Page MenuHomeVyOS Platform
Create Task
Maniphest T7219

VXLAN needs to make remote and group options mutually exclusive
In progress, NormalPublicBUG
Actions

Description

VXLAN does not verify if remote and group added together bug

To reproduce:

set interfaces ethernet eth1 address '192.0.2.1/24'
set interfaces vxlan vxlan10 group '239.4.4.5'
set interfaces vxlan vxlan10 mtu '1420'
set interfaces vxlan vxlan10 remote '192.0.2.254'
set interfaces vxlan vxlan10 source-address '192.0.2.1'
set interfaces vxlan vxlan10 source-interface 'eth1'
set interfaces vxlan vxlan10 vni '10'
commit

commit:

vyos@r14# commit
[ interfaces vxlan vxlan10 ]

WARNING: RFC7348 recommends VXLAN tunnels preserve a 1500 byte MTU

Traceback (most recent call last):
  File "/usr/libexec/vyos/services/vyos-configd", line 146, in run_script
    script.apply(c)
  File "/usr/libexec/vyos//conf_mode/interfaces_vxlan.py", line 246, in apply
    v = VXLANIf(**vxlan)
        ^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/vyos/ifconfig/interface.py", line 341, in __init__
    self._create()
  File "/usr/lib/python3/dist-packages/vyos/ifconfig/vxlan.py", line 106, in _create
    self._cmd(cmd.format(**self.config))
  File "/usr/lib/python3/dist-packages/vyos/ifconfig/control.py", line 64, in _cmd
    return cmd(command, self.debug, env=env)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/vyos/utils/process.py", line 187, in cmd
    raise OSError(code, feedback)
PermissionError: [Errno 1] failed to run command:  ip link add vxlan10 type vxlan dstport 4789 group 239.4.4.5 df unset tos inherit ttl 16 remote 192.0.2.254 local 192.0.2.1 dev eth1 id 10
returned: 
exit code: 1

[[interfaces vxlan vxlan10]] failed
Commit failed
[edit]
vyos@r14#

Native commands:

vyos@r14# sudo ip link add vxlan10 type vxlan dstport 4789 group 239.4.4.5 df unset tos inherit ttl 16 remote 192.0.2.254 local 192.0.2.1 dev eth1 id 10
vxlan: both group and remote cannot be specified
[edit]
vyos@r14#

Details

Version
VyOS 1.5-rolling-202503030030
Is it a breaking change?
Perfectly compatible
Issue type
Bug (incorrect behavior)
Story points
2

Related Objects

Event Timeline

Viacheslav created this task.Tue, Mar 4, 5:04 PM
Viacheslav triaged this task as Normal priority.
pasik subscribed.Tue, Mar 4, 6:27 PM
Restricted Repository Identity mentioned this in rVYOSONEXc9ddcc6a24a3: T7219: Add check for remote and group command to verify.Tue, Mar 11, 6:22 PM
Restricted Repository Identity mentioned this in rVYOSONEX4d5783a240c9: Merge pull request #4383 from oniko94/fix/T7219-fix-vxlan-verify.Tue, Mar 11, 6:22 PM
dmbaturin renamed this task from VXLAN does not verify if remote and group added together bug to VXLAN needs to make remote and group options mutually exclusive.Tue, Mar 25, 10:29 PM
dmbaturin added projects: VyOS 1.5 Circinus, VyOS 1.4 Sagitta (1.4.2).
dmbaturin changed Is it a breaking change? from Unspecified (possibly destroys the router) to Perfectly compatible.
dmbaturin moved this task from Open to Finished on the VyOS 1.5 Circinus board.
Viacheslav changed the task status from Open to In progress.Wed, Mar 26, 8:03 AM
Viacheslav assigned this task to oniko94.