| Age | Commit message (Collapse) | Author | 
|---|
|  |  | 
|  |  | 
|  | VPP: T1797: Optimizations for VPP memory allocation during startup | 
|  | T5314: Fix default QOS classes not getting qdisc | 
|  |  | 
|  |  | 
|  | - modified `sysctl_read()` to return the whole value
- modified `sysctl_write()` logic to return `True` only in case a value was
changed successfully
- added `sysctl_apply()` to apply a dictionary of values at once | 
|  |  | 
|  |  | 
|  | Prevent duplicatte prio fot tc command | 
|  | QoS index priority should be used only for qostype 'shaper'
otherwise we set priority 2 times, that is incorrect.
OSError: [Errno 255] failed to run command:
tc filter add dev eth2 parent 1: prio 5 protocol all prio 1 u32 match ip src 10.1.1.0/24 flowid 1:1e
exit code: 255
Fix it | 
|  | Fix QoS tc class with multiple matches generates one rule but
expects multiple filter rules:
set qos policy shaper test class 23 match one ip protocol 'tcp'
set qos policy shaper test class 23 match two ip protocol 'udp'
tc filter add dev eth0 parent 1: protocol all prio 1 u32 match ip protocol 6 0xff flowid 1:17
tc filter add dev eth0 parent 1: protocol all prio 2 u32 match ip protocol 17 0xff flowid 1:17 | 
|  | tc filter rate limit should be used only if qostype is 'limiter'
and not 'shaper' | 
|  | T1797: Add initial vpp configuration | 
|  | - added extra renaming operation to be sure that interface has the same name as
before in the system after it was moved from VPP to kernel
- added extra check after PCI device removal/adding
- added check for proper `retval` for CPI calls where it is available
- replaced empty return with an error in `_get_pci_address_by_interface()`
because not resolved address will lead to inconsistency of the system later | 
|  |  | 
|  | - added ability to add/remove interfaces without system reboot
- added `attempts` and `interval` to the VPP API connection. This is helpful in
case of high system load or when VPP was just started and API is not yet
available.
- added exceptions to API calls. This allows handling errors in communication
with API properly in conf-mode scripts.
- fixed PCI address search in VPP to match Linux kernel and ethtool style
- fixed systemd daemons control - first reload, then restart
- removed debug prints
- removed `vm.nr_hugepages` configuration. It is not required now but increases
RAM requirements a lot. | 
|  | Use info from both ethtool and VPP to find PCI address for an
interface. | 
|  | Replaced CLI commands with API calls.
CLI commands still can be used via:
```
vpp_control = VPPControl()
vpp_control.cli_cmd('command_here')
``` | 
|  | Add initial configuration mode for VPP (PoC)
set vpp cpu corelist-workers '2'
set vpp cpu main-core '1'
set vpp interface eth1 num-rx-desc '256'
set vpp interface eth1 num-rx-queues '512'
set vpp interface eth1 num-tx-desc '256'
set vpp interface eth1 num-tx-queues '512'
set vpp interface eth1 pci '0000:02:00.0'
set vpp interface eth1 rx-mode 'polling'
set vpp interface eth2 pci '0000:08:00.0'
Limitation:
  - 'set vpp interface ethX pci auto' works only per first
    commit, then interface detached from default stack and creates
    tun interface 'ethX' to communicate with default stack. In this
    case we can't get PCI address via ethtool for 'tun' interfaces.
    But we can set pci address manualy.
  - Interface sync between default stack and VPP-DPDK stack
    After vpp change it doesn't trigger iproute2 for changes
    (should be written later)
I.e. if we change something in vpp per each commit it restarts
vpp.service it gets empty interface config as we don't configure vpp
directly and it should be configured via iproute2
But then if we do any change on interface (for example description)
it gets IP address, MTU, state, etc. | 
|  |  | 
|  | config: T5228: simplify get_config_dict and add argument with_defaults | 
|  | The original implementation of defaults, and workaround required, would
leave an entry {'dhcpv6_options': {'pd': {}}} in the interface_dict. | 
|  |  | 
|  | For those cases not covered by automatic merging of defaults in
get_config_dict(..., with_defaults=True), get_config_defaults should
take arguments consistent with those of get_config_dict, for ease of
merging results. | 
|  |  | 
|  |  | 
|  |  | 
|  | At boot, the util function check_port_availability can return False with
EADDRNOTAVAIL if the interface is not yet up; check explicitly for
address in use. | 
|  | QoS DSCP match is skipped
Add it
set qos policy shaper test class 23 match 10 ip dscp 'network'
tc filter replace dev eth0 parent 1: protocol all u32 match ip dsfield 224 0xff flowid 1:17 | 
|  | T5296: Fix QoS class bandwidth calculation for auto and percent | 
|  | tc filter exepcts protocol number for match instead of protocol name | 
|  |  | 
|  | There are wrong bandwidth calculations for the class
We shouldn't rely on interface speed but we should get this value
from 'shaper <tag> bandwidth xxx' if configured 'auto' or
bandwidth with '%'
Otherwise we can get unexpected rate for the class
  % sudo cat /sys/class/net/eth0/speed
  % -1
generated rate:
  classid 1:17 htb rate -1000000
Fix this | 
|  | config-mgmt: T5297: add check for changes under node between revisions | 
|  |  | 
|  | Do not handle rate via 'tc filter' directly but rather set the
'tc filter' to direct traffic to the correct tc class flow.
As it in 1.3.
It fixes random unexpected shapes, when you set for example 300mbit
but get 3-11mbit
Current implementation seems not correct as it uses rate limits
two times (in class and in filter):
  tc class replace dev eth0 parent 1:1 classid 1:17 htb rate 250000000 \
      burst 15k quantum 1514
  tc filter replace dev eth0 parent 1: protocol all u32 match \
      ip dst 192.168.122.11 action police rate 250000000 burst 15k flowid 1:17
The correct way after fix:
  tc class replace dev eth0 parent 1:1 classid 1:17 htb rate 250000000 \
      burst 15k quantum 1514
  tc filter replace dev eth0 parent 1: protocol all u32 match \
      ip dst 192.168.122.11 flowid 1:17 | 
|  |  | 
|  | change speed/duplex settings
This is the same problem as reported in T4297. By definition it is not possible to change speed and duplex settings at SR-IOV virtual functions driven by ixgbevf driver. I think the solution is the same as well, that is to add 'ixgbevf' into _drivers_without_speed_duplex_flow in /usr/lib/python3/dist-packages/vyos/ethtool.py. It fixed the problem for me with Intel x520 NICs. | 
|  | http-api: T5248: set/load config sections as JSON via API | 
|  | ... this is a step towards a new and better implementation that will utilize
VPP. | 
|  |  | 
|  |  | 
|  | The function 'unsaved_commits' was added in config_mgmt to warn a user
of unsaved commits before commit-confirm, as that entails a possible
reboot. As it has other uses and no dependence on the object itself,
move to module scope. For general use, add simple check for live image
to avoid false positive, due to config migration reformatting. | 
|  | Configtree functions delete/delete_value do not check return value of
libvyosconfig functions; raise error on non-zero return value. | 
|  |  | 
|  | process_named_running() was introduced in commit 16b2fc8fc4ca ("dns-forwarding:
T2298: fix path to control file") and thus remained more or less unchanged.
Smoketests use process_named_running() heavily and might spawn multiple
processes with the same name but ifferent options (e.g. dhcp6c or dhclient) and
it was yet not possible to properly filter on the "real-deal" like the process
bound to a given interface.
One can now optionally specify a string that is searched inside the command
line argument list of the process.
Example:
>>> process_named_running('dhcp6c', 'veth0')
['/usr/sbin/dhcp6c', '-D', '-k', '/run/dhcp6c/dhcp6c.veth0.sock', '-c',
 '/run/dhcp6c/dhcp6c.veth0.conf', '-p', '/run/dhcp6c/dhcp6c.veth0.pid', 'veth0']
4215
>>> process_named_running('dhcp6c', 'veth1')
['/usr/sbin/dhcp6c', '-D', '-k', '/run/dhcp6c/dhcp6c.veth1.sock', '-c',
 '/run/dhcp6c/dhcp6c.veth1.conf', '-p', '/run/dhcp6c/dhcp6c.veth1.pid', 'veth1']
4253
Where the debug list returned is the commandline searched. | 
|  | If non_local=False (default), cli_defined returns True if the node is a
child of the path in interface-definitions; otherwise True if node is a
descendent of the path. | 
|  |  | 
|  | xml: T5218: revise vyos xml lib for bug fixes and extensions |