| Age | Commit message (Collapse) | Author |
|---|
|
Under very rare cases we can run into a race condition where interfaces are
still in creation phase but are already referenced..
This can trigger:
File "/usr/libexec/vyos/conf_mode/system_conntrack.py", line 270, in <module>
apply(c)
File "/usr/libexec/vyos/conf_mode/system_conntrack.py", line 249, in apply
call_dependents()
File "/usr/lib/python3/dist-packages/vyos/configdep.py", line 147, in call_dependents
f()
File "/usr/lib/python3/dist-packages/vyos/configdep.py", line 118, in func_impl
run_config_mode_script(script, config)
File "/usr/lib/python3/dist-packages/vyos/configdep.py", line 106, in run_config_mode_script
mod.verify(c)
File "/usr/libexec/vyos//conf_mode/service_conntrack-sync.py", line 72, in verify
if len(get_ipv4(interface)) < 1:
^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/vyos/template.py", line 458, in get_ipv4
return Interface(interface).get_addr_v4()
^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/vyos/ifconfig/interface.py", line 334, in __init__
if not self.iftype:
^^^^^^^^^^^
AttributeError: 'Interface' object has no attribute 'iftype'
This commit removes the code path in question and the class attribute check.
The reason for the iftype attribute in the past was a common _create() method
serving for all interface types. As we already have a lot of derived
implementations and not all honor the classes iftype/type member - or even
worse honor it only in 50% of the occurrences it's time to drop it.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
When a VIF/VLAN interface is placed in admin down state but the lower
interface, serving the vlan, is moved from admin down -> admin up, all its
vlan interfaces will be placed in admin up state, too.
This is bad as a VLAN interface will become admin up even if its specified as
admin down after a reboot.
To reproduce:
set interfaces ethernet eth1 vif 20 disable
set interfaces ethernet eth1 disable
commit
delete interfaces ethernet eth1 disable
commit
Now check the interface state and it returns UP,LOWER_UP
7: eth1.20@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:50:56:b3:09:07 brd ff:ff:ff:ff:ff:ff
inet6 fe80::250:56ff:feb3:907/64 scope link
valid_lft forever preferred_lft forever
|
|
Interface.get_config() was always a pure helper which exposed a "per interface
type" dictionary which was then fed by the caller to create interfaces by
iproute2 which required additional options during creation time.
Such interfaces had been:
* tunnel
* vxlan
* geneve
* macsec
* wifi
* macvlan / pseudo-ethernet
The code was always duplicated to convert from the VyOS CLI based get_config_dict()
to a dict which can be used to feed iproute2.
This path has been removed and we now always feed in the entire dictionary
retrieved by get_config_dict() or in the interfaces case, it's high-level wrapper
get_interface_dict() to the interface we wan't to create.
This also adds the - personally long awaited - possibility to get rid of the
derived tunnel classes for e.g. GRE, IPIP, IPIP6 and so on.
|
|
A lot of derived classes from Interface implemented their own get_config()
method which more or less was the same everywhere. We also hat different
qualifiers like @staticmethod or @classmethod.
This is now changed to only have the @classmethod in Interface base class which
will return the necessary dictionary keys for the required interfaces. This
change is a mid reduction in lines of code which is always a very nice thing!
|
|
Every derived class must implement update() to set the interfaces admin
up/down state. This is required to prevend extensive link flaps when e.g.
reconfiguring bond interfaces.
|
|
|
|
By default MACsec only authenticates traffic but has support for optional
encryption. Encryption can now be enabled using:
set interfaces macsec <interface> encrypt
|
|
|
