+ # check bond
+ foreach my $iface (keys %$ifaces) {
+ my $d = $ifaces->{$iface};
+ next if !($d->{type} eq 'bond' && $d->{slaves});
+
+ my $bond_primary_is_slave = undef;
+ foreach my $p (split (/\s+/, $d->{slaves})) {
+ my $n = $ifaces->{$p};
+ $n->{autostart} = 1;
+
+ die "bond '$iface' - unable to find slave '$p'\n" if !$n;
+ die "bond '$iface' - wrong interface type on slave '$p' ('$n->{type}' != 'eth or bond')\n"
+ if ($n->{type} ne 'eth' && $n->{type} ne 'bond');
+
+ $check_mtu->($ifaces, $iface, $p);
+ $bond_primary_is_slave = 1 if $d->{'bond-primary'} && $d->{'bond-primary'} eq $p;
+ }
+ die "bond '$iface' - bond-primary interface is not a slave" if $d->{'bond-primary'} && !$bond_primary_is_slave;
+ }
+
+ # check vxlan
+ my $vxlans = {};
+ foreach my $iface (keys %$ifaces) {
+ my $d = $ifaces->{$iface};
+
+ if ($d->{type} eq 'vxlan' && $d->{'vxlan-id'}) {
+ my $vxlanid = $d->{'vxlan-id'};
+ die "iface $iface - duplicate vxlan-id $vxlanid already used in $vxlans->{$vxlanid}\n" if $vxlans->{$vxlanid};
+ $vxlans->{$vxlanid} = $iface;
+ }
+
+ my $ips = 0;
+ ++$ips if defined $d->{'vxlan-svcnodeip'};
+ ++$ips if defined $d->{'vxlan-remoteip'};
+ ++$ips if defined $d->{'vxlan-local-tunnelip'};
+ if ($ips > 1) {
+ die "iface $iface - vxlan-svcnodeip, vxlan-remoteip and vxlan-localtunnelip are mutually exclusive\n";
+ }
+
+ if (defined($d->{'vxlan-svcnodeip'}) != defined($d->{'vxlan-physdev'})) {
+ die "iface $iface - vxlan-svcnodeip and vxlan-physdev must be define together\n";
+ }
+ #fixme : check if vxlan mtu is lower than 50bytes than physical interface where tunnel is going out
+ }
+
+ # check vlan
+ foreach my $iface (keys %$ifaces) {
+ my $d = $ifaces->{$iface};
+ if ($d->{type} eq 'vlan') {
+
+ my $p = undef;
+ my $vlanid = undef;
+
+ if ($iface =~ m/^(\S+)\.(\d+)$/) {
+ $p = $1;
+ $vlanid = $2;
+ delete $d->{'vlan-raw-device'} if $d->{'vlan-raw-device'};
+ delete $d->{'vlan-id'} if $d->{'vlan-id'};
+
+ } else {
+ die "missing vlan-raw-device option" if !$d->{'vlan-raw-device'};
+ $p = $d->{'vlan-raw-device'};
+
+ if ($iface =~ m/^vlan(\d+)$/) {
+ $vlanid = $1;
+ delete $d->{'vlan-id'} if $d->{'vlan-id'};
+ } else {
+ die "custom vlan interface name need ifupdown2" if !$ifupdown2;
+ die "missing vlan-id option" if !$d->{'vlan-id'};
+ $vlanid = $d->{'vlan-id'};
+ }
+ }
+ my $n = $ifaces->{$p};
+
+ die "vlan '$iface' - vlan-id $vlanid should be <= 4094\n" if $vlanid > 4094;
+ die "vlan '$iface' - unable to find parent '$p'\n"
+ if !$n;
+
+ if ($n->{type} ne 'eth' && $n->{type} ne 'bridge' && $n->{type} ne 'bond' && $n->{type} ne 'vlan') {
+ die "vlan '$iface' - wrong interface type on parent '$p' " .
+ "('$n->{type}' != 'eth|bond|bridge|vlan' )\n";
+ }
+
+ &$check_mtu($ifaces, $p, $iface);
+
+ }
+ }
+
+ # check uplink
+ my $uplinks = {};
+ foreach my $iface (keys %$ifaces) {
+ my $d = $ifaces->{$iface};
+ if (my $uplinkid = $d->{'uplink-id'}) {
+ die "iface '$iface' - uplink-id $uplinkid is only allowed on physical and linux bond interfaces\n"
+ if $d->{type} ne 'eth' && $d->{type} ne 'bond';
+
+ die "iface '$iface' - uplink-id $uplinkid is already assigned on '$uplinks->{$uplinkid}'\n"
+ if $uplinks->{$uplinkid};
+
+ $uplinks->{$uplinkid} = $iface;
+ }
+ }
+
+ # check bridgeport option
+ my $bridgeports = {};
+ my $bridges = {};
+ my $ifaces_copy = { %$ifaces };
+ foreach my $iface (keys %$ifaces_copy) {
+ my $d = $ifaces_copy->{$iface};
+ if ($d->{type} eq 'bridge') {
+ foreach my $p (split (/\s+/, $d->{bridge_ports} // '')) {
+ if($p =~ m/(\S+)\.(\d+)$/) {
+ my $vlanparent = $1;
+ if (!defined($ifaces_copy->{$p})) {
+ $ifaces_copy->{$p}->{type} = 'vlan';
+ $ifaces_copy->{$p}->{method} = 'manual';
+ $ifaces_copy->{$p}->{method6} = 'manual';
+ $ifaces_copy->{$p}->{mtu} = $ifaces_copy->{$vlanparent}->{mtu} if defined($ifaces_copy->{$1}->{mtu});
+ }
+ }
+ my $n = $ifaces_copy->{$p};
+ die "bridge '$iface' - unable to find bridge port '$p'\n" if !$n;
+ die "iface $p - ip address can't be set on interface if bridged in $iface\n"
+ if ($n->{method} && $n->{method} eq 'static' && $n->{address} ne '0.0.0.0') ||
+ ($n->{method6} && $n->{method6} eq 'static' && $n->{address6} ne '::');
+ &$check_mtu($ifaces_copy, $p, $iface);
+ $bridgeports->{$p} = $iface;
+ }
+ $bridges->{$iface} = $d;
+ }
+ }
+
+ foreach my $iface (keys %$ifaces) {
+ my $d = $ifaces->{$iface};
+
+ foreach my $k (qw(bridge-learning bridge-arp-nd-suppress bridge-unicast-flood bridge-multicast-flood bridge-access)) {
+ die "iface $iface - $k: bridge port specific options can be used only on interfaces attached to a bridge\n"
+ if $d->{$k} && !$bridgeports->{$iface};
+ }
+
+ if ($d->{'bridge-access'} && !$bridges->{$bridgeports->{$iface}}->{bridge_vlan_aware}) {
+ die "iface $iface - bridge-access option can be only used if interface is in a vlan aware bridge\n";
+ }
+ }
+