dhcp-server: T3936: Added support for DHCP Option 82 #4665
Conversation
|
👍 |
|
❌ Conflicts Found. This pull request has conflicts. Please resolve them before we can evaluate the pull request. |
|
This is quite a significant conflict that I have to resolve that's going to require some merging commits. These will mean it won't be possible to rebase the commits down into a single commit, similar to the previous pull request that I had to abandon. Do I absolutely have to revert everything and redo it so it can be in one commit or is it acceptable to have a few commits in this case? |
|
As I've not heard anything about this I'm going to assume that I can continue with multiple commits in the PR. |
cblackburn-igl
force-pushed
the
T3936-DHCP-Option-82-Support
branch
from
326b5e7 to
133cb0c
Compare
|
Conflicts have been resolved. A maintainer will review the pull request shortly. |
interface-definitions/include/dhcp/dhcp-server-common-config.xml.i
Outdated
Show resolved
Hide resolved
interface-definitions/include/dhcp/dhcp-server-common-config.xml.i
Outdated
Show resolved
Hide resolved
interface-definitions/include/dhcp/dhcp-server-common-config.xml.i
Outdated
Show resolved
Hide resolved
cblackburn-igl
force-pushed
the
T3936-DHCP-Option-82-Support
branch
from
65b020b to
43538d7
Compare
interface-definitions/include/dhcp/dhcp-server-common-config.xml.i
Outdated
Show resolved
Hide resolved
|
Thanks for the PR. Implementation looks really good, I'll aim to test it locally this week and approve if all checks out. Only nitpick is |
interface-definitions/include/dhcp/dhcp-server-common-config.xml.i
Outdated
Show resolved
Hide resolved
interface-definitions/include/dhcp/dhcp-server-common-config.xml.i
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Pull Request Overview
This PR adds support for DHCP Option 82 (relay agent information) filtering in the VyOS DHCP server. This feature allows DHCP client classes to be defined based on Option 82 circuit-id and remote-id values, enabling address assignment filtering based on physical network information provided by enterprise switches.
- Added client class configuration with Option 82 circuit-id and remote-id filtering
- Added client class assignment to subnets and address ranges
- Added validation for client class references and Option 82 hex format
Reviewed Changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| src/conf_mode/service_dhcp-server.py | Added validation for client class references and Option 82 hex format |
| smoketest/scripts/cli/test_service_dhcp-server.py | Added comprehensive tests for client class functionality and validation |
| python/vyos/template.py | Added Jinja2 filter for rendering client class JSON configuration |
| python/vyos/kea.py | Added functions to parse client classes and build Option 82 test expressions |
| interface-definitions/include/dhcp/dhcp-server-common-config.xml.i | Added CLI definitions for client classes and Option 82 configuration |
| data/templates/dhcp-server/kea-dhcp4.conf.j2 | Added client class rendering to Kea DHCP configuration template |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
|
sigh so, I have absolutely no idea how this PR has now managed to collect an extra 44 commits from seemingly unrelated pull requests. If it's ok to accept this and everything will work out then please accept the PR. If not then I'll extract all the changes out into a new branch and resubmit the PR. Git is both the best and the worst. |
|
I see 68 commits and most of them unexpected |
|
well, in the spirit of this XKCD: https://xkcd.com/1597/ I think we're going to have to have a 3rd attempt at this pull request. If any of the developers think that it's fine then please merge this one and I'll stop. Otherwise, I'll try and extract all of the changes and put them in a new branch and resubmit. |
|
@cblackburn-igl No, I'd prefer to avoid merging it with unrelated commits. Please clean up the unrelared history, |
| </leafNode> | ||
| <leafNode name="remote-id"> | ||
| <properties> | ||
| <help>Filters on the contents of the remote-id sub option.</help> |
There was a problem hiding this comment.
| <help>Filters on the contents of the remote-id sub option.</help> | |
| <help>Filters on the contents of the remote-id sub option</help> |
The same as with circuit-id help string
| if 'client_class' not in dhcp: | ||
| raise ConfigError(f'Client class "{client_class}" set in subnet "{subnet}" but does not exist') | ||
|
|
||
| if client_class not in dhcp['client_class'].keys(): | ||
| raise ConfigError(f'Client class "{client_class}" set in subnet "{subnet}" but does not exist') |
There was a problem hiding this comment.
| if 'client_class' not in dhcp: | |
| raise ConfigError(f'Client class "{client_class}" set in subnet "{subnet}" but does not exist') | |
| if client_class not in dhcp['client_class'].keys(): | |
| raise ConfigError(f'Client class "{client_class}" set in subnet "{subnet}" but does not exist') | |
| if client_class not in dhcp.get('client_class', {}): | |
| raise ConfigError(f'Client class "{client_class}" set in subnet "{subnet}" but does not exist') |
This part can by simplified
| if 'client_class' not in dhcp: | ||
| raise ConfigError(f'Client class "{client_class}" set in range "{range}" but does not exist') | ||
|
|
||
| if client_class not in dhcp['client_class'].keys(): | ||
| raise ConfigError(f'Client class "{client_class}" set in range "{range}" but does not exist') |
There was a problem hiding this comment.
| if 'client_class' not in dhcp: | |
| raise ConfigError(f'Client class "{client_class}" set in range "{range}" but does not exist') | |
| if client_class not in dhcp['client_class'].keys(): | |
| raise ConfigError(f'Client class "{client_class}" set in range "{range}" but does not exist') | |
| if client_class not in dhcp.get('client_class', {}): | |
| raise ConfigError(f'Client class "{client_class}" set in range "{range}" but does not exist') |
The same is here
This commit adds support in both the CLI and the underlying code for DHCP Option 82 to be used to filter/route DHCP address assignments. The primary use case for this is to support enterprise switches which can "tag" DHCP requests with physical real world informaiton such as which switch first saw the request and which port it originated from (known in this context as remote-id and circuit-id). Once client-classes have been defined they can be assigned to subnets or ranges so that only certain addresses get assigned to specific requests. There is also a corresponding documentation update which pairs with this code change. (cherry picked from commit 326b5e7)
sarthurdev
force-pushed
the
T3936-DHCP-Option-82-Support
branch
from
093340b to
2e86aea
Compare
|
Cleaned up commits and squashed |
|
CI integration 👍 passed! Details
|
6 participants
Change summary
NB: This is a replacement pull request for one which I had to close as I was unable to rebase the commits into a single commit, as is required by the coding standard of VyOS. I have linked the previous PR in the Related PR's section so the history can be seen.
This commit adds support in both the CLI and the underlying code for DHCP Option 82 to be used to filter/route DHCP address assignments.
The primary use case for this is to support enterprise switches which can "tag" DHCP requests with physical real world informaiton such as which switch first saw the request and which port it originated from (known in this context as remote-id and circuit-id). Once client-classes have been defined they can be assigned to subnets or ranges so that only certain addresses get assigned to specific requests.
There is also a corresponding documentation update which pairs with this code change.
Types of changes
Related Task(s)
https://vyos.dev/T3936
Related PR(s)
vyos/vyos-documentation#1666
#4654 <-- Old Pull request this replaces
How to test / Smoketest result
I have tested these changes by adding new smoketests into the pre existing smoketest file. These new tests specifically check the new functionality including verifying that the generated config files are as expected and that the CLI refuses to take an incorrect commit.
I have also done integration testing in our lab which is set up with a switch which injects DHCP Option 82 information into live DHCP requests and these are processed as expected by VyOS.
Checklist: