Age | Commit message (Collapse) | Author |
|
We can leak routes back to the default VRF, thus the check added by commit
9184dfb5 ("static: vrf: T3344: add target vrf verify()") must have a "bail out"
option when one want's to leak routes into the default VRF.
(cherry picked from commit 5adcc4ca30676338fca9a06409bbc72af4f68a1f)
|
|
T3284: Merge Paramiko-based remote.py implementation
|
|
|
|
(cherry picked from commit dd2eb5e5686655c996ae95285b8ad7eb73d63d0b)
|
|
This is an extension to commit 801c5235 ("xdp: T2666: disable this highly
experimental feature in 1.3 LTS") by dropping all XDP references in the
equuleus codebase.
|
|
VyOS 1.2 had a default ttl of 16 hardcoded to the node.def file [1], so until
this is handled via a migration script we have to obey that particular
setting.
[1]: https://github.com/vyos/vyatta-cfg-system/blob/crux/templates/interfaces/vxlan/node.def#L23
|
|
There had been four implementations of "ip -d -j link show interface" scattered
accross the codebase. Those implementations have now been combined into a new
helper:
vyos.util.get_json_iface_options()
(cherry picked from commit f13cc56d665a91ff3fac47df260301afefb1a3a5)
|
|
When a VIF/VLAN interface is placed in admin down state but the lower
interface, serving the vlan, is moved from admin down -> admin up, all its
vlan interfaces will be placed in admin up state, too.
This is bad as a VLAN interface will become admin up even if its specified as
admin down after a reboot.
To reproduce:
set interfaces ethernet eth1 vif 20 disable
set interfaces ethernet eth1 disable
commit
delete interfaces ethernet eth1 disable
commit
Now check the interface state and it returns UP,LOWER_UP
7: eth1.20@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:50:56:b3:09:07 brd ff:ff:ff:ff:ff:ff
inet6 fe80::250:56ff:feb3:907/64 scope link
valid_lft forever preferred_lft forever
(cherry picked from commit 49bc3f1e3ff8416908fc986bb60b444a75a1722d)
|
|
(cherry picked from commit bddeae3755c8d83f4c47bc3b3798858a95427530)
|
|
In addition to commit cf1156a60e ("ethernet: T3163: probe driver for maximum
rx/tx ring-buffer size") this extends the logic in a way as not every driver
supports setting the buffers at all so it will properly error out.
When invoking "ethtool -g" both stdout and stderr are captured and no exception
is raised if it's an unsupported driver feature. The verify() section will
inform the user about the illegal operation.
(cherry picked from commit 159899ed9ba5661e4bdcfdadf1292e237f117063)
|
|
(cherry picked from commit a3e11ace758f447ddbbabd31d4903b3f71baa0b8)
|
|
(cherry picked from commit cf1156a60e1d03a752cde0baadbc9ac8118b2a52)
|
|
If the subprocess is producing enough data (in this case showConfig on a
large config file), then the construction:
p = subprocess.Popen(.., stdout=subprocess.PIPE, ..)
p.wait()
will deadlock with the subprocess waiting for data to be consumed, while
the Python process waits for its termination. So consume data, then wait
for termination.
(cherry picked from commit 83bcd13775323bec35d018223029e9a8b13179c8)
|
|
is_ip_network and compare_netmask Jinja2 filter have been added via commit
920789798 ("nat: T2947: add many-many translation") on "current" and are
required for the 1:1 NAT functionality.
jinja2.exceptions.TemplateAssertionError: no filter named 'is_ip_network'
|
|
In the past it was possible to configure a vif-s interface and a vif interface
both with the same VLAN ID. VyOS 1.2 reported a Kernel error:
RTNETLINK answers: File exists
Error creating VLAN device eth1.100
so this should not be possible at all in VyOS 1.3
(cherry picked from commit ccd516b4d10c518ea445928c01d6c7dc2770777b)
|
|
(cherry picked from commit 55c5d662290aea9f2c3abe911bd9920f4f9d7d9a)
|
|
(cherry picked from commit b8cddcdae36903feb84ee1807d6adb27337cf582)
|
|
If dhcpv6-options is configured without requesting a DHCPv6 address or PD, the
dhcpv6pd variable is assigned an empty dict.
(cherry picked from commit d7d916f74e7d3b3b1fc85336f24f91af66b1e2a8)
|
|
(cherry picked from commit 452a9c504f472dcaee8c93947a889dab4f8259ce)
|
|
After switching to iproute2 in commit 92f36735 ("ifconfig: T2653: use iproute2
commands for alias, mac and mtu set()/get()" it is necessary to return an empty
string as iproute2 returns None.
(cherry picked from commit ea1be032e98fd1634e71d3c2d61b3e93bff841de)
|
|
(cherry picked from commit 92f3673538e0328488c14c90c8acf7ea6b2141ba)
|
|
(cherry picked from commit 138e7a95c21fb2928182847693e366644be6e945)
|
|
|
|
|
|
configured SLA-IDs
"data/templates/dhcp-client/ipv6.tmpl" handles the auto-assigning of SLA-IDs on
lines 39, 46, and 52.
|
|
"data/templates/dhcp-client/ipv6.tmpl" handles the auto-assigning of SLA-IDs on
lines 39, 46, and 52.
|
|
VLAN interfaces contain periods, which make them incompatible with
dict_search().
|
|
|
|
|
|
|
|
|
|
- remove redundant code paths apply_mirror() / apply_mirror_of_monitor()
- have single source available
|
|
The Linux Kernel supports enabling more cores for RPS then we actually have.
It does internal clipping/validation so there is no need for us to calculate
the specifc enable mask we can simply throw "all -1" at the Kernel.
|
|
|
|
set interfaces ethernet <interface> offload rps
|
|
|
|
|
|
is wrong
In e8957b5, we used json to parse the `tc qdisc` filter to determine whether it needs
to be deleted (reduction of exception mechanism), but now we find that the json output
by this command will output unparsed json in some cases,
so We have to go back to the processing of the exception mechanism
|
|
|
|
|
|
This reverts commit 9541355433e202fade4692851bffa33ba9d48f44.
|
|
Migrate from
ethernet eth1 {
offload-options {
generic-receive on
generic-segmentation on
scatter-gather on
tcp-segmentation on
udp-fragmentation on
}
}
to
ethernet eth1 {
offload {
ufo
tso
sg
gso
gro
}
}
|
|
|
|
|
|
|
|
|
|
Using 'xdp' will automatically decide if the driver supports 'xdpdrv' or only
'xdpgeneric'. A user later sees which driver is actually in use by calling
'ip a' or 'show interfaces ethernet'.
|
|
The CLI command 'set interfaces ethernet <interface> offload-options xdp" enables
the XDP generic mode on the given interface.
vyos@vyos:~$ show interfaces ethernet eth1
eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 xdpgeneric/id:151 qdisc mq state DOWN group default qlen 1000
link/ether 00:50:56:bf:ef:aa brd ff:ff:ff:ff:ff:ff
inet6 fe80::250:56ff:febf:efaa/64 scope link tentative
valid_lft forever preferred_lft forever
Description: fooa
XDP code is thankfully copied from [1], thank you for this nice tutorial.
NOTE: this is an experimental feature which might break your
forwarding/filtering.
[1]: https://medium.com/swlh/building-a-xdp-express-data-path-based-peering-router-20db4995da66
|
|
|
|
Since the dependency problem has not been solved before,
if the monitoring interface does not exist when the
mirror rule is created, the execution will be abnormal
|