Age | Commit message (Collapse) | Author |
|
We can leak routes back to the default VRF, thus the check added by commit
9184dfb5 ("static: vrf: T3344: add target vrf verify()") must have a "bail out"
option when one want's to leak routes into the default VRF.
(cherry picked from commit 5adcc4ca30676338fca9a06409bbc72af4f68a1f)
|
|
In the past it was possible to configure a vif-s interface and a vif interface
both with the same VLAN ID. VyOS 1.2 reported a Kernel error:
RTNETLINK answers: File exists
Error creating VLAN device eth1.100
so this should not be possible at all in VyOS 1.3
(cherry picked from commit ccd516b4d10c518ea445928c01d6c7dc2770777b)
|
|
(cherry picked from commit b8cddcdae36903feb84ee1807d6adb27337cf582)
|
|
|
|
configured SLA-IDs
"data/templates/dhcp-client/ipv6.tmpl" handles the auto-assigning of SLA-IDs on
lines 39, 46, and 52.
|
|
"data/templates/dhcp-client/ipv6.tmpl" handles the auto-assigning of SLA-IDs on
lines 39, 46, and 52.
|
|
VLAN interfaces contain periods, which make them incompatible with
dict_search().
|
|
|
|
|
|
|
|
We had two places were the is_ip, is_ipv4 and is_ipv6 helpers had been defined.
All places now have been converged into vyos.template as they are used both
in the Jinja2 templates and also in our scripts.
|
|
|
|
|
|
Renamed using snippet below:
----------------------------
for file in $(find . -name "*.py")
do
sed -i "s/vyos_dict_search/dict_search/" $file
done
|
|
Commit 5db3d631 ("ifconfig: mtu: disallow MTU < 1280 bytes when IPv6 is enabled
on the interface") checked the "mtu" key for it's value and the test only passed
if mtu was larger then the required 1280 bytes when IPv6 address have
been configured on the link.
wireless (WiFi) interfaces have no MTU node - thus this always resulted in a
Python KeyError.
|
|
|
|
Using an MTU less then the required 1280 bytes (as per RFC) on an interface
where IPv6 is not explicitly disabled by:
- set interfaces ethernet eth1 ipv6 address no-default-link-local
- not having any other IPv6 address configured
Will now trigger a commit error via verify() instead of raising
FileNotFoundError!
|
|
Currently the MTU size of an interface is only checked when entered via CLI but
if the interface supportes the configured MTU at all is not verified at all.
New helper functions get_min_mtu(), get_max_mtu() and verify_mtu() have been
added to provide a central API for validation.
|
|
When configuring DHCPv6-PD it is mandatory to also specify at least one
interface where the newly delegated prefix will be used. Without this setting
DHCPv6-PD makes no sense at all.
|
|
As we already check that a bond/bridge member interface is not a member of any
other bridge or bond, the check must be extended. We also need to ensure that
the bond member interface is not used as a source-interface to pppoe, macsec,
tunnel, pseudo-ethernet, vxlan interfaces.
|
|
|
|
|
|
|
|
We do not have a formatted string here thus the "f" keyword is wrong and
triggered an exception.
|
|
|
|
The current VyOS CLI parser code written in Python contains a ton of duplicates
which I can also hold myself accountable for - or maybe mainly me - depends on
the angle of judge.
While providing a new update() method in vyos.ifconfig.interfaces() this is
extended for ethernet based interfaces which also supports 802.1q, 802.1ad
VLANs. This commit migrates the existing codebase for an ethernet based
interfaces and implements the missing parts for VLANs. Adding or migrating other
interfaces (e.g. bridge or bond) will become much easier as they must reuse
the entire functionality - we now walk towards a single codepath.
Thanks for all who made this combined effort possible!
Signed-off-by: Christian Poessinger <christian@poessinger.com>
|
|
|
|
|
|
|
|
While moving towards a general interface abstraction based on get_config_dict()
and the use of vyos.ifconfig.Interfaces().update() it also makes sense, to
split out common verification code to a common util file - instead of
duplicating the code, which is infact one of the main forces drivind this
transition.
vyos.configverify will hold common functions called via verify() from our
src/conf_mode scripts so we do not need to copy/paste general verifications
methods.
|