Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

wlb: T4470: Migrate WAN Load Balancer to XML/Python #4108

Open
wants to merge 2 commits into
base: current
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions data/op-mode-standardized.json
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
"evpn.py",
"interfaces.py",
"ipsec.py",
"load-balancing_wan.py",
"lldp.py",
"log.py",
"memory.py",
Expand Down
64 changes: 64 additions & 0 deletions data/templates/load-balancing/nftables-wlb.j2
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
#!/usr/sbin/nft -f

{% if first_install is not vyos_defined %}
delete table ip vyos_wanloadbalance
{% endif %}
table ip vyos_wanloadbalance {
chain wlb_nat_postrouting {
type nat hook postrouting priority srcnat - 1; policy accept;
{% for ifname, health_conf in interface_health.items() if health_state[ifname].if_addr %}
{% if disable_source_nat is not vyos_defined %}
{% set state = health_state[ifname] %}
ct mark {{ state.mark }} counter snat to {{ state.if_addr }}
{% endif %}
{% endfor %}
}

chain wlb_mangle_prerouting {
type filter hook prerouting priority mangle; policy accept;
{% for ifname, health_conf in interface_health.items() %}
{% set state = health_state[ifname] %}
{% if sticky_connections is vyos_defined %}
iifname "{{ ifname }}" ct state new ct mark set {{ state.mark }}
{% endif %}
{% endfor %}
{% if rule is vyos_defined %}
{% for rule_id, rule_conf in rule.items() %}
{% if rule_conf.exclude is vyos_defined %}
{{ rule_conf | wlb_nft_rule(rule_id, exclude=True, action='accept') }}
{% else %}
{% set limit = rule_conf.limit is vyos_defined %}
{{ rule_conf | wlb_nft_rule(rule_id, limit=limit, weight=True, health_state=health_state) }}
{{ rule_conf | wlb_nft_rule(rule_id, restore_mark=True) }}
{% endif %}
{% endfor %}
{% endif %}
}

chain wlb_mangle_output {
type filter hook output priority -150; policy accept;
{% if enable_local_traffic is vyos_defined %}
meta mark != 0x0 counter accept
meta l4proto icmp counter accept
ip saddr 127.0.0.0/8 ip daddr 127.0.0.0/8 counter accept
{% if rule is vyos_defined %}
{% for rule_id, rule_conf in rule.items() %}
{% if rule_conf.exclude is vyos_defined %}
{{ rule_conf | wlb_nft_rule(rule_id, local=True, exclude=True, action='accept') }}
{% else %}
{% set limit = rule_conf.limit is vyos_defined %}
{{ rule_conf | wlb_nft_rule(rule_id, local=True, limit=limit, weight=True, health_state=health_state) }}
{{ rule_conf | wlb_nft_rule(rule_id, local=True, restore_mark=True) }}
{% endif %}
{% endfor %}
{% endif %}
{% endif %}
}

{% for ifname, health_conf in interface_health.items() %}
{% set state = health_state[ifname] %}
chain wlb_mangle_isp_{{ ifname }} {
meta mark set {{ state.mark }} ct mark set {{ state.mark }} counter accept
}
{% endfor %}
}
134 changes: 0 additions & 134 deletions data/templates/load-balancing/wlb.conf.j2

This file was deleted.

3 changes: 0 additions & 3 deletions debian/control
Original file line number Diff line number Diff line change
Expand Up @@ -203,9 +203,6 @@ Depends:
# For "load-balancing haproxy"
haproxy,
# End "load-balancing haproxy"
# For "load-balancing wan"
vyatta-wanloadbalance,
# End "load-balancing wan"
# For "service dhcp-relay"
isc-dhcp-relay,
# For "service dhcp-server"
Expand Down
37 changes: 37 additions & 0 deletions op-mode-definitions/load-balancing_wan.xml.in
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
<?xml version="1.0" encoding="UTF-8"?>
<interfaceDefinition>
<node name="restart">
<children>
<node name="wan-load-balance">
<properties>
<help>Restart Wide Area Network (WAN) load-balancing daemon</help>
</properties>
<command>sudo ${vyos_op_scripts_dir}/restart.py restart_service --name load-balancing_wan</command>
</node>
</children>
</node>
<node name="show">
<children>
<node name="wan-load-balance">
<properties>
<help>Show Wide Area Network (WAN) load-balancing information</help>
</properties>
<command>${vyos_op_scripts_dir}/load-balancing_wan.py show_summary</command>
<children>
<node name="connection">
<properties>
<help>Show Wide Area Network (WAN) load-balancing flow</help>
</properties>
<command>${vyos_op_scripts_dir}/load-balancing_wan.py show_connection</command>
</node>
<node name="status">
<properties>
<help>Show WAN load-balancing statistics</help>
</properties>
<command>${vyos_op_scripts_dir}/load-balancing_wan.py show_status</command>
</node>
</children>
</node>
</children>
</node>
</interfaceDefinition>
3 changes: 2 additions & 1 deletion python/vyos/defaults.py
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,8 @@
'dhcp6_client_dir' : '/run/dhcp6c',
'vyos_configdir' : '/opt/vyatta/config',
'completion_dir' : f'{base_dir}/completion',
'ca_certificates' : '/usr/local/share/ca-certificates/vyos'
'ca_certificates' : '/usr/local/share/ca-certificates/vyos',
'ppp_nexthop_dir' : '/run/ppp_nexthop'
}

config_status = '/tmp/vyos-config-status'
Expand Down
5 changes: 5 additions & 0 deletions python/vyos/template.py
Original file line number Diff line number Diff line change
Expand Up @@ -779,6 +779,11 @@ def conntrack_ct_policy(protocol_conf):

return ", ".join(output)

@register_filter('wlb_nft_rule')
def wlb_nft_rule(rule_conf, rule_id, local=False, exclude=False, limit=False, weight=None, health_state=None, action=None, restore_mark=False):
from vyos.wanloadbalance import nft_rule as wlb_nft_rule
return wlb_nft_rule(rule_conf, rule_id, local, exclude, limit, weight, health_state, action, restore_mark)

@register_filter('range_to_regex')
def range_to_regex(num_range):
"""Convert range of numbers or list of ranges
Expand Down
Loading
Loading