diff --git a/data/templates/high-availability/keepalived.conf.j2 b/data/templates/high-availability/keepalived.conf.j2
index 240161748..c0d66ae54 100644
--- a/data/templates/high-availability/keepalived.conf.j2
+++ b/data/templates/high-availability/keepalived.conf.j2
@@ -1,243 +1,243 @@
# Autogenerated by VyOS
# Do not edit this file, all your changes will be lost
# on next commit or reboot
# Global definitions configuration block
global_defs {
dynamic_interfaces
script_user root
{% if vrrp.global_parameters.startup_delay is vyos_defined %}
vrrp_startup_delay {{ vrrp.global_parameters.startup_delay }}
{% endif %}
{% if vrrp.global_parameters.garp is vyos_defined %}
{% if vrrp.global_parameters.garp.interval is vyos_defined %}
vrrp_garp_interval {{ vrrp.global_parameters.garp.interval }}
{% endif %}
{% if vrrp.global_parameters.garp.master_delay is vyos_defined %}
vrrp_garp_master_delay {{ vrrp.global_parameters.garp.master_delay }}
{% endif %}
{% if vrrp.global_parameters.garp.master_refresh is vyos_defined %}
vrrp_garp_master_refresh {{ vrrp.global_parameters.garp.master_refresh }}
{% endif %}
{% if vrrp.global_parameters.garp.master_refresh_repeat is vyos_defined %}
vrrp_garp_master_refresh_repeat {{ vrrp.global_parameters.garp.master_refresh_repeat }}
{% endif %}
{% if vrrp.global_parameters.garp.master_repeat is vyos_defined %}
vrrp_garp_master_repeat {{ vrrp.global_parameters.garp.master_repeat }}
{% endif %}
{% endif %}
{% if vrrp.global_parameters.version is vyos_defined %}
vrrp_version {{ vrrp.global_parameters.version }}
{% endif %}
notify_fifo /run/keepalived/keepalived_notify_fifo
notify_fifo_script /usr/libexec/vyos/system/keepalived-fifo.py
}
{# Sync group has own health-check scripts T6020 #}
{% if vrrp.sync_group is vyos_defined %}
{% for name, sync_group_config in vrrp.sync_group.items() if sync_group_config.disable is not vyos_defined %}
{% if sync_group_config.health_check is vyos_defined %}
vrrp_script healthcheck_sg_{{ name }} {
{% if sync_group_config.health_check.script is vyos_defined %}
script "{{ sync_group_config.health_check.script }}"
{% elif sync_group_config.health_check.ping is vyos_defined %}
script "/usr/bin/ping -c1 {{ sync_group_config.health_check.ping }}"
{% endif %}
interval {{ sync_group_config.health_check.interval }}
fall {{ sync_group_config.health_check.failure_count }}
rise 1
}
{% endif %}
{% endfor %}
{% endif %}
{% if vrrp.group is vyos_defined %}
{% for name, group_config in vrrp.group.items() if group_config.disable is not vyos_defined %}
{% if group_config.health_check is vyos_defined %}
vrrp_script healthcheck_{{ name }} {
{% if group_config.health_check.script is vyos_defined %}
script "{{ group_config.health_check.script }}"
{% elif group_config.health_check.ping is vyos_defined %}
script "/usr/bin/ping -c1 {{ group_config.health_check.ping }}"
{% endif %}
interval {{ group_config.health_check.interval }}
fall {{ group_config.health_check.failure_count }}
rise 1
}
{% endif %}
vrrp_instance {{ name }} {
{% if group_config.description is vyos_defined %}
# {{ group_config.description }}
{% endif %}
state BACKUP
interface {{ group_config.interface }}
virtual_router_id {{ group_config.vrid }}
priority {{ group_config.priority }}
advert_int {{ group_config.advertise_interval }}
{% if group_config.garp is vyos_defined %}
{% if group_config.garp.interval is vyos_defined %}
garp_interval {{ group_config.garp.interval }}
{% endif %}
{% if group_config.garp.master_delay is vyos_defined %}
garp_master_delay {{ group_config.garp.master_delay }}
{% endif %}
{% if group_config.garp.master_repeat is vyos_defined %}
garp_master_repeat {{ group_config.garp.master_repeat }}
{% endif %}
{% if group_config.garp.master_refresh is vyos_defined %}
garp_master_refresh {{ group_config.garp.master_refresh }}
{% endif %}
{% if group_config.garp.master_refresh_repeat is vyos_defined %}
garp_master_refresh_repeat {{ group_config.garp.master_refresh_repeat }}
{% endif %}
{% endif %}
{% if group_config.track.exclude_vrrp_interface is vyos_defined %}
dont_track_primary
{% endif %}
{% if group_config.no_preempt is not vyos_defined and group_config.preempt_delay is vyos_defined %}
preempt_delay {{ group_config.preempt_delay }}
{% elif group_config.no_preempt is vyos_defined %}
nopreempt
{% endif %}
{% if group_config.peer_address is vyos_defined %}
unicast_peer {
{% for peer_address in group_config.peer_address %}
{{ peer_address }}
{% endfor %}
}
{% endif %}
{% if group_config.hello_source_address is vyos_defined %}
{% if group_config.peer_address is vyos_defined %}
unicast_src_ip {{ group_config.hello_source_address }}
{% else %}
mcast_src_ip {{ group_config.hello_source_address }}
{% endif %}
{% endif %}
{% if group_config.rfc3768_compatibility is vyos_defined and group_config.peer_address is vyos_defined %}
use_vmac {{ group_config.interface }}v{{ group_config.vrid }}v{{ '4' if group_config['address'] | first | is_ipv4 else '6' }}
vmac_xmit_base
{% elif group_config.rfc3768_compatibility is vyos_defined %}
use_vmac {{ group_config.interface }}v{{ group_config.vrid }}v{{ '4' if group_config['address'] | first | is_ipv4 else '6' }}
{% endif %}
{% if group_config.authentication is vyos_defined %}
authentication {
auth_pass "{{ group_config.authentication.password }}"
{% if group_config.authentication.type is vyos_defined('plaintext-password') %}
auth_type PASS
{% else %}
auth_type {{ group_config.authentication.type | upper }}
{% endif %}
}
{% endif %}
{% if group_config.address is vyos_defined %}
virtual_ipaddress {
{% for addr, addr_config in group_config.address.items() %}
{{ addr }}{{ ' dev ' + addr_config.interface if addr_config.interface is vyos_defined }}
{% endfor %}
}
{% endif %}
{% if group_config.excluded_address is vyos_defined %}
virtual_ipaddress_excluded {
-{% for addr in group_config.excluded_address %}
- {{ addr }}
+{% for addr, addr_config in group_config.excluded_address.items() %}
+ {{ addr }}{{ ' dev ' + addr_config.interface if addr_config.interface is vyos_defined }}
{% endfor %}
}
{% endif %}
{% if group_config.track.interface is vyos_defined %}
track_interface {
{% for interface in group_config.track.interface %}
{{ interface }}
{% endfor %}
}
{% endif %}
{# Sync group member can't use own health check script #}
{% if group_config.health_check is vyos_defined and group_config._is_sync_group_member is not vyos_defined %}
track_script {
healthcheck_{{ name }}
}
{% endif %}
}
{% endfor %}
{% endif %}
{% if vrrp.sync_group is vyos_defined %}
{% for name, sync_group_config in vrrp.sync_group.items() if sync_group_config.disable is not vyos_defined %}
vrrp_sync_group {{ name }} {
group {
{% if sync_group_config.member is vyos_defined %}
{% for member in sync_group_config.member %}
{{ member }}
{% endfor %}
{% endif %}
}
{% if sync_group_config.health_check is vyos_defined %}
track_script {
healthcheck_sg_{{ name }}
}
{% endif %}
{% if conntrack_sync_group is vyos_defined(name) %}
{% set vyos_helper = "/usr/libexec/vyos/vyos-vrrp-conntracksync.sh" %}
notify_master "{{ vyos_helper }} master {{ name }}"
notify_backup "{{ vyos_helper }} backup {{ name }}"
notify_fault "{{ vyos_helper }} fault {{ name }}"
{% endif %}
}
{% endfor %}
{% endif %}
{% if virtual_server is vyos_defined %}
# Virtual-server configuration
{% for vserver, vserver_config in virtual_server.items() %}
# Vserver {{ vserver }}
{% if vserver_config.port is vyos_defined %}
virtual_server {{ vserver_config.address }} {{ vserver_config.port }} {
{% else %}
virtual_server fwmark {{ vserver_config.fwmark }} {
{% endif %}
delay_loop {{ vserver_config.delay_loop }}
{% if vserver_config.algorithm is vyos_defined('round-robin') %}
lb_algo rr
{% elif vserver_config.algorithm is vyos_defined('weighted-round-robin') %}
lb_algo wrr
{% elif vserver_config.algorithm is vyos_defined('least-connection') %}
lb_algo lc
{% elif vserver_config.algorithm is vyos_defined('weighted-least-connection') %}
lb_algo wlc
{% elif vserver_config.algorithm is vyos_defined('source-hashing') %}
lb_algo sh
{% elif vserver_config.algorithm is vyos_defined('destination-hashing') %}
lb_algo dh
{% elif vserver_config.algorithm is vyos_defined('locality-based-least-connection') %}
lb_algo lblc
{% endif %}
{% if vserver_config.forward_method is vyos_defined('nat') %}
lb_kind NAT
{% elif vserver_config.forward_method is vyos_defined('direct') %}
lb_kind DR
{% elif vserver_config.forward_method is vyos_defined('tunnel') %}
lb_kind TUN
{% endif %}
persistence_timeout {{ vserver_config.persistence_timeout }}
protocol {{ vserver_config.protocol | upper }}
{% if vserver_config.real_server is vyos_defined %}
{% for rserver, rserver_config in vserver_config.real_server.items() %}
real_server {{ rserver }} {{ rserver_config.port }} {
weight 1
{% if rserver_config.health_check.script is vyos_defined %}
MISC_CHECK {
misc_path {{ rserver_config.health_check.script }}
{% else %}
{{ vserver_config.protocol | upper }}_CHECK {
{% if rserver_config.connection_timeout is vyos_defined %}
connect_timeout {{ rserver_config.connection_timeout }}
{% endif %}
{% endif %}
}
}
{% endfor %}
{% endif %}
}
{% endfor %}
{% endif %}
diff --git a/interface-definitions/high-availability.xml.in b/interface-definitions/high-availability.xml.in
index 558404882..7108aa06c 100644
--- a/interface-definitions/high-availability.xml.in
+++ b/interface-definitions/high-availability.xml.in
@@ -1,559 +1,568 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="high-availability" owner="${vyos_conf_scripts_dir}/high-availability.py">
<properties>
<priority>800</priority> <!-- after all interfaces and conntrack-sync -->
<help>High availability settings</help>
</properties>
<children>
#include <include/generic-disable-node.xml.i>
<node name="vrrp">
<properties>
<help>Virtual Router Redundancy Protocol settings</help>
</properties>
<children>
<leafNode name="snmp">
<properties>
<valueless/>
<help>Enable SNMP</help>
</properties>
</leafNode>
<node name="global-parameters">
<properties>
<help>VRRP global parameters</help>
</properties>
<children>
#include <include/vrrp/garp.xml.i>
<leafNode name="startup-delay">
<properties>
<help>Time VRRP startup process (in seconds)</help>
<valueHelp>
<format>u32:1-600</format>
<description>Interval in seconds</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-600"/>
</constraint>
</properties>
</leafNode>
<leafNode name="version">
<properties>
<help>Default VRRP version to use, IPv6 always uses VRRP version 3</help>
<valueHelp>
<format>2</format>
<description>VRRP version 2</description>
</valueHelp>
<valueHelp>
<format>3</format>
<description>VRRP version 3</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 2-3"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<tagNode name="group">
<properties>
<help>VRRP group</help>
</properties>
<children>
#include <include/generic-interface-broadcast.xml.i>
#include <include/vrrp/garp.xml.i>
<leafNode name="advertise-interval">
<properties>
<help>Advertise interval</help>
<valueHelp>
<format>u32:1-255</format>
<description>Advertise interval in seconds</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-255"/>
</constraint>
</properties>
<defaultValue>1</defaultValue>
</leafNode>
<node name="authentication">
<properties>
<help>VRRP authentication</help>
</properties>
<children>
<leafNode name="password">
<properties>
<help>VRRP password</help>
<valueHelp>
<format>txt</format>
<description>Password string (up to 8 characters)</description>
</valueHelp>
<constraint>
<regex>.{1,8}</regex>
</constraint>
<constraintErrorMessage>Password must not be longer than 8 characters</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="type">
<properties>
<help>Authentication type</help>
<completionHelp>
<list>plaintext-password ah</list>
</completionHelp>
<valueHelp>
<format>plaintext-password</format>
<description>Simple password string</description>
</valueHelp>
<valueHelp>
<format>ah</format>
<description>AH - IPSEC (not recommended)</description>
</valueHelp>
<constraint>
<regex>(plaintext-password|ah)</regex>
</constraint>
<constraintErrorMessage>Authentication type must be plaintext-password or ah</constraintErrorMessage>
</properties>
</leafNode>
</children>
</node>
#include <include/generic-description.xml.i>
#include <include/generic-disable-node.xml.i>
<node name="health-check">
<properties>
<help>Health check</help>
</properties>
<children>
<leafNode name="failure-count">
<properties>
<help>Health check failure count required for transition to fault</help>
<constraint>
<validator name="numeric" argument="--positive" />
</constraint>
</properties>
<defaultValue>3</defaultValue>
</leafNode>
<leafNode name="interval">
<properties>
<help>Health check execution interval in seconds</help>
<constraint>
<validator name="numeric" argument="--positive"/>
</constraint>
</properties>
<defaultValue>60</defaultValue>
</leafNode>
<leafNode name="ping">
<properties>
<help>ICMP ping health check</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 ping target address</description>
</valueHelp>
<valueHelp>
<format>ipv6</format>
<description>IPv6 ping target address</description>
</valueHelp>
<constraint>
<validator name="ip-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="script">
<properties>
<help>Health check script file</help>
<constraint>
<validator name="script"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<leafNode name="hello-source-address">
<properties>
<help>VRRP hello source address</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 hello source address</description>
</valueHelp>
<valueHelp>
<format>ipv6</format>
<description>IPv6 hello source address</description>
</valueHelp>
<constraint>
<validator name="ip-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="peer-address">
<properties>
<help>Unicast VRRP peer address</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 unicast peer address</description>
</valueHelp>
<valueHelp>
<format>ipv6</format>
<description>IPv6 unicast peer address</description>
</valueHelp>
<constraint>
<validator name="ip-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="no-preempt">
<properties>
<valueless/>
<help>Disable master preemption</help>
</properties>
</leafNode>
<leafNode name="preempt-delay">
<properties>
<help>Preempt delay (in seconds)</help>
<valueHelp>
<format>u32:0-1000</format>
<description>preempt delay</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-1000"/>
</constraint>
</properties>
<defaultValue>0</defaultValue>
</leafNode>
<leafNode name="priority">
<properties>
<help>Router priority</help>
<valueHelp>
<format>u32:1-255</format>
<description>Router priority</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-255"/>
</constraint>
</properties>
<defaultValue>100</defaultValue>
</leafNode>
<leafNode name="rfc3768-compatibility">
<properties>
<help>Use VRRP virtual MAC address as per RFC3768</help>
<valueless/>
</properties>
</leafNode>
<node name="track">
<properties>
<help>Track settings</help>
</properties>
<children>
<leafNode name="exclude-vrrp-interface">
<properties>
<valueless/>
<help>Disable track state of main interface</help>
</properties>
</leafNode>
<leafNode name="interface">
<properties>
<help>Interface name state check</help>
<completionHelp>
<script>${vyos_completion_dir}/list_interfaces --broadcast</script>
</completionHelp>
<valueHelp>
<format>txt</format>
<description>Interface name</description>
</valueHelp>
<constraint>
#include <include/constraint/interface-name.xml.i>
</constraint>
<multi/>
</properties>
</leafNode>
</children>
</node>
#include <include/vrrp-transition-script.xml.i>
<tagNode name="address">
<properties>
<help>Virtual IP address</help>
<valueHelp>
<format>ipv4net</format>
<description>IPv4 address and prefix length</description>
</valueHelp>
<valueHelp>
<format>ipv6net</format>
<description>IPv6 address and prefix length</description>
</valueHelp>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address</description>
</valueHelp>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address</description>
</valueHelp>
<constraint>
<validator name="ip-host"/>
<validator name="ip-address"/>
</constraint>
</properties>
<children>
#include <include/generic-interface-broadcast.xml.i>
</children>
</tagNode>
- <leafNode name="excluded-address">
+ <tagNode name="excluded-address">
<properties>
<help>Virtual address (If you need additional IPv4 and IPv6 in same group)</help>
+ <valueHelp>
+ <format>ipv4net</format>
+ <description>IPv4 address and prefix length</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ipv6net</format>
+ <description>IPv6 address and prefix length</description>
+ </valueHelp>
<valueHelp>
<format>ipv4</format>
- <description>IP address</description>
+ <description>IPv4 address</description>
</valueHelp>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address</description>
</valueHelp>
- <multi/>
<constraint>
- <validator name="ipv4-host"/>
- <validator name="ipv6-host"/>
+ <validator name="ip-host"/>
+ <validator name="ip-address"/>
</constraint>
- <constraintErrorMessage>Virtual address must be a valid IPv4 or IPv6 address with prefix length (e.g. 192.0.2.3/24 or 2001:db8:ff::10/64)</constraintErrorMessage>
</properties>
- </leafNode>
+ <children>
+ #include <include/generic-interface-broadcast.xml.i>
+ </children>
+ </tagNode>
<leafNode name="vrid">
<properties>
<help>Virtual router identifier</help>
<valueHelp>
<format>u32:1-255</format>
<description>Virtual router identifier</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-255"/>
</constraint>
</properties>
</leafNode>
</children>
</tagNode>
<tagNode name="sync-group">
<properties>
<help>VRRP sync group</help>
</properties>
<children>
<leafNode name="member">
<properties>
<multi/>
<help>Sync group member</help>
<valueHelp>
<format>txt</format>
<description>VRRP group name</description>
</valueHelp>
<completionHelp>
<path>high-availability vrrp group</path>
</completionHelp>
</properties>
</leafNode>
<node name="health-check">
<properties>
<help>Health check</help>
</properties>
<children>
<leafNode name="failure-count">
<properties>
<help>Health check failure count required for transition to fault</help>
<constraint>
<validator name="numeric" argument="--positive" />
</constraint>
</properties>
<defaultValue>3</defaultValue>
</leafNode>
<leafNode name="interval">
<properties>
<help>Health check execution interval in seconds</help>
<constraint>
<validator name="numeric" argument="--positive"/>
</constraint>
</properties>
<defaultValue>60</defaultValue>
</leafNode>
<leafNode name="ping">
<properties>
<help>ICMP ping health check</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 ping target address</description>
</valueHelp>
<valueHelp>
<format>ipv6</format>
<description>IPv6 ping target address</description>
</valueHelp>
<constraint>
<validator name="ip-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="script">
<properties>
<help>Health check script file</help>
<constraint>
<validator name="script"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
#include <include/vrrp-transition-script.xml.i>
</children>
</tagNode>
</children>
</node>
<tagNode name="virtual-server">
<properties>
<help>Load-balancing virtual server alias</help>
</properties>
<children>
#include <include/address-ipv4-ipv6-single.xml.i>
<leafNode name="algorithm">
<properties>
<help>Schedule algorithm (default - least-connection)</help>
<completionHelp>
<list>round-robin weighted-round-robin least-connection weighted-least-connection source-hashing destination-hashing locality-based-least-connection</list>
</completionHelp>
<valueHelp>
<format>round-robin</format>
<description>Round robin</description>
</valueHelp>
<valueHelp>
<format>weighted-round-robin</format>
<description>Weighted round robin</description>
</valueHelp>
<valueHelp>
<format>least-connection</format>
<description>Least connection</description>
</valueHelp>
<valueHelp>
<format>weighted-least-connection</format>
<description>Weighted least connection</description>
</valueHelp>
<valueHelp>
<format>source-hashing</format>
<description>Source hashing</description>
</valueHelp>
<valueHelp>
<format>destination-hashing</format>
<description>Destination hashing</description>
</valueHelp>
<valueHelp>
<format>locality-based-least-connection</format>
<description>Locality-Based least connection</description>
</valueHelp>
<constraint>
<regex>(round-robin|weighted-round-robin|least-connection|weighted-least-connection|source-hashing|destination-hashing|locality-based-least-connection)</regex>
</constraint>
</properties>
<defaultValue>least-connection</defaultValue>
</leafNode>
<leafNode name="delay-loop">
<properties>
<help>Interval between health-checks (in seconds)</help>
<valueHelp>
<format>u32:1-600</format>
<description>Interval in seconds</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-3600"/>
</constraint>
</properties>
<defaultValue>10</defaultValue>
</leafNode>
<leafNode name="forward-method">
<properties>
<help>Forwarding method</help>
<completionHelp>
<list>direct nat tunnel</list>
</completionHelp>
<valueHelp>
<format>direct</format>
<description>Direct routing</description>
</valueHelp>
<valueHelp>
<format>nat</format>
<description>NAT</description>
</valueHelp>
<valueHelp>
<format>tunnel</format>
<description>Tunneling</description>
</valueHelp>
<constraint>
<regex>(direct|nat|tunnel)</regex>
</constraint>
</properties>
<defaultValue>nat</defaultValue>
</leafNode>
#include <include/firewall/fwmark.xml.i>
#include <include/port-number-start-zero.xml.i>
<leafNode name="persistence-timeout">
<properties>
<help>Timeout for persistent connections</help>
<valueHelp>
<format>u32:1-86400</format>
<description>Timeout for persistent connections</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-86400"/>
</constraint>
</properties>
<defaultValue>300</defaultValue>
</leafNode>
<leafNode name="protocol">
<properties>
<help>Protocol for port checks</help>
<completionHelp>
<list>tcp udp</list>
</completionHelp>
<valueHelp>
<format>tcp</format>
<description>TCP</description>
</valueHelp>
<valueHelp>
<format>udp</format>
<description>UDP</description>
</valueHelp>
<constraint>
<regex>(tcp|udp)</regex>
</constraint>
</properties>
<defaultValue>tcp</defaultValue>
</leafNode>
<tagNode name="real-server">
<properties>
<help>Real server address</help>
</properties>
<children>
#include <include/port-number-start-zero.xml.i>
<leafNode name="connection-timeout">
<properties>
<help>Server connection timeout</help>
<valueHelp>
<format>u32:1-86400</format>
<description>Connection timeout to remote server</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-86400"/>
</constraint>
</properties>
</leafNode>
<node name="health-check">
<properties>
<help>Health check script</help>
</properties>
<children>
<leafNode name="script">
<properties>
<help>Health check script file</help>
<constraint>
<validator name="script"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
</children>
</tagNode>
</children>
</tagNode>
</children>
</node>
</interfaceDefinition>