Age | Commit message (Collapse) | Author |
|
|
|
conf-mode: T2425: Add XML for policy-lists
|
|
VRF: support for dynamic routing protocols OSPF and BGP
|
|
|
|
Instead of having the dynamic routing protocols OSPF and BGP residing under
the "protocols vrf <name> [ospf|bgp]" nodes, rather move them directly under
the "vrf name <name> protocols [ospf|bgp]" node. Now all VRF related parts
are placed under the same root node.
This eases the verify steps tremendously, as we do not need to check wheter a
VRF eists or not, it will always exist as we operate under a child node.
|
|
nat66: T2518: Modify the command line description of NAT/NAT66
|
|
The following VyOS CLI config
vrf red {
bgp 100 {
neighbor 1.1.1.1 {
peer-group foo
}
peer-group foo {
passive
password bar
remote-as 200
}
}
}
Will generaste the FRR configuration:
!
router bgp 100 vrf red
no bgp ebgp-requires-policy
no bgp network import-check
neighbor foo peer-group
neighbor foo remote-as 200
neighbor foo password bar
neighbor foo passive
neighbor 1.1.1.1 peer-group foo
!
|
|
VyOS CLI config:
vrf red {
ospf {
default-information {
originate {
always
}
}
default-metric 30
passive-interface default
}
}
Will create the FRR configuration snippet:
!
router ospf vrf red
auto-cost reference-bandwidth 100
timers throttle spf 200 1000 10000
passive-interface default
default-metric 30
default-information originate always
!
|
|
|
|
A user can specify both "set system console device ttyS0 speed '9600'" and
"set service console-server device ttyS0 speed 9600". A serial interface can
not be used multiple times.
commit now produces an error:
vyos@vyos# commit
[ service console-server ]
Port "ttyS0" requires speed to be set!
(cherry picked from commit 7620a8a1d6d20d4bf16e714a9d40b7bdfb133b39)
|
|
|
|
|
|
|
|
ospf: T3211: Fix default isis redistribution
|
|
|
|
Linux does not support changing the remote address from any (multipoint
GRE as used by DMVPN) to a discrete remote address. THis will return an
error: add tunnel "tun1" failed: Invalid argument
This can be handled by detecting the mGRE -> GRE change and re-create the tunnel
silently.
|
|
|
|
There had been four implementations of "ip -d -j link show interface" scattered
accross the codebase. Those implementations have now been combined into a new
helper:
vyos.util.get_json_iface_options()
|
|
Rename CLI options local-ip to source-address and remote-ip to remote to
get a consistent CLI experience for the user.
|
|
vyos.ifconfig: cleanup and tunnel refactoring
|
|
The following list shows the mapping of VyOS tunnel encapsulation modes to the
corresponding Linux modes.
VyOS Linux
gre gre
gre-bridge gretap
ipip ipip
ipip6 ipip6
ip6ip6 ip6ip6
ip6gre ip6gre
sit sit
Besides gre-bridge this is pretty consistent. As bridge interfaces are also
called tap interfaces gre-bridge will be renamed to gretap to make the
post-processing much easier.
This means (in detail) that there are no more child classes of _Tunnel and
there will be now one geneirc TunnelIf class handling all sorts of encapsulation.
|
|
Interface.get_config() was always a pure helper which exposed a "per interface
type" dictionary which was then fed by the caller to create interfaces by
iproute2 which required additional options during creation time.
Such interfaces had been:
* tunnel
* vxlan
* geneve
* macsec
* wifi
* macvlan / pseudo-ethernet
The code was always duplicated to convert from the VyOS CLI based get_config_dict()
to a dict which can be used to feed iproute2.
This path has been removed and we now always feed in the entire dictionary
retrieved by get_config_dict() or in the interfaces case, it's high-level wrapper
get_interface_dict() to the interface we wan't to create.
This also adds the - personally long awaited - possibility to get rid of the
derived tunnel classes for e.g. GRE, IPIP, IPIP6 and so on.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
In addition to commit cf1156a60e ("ethernet: T3163: probe driver for maximum
rx/tx ring-buffer size") this extends the logic in a way as not every driver
supports setting the buffers at all so it will properly error out.
When invoking "ethtool -g" both stdout and stderr are captured and no exception
is raised if it's an unsupported driver feature. The verify() section will
inform the user about the illegal operation.
|
|
|
|
|
|
|
|
(cherry picked from commit d5804b19d3ffecdd4fe6bd89d50ac84dabb549fd)
|
|
|
|
local variable 'peer_group' referenced before assignment.
|
|
squid: T3299: Add listen address 0.0.0.0
|
|
|
|
|
|
|
|
|
|
When moving from Quagga to FRR the BGP address-family was extended by an
invalid peer-group statement. FRR always moved a configured peer-group
from the AFI level down to the neighbor level.
With the migration to FRR reload we must take care about this by ourselves.
|
|
|
|
|
|
|
|
deprecation warnings.
|
|
|
|
With commit 015651a8 ("T2638: Enable more debugging in the FRR library") a
global debug mechanism was added by creating a file named /tmp/vyos.frr.debug.
With this change we can drop the duplicated debug code from every protocol.
|
|
|
|
|
|
|