Age | Commit message (Collapse) | Author |
|
T775: Add service config-sync between 2 routers
|
|
VPP: T1797: Optimizations for VPP memory allocation during startup
|
|
T5340: snmp: add checks while configuring snmp listen-address with an…
|
|
T5314: Fix default QOS classes not getting qdisc
|
|
vyos.configdict: T5319: remove workarounds for incorrect defaults in get_accel_dict
|
|
- changed memory requirement from total to available. This allows to start on
systems with less total memory and protects from startup on systems with
overloaded memory.
- prevent startup if sysctl settings were not applied. This protects from
situations when the system cannot allocate enough hugepages or apply other
sysctl settings.
|
|
|
|
|
|
- modified `sysctl_read()` to return the whole value
- modified `sysctl_write()` logic to return `True` only in case a value was
changed successfully
- added `sysctl_apply()` to apply a dictionary of values at once
|
|
|
|
|
|
T5336: Add Swedish keyboard-layout
|
|
|
|
without vrf
|
|
isis: T5335: fix invalid isis config base in migration script
|
|
T5333: Set prefix UD for PBR generated user-defined chain names
|
|
* set protocols ospf aggregation timer <seconds>
* set protocols ospf summary-address x.x.x.x/x [tag 1-4294967295]
* set protocols ospf summary-address x.x.x.x/x no-advertise
|
|
|
|
VPP: T1797: Added interfaces reinitialization
|
|
After an interface is added/removed from VPP, it will be reinitialized, which
allows reconfiguring IP addresses on it.
Also modified VPP load priority to start before interfaces, and avoid
reconfiguration during boot.
|
|
|
|
We cannot use some specific names like POSTROUTING/PREROUTING
as for PBR they overlaps with VyOS defined chains
Chains aftoconfigured by VyOS itself:
chain VYOS_PBR_PREROUTING
chain VYOS_PBR_POSTROUTING
If we try to use chain name "POSTROUTING" it generates 2 chains
with the same name "chain VYOS_PBR_POSTROUTING" one is
autoconfigured and the second defined by user
set policy route POSTROUTING rule 100
Add the user-defined (UD) prefix to separate user defined names
That allows to use any user-defined names
|
|
T5048: QoS do not add prio if it is already in tc command
|
|
Prevent duplicatte prio fot tc command
|
|
T5332: Fix show policy route without attahed interface
|
|
Interface may not be present in the op-mode dictionary, it cause
KeyError: 'interface' for policy route
|
|
T5048: QoS index priority should be used only for shaper
|
|
QoS index priority should be used only for qostype 'shaper'
otherwise we set priority 2 times, that is incorrect.
OSError: [Errno 255] failed to run command:
tc filter add dev eth2 parent 1: prio 5 protocol all prio 1 u32 match ip src 10.1.1.0/24 flowid 1:1e
exit code: 255
Fix it
|
|
T5295: QoS fix policy limiter tc filter rate limit
|
|
Fix QoS tc class with multiple matches generates one rule but
expects multiple filter rules:
set qos policy shaper test class 23 match one ip protocol 'tcp'
set qos policy shaper test class 23 match two ip protocol 'udp'
tc filter add dev eth0 parent 1: protocol all prio 1 u32 match ip protocol 6 0xff flowid 1:17
tc filter add dev eth0 parent 1: protocol all prio 2 u32 match ip protocol 17 0xff flowid 1:17
|
|
tc filter rate limit should be used only if qostype is 'limiter'
and not 'shaper'
|
|
T1797: VPP verify minimal installed memory and apply sysctl
|
|
Do not allow configure VPP if on the systems with low amount
installed memory
Add sysctl VPP parameters (hugepages, kernel.shmmax)
|
|
|
|
|
|
T5329 : priority: tunnel config is committed before wireguard
|
|
|
|
Service config-sync allows synchronizing a section of
the configuration.
As PoC allow only nat, nat66 and firewall sections
Rertreive the configuration for a section from self node and
send this configuration to the section of the 'secondary' node.
This feature adds a symlink from helper 'vyos_config_sync.py'
to '/config/scripts/commit/post-hooks.d' and config that is
located in '/run/config_sync_conf.conf'
It will synchronyze the config only if the setcion
was changed.
set service config-sync secondary address 192.0.2.11
set service config-sync secondary key xxx
set service config-sync section nat
set service config-sync section nat66
set service config-sync section firewall
set service config-sync mode load
|
|
|
|
T1797: Add initial vpp configuration
|
|
|
|
VPP: T1797: Optimized interfaces add/remove
|
|
- added extra renaming operation to be sure that interface has the same name as
before in the system after it was moved from VPP to kernel
- added extra check after PCI device removal/adding
- added check for proper `retval` for CPI calls where it is available
- replaced empty return with an error in `_get_pci_address_by_interface()`
because not resolved address will lead to inconsistency of the system later
|
|
The previous implementation did not iterate over the communit list, so only
one match criteria was supported.
set policy route-map FOO rule 10 action 'permit'
set policy route-map FOO rule 10 set extcommunity rt '1111:2222222'
worked but on the other hand this failed:
set policy route-map FOO rule 20 action 'permit'
set policy route-map FOO rule 20 set extcommunity rt '6500:24 6500:23 192.168.0.1:111 192.168.0.1:222'
|
|
T5320: warn on entering config mode if boot config errors present
|
|
|
|
|
|
VPP: T1797: Improved PCI address search
|
|
- added ability to add/remove interfaces without system reboot
- added `attempts` and `interval` to the VPP API connection. This is helpful in
case of high system load or when VPP was just started and API is not yet
available.
- added exceptions to API calls. This allows handling errors in communication
with API properly in conf-mode scripts.
- fixed PCI address search in VPP to match Linux kernel and ethtool style
- fixed systemd daemons control - first reload, then restart
- removed debug prints
- removed `vm.nr_hugepages` configuration. It is not required now but increases
RAM requirements a lot.
|
|
Use info from both ethtool and VPP to find PCI address for an
interface.
|