summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2021-04-15Debian: add missing FRR dependenciesChristian Poessinger
As all routing protocol definitions have been moved from the soon deprecated vyatta-cfg-quagga package to vyos-1x, we also need to take care about all the dependencies. Add missing frr-rpki-rtrlib and frr-snmp dependency and enforce a FRR version of at least 7.5 which holds all the features we currently support.
2021-04-15smoketest: policy: inherit sequence numbersChristian Poessinger
In the vyatta-cfg-quagga days the access-list(6) or prefix-list(6) sequence numbers have been made up artifically. The new implementation from vyos-1x will re-use the rule number specified on the CLI as the sequence number, this we have to alter the tast cases to get a proper match from the beginning - covering both the old and new world. This can be done by using rule numbers that are multiples of 5.
2021-04-15Merge pull request #808 from sever-sever/T2216-smokeChristian Poessinger
containers: T2216: Add smoketest
2021-04-15containers: T2216: Add smoketestsever-sever
2021-04-15bgp: T2771: add vpn, multicast, flowspec address familiesCheeze-It
In this commit we add more address families within BGP. This should bring VyOS the ability to enable the rest of the capabilities within FRR. Co-authored-by: Cheeze_It <none@none.com>
2021-04-15Merge pull request #807 from zdc/T3392-sagittaChristian Poessinger
dhclient: T3392: Changed dhclient-script hooks for VRF
2021-04-15dhclient: T3392: Changed dhclient-script hooks for VRFzsdc
There were two problems with VRF support inside dhclient-script: - VRF check inside the `01-vyos-cleanup` hook was needless because it will be done inside the `03-vyos-ipwrapper` anyway; - VRF was ignored for in-kernel routes in `03-vyos-ipwrapper`. Theoretically, there must be no situation now when this can leads to a real problem, but better will be to keep both kernel and FRR backends in sync. Also, the way to get and use a VRF name was changed to an easier one.
2021-04-14xml: T3475: disable processing of syntaxVersion elementJohn Estabrook
2021-04-14Merge pull request #805 from sever-sever/T3333Christian Poessinger
ipsec: T3333: Fix status for SA state op-mode
2021-04-14policy: T2425: rename files from policy-list to policyChristian Poessinger
2021-04-14ipsec: T3333: Fix status for SA state op-modesever-sever
2021-04-14Merge pull request #804 from zdc/T3471-sagittaChristian Poessinger
dhclient: T3471: Fixed dhclient processes search
2021-04-14dhclient: T3471: Fixed dhclient processes searchzsdc
Since in some cases a dhclient command may not end with an interface name, the way to find out a list of dhclients running for a current interface was replaced to catch PIDs regardless of the exact command syntax.
2021-04-13Debian: T2216: add missing podman dependencyChristian Poessinger
2021-04-13Merge pull request #802 from sever-sever/T3455Christian Poessinger
login: T3455: Fix edit level configuration for user
2021-04-13Merge pull request #801 from sever-sever/T2216-podChristian Poessinger
containers: T2216: Add podman for containers
2021-04-13bgp: T3470: add missing as-override to Jinja2 templateThunderstorm
2021-04-13login: T3455: Fix edit level configuration for usersever-sever
2021-04-12static: T3328: route-map to zebra/kernel can not be removedChristian Poessinger
Removing the Zebra/Linux Kernel route-map added by "set protocols static route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not staticd.
2021-04-12rip: T3328: route-map to zebra/kernel can not be removedChristian Poessinger
Removing the Zebra/Linux Kernel route-map added by "set protocols rip route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not ripd.
2021-04-12isis: T3328: route-map to zebra/kernel can not be removedChristian Poessinger
Removing the Zebra/Linux Kernel route-map added by "set protocols isis route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not isisd.
2021-04-12ospf: T3328: route-map to zebra/kernel can not be removedChristian Poessinger
Removing the Zebra/Linux Kernel route-map added by "set protocols ospf route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not ospfd.
2021-04-12bgp: T3328: route-map to zebra/kernel can not be removedChristian Poessinger
Removing the Zebra/Linux Kernel route-map added by "set protocols bgp route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not bgpd.
2021-04-12containers: T2216: Add podman for containerssever-sever
2021-04-11bgp: T3344: handle FRR vrf daemon configuration more elegantChristian Poessinger
2021-04-11smoketest: temporary disable test for 802.1ad interface ip address assignemntChristian Poessinger
For an unknown reason this regularely fails on the QEMU builds, thus the test for reading back IP addresses is temporary disabled. There is no big deal here, as this uses the same methods on 802.1q and here it works and is verified.
2021-04-10bgp: T3460: add verify() steps for local-as overrideChristian Poessinger
It is only possible to set one local-as override per BGP neighbor/peer-group. In addition to this, the override AS number is not allowed to be the same as the one from the global BGP process. If this would still be the case frr-reload would error out: > frr-reload output: 184 % Cannot have local-as same as BGP AS number
2021-04-10smoketest: configs: add bgp l3vpn evpn PE configurationChristian Poessinger
2021-04-10smoketest: configs: rename BGP related test configsChristian Poessinger
2021-04-09bgp: evpn: T1513: add support for ipv4/ipv6 prefix routes advertisementsChristian Poessinger
set vrf name red protocols bgp address-family l2vpn-evpn advertise ipv4 unicast
2021-04-09op-mode: bgp: add common commands to top level "show bgp" commandChristian Poessinger
2021-04-09op-mode: bgp: support VRF related "show bgp vrf" commandsChristian Poessinger
cpo@PE1:~$ show bgp vrf all Instance default: No BGP prefixes displayed, 0 exist Instance red: BGP table version is 1, local router ID is 10.2.1.1, vrf id 11 Default local pref 100, local AS 100 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 10.2.1.0/24 0.0.0.0 0 32768 ? Displayed 1 routes and 1 total paths Instance blue: BGP table version is 1, local router ID is 10.1.1.1, vrf id 10 Default local pref 100, local AS 100 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 10.1.1.0/24 0.0.0.0 0 32768 ? Displayed 1 routes and 1 total paths
2021-04-09op-mode: bgp: move common includes to include/bgp directoryChristian Poessinger
This change makes it easier to group all BGP related operational level command building blocks in one place.
2021-04-09op-mode: bgp: fix indention of common includeChristian Poessinger
2021-04-09bgp: T1711: remove extra script completion helper on peer-groupsChristian Poessinger
After commit 73557d68 ("bgp: T1711: remove ASN tagNode and move to 'local-as'") when the BGP tag node was removed there is no need anymore for a script based completion helper, we can rather rely on the build in "path" variant.
2021-04-09Merge pull request #791 from jack9603301/T3435Christian Poessinger
nat: op-mode: T3435: Filter extra rules that should not be processed
2021-04-09tunnel: T3030: re-enable erspan version 2 supportChristian Poessinger
This was not possible due to a regression in iproute2 where the erspan_dir key did not have a value. See [1] for more information. [1]: https://lore.kernel.org/netdev/3ac544c09842410fb863b332917a03ad@poessinger.com/
2021-04-09smoketest: bgp: enable peer-group ttl-security tests as this is now implementedChristian Poessinger
2021-04-09bgp: T3463: Jinja2 template re-ordering fir ebgp-requires-policyChristian Poessinger
This is a fix for commit 6f6f45c5 ("bgp: T3463: change no-ipv4-unicast order when applying configuration") as this changed the handling of the "else" path, which lead to failing smoketests as the "no bgp ebgp-requires-policy" option was no longer set.
2021-04-09Merge pull request #800 from c-po/ospf-support-hyphenChristian Poessinger
protocols: fix "bad" design and non working route-maps containing hyphens
2021-04-08bgp: T3463: change no-ipv4-unicast order when applying configurationChristian Poessinger
The "no bgp default ipv4-unicast" option must be applied to FRR before adding any neighbor to the system. If this is not the case, neighbors will start exchanging v4 routes over v6 peers.
2021-04-08bgp: T3464: use common helper functions to verify route-maps and prefix-listsChristian Poessinger
2021-04-08protocols: T3464: proper handling of routing policy configurationChristian Poessinger
The introduction of key_mangling=('-', '_') when working with get_config_dict() caused more harm then good. This commit extends common helpers and adds new helpers when verifying the existence of route-maps, access-lists or prefix-lists.
2021-04-08isis: T2271: zebra route-map can only be set for default VRFChristian Poessinger
2021-04-08ospf: T2271: zebra route-map can only be set for default VRFChristian Poessinger
2021-04-08bgp: T2271: zebra route-map can only be set for default VRFChristian Poessinger
2021-04-08xml: route-map: add missing constraintsChristian Poessinger
Port over the regex used in the old node.def code-base and make this limitation also live on the new CLI interface.
2021-04-08isis: T1316: re-use common route-map XML building blockChristian Poessinger
2021-04-08static: T3280: re-use common route-map XML building blockChristian Poessinger
2021-04-07vrf: T3344: re-add virtual network identifierChristian Poessinger
Commit 548d9057e3e (vrf: T3344: move dynamic routing protocols under "vrf name <name> protocols") temporary removed the possibility to specify the VNI for a given VRF to to changing of the CLI configuration nodes. As VNI is set inside zebra, we can re-use the now widely deployed frr python library to configure and change the configuration without any interference to other FRR daemons.