summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2021-03-04tunnel: T3381: fix error when switching from mGRE to GRE modeChristian Poessinger
Linux does not support changing the remote address from any (multipoint GRE as used by DMVPN) to a discrete remote address. THis will return an error: add tunnel "tun1" failed: Invalid argument This can be handled by detecting the mGRE -> GRE change and re-create the tunnel silently.
2021-03-03tunnel: T2966: add ip6gretap encapsulation supportChristian Poessinger
2021-03-03op-mode: evpn: T1513: add show commandsChristian Poessinger
2021-03-03op-mode: bgp: T1513: extend evpn show commandsChristian Poessinger
2021-03-03smoketest: geneve: remove debug statementChristian Poessinger
2021-03-03Merge branch 'T3379' of https://github.com/sever-sever/vyos-1x into currentChristian Poessinger
* 'T3379' of https://github.com/sever-sever/vyos-1x: dhcpv6-server: T3379: Add option global-parameters name-server
2021-03-03geneve: T1799: add additional per tunnel optionsChristian Poessinger
Support setting additional options to the GENEVE tunnel like: - ttl - tos - do not fragment bit - ipv6 flowlabel
2021-03-03smoketest: vxlan: extend testcase to verify additional tunnel parametersChristian Poessinger
Verify proper configuration of VXLAN parameters for - source-interface - source-address - remote - vni - group Before it was only verified if the VXLAN tunnel interface was configured at all but not if the parameters are correct, too.
2021-03-02dhcpv6-server: T3379: Add option global-parameters name-serversever-sever
2021-03-02Merge pull request #757 from sever-sever/T3357Christian Poessinger
op-mode: T3357: Fix show_interfaces bug with tunnels
2021-03-02op-mode: T3357: Fix show_interfaces bug with tunnelssever-sever
2021-03-01Merge pull request #755 from sever-sever/T3353Christian Poessinger
pppoe: T3353: Remove regex for listen interface vlan-id
2021-03-01smoketest: vif: T3349: derive test_vif_8021q_lower_up_down for bridgeChristian Poessinger
Commit 49bc3f1e ("vif: T3349: use fixed ordering when enabling parent and child interface") also shipped a smoketest to verify the functionality of the parent admin up/down problematic from T3349. The generic testcase failed for the VLAN aware bridge as vlan-awarenes was not turned on.
2021-03-01pppoe: T3353: Fix regex for listen interface vlan-idsever-sever
2021-02-28vif: T3349: use fixed ordering when enabling parent and child interfaceChristian Poessinger
When a VIF/VLAN interface is placed in admin down state but the lower interface, serving the vlan, is moved from admin down -> admin up, all its vlan interfaces will be placed in admin up state, too. This is bad as a VLAN interface will become admin up even if its specified as admin down after a reboot. To reproduce: set interfaces ethernet eth1 vif 20 disable set interfaces ethernet eth1 disable commit delete interfaces ethernet eth1 disable commit Now check the interface state and it returns UP,LOWER_UP 7: eth1.20@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 00:50:56:b3:09:07 brd ff:ff:ff:ff:ff:ff inet6 fe80::250:56ff:feb3:907/64 scope link valid_lft forever preferred_lft forever
2021-02-28vyos.util: provide single implementation for get_json_iface_options()Christian Poessinger
There had been four implementations of "ip -d -j link show interface" scattered accross the codebase. Those implementations have now been combined into a new helper: vyos.util.get_json_iface_options()
2021-02-28vxlan: T1513: add dont-fragment CLI optionChristian Poessinger
2021-02-28l2tpv3: T3366: migrate local-ip and remote-ip CLI optionsChristian Poessinger
Rename CLI options local-ip to source-address and remote-ip to remote to get a consistent CLI experience for the user.
2021-02-28Merge pull request #754 from sever-sever/T3353Christian Poessinger
pppoe: T3353: Modify template for vlan-mon and interface
2021-02-28pppoe: T3353: Modify template for vlan-mon and interfacesever-sever
2021-02-28validators: fqdn: T3370: support "private" or "local" domain namesChristian Poessinger
2021-02-28vxlan: T3369: add underlay IPv6 supportChristian Poessinger
2021-02-28Merge pull request #747 from c-po/vxlan-tunnel-parametersChristian Poessinger
vyos.ifconfig: cleanup and tunnel refactoring
2021-02-28macsec: T3368: add support for gcm-aes-256 cipherChristian Poessinger
2021-02-28tunnel: T3366: rename remote-ip to remoteChristian Poessinger
Streamline the CLI configuration where we try to use remote on other interfaces like vxlan, geneve.
2021-02-28tunnel: T3366: rename local-ip to source-addressChristian Poessinger
Streamline the CLI configuration where we try to use source-address when creating connections which are especially sourced from a discrete address.
2021-02-28tunnel: T3364: rename encapsulation mode "gre-bridge" to "gretap"Christian Poessinger
The following list shows the mapping of VyOS tunnel encapsulation modes to the corresponding Linux modes. VyOS Linux gre gre gre-bridge gretap ipip ipip ipip6 ipip6 ip6ip6 ip6ip6 ip6gre ip6gre sit sit Besides gre-bridge this is pretty consistent. As bridge interfaces are also called tap interfaces gre-bridge will be renamed to gretap to make the post-processing much easier. This means (in detail) that there are no more child classes of _Tunnel and there will be now one geneirc TunnelIf class handling all sorts of encapsulation.
2021-02-28vxlan: T1513: add additional EVPN related CLI optionsChristian Poessinger
A VXLAN tunnel may now get a TTL, TOS, Flowlabel option specified. It is also possible to disable learning of unknown addresses into the forwarding database.
2021-02-28vyos.ifconfig: T1579: remove calls to vyos.ifconfig.Interface.get_config()Christian Poessinger
Interface.get_config() was always a pure helper which exposed a "per interface type" dictionary which was then fed by the caller to create interfaces by iproute2 which required additional options during creation time. Such interfaces had been: * tunnel * vxlan * geneve * macsec * wifi * macvlan / pseudo-ethernet The code was always duplicated to convert from the VyOS CLI based get_config_dict() to a dict which can be used to feed iproute2. This path has been removed and we now always feed in the entire dictionary retrieved by get_config_dict() or in the interfaces case, it's high-level wrapper get_interface_dict() to the interface we wan't to create. This also adds the - personally long awaited - possibility to get rid of the derived tunnel classes for e.g. GRE, IPIP, IPIP6 and so on.
2021-02-27Merge pull request #753 from sever-sever/T3365Christian Poessinger
bgp: T3365: Fix frr template for interface remote-as
2021-02-27bgp: T3365: After commit bf9c914 config interface become out of the checksever-sever
2021-02-27Merge pull request #752 from sever-sever/T3365Christian Poessinger
bgp: T3365: Fix remote-as ordering for neighbor
2021-02-27Merge pull request #751 from sever-sever/T3225Christian Poessinger
bgp: T3225: is_addr_assigned should check only ipv4 ipv6 neighbors
2021-02-27bgp: T3225: is_addr_assigned should check only ipv4 ipv6 neighborssever-sever
2021-02-27bgp: T3365: Fix remote-as ordering for neighborsever-sever
2021-02-27smoketest: bgp: T2100: fix "simple" testcase for ebgp-requires-policyChristian Poessinger
Commit 4bf55f97 ("BGP: T2100: Adding RFC8212 option toggle.") added a CLI option to enable RFC8212 ebgp-requires-policy checks. The extended smoketests assumed that this will lead to an FRR configuration line of "bgp ebgp-requires-policy" - which is not the case as this is a default option and FRR hides default options from the config. In order to properly verify this functionality we must conduct the negative test and ensure the option is not present in the CLI at all.
2021-02-27Merge pull request #750 from sever-sever/T3320Christian Poessinger
bgp: T3320: Add checks for peer-group
2021-02-26bgp: T3320: Add checks for peer-groupsever-sever
2021-02-26Merge pull request #744 from Cheeze-It/currentChristian Poessinger
bgp: T2100: Changing RFC8212 behavior and option toggle
2021-02-26Merge pull request #749 from sever-sever/T3225Christian Poessinger
bgp: T3225: Move is_addr_assigned check to neighbor
2021-02-26bgp: T3225: Move is_addr_assigned check to netighborsever-sever
2021-02-26BGP: T2100: Adding RFC8212 option toggle.Cheeze_It
In this commit we add the default operation within BGP to have RFC8212 disabled for eBGP routes. This default should preserve the normal behavior for VyOS from earlier releases of FRR to the current latest release. Another option that we add is the ability to toggle whether or not RFC8212 is enabled or disabled.
2021-02-26Merge pull request #748 from sever-sever/T3225Christian Poessinger
bgp: T3225: Checks if neighbor configured as system address
2021-02-26bgp: T3225: Checks if neighbor configured as system addresssever-sever
2021-02-26https: T3357: redirect http request on non-standard https portJohn Estabrook
2021-02-26Merge pull request #746 from sever-sever/T3324Christian Poessinger
bgp: T3324: Add checks for peer password
2021-02-26bgp: T3324: Add checks for peer passwordsever-sever
2021-02-26Merge pull request #745 from sever-sever/T3323Daniil Baturin
bgp: T3323: Add verify for ttl-security and ebgp-multihop
2021-02-26bgp: T3323: Add verify for ttl-security and ebgp-multihopsever-sever
2021-02-25configd: T3302: set mode correctly on open for redirectJohn Estabrook