Gestion igmp et mld par vlans

This commit is contained in:
chirac 2018-07-08 20:31:04 +02:00
parent 610a43c919
commit a477b2a889
2 changed files with 23 additions and 1 deletions

View file

@ -68,13 +68,16 @@ class Switch:
arp_protect_vlans = [vlan["vlan_id"] for vlan in self.all_vlans if vlan["arp_protect"]] arp_protect_vlans = [vlan["vlan_id"] for vlan in self.all_vlans if vlan["arp_protect"]]
dhcp_snooping_vlans = [vlan["vlan_id"] for vlan in self.all_vlans if vlan["dhcp_snooping"]] dhcp_snooping_vlans = [vlan["vlan_id"] for vlan in self.all_vlans if vlan["dhcp_snooping"]]
dhcpv6_snooping_vlans = [vlan["vlan_id"] for vlan in self.all_vlans if vlan["dhcpv6_snooping"]] dhcpv6_snooping_vlans = [vlan["vlan_id"] for vlan in self.all_vlans if vlan["dhcpv6_snooping"]]
igmp_vlans = [vlan["vlan_id"] for vlan in self.all_vlans if vlan["igmp"]]
mld_vlans = [vlan["vlan_id"] for vlan in self.all_vlans if vlan["mld"]]
ntp_servers = [server["servers"] for server in self.all_roles if server["role_type"] == "ntp-server"][0] ntp_servers = [server["servers"] for server in self.all_roles if server["role_type"] == "ntp-server"][0]
log_servers = [server["servers"] for server in self.all_roles if server["role_type"] == "log-server"][0] log_servers = [server["servers"] for server in self.all_roles if server["role_type"] == "log-server"][0]
dhcp_servers = [server["servers"] for server in self.all_roles if server["role_type"] == "dhcp"][0] dhcp_servers = [server["servers"] for server in self.all_roles if server["role_type"] == "dhcp"][0]
radius_servers = [server["servers"] for server in self.all_roles if server["role_type"] == "radius-server"][0]
ra_guarded = [str(port['port']) for port in self.switch['ports'] if port['get_port_profil']['ra_guard']] ra_guarded = [str(port['port']) for port in self.switch['ports'] if port['get_port_profil']['ra_guard']]
loop_protected = [str(port['port']) for port in self.switch['ports'] if port['get_port_profil']['loop_protect']] loop_protected = [str(port['port']) for port in self.switch['ports'] if port['get_port_profil']['loop_protect']]
self.additionals = {'ra_guarded' : ra_guarded, 'loop_protected' : loop_protected, 'vlans' : vlans, 'arp_protect_vlans' : arp_protect_vlans, 'dhcp_snooping_vlans' : dhcp_snooping_vlans, 'dhcpv6_snooping_vlans' : dhcpv6_snooping_vlans, 'ntp_servers': ntp_servers, 'log_servers': log_servers, 'dhcp_servers' : dhcp_servers} self.additionals = {'ra_guarded' : ra_guarded, 'loop_protected' : loop_protected, 'vlans' : vlans, 'arp_protect_vlans' : arp_protect_vlans, 'dhcp_snooping_vlans' : dhcp_snooping_vlans, 'dhcpv6_snooping_vlans' : dhcpv6_snooping_vlans, 'ntp_servers': ntp_servers, 'log_servers': log_servers, 'dhcp_servers' : dhcp_servers, 'radius_servers' : radius_servers, 'igmp_vlans' : igmp_vlans, 'mld_vlans': mld_vlans}
def gen_conf_hp(self): def gen_conf_hp(self):

View file

@ -62,6 +62,15 @@ vlan {{ id }}
{%- else %} {%- else %}
no ipv6 enable no ipv6 enable
{%- endif %} {%- endif %}
{%- if id in additionals.igmp_vlans %}
ip igmp
no ip igmp querier
{%- endif %}
{%- if id in additionals.mld_vlans %}
no ipv6 mld querier
ipv6 mld version 1
ipv6 mld enable
{%- endif %}
exit exit
{%- endfor %} {%- endfor %}
;--- Accès d'administration --- ;--- Accès d'administration ---
@ -81,6 +90,16 @@ loop-protect disable-timer 30
loop-protect transmit-interval 3 loop-protect transmit-interval 3
loop-protect {{ additionals.loop_protected|join(' ') }} loop-protect {{ additionals.loop_protected|join(' ') }}
{%- endif %} {%- endif %}
;--- Serveurs Radius
radius-server dead-time 2
{%- for server in additionals.radius_servers %}
{%- for interface in server.interface %}
{%- if switch.subnet.0.vlan_id == interface.vlan_id %}
radius-server host {{ interface.ipv4 }} key "plop"
radius-server host {{ interface.ipv4 }} dyn-authorization
{%- endif %}
{%- endfor %}
{%- endfor %}
radius-server dyn-autz-port 3799 radius-server dyn-autz-port 3799
;--- Filtrage mac --- ;--- Filtrage mac ---
aaa port-access mac-based addr-format multi-colon aaa port-access mac-based addr-format multi-colon