Commit 55fdc666 authored by Simon Redman's avatar Simon Redman

Prevent adding ULA IPv6 addresses to the management interfaces

parent ea37f512
......@@ -127,21 +127,28 @@ def parse_local_interface_addresses(netgraph):
return interface_map
def construct_ULAs(ipv6_link_local_map, ipv4_map):
def construct_ULAs(ipv6_link_local_map, ipv4_map, ignore_addrs=[]):
"""
Combine the per-host, per-interface IPv6 and IPv4 information into per-host, per-interface Unique Local Addresses
:param ipv6_link_local_map: per-host per-interface IPv6 link local address map as built by parse_local_interface_addresses
:param ipv4_map: per-host per-interface IPv4 address map as built by parse_ipv4_networks
:param ignore_addrs: List of interface IPv4 or IPv6 addresses which should be ignored
:return: mapping of hosts to interfaces to ULAs
"""
ULA_map = {}
# Convert the addresses to ignore into IPAddress objects. If they already were, this is a noop
ignore_addrs = [ipaddress.ip_address(addr) for addr in ignore_addrs]
for host in ipv6_link_local_map:
ULA_map[host] = {}
for interface in ipv6_link_local_map[host]:
link_local_addr = ipv6_link_local_map[host][interface]
ipv4_addr = ipv4_map[host][interface]
if (link_local_addr.ip in ignore_addrs or ipv4_addr.ip in ignore_addrs):
# If the IP address should be ignored, ignore it
continue
ULA_map[host][interface] = convert_link_local_addr_to_ULA(link_local_addr, ipv4_addr)
return ULA_map
......@@ -213,10 +220,11 @@ if __name__ == "__main__":
netgraph = NetJsonParser(file=args.in_file)
ssh_helper.network_graph_login(netgraph.graph, args.username)
management_ips = [node["management-ip"] for node in netgraph.graph._node.values()]
link_local_map = parse_local_interface_addresses(netgraph.graph)
ipv4_map = parse_ipv4_networks(netgraph.graph)
ULA_map = construct_ULAs(link_local_map, ipv4_map)
ULA_map = construct_ULAs(link_local_map, ipv4_map, management_ips)
add_ULAs_to_hosts(netgraph.graph, ULA_map)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment