Age | Commit message (Collapse) | Author |
|
WireGuard, Tunnel and also PPPoE all need a ways to calculate a synthetic MAC
address used for the EUI64 link-local addresses. Instead of copying the code
from Tunnel to WireGuard to PPPoE, use a generic implementation.
(cherry picked from commit b7d30137b17da49ed5099d4d96659b363fc7bcc9)
|
|
(cherry picked from commit e1debb1b57a445fa2357f7dbb5b3f04383f8b1e3)
|
|
In some cases, we need to wait until local address is assigned.
And only then l2tpv3 tunnel can be configured.
For example when ipv6 address is in "tentative" state
or we wait for some routing daemon/route for a remote address.
|
|
This reverts commit e4d697b1d3aad0cb8e81f4c36bcaa4c089195f43.
We need those classes for the operational level "show interfaces" command.
|
|
It is easier to backport the entire vyos.ifconfig library from 1.4 instead of
backporting single pieces which are required to add new feature to the tunnel
interface section.
In addition that both libraries are now back in sync it will become much easier
to backport any other new feature introduced in VyOS 1.4!
|
|
PPPoE uses an entire different approach to setup the interface and VTI is still
implemented using the old node.def definitions from vyatta-cfg-system.
|
|
|
|
|
|
|
|
|
|
|
|
(cherry picked from commit 4b2fef88644bb75dadbe33b9638a4150def7e14f)
|
|
(cherry picked from commit c2a1c071e7d0a9ca754d7f5016eed7db188b3d1a)
|
|
It is not possible to change the VLAN encapsulation protocol "on-the-fly". For
this "quirk" we need to actively delete and re-create the VIF-S interface.
(cherry picked from commit cd504035015dca62149b57bc07d8e002bd8723b1)
|
|
Option specifying the rate in which we'll ask our link partner to transmit
LACPDU packets in 802.3ad mode.
set interfaces bonding bond0 lacp-rate <slow|fast>
slow: Request partner to transmit LACPDUs every 30 seconds (default)
fast: Request partner to transmit LACPDUs every 1 second
(cherry picked from commit 8e392a3dbc16f7b80a979f7b4e9c11408d700e6f)
|
|
(cherry-picked from commit efa744c63b388773a4ea76d0f690042ec1689159)
|
|
Removing a VLAN (VIF) interface from the CLI always deleted all interfaces the
kernel listed as "upper" in the /sys/class/net folder. This had the drawback
that when deleting a VIF, also the VRF interface was simply deleted - killing
all VRF related services.
(cherry picked from commit 6458f91735412fb2e6e7e37f7b3e6ca587a5a235)
|
|
(cherry picked from commit dd2eb5e5686655c996ae95285b8ad7eb73d63d0b)
|
|
This is an extension to commit 801c5235 ("xdp: T2666: disable this highly
experimental feature in 1.3 LTS") by dropping all XDP references in the
equuleus codebase.
|
|
VyOS 1.2 had a default ttl of 16 hardcoded to the node.def file [1], so until
this is handled via a migration script we have to obey that particular
setting.
[1]: https://github.com/vyos/vyatta-cfg-system/blob/crux/templates/interfaces/vxlan/node.def#L23
|
|
When a VIF/VLAN interface is placed in admin down state but the lower
interface, serving the vlan, is moved from admin down -> admin up, all its
vlan interfaces will be placed in admin up state, too.
This is bad as a VLAN interface will become admin up even if its specified as
admin down after a reboot.
To reproduce:
set interfaces ethernet eth1 vif 20 disable
set interfaces ethernet eth1 disable
commit
delete interfaces ethernet eth1 disable
commit
Now check the interface state and it returns UP,LOWER_UP
7: eth1.20@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:50:56:b3:09:07 brd ff:ff:ff:ff:ff:ff
inet6 fe80::250:56ff:feb3:907/64 scope link
valid_lft forever preferred_lft forever
(cherry picked from commit 49bc3f1e3ff8416908fc986bb60b444a75a1722d)
|
|
(cherry picked from commit a3e11ace758f447ddbbabd31d4903b3f71baa0b8)
|
|
If dhcpv6-options is configured without requesting a DHCPv6 address or PD, the
dhcpv6pd variable is assigned an empty dict.
(cherry picked from commit d7d916f74e7d3b3b1fc85336f24f91af66b1e2a8)
|
|
After switching to iproute2 in commit 92f36735 ("ifconfig: T2653: use iproute2
commands for alias, mac and mtu set()/get()" it is necessary to return an empty
string as iproute2 returns None.
(cherry picked from commit ea1be032e98fd1634e71d3c2d61b3e93bff841de)
|
|
(cherry picked from commit 92f3673538e0328488c14c90c8acf7ea6b2141ba)
|
|
(cherry picked from commit 138e7a95c21fb2928182847693e366644be6e945)
|
|
|
|
|
|
- remove redundant code paths apply_mirror() / apply_mirror_of_monitor()
- have single source available
|
|
The Linux Kernel supports enabling more cores for RPS then we actually have.
It does internal clipping/validation so there is no need for us to calculate
the specifc enable mask we can simply throw "all -1" at the Kernel.
|
|
|
|
set interfaces ethernet <interface> offload rps
|
|
is wrong
In e8957b5, we used json to parse the `tc qdisc` filter to determine whether it needs
to be deleted (reduction of exception mechanism), but now we find that the json output
by this command will output unparsed json in some cases,
so We have to go back to the processing of the exception mechanism
|
|
|
|
|
|
This reverts commit 9541355433e202fade4692851bffa33ba9d48f44.
|
|
Migrate from
ethernet eth1 {
offload-options {
generic-receive on
generic-segmentation on
scatter-gather on
tcp-segmentation on
udp-fragmentation on
}
}
to
ethernet eth1 {
offload {
ufo
tso
sg
gso
gro
}
}
|
|
|
|
|
|
|
|
|
|
Using 'xdp' will automatically decide if the driver supports 'xdpdrv' or only
'xdpgeneric'. A user later sees which driver is actually in use by calling
'ip a' or 'show interfaces ethernet'.
|
|
The CLI command 'set interfaces ethernet <interface> offload-options xdp" enables
the XDP generic mode on the given interface.
vyos@vyos:~$ show interfaces ethernet eth1
eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 xdpgeneric/id:151 qdisc mq state DOWN group default qlen 1000
link/ether 00:50:56:bf:ef:aa brd ff:ff:ff:ff:ff:ff
inet6 fe80::250:56ff:febf:efaa/64 scope link tentative
valid_lft forever preferred_lft forever
Description: fooa
XDP code is thankfully copied from [1], thank you for this nice tutorial.
NOTE: this is an experimental feature which might break your
forwarding/filtering.
[1]: https://medium.com/swlh/building-a-xdp-express-data-path-based-peering-router-20db4995da66
|
|
|
|
Since the dependency problem has not been solved before,
if the monitoring interface does not exist when the
mirror rule is created, the execution will be abnormal
|
|
setting and streamline the code
|
|
|
|
of `bridge` should not be overwritten
|
|
`vlan_filter` to avoid redundant paths
|
|
|