summaryrefslogtreecommitdiff
path: root/src/conf_mode
AgeCommit message (Collapse)Author
2021-04-25policy: T3497: add verify() that prefix-lists must carry a defined prefixChristian Poessinger
2021-04-24policy: T2425: verify() must check if a policy is still usedChristian Poessinger
When deleting a route-map, prefix-list or access-list, we must ensure that this routing policy is not referenced by any other protocol or policy. When trying to remove a policy still in use, raise an error.
2021-04-21containers: T2216: the first IP address is always reserved for podmanChristian Poessinger
2021-04-21containers: T2216: used "address" must belong to the used container networkChristian Poessinger
2021-04-21containers: T2216: refine implementationChristian Poessinger
This commit is a cleanup and refinement of the container hosting implementation. - Renamed CLI node ipv4-prefix -> prefix so both IPv4 and IPv6 prefix can be supplied in the future. This is currently limited to IPv4 only as when using IPv6 networks in combination with IPv4 the IPv4 prefix is altered randomly - De-nested if clauses - Use "for foo, bar in baz.items()" to more easily iterate of dictionary values, this means "bar" can be used to access "baz[foo]"
2021-04-21bridge: T2653: remove superfluous "import re"Christian Poessinger
2021-04-19policy: T2425: verify() route-map match criteriasChristian Poessinger
When we match on a community-list, extended community-list or even a large community-list ensure that the referenced list exists on the CLI.
2021-04-18policy: T2425: verify other policy types and probe for mandatory optionsChristian Poessinger
2021-04-18policy: T2425: add common verify() code for all types of policiesChristian Poessinger
2021-04-18policy: T2425: to simplify dictionary use get_first_key=True on ↵Christian Poessinger
get_config_dict()
2021-04-17policy: T2425: also modify route-map section when using FRR reloadChristian Poessinger
2021-04-17policy: T2425: re-implement "policy" tree from vyatta-cfg-quagga in XML/PythonChristian Poessinger
2021-04-15protocols: remove superfluous import of vyos.util.callChristian Poessinger
2021-04-15bgp: T2771: add vpn, multicast, flowspec address familiesCheeze-It
In this commit we add more address families within BGP. This should bring VyOS the ability to enable the rest of the capabilities within FRR. Co-authored-by: Cheeze_It <none@none.com>
2021-04-14policy: T2425: rename files from policy-list to policyChristian Poessinger
2021-04-13Merge pull request #802 from sever-sever/T3455Christian Poessinger
login: T3455: Fix edit level configuration for user
2021-04-13Merge pull request #801 from sever-sever/T2216-podChristian Poessinger
containers: T2216: Add podman for containers
2021-04-13login: T3455: Fix edit level configuration for usersever-sever
2021-04-12static: T3328: route-map to zebra/kernel can not be removedChristian Poessinger
Removing the Zebra/Linux Kernel route-map added by "set protocols static route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not staticd.
2021-04-12rip: T3328: route-map to zebra/kernel can not be removedChristian Poessinger
Removing the Zebra/Linux Kernel route-map added by "set protocols rip route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not ripd.
2021-04-12isis: T3328: route-map to zebra/kernel can not be removedChristian Poessinger
Removing the Zebra/Linux Kernel route-map added by "set protocols isis route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not isisd.
2021-04-12ospf: T3328: route-map to zebra/kernel can not be removedChristian Poessinger
Removing the Zebra/Linux Kernel route-map added by "set protocols ospf route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not ospfd.
2021-04-12bgp: T3328: route-map to zebra/kernel can not be removedChristian Poessinger
Removing the Zebra/Linux Kernel route-map added by "set protocols bgp route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not bgpd.
2021-04-12containers: T2216: Add podman for containerssever-sever
2021-04-11bgp: T3344: handle FRR vrf daemon configuration more elegantChristian Poessinger
2021-04-10bgp: T3460: add verify() steps for local-as overrideChristian Poessinger
It is only possible to set one local-as override per BGP neighbor/peer-group. In addition to this, the override AS number is not allowed to be the same as the one from the global BGP process. If this would still be the case frr-reload would error out: > frr-reload output: 184 % Cannot have local-as same as BGP AS number
2021-04-08bgp: T3464: use common helper functions to verify route-maps and prefix-listsChristian Poessinger
2021-04-08protocols: T3464: proper handling of routing policy configurationChristian Poessinger
The introduction of key_mangling=('-', '_') when working with get_config_dict() caused more harm then good. This commit extends common helpers and adds new helpers when verifying the existence of route-maps, access-lists or prefix-lists.
2021-04-07vrf: T3344: re-add virtual network identifierChristian Poessinger
Commit 548d9057e3e (vrf: T3344: move dynamic routing protocols under "vrf name <name> protocols") temporary removed the possibility to specify the VNI for a given VRF to to changing of the CLI configuration nodes. As VNI is set inside zebra, we can re-use the now widely deployed frr python library to configure and change the configuration without any interference to other FRR daemons.
2021-04-05tunnel: T3030: move erspan type into regular tunnel interfaceChristian Poessinger
Instead of having a dedicated ERSPAN interface type, rather move the specifics into "interface tunnel". A migrator is not needed as there is yet no LTS release with this feature and this is considered experimental.
2021-04-05bgp: T3418: peer-group and remote-as must be present under interface nodeChristian Poessinger
When configuring a BGP neighbor via an interface, FRR requires that the peer-group and remote-as node from under the interface statement is used. This is now enforced by a verify() check.
2021-04-02frr: T3217: Abbility to save routing configssever-sever
2021-03-30ripng: T3281: remove debug print statementsChristian Poessinger
2021-03-29Merge pull request #793 from c-po/bgp-cliChristian Poessinger
bgp: T1711: remove ASN tagNode and move to "local-as"
2021-03-29bgp: T1711: remove ASN tagNode and move to "local-as"Christian Poessinger
Every time when set configuration bgp, you need set AS number. There is very less benefit in this system so the AS number is moved from a tagNode level down to a leafNode with the name "local-as", same as on the neighbor or peer-group level. This changes the CLI configuration from: set protocols bgp 100 neighbor 10.10.1.2 remote-as 200 to set protocols bgp local-as 100 set protocols bgp neighbor 10.10.1.2 remote-as 200
2021-03-28http-api: T3440: give uvicorn time to initialize before starting NginxJohn Estabrook
2021-03-24Revert "isis: T3417: add workaround for FRR issue"Christian Poessinger
This reverts commit d89455ee7f5dc21d00bbeddd57eaee2e32f45f99.
2021-03-24Merge pull request #784 from sever-sever/T3217Christian Poessinger
routing: T3217: Save configs of daemon per commit
2021-03-24ddclient: T3422: Allow zone property with cloudflare protocolJustin
Allows Dynamic DNS services with custom names to use the zone field if the protocol is set to cloudflare (cherry picked from commit 5ab6c20f8acd4dda1870b9a71fe73129d2f78b24)
2021-03-23routing: T3217: Save configs of daemon per commitsever-sever
2021-03-21isis: T3417: drop artificial "domain" node identifying the IS-IS process nameChristian Poessinger
As we and FRR do not support multiple FRR process instances, there is no need to make this configurable for a user. We rather rely on a solid default "VyOS".
2021-03-21isis: T3417: last byte of IS-IS network entity title must always be 0Christian Poessinger
2021-03-21isis: T3417: add workaround for FRR issueChristian Poessinger
We need to adjust the regex pattern for the default VRF as a trailing whitespace is required due to an FRR issue: https://github.com/FRRouting/frr/issues/8300
2021-03-21isis: T3417: verify route-map used in redistribute existsChristian Poessinger
2021-03-21isis: T3417: cleanup verify()Christian Poessinger
2021-03-21ospf: vrf: T2271: ease FRR interaction for config reloadChristian Poessinger
Instead of multiple if/else paths, use a common vrf string variable which is either populated or not. In addtion when interfaces are configured for a given VRF, harden the regex for config reload.
2021-03-21isis: T3417: add VRF supportChristian Poessinger
VRF support can be tested using: set vrf name red table 1000 set vrf name red protocols isis domain FOOO set vrf name red protocols isis net 49.0001.1921.6800.1002.00 set vrf name red protocols isis interface eth1
2021-03-21isis: T3417: move from cli tagNode to nodeChristian Poessinger
As there can only be one running IS-IS process (FRR limitation) there is no need in having a tagNode here. This adds artifical restrictions/limitations when moving on to support VRFs for IS-IS protocol.
2021-03-21vrf: ospf: T2271: comment cleanupChristian Poessinger
2021-03-17static: vrf: T3344: add target vrf verify()Christian Poessinger
When leaking routes to a VRF ensure that the VRF we are leaking to exists.