Age | Commit message (Collapse) | Author |
|
|
|
The current CLI did not support multiple prefix-delegations per interface. Some
ISPs only send one /64 to a client per prefix-delegation request, but they
allow the customer to request multiple prefixes.
The 'dhcpv6-options prefix-delegation' node has been renamed and converted to a
tag node named 'dhcpv6-options pd'. The tag node specifies a PD request (>=0).
In the past the user needed to know what prefix will be assigned and required
to calculate the sla-len by himself. The 'sla-len' node was dropped and is now
calculated in the background from the 'dhcpv6-options pd 0 length' node.
It is no longer mandatory to supply the 'sla-id' node, if sla-id is not
specified it is 'guessed' by counting upwards.
Example configuration:
----------------------
ethernet eth1 {
address dhcpv6
dhcpv6-options {
pd 0 {
length 56
interface eth2 {
address 1
}
}
}
}
This will request a /56 assignment from the ISP and will delegate a /64 network
to interface eth2. VyOS will use the interface address ::1 on the delegate
interface (eth2) as its local address.
|
|
|
|
|
|
DHCP service was not stopped when an DHCP address got removed from the
interface. DHCP service is now always stopped if it is not configured
explicitly.
|
|
vyos.template: T2720: Rework vyos.template Python library
|
|
* 't2564-lcd' of github.com:c-po/vyos-1x:
lcd: T2564: flatten CLI interface
system display: T2564: Added test model
system display: T2564: Dictionary code update
system display: T2564: Conf files to /run
system display: T2564: Changed "duration" to "time"
system display: T2564: py code cleanup
system display: T2564: Replace "config (enabled|disabled)" with "display disabled"
system display: T2564: Lowercase model names
system display: T2564 Extend VyOS to support appliance LCDs
|
|
|
|
|
|
* set system lcd device <device>
* set system lcd model <modeml>
Both device and model have completion helpers for supported interfaces and LCD
displays.
|
|
Commit 21bc98f1 ("ifconfig: dhcp: T2767: client must not start when interface
is disabled") dropped the vyos.ifconfig.dhcp module but not removed it
from the modules import list.
|
|
ISC DHCP client will always place an Interface in admin-up state once it is
started. We must ensure that if an interface is placed in A/D state that the
DHCP client proccess is not launched and terminated if it is running.
|
|
commit 3f8884587 added an endpoint for image management; T2753 updated the
command line options. Make script call consistent.
|
|
We must ignore any return code when invoking dhcpc6 initially. This is required
to enable DHCPv6-PD for interfaces which are yet not up and running and my be
started later by VyOS.
|
|
Pass the interface dictionary transparently to the DHCP module and render the
DHCP client config template directly from the same source instead of transcoding
it once more.
|
|
This removes additional code paths as we can instatly work with the input dict
the same was as it was done for PPPoE. This fixes the entire DHCPv6-PD support
on non PPPoE interfaces as this was lost in translation while processing T2653.
|
|
We do not have a formatted string here thus the "f" keyword is wrong and
triggered an exception.
|
|
Commit 29dd5079 ("ifconfig: T2653: remove duplicated code for address flush")
used the class method for address flushing, but it was cvalled in the wrong way.
|
|
After the fresh rewrite of the interfaces to a unified solution (T2653) IPv6
link-local addresses are no longer added. This will result in e.g. broken RAs.
|
|
|
|
The current VyOS CLI parser code written in Python contains a ton of duplicates
which I can also hold myself accountable for - or maybe mainly me - depends on
the angle of judge.
|
|
The current VyOS CLI parser code written in Python contains a ton of duplicates
which I can also hold myself accountable for - or maybe mainly me - depends on
the angle of judge.
|
|
|
|
Further reduce the boiler-plate code to determine interface tag node or not.
It can be passed into get_interface_dict() if explicitly required - else it
is taken from the environment.
|
|
After all interfaces have been moved to the targetted implementation of T2653
the old implementations of migrating a CLI session to a configuration dict can
be dropped.
|
|
... as it is only used inside the interface class.
|
|
As we wrap up additional functions from this library it should be part of it.
|
|
The current VyOS CLI parser code written in Python contains a ton of duplicates
which I can also hold myself accountable for - or maybe mainly me - depends on
the angle of judge.
|
|
This is required as other interfaces (e.g. pseudo-ethernet or bond) will have
VLANs, too.
|
|
With dict.update() existing keys will get overwritten when blending in interface
default values.
|
|
Every derived class must implement update() to set the interfaces admin
up/down state. This is required to prevend extensive link flaps when e.g.
reconfiguring bond interfaces.
|
|
This can be used to see if a tagNode has been changed. It will return a list
of changed nodes.
|
|
This test is reused by a lot of instances and thus must be moved to the
base class.
|
|
The current VyOS CLI parser code written in Python contains a ton of duplicates
which I can also hold myself accountable for - or maybe mainly me - depends on
the angle of judge.
While providing a new update() method in vyos.ifconfig.interfaces() this is
extended for bridge interfaces in the derived bridge class.
Signed-off-by: Christian Poessinger <christian@poessinger.com>
|
|
A VLAN interface can only be placed in admin up state when the lower interface
is up, too. If this is not the case the operating system will throw and
exception.
|
|
The current VyOS CLI parser code written in Python contains a ton of duplicates
which I can also hold myself accountable for - or maybe mainly me - depends on
the angle of judge.
While providing a new update() method in vyos.ifconfig.interfaces() this is
extended for ethernet based interfaces which also supports 802.1q, 802.1ad
VLANs. This commit migrates the existing codebase for an ethernet based
interfaces and implements the missing parts for VLANs. Adding or migrating other
interfaces (e.g. bridge or bond) will become much easier as they must reuse
the entire functionality - we now walk towards a single codepath.
Thanks for all who made this combined effort possible!
Signed-off-by: Christian Poessinger <christian@poessinger.com>
|
|
l2tpv3, wireguard, wirelessmodem, nat all require additional Kernel modules
to be present on the system. Each and every interface implemented their own
way of loading a module - by copying code.
Use a generic function, vyos.util.check_kmod() to load any arbitrary kernel
module passed as string or list.
|
|
|
|
|
|
|
|
Apart from code cleanup, this allows any module that wants to render a
template to register custom jinja2 template filters by using the new
@register_filter decorator. Examples can be found in vyos.template
itself. Using the new render_to_string function, the rendered template
can also be returned as a string instead of being written to a file.
|
|
Extended the chmod() and chown() functions in vyos.util to also operate
on open file descriptors in addition to paths. This allows code that
creates files to quickly change mode and owner even before anything
has actually been written to the file.
|
|
This adds the last IP of the subnet being added as the broadcast address.
Example: adding 192.0.2.1/24 would yield:
inet 192.0.2.1/24 brd 192.0.2.255 scope global dum0
Without this the broadcast address would be missing.
Addidionally join two is_ipv4 calls into one.
|
|
The configdiff class provides:
(1) An abstract representation of VyOS config state, for use in
configuration mode scripts.
(2) Methods to query the differences between the effective and session
config.
|
|
interface
Changes are made in the interface.py script in order to bring the admin state to 'UP' after the mac is manually added in system config.The script is marking the interface from up to down state(as the MAC address can only be changed if interface is in 'down' state) but it is not bringing it up after the change
|
|
This is a minor modification of the implementation by Thomas Mangin.
|
|
|
|
The 3rd party library used for calculating the SNMP hashes in advance only
worked for SHA and nod for MD5 as SHA was hardcoded [1]. The code has been
replaced by a class-less implementation providing only the required
functionality.
[1]: https://github.com/TheMysteriousX/SNMPv3-Hash-Generator/issues/2
|
|
|
|
As of now when adding new credentials for any SNMPv3 user we submit the
credential either plaintext or encrypted. A plaintext credential will be hashed
by SNMPd in the background and then passed back into the CLI so it's not stored
in cleartext. This feels like the wrong way in changing the CLI content with
data produced by a 3rd party daemon which implements the service.
It feels like the tail wiggles the entire dog.
This should be changed in the following way:
- After retrieving the plaintext password from CLI, use Python to hash the key
in advance
- Re-populate the encrypted key into the CLI and drop the plaintext one
- Generate service configuration and continue startup of SNMPd
This also fixes a race condition when SNMPd started up but not properly
provided the hasehd keys in the configuration resulting in a ConfigurationError.
Now as we also support binding SNMPd to a VRF this fixes a deadlock situation
on bootup as we can only bind late to the VRF and require up to 5 restarts of
the service - but the service will never start.
|