summaryrefslogtreecommitdiff
path: root/src/conf_mode
AgeCommit message (Collapse)Author
2021-05-15dhcp-server: T3544: fix FileNotFoundError on first invokationChristian Poessinger
The problem of using the move() operation over render() is that render will silently create the directory tree in the background and move() does not. This means that on first boot when /run/dhcp-server does not exist, move will fail with a FileNotFoundError. Instead of using move() we render() the configuration two times, one for validating it via dhcpd -t and the other time to really apply it to the service. The performance impact should be little as the config should still be cached in the system RAM.
2021-05-15conntrack: T3535: add keepalived notifications for node transitionsChristian Poessinger
2021-05-14conntrack: T3535: check for VRRP group definitionChristian Poessinger
2021-05-14conntrack: T3535: migrate codebase from vyatta-conntrack-syncChristian Poessinger
2021-05-13dhcp-server: T3544: test config in IPv4 mode onlyChristian Poessinger
2021-05-13dhcp-server: T3544: test newly rendered configuration before restarting daemonChristian Poessinger
The current DHCP server implementation comes with options (see below) which allow the user to pass in any arbitrary option(s) in a verbatim way which will manifest in dhcpd.conf. The options are: * set service dhcp-server global-parameters * set service dhcp-server shared-network-name foo shared-network-parameters * set service dhcp-server shared-network-name foo subnet 192.0.2.0/25 subnet-parameters * set service dhcp-server shared-network-name foo subnet 192.0.2.0/25 static-mapping ff static-mapping-parameters Having an invalid configuration will yield: vyos@vyos# commit [ service dhcp-server ] Configuration file errors encountered - check your options! [[service dhcp-server]] failed
2021-05-13bonding: T3543: add support to configure lact-rate (slow or fast)Christian Poessinger
Option specifying the rate in which we'll ask our link partner to transmit LACPDU packets in 802.3ad mode. set interfaces bonding bond0 lacp-rate <slow|fast> slow: Request partner to transmit LACPDUs every 30 seconds (default) fast: Request partner to transmit LACPDUs every 1 second
2021-05-09bgp: T3530: add hyphen support for peer-group namesChristian Poessinger
2021-05-08policy: T2425: bugfix NameError: name 'name' is not definedChristian Poessinger
2021-05-08vrf: bgp: T3523: bugfix Kernel route-map deploymentChristian Poessinger
Commit 4f9aa30f ("vrf: bgp: T3523: add route-map support for kernel routes") added the possibility to also filter BGP routes towards the OS kernel, but the smoketests failed. Reason was a non working CLI command applied to bgpd. Thus the VRF route-map and the BGP configuration is now split into two templates, one to be used for each daemon (zebra and bgpd). Nevertheless one more bug was found in vyos.frr which currently does not suppoort calling modify_section() inside a configuration "block". See [1] for more info. [1]: https://phabricator.vyos.net/T3529
2021-05-06vrf: T3523: fix regex when removing dynamic routing protocols with a kernel ↵Christian Poessinger
route-map
2021-05-05isis: T3520: verify interface MTU to be >= lsp-mtuChristian Poessinger
2021-05-02login: T1948: use long options when calling adduserChristian Poessinger
... just to make it easier for users to read the commandline.
2021-04-30bgp: T3504: add support for per-peer graceful shutdownChristian Poessinger
This commit has a dependecy on https://github.com/FRRouting/frr/issues/8403, thus support will be "commented out" by default.
2021-04-30openconnect: T3461: Delete CA crt file checkssever-sever
2021-04-27Merge pull request #821 from bstepler/T3502Christian Poessinger
ecmp: T3502: fix check for "layer4-hashing" key
2021-04-27ecmp: T3502: fix check for "layer4-hashing" keyBrandon Stepler
2021-04-27bgp: T3503: allow "route-reflector-client" when "remote-as" is "internal"Brandon Stepler
2021-04-27Merge pull request #818 from sever-sever/T2216-portsChristian Poessinger
container: T2216: Add binding for ports and volumes
2021-04-27container: T2216: Add binding for ports and volumessever-sever
2021-04-25policy: T3497: add verify() that prefix-lists must carry a defined prefixChristian Poessinger
2021-04-24policy: T2425: verify() must check if a policy is still usedChristian Poessinger
When deleting a route-map, prefix-list or access-list, we must ensure that this routing policy is not referenced by any other protocol or policy. When trying to remove a policy still in use, raise an error.
2021-04-21containers: T2216: the first IP address is always reserved for podmanChristian Poessinger
2021-04-21containers: T2216: used "address" must belong to the used container networkChristian Poessinger
2021-04-21containers: T2216: refine implementationChristian Poessinger
This commit is a cleanup and refinement of the container hosting implementation. - Renamed CLI node ipv4-prefix -> prefix so both IPv4 and IPv6 prefix can be supplied in the future. This is currently limited to IPv4 only as when using IPv6 networks in combination with IPv4 the IPv4 prefix is altered randomly - De-nested if clauses - Use "for foo, bar in baz.items()" to more easily iterate of dictionary values, this means "bar" can be used to access "baz[foo]"
2021-04-21bridge: T2653: remove superfluous "import re"Christian Poessinger
2021-04-19policy: T2425: verify() route-map match criteriasChristian Poessinger
When we match on a community-list, extended community-list or even a large community-list ensure that the referenced list exists on the CLI.
2021-04-18policy: T2425: verify other policy types and probe for mandatory optionsChristian Poessinger
2021-04-18policy: T2425: add common verify() code for all types of policiesChristian Poessinger
2021-04-18policy: T2425: to simplify dictionary use get_first_key=True on ↵Christian Poessinger
get_config_dict()
2021-04-17policy: T2425: also modify route-map section when using FRR reloadChristian Poessinger
2021-04-17policy: T2425: re-implement "policy" tree from vyatta-cfg-quagga in XML/PythonChristian Poessinger
2021-04-15protocols: remove superfluous import of vyos.util.callChristian Poessinger
2021-04-15bgp: T2771: add vpn, multicast, flowspec address familiesCheeze-It
In this commit we add more address families within BGP. This should bring VyOS the ability to enable the rest of the capabilities within FRR. Co-authored-by: Cheeze_It <none@none.com>
2021-04-14policy: T2425: rename files from policy-list to policyChristian Poessinger
2021-04-13Merge pull request #802 from sever-sever/T3455Christian Poessinger
login: T3455: Fix edit level configuration for user
2021-04-13Merge pull request #801 from sever-sever/T2216-podChristian Poessinger
containers: T2216: Add podman for containers
2021-04-13login: T3455: Fix edit level configuration for usersever-sever
2021-04-12static: T3328: route-map to zebra/kernel can not be removedChristian Poessinger
Removing the Zebra/Linux Kernel route-map added by "set protocols static route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not staticd.
2021-04-12rip: T3328: route-map to zebra/kernel can not be removedChristian Poessinger
Removing the Zebra/Linux Kernel route-map added by "set protocols rip route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not ripd.
2021-04-12isis: T3328: route-map to zebra/kernel can not be removedChristian Poessinger
Removing the Zebra/Linux Kernel route-map added by "set protocols isis route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not isisd.
2021-04-12ospf: T3328: route-map to zebra/kernel can not be removedChristian Poessinger
Removing the Zebra/Linux Kernel route-map added by "set protocols ospf route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not ospfd.
2021-04-12bgp: T3328: route-map to zebra/kernel can not be removedChristian Poessinger
Removing the Zebra/Linux Kernel route-map added by "set protocols bgp route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not bgpd.
2021-04-12containers: T2216: Add podman for containerssever-sever
2021-04-11bgp: T3344: handle FRR vrf daemon configuration more elegantChristian Poessinger
2021-04-10bgp: T3460: add verify() steps for local-as overrideChristian Poessinger
It is only possible to set one local-as override per BGP neighbor/peer-group. In addition to this, the override AS number is not allowed to be the same as the one from the global BGP process. If this would still be the case frr-reload would error out: > frr-reload output: 184 % Cannot have local-as same as BGP AS number
2021-04-08bgp: T3464: use common helper functions to verify route-maps and prefix-listsChristian Poessinger
2021-04-08protocols: T3464: proper handling of routing policy configurationChristian Poessinger
The introduction of key_mangling=('-', '_') when working with get_config_dict() caused more harm then good. This commit extends common helpers and adds new helpers when verifying the existence of route-maps, access-lists or prefix-lists.
2021-04-07vrf: T3344: re-add virtual network identifierChristian Poessinger
Commit 548d9057e3e (vrf: T3344: move dynamic routing protocols under "vrf name <name> protocols") temporary removed the possibility to specify the VNI for a given VRF to to changing of the CLI configuration nodes. As VNI is set inside zebra, we can re-use the now widely deployed frr python library to configure and change the configuration without any interference to other FRR daemons.
2021-04-05tunnel: T3030: move erspan type into regular tunnel interfaceChristian Poessinger
Instead of having a dedicated ERSPAN interface type, rather move the specifics into "interface tunnel". A migrator is not needed as there is yet no LTS release with this feature and this is considered experimental.