Age | Commit message (Collapse) | Author |
|
Users can not (FRR fails) commit the same network belonging to different OSPF
areas. Add verify() check to prevent this.
(cherry picked from commit c6d8d9c012da1a7566eec2dff70385457f073e64)
|
|
(cherry picked from commit 298bcc5cb90c4c83981ec4baaaa0db785306867d)
|
|
(cherry picked from commit cfb5b052c84ffba789d61a59350676b6b4a0a5f7)
|
|
config
To reproduce:
set vrf name red table 2000
set vrf name red protocols ospf interface eth1 area 0
set vrf name red protocols ospf parameters router-id 1.1.1.1
set interfaces ethernet eth1 vrf red
commit
FRR now has an interface config
vyos@vyos# vtysh -c "show run" no-header | sed -n "/^interface eth1/,/!/p"
interface eth1
ip ospf area 0
ip ospf dead-interval 40
exit
Now delete the interface from the OSPF(v3) or ISIS process
delete vrf name red protocols ospf interface
commit
It's still there
vyos@vyos# vtysh -c "show run" no-header | sed -n "/^interface eth1/,/!/p"
interface eth1
ip ospf area 0
ip ospf dead-interval 40
exit
!
Issue was caused in the FRR vtysh representation of an interface. It used to
have a "vrf <name>" marker in earlier versions but FRR 8.5 and later no longer
have the marker. So "interface eth1 vrf red" became "interface eth1" in vtysh,
but our regex expected the "vrf" identifier when modifying FRR config.
|
|
|
|
New CLI commands:
* set protocols ospf graceful-restart grace-period 300
* set protocols ospf graceful-restart helper planned-only
* set protocols ospf graceful-restart helper no-strict-lsa-checking
* set protocols ospf graceful-restart helper supported-grace-time 400
* set protocols ospf graceful-restart helper enable router-id 192.0.2.1
* set protocols ospf graceful-restart helper enable router-id 192.0.2.2
* set protocols ospfv3 graceful-restart grace-period 300
* set protocols ospfv3 graceful-restart helper planned-only
* set protocols ospfv3 graceful-restart helper lsa-check-disable
* set protocols ospfv3 graceful-restart helper supported-grace-time 400
* set protocols ospfv3 graceful-restart helper enable router-id 192.0.2.1
* set protocols ospfv3 graceful-restart helper enable router-id 192.0.2.2
|
|
* T5195: move run, cmd, call, rc_cmd helper to vyos.utils.process
* T5195: use read_file and write_file implementation from vyos.utils.file
Changed code automatically using:
find . -type f -not -path '*/\.*' -exec sed -i 's/^from vyos.util import read_file$/from vyos.utils.file import read_file/g' {} +
find . -type f -not -path '*/\.*' -exec sed -i 's/^from vyos.util import write_file$/from vyos.utils.file import write_file/g' {} +
* T5195: move chmod* helpers to vyos.utils.permission
* T5195: use colon_separated_to_dict from vyos.utils.dict
* T5195: move is_systemd_service_* to vyos.utils.process
* T5195: fix boot issues with missing imports
* T5195: move dict_search_* helpers to vyos.utils.dict
* T5195: move network helpers to vyos.utils.network
* T5195: move commit_* helpers to vyos.utils.commit
* T5195: move user I/O helpers to vyos.utils.io
|
|
* set protocols ospf aggregation timer <seconds>
* set protocols ospf summary-address x.x.x.x/x [tag 1-4294967295]
* set protocols ospf summary-address x.x.x.x/x no-advertise
|
|
|
|
|
|
|
|
In this commit we add OSPF segment routing, smoke tests, handlers,
FRR template changes, and CLI commands.
|
|
|
|
|
|
|
|
|
|
Every node in running config now has an explicit "exit" tag
|
|
|
|
|
|
Add new CLI command:
* "set protocols ospf redistribute table <n>"
|
|
Commit 6f87d8c9 ("ospf: T3757: support to configure area at an interface level")
did not allow the old way an area and netwokr was set-up as the if
expression was missing a check if 'area' was set in both the interface and the
ospf process.
|
|
FRR supports configuring either network prefixes per area, or assign an
interface to an area to participate in the routing process. This is already well
known from other venders and supported by FRR.
A valid VyOS OSPF configuration would then look like:
vyos@vyos# show protocols
ospf {
interface dum0 {
area 0
}
interface eth0.201 {
area 0
authentication {
md5 {
key-id 10 {
md5-key vyos
}
}
}
dead-interval 40
hello-interval 10
priority 1
retransmit-interval 5
transmit-delay 1
}
log-adjacency-changes {
detail
}
parameters {
abr-type cisco
router-id 172.18.254.201
}
passive-interface default
passive-interface-exclude eth0.201
}
|
|
|
|
|
|
Commit 4f9aa30f ("vrf: bgp: T3523: add route-map support for kernel routes")
added the possibility to also filter BGP routes towards the OS kernel, but the
smoketests failed. Reason was a non working CLI command applied to bgpd.
Thus the VRF route-map and the BGP configuration is now split into two templates,
one to be used for each daemon (zebra and bgpd).
Nevertheless one more bug was found in vyos.frr which currently does not suppoort
calling modify_section() inside a configuration "block". See [1] for more info.
[1]: https://phabricator.vyos.net/T3529
|
|
route-map
|
|
|
|
Removing the Zebra/Linux Kernel route-map added by "set protocols ospf route-map"
was not removed once applied. This was because the removal must happen within
the zebra daemon and not ospfd.
|
|
The introduction of key_mangling=('-', '_') when working with get_config_dict()
caused more harm then good. This commit extends common helpers and adds new
helpers when verifying the existence of route-maps, access-lists or prefix-lists.
|
|
|
|
|
|
Instead of multiple if/else paths, use a common vrf string variable which is
either populated or not. In addtion when interfaces are configured for a given
VRF, harden the regex for config reload.
|
|
|
|
During assembly of the required config changes we also must move the
interfaces_removed assignemnt to an earlier stage so the value is also populated
when the entire process is removed to cleanup all remaining OSPF process assigned
interfaces.
This was yet not the case and when deleting OSPF I still got my "interface eth0"
with the area key configured.
|
|
|
|
Instead of having the dynamic routing protocols OSPF and BGP residing under
the "protocols vrf <name> [ospf|bgp]" nodes, rather move them directly under
the "vrf name <name> protocols [ospf|bgp]" node. Now all VRF related parts
are placed under the same root node.
This eases the verify steps tremendously, as we do not need to check wheter a
VRF eists or not, it will always exist as we operate under a child node.
|
|
VyOS CLI config:
vrf red {
ospf {
default-information {
originate {
always
}
}
default-metric 30
passive-interface default
}
}
Will create the FRR configuration snippet:
!
router ospf vrf red
auto-cost reference-bandwidth 100
timers throttle spf 200 1000 10000
passive-interface default
default-metric 30
default-information originate always
!
|
|
|
|
|
|
|
|
With commit 015651a8 ("T2638: Enable more debugging in the FRR library") a
global debug mechanism was added by creating a file named /tmp/vyos.frr.debug.
With this change we can drop the duplicated debug code from every protocol.
|
|
Added "set protocols ospf interface eth1 hello-multiplier <n>" CLI command. This
is mutually exclusive to "set protocols ospf interface eth1 dead-interval <n>".
|
|
|
|
interface"
For easier maintenance and operability move the interface specific protocol
setting of OSPF to the OSPF protocol section. This is now also in-line with IS-IS.
This means to migrate:
ethernet eth0 {
vif 202 {
ip {
ospf {
authentication {
md5 {
key-id 10 {
md5-key vyosvyos
}
}
}
dead-interval 40
hello-interval 10
priority 1
retransmit-interval 5
transmit-delay 1
}
}
}
}
to
protocols {
ospf {
interface eth0.201 {
authentication {
md5 {
key-id 10 {
md5-key vyosvyos
}
}
}
dead-interval 40
hello-interval 10
priority 1
retransmit-interval 5
transmit-delay 1
}
}
|
|
A hyphen in a route-map name will be converted to _, take care about this
effect during validation.
|
|
|
|
This commit provides the implementation of the OSPF CLI with a Jinja2 template
that is loaded by FRR reload. It also contains some initial smoketests.
There is yet no verify() implementation!
|
|
|
|
|
|
|