(ifaceobj.name, s, str(e)))
+ self.logger.debug('%s: %s' % (ifaceobj.name, str(e)))
pass
def _set_vrf_dev_processed_flag(self, ifaceobj):
%(str(self.system_reserved_rt_tables.values())),
ifaceobj)
if self.vrf_count == self.vrf_max_count:
- self.log_error('%s: max vrf count %d hit...not '
- 'creating vrf' %(ifaceobj.name,
- self.vrf_count), ifaceobj)
+ self.log_error('max vrf count %d hit...not '
+ 'creating vrf' % self.vrf_count, ifaceobj)
if vrf_table == 'auto':
vrf_table = self._get_avail_vrf_table_id()
if not vrf_table:
- self.log_error('%s: unable to get an auto table id'
- %ifaceobj.name, ifaceobj)
+ self.log_error('unable to get an auto table id', ifaceobj)
self.logger.info('%s: table id auto: selected table id %s\n'
%(ifaceobj.name, vrf_table))
else:
ifaceobj)
if not vrf_table.isdigit():
- self.log_error('%s: vrf-table must be an integer or \'auto\''
- %(ifaceobj.name), ifaceobj)
+ self.log_error('vrf-table must be an integer or \'auto\'', ifaceobj)
# XXX: If we decide to not allow vrf id usages out of
# the reserved ifupdown range, then uncomment this code.
else:
if (int(vrf_table) < self.vrf_table_id_start or
int(vrf_table) > self.vrf_table_id_end):
- self.log_error('%s: vrf table id %s out of reserved range [%d,%d]'
- %(ifaceobj.name, vrf_table,
+ self.log_error('vrf table id %s out of reserved range [%d,%d]'
+ %(vrf_table,
self.vrf_table_id_start,
self.vrf_table_id_end), ifaceobj)
try:
self.ipcmd.link_create(ifaceobj.name, 'vrf',
{'table' : '%s' %vrf_table})
except Exception, e:
- self.log_error('%s: create failed (%s)\n'
- %(ifaceobj.name, str(e)), ifaceobj)
+ self.log_error('create failed (%s)\n' % str(e), ifaceobj)
if vrf_table != 'auto':
self._iproute2_vrf_table_entry_add(ifaceobj, vrf_table)
else:
if vrf_table == 'auto':
vrf_table = self._get_iproute2_vrf_table(ifaceobj.name)
if not vrf_table:
- self.log_error('%s: unable to get vrf table id'
- %ifaceobj.name, ifaceobj)
+ self.log_error('unable to get vrf table id', ifaceobj)
# if the device exists, check if table id is same
vrfdev_attrs = self.ipcmd.link_get_linkinfo_attrs(ifaceobj.name)
if vrfdev_attrs:
running_table = vrfdev_attrs.get('table', None)
if vrf_table != running_table:
- self.log_error('%s: cannot change vrf table id,running table id %s is different from config id %s' %(ifaceobj.name,
- running_table, vrf_table),
- ifaceobj)
+ self.log_error('cannot change vrf table id,running table id'
+ ' %s is different from config id %s'
+ % (running_table, vrf_table), ifaceobj)
return vrf_table
def _up_vrf_helper(self, ifaceobj, vrf_table):
if ifupdownflags.flags.PERFMODE:
mode = "boot"
if self.vrf_helper:
- self.exec_command('%s create %s %s %s' %(self.vrf_helper,
- ifaceobj.name, vrf_table, mode))
+ utils.exec_command('%s create %s %s %s' %
+ (self.vrf_helper,
+ ifaceobj.name,
+ vrf_table,
+ mode))
def _up_vrf_dev(self, ifaceobj, vrf_table, add_slaves=True,
ifaceobj_getfunc=None):
if add_slaves:
self._add_vrf_slaves(ifaceobj, ifaceobj_getfunc)
self._set_vrf_dev_processed_flag(ifaceobj)
- rtnetlink_api.rtnl_api.link_set(ifaceobj.name, "up")
+ netlink.link_set_updown(ifaceobj.name, "up")
except Exception, e:
self.log_error('%s: %s' %(ifaceobj.name, str(e)), ifaceobj)
#ESTAB 0 0 10.0.1.84:ssh 10.0.1.228:45186
#users:(("sshd",pid=2528,fd=3))
cmdl = ['/bin/ss', '-t', '-p']
- for line in subprocess.check_output(cmdl, stderr=subprocess.STDOUT,
- shell=False).splitlines():
+ for line in utils.exec_commandl(cmdl).splitlines():
citems = line.split()
addr = None
if '%' in citems[3]:
if not proc:
return
- pid = subprocess.check_output(['/bin/ps', '--no-headers',
- '-fp', str(os.getppid())],
- stderr=subprocess.STDOUT,
- shell=False).split()[2]
+ pid = None
+ # outpt of '/usr/bin/pstree -Aps <pid>':
+ # 'systemd(1)---sshd(990)---sshd(16112)---sshd(16126)---bash(16127)---sudo(16756)---ifreload(16761)---pstree(16842)\n'
+ # get the above output to following format
+ # ['systemd(1)', 'sshd(990)', 'sshd(16112)', 'sshd(16126)', 'bash(16127)', 'sudo(16756)', 'ifreload(16761)', 'pstree(16850)']
+ pstree = list(reversed(utils.exec_command('/usr/bin/pstree -Aps %s' %os.getpid()).strip().split('---')))
+ for index, process in enumerate(pstree):
+ # check the parent of SSH process to make sure
+ # we don't kill SSH server or systemd process
+ if 'sshd' in process and 'sshd' in pstree[index + 1]:
+ pid = filter(lambda x: x.isdigit(), process)
+ break
self.logger.info("%s: killing active ssh sessions: %s"
%(ifacename, str(proc)))
if ifupdownflags.flags.PERFMODE:
mode = "boot"
if self.vrf_helper:
- self.exec_command('%s delete %s %s %s' %(self.vrf_helper,
- ifaceobj.name, vrf_table, mode))
+ utils.exec_command('%s delete %s %s %s' %
+ (self.vrf_helper,
+ ifaceobj.name,
+ vrf_table,
+ mode))
+
+ def _close_sockets(self, ifaceobj, ifindex):
+ if not self.vrf_close_socks_on_down:
+ return
+
+ try:
+ utils.exec_command('/bin/ss -aK \"dev == %s\"'
+ %ifindex)
+ except Exception, e:
+ self.logger.info('%s: closing socks using ss'
+ ' failed (%s)\n' %(ifaceobj.name, str(e)))
+ pass
def _down_vrf_dev(self, ifaceobj, vrf_table, ifaceobj_getfunc=None):
+ if not self.ipcmd.link_exists(ifaceobj.name):
+ return
+
if vrf_table == 'auto':
vrf_table = self._get_iproute2_vrf_table(ifaceobj.name)
pass
try:
self.ipcmd.addr_flush(s)
- rtnetlink_api.rtnl_api.link_set(s, "down")
+ netlink.link_set_updown(s, "down")
except Exception, e:
self.logger.info('%s: %s' %(ifaceobj.name, str(e)))
pass
- self._down_vrf_helper(ifaceobj, vrf_table)
+ try:
+ self._down_vrf_helper(ifaceobj, vrf_table)
+ except Exception, e:
+ self.logger.warn('%s: %s' %(ifaceobj.name, str(e)))
+ pass
try:
self._del_vrf_rules(ifaceobj.name, vrf_table)
self.logger.info('%s: %s' %(ifaceobj.name, str(e)))
pass
+ ifindex = self.ipcmd.link_get_ifindex(ifaceobj.name)
+
try:
self.ipcmd.link_delete(ifaceobj.name)
except Exception, e:
self.logger.info('%s: %s' %(ifaceobj.name, str(e)))
pass
+ self._close_sockets(ifaceobj, ifindex)
+
try:
self._iproute2_vrf_table_entry_del(vrf_table)
except Exception, e:
def _down_vrf_slave(self, ifacename, ifaceobj=None, vrfname=None):
try:
self._handle_existing_connections(ifaceobj, vrfname)
- self.ipcmd.link_set(ifacename, 'nomaster')
- rtnetlink_api.rtnl_api.link_set(ifacename, "down")
+ netlink.link_set_nomaster(ifacename)
+ # Down this slave only if it is a slave ifupdown2 manages.
+ # we dont want to down slaves that maybe up'ed by
+ # somebody else. One such example is a macvlan device
+ # which ifupdown2 addressvirtual addon module auto creates
+ if ifaceobj:
+ netlink.link_set_updown(ifacename, "down")
except Exception, e:
self.logger.warn('%s: %s' %(ifacename, str(e)))
return
if self.vrf_helper:
try:
- self.exec_command('%s verify %s %s'
+ utils.exec_command('%s verify %s %s'
%(self.vrf_helper,
ifaceobj.name, config_table))
ifaceobjcurr.update_config_with_status('vrf-helper',
if running_table:
ifaceobjrunning.update_config('vrf-table',
running_table)
- elif kind == 'vrf_slave':
+ return
+ slave_kind = self.ipcmd.link_get_slave_kind(ifaceobjrunning.name)
+ if slave_kind == 'vrf_slave':
vrf = self.ipcmd.link_get_master(ifaceobjrunning.name)
if vrf:
ifaceobjrunning.update_config('vrf', vrf)