Gestion igmp et mld par vlans
This commit is contained in:
parent
610a43c919
commit
a477b2a889
2 changed files with 23 additions and 1 deletions
5
main.py
5
main.py
|
@ -68,13 +68,16 @@ class Switch:
|
||||||
arp_protect_vlans = [vlan["vlan_id"] for vlan in self.all_vlans if vlan["arp_protect"]]
|
arp_protect_vlans = [vlan["vlan_id"] for vlan in self.all_vlans if vlan["arp_protect"]]
|
||||||
dhcp_snooping_vlans = [vlan["vlan_id"] for vlan in self.all_vlans if vlan["dhcp_snooping"]]
|
dhcp_snooping_vlans = [vlan["vlan_id"] for vlan in self.all_vlans if vlan["dhcp_snooping"]]
|
||||||
dhcpv6_snooping_vlans = [vlan["vlan_id"] for vlan in self.all_vlans if vlan["dhcpv6_snooping"]]
|
dhcpv6_snooping_vlans = [vlan["vlan_id"] for vlan in self.all_vlans if vlan["dhcpv6_snooping"]]
|
||||||
|
igmp_vlans = [vlan["vlan_id"] for vlan in self.all_vlans if vlan["igmp"]]
|
||||||
|
mld_vlans = [vlan["vlan_id"] for vlan in self.all_vlans if vlan["mld"]]
|
||||||
ntp_servers = [server["servers"] for server in self.all_roles if server["role_type"] == "ntp-server"][0]
|
ntp_servers = [server["servers"] for server in self.all_roles if server["role_type"] == "ntp-server"][0]
|
||||||
log_servers = [server["servers"] for server in self.all_roles if server["role_type"] == "log-server"][0]
|
log_servers = [server["servers"] for server in self.all_roles if server["role_type"] == "log-server"][0]
|
||||||
dhcp_servers = [server["servers"] for server in self.all_roles if server["role_type"] == "dhcp"][0]
|
dhcp_servers = [server["servers"] for server in self.all_roles if server["role_type"] == "dhcp"][0]
|
||||||
|
radius_servers = [server["servers"] for server in self.all_roles if server["role_type"] == "radius-server"][0]
|
||||||
ra_guarded = [str(port['port']) for port in self.switch['ports'] if port['get_port_profil']['ra_guard']]
|
ra_guarded = [str(port['port']) for port in self.switch['ports'] if port['get_port_profil']['ra_guard']]
|
||||||
loop_protected = [str(port['port']) for port in self.switch['ports'] if port['get_port_profil']['loop_protect']]
|
loop_protected = [str(port['port']) for port in self.switch['ports'] if port['get_port_profil']['loop_protect']]
|
||||||
|
|
||||||
self.additionals = {'ra_guarded' : ra_guarded, 'loop_protected' : loop_protected, 'vlans' : vlans, 'arp_protect_vlans' : arp_protect_vlans, 'dhcp_snooping_vlans' : dhcp_snooping_vlans, 'dhcpv6_snooping_vlans' : dhcpv6_snooping_vlans, 'ntp_servers': ntp_servers, 'log_servers': log_servers, 'dhcp_servers' : dhcp_servers}
|
self.additionals = {'ra_guarded' : ra_guarded, 'loop_protected' : loop_protected, 'vlans' : vlans, 'arp_protect_vlans' : arp_protect_vlans, 'dhcp_snooping_vlans' : dhcp_snooping_vlans, 'dhcpv6_snooping_vlans' : dhcpv6_snooping_vlans, 'ntp_servers': ntp_servers, 'log_servers': log_servers, 'dhcp_servers' : dhcp_servers, 'radius_servers' : radius_servers, 'igmp_vlans' : igmp_vlans, 'mld_vlans': mld_vlans}
|
||||||
|
|
||||||
|
|
||||||
def gen_conf_hp(self):
|
def gen_conf_hp(self):
|
||||||
|
|
|
@ -62,6 +62,15 @@ vlan {{ id }}
|
||||||
{%- else %}
|
{%- else %}
|
||||||
no ipv6 enable
|
no ipv6 enable
|
||||||
{%- endif %}
|
{%- endif %}
|
||||||
|
{%- if id in additionals.igmp_vlans %}
|
||||||
|
ip igmp
|
||||||
|
no ip igmp querier
|
||||||
|
{%- endif %}
|
||||||
|
{%- if id in additionals.mld_vlans %}
|
||||||
|
no ipv6 mld querier
|
||||||
|
ipv6 mld version 1
|
||||||
|
ipv6 mld enable
|
||||||
|
{%- endif %}
|
||||||
exit
|
exit
|
||||||
{%- endfor %}
|
{%- endfor %}
|
||||||
;--- Accès d'administration ---
|
;--- Accès d'administration ---
|
||||||
|
@ -81,6 +90,16 @@ loop-protect disable-timer 30
|
||||||
loop-protect transmit-interval 3
|
loop-protect transmit-interval 3
|
||||||
loop-protect {{ additionals.loop_protected|join(' ') }}
|
loop-protect {{ additionals.loop_protected|join(' ') }}
|
||||||
{%- endif %}
|
{%- endif %}
|
||||||
|
;--- Serveurs Radius
|
||||||
|
radius-server dead-time 2
|
||||||
|
{%- for server in additionals.radius_servers %}
|
||||||
|
{%- for interface in server.interface %}
|
||||||
|
{%- if switch.subnet.0.vlan_id == interface.vlan_id %}
|
||||||
|
radius-server host {{ interface.ipv4 }} key "plop"
|
||||||
|
radius-server host {{ interface.ipv4 }} dyn-authorization
|
||||||
|
{%- endif %}
|
||||||
|
{%- endfor %}
|
||||||
|
{%- endfor %}
|
||||||
radius-server dyn-autz-port 3799
|
radius-server dyn-autz-port 3799
|
||||||
;--- Filtrage mac ---
|
;--- Filtrage mac ---
|
||||||
aaa port-access mac-based addr-format multi-colon
|
aaa port-access mac-based addr-format multi-colon
|
||||||
|
|
Loading…
Reference in a new issue