Age | Commit message (Collapse) | Author | |
---|---|---|---|
2021-01-02 | vrf: T2321: assign loopback IP addresses to individual VRF interfaces | Christian Poessinger | |
47: bar: <NOARP,MASTER,UP,LOWER_UP> mtu 65536 qdisc noqueue state UP group default qlen 1000 link/ether 76:7d:c0:53:6d:89 brd ff:ff:ff:ff:ff:ff inet 127.0.0.1/8 scope host bar valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever | |||
2020-08-31 | configd: T2582: add scripts to include list for daemon | John Estabrook | |
2020-07-04 | cleanup: no need to call sudo for configuration mode scripts | Christian Poessinger | |
2020-07-01 | config: T2667: adapt for refinements to get_config_dict | John Estabrook | |
2020-05-29 | airbag: T2088: explicit enabling of the feature | Thomas Mangin | |
airbag must now be explicitly installed. the patch also allow to fully disables the installation of the logging code at setup (and not just installing and doing nothing) | |||
2020-04-12 | template: T2230: use render to generate templates | Thomas Mangin | |
convert all call to jinja to use template.render | |||
2020-04-08 | vrf: add additional documentation link | Christian Poessinger | |
2020-04-06 | util: T2206: rewrite vrf to cmd | Thomas Mangin | |
2020-04-05 | vrf: T2230: move inlined templates to dedicated files | Christian Poessinger | |
2020-04-04 | vrf: T2221: when deleting vrf also delete unreachable route | Christian Poessinger | |
If the unreachable routes for IPv4 and IPv6 are not deleted, there will be an error when creating the same VRF again after removal. Error changing VRF: Command '['sudo', 'ip', '-4', 'route', 'del', 'vrf', 'Blue', 'unreachable', 'default', 'metric', '4278198272']' returned non-zero exit status 2. | |||
2020-04-04 | vrf: T2221: only set l3mdev when changed | Christian Poessinger | |
2020-03-29 | vrf: T31: bugfix after converting remove list to dict | Christian Poessinger | |
The list of VRFs to remove has been converted to a dict. The deletion of a VRF was no longer triggered as the logic still thought it is a list. | |||
2020-03-07 | vrf: T31: move to Python3 f-strings where possible | Christian Poessinger | |
2020-03-07 | vrf: T31: ensure VRF can not be deleted with an attached routing protocol | Christian Poessinger | |
2020-03-07 | vrf: T31: rephrase error messages | Christian Poessinger | |
2020-03-07 | vrf: T31: reuse Config in interfaces_with_vrf() | Christian Poessinger | |
2020-03-07 | vrf: T31: properly set configuration level when parsing | Christian Poessinger | |
2020-03-05 | vrf: T31: improve kernel rule lookup table code | Christian Poessinger | |
2020-03-05 | vrf: T31: modify kernel rule lookup table only once | Christian Poessinger | |
2020-03-05 | vrf: T31: add more documentation links | Christian Poessinger | |
2020-03-05 | vrf: T31: use subprocess check_output over check_call | Christian Poessinger | |
2020-03-05 | vrf: T31: routing table IDs must be unique | Christian Poessinger | |
2020-03-05 | vrf: T31: use vyos.ifconfig to set ifalias | Christian Poessinger | |
2020-03-05 | vrf: T31: table id is mandatory | Christian Poessinger | |
2020-03-04 | vrf: T31: remove pass in exception handler | Christian Poessinger | |
2020-03-04 | vrf: T31: reorder routing table lookups | Christian Poessinger | |
Linux routing uses rules to find tables - routing targets are then looked up in those tables. If the lookup got a matching route, the process ends. TL;DR; first table with a matching entry wins! You can see your routing table lookup rules using "ip rule", sadly the local lookup is hit before any VRF lookup. Pinging an addresses from the VRF will usually find a hit in the local table, and never reach the VRF routing table - this is usually not what you want. Thus we will re-arrange the tables and move the local lookup furhter down once VRFs are enabled. | |||
2020-03-04 | vrf: T31: adding unreachable routes to the routing tables | Christian Poessinger | |
2020-03-04 | vrf: T31: prior to the v4.8 kernel iif and oif rules are needed | Christian Poessinger | |
.. we run on 4.19 thus this is no longer needed. | |||
2020-03-04 | vrf: T31: create iproute2 table to name mapping reference | Christian Poessinger | |
2020-03-04 | vrf: T31: rename 'vrf disable-bind-to-all ipv4' to 'vrf bind-to-all' | Christian Poessinger | |
By default the scope of the port bindings for unbound sockets is limited to the default VRF. That is, it will not be matched by packets arriving on interfaces enslaved to an l3mdev and processes may bind to the same port if they bind to an l3mdev. TCP & UDP services running in the default VRF context (ie., not bound to any VRF device) can work across all VRF domains by enabling the 'vrf bind-to-all' option. | |||
2020-03-04 | vrf: T31: support add/remove of interfaces from vrf | Christian Poessinger | |
2020-03-04 | vrf: T31: remove superfluous vyos.vrf library functions | Christian Poessinger | |
vyos.vrf.list_vrfs() was only used in one function thus building a library is no longer needed. If it is needed in the future it should be placed into a library again. | |||
2020-03-04 | vrf: T31: reduce script complexity | Christian Poessinger | |
Keep it simple and stupid :) | |||
2020-03-04 | vrf: T31: no need to use sudo calls in vrf.py | Christian Poessinger | |
All configuration mode scripts are already run with sudo. | |||
2020-03-04 | vrf: T31: initial support for a VRF backend in XML/Python | Thomas Mangin | |
This is a work in progress to complete T31 whoever thought it was less than 1 hour of work was ..... optimistic. Only VRF vreation and show is supported right now. No interface can be bound to any one VRF. |