Age | Commit message (Collapse) | Author |
|
The current implementation for bridge based interfaces has an issue which is
caused by priority inheritance. We always assumed that the bridge interface will
be created last, but this may not be true in all cases, where some interfaces
will be created "on demand" - e.g. OpenVPN or late (VXLAN, GENEVE).
As we already have a bunch of verify steps in place we should not see a bridge
interface leak to the underlaying infrastructure code. This means, whenever an
interface will be member of a bridge, and the bridge does yet not exist, we will
create it in advance in the interface context, as the bridge code will be run
in the same commit but maybe sooner or later.
This will also be the solution for T2924.
|
|
Using an MTU less then the required 1280 bytes (as per RFC) on an interface
where IPv6 is not explicitly disabled by:
- set interfaces ethernet eth1 ipv6 address no-default-link-local
- not having any other IPv6 address configured
Will now trigger a commit error via verify() instead of raising
FileNotFoundError!
|
|
As we already check that a bond/bridge member interface is not a member of any
other bridge or bond, the check must be extended. We also need to ensure that
the bond member interface is not used as a source-interface to pppoe, macsec,
tunnel, pseudo-ethernet, vxlan interfaces.
|
|
|
|
Removing a member from a bond/LACP will turn the physical interface always in
admin-down state. This is invalid, the interface should be placed into the state
configured on the VyOS CLI.
Smoketest on bond interfaces is extended to check this behavior.
|
|
|
|
Further reduce the boiler-plate code to determine interface tag node or not.
It can be passed into get_interface_dict() if explicitly required - else it
is taken from the environment.
|
|
The current VyOS CLI parser code written in Python contains a ton of duplicates
which I can also hold myself accountable for - or maybe mainly me - depends on
the angle of judge.
|
|
bonding: T2527: delete the last interface from bond
|
|
airbag :T2088: make airbag explicit
|
|
airbag must now be explicitly installed.
the patch also allow to fully disables the installation of the logging
code at setup (and not just installing and doing nothing)
|
|
|
|
Some ISPs (e.g. Comcast) only delegate a /64 by default. You have to explicitly
"ask" for a bigger (e.g. /60) prefix. This commit adds a CLI node to request
a specific prefix length in the range 32 - 64.
dhcpv6-options {
prefix-delegation {
length 60
}
}
|
|
Rename the CLI nodes for prefix delegation from "dhcpv6-options delegate
<interface>" to "dhcpv6-options prefix-delegation interface <interface>".
The change is required to add the possibility to request for specific prefix
sized via the CLI. That option was not possible with the old configuration
tree.
|
|
Add support for prefix delegation when receiving the prefix via ethernet,
bridge, bond, wireless.
|
|
This is to remove the amount of duplicated entries in dictionaries. It's one
more part to move to a unified interface management.
|
|
|
|
|
|
We've already verified that all member interfaces don't have any
addresses configured, so it should be safe to simply call 'ip addr flush' on
them to flush the remaining addresses (e.g. IPv6 link-local)
|
|
Previously, set_vrf was always called, which uses the same master and nomaster
commands as bridge, so it removed the interface from the bridge.
- add checks to make VRF and bridge membership mutually exclusive
- always re-add the interface back to any bridge it is part of in
case it is deleted and recreated
|
|
- use is_member function instead of checking config directly
- make error output more user friendly
- replace .format with f-strings
- split into lines less than ~80 characters long
|
|
Bridge members should not have addresses assigned.
|
|
|
|
|
|
- rewrite the function to support both bridge and bonding interface types,
if the type is passed it searches only that type, otherwise it searches
both
- move is_member check out of the deleted condition
- move is_member check to intf_from_dict for interfaces that use it
|
|
This is needed as later functions depend on it
|
|
T2367: flush addresses when adding bond/bridge members
|
|
Any remaining addresses of an interface (e.g. IPv6 link-local) will be flushed
when adding a member.
A direct call to ip is necessary for interfaces not under the Interface class
(e.g. vlan vif*)
|
|
use intf_to_dict and add_to_dict to correctly implement disable.
keeping all interface code with VLAN the same.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Break the code between v4 and v6, remove need for getter/setter
as they are just exposing the underlying dict.
Move FixedDict from tunnel code and expose it to other part so
it can be used to prevent accidental change to the dhcp option if
no default exists already.
|
|
os.system does print the ouput of the command, run() does not.
A new function called call() does the printing and return the error code.
|
|
Interfaces enslaved to a bridge are not allowed to be deleted. If an interface
is deleted from the config but it is still enslaved to a bridge will cause a
configuration error on the subsequent boot.
|
|
As little change a possible but the function call
The behaviour should be totally unchanged.
|
|
|
|
Autoconfigure addresses using Prefix Information in Router Advertisements.
|
|
|
|
... to new XML and Python based frontend/backend.
|
|
The Interface get_state/set_state were not clear about
if they edited the admin or operational state.
functions are now using admin_state and oper_state
for clarity.
|
|
|
|
|
|
|
|
os.environ['VYOS_TAGNODE_VALUE']
This has been only a theoretical problem but then the error condition was
triggered - only an error has been printed instead of raising an Exception.
|
|
THe delta check/calculation always returned False on system startup leading
to a non functioning bond interface after a reboot as no physical interface
actually enslaved.
This was fixed by not calculating the current enslaved interfaces from
the existing config but rather retrieving the interfaces from sysfs.
|
|
|