From ff226d0a9cd7829151b401573fb1e391cb10176b Mon Sep 17 00:00:00 2001 From: Eran Dahan Date: Mon, 25 Jan 2021 09:43:56 +0200 Subject: [PATCH] Prevent configuring IP interface on a port which is a member of VLAN (#1374) **- What I did** Fixed bug https://github.com/Azure/sonic-buildimage/issues/6426 Added a validation in config/main.py to prevent configuring IP interface on a port which is a member of VLAN **- How I did it** Change config/main.py **- How to verify it** Add interface as member in vlan Try to configure IP address on same interface **- Previous command output (if the output of a command-line utility has changed)** Success in the above scenario. **- New command output (if the output of a command-line utility has changed)** prevent configuration: "Interface Ethernet0 is a member of vlan Aborting!" --- config/main.py | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/config/main.py b/config/main.py index 34d01955f2c4..f7cf8e32fc33 100644 --- a/config/main.py +++ b/config/main.py @@ -2645,6 +2645,13 @@ def add(ctx, interface_name, ip_addr, gw): if interface_name is None: ctx.fail("'interface_name' is None!") + # Add a validation to check this interface is not a member in vlan before + # changing it to a router port + vlan_member_table = config_db.get_table('VLAN_MEMBER') + if (interface_is_in_vlan(vlan_member_table, interface_name)): + click.echo("Interface {} is a member of vlan\nAborting!".format(interface_name)) + return + try: net = ipaddress.ip_network(ip_addr, strict=False) if '/' not in ip_addr: