| Age | Commit message (Collapse) | Author |
|---|
|
allows utilizing ssh-agent and other environment-variable-based behavior
customizations
|
|
NHRP migration to FRR
|
|
T7016: Simplify logic for force deleting dynamic IPv4 address from interface
|
|
Under very rare cases we can run into a race condition where interfaces are
still in creation phase but are already referenced..
This can trigger:
File "/usr/libexec/vyos/conf_mode/system_conntrack.py", line 270, in <module>
apply(c)
File "/usr/libexec/vyos/conf_mode/system_conntrack.py", line 249, in apply
call_dependents()
File "/usr/lib/python3/dist-packages/vyos/configdep.py", line 147, in call_dependents
f()
File "/usr/lib/python3/dist-packages/vyos/configdep.py", line 118, in func_impl
run_config_mode_script(script, config)
File "/usr/lib/python3/dist-packages/vyos/configdep.py", line 106, in run_config_mode_script
mod.verify(c)
File "/usr/libexec/vyos//conf_mode/service_conntrack-sync.py", line 72, in verify
if len(get_ipv4(interface)) < 1:
^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/vyos/template.py", line 458, in get_ipv4
return Interface(interface).get_addr_v4()
^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/vyos/ifconfig/interface.py", line 334, in __init__
if not self.iftype:
^^^^^^^^^^^
AttributeError: 'Interface' object has no attribute 'iftype'
This commit removes the code path in question and the class attribute check.
The reason for the iftype attribute in the past was a common _create() method
serving for all interface types. As we already have a lot of derived
implementations and not all honor the classes iftype/type member - or even
worse honor it only in 50% of the occurrences it's time to drop it.
|
|
utils: T6975: Add 'vrf' and 'netns' arguments to functions in 'vyos.utils.process'
|
|
|
|
'vyos.utils.process'
|
|
interfaces attached to VRFs
|
|
|
|
The reason is that DHCP routes are not re-generated during FRRrender as long
as there is no protocols static entry in the configuration at all. Move out the
DHCP configuration read-in from the static section.
|
|
* smoketest: T6746: add substring search in getFRRconfig()
Some daemons (e.g. bgpd) have several nested substrings/sections like
router bgp 100
address-family ipv4 unicast
..
exit-address-family
exit
We can now use getFRRconfig() with the substring option to extract only
address-family ipv4 unicast
..
exit-address-family
Making config validation more granular
* frrender: T6746: only re-render FRR config if config_dict did change
* frrender: T6746: fix naming glitch isis/eigrp
* frrender: T6746: add --stdout option when running with debug flags
* smoketest: T6746: remove unneeded commit_guard time
It was an invalid workarround as the underlaying issue seems to be a race
condition in CStore.
The commit process is not finished until all pending files from
VYATTA_CHANGES_ONLY_DIR are copied to VYATTA_ACTIVE_CONFIGURATION_DIR. This is
done inside libvyatta-cfg1 and the FUSE UnionFS part. On large non-interactive
commits FUSE UnionFS might not replicate the real state in time, leading to
errors when querying the working and effective configuration.
TO BE DELETED AFTER SWITCH TO IN MEMORY CONFIG
|
|
|
|
|
|
From time to time integration tests fail as the DHCP assigned IP address is not
removed in time then dhclient stops. Add an explicit code path cleaning dynamic
assigned addresses from interface when disabling DHCP - if such a dynamic
address is remaining.
======================================================================
FAIL: test_dhcp_vrf (__main__.EthernetInterfaceTest.test_dhcp_vrf)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/libexec/vyos/tests/smoke/cli/test_interfaces_ethernet.py", line 72, in tearDown
self.assertNotIn(AF_INET, ifaddresses(interface))
AssertionError: 2 unexpectedly found in {17: [{'addr': '52:54:00:00:00:00',
'broadcast': 'ff:ff:ff:ff:ff:ff'}], 2: [{'addr': '192.0.2.103', 'netmask': '255.255.255.0',
'broadcast': '192.0.2.255'}], 10: [{'addr': 'fe80::5054:ff:fe00:0%eth0',
'netmask': 'ffff:ffff:ffff:ffff::/64'}]}
|
|
pppoe: T6930: Remove unnecessary code
|
|
In case of changes in config that require reconnect PPPoEIF.remove() function is called and old default routes are removed. So we do not need to do it once again.
|
|
frrender: T6746: runtime improvements
|
|
File "/usr/lib/python3/dist-packages/vyos/ifconfig/interface.py", line 342
if not self.iftype:
^^^^^^^^^^^
AttributeError: 'Interface' object has no attribute 'iftype'
|
|
Keep all FRRender stuff in one place.
|
|
op_mode: T6767: Check latest image version in VRF context for "add system image latest vrf <name>"
|
|
T6874: [QoS] Add class filter by ether
|
|
Previously the FRR configuration was rendered via Jinja2 on every call to
get_frrendet_dict() - but it was used/applied only once.
We save the CPU cycles and render the FRR configuration only once prior to
applying it in FRR.
|
|
|
|
Always evaluate if the debug file exsits and not once during module init. Thus
we can always eanble/disable FRR command debugging during runtime even under
vyos-configd.
|
|
* frr-10:
op-mode: T6746: add "show log frr" and "monitor log frr" commands
frrender: T6746: do not render candidate FRR config to running FRR config file path
frrender: T6746: ensure there are no empty lines in the rendered FRR configuration
bgp: T6746: remove debug code
|
|
Implement a command to configure QoS policy filters by ether properties.
The supported match types include:
- Destination: Specify the Ethernet destination address.
- Protocol: Define the Ethernet protocol.
- Source: Set the Ethernet source address.
`set qos policy <type> <name> class <id> match <match-id> ether <destination|protocol|source> <val>`
|
|
file path
|
|
configuration
|
|
T6799: QoS: Improve Priority-Queue Policy
|
|
Do not use custom daemon definitions like bgpd - re-use them from e.g.
vyos.frrender.bgp_daemon
|
|
|
|
|
|
VNI was always retrieved via effective configuration and not active
configuration.
|
|
FRR 10.2 will use "[no] ip forwarding" and "[no] ipv6 forwarding" to enable or
disable IP(v6) forwarding. We no longer rely on sysctl as this was overridden
by FRR later on.
Remove code path for sysctl setting and solely rely on FRR.
|
|
|
|
When running under vyos-configd only a single apply() is done as last step in
the commit algorithm. FRRender class address is provided via an attribute from
vyos-configd process.
|
|
A lot of services have dynamic debug capabilities which will be turned on by
creating a file in /tmp. These scripts have the path hardcoded and sometimes
accross multiple places (bad).
This commit introduces vyos.defaults.frr_debug_enable to get the path for the
debug file from a single location.
|
|
With FRR 10.0 daemons started to be migrated to integrated FRR mgmtd and a
northbound interface. This led to some drawbacks in the current state how
changes to FRR are handled. The current implementation will use frr-reload.py
and specifies excatly WHICH daemon needs a config update and will only replace
this part inside FRR.
With FRR10 and mgmtd when a partial configuration is sent to mgmtd, it will
remove configuration parts from other daemons like bgpd or ospfd which have
not yet been migrated to mgmtd.
It's not possible to call frr-reload.py with daemon mgmtd - it will error out.
This commit will also change the CLI for static routes:
CLI command "set protocols static route 10.0.0.0/8 next-hop 1.2.3.4 bfd multi-hop
source 1.1.1.1" will be split into:
* set protocols static route 10.0.0.0/8 next-hop 1.2.3.4 bfd source-address 1.1.1.1
* set protocols static route 10.0.0.0/8 next-hop 1.2.3.4 bfd multi-hop
To make the XML blocks reusable, and comply with the FRR CLI - this was actually
a wrong implementation from the beginning as you can not have multiple BFD
source addresses.
CLI command "set protocols static route 10.0.0.0/8 next-hop 1.2.3.4 bfd multi-hop
source 1.1.1.1 profile bar" is changed to:
* set protocols static route 10.0.0.0/8 next-hop 1.2.3.4 bfd profile bar
CLI commands "set protocols static multicast interface-route" is moved to:
* set protocols static multicast route <x.x.x.x/x> interface
To have an identical look and feel with regular static routes.
|
|
|
|
image latest vrf <name>"
|
|
- Fixed handling of flow isolation parameters.
- Corrected support for `nat` and `nonat` in flow isolation.
- Extended RTT values to cover the full range supported by `tc`.
|
|
|
|
As we are generating the reference tree from the XML definitions during
build, save an internal representation for vyconfd to load on startup.
|
|
Adjust signature of reference_tree_to_json for change in the ctypes
binding.
|
|
The maximun value theat could be written for the 'rpc_cpu'
is 4294967295 or 0xffffffff in the chunk splitted by commas
|
|
|
|
T264: IPsec add base64 encoded secret-type feature
|
|
|
|
Add the ability to configure base64 encoded passwords for
VPN IPSec site-to-site peers
authentication psk PSK secret 'xxxxx=='
authentication psk PSK secret-type <base64|plaintext>
|
|
- Removed default `m1` and `m2` values from interface definitions
- Adjusted filter priorities for shapers
- Fixed SFQ qdisc and HFSC class creation to fully support `m1`, `d`, and `m2` parameters
- Added validation logic similar to VyOS 1.3 to improve error handling and user experience
|
