diff options
author | Håkon Hallingstad <hakon@verizonmedia.com> | 2019-06-23 18:32:34 +0200 |
---|---|---|
committer | Håkon Hallingstad <hakon@verizonmedia.com> | 2019-06-23 18:32:34 +0200 |
commit | 77eaa6013ca53eefe4c6b618ed28bfafc51efe13 (patch) | |
tree | 1b74ed172de5bee9ca4f55044571e8e6102bf93b | |
parent | 25ae53f995d0110d27afcc430bcf19b1e6ef5755 (diff) |
Add support-dhcpv6-in-aws flag and add method to get link-local address space in IPVersion
-rw-r--r-- | flags/src/main/java/com/yahoo/vespa/flags/Flags.java | 6 | ||||
-rw-r--r-- | node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/task/util/network/IPVersion.java | 51 |
2 files changed, 32 insertions, 25 deletions
diff --git a/flags/src/main/java/com/yahoo/vespa/flags/Flags.java b/flags/src/main/java/com/yahoo/vespa/flags/Flags.java index 66c8da86403..1b7ed1fb21e 100644 --- a/flags/src/main/java/com/yahoo/vespa/flags/Flags.java +++ b/flags/src/main/java/com/yahoo/vespa/flags/Flags.java @@ -69,6 +69,12 @@ public class Flags { "Takes effect on next node agent tick. Change is orchestrated, but does NOT require container restart", HOSTNAME, APPLICATION_ID); + public static final UnboundBooleanFlag SUPPORT_DHCPV6_IN_AWS = defineFeatureFlag( + "support-dhcpv6-in-aws", true, + "Whether to open up for DHCPv6 traffic in AWS. Old behavior is false.", + "Takes effect on next tick in host-admin, except FirewallTask which requires a restart of host-admin", + HOSTNAME); + public static final UnboundStringFlag TLS_INSECURE_MIXED_MODE = defineStringFlag( "tls-insecure-mixed-mode", "tls_client_mixed_server", "TLS insecure mixed mode. Allowed values: ['plaintext_client_mixed_server', 'tls_client_mixed_server', 'tls_client_tls_server']", diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/task/util/network/IPVersion.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/task/util/network/IPVersion.java index de80d4dca18..4cc825dacd6 100644 --- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/task/util/network/IPVersion.java +++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/task/util/network/IPVersion.java @@ -15,52 +15,53 @@ import java.util.regex.Pattern; */ public enum IPVersion { - IPv6(6, "ip6tables", "ip -6", "ipv6-icmp", "/128", "icmp6-port-unreachable", "ip6tables-restore"), - IPv4(4, "iptables", "ip", "icmp", "/32", "icmp-port-unreachable", "iptables-restore"); + IPv6(6, "ip6tables", "ip -6", "ipv6-icmp", 128, "icmp6-port-unreachable", "ip6tables-restore", "fe80::/10"), + IPv4(4, "iptables", "ip", "icmp", 32, "icmp-port-unreachable", "iptables-restore", "169.254.0.0/16"); private static final Pattern cidrNotationPattern = Pattern.compile("/\\d+$"); IPVersion(int version, String iptablesCmd, String ipCmd, - String icmpProtocol, String singleHostCidr, String icmpPortUnreachable, - String iptablesRestore) { + String icmpProtocol, int size, String icmpPortUnreachable, + String iptablesRestore, String linkLocalCidr) { this.version = version; this.ipCmd = ipCmd; this.iptablesCmd = iptablesCmd; this.icmpProtocol = icmpProtocol; - this.singleHostCidr = singleHostCidr; + this.size = size; this.icmpPortUnreachable = icmpPortUnreachable; this.iptablesRestore = iptablesRestore; + this.linkLocalCidr = linkLocalCidr; } private final int version; private final String iptablesCmd; private final String ipCmd; private final String icmpProtocol; - private final String singleHostCidr; + private final int size; private final String icmpPortUnreachable; private final String iptablesRestore; + private final String linkLocalCidr; - public int version() { - return version; - } - public String versionString() { - return String.valueOf(version); - } - public String iptablesCmd() { - return iptablesCmd; - } - public String iptablesRestore() { - return iptablesRestore; - } - public String ipCmd() { - return ipCmd; - } - public String icmpProtocol() { - return icmpProtocol; - } - public String singleHostCidr() { return singleHostCidr; } + /** The ID of the IP version, either IPv4 or IPv6. */ + public String id() { return "IPv" + version; } + + /** The IP version, either 4 or 6 */ + public int version() { return version; } + + public String versionString() { return String.valueOf(version); } + public String iptablesCmd() { return iptablesCmd; } + public String iptablesRestore() { return iptablesRestore;} + public String ipCmd() { return ipCmd; } + public String icmpProtocol() { return icmpProtocol; } + public String singleHostCidr() { return "/" + size; } public String icmpPortUnreachable() { return icmpPortUnreachable; } + /** The address size (in bits) of the IP version: 32 or 128. */ + public int addressSize() { return size; } + + /** Both IPv4 and IPv6 have exactly one link-local address space: 169.254.0.0/16 or fe80::/10. */ + public String linkLocalAddressCidr() { return linkLocalCidr; } + public boolean match(InetAddress address) { return this == IPVersion.get(address); } |