summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2021-03-23configd: T3426: correct pass_through function for scripts with argsJohn Estabrook
2021-03-23configd: T3426: check script name against include_set, not exclude_setJohn Estabrook
If the script name is mangled, for any reason (e.g. missing support for script arguments) checking against the exclude_set will yield a false positive; check against the include_set, even if this is a longer search.
2021-03-23vyos.configd: T3423: exclude bgp, isis, ospf and static protocols from ↵Christian Poessinger
processing vyos-configd does yet not support calling a script with a passed argument, thus we will exclude the routing protocols during this time from the vyos-configd processing.
2021-03-23vyos.util: dict_search() should not throw exception when inputs are NoneChristian Poessinger
2021-03-23vrf: T31: bump priority to 299 - still before any interface or serviceChristian Poessinger
2021-03-22Merge pull request #781 from erkin/currentChristian Poessinger
util: T3419: Handle IP addresses with netmasks and subnet prefixes in strip-private
2021-03-22configd: T3302: check vyos-config-status to determine if in boot sessionJohn Estabrook
2021-03-22Merge pull request #780 from jestabro/configqueryJohn Estabrook
configquery: T3402: add library for querying config values from op mode
2021-03-22util: T3419: Handle IP addresses with netmasks and subnet prefixes in ↵erkin
strip-private
2021-03-21configquery: T3402: add library for querying config values from op modeJohn Estabrook
A small library that allows querying existence or value(s) of config settings from op mode, and execution of arbitrary op mode commands.
2021-03-21Merge pull request #779 from c-po/isis-vrfChristian Poessinger
ISIS: add VRF support
2021-03-21op-mode: add "show zebra" commands to query RIB informationsChristian Poessinger
2021-03-21Merge pull request #778 from sever-sever/T3403Christian Poessinger
op-mode: T3403: Fix show pppoe sessions interupt
2021-03-21isis: T3417: drop artificial "domain" node identifying the IS-IS process nameChristian Poessinger
As we and FRR do not support multiple FRR process instances, there is no need to make this configurable for a user. We rather rely on a solid default "VyOS".
2021-03-21isis: T3417: ad per vrf op-mode commandsChristian Poessinger
2021-03-21isis: T3417: last byte of IS-IS network entity title must always be 0Christian Poessinger
2021-03-21isis: T3417: add workaround for FRR issueChristian Poessinger
We need to adjust the regex pattern for the default VRF as a trailing whitespace is required due to an FRR issue: https://github.com/FRRouting/frr/issues/8300
2021-03-21isis: T3417: verify route-map used in redistribute existsChristian Poessinger
2021-03-21isis: T3417: cleanup verify()Christian Poessinger
2021-03-21validate: T3418: interface-name should also allow all local present interfacesChristian Poessinger
The regex only validated interfaces according to the VyOS naming scheme, but third party interfacs that are legit (e.g. exists within the kernel) failed to validate. The validator now also supports any kind of local interfaces attached to the OS kernel.
2021-03-21ospf: vrf: T2271: ease FRR interaction for config reloadChristian Poessinger
Instead of multiple if/else paths, use a common vrf string variable which is either populated or not. In addtion when interfaces are configured for a given VRF, harden the regex for config reload.
2021-03-21isis: T3417: add VRF supportChristian Poessinger
VRF support can be tested using: set vrf name red table 1000 set vrf name red protocols isis domain FOOO set vrf name red protocols isis net 49.0001.1921.6800.1002.00 set vrf name red protocols isis interface eth1
2021-03-21smoketest: add initial IS-IS testcaseChristian Poessinger
2021-03-21isis: T3417: move from cli tagNode to nodeChristian Poessinger
As there can only be one running IS-IS process (FRR limitation) there is no need in having a tagNode here. This adds artifical restrictions/limitations when moving on to support VRFs for IS-IS protocol.
2021-03-21smoketest: config: add IS-IS example configurationChristian Poessinger
2021-03-21vrf: ospf: T2271: comment cleanupChristian Poessinger
2021-03-21policy: xml: T2425: add missing priority tagsChristian Poessinger
2021-03-21xml: isis: ospf: re-arrange include blocksChristian Poessinger
2021-03-21ntp: T3416: fix op-mode commands when running inside VRFChristian Poessinger
When NTP is executed inside a VRF context, we also must execute the op-mode commands inside the given VRF. This is a workaround until the op-mode programming library from T3402 is available.
2021-03-20op-mode: T3403: Fix show pppoe sessions interuptsever-sever
2021-03-20smoketest: config: evpn: move NTP into MGMT vrfChristian Poessinger
Within this example a MGMT VRF is used to administer the system, thus also move the NTP portion into that VRF.
2021-03-19bridge: T3415: add port isolation / private-vlan optionChristian Poessinger
Private VLAN, also known as port isolation, is a technique in computer networking where a VLAN contains switch ports that are restricted such that they can only communicate with a given "uplink". The restricted ports are called "private ports". Each private VLAN typically contains many private ports, and a single uplink. The uplink will typically be a port (or link aggregation group) connected to a router, firewall, server, provider network, or similar central resource. Q: https://en.wikipedia.org/wiki/Private_VLAN
2021-03-19isis: T2495: add missing priority nodeChristian Poessinger
2021-03-19ripng: T3281: add missing priority nodeChristian Poessinger
2021-03-19rip: T2547: add missing priority nodeChristian Poessinger
2021-03-18Revert "udev: T3063: drop special WWAN rule for Sierra Wireless cards"Christian Poessinger
Turns out we still need it, else a MC7710 card won't work on an APU4 device. This reverts commit f9e0fb6bffd41c143ff5454c3b73cca4a588ca86.
2021-03-17Merge pull request #776 from jack9603301/T2518Christian Poessinger
nat66: T2518: Correct the wrong logic
2021-03-17vyos.configverify: T3344: verify_vrf() must handle "default" VRFChristian Poessinger
We can leak routes back to the default VRF, thus the check added by commit 9184dfb5 ("static: vrf: T3344: add target vrf verify()") must have a "bail out" option when one want's to leak routes into the default VRF.
2021-03-17smoketest: static: add required vrf to setUp()Christian Poessinger
When we leak routes to a VRF it is verified that the target VRF actually exists.
2021-03-17vrf: T3344: adjust routing protocol priorities to be +1 after default VRFChristian Poessinger
2021-03-17static: T3280: add missing and required priority xml node to avoid racesChristian Poessinger
2021-03-17smoketest: remove failfast=True as debug leftoverChristian Poessinger
2021-03-17ipv6: eui64: T3413: add custom validatorChristian Poessinger
VyOS 1.2 (crux) rejected prefixes other then of site /64. [ interfaces ethernet eth0 ipv6 address eui64 2006:ab00:abe1::2/127 ] Error: Prefix lenght is 127. It must be 64. Same should be done on VyOS 1.3 and newer
2021-03-17ipv6: eui64: T3413: improve valueHelp string for address assignmentChristian Poessinger
2021-03-17static: vrf: T3344: add target vrf verify()Christian Poessinger
When leaking routes to a VRF ensure that the VRF we are leaking to exists.
2021-03-17vrf: T31: ignore iproute2 errorsChristian Poessinger
Re-issuing the same iproute2 commands can lead to errors, simply ignore them and not raise a Python exception.
2021-03-17vrf: ospf: T2271: when removing the entire process cleanup all interfacesChristian Poessinger
During assembly of the required config changes we also must move the interfaces_removed assignemnt to an earlier stage so the value is also populated when the entire process is removed to cleanup all remaining OSPF process assigned interfaces. This was yet not the case and when deleting OSPF I still got my "interface eth0" with the area key configured.
2021-03-17smoketest: add shim for every test to re-use common tastsChristian Poessinger
Currently every smoketest does the setup and destruction of the configsession on its own durin setUp(). This creates a lot of overhead and one configsession should be re-used during execution of every smoketest script. In addiion a test that failed will leaf the system in an unconsistent state. For this reason before the test is executed we will save the running config to /tmp and the will re-load the config after the test has passed, always ensuring a clean environment for the next test.
2021-03-17nat66: T2518: Modify NAT ruleid acquisition methodjack9603301
2021-03-17nat66: T2518: use Python3 format identifiersjack9603301