Age | Commit message (Collapse) | Author |
|
dhclient: T3392: Changed dhclient-script hooks for VRF
|
|
There were two problems with VRF support inside dhclient-script:
- VRF check inside the `01-vyos-cleanup` hook was needless because it will be done inside the `03-vyos-ipwrapper` anyway;
- VRF was ignored for in-kernel routes in `03-vyos-ipwrapper`. Theoretically, there must be no situation now when this can leads to a real problem, but better will be to keep both kernel and FRR backends in sync.
Also, the way to get and use a VRF name was changed to an easier one.
|
|
|
|
ipsec: T3333: Fix status for SA state op-mode
|
|
|
|
|
|
dhclient: T3471: Fixed dhclient processes search
|
|
Since in some cases a dhclient command may not end with an interface name, the way to find out a list of dhclients running for a current interface was replaced to catch PIDs regardless of the exact command syntax.
|
|
|
|
login: T3455: Fix edit level configuration for user
|
|
containers: T2216: Add podman for containers
|
|
|
|
|
|
Removing the Zebra/Linux Kernel route-map added by "set protocols static route-map"
was not removed once applied. This was because the removal must happen within
the zebra daemon and not staticd.
|
|
Removing the Zebra/Linux Kernel route-map added by "set protocols rip route-map"
was not removed once applied. This was because the removal must happen within
the zebra daemon and not ripd.
|
|
Removing the Zebra/Linux Kernel route-map added by "set protocols isis route-map"
was not removed once applied. This was because the removal must happen within
the zebra daemon and not isisd.
|
|
Removing the Zebra/Linux Kernel route-map added by "set protocols ospf route-map"
was not removed once applied. This was because the removal must happen within
the zebra daemon and not ospfd.
|
|
Removing the Zebra/Linux Kernel route-map added by "set protocols bgp route-map"
was not removed once applied. This was because the removal must happen within
the zebra daemon and not bgpd.
|
|
|
|
|
|
For an unknown reason this regularely fails on the QEMU builds, thus the test
for reading back IP addresses is temporary disabled. There is no big deal here,
as this uses the same methods on 802.1q and here it works and is verified.
|
|
It is only possible to set one local-as override per BGP neighbor/peer-group.
In addition to this, the override AS number is not allowed to be the same as
the one from the global BGP process.
If this would still be the case frr-reload would error out:
> frr-reload output: 184 % Cannot have local-as same as BGP AS number
|
|
|
|
|
|
set vrf name red protocols bgp address-family l2vpn-evpn advertise ipv4 unicast
|
|
|
|
cpo@PE1:~$ show bgp vrf all
Instance default:
No BGP prefixes displayed, 0 exist
Instance red:
BGP table version is 1, local router ID is 10.2.1.1, vrf id 11
Default local pref 100, local AS 100
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.2.1.0/24 0.0.0.0 0 32768 ?
Displayed 1 routes and 1 total paths
Instance blue:
BGP table version is 1, local router ID is 10.1.1.1, vrf id 10
Default local pref 100, local AS 100
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.1.1.0/24 0.0.0.0 0 32768 ?
Displayed 1 routes and 1 total paths
|
|
This change makes it easier to group all BGP related operational level command
building blocks in one place.
|
|
|
|
After commit 73557d68 ("bgp: T1711: remove ASN tagNode and move to 'local-as'")
when the BGP tag node was removed there is no need anymore for a script based
completion helper, we can rather rely on the build in "path" variant.
|
|
nat: op-mode: T3435: Filter extra rules that should not be processed
|
|
This was not possible due to a regression in iproute2 where the erspan_dir key
did not have a value. See [1] for more information.
[1]: https://lore.kernel.org/netdev/3ac544c09842410fb863b332917a03ad@poessinger.com/
|
|
|
|
This is a fix for commit 6f6f45c5 ("bgp: T3463: change no-ipv4-unicast order
when applying configuration") as this changed the handling of the "else" path,
which lead to failing smoketests as the "no bgp ebgp-requires-policy" option
was no longer set.
|
|
protocols: fix "bad" design and non working route-maps containing hyphens
|
|
The "no bgp default ipv4-unicast" option must be applied to FRR before adding
any neighbor to the system. If this is not the case, neighbors will start
exchanging v4 routes over v6 peers.
|
|
|
|
The introduction of key_mangling=('-', '_') when working with get_config_dict()
caused more harm then good. This commit extends common helpers and adds new
helpers when verifying the existence of route-maps, access-lists or prefix-lists.
|
|
|
|
|
|
|
|
Port over the regex used in the old node.def code-base and make this limitation
also live on the new CLI interface.
|
|
|
|
|
|
Commit 548d9057e3e (vrf: T3344: move dynamic routing protocols under "vrf name
<name> protocols") temporary removed the possibility to specify the VNI for a
given VRF to to changing of the CLI configuration nodes.
As VNI is set inside zebra, we can re-use the now widely deployed frr python
library to configure and change the configuration without any interference to
other FRR daemons.
|
|
Instead of having a dedicated ERSPAN interface type, rather move the specifics
into "interface tunnel". A migrator is not needed as there is yet no LTS release
with this feature and this is considered experimental.
|
|
For L2TPv3 to properly work there must be a routing entry present for the
remote side of the tunnel, or use a directly connected subnet.
|
|
|
|
RFC7348 recommends VXLAN tunnels preserve a 1500 byte MTU.
|
|
interfaces: dhcp-client: T3454: add reject option
|