summaryrefslogtreecommitdiff
path: root/src/conf_mode
AgeCommit message (Collapse)Author
2021-04-08protocols: T3464: proper handling of routing policy configurationChristian Poessinger
The introduction of key_mangling=('-', '_') when working with get_config_dict() caused more harm then good. This commit extends common helpers and adds new helpers when verifying the existence of route-maps, access-lists or prefix-lists.
2021-04-07vrf: T3344: re-add virtual network identifierChristian Poessinger
Commit 548d9057e3e (vrf: T3344: move dynamic routing protocols under "vrf name <name> protocols") temporary removed the possibility to specify the VNI for a given VRF to to changing of the CLI configuration nodes. As VNI is set inside zebra, we can re-use the now widely deployed frr python library to configure and change the configuration without any interference to other FRR daemons.
2021-04-05tunnel: T3030: move erspan type into regular tunnel interfaceChristian Poessinger
Instead of having a dedicated ERSPAN interface type, rather move the specifics into "interface tunnel". A migrator is not needed as there is yet no LTS release with this feature and this is considered experimental.
2021-04-05bgp: T3418: peer-group and remote-as must be present under interface nodeChristian Poessinger
When configuring a BGP neighbor via an interface, FRR requires that the peer-group and remote-as node from under the interface statement is used. This is now enforced by a verify() check.
2021-04-02frr: T3217: Abbility to save routing configssever-sever
2021-03-30ripng: T3281: remove debug print statementsChristian Poessinger
2021-03-29Merge pull request #793 from c-po/bgp-cliChristian Poessinger
bgp: T1711: remove ASN tagNode and move to "local-as"
2021-03-29bgp: T1711: remove ASN tagNode and move to "local-as"Christian Poessinger
Every time when set configuration bgp, you need set AS number. There is very less benefit in this system so the AS number is moved from a tagNode level down to a leafNode with the name "local-as", same as on the neighbor or peer-group level. This changes the CLI configuration from: set protocols bgp 100 neighbor 10.10.1.2 remote-as 200 to set protocols bgp local-as 100 set protocols bgp neighbor 10.10.1.2 remote-as 200
2021-03-28http-api: T3440: give uvicorn time to initialize before starting NginxJohn Estabrook
2021-03-24Revert "isis: T3417: add workaround for FRR issue"Christian Poessinger
This reverts commit d89455ee7f5dc21d00bbeddd57eaee2e32f45f99.
2021-03-24Merge pull request #784 from sever-sever/T3217Christian Poessinger
routing: T3217: Save configs of daemon per commit
2021-03-24ddclient: T3422: Allow zone property with cloudflare protocolJustin
Allows Dynamic DNS services with custom names to use the zone field if the protocol is set to cloudflare (cherry picked from commit 5ab6c20f8acd4dda1870b9a71fe73129d2f78b24)
2021-03-23routing: T3217: Save configs of daemon per commitsever-sever
2021-03-21isis: T3417: drop artificial "domain" node identifying the IS-IS process nameChristian Poessinger
As we and FRR do not support multiple FRR process instances, there is no need to make this configurable for a user. We rather rely on a solid default "VyOS".
2021-03-21isis: T3417: last byte of IS-IS network entity title must always be 0Christian Poessinger
2021-03-21isis: T3417: add workaround for FRR issueChristian Poessinger
We need to adjust the regex pattern for the default VRF as a trailing whitespace is required due to an FRR issue: https://github.com/FRRouting/frr/issues/8300
2021-03-21isis: T3417: verify route-map used in redistribute existsChristian Poessinger
2021-03-21isis: T3417: cleanup verify()Christian Poessinger
2021-03-21ospf: vrf: T2271: ease FRR interaction for config reloadChristian Poessinger
Instead of multiple if/else paths, use a common vrf string variable which is either populated or not. In addtion when interfaces are configured for a given VRF, harden the regex for config reload.
2021-03-21isis: T3417: add VRF supportChristian Poessinger
VRF support can be tested using: set vrf name red table 1000 set vrf name red protocols isis domain FOOO set vrf name red protocols isis net 49.0001.1921.6800.1002.00 set vrf name red protocols isis interface eth1
2021-03-21isis: T3417: move from cli tagNode to nodeChristian Poessinger
As there can only be one running IS-IS process (FRR limitation) there is no need in having a tagNode here. This adds artifical restrictions/limitations when moving on to support VRFs for IS-IS protocol.
2021-03-21vrf: ospf: T2271: comment cleanupChristian Poessinger
2021-03-17static: vrf: T3344: add target vrf verify()Christian Poessinger
When leaking routes to a VRF ensure that the VRF we are leaking to exists.
2021-03-17vrf: T31: ignore iproute2 errorsChristian Poessinger
Re-issuing the same iproute2 commands can lead to errors, simply ignore them and not raise a Python exception.
2021-03-17vrf: ospf: T2271: when removing the entire process cleanup all interfacesChristian Poessinger
During assembly of the required config changes we also must move the interfaces_removed assignemnt to an earlier stage so the value is also populated when the entire process is removed to cleanup all remaining OSPF process assigned interfaces. This was yet not the case and when deleting OSPF I still got my "interface eth0" with the area key configured.
2021-03-14bgp: T3325: fix missleading error message on listen-range verify() stepsChristian Poessinger
2021-03-14Merge pull request #733 from sever-sever/T2425Christian Poessinger
conf-mode: T2425: Add XML for policy-lists
2021-03-14Merge pull request #770 from c-po/vrf-dynamic-routingChristian Poessinger
VRF: support for dynamic routing protocols OSPF and BGP
2021-03-14vyos.util: rename get_json_iface_options() -> get_interface_config()Christian Poessinger
2021-03-14vrf: T3344: move dynamic routing protocols under "vrf name <name> protocols"Christian Poessinger
Instead of having the dynamic routing protocols OSPF and BGP residing under the "protocols vrf <name> [ospf|bgp]" nodes, rather move them directly under the "vrf name <name> protocols [ospf|bgp]" node. Now all VRF related parts are placed under the same root node. This eases the verify steps tremendously, as we do not need to check wheter a VRF eists or not, it will always exist as we operate under a child node.
2021-03-14Merge pull request #772 from jack9603301/T2518Christian Poessinger
nat66: T2518: Modify the command line description of NAT/NAT66
2021-03-14vrf: bgp: T2271: create individual BGP process for specified VRF nameChristian Poessinger
The following VyOS CLI config vrf red { bgp 100 { neighbor 1.1.1.1 { peer-group foo } peer-group foo { passive password bar remote-as 200 } } } Will generaste the FRR configuration: ! router bgp 100 vrf red no bgp ebgp-requires-policy no bgp network import-check neighbor foo peer-group neighbor foo remote-as 200 neighbor foo password bar neighbor foo passive neighbor 1.1.1.1 peer-group foo !
2021-03-14vrf: ospf: T2271: create individual OSPF process for specified VRF nameChristian Poessinger
VyOS CLI config: vrf red { ospf { default-information { originate { always } } default-metric 30 passive-interface default } } Will create the FRR configuration snippet: ! router ospf vrf red auto-cost reference-bandwidth 100 timers throttle spf 200 1000 10000 passive-interface default default-metric 30 default-information originate always !
2021-03-14nat66: T2518: Modify the command line description of NAT/NAT66jack9603301
2021-03-13console-server: T3407: can not reuse device used for "system console"Christian Poessinger
A user can specify both "set system console device ttyS0 speed '9600'" and "set service console-server device ttyS0 speed 9600". A serial interface can not be used multiple times. commit now produces an error: vyos@vyos# commit [ service console-server ] Port "ttyS0" requires speed to be set! (cherry picked from commit 7620a8a1d6d20d4bf16e714a9d40b7bdfb133b39)
2021-03-13nat: nat66: T2518: Support operation mode commandjack9603301
2021-03-09nptv6: T2518: Support IPv6 address translationjack9603301
2021-03-04grub: T3271: don't write grub.cfg if it hasn't changedBrandon Stepler
2021-03-04Merge pull request #761 from sever-sever/T3211Christian Poessinger
ospf: T3211: Fix default isis redistribution
2021-03-04ospf: T3211: Fix default isis redistributionsever-sever
2021-03-04tunnel: T3381: fix error when switching from mGRE to GRE modeChristian Poessinger
Linux does not support changing the remote address from any (multipoint GRE as used by DMVPN) to a discrete remote address. THis will return an error: add tunnel "tun1" failed: Invalid argument This can be handled by detecting the mGRE -> GRE change and re-create the tunnel silently.
2021-03-03tunnel: T2966: add ip6gretap encapsulation supportChristian Poessinger
2021-02-28vyos.util: provide single implementation for get_json_iface_options()Christian Poessinger
There had been four implementations of "ip -d -j link show interface" scattered accross the codebase. Those implementations have now been combined into a new helper: vyos.util.get_json_iface_options()
2021-02-28l2tpv3: T3366: migrate local-ip and remote-ip CLI optionsChristian Poessinger
Rename CLI options local-ip to source-address and remote-ip to remote to get a consistent CLI experience for the user.
2021-02-28Merge pull request #747 from c-po/vxlan-tunnel-parametersChristian Poessinger
vyos.ifconfig: cleanup and tunnel refactoring
2021-02-28tunnel: T3364: rename encapsulation mode "gre-bridge" to "gretap"Christian Poessinger
The following list shows the mapping of VyOS tunnel encapsulation modes to the corresponding Linux modes. VyOS Linux gre gre gre-bridge gretap ipip ipip ipip6 ipip6 ip6ip6 ip6ip6 ip6gre ip6gre sit sit Besides gre-bridge this is pretty consistent. As bridge interfaces are also called tap interfaces gre-bridge will be renamed to gretap to make the post-processing much easier. This means (in detail) that there are no more child classes of _Tunnel and there will be now one geneirc TunnelIf class handling all sorts of encapsulation.
2021-02-28vyos.ifconfig: T1579: remove calls to vyos.ifconfig.Interface.get_config()Christian Poessinger
Interface.get_config() was always a pure helper which exposed a "per interface type" dictionary which was then fed by the caller to create interfaces by iproute2 which required additional options during creation time. Such interfaces had been: * tunnel * vxlan * geneve * macsec * wifi * macvlan / pseudo-ethernet The code was always duplicated to convert from the VyOS CLI based get_config_dict() to a dict which can be used to feed iproute2. This path has been removed and we now always feed in the entire dictionary retrieved by get_config_dict() or in the interfaces case, it's high-level wrapper get_interface_dict() to the interface we wan't to create. This also adds the - personally long awaited - possibility to get rid of the derived tunnel classes for e.g. GRE, IPIP, IPIP6 and so on.
2021-02-27bgp: T3225: is_addr_assigned should check only ipv4 ipv6 neighborssever-sever
2021-02-26bgp: T3320: Add checks for peer-groupsever-sever
2021-02-26bgp: T3225: Move is_addr_assigned check to netighborsever-sever