Age | Commit message (Collapse) | Author |
|
(cherry picked from commit 80fe3ef4d49f6ee277d52ef5847f011e5775e7fb)
|
|
(cherry picked from commit 452a9c504f472dcaee8c93947a889dab4f8259ce)
|
|
- remove redundant code paths apply_mirror() / apply_mirror_of_monitor()
- have single source available
|
|
Since the dependency problem has not been solved before,
if the monitoring interface does not exist when the
mirror rule is created, the execution will be abnormal
|
|
setting and streamline the code
|
|
|
|
We had two places were the is_ip, is_ipv4 and is_ipv6 helpers had been defined.
All places now have been converged into vyos.template as they are used both
in the Jinja2 templates and also in our scripts.
|
|
|
|
Renamed using snippet below:
----------------------------
for file in $(find . -name "*.py")
do
sed -i "s/vyos_dict_search/dict_search/" $file
done
|
|
|
|
The current implementation for bridge based interfaces has an issue which is
caused by priority inheritance. We always assumed that the bridge interface will
be created last, but this may not be true in all cases, where some interfaces
will be created "on demand" - e.g. OpenVPN or late (VXLAN, GENEVE).
As we already have a bunch of verify steps in place we should not see a bridge
interface leak to the underlaying infrastructure code. This means, whenever an
interface will be member of a bridge, and the bridge does yet not exist, we will
create it in advance in the interface context, as the bridge code will be run
in the same commit but maybe sooner or later.
This will also be the solution for T2924.
|
|
We must use XML node style (hyphen over underscore).
|
|
|
|
Every interface knows if it is part of a bridge or not - except a VLAN (VIF)
interface. Also VLANs should be aware of its master bridge.
Add a testcase to ensure when VIFs on an interface change the bridge does not
loos one of it's members.
|
|
We must use exists() as get_config_dict() will always return {} - even when an
empty interface node like
+macsec macsec1 {
+}
exists.
|
|
As we already check that a bond/bridge member interface is not a member of any
other bridge or bond, the check must be extended. We also need to ensure that
the bond member interface is not used as a source-interface to pppoe, macsec,
tunnel, pseudo-ethernet, vxlan interfaces.
|
|
|
|
|
|
|
|
Now that b40c52682a256 ("config: T2636: get_config_dict() returns a list on
multi node by default") is implemented the workarounds can be removed.
|
|
|
|
The current CLI did not support multiple prefix-delegations per interface. Some
ISPs only send one /64 to a client per prefix-delegation request, but they
allow the customer to request multiple prefixes.
The 'dhcpv6-options prefix-delegation' node has been renamed and converted to a
tag node named 'dhcpv6-options pd'. The tag node specifies a PD request (>=0).
In the past the user needed to know what prefix will be assigned and required
to calculate the sla-len by himself. The 'sla-len' node was dropped and is now
calculated in the background from the 'dhcpv6-options pd 0 length' node.
It is no longer mandatory to supply the 'sla-id' node, if sla-id is not
specified it is 'guessed' by counting upwards.
Example configuration:
----------------------
ethernet eth1 {
address dhcpv6
dhcpv6-options {
pd 0 {
length 56
interface eth2 {
address 1
}
}
}
}
This will request a /56 assignment from the ISP and will delegate a /64 network
to interface eth2. VyOS will use the interface address ::1 on the delegate
interface (eth2) as its local address.
|
|
|
|
Further reduce the boiler-plate code to determine interface tag node or not.
It can be passed into get_interface_dict() if explicitly required - else it
is taken from the environment.
|
|
After all interfaces have been moved to the targetted implementation of T2653
the old implementations of migrating a CLI session to a configuration dict can
be dropped.
|
|
... as it is only used inside the interface class.
|
|
As we wrap up additional functions from this library it should be part of it.
|
|
With dict.update() existing keys will get overwritten when blending in interface
default values.
|
|
This can be used to see if a tagNode has been changed. It will return a list
of changed nodes.
|
|
The current VyOS CLI parser code written in Python contains a ton of duplicates
which I can also hold myself accountable for - or maybe mainly me - depends on
the angle of judge.
While providing a new update() method in vyos.ifconfig.interfaces() this is
extended for bridge interfaces in the derived bridge class.
Signed-off-by: Christian Poessinger <christian@poessinger.com>
|
|
The current VyOS CLI parser code written in Python contains a ton of duplicates
which I can also hold myself accountable for - or maybe mainly me - depends on
the angle of judge.
While providing a new update() method in vyos.ifconfig.interfaces() this is
extended for ethernet based interfaces which also supports 802.1q, 802.1ad
VLANs. This commit migrates the existing codebase for an ethernet based
interfaces and implements the missing parts for VLANs. Adding or migrating other
interfaces (e.g. bridge or bond) will become much easier as they must reuse
the entire functionality - we now walk towards a single codepath.
Thanks for all who made this combined effort possible!
Signed-off-by: Christian Poessinger <christian@poessinger.com>
|
|
|
|
|
|
|
|
Merge two dictionaries. Only keys which are not present in destination will
be copied from source, anything else will be kept untouched. Function will
return a new dict which has the merged key/value pairs.
Before:
{'device': {'usb0b2.4p1.0': {'speed': '9600'},
'usb0b2.4p1.1': {'data-bits': '8',
'parity': 'none',
'speed': '115200',
'stop-bits': '2'}}}
After:
{'device': {'usb0b2.4p1.0': {'data-bits': '8',
'parity': 'none',
'speed': '9600',
'stop-bits': '1'},
'usb0b2.4p1.1': {'data-bits': '8',
'parity': 'none',
'speed': '115200',
'stop-bits': '2'}}}
|
|
Commit 728b1feaf744 ("dhcpv6-pd: T2551: fix prefix length not set in config")
reworked the way the configuration path is accesses on the individual
interfaces, but it was missed out to apply it correctly when reading in
sla-len and sla-id values.
|
|
Retrieving the CLI nodes from current config was missed out and only
implemented for PPPoE.
|
|
After commit d5b58517f883 ("dhcpv6-pd: pppoe: T2506: restructure CLI") the
CLI syntax has been adjusted for a better definition of DHCPv6-PD prefix length
option. Verifying a properly rendered template indeed did not happen which
cause the function to vanish for non PPPoE interfaces.
|
|
|
|
Some ISPs (e.g. Comcast) only delegate a /64 by default. You have to explicitly
"ask" for a bigger (e.g. /60) prefix. This commit adds a CLI node to request
a specific prefix length in the range 32 - 64.
dhcpv6-options {
prefix-delegation {
length 60
}
}
|
|
Rename the CLI nodes for prefix delegation from "dhcpv6-options delegate
<interface>" to "dhcpv6-options prefix-delegation interface <interface>".
The change is required to add the possibility to request for specific prefix
sized via the CLI. That option was not possible with the old configuration
tree.
|
|
Add support for prefix delegation when receiving the prefix via ethernet,
bridge, bond, wireless.
|
|
|
|
Dictionary is used to remove the amount of duplicated code by e.g. ethernet
or bridge interface.
|
|
|
|
To make SLAAC and DHCPv6 work when forwarding=1, accept_ra must be 2
(default for accept_ra is 1).
|
|
|
|
Previously all vlan configs, which are dicts, were appended to a simple
list, with the distinguishing 'id' stored inside the dicts themselves.
This worked, but wasn't ideal.
This commit converts them to dicts, where the key is the VLAN ID and
value the config dict of that VLAN. This makes it posible to access
single VLANs by their ID (key) and we can for-loop and get both the ID
and config with: 'for vif_id, vif in conf["vif"].items():'
|
|
Commit 3fdf0093a introduced code that removed all addresses from an
interface when that interface is disabled. This is wrong, as other
configured services may be listening on these addresses and may fail to
start if their configured address isn't present.
It also caused a commit error when applying dhcp-server configuration:
DHCP server configuration error!
None of configured DHCP subnets does not have appropriate
primary IP address on any broadcast interface.
This commit reverts it to prior behavior, which was to just put the
interface admin down and leave all addresses configured, other than the
IPv6 'fe80::EUI-64/64' link-local, which it deletes, as the interface
may not have a MAC if it's put down.
|
|
Bridge members should not have addresses assigned.
|