Age | Commit message (Collapse) | Author |
|
- in preparation for a wireguard cli test case, generate
is used to create the keys later used in the config
|
|
|
|
This reverts commit 4a4e2b6386b4c036bbf4486a8a7ac7002d08158b.
|
|
interfaces"
This reverts commit 95f7a440031c58b47fd88d6aa9fac3ddaf6ae231.
|
|
Commit 4a4e2b6 ("ifconfig: T2002: only admin up interfaces if parent interface
is up") contained an inheritance issue where the Ethernet and Bond interface
was always admin down. This was caused by wrong calls in the inheritance
structure.
|
|
On an A/D (administrative down) interface the VLAN code tries to still admin
up the interface. This won't work and the kernel will complain with:
RTNETLINK answers: Operation not permitted
With this change the VLAN interface is only enabled when the parent interface
is administrative up, too.
|
|
when there are uncommitted changes.
|
|
|
|
Commit 17dd50751d ("bfd: T1949: fix verification logic for IPv6 BFD peers")
added a mechanism to probe if an IPv6 address is link-local or not. Sometimes
an interface suffix is appended by %interface to a link-local address, as we
need to know an interface for which this address is (hence the name) link-local.
Remove any interface identifier before checking if the address is local or not.
|
|
Without closing the communication channel to the subprocess, Python will
complain e.g. when executing vyos-smoketest binary.
/usr/lib/python3/dist-packages/vyos/configsession.py:110: ResourceWarning:
unclosed file <_io.BufferedReader name=3>
self.__run_command([CLI_SHELL_API, 'setupSession'])
ResourceWarning: Enable tracemalloc to get the object allocation traceback
|
|
bfd: T1949: fix verification logic for IPv6 BFD peers
|
|
transaction-script 'stop'
|
|
|
|
IPv6 BFD peers only require a source address unless link-local addresses are used.
|
|
Provide an XML/Python abstraction to
* ip disable-arp-filter
* ip enable-arp-accept
* ip enable-arp-announce
* ip enable-arp-ignore
The old implementation can co-exist until the last interfaces have been
migrated.
|
|
instead of providing three copies of the same method in bonding, ethernet and
wireless, make a common function in vyos.ifconfig_vlan.apply_vlan_config().
|
|
|
|
Tested using:
R1:
---
set interfaces l2tpv3 l2tpeth10 address '2001:db8:beef::1/64'
set interfaces l2tpv3 l2tpeth10 address '100.0.0.1/24'
set interfaces l2tpv3 l2tpeth10 destination-port '3000'
set interfaces l2tpv3 l2tpeth10 encapsulation 'udp'
set interfaces l2tpv3 l2tpeth10 local-ip '172.18.201.10'
set interfaces l2tpv3 l2tpeth10 peer-session-id '10'
set interfaces l2tpv3 l2tpeth10 peer-tunnel-id '100'
set interfaces l2tpv3 l2tpeth10 remote-ip '172.18.204.10'
set interfaces l2tpv3 l2tpeth10 session-id '20'
set interfaces l2tpv3 l2tpeth10 source-port '6000'
set interfaces l2tpv3 l2tpeth10 tunnel-id '200'
R2:
---
set interfaces l2tpv3 l2tpeth10 address '2001:db8:beef::2/64'
set interfaces l2tpv3 l2tpeth10 address '100.0.0.2/24'
set interfaces l2tpv3 l2tpeth10 destination-port '6000'
set interfaces l2tpv3 l2tpeth10 encapsulation 'udp'
set interfaces l2tpv3 l2tpeth10 local-ip '172.18.204.10'
set interfaces l2tpv3 l2tpeth10 peer-session-id '20'
set interfaces l2tpv3 l2tpeth10 peer-tunnel-id '200'
set interfaces l2tpv3 l2tpeth10 remote-ip '172.18.201.10'
set interfaces l2tpv3 l2tpeth10 session-id '10'
set interfaces l2tpv3 l2tpeth10 source-port '3000'
set interfaces l2tpv3 l2tpeth10 tunnel-id '100'
|
|
|
|
|
|
|
|
- management-address is not a <multi/> node
- added new vyos.validate.is_loopback_addr() function - returns true is address
passed is a looback address
|
|
|
|
A delta-check problem caused the deletion of each and every VLAN interface
when anything under an interface has been changed. This also cause PPPoE
session interruptions.
|
|
In addition to ignoring edit level for the session config (12a21a4b),
the running config should be parsed from the top level.
|
|
|
|
* 'current' of github.com:vyos/vyos-1x:
T1855, T1826: Restore support for reboot/poweroff in M minutes.
vyos.config: T1764: allow for list argument to exists, in value case
vyos.config: T1846: ignore edit level when obtaining working config
T1843: use include files for interface proxy-arp-pvlan option
T1843: use include files for interface proxy-arp configuration
T1843: use include files for interface arp-cache-timeout configuration
T1843: use include files for interface link-detect feature
T1843: use include files for interface MTU size
T1843: use include files for interface MAC address
T1843: use include files to disable interface (admin down)
T1843: use include files for interface description
T1843: use include files for DHCP/DHCPv6 options
T1843: recursively include IP address definitions in VIF/VIF-S definitions
T1843: add support for recursive includes
T1843: use include files for VIF/VIF-S interfaces
T1843: use include files for IPv4/IPv6 interface address configuration
T1843: run interface-definitions though GCC preprocessor
|
|
|
|
|
|
|
|
* 'current' of github.com:vyos/vyos-1x:
openvpn: bridge: T1556: remove obsolete bridge-group definition
ifconfig: T1849: fix DHCPv6 startup
Python/VyOS validate: T1849: handle is_ipv6()/is_ipv6() exceptions
ifconfig: T1793: remove dhcpv6 client debug output
ddclient: T1853: bugfix TypeError exception
syslog: T1845: syslog host no longer accepts a port
syslog: code formatting
syslog: T1845: syslog host no longer accepts a port
syslog: renaming files and conf script to fit new scheme
T1855, T1826: clean up the reboot/shutdown script.
wireguard: T1853: disable peer doesn't work
Revert "syslog: T1845: syslog host no longer accepts a port"
dmvpn: T1784: Add swanctl load call
syslog: T1845: syslog host no longer accepts a port
[vyos.config] T1847: correctly set_level for path given as empty string
|
|
|
|
|
|
|
|
|
|
* 'current' of github.com:vyos/vyos-1x:
shutdown: T1826: Modify cancel reboot msg
T1801: move escaping of backslashes into configtree
vxlan: T1636: remove unused import statements
geneve: T1799: remove unused import statements
|
|
|
|
|
|
|
|
|
|
* 'current' of github.com:vyos/vyos-1x:
bridge: T1673: re-use "base" variable
bridge: T1673: add missing VLAN bridge member migration
geneve: T1799: add misssing "vni" to default_config_data
vxlan: T1636: add misssing "vni" to default_config_data
geneve: T1799: set minimum MTU size 1500 bytes
geneve: T1799: add IPv4 routing parameters
geneve: T1799: support bridging
geneve: T1799: add Generic Network Virtualization Encapsulation
|
|
|
|
* current:
wireless: T1627: support station mode
wireless: T1627: support DHCP(v6) addresses
wireless: T1627: add support for RADIUS source-address
wireless: T1627: RADIUS servers must have a key specified
wireless: T1627: change RADIUS CLI syntax
l2tp: harmonize RADIUS wording
wireless: T1627: re-order WPA key in hostapd config
wireless: T1627: change priority from 318 to 400
wireless: T1627: fix generated ht_capab and vht_capab
wireless: T1627: fix regex for 'ht channel-set-width'
wireless: T1627: config migrator does not support camel casing
wireless: T1627: initial rewrite of show-wireless.pl in Python
wireless: T1627: add op-mode commands
wireless: T1627: initial rewrite in XML/Python style
pppoe-server: T1821: Set radius module priority
T1818: Print name of migration script on failure
T1814: Add log of migration scripts run during config migration
vyos-hostsd: T1812: run increment first
[vyos-hostsd] T1812: Reload pdns on dhcp client update
migration-scripts: l2tp: T1811: add missing check on server existence
|
|
|
|
|
|
* 'current' of github.com:vyos/vyos-1x:
dns: T1786: add proper processing of 'system disable-dhcp-nameservers'
openvpn: fix typo in op-mode command on display rx bytes
T1801: escape isolated backslashes before passing to ConfigTree()
wireless: T1627: fix interface names for list_interfaces.py
[service https] T1443: add setting of HTTPS listen port
|
|
|
|
* 'current' of github.com:vyos/vyos-1x:
ifconfig: T1793: extend set_speed_duplex() delta check
[OpenVPN]: T1704: Added uppercase entries of ncp-ciphers, since there seems to be a bug in OpenVPN client when comparing pushed cipher with local ncp cipher list
[OpenVPN]: T1704: Moved ncp-ciphers out of encryption block in config template
[OpenVPN]: T1704: Changed the description of ncp-ciphers in config
[OpenVPN]: T1704: Added function for ncp-ciphers, and ability to disable it. [OpenVPN]: T1704: Changed config structure for OpenVPN encryption to support ncp-ciphers. [OpenVPN]: T1704: Added migration scripts for interface 2-to-3
Intel QAT: T1788: Intel QAT implementation
ifconfig: T1793: add delta check on set_speed_duplex()
ifconfig: T1793: add delta check on set_flow_control()
Python/ifconfig: wireguard: remove trailing whitespaces
l2tp: T1747: automatically calculate gw-ip-address
QAT: T1788: Intel QAT implementation
|
|
Commit 9e4947770064 ("ifconfig: T1793: add delta check on set_speed_duplex()")
was wave1 of reducing the amount of switch-port flaps and BGP session resets.
The delta check now also handles the case of fixed speed and duplex settings.
|
|
The speend and duplex settings should only be changed when they need to.
Always configuring this setting will make the kernel disable and re-enable the
physical interface. This will not only let the switchport flap but it will also
reset e.g. BGP sessions.
This is the first part of this fix for speed/duplex auto settings.
In addition - this also reduces the config commit time.
|