summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-07-05T5340: snmp: add checks while configuring snmp listen-address with and ↵Nicolas Fort
without vrf
2023-07-03Merge pull request #2070 from jvoss/isis-merge-configChristian Breunig
isis: T5335: fix invalid isis config base in migration script
2023-07-03Merge pull request #2069 from sever-sever/T5333Christian Breunig
T5333: Set prefix UD for PBR generated user-defined chain names
2023-07-03ospf: T5334: add support for external route summarisation Type-5 and Type-7 LSAsChristian Breunig
* set protocols ospf aggregation timer <seconds> * set protocols ospf summary-address x.x.x.x/x [tag 1-4294967295] * set protocols ospf summary-address x.x.x.x/x no-advertise
2023-07-03xml: policy: T2425: create building block for "tag" nodeChristian Breunig
2023-07-03Merge pull request #2071 from zdc/T1797-sagittaChristian Breunig
VPP: T1797: Added interfaces reinitialization
2023-07-03VPP: T1797: Added interfaces reinitializationzsdc
After an interface is added/removed from VPP, it will be reinitialized, which allows reconfiguring IP addresses on it. Also modified VPP load priority to start before interfaces, and avoid reconfiguration during boot.
2023-07-03isis: T5335: fix invalid isis config base in migration scriptJonathan Voss
2023-07-03T5333: Set prefix UD for PBR generated user-defined chain namesViacheslav Hletenko
We cannot use some specific names like POSTROUTING/PREROUTING as for PBR they overlaps with VyOS defined chains Chains aftoconfigured by VyOS itself: chain VYOS_PBR_PREROUTING chain VYOS_PBR_POSTROUTING If we try to use chain name "POSTROUTING" it generates 2 chains with the same name "chain VYOS_PBR_POSTROUTING" one is autoconfigured and the second defined by user set policy route POSTROUTING rule 100 Add the user-defined (UD) prefix to separate user defined names That allows to use any user-defined names
2023-07-03Merge pull request #2068 from sever-sever/T5048Viacheslav Hletenko
T5048: QoS do not add prio if it is already in tc command
2023-07-02T5048: QoS do not add prio if it is already in tc commandViacheslav Hletenko
Prevent duplicatte prio fot tc command
2023-07-02Merge pull request #2067 from sever-sever/T5332Christian Breunig
T5332: Fix show policy route without attahed interface
2023-07-02T5332: Fix show policy route without attahed interfaceViacheslav Hletenko
Interface may not be present in the op-mode dictionary, it cause KeyError: 'interface' for policy route
2023-07-02Merge pull request #2066 from sever-sever/T5048Christian Breunig
T5048: QoS index priority should be used only for shaper
2023-07-02T5048: QoS index priority should be used only for shaperViacheslav Hletenko
QoS index priority should be used only for qostype 'shaper' otherwise we set priority 2 times, that is incorrect. OSError: [Errno 255] failed to run command: tc filter add dev eth2 parent 1: prio 5 protocol all prio 1 u32 match ip src 10.1.1.0/24 flowid 1:1e exit code: 255 Fix it
2023-07-01Merge pull request #2065 from sever-sever/T5295Christian Breunig
T5295: QoS fix policy limiter tc filter rate limit
2023-07-01T5302: QoS fix class with multiple matches generate one ruleViacheslav Hletenko
Fix QoS tc class with multiple matches generates one rule but expects multiple filter rules: set qos policy shaper test class 23 match one ip protocol 'tcp' set qos policy shaper test class 23 match two ip protocol 'udp' tc filter add dev eth0 parent 1: protocol all prio 1 u32 match ip protocol 6 0xff flowid 1:17 tc filter add dev eth0 parent 1: protocol all prio 2 u32 match ip protocol 17 0xff flowid 1:17
2023-07-01T5295: QoS fix policy limiter tc filter rate limitViacheslav Hletenko
tc filter rate limit should be used only if qostype is 'limiter' and not 'shaper'
2023-07-01Merge pull request #2064 from sever-sever/T1797Christian Breunig
T1797: VPP verify minimal installed memory and apply sysctl
2023-07-01T1797: VPP verify minimal installed memory and apply sysctlViacheslav Hletenko
Do not allow configure VPP if on the systems with low amount installed memory Add sysctl VPP parameters (hugepages, kernel.shmmax)
2023-07-01T1797: Divert sysctl 80-vpp.confViacheslav Hletenko
2023-06-30bcast-relay: T5313: capitalize UDP protocol nameChristian Breunig
2023-06-30Merge pull request #2063 from srividya0208/T5329Daniil Baturin
T5329 : priority: tunnel config is committed before wireguard
2023-06-30T5329 : priority: tunnel config is committed before wireguardsrividya0208
2023-06-30T775: Add service config-sync between 2 routersViacheslav Hletenko
Service config-sync allows synchronizing a section of the configuration. As PoC allow only nat, nat66 and firewall sections Rertreive the configuration for a section from self node and send this configuration to the section of the 'secondary' node. This feature adds a symlink from helper 'vyos_config_sync.py' to '/config/scripts/commit/post-hooks.d' and config that is located in '/run/config_sync_conf.conf' It will synchronyze the config only if the setcion was changed. set service config-sync secondary address 192.0.2.11 set service config-sync secondary key xxx set service config-sync section nat set service config-sync section nat66 set service config-sync section firewall set service config-sync mode load
2023-06-29vpp: T1797: disable CLI in rolling releasesChristian Breunig
2023-06-29Merge pull request #2059 from sever-sever/T1797-vppChristian Breunig
T1797: Add initial vpp configuration
2023-06-29tacacs: T141: tacacs is not available for arm64 (yet)Christian Breunig
2023-06-29Merge pull request #8 from zdc/sever-sever_T1797-vppViacheslav Hletenko
VPP: T1797: Optimized interfaces add/remove
2023-06-29VPP: T1797: Optimized interfaces add/removezsdc
- added extra renaming operation to be sure that interface has the same name as before in the system after it was moved from VPP to kernel - added extra check after PCI device removal/adding - added check for proper `retval` for CPI calls where it is available - replaced empty return with an error in `_get_pci_address_by_interface()` because not resolved address will lead to inconsistency of the system later
2023-06-29policy: T4329: Fix regex for extcommunity rt #2Christian Breunig
The previous implementation did not iterate over the communit list, so only one match criteria was supported. set policy route-map FOO rule 10 action 'permit' set policy route-map FOO rule 10 set extcommunity rt '1111:2222222' worked but on the other hand this failed: set policy route-map FOO rule 20 action 'permit' set policy route-map FOO rule 20 set extcommunity rt '6500:24 6500:23 192.168.0.1:111 192.168.0.1:222'
2023-06-29Merge pull request #2060 from jestabro/warning-boot-config-errDaniil Baturin
T5320: warn on entering config mode if boot config errors present
2023-06-28T5320: check if unsaved commits are due to boot config errorJohn Estabrook
2023-06-28T5320: warn on entering config mode if boot config errors presentJohn Estabrook
2023-06-28Merge pull request #7 from zdc/sever-sever_T1797-vppViacheslav Hletenko
VPP: T1797: Improved PCI address search
2023-06-28VPP: T1797: Improved VPP supportzsdc
- added ability to add/remove interfaces without system reboot - added `attempts` and `interval` to the VPP API connection. This is helpful in case of high system load or when VPP was just started and API is not yet available. - added exceptions to API calls. This allows handling errors in communication with API properly in conf-mode scripts. - fixed PCI address search in VPP to match Linux kernel and ethtool style - fixed systemd daemons control - first reload, then restart - removed debug prints - removed `vm.nr_hugepages` configuration. It is not required now but increases RAM requirements a lot.
2023-06-27VPP: T1797: Improved PCI address searchzsdc
Use info from both ethtool and VPP to find PCI address for an interface.
2023-06-27Merge pull request #2051 from sever-sever/T5304Christian Breunig
T5304: Container add volume bind propagation option
2023-06-27VPP: T1797: Replaced CLI with APIViacheslav Hletenko
2023-06-27VPP: T1797: Replaced CLI with APIzsdc
Replaced CLI commands with API calls. CLI commands still can be used via: ``` vpp_control = VPPControl() vpp_control.cli_cmd('command_here') ```
2023-06-27T5304: Container add volume bind propagation optionViacheslav Hletenko
set container name c1 volume myvlm propagation rshared
2023-06-27T1797: Add initial vpp configurationViacheslav Hletenko
Add initial configuration mode for VPP (PoC) set vpp cpu corelist-workers '2' set vpp cpu main-core '1' set vpp interface eth1 num-rx-desc '256' set vpp interface eth1 num-rx-queues '512' set vpp interface eth1 num-tx-desc '256' set vpp interface eth1 num-tx-queues '512' set vpp interface eth1 pci '0000:02:00.0' set vpp interface eth1 rx-mode 'polling' set vpp interface eth2 pci '0000:08:00.0' Limitation: - 'set vpp interface ethX pci auto' works only per first commit, then interface detached from default stack and creates tun interface 'ethX' to communicate with default stack. In this case we can't get PCI address via ethtool for 'tun' interfaces. But we can set pci address manualy. - Interface sync between default stack and VPP-DPDK stack After vpp change it doesn't trigger iproute2 for changes (should be written later) I.e. if we change something in vpp per each commit it restarts vpp.service it gets empty interface config as we don't configure vpp directly and it should be configured via iproute2 But then if we do any change on interface (for example description) it gets IP address, MTU, state, etc.
2023-06-26vrrp: T5315: fix completion helperChristian Breunig
2023-06-26vrrp: T5315: add support to explicitly specify versionChristian Breunig
set high-availability vrrp group <name> version 2|3
2023-06-25bcast-relay: T5313: verify() relay interfaces have IPv4 address configuredChristian Breunig
2023-06-24tacacs: T141: check upper bound on dynamically allocated user accountsJohn Estabrook
Check upper bound as defined in Debian Policy Manual. Without this check, user 'nobody' will not be available.
2023-06-24smoketest: ssh_send_cmd should be a static methodJohn Estabrook
2023-06-24Merge pull request #2010 from jestabro/revise-config-dictJohn Estabrook
config: T5228: simplify get_config_dict and add argument with_defaults
2023-06-24Merge pull request #2052 from jestabro/revise-interface-dictChristian Breunig
vyos.configdict: T5308: Remove workarounds for incorrect defaults in get_interface_dict
2023-06-24Merge pull request #2053 from JonSanMan/scalable-qosChristian Breunig
T5312: Escape special character