summaryrefslogtreecommitdiff
path: root/python/vyos/ifconfig/interface.py
AgeCommit message (Collapse)Author
2022-04-08Merge pull request #1273 from c-po/t4331-equuleusDaniil Baturin
T4331: IPv6 link local addresses are not configured when an interface is in a VRF (equuleus)
2022-04-06interfaces: T4331: Fix assign link-local static IPv6 addr to vrfViacheslav Hletenko
If we have link-local static address and vrf, for example: set interfaces ethernet eth2 address 'fe80::5200:ff:fe55:222/64' set interfaces ethernet eth2 vrf 'foo' This IPv6 address was assigned before vrf, as result after attaching the intreface to vrf we lose this static linklocal address DEBUG/IFCONFIG cmd 'ip addr add fe80::5200:ff:fe55:222/64 dev eth2' DEBUG/IFCONFIG cmd 'ip link set dev eth2 master foo' DEBUG/IFCONFIG cmd 'ip addr add fe80::5208:ff:fe13:2/64 dev eth2' This commit fixes this, the address is assigned after vrf assign (cherry picked from commit d6e22b28887c7a3f7d2f8b955c2e90bcadaeeeba)
2022-03-31vyos.ifconfig: T4330: MTU must be configured prior to any IPv6 option changeChristian Poessinger
This extends the fix from 53e20097 ("vyos.ifconfig: T4330: bugfix changing MTU when IPv6 is disabled") by ordering the execution in a way the Kernel does not complain. (cherry picked from commit 601ab19fd8c81a998b3c966cc83b85ed60ac5ae0)
2022-03-31vyos.ifconfig: T4330: bugfix changing MTU when IPv6 is disabledChristian Poessinger
Commit f8b3d8999c ("ipv6: T4319: do not configure IPv6 related settings if it's disabled") moved the MTU configuration part under the code path which is only run if IPv6 is enabled on the system. This prevented MTU changes on IPv6 disabled systems. (cherry picked from commit 53e20097d227ebf4bdb4dc6c85427ec9c5ec3982)
2022-03-30vyos.ifconfig: T4319: add_addr() should not add IPv6 address if it's disabledChristian Poessinger
(cherry picked from commit 60f009defadb9d36bf84def1e839cb11a0b3d619)
2022-03-30vyos.util: T4319: add is_ipv6_enabled() helper functionChristian Poessinger
(cherry picked from commit df0fbfeedce0f163e9d10be21d58ad4dc797a28a)
2022-03-25ipv6: T4319: do not configure IPv6 related settings if it's disabledChristian Poessinger
(cherry picked from commit f8b3d8999cbea988ce8e7d303957558308ddc1bc)
2022-02-20interface: T4203: prevent DHCP client restart if not necessaryChristian Poessinger
In the past whenever a change happened to any interface and it was configured as a DHCP client, VyOS always had a breif outage as DHCP released the old lease and re-aquired a new one - bad! This commit changes the behavior that DHCP client is only restarted if any one of the possible options one can set for DHCP client under the "dhcp-options" node is altered. (cherry picked from commit 3a1a7c40a13ee9f5561823a79876d88d3f5bf053)
2021-10-09tunnel: T3894: fix design when building synthetic MAC addressesChristian Poessinger
It seems not all systems have eth0 - get a list of all available Ethernet interfaces on the system (without VLAN subinterfaces) and then take the first one. (cherry picked from commit f19c92f255011149eeb7626a2e158456abe4c9b8)
2021-10-02vyos.ifconfig: T3883: bugfix VRF deletionChristian Poessinger
We can not pass None as VRF name, this raises an exception. OSError: [Errno 255] failed to run command: ip link set dev eth2 master None
2021-09-26vyos.ifconfig: T3860: bugfix in get_mac_synthetic()Christian Poessinger
Commit 081e23996f (vyos.ifconfig: get_mac_synthetic() must generate a stable "MAC") calculated a "stable" synthetic MAC address per the interface based on UUID and the interface name. The problem is that this calculation is too stable when run on multiple instances of VyOS on different hosts/hypervisors. Having R1 and R2 setup a connection both via "tun10" interface will become the same "synthetic" MAC address manifesting in the same link-local IPv6 address. This e.g. breaks OSPFv3 badly as both neighbors communicate using the same link-local address. As workaround one can: set interfaces tunnel tun1337 address 'fe80::1:1337/64' set interfaces tunnel tun1337 ipv6 address no-default-link-local This commit changes the way in how the synthetic MAC address is generated. It's based on the first 48 bits of a sha256 sum build from a CPU ID retrieved via DMI, the MAC address of eth0 and the interface name as used before. This should add enough entropy to get a stable pseudo MAC address. (cherry picked from commit 8d6861290f39298701b0a89bd358545763cee14b)
2021-09-25vyos.ifconfig: dhcpv6: re-use systemd_service definition variableChristian Poessinger
(cherry picked from commit d1c58addd881e06b389799a9c14d8ebf5d03c567)
2021-09-25vyos.ifconfig: dhcp: T3300: always re-start dhcp client instead of startChristian Poessinger
Commit dd2eb5e5686655 ("dhcp: T3300: add DHCP default route distance") changed the logic on how the DHCP process is going to be started. The systemd unit was always "started" even if it was already running. It should rather be re-started to track changes in e.g. the DHCP hostname setting. (cherry picked from commit 8ba8f0e097527e3aaaf8b395bfc07cce47e2c788)
2021-09-20ifconfig: T2104: cleanup IPv6 EUI-64 handling in update()Christian Poessinger
(cherry picked from commit 3f6ae12908f54222f2f79a87bed51f71e2fbac87)
2021-09-20vyos.ifconfig: get_mac_synthetic() must generate a stable "MAC"Christian Poessinger
Commit b7d30137b1 ("vyos.ifconfig: provide generic get_mac_synthetic() method") provided a common helper to generate MAC addresses used by EUI64 addresses for interfaces not having a layer2 interface (WireGuard or ip tunnel). The problem is that every call to the helper always yielded a new MAC address. This becomes problematic when IPv6 link-local addresses are generated and modified on the interface as multiple link-local (fe80::/64) addresses can easily be added to the interface leaving ... a mess. This commit changes the way how the "synthetic" MAC is generated, we generate a UUID which is stable as it is based on the interface name. We take out the last 48 bits of the UUID and form the "MAC" address. (cherry picked from commit 081e23996feb60ad903caf8b0a4587f5dacc69bf)
2021-09-19vyos.ifconfig: T2738: do not remove OS assigned IP addresses from interfaceChristian Poessinger
When using VRRP on any given interface and performing an action against that interface - be it even only changing the alias - will trigger a removal of the VRRP IP address. The issue is caused by: # determine IP addresses which are assigned to the interface and build a # list of addresses which are no longer in the dict so they can be removed cur_addr = self.get_addr() for addr in list_diff(cur_addr, new_addr): When the script calls into the library - we will drop all IP addresses set on the adapter but not available in the config dict. We should only remove the IP addresses marked by the CLI to be deleted! (cherry picked from commit e80d0aebd691f1a707ab534b4d1340fa0b793e01)
2021-09-19vyos.ifconfig: T2738: add delta check when changing interface parametersChristian Poessinger
There is no need to alter interface parameters if they have not changed at all. (cherry picked from commit b4c58c5aefaca4fce817b58327b9c7c3e8145d6d)
2021-08-31interface: T3782: Fix unexpected delete qdisc ruleViacheslav
Some tc qdisc rules are generated by old perl code It prevent to unexpected override this code by python.
2021-08-29interfaces: T3777: Does not delete empty eui64 addressViacheslav
Check eui64_old value before deleting It can be empty or not ipv6 address.
2021-08-22vyos.ifconfig: provide generic get_mac_synthetic() methodChristian Poessinger
WireGuard, Tunnel and also PPPoE all need a ways to calculate a synthetic MAC address used for the EUI64 link-local addresses. Instead of copying the code from Tunnel to WireGuard to PPPoE, use a generic implementation. (cherry picked from commit b7d30137b17da49ed5099d4d96659b363fc7bcc9)
2021-07-25ifconfig: backport ifconfig framework from 1.4 to support new tunnel optionsChristian Poessinger
It is easier to backport the entire vyos.ifconfig library from 1.4 instead of backporting single pieces which are required to add new feature to the tunnel interface section. In addition that both libraries are now back in sync it will become much easier to backport any other new feature introduced in VyOS 1.4!
2021-07-02conntrack-sync: T3535: Rewrite conf and op modes to XML python styleViacheslav
2021-05-15vyos.ifconfig: T3532: re-create Q-in-Q interface on protocol changeChristian Poessinger
It is not possible to change the VLAN encapsulation protocol "on-the-fly". For this "quirk" we need to actively delete and re-create the VIF-S interface. (cherry picked from commit cd504035015dca62149b57bc07d8e002bd8723b1)
2021-04-05vrf: vlan: T3438: do not automatically delete upper interfaceChristian Poessinger
Removing a VLAN (VIF) interface from the CLI always deleted all interfaces the kernel listed as "upper" in the /sys/class/net folder. This had the drawback that when deleting a VIF, also the VRF interface was simply deleted - killing all VRF related services. (cherry picked from commit 6458f91735412fb2e6e7e37f7b3e6ca587a5a235)
2021-03-19dhcp: T3300: add DHCP default route distanceBrandon Stepler
(cherry picked from commit dd2eb5e5686655c996ae95285b8ad7eb73d63d0b)
2021-03-14xdp: T2666: remove entire XDP code for 1.3 LTS imageChristian Poessinger
This is an extension to commit 801c5235 ("xdp: T2666: disable this highly experimental feature in 1.3 LTS") by dropping all XDP references in the equuleus codebase.
2021-02-28vif: T3349: use fixed ordering when enabling parent and child interfaceChristian Poessinger
When a VIF/VLAN interface is placed in admin down state but the lower interface, serving the vlan, is moved from admin down -> admin up, all its vlan interfaces will be placed in admin up state, too. This is bad as a VLAN interface will become admin up even if its specified as admin down after a reboot. To reproduce: set interfaces ethernet eth1 vif 20 disable set interfaces ethernet eth1 disable commit delete interfaces ethernet eth1 disable commit Now check the interface state and it returns UP,LOWER_UP 7: eth1.20@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 00:50:56:b3:09:07 brd ff:ff:ff:ff:ff:ff inet6 fe80::250:56ff:feb3:907/64 scope link valid_lft forever preferred_lft forever (cherry picked from commit 49bc3f1e3ff8416908fc986bb60b444a75a1722d)
2021-02-22vyos.ifconfig: extend debug option to print input dictChristian Poessinger
(cherry picked from commit a3e11ace758f447ddbbabd31d4903b3f71baa0b8)
2021-01-28dhcpv6: T3262: don't run DHCPv6 client when only dhcpv6-options is configuredBrandon Stepler
If dhcpv6-options is configured without requesting a DHCPv6 address or PD, the dhcpv6pd variable is assigned an empty dict. (cherry picked from commit d7d916f74e7d3b3b1fc85336f24f91af66b1e2a8)
2021-01-13ifconfig: T2653: return empty string when there is no interface descriptionChristian Poessinger
After switching to iproute2 in commit 92f36735 ("ifconfig: T2653: use iproute2 commands for alias, mac and mtu set()/get()" it is necessary to return an empty string as iproute2 returns None. (cherry picked from commit ea1be032e98fd1634e71d3c2d61b3e93bff841de)
2021-01-12ifconfig: T2653: use iproute2 commands for alias, mac and mtu set()/get()Christian Poessinger
(cherry picked from commit 92f3673538e0328488c14c90c8acf7ea6b2141ba)
2021-01-06ifconfig.interface: use Python3 f-ormat stringChristian Poessinger
2021-01-04mirror: T3089: bugfix is_mirror_intf code pathChristian Poessinger
2021-01-03mirror: T3089: remove redundant code pathsChristian Poessinger
- remove redundant code paths apply_mirror() / apply_mirror_of_monitor() - have single source available
2020-12-26mirror: T3150: When configuring QOS, the setting procedure of port mirroring ↵jack9603301
is wrong In e8957b5, we used json to parse the `tc qdisc` filter to determine whether it needs to be deleted (reduction of exception mechanism), but now we find that the json output by this command will output unparsed json in some cases, so We have to go back to the processing of the exception mechanism
2020-12-23xdp: T2666: move CLI node to "interfaces ethernet <eth> xdp"Christian Poessinger
2020-12-20Revert "dhcpv6: T3134: add missing duid support"Christian Poessinger
This reverts commit 9541355433e202fade4692851bffa33ba9d48f44.
2020-12-20dhcpv6: T3134: add missing duid supportChristian Poessinger
2020-12-14interface: mirror: T3089: Improve logic to reduce unnecessary lines of codejack9603301
2020-12-13interfaces: mirror: T3089: Fix the dependency problem between interfacesjack9603301
Since the dependency problem has not been solved before, if the monitoring interface does not exist when the mirror rule is created, the execution will be abnormal
2020-12-13interfaces: T3114: Modify the logic of the second addition to complete the ↵jack9603301
setting and streamline the code
2020-12-13interfaces: T3114: Improve VLAN ID setting logic in `bridge`jack9603301
2020-12-13interfaces: T3114: When the VLAN aware option is not detected, the setting ↵jack9603301
of `bridge` should not be overwritten
2020-12-13interfaces: T3114: Improve the processing of enabling logic for ↵jack9603301
`vlan_filter` to avoid redundant paths
2020-12-13interfaces: T3114: Remove some redundant codejack9603301
2020-12-13interfaces: T3114: Fix VLAN-aware bridge setting failurejack9603301
2020-12-08Merge pull request #633 from jack9603301/T3089Christian Poessinger
mirror: T3089: support two-way traffic mirroring
2020-12-08mirror: T3089: support two-way traffic mirroringjack9603301
2020-12-07vyos.ifconfig: T1579: keep IPv6 link-local address on reconfiguration #2Christian Poessinger
This is the second attempt after commit d247736f ("vyos.ifconfig: T1579: do not remove IPv6 link-local address on reconfiguration"). We only clean out link-local IPv6 addresses left over after an interface MAC change.
2020-12-06Revert "vyos.ifconfig: T1579: do not remove IPv6 link-local address on ↵Christian Poessinger
reconfiguration" This reverts commit d247736f67cc056062b75a4215a031bebcfee2ee. We need to clean link-local IPv6 addresses on link reconfiguration to also drop no longer existing link-local addresse son MAC address change.