summaryrefslogtreecommitdiff
path: root/python/vyos
AgeCommit message (Collapse)Author
2023-07-05vyos.configdict: T5319: remove defaults workarounds in get_accel_dictJohn Estabrook
2023-07-05xml: T5218: add missing str.split() in defaults of multi nodeJohn Estabrook
2023-07-05geneve: T5339: add option to use ipv4 instead of ethernetfett0
2023-07-02T5048: QoS do not add prio if it is already in tc commandViacheslav Hletenko
Prevent duplicatte prio fot tc command
2023-07-02T5048: QoS index priority should be used only for shaperViacheslav Hletenko
QoS index priority should be used only for qostype 'shaper' otherwise we set priority 2 times, that is incorrect. OSError: [Errno 255] failed to run command: tc filter add dev eth2 parent 1: prio 5 protocol all prio 1 u32 match ip src 10.1.1.0/24 flowid 1:1e exit code: 255 Fix it
2023-07-01T5302: QoS fix class with multiple matches generate one ruleViacheslav Hletenko
Fix QoS tc class with multiple matches generates one rule but expects multiple filter rules: set qos policy shaper test class 23 match one ip protocol 'tcp' set qos policy shaper test class 23 match two ip protocol 'udp' tc filter add dev eth0 parent 1: protocol all prio 1 u32 match ip protocol 6 0xff flowid 1:17 tc filter add dev eth0 parent 1: protocol all prio 2 u32 match ip protocol 17 0xff flowid 1:17
2023-07-01T5295: QoS fix policy limiter tc filter rate limitViacheslav Hletenko
tc filter rate limit should be used only if qostype is 'limiter' and not 'shaper'
2023-06-29Merge pull request #2059 from sever-sever/T1797-vppChristian Breunig
T1797: Add initial vpp configuration
2023-06-29VPP: T1797: Optimized interfaces add/removezsdc
- added extra renaming operation to be sure that interface has the same name as before in the system after it was moved from VPP to kernel - added extra check after PCI device removal/adding - added check for proper `retval` for CPI calls where it is available - replaced empty return with an error in `_get_pci_address_by_interface()` because not resolved address will lead to inconsistency of the system later
2023-06-28T5320: check if unsaved commits are due to boot config errorJohn Estabrook
2023-06-28VPP: T1797: Improved VPP supportzsdc
- added ability to add/remove interfaces without system reboot - added `attempts` and `interval` to the VPP API connection. This is helpful in case of high system load or when VPP was just started and API is not yet available. - added exceptions to API calls. This allows handling errors in communication with API properly in conf-mode scripts. - fixed PCI address search in VPP to match Linux kernel and ethtool style - fixed systemd daemons control - first reload, then restart - removed debug prints - removed `vm.nr_hugepages` configuration. It is not required now but increases RAM requirements a lot.
2023-06-27VPP: T1797: Improved PCI address searchzsdc
Use info from both ethtool and VPP to find PCI address for an interface.
2023-06-27VPP: T1797: Replaced CLI with APIzsdc
Replaced CLI commands with API calls. CLI commands still can be used via: ``` vpp_control = VPPControl() vpp_control.cli_cmd('command_here') ```
2023-06-27T1797: Add initial vpp configurationViacheslav Hletenko
Add initial configuration mode for VPP (PoC) set vpp cpu corelist-workers '2' set vpp cpu main-core '1' set vpp interface eth1 num-rx-desc '256' set vpp interface eth1 num-rx-queues '512' set vpp interface eth1 num-tx-desc '256' set vpp interface eth1 num-tx-queues '512' set vpp interface eth1 pci '0000:02:00.0' set vpp interface eth1 rx-mode 'polling' set vpp interface eth2 pci '0000:08:00.0' Limitation: - 'set vpp interface ethX pci auto' works only per first commit, then interface detached from default stack and creates tun interface 'ethX' to communicate with default stack. In this case we can't get PCI address via ethtool for 'tun' interfaces. But we can set pci address manualy. - Interface sync between default stack and VPP-DPDK stack After vpp change it doesn't trigger iproute2 for changes (should be written later) I.e. if we change something in vpp per each commit it restarts vpp.service it gets empty interface config as we don't configure vpp directly and it should be configured via iproute2 But then if we do any change on interface (for example description) it gets IP address, MTU, state, etc.
2023-06-25bcast-relay: T5313: verify() relay interfaces have IPv4 address configuredChristian Breunig
2023-06-24Merge pull request #2010 from jestabro/revise-config-dictJohn Estabrook
config: T5228: simplify get_config_dict and add argument with_defaults
2023-06-22vyos.configverify: T5308: fix typo revealed by tagnode aware defaultsJohn Estabrook
The original implementation of defaults, and workaround required, would leave an entry {'dhcpv6_options': {'pd': {}}} in the interface_dict.
2023-06-22vyos.configdict: T5308: remove T2665 workarounds in get_interface_dictJohn Estabrook
2023-06-22config: T5228: add get_config_defaults options to match get_config_dictJohn Estabrook
For those cases not covered by automatic merging of defaults in get_config_dict(..., with_defaults=True), get_config_defaults should take arguments consistent with those of get_config_dict, for ease of merging results.
2023-06-22config: T5228: add arg with_defaults to get_config_dictJohn Estabrook
2023-06-22config: T5228: use local _dict_merge to avoid circular importJohn Estabrook
2023-06-22xml: T5218: fix error and simplify logic in recursive optionJohn Estabrook
2023-06-20vyos.util: T5300: check_port_availability: return False iff EADDRINUSEJohn Estabrook
At boot, the util function check_port_availability can return False with EADDRNOTAVAIL if the interface is not yet up; check explicitly for address in use.
2023-06-18T5071: QoS add class match DSCP valueViacheslav Hletenko
QoS DSCP match is skipped Add it set qos policy shaper test class 23 match 10 ip dscp 'network' tc filter replace dev eth0 parent 1: protocol all u32 match ip dsfield 224 0xff flowid 1:17
2023-06-17Merge pull request #2046 from sever-sever/T5296Christian Breunig
T5296: Fix QoS class bandwidth calculation for auto and percent
2023-06-17T5256: Fix QoS protocol expects protocol number but not nameViacheslav Hletenko
tc filter exepcts protocol number for match instead of protocol name
2023-06-17vyos.utils: T5195: add vyos.utils.networkViacheslav Hletenko
2023-06-17T5296: Fix QoS class bandwidth calculation for auto and percentViacheslav Hletenko
There are wrong bandwidth calculations for the class We shouldn't rely on interface speed but we should get this value from 'shaper <tag> bandwidth xxx' if configured 'auto' or bandwidth with '%' Otherwise we can get unexpected rate for the class % sudo cat /sys/class/net/eth0/speed % -1 generated rate: classid 1:17 htb rate -1000000 Fix this
2023-06-16Merge pull request #2045 from jestabro/is-node-revisedChristian Breunig
config-mgmt: T5297: add check for changes under node between revisions
2023-06-16config-mgmt: T5297: add check for changes under node between revisionsJohn Estabrook
2023-06-16T5295: Fix QoS shaper rate limitViacheslav Hletenko
Do not handle rate via 'tc filter' directly but rather set the 'tc filter' to direct traffic to the correct tc class flow. As it in 1.3. It fixes random unexpected shapes, when you set for example 300mbit but get 3-11mbit Current implementation seems not correct as it uses rate limits two times (in class and in filter): tc class replace dev eth0 parent 1:1 classid 1:17 htb rate 250000000 \ burst 15k quantum 1514 tc filter replace dev eth0 parent 1: protocol all u32 match \ ip dst 192.168.122.11 action police rate 250000000 burst 15k flowid 1:17 The correct way after fix: tc class replace dev eth0 parent 1:1 classid 1:17 htb rate 250000000 \ burst 15k quantum 1514 tc filter replace dev eth0 parent 1: protocol all u32 match \ ip dst 192.168.122.11 flowid 1:17
2023-06-15configsession: T5248: load_section should not set path if dict emptyJohn Estabrook
2023-06-14T5290: Failing commits for SR-IOV interfaces using ixgbevf driver due to ↵cuongdt1994
change speed/duplex settings This is the same problem as reported in T4297. By definition it is not possible to change speed and duplex settings at SR-IOV virtual functions driven by ixgbevf driver. I think the solution is the same as well, that is to add 'ixgbevf' into _drivers_without_speed_duplex_flow in /usr/lib/python3/dist-packages/vyos/ethtool.py. It fixed the problem for me with Intel x520 NICs.
2023-06-12Merge pull request #2037 from jestabro/api-config-sectionChristian Breunig
http-api: T5248: set/load config sections as JSON via API
2023-06-12T5286: drop XDP support for ethernet and bonding interfacesChristian Breunig
... this is a step towards a new and better implementation that will utilize VPP.
2023-06-10configsession: T5248: add functions set/load_sectionJohn Estabrook
2023-06-10vyos.utils: T5248: add util function: dict of list[str]|str -> list of pathsJohn Estabrook
2023-06-06config-mgmt: T5262: move function 'unsaved_commits' to module scopeJohn Estabrook
The function 'unsaved_commits' was added in config_mgmt to warn a user of unsaved commits before commit-confirm, as that entails a possible reboot. As it has other uses and no dependence on the object itself, move to module scope. For general use, add simple check for live image to avoid false positive, due to config migration reformatting.
2023-05-31configtree: T5251: catch/raise error in delete and delete_valueJohn Estabrook
Configtree functions delete/delete_value do not check return value of libvyosconfig functions; raise error on non-zero return value.
2023-05-29ifconfig: T2104: use link_local_prefix literal for fe80::/64Christian Breunig
2023-05-28vyos.util: extend process_named_running() signature with cmdlineChristian Breunig
process_named_running() was introduced in commit 16b2fc8fc4ca ("dns-forwarding: T2298: fix path to control file") and thus remained more or less unchanged. Smoketests use process_named_running() heavily and might spawn multiple processes with the same name but ifferent options (e.g. dhcp6c or dhclient) and it was yet not possible to properly filter on the "real-deal" like the process bound to a given interface. One can now optionally specify a string that is searched inside the command line argument list of the process. Example: >>> process_named_running('dhcp6c', 'veth0') ['/usr/sbin/dhcp6c', '-D', '-k', '/run/dhcp6c/dhcp6c.veth0.sock', '-c', '/run/dhcp6c/dhcp6c.veth0.conf', '-p', '/run/dhcp6c/dhcp6c.veth0.pid', 'veth0'] 4215 >>> process_named_running('dhcp6c', 'veth1') ['/usr/sbin/dhcp6c', '-D', '-k', '/run/dhcp6c/dhcp6c.veth1.sock', '-c', '/run/dhcp6c/dhcp6c.veth1.conf', '-p', '/run/dhcp6c/dhcp6c.veth1.pid', 'veth1'] 4253 Where the debug list returned is the commandline searched.
2023-05-26xml: T5242: add cli_defined boolean test for node existing under pathJohn Estabrook
If non_local=False (default), cli_defined returns True if the node is a child of the path in interface-definitions; otherwise True if node is a descendent of the path.
2023-05-21config: T5228: simplify mangle_dict_keysJohn Estabrook
2023-05-21Merge pull request #1997 from jestabro/reference-treeViacheslav Hletenko
xml: T5218: revise vyos xml lib for bug fixes and extensions
2023-05-19xml: T5218: return defaults only for child leaf-nodes, unless recursiveJohn Estabrook
Operations get_defaults and get_config_defaults return default values only for nodes with parent in the config dict (get_config_defaults) or at the path (get_defaults). To include default values of decendent nodes, set option recursive=True.
2023-05-17xml: T5218: add operations on xml cacheJohn Estabrook
2023-05-14Merge pull request #2007 from frebib/veth-netns-revertChristian Breunig
Revert "veth: T3829: Allow moving veth into netns"
2023-05-14Revert "veth: T3829: Allow moving veth into netns"Joe Groocock
netns management for any Vyos interfaces doesn't work past the initial creation, because Vyos always tries to recreate it/move it into the netns even though it already exists. Until this is fixed, don't let anyone even attempt to use this: set interfaces virtual-ethernet veth10 peer-name 'veth100' set interfaces virtual-ethernet veth100 netns 'ns01' set interfaces virtual-ethernet veth100 peer-name 'veth10' set netns name ns01 commit vyos@r14# sudo ip netns exec ns01 ip link show 1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 12: veth100@if13: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000 link/ether ee:8f:0b:bd:a2:f8 brd ff:ff:ff:ff:ff:ff link-netnsid 0 [edit] vyos@r14# set interfaces virtual-ethernet veth100 description MyNetns commit Traceback (most recent call last): File "/usr/libexec/vyos/conf_mode/interfaces-virtual-ethernet.py", line 111, in <module> apply(c) File "/usr/libexec/vyos/conf_mode/interfaces-virtual-ethernet.py", line 101, in apply p.update(veth) File "/usr/lib/python3/dist-packages/vyos/ifconfig/interface.py", line 1413, in update self.set_netns(config.get('netns', '')) File "/usr/lib/python3/dist-packages/vyos/ifconfig/interface.py", line 552, in set_netns self.set_interface('netns', netns) File "/usr/lib/python3/dist-packages/vyos/ifconfig/control.py", line 183, in set_interface return self._set_command(self.config, name, value) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/vyos/ifconfig/control.py", line 110, in _set_command return self._command_set[name].get('format', lambda _: _)(self._cmd(cmd)) ^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/vyos/ifconfig/control.py", line 52, in _cmd return cmd(command, self.debug) ^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/vyos/util.py", line 161, in cmd raise OSError(code, feedback) PermissionError: [Errno 1] failed to run command: ip link set dev veth100 netns ns01 returned: exit code: 1 noteworthy: cmd 'ip link set dev veth100 netns ns01' returned (out): returned (err): Cannot find device "veth100" This reverts commit f5cc8453860568351cd9b3b7a05d06e1462460e8.
2023-05-12ethernet: T3891: add conditional code-path when doing speed/duplex changesChristian Breunig
There is no need for the backend code to call ethtool and try to change speed or duplex settings every time there is a change in the interface configuration, but no change for the speed/duplex subnodes. This also makes the commit itself faster when working with ethernet interfaces. Bonus: no repeating CLI messages that the driver does not support speed/duplex changes, as we do not change anything here. Extension to commit f2ecc9710 ("ethernet: T3891: honor auto-negotiation support per NIC")
2023-05-12Revert "T4819: remove additional newline from vyos.base.Warning()"Christian Breunig
This reverts commit dd59e375bee722c220c58b047ff5c6e533cc7a00.