add force_cidr option for vrfs

2020-03-22 17:46:08 -07:00 · 2020-03-22 17:46:08 -07:00 · f89b309f3f
commit f89b309f3f
parent afebf8bcf4
3 changed files with 11 additions and 8 deletions
--- a/docs/docs/devices.mdx
+++ b/docs/docs/devices.mdx
@ -89,10 +89,11 @@ May be set to `null` to disable IPv4 for this VRF, on the parent device.

 May be set to `null` to disable IPv6 for this VRF, on the parent device.

-| Parameter             |  Type  | Description                                                           |
-| :-------------------- | :----: | :-------------------------------------------------------------------- |
-| <R/> `source_address` | String | Device's source IPv6 address for directed queries (ping, traceroute). |
-| `access_list`         |        | <Link to="#access_list">IPv6 Access List Configuration</Link>         |
+| Parameter             |  Type   | Default | Description                                                                                                                     |
+| :-------------------- | :-----: | :------ | :------------------------------------------------------------------------------------------------------------------------------ |
+| <R/> `source_address` | String  |         | Device's source IPv6 address for directed queries (ping, traceroute).                                                           |
+| `force_cidr`          | Boolean | `false` | Convert host queries to the highest allowed prefix-length (defined in the <Link to="#access-list"><Code>le</Code></Link> field) |
+| `access_list`         |         |         | <Link to="#access_list">IPv6 Access List Configuration</Link>                                                                   |

 #### `access_list`

--- a/hyperglass/api/models/validators.py
+++ b/hyperglass/api/models/validators.py
@ -2,7 +2,6 @@

 # Standard Library
 import re
-import operator
 from ipaddress import ip_network

 # Project
@ -97,9 +96,9 @@ def validate_ip(value, query_type, query_vrf):  # noqa: C901
            device_name=f"VRF {query_vrf.display_name}",
        )

-    vrf_acl = operator.attrgetter(f"ipv{ip_version}.access_list")(query_vrf)
+    vrf_afi = getattr(query_vrf, f"ipv{ip_version}")

-    for ace in [a for a in vrf_acl if a.network.version == ip_version]:
+    for ace in [a for a in vrf_afi.access_list if a.network.version == ip_version]:
        if _member_of(valid_ip, ace.network):
            if query_type == "bgp_route" and _prefix_range(valid_ip, ace.ge, ace.le):
                pass
@ -129,7 +128,7 @@ def validate_ip(value, query_type, query_vrf):  # noqa: C901

            valid_ip = new_ip

-        elif query_type in ("bgp_route",):
+        elif query_type in ("bgp_route",) and vrf_afi.force_cidr:
            max_le = max(
                ace.le
                for ace in query_vrf[ip_version].access_list
@ -145,6 +144,7 @@ def validate_ip(value, query_type, query_vrf):  # noqa: C901
            )

            valid_ip = new_ip
+
    log.debug("Validation passed for {ip}", ip=value)
    return valid_ip

--- a/hyperglass/configuration/models/vrfs.py
+++ b/hyperglass/configuration/models/vrfs.py
@ -179,6 +179,7 @@ class DeviceVrf4(HyperglassModelExtra):

    source_address: IPv4Address
    access_list: List[AccessList4] = [AccessList4()]
+    force_cidr: StrictBool = False


 class DeviceVrf6(HyperglassModelExtra):
@ -186,6 +187,7 @@ class DeviceVrf6(HyperglassModelExtra):

    source_address: IPv6Address
    access_list: List[AccessList6] = [AccessList6()]
+    force_cidr: StrictBool = False


 class Vrf(HyperglassModel):