Age | Commit message (Collapse) | Author |
|
nptv6: T2518: Support IPv6 address translation
|
|
|
|
|
|
|
|
* set protocols bgp ASN address-family ipv4-unicast maximum-paths
* set protocols bgp ASN address-family ipv4-unicast maximum-paths-ibgp
* set protocols bgp ASN address-family ipv6-unicast maximum-paths
* set protocols bgp ASN address-family ipv6-unicast maximum-paths-ibgp
|
|
VyOS 1.2 had a default ttl of 16 hardcoded to the node.def file [1], so until
this is handled via a migration script we have to obey that particular
setting.
[1]: https://github.com/vyos/vyatta-cfg-system/blob/crux/templates/interfaces/vxlan/node.def#L23
|
|
As we can also use the TunnelIf() class from op-mode we must ensure that read-only
access to the class works even if required configuration keys as "encapsulation"
are not passed to the class on invokation.
This fixes an isse where "show interfaces tunnel" returned:
Traceback (most recent call last):
File "/usr/libexec/vyos/op_mode/show_interfaces.py", line 313, in <module>
args.vrrp
File "/usr/libexec/vyos/op_mode/show_interfaces.py", line 48, in handled_function
function(*args, **kwargs)
File "/usr/libexec/vyos/op_mode/show_interfaces.py", line 222, in run_show_intf_brief
for interface in filtered_interfaces(ifnames, iftypes, vif, vrrp):
File "/usr/libexec/vyos/op_mode/show_interfaces.py", line 77, in filtered_interfaces
interface = klass(ifname, create=False, debug=False)
File "/usr/lib/python3/dist-packages/vyos/ifconfig/tunnel.py", line 99, in __init__
if self.iftype in ['gretap', 'ip6gretap']:
AttributeError: 'TunnelIf' object has no attribute 'iftype'
|
|
This reverts commit e1c993f57efdf91f26a36f1d0339298e63fdf20e.
|
|
Commit e5b335830ef ("vyos.ifconfig: T1579: remove calls to
vyos.ifconfig.Interface.get_config()") removed the PPPoEIf class as it seemed
to be unused. It turns out it is required by the op-mode commands for e.g. "show
interfaces".
|
|
|
|
|
|
|
|
Commit 52ee92b8 ("pppoe: T3386: Fix client ip-pool stop range") fixed the
generated client range configuration line for Accel-PPP but missed out altering
the testcase, too which validates the generated configuration line.
|
|
|
|
grub: T3271: don't write grub.cfg if it hasn't changed
|
|
|
|
dhcp: T3300: add DHCP default route distance
|
|
ospf: T3211: Fix default isis redistribution
|
|
pppoe: T3386: Fix client ip-pool stop range
|
|
|
|
Linux does not support changing the remote address from any (multipoint
GRE as used by DMVPN) to a discrete remote address. THis will return an
error: add tunnel "tun1" failed: Invalid argument
This can be handled by detecting the mGRE -> GRE change and re-create the tunnel
silently.
|
|
|
|
|
|
|
|
|
|
|
|
* 'T3379' of https://github.com/sever-sever/vyos-1x:
dhcpv6-server: T3379: Add option global-parameters name-server
|
|
Support setting additional options to the GENEVE tunnel like:
- ttl
- tos
- do not fragment bit
- ipv6 flowlabel
|
|
Verify proper configuration of VXLAN parameters for
- source-interface
- source-address
- remote
- vni
- group
Before it was only verified if the VXLAN tunnel interface was configured
at all but not if the parameters are correct, too.
|
|
|
|
op-mode: T3357: Fix show_interfaces bug with tunnels
|
|
|
|
pppoe: T3353: Remove regex for listen interface vlan-id
|
|
Commit 49bc3f1e ("vif: T3349: use fixed ordering when enabling parent and child
interface") also shipped a smoketest to verify the functionality of the parent
admin up/down problematic from T3349. The generic testcase failed for the VLAN
aware bridge as vlan-awarenes was not turned on.
|
|
|
|
When a VIF/VLAN interface is placed in admin down state but the lower
interface, serving the vlan, is moved from admin down -> admin up, all its
vlan interfaces will be placed in admin up state, too.
This is bad as a VLAN interface will become admin up even if its specified as
admin down after a reboot.
To reproduce:
set interfaces ethernet eth1 vif 20 disable
set interfaces ethernet eth1 disable
commit
delete interfaces ethernet eth1 disable
commit
Now check the interface state and it returns UP,LOWER_UP
7: eth1.20@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:50:56:b3:09:07 brd ff:ff:ff:ff:ff:ff
inet6 fe80::250:56ff:feb3:907/64 scope link
valid_lft forever preferred_lft forever
|
|
There had been four implementations of "ip -d -j link show interface" scattered
accross the codebase. Those implementations have now been combined into a new
helper:
vyos.util.get_json_iface_options()
|
|
|
|
Rename CLI options local-ip to source-address and remote-ip to remote to
get a consistent CLI experience for the user.
|
|
pppoe: T3353: Modify template for vlan-mon and interface
|
|
|
|
|
|
|
|
vyos.ifconfig: cleanup and tunnel refactoring
|
|
|
|
Streamline the CLI configuration where we try to use remote on other interfaces
like vxlan, geneve.
|
|
Streamline the CLI configuration where we try to use source-address when
creating connections which are especially sourced from a discrete address.
|
|
The following list shows the mapping of VyOS tunnel encapsulation modes to the
corresponding Linux modes.
VyOS Linux
gre gre
gre-bridge gretap
ipip ipip
ipip6 ipip6
ip6ip6 ip6ip6
ip6gre ip6gre
sit sit
Besides gre-bridge this is pretty consistent. As bridge interfaces are also
called tap interfaces gre-bridge will be renamed to gretap to make the
post-processing much easier.
This means (in detail) that there are no more child classes of _Tunnel and
there will be now one geneirc TunnelIf class handling all sorts of encapsulation.
|
|
A VXLAN tunnel may now get a TTL, TOS, Flowlabel option specified. It is also
possible to disable learning of unknown addresses into the forwarding database.
|
|
Interface.get_config() was always a pure helper which exposed a "per interface
type" dictionary which was then fed by the caller to create interfaces by
iproute2 which required additional options during creation time.
Such interfaces had been:
* tunnel
* vxlan
* geneve
* macsec
* wifi
* macvlan / pseudo-ethernet
The code was always duplicated to convert from the VyOS CLI based get_config_dict()
to a dict which can be used to feed iproute2.
This path has been removed and we now always feed in the entire dictionary
retrieved by get_config_dict() or in the interfaces case, it's high-level wrapper
get_interface_dict() to the interface we wan't to create.
This also adds the - personally long awaited - possibility to get rid of the
derived tunnel classes for e.g. GRE, IPIP, IPIP6 and so on.
|