| Age | Commit message (Collapse) | Author |
|---|
|
When a VIF/VLAN interface is placed in admin down state but the lower
interface, serving the vlan, is moved from admin down -> admin up, all its
vlan interfaces will be placed in admin up state, too.
This is bad as a VLAN interface will become admin up even if its specified as
admin down after a reboot.
To reproduce:
set interfaces ethernet eth1 vif 20 disable
set interfaces ethernet eth1 disable
commit
delete interfaces ethernet eth1 disable
commit
Now check the interface state and it returns UP,LOWER_UP
7: eth1.20@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:50:56:b3:09:07 brd ff:ff:ff:ff:ff:ff
inet6 fe80::250:56ff:feb3:907/64 scope link
valid_lft forever preferred_lft forever
(cherry picked from commit 49bc3f1e3ff8416908fc986bb60b444a75a1722d)
|
|
(cherry picked from commit a3e11ace758f447ddbbabd31d4903b3f71baa0b8)
|
|
If dhcpv6-options is configured without requesting a DHCPv6 address or PD, the
dhcpv6pd variable is assigned an empty dict.
(cherry picked from commit d7d916f74e7d3b3b1fc85336f24f91af66b1e2a8)
|
|
After switching to iproute2 in commit 92f36735 ("ifconfig: T2653: use iproute2
commands for alias, mac and mtu set()/get()" it is necessary to return an empty
string as iproute2 returns None.
(cherry picked from commit ea1be032e98fd1634e71d3c2d61b3e93bff841de)
|
|
(cherry picked from commit 92f3673538e0328488c14c90c8acf7ea6b2141ba)
|
|
|
|
|
|
- remove redundant code paths apply_mirror() / apply_mirror_of_monitor()
- have single source available
|
|
is wrong
In e8957b5, we used json to parse the `tc qdisc` filter to determine whether it needs
to be deleted (reduction of exception mechanism), but now we find that the json output
by this command will output unparsed json in some cases,
so We have to go back to the processing of the exception mechanism
|
|
|
|
This reverts commit 9541355433e202fade4692851bffa33ba9d48f44.
|
|
|
|
|
|
Since the dependency problem has not been solved before,
if the monitoring interface does not exist when the
mirror rule is created, the execution will be abnormal
|
|
setting and streamline the code
|
|
|
|
of `bridge` should not be overwritten
|
|
`vlan_filter` to avoid redundant paths
|
|
|
|
|
|
mirror: T3089: support two-way traffic mirroring
|
|
|
|
This is the second attempt after commit d247736f ("vyos.ifconfig: T1579: do not
remove IPv6 link-local address on reconfiguration"). We only clean out link-local
IPv6 addresses left over after an interface MAC change.
|
|
reconfiguration"
This reverts commit d247736f67cc056062b75a4215a031bebcfee2ee.
We need to clean link-local IPv6 addresses on link reconfiguration to also drop
no longer existing link-local addresse son MAC address change.
|
|
|
|
vyatta-cfg-quagga
|
|
|
|
|
|
The MAC address is changed after we have set an IP address on the interface or
started dhclient. This will cause some users to receive the wrong IP address
on device startup.
Change to order of how parameters are set in the system. The interface MAC
address is now configured first.
|
|
We had two places were the is_ip, is_ipv4 and is_ipv6 helpers had been defined.
All places now have been converged into vyos.template as they are used both
in the Jinja2 templates and also in our scripts.
|
|
Renamed using snippet below:
----------------------------
for file in $(find . -name "*.py")
do
sed -i "s/vyos_dict_search/dict_search/" $file
done
|
|
almost every interface can be part of a bridge thus the code for changing STP
cost is best part of the Interface() base class itself.
Commit b5ef10cf ("ifconfig: T2985: support on demand bridge creation")
implemented this change but the STP file was not removed on the test devices
causing tests to pass.
|
|
The current implementation for bridge based interfaces has an issue which is
caused by priority inheritance. We always assumed that the bridge interface will
be created last, but this may not be true in all cases, where some interfaces
will be created "on demand" - e.g. OpenVPN or late (VXLAN, GENEVE).
As we already have a bunch of verify steps in place we should not see a bridge
interface leak to the underlaying infrastructure code. This means, whenever an
interface will be member of a bridge, and the bridge does yet not exist, we will
create it in advance in the interface context, as the bridge code will be run
in the same commit but maybe sooner or later.
This will also be the solution for T2924.
|
|
|
|
Currently the MTU size of an interface is only checked when entered via CLI but
if the interface supportes the configured MTU at all is not verified at all.
New helper functions get_min_mtu(), get_max_mtu() and verify_mtu() have been
added to provide a central API for validation.
|
|
|
|
>>> from vyos.ifconfig import Interface
>>> tmp=Interface('eth0')
>>> tmp.get_min_mtu()
60
>>> tmp.get_max_mtu()
9000
|
|
A lot of derived classes from Interface implemented their own get_config()
method which more or less was the same everywhere. We also hat different
qualifiers like @staticmethod or @classmethod.
This is now changed to only have the @classmethod in Interface base class which
will return the necessary dictionary keys for the required interfaces. This
change is a mid reduction in lines of code which is always a very nice thing!
|
|
In the past we had to provide the ethertype value used for the VLAN
protocol (0x88A8 -> 802.1ad or 0x8100 -> 802.1q).
This should be changed to a more user friendly CLI node (protocol over
ethertype) and 802.1ad over it's raw value 0x88A8. There is no need in
presenting RAW information from the ethernet header to the user. Also iproute2
calls it protocol which makes way more sense over the "raw" value.
|
|
|
|
Instead of using an Adapter pattern to make interfaces VLAN-aware, create a
derived class named VLANIf to represent a VLAN. This change was necessary to
eliminate mixed code in Interfaces class which was VLAN - free, but recently
gained some VLAN specific code for set_admin_state().
In addition this "autoresolves" the issue in T2894 as a bond vlan interface
will no longer change the lower interface.
|
|
With VyOS 1.2 the default WireGuard behavior is used. This means that when a
WireGuard interface is added to the system, there is no "MAC" address - also
there is no IPv6 link-local address assigned by the Kernel to this particular
interface.
With implementation of T2653 all interfaces now receive an IPv6 address - which
is also valid for WireGuard interfaces - unfortunately this logic relies on the
interface MAC address - and as there is none, the link-local address will be
always the same. The logic behind is coded here [1].
We generate an IPv6 link-local address even when there is no "MAC" address. The
behavior/functionality (as with VyOS 1.2) must be restored to not have a
link-local IPv6 address at all. Any user can add any IPv6 link-local address
manually by issuing: set interfaces wireguard wg01 address fe80::ff:1/64.
Change vyos.ifconfig.add_ipv6_eui64_address to only add the EUI64-based
link-local address if a MAC address is available.
[1] https://github.com/vyos/vyos-1x/blob/3077158391ceee4ce04c27dec33f629529727c36/python/vyos/ifconfig/interface.py#L468
|
|
Now that b40c52682a256 ("config: T2636: get_config_dict() returns a list on
multi node by default") is implemented the workarounds can be removed.
|
|
|
|
Currently DHCPv6-PD requires an interface address configured to dhcpv6 on the
CLI. This is not required also sometimes there is either no dhcpv6 interface
addressing available (PPPoE) or wanted. This limitation was artificial due to
the old interface code.
Change the implementation to spawn the DHCPv6 client and request a prefix even
when there is no address request configured.
|
|
DHCP service was not stopped when an DHCP address got removed from the
interface. DHCP service is now always stopped if it is not configured
explicitly.
|
|
ISC DHCP client will always place an Interface in admin-up state once it is
started. We must ensure that if an interface is placed in A/D state that the
DHCP client proccess is not launched and terminated if it is running.
|
|
Pass the interface dictionary transparently to the DHCP module and render the
DHCP client config template directly from the same source instead of transcoding
it once more.
|
|
This removes additional code paths as we can instatly work with the input dict
the same was as it was done for PPPoE. This fixes the entire DHCPv6-PD support
on non PPPoE interfaces as this was lost in translation while processing T2653.
|
|
After the fresh rewrite of the interfaces to a unified solution (T2653) IPv6
link-local addresses are no longer added. This will result in e.g. broken RAs.
|
