| Age | Commit message (Collapse) | Author |
|---|
|
When leaking routes to a VRF ensure that the VRF we are leaking to exists.
|
|
Re-issuing the same iproute2 commands can lead to errors, simply ignore
them and not raise a Python exception.
|
|
During assembly of the required config changes we also must move the
interfaces_removed assignemnt to an earlier stage so the value is also populated
when the entire process is removed to cleanup all remaining OSPF process assigned
interfaces.
This was yet not the case and when deleting OSPF I still got my "interface eth0"
with the area key configured.
|
|
|
|
conf-mode: T2425: Add XML for policy-lists
|
|
VRF: support for dynamic routing protocols OSPF and BGP
|
|
|
|
Instead of having the dynamic routing protocols OSPF and BGP residing under
the "protocols vrf <name> [ospf|bgp]" nodes, rather move them directly under
the "vrf name <name> protocols [ospf|bgp]" node. Now all VRF related parts
are placed under the same root node.
This eases the verify steps tremendously, as we do not need to check wheter a
VRF eists or not, it will always exist as we operate under a child node.
|
|
nat66: T2518: Modify the command line description of NAT/NAT66
|
|
The following VyOS CLI config
vrf red {
bgp 100 {
neighbor 1.1.1.1 {
peer-group foo
}
peer-group foo {
passive
password bar
remote-as 200
}
}
}
Will generaste the FRR configuration:
!
router bgp 100 vrf red
no bgp ebgp-requires-policy
no bgp network import-check
neighbor foo peer-group
neighbor foo remote-as 200
neighbor foo password bar
neighbor foo passive
neighbor 1.1.1.1 peer-group foo
!
|
|
VyOS CLI config:
vrf red {
ospf {
default-information {
originate {
always
}
}
default-metric 30
passive-interface default
}
}
Will create the FRR configuration snippet:
!
router ospf vrf red
auto-cost reference-bandwidth 100
timers throttle spf 200 1000 10000
passive-interface default
default-metric 30
default-information originate always
!
|
|
|
|
A user can specify both "set system console device ttyS0 speed '9600'" and
"set service console-server device ttyS0 speed 9600". A serial interface can
not be used multiple times.
commit now produces an error:
vyos@vyos# commit
[ service console-server ]
Port "ttyS0" requires speed to be set!
(cherry picked from commit 7620a8a1d6d20d4bf16e714a9d40b7bdfb133b39)
|
|
|
|
|
|
|
|
ospf: T3211: Fix default isis redistribution
|
|
|
|
Linux does not support changing the remote address from any (multipoint
GRE as used by DMVPN) to a discrete remote address. THis will return an
error: add tunnel "tun1" failed: Invalid argument
This can be handled by detecting the mGRE -> GRE change and re-create the tunnel
silently.
|
|
|
|
There had been four implementations of "ip -d -j link show interface" scattered
accross the codebase. Those implementations have now been combined into a new
helper:
vyos.util.get_json_iface_options()
|
|
Rename CLI options local-ip to source-address and remote-ip to remote to
get a consistent CLI experience for the user.
|
|
vyos.ifconfig: cleanup and tunnel refactoring
|
|
The following list shows the mapping of VyOS tunnel encapsulation modes to the
corresponding Linux modes.
VyOS Linux
gre gre
gre-bridge gretap
ipip ipip
ipip6 ipip6
ip6ip6 ip6ip6
ip6gre ip6gre
sit sit
Besides gre-bridge this is pretty consistent. As bridge interfaces are also
called tap interfaces gre-bridge will be renamed to gretap to make the
post-processing much easier.
This means (in detail) that there are no more child classes of _Tunnel and
there will be now one geneirc TunnelIf class handling all sorts of encapsulation.
|
|
Interface.get_config() was always a pure helper which exposed a "per interface
type" dictionary which was then fed by the caller to create interfaces by
iproute2 which required additional options during creation time.
Such interfaces had been:
* tunnel
* vxlan
* geneve
* macsec
* wifi
* macvlan / pseudo-ethernet
The code was always duplicated to convert from the VyOS CLI based get_config_dict()
to a dict which can be used to feed iproute2.
This path has been removed and we now always feed in the entire dictionary
retrieved by get_config_dict() or in the interfaces case, it's high-level wrapper
get_interface_dict() to the interface we wan't to create.
This also adds the - personally long awaited - possibility to get rid of the
derived tunnel classes for e.g. GRE, IPIP, IPIP6 and so on.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
In addition to commit cf1156a60e ("ethernet: T3163: probe driver for maximum
rx/tx ring-buffer size") this extends the logic in a way as not every driver
supports setting the buffers at all so it will properly error out.
When invoking "ethtool -g" both stdout and stderr are captured and no exception
is raised if it's an unsupported driver feature. The verify() section will
inform the user about the illegal operation.
|
|
|
|
|
|
|
|
(cherry picked from commit d5804b19d3ffecdd4fe6bd89d50ac84dabb549fd)
|
|
|
|
local variable 'peer_group' referenced before assignment.
|
|
squid: T3299: Add listen address 0.0.0.0
|
|
|
|
|
|
|
|
|
|
When moving from Quagga to FRR the BGP address-family was extended by an
invalid peer-group statement. FRR always moved a configured peer-group
from the AFI level down to the neighbor level.
With the migration to FRR reload we must take care about this by ourselves.
|
|
|
|
|
|
|
|
deprecation warnings.
|
|
|
|
With commit 015651a8 ("T2638: Enable more debugging in the FRR library") a
global debug mechanism was added by creating a file named /tmp/vyos.frr.debug.
With this change we can drop the duplicated debug code from every protocol.
|
