summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2020-11-21ethernet: T3048: drop static smp-affinity for dynamic performance tuningChristian Poessinger
After migrating the ethernet interfaces from the good old Perl days the smp-affinity node yet has no effect anymore as the code is still missing (my bad, sorry). Drop the smp-affinity node and rather use tuned instead with the network-throughput or network-latency profile. - network-throughput: Profile for throughput network tuning. It is based on the throughput-performance profile. It additionaly increases kernel network buffers. - network-latency: Profile for low latency network tuning. It is based on the latency-performance profile. It additionaly disables transparent hugepages, NUMA balancing and tunes several other network related sysctl parameters. I'd set network-throughput as the default on a new set system option performance <throughput | latency> CLI node which is present in the default configuration. https://access.redhat.com/sites/default/files/attachments/201501-perf-brief-low-latency-tuning-rhel7-v2.1.pdf
2020-11-20Merge pull request #614 from sever-sever/T439Christian Poessinger
policy-conf: T439: Add policy local-route PBR
2020-11-20policy-conf: T439: Add policy local-route PBRsever-sever
2020-11-20tunnel: T3072: remove debug print codeChristian Poessinger
2020-11-20tunnel: T3072: bugfix KeyError for IPv6 GRE verify codeChristian Poessinger
2020-11-20Makefile: T2653: remove ipv6 wireguard nodeChristian Poessinger
2020-11-20wireguard: ifconfig: T2653: interface address is not mandatoryChristian Poessinger
2020-11-20wireguard: T2653: fix IPv6 peer address configurationChristian Poessinger
While migration to get_config_dict() was introduced in commit 789775af9f5 the logic for adding an IPv4 or IPv6 peer address was using the wrong dictionary to determine if it's an IPv4 or IPv6 address. We now use the proper peer dict over the wrong config dict.
2020-11-20wireguard: T3077: automatically create link-local IPv6 adressesChristian Poessinger
link-local addresses can still be disabled using: set interfaces wireguard wg0 ipv6 address no-default-link-local
2020-11-20tunnel: T3072: drop dead codeChristian Poessinger
2020-11-20tunnel: T3072: support changing tunnel encapsulation on-the-flyChristian Poessinger
2020-11-20Merge branch 'tunnel-rewrite' into currentChristian Poessinger
* tunnel-rewrite: tunnel: T3068: automatic generate link-local adresses tunnel: T3072: interfaces used for NHRP can not be deleted tunnel: T3072: xml: harden regex validators tunnel: T3072: migrate to get_config_dict()
2020-11-20tunnel: T3068: automatic generate link-local adressesChristian Poessinger
2020-11-20tunnel: T3072: interfaces used for NHRP can not be deletedChristian Poessinger
2020-11-20tunnel: T3072: xml: harden regex validatorsChristian Poessinger
2020-11-20tunnel: T3072: migrate to get_config_dict()Christian Poessinger
2020-11-19ifconfig: T1405: ensure MAC address is configured firstChristian Poessinger
The MAC address is changed after we have set an IP address on the interface or started dhclient. This will cause some users to receive the wrong IP address on device startup. Change to order of how parameters are set in the system. The interface MAC address is now configured first.
2020-11-19bridge: T3067: Fix VLAN aware setting failure under WLAN (#613)JACK
In the implementation of T3042, it will cause two problems: 1. Even if VLAN awareness is not enabled, the VLAN settings of the vlan filter will be modified. When the bridge member has a WLAN interface, the error is exposed, so repair it here. You should not modify the related settings when the VLAN awareness mode is not enabled 2. Even if VLAN awareness is not enabled, the VLAN settings of the vlan filter will be modified. When the bridge member has a WLAN interface, due to special settings, the bridge mode cannot be entered and the settings cannot be completed directly. Therefore, the WLAN interface should be rejected Enter the bridge with VLAN awareness
2020-11-18Revert "wireless: T2241: add "wds" CLI option"Christian Poessinger
This reverts commit 806f35b5856c3f8dae634718a6a9e82cc90bb63a. Unfortunately this did not work our in the attempt to bridge a station to a bridge "brX" interface. Also adjusting the wireless interface during operation cause several exceptions and the feature is removed again as it was never in any production system.
2020-11-15smoketest: tunnel: local-ip and dhcp-interface can not be used togetherChristian Poessinger
2020-11-15smoketest: tunnel: validate if local/remote address matches proper address ↵Christian Poessinger
family Certain tunnel types require that the local and remote IP is either both IPv4 or IPv6, add a check which ensures that an error is throws if this is not the case.
2020-11-15op-mode: fix "show arp interface" argument levelChristian Poessinger
Commit 84ce69a4 ('op-mode: add "show arp" command') copied the syntax from "show protocols static arp" to "show arp" but the CLI variable reference index was not decreases from 6 to 4 as the CLI level changed for the new command.
2020-11-14openvpn: T2550: default connection protocol to udpChristian Poessinger
setting this to udp will allow both IPv4 and IPv6 connections. According to the MAN page: proto indicates the protocol to use when connecting with the remote, and may be "tcp" or "udp". For forcing IPv4 or IPv6 connection suffix tcp or udp with 4/6 like udp4/udp6/tcp4/tcp6.
2020-11-14Merge pull request #604 from jack9603301/T3042Christian Poessinger
bridge: T3042: Better fix implementation errors
2020-11-14bridge: T3042: Better fix implementation errorsjack9603301
In #601, I provided a basic patch. Under this patch, I rely on vif to detect the vlan id range that the bridge should flow through, which may lead to greater redundancy in the configuration, so I am considering detecting effective vlan filters In setting the range of vlan id that is required to flow through the bridge, I use set() to complete the deduplication of this vlan id and set it to the bridge uniformly (at the same time, I slightly modified the smoke test script)
2020-11-14tuned: T3048: programm proper daemon startupChristian Poessinger
Daemon was only enabled/disabled before and not started/stopped. This has been corrected to start the daemon and wait until startup before sending the configuration profile.
2020-11-14options: keyboard: T3038: use proper XML <defaultValue> over hardcoded ↵Christian Poessinger
Python value We should not use hardcoded Python values whenever possible. vyos.xml provides an abstraction of the XML CLI definitions providing default values from the CLI specified via the <defaultValue> node. This increases consistency among all XML/Python wrappers. Additional small fixes in this commit (besides the bad practice incorporating unrelated changes into the same commit) contain: - Keyboard layout shout be explicitly set for /dev/console - Added missing Debian dependency on console-data - When looking for a key in a dict, we do not need to specify dict.keys()
2020-11-14Merge pull request #610 from vyos/revert-607-T2802Christian Poessinger
Revert "T2802: Tunnel interface does not apply EUI-64 IPv6 Address"
2020-11-14Merge pull request #609 from vyos/revert-603-T3068Christian Poessinger
Revert "T3068: Automatic generation of IPv6 link local addresses for tunnel interfaces"
2020-11-14Revert "T2802: Tunnel interface does not apply EUI-64 IPv6 Address"Christian Poessinger
2020-11-14Revert "T3068: Automatic generation of IPv6 link local addresses for tunnel ↵Christian Poessinger
interfaces"
2020-11-14Merge pull request #608 from DmitriyEshenko/kb-layoutChristian Poessinger
system: T3038: Add keyboard layout CLI command
2020-11-14Merge pull request #607 from ernstjo/T2802Daniil Baturin
T2802: Tunnel interface does not apply EUI-64 IPv6 Address
2020-11-13system: T3038: Add keyboard layout CLI commandDmitriyEshenko
2020-11-13T2802: Tunnel interface does not apply EUI-64 IPv6 Addressernstjo
Generate an IPv6 Link Local address for wireguard interfaces.
2020-11-13Merge branch 't1316-frr-isis' of github.com:c-po/vyos-1x into currentChristian Poessinger
* 't1316-frr-isis' of github.com:c-po/vyos-1x: isis: T1316: refactor config retrieval and Jinja2 template isis: T1316: October steps
2020-11-13isis: T1316: refactor config retrieval and Jinja2 templateChristian Poessinger
Make the entire template code more human readable by denesting it, as there can only be one ISIS daemon instance in FRR.
2020-11-13Merge pull request #602 from DmitriyEshenko/fix-op-rebootChristian Poessinger
powerctl: T3066: Calculate minutes over 60
2020-11-13Merge pull request #603 from ernstjo/T3068Christian Poessinger
T3068: Automatic generation of IPv6 link local addresses for tunnel interfaces
2020-11-13Merge pull request #605 from kroy-the-rabbit/dhlengthChristian Poessinger
T3060: Fixing a backwards check on dh length
2020-11-13Merge pull request #606 from sever-sever/T3060Christian Poessinger
openvpn: T3060: Remote-host is a required param for client
2020-11-13openvpn: T3060: Remote-host is a required param for clientsever-sever
2020-11-13T3060: Fixing a backwares check on dh lengthkroy
2020-11-13Merge branch 'T1316_october' of https://github.com/sever-sever/vyos-1x into ↵Christian Poessinger
t1616-isis * 'T1316_october' of https://github.com/sever-sever/vyos-1x: isis: T1316: October steps
2020-11-13openvpn: T3060: fix CLI to real config mapping for protocol nodeChristian Poessinger
2020-11-13openvpn: T3051: fix smoketestChristian Poessinger
After commit 943a4a50 ("openvpn: T3051: fix creation of ifconfig-pool for client communication") the smoketests had nod been adjusted correctly. This has been fixed.
2020-11-13vyos.template: provide general is_ip(v4|v6) helpersChristian Poessinger
We had two places were the is_ip, is_ipv4 and is_ipv6 helpers had been defined. All places now have been converged into vyos.template as they are used both in the Jinja2 templates and also in our scripts.
2020-11-13openvpn: T3051: fix creation of ifconfig-pool for client communicationChristian Poessinger
2020-11-13T3068: Automatic generation of IPv6 link local addresses for tunnel interfacesernstjo
Better implementation to assign link local addresses automatically because address only assigned to interfaces which supports IPv6 addresses.
2020-11-13T3068: Automatic generation of IPv6 link local addresses for tunnel interfacesernstjo
Tunnel interfaces hot having any IPv6 Link Local address because Linux Kernel does not assign address due to missing MAC. I have implemented a function to generate a linl local address and assign it to the interface. Link local address is required for OSPF and other protocols.