diff options
Diffstat (limited to 'data')
| -rw-r--r-- | data/config-mode-dependencies.json | 3 | ||||
| -rw-r--r-- | data/templates/firewall/nftables-policy.j2 | 8 | ||||
| -rw-r--r-- | data/templates/frr/ospfd.frr.j2 | 8 | ||||
| -rw-r--r-- | data/templates/vpp/override.conf.j2 | 14 | ||||
| -rw-r--r-- | data/templates/vpp/startup.conf.j2 | 116 |
5 files changed, 145 insertions, 4 deletions
diff --git a/data/config-mode-dependencies.json b/data/config-mode-dependencies.json index ccee359d1..91a757c16 100644 --- a/data/config-mode-dependencies.json +++ b/data/config-mode-dependencies.json @@ -28,5 +28,8 @@ "wireguard": ["interfaces-wireguard"], "wireless": ["interfaces-wireless"], "wwan": ["interfaces-wwan"] + }, + "vpp": { + "ethernet": ["interfaces-ethernet"] } } diff --git a/data/templates/firewall/nftables-policy.j2 b/data/templates/firewall/nftables-policy.j2 index 7a89d29e4..1c9bda64f 100644 --- a/data/templates/firewall/nftables-policy.j2 +++ b/data/templates/firewall/nftables-policy.j2 @@ -11,7 +11,7 @@ table ip vyos_mangle { type filter hook prerouting priority -150; policy accept; {% if route is vyos_defined %} {% for route_text, conf in route.items() if conf.interface is vyos_defined %} - iifname { {{ conf.interface | join(",") }} } counter jump VYOS_PBR_{{ route_text }} + iifname { {{ conf.interface | join(",") }} } counter jump VYOS_PBR_UD_{{ route_text }} {% endfor %} {% endif %} } @@ -22,7 +22,7 @@ table ip vyos_mangle { {% if route is vyos_defined %} {% for route_text, conf in route.items() %} - chain VYOS_PBR_{{ route_text }} { + chain VYOS_PBR_UD_{{ route_text }} { {% if conf.rule is vyos_defined %} {% for rule_id, rule_conf in conf.rule.items() if rule_conf.disable is not vyos_defined %} {{ rule_conf | nft_rule(route_text, rule_id, 'ip') }} @@ -40,7 +40,7 @@ table ip6 vyos_mangle { type filter hook prerouting priority -150; policy accept; {% if route6 is vyos_defined %} {% for route_text, conf in route6.items() if conf.interface is vyos_defined %} - iifname { {{ ",".join(conf.interface) }} } counter jump VYOS_PBR6_{{ route_text }} + iifname { {{ ",".join(conf.interface) }} } counter jump VYOS_PBR6_UD_{{ route_text }} {% endfor %} {% endif %} } @@ -51,7 +51,7 @@ table ip6 vyos_mangle { {% if route6 is vyos_defined %} {% for route_text, conf in route6.items() %} - chain VYOS_PBR6_{{ route_text }} { + chain VYOS_PBR6_UD_{{ route_text }} { {% if conf.rule is vyos_defined %} {% for rule_id, rule_conf in conf.rule.items() if rule_conf.disable is not vyos_defined %} {{ rule_conf | nft_rule(route_text, rule_id, 'ip6') }} diff --git a/data/templates/frr/ospfd.frr.j2 b/data/templates/frr/ospfd.frr.j2 index 3f97b7325..1ee8d8752 100644 --- a/data/templates/frr/ospfd.frr.j2 +++ b/data/templates/frr/ospfd.frr.j2 @@ -72,6 +72,9 @@ router ospf {{ 'vrf ' ~ vrf if vrf is vyos_defined }} {% endfor %} {% endfor %} {% endif %} +{% if aggregation.timer is vyos_defined %} + aggregation timer {{ aggregation.timer }} +{% endif %} {% if area is vyos_defined %} {% for area_id, area_config in area.items() %} {% if area_config.area_type is vyos_defined %} @@ -200,6 +203,11 @@ router ospf {{ 'vrf ' ~ vrf if vrf is vyos_defined }} {% if refresh.timers is vyos_defined %} refresh timer {{ refresh.timers }} {% endif %} +{% if summary_address is vyos_defined %} +{% for prefix, prefix_options in summary_address.items() %} + summary-address {{ prefix }} {{ 'tag ' + prefix_options.tag if prefix_options.tag is vyos_defined }}{{ 'no-advertise' if prefix_options.no_advertise is vyos_defined }} +{% endfor %} +{% endif %} {% if segment_routing is vyos_defined %} {% if segment_routing.maximum_label_depth is vyos_defined %} segment-routing node-msd {{ segment_routing.maximum_label_depth }} diff --git a/data/templates/vpp/override.conf.j2 b/data/templates/vpp/override.conf.j2 new file mode 100644 index 000000000..a2c2b04ed --- /dev/null +++ b/data/templates/vpp/override.conf.j2 @@ -0,0 +1,14 @@ +[Unit] +After= +After=vyos-router.service +ConditionPathExists= +ConditionPathExists=/run/vpp/vpp.conf + +[Service] +EnvironmentFile= +ExecStart= +ExecStart=/usr/bin/vpp -c /run/vpp/vpp.conf +WorkingDirectory= +WorkingDirectory=/run/vpp +Restart=always +RestartSec=10 diff --git a/data/templates/vpp/startup.conf.j2 b/data/templates/vpp/startup.conf.j2 new file mode 100644 index 000000000..f33539fba --- /dev/null +++ b/data/templates/vpp/startup.conf.j2 @@ -0,0 +1,116 @@ +# Generated by /usr/libexec/vyos/conf_mode/vpp.py + +unix { + nodaemon + log /var/log/vpp.log + full-coredump + cli-listen /run/vpp/cli.sock + gid vpp + # exec /etc/vpp/bootstrap.vpp +{% if unix is vyos_defined %} +{% if unix.poll_sleep_usec is vyos_defined %} + poll-sleep-usec {{ unix.poll_sleep_usec }} +{% endif %} +{% endif %} +} + +{% if cpu is vyos_defined %} +cpu { +{% if cpu.main_core is vyos_defined %} + main-core {{ cpu.main_core }} +{% endif %} +{% if cpu.corelist_workers is vyos_defined %} + corelist-workers {{ cpu.corelist_workers | join(',') }} +{% endif %} +{% if cpu.skip_cores is vyos_defined %} + skip-cores {{ cpu.skip_cores }} +{% endif %} +{% if cpu.workers is vyos_defined %} + workers {{ cpu.workers }} +{% endif %} +} +{% endif %} + +{# ip heap-size does not work now (23.06-rc2~1-g3a4e62ad4) #} +{# vlib_call_all_config_functions: unknown input `ip heap-size 32M ' #} +{% if ip is vyos_defined %} +#ip { +#{% if ip.heap_size is vyos_defined %} +# heap-size {{ ip.heap_size }}M +#{% endif %} +#} +{% endif %} + +{% if ip6 is vyos_defined %} +ip6 { +{% if ip6.hash_buckets is vyos_defined %} + hash-buckets {{ ip6.hash_buckets }} +{% endif %} +{% if ip6.heap_size is vyos_defined %} + heap-size {{ ip6.heap_size }}M +{% endif %} +} +{% endif %} + +{% if l2learn is vyos_defined %} +l2learn { +{% if l2learn.limit is vyos_defined %} + limit {{ l2learn.limit }} +{% endif %} +} +{% endif %} + +{% if logging is vyos_defined %} +logging { +{% if logging.default_log_level is vyos_defined %} + default-log-level {{ logging.default_log_level }} +{% endif %} +} +{% endif %} + +{% if physmem is vyos_defined %} +physmem { +{% if physmem.max_size is vyos_defined %} + max-size {{ physmem.max_size.upper() }} +{% endif %} +} +{% endif %} + +plugins { + path /usr/lib/x86_64-linux-gnu/vpp_plugins/ + plugin default { disable } + plugin dpdk_plugin.so { enable } + plugin linux_cp_plugin.so { enable } + plugin linux_nl_plugin.so { enable } +} + +linux-cp { + lcp-sync + lcp-auto-subint +} + +dpdk { + # Whitelist the fake PCI address 0000:00:00.0 + # This prevents all devices from being added to VPP-DPDK by default + dev 0000:00:00.0 +{% for iface, iface_config in interface.items() %} +{% if iface_config.pci is vyos_defined %} + dev {{ iface_config.pci }} { + name {{ iface }} +{% if iface_config.num_rx_desc is vyos_defined %} + num-rx-desc {{ iface_config.num_rx_desc }} +{% endif %} +{% if iface_config.num_tx_desc is vyos_defined %} + num-tx-desc {{ iface_config.num_tx_desc }} +{% endif %} +{% if iface_config.num_rx_queues is vyos_defined %} + num-rx-queues {{ iface_config.num_rx_queues }} +{% endif %} +{% if iface_config.num_tx_queues is vyos_defined %} + num-tx-queues {{ iface_config.num_tx_queues }} +{% endif %} + } +{% endif %} +{% endfor %} + uio-bind-force +} |