Age | Commit message (Collapse) | Author |
|
- sudo added to wg call
- debug print removed when pubkey changes
|
|
Previous implementations sent a SIGUSR1 to OpenVPN to initialte a restart after
the configuration changed - as this was the same as the client keepalive
mechanism did.
Unfortunately on SIGUSR1 OpenVPN does not re-read the configuration file. Thus
changed options were never taken into account.
|
|
|
|
|
|
Tested using:
Site 1 (VyOS 1.2.2)
-------------------
set interfaces vxlan vxlan100 address '10.10.10.2/24'
set interfaces vxlan vxlan100 remote '172.18.201.10'
set interfaces vxlan vxlan100 vni '100'
Site 2 (rewrite)
----------------
set interfaces vxlan vxlan100 address '10.10.10.1/24'
set interfaces vxlan vxlan100 description 'VyOS VXLAN'
set interfaces vxlan vxlan100 remote '172.18.202.10'
set interfaces vxlan vxlan100 vni '100'
|
|
|
|
|
|
|
|
|
|
Instead of manually starting DHCP/DHCPv6 for every interface and have an
identical if/elif/else statement checking for dhcp/dhcpv6 rather move this
repeating stement into add_addr()/del_addr().
Single source is always preferred.
|
|
|
|
A generic function which can parse the VLAN (vif, vif-s, cif-c) nodes in a
config session. A dictionary describing the VLAN is returned.
A good example will be the interface-bonding.py script used to generate bond
interfaces in the system. It is used as follows:
if conf.exists('vif'):
for vif in conf.list_nodes('vif'):
# set config level to vif interface
conf.set_level(cfg_base + ' vif ' + vif)
bond['vif'].append(vlan_to_dict(conf))
|
|
A list containing only unique elements not part of the other list is
returned. This is usefull to check e.g. which IP addresses need to be
removed from the OS.
|
|
vyos.ifconfig class
|
|
The following CLI command can be used to add a raw option to OpenVPN
which requires quotes:
> set interfaces openvpn vtun10 openvpn-option 'push "keepalive 1 10"'
The resulting config file will then have the following set:
> push "keepalive 1 10"
|
|
|
|
|
|
T1614 bonding
|
|
a bond
|
|
As in the past during the priority race of the bash script invalid configuration
could appear in the CLI and are de-synced from the kernle state, e.g. some
bonding modes do not support arp_interval.
This is no longer allowed and added to the migration script so that the config
again represents the truth.
|
|
|
|
Tested using:
=============
set interfaces bonding bond0 address 192.0.2.1/24
set interfaces bonding bond0 description "VyOS bonding"
set interfaces bonding bond0 disable-link-detect
set interfaces bonding bond0 hash-policy layer2+3
set interfaces bonding bond0 ip arp-cache-timeout 86400
set interfaces bonding bond0 mac 00:91:00:00:00:01
set interfaces bonding bond0 mode active-backup
set interfaces bonding bond0 mtu 9000
set interfaces bonding bond0 member interface eth1
set interfaces bonding bond0 member interface eth2
set interfaces bonding bond0 vif-s 100 address 192.168.10.1/24
set interfaces bonding bond0 vif-s 100 description "802.1ad service VLAN 100"
set interfaces bonding bond0 vif-s 100 mtu 1500
set interfaces bonding bond0 vif-s 100 mac 00:91:00:00:00:02
set interfaces bonding bond0 vif-s 100 vif-c 110 address "192.168.110.1/24"
set interfaces bonding bond0 vif-s 100 vif-c 110 description "client VLAN 110"
set interfaces bonding bond0 vif-s 100 vif-c 120 address "192.168.120.1/24"
set interfaces bonding bond0 vif-s 100 vif-c 120 description "client VLAN 120"
set interfaces bonding bond0 vif-s 100 vif-c 130 address "192.168.130.1/24"
set interfaces bonding bond0 vif-s 100 vif-c 130 description "client VLAN 130"
set interfaces bonding bond0 vif 400 address 192.168.40.1/24
set interfaces bonding bond0 vif 400 description "802.1q VLAN 400"
set interfaces bonding bond0 vif 400 mtu 1500
set interfaces bonding bond0 vif 400 mac 00:91:00:00:00:03
|
|
|
|
Support for vif-c interfaces is still missing
|
|
|
|
|
|
The node 'interfaces ethernet eth0 bond-group' has been changed and
de-nested. Bond members are now configured in the bond interface itself.
set interfaces bonding bond0 member interface eth0
|
|
|
|
|
|
|
|
|
|
T1557 Create generic abstraction for configuring interfaces e.g. IP address
|
|
|
|
|
|
|
|
functionality must saved
|
|
|
|
This feature is not well supported by pyroute2 and thus uses the proof-of-concept
vyos.interfaceconfig library.
Maybe it's a better idea to write our own library from scratch.
|
|
|
|
* t1614-bonding:
Python/VyOS validate: add is_ip() to check for IPv4 or IPv4 address
bridge: T1556: remove unused function freeze()
list-interfaces: T1614: support listing interfaces which can be bonded
|
|
|
|
|
|
|
|
loopback: T1601: migrate to pyroute2
|
|
|
|
|
|
bridge: T1556: migrate to pyroute2
|
|
Tested with:
set interfaces bridge br0 address '192.0.2.1/24'
set interfaces bridge br0 aging '500'
set interfaces bridge br0 disable-link-detect
set interfaces bridge br0 forwarding-delay '11'
set interfaces bridge br0 hello-time '5'
set interfaces bridge br0 igmp querier
set interfaces bridge br0 max-age '11'
set interfaces bridge br0 member interface eth1 cost '1000'
set interfaces bridge br0 member interface eth1 priority '4'
set interfaces bridge br0 member interface eth2 cost '1001'
set interfaces bridge br0 member interface eth2 priority '56'
|
|
|
|
|