summaryrefslogtreecommitdiff
path: root/src/migration-scripts/interfaces
AgeCommit message (Collapse)Author
2022-06-29openvpn: T4485: Update PKI migrator to handle full CA chain migrationsarthurdev
* Also determines and maps to correct CA for migrated CRL
2022-04-21pppoe: T4384: replace default-route CLI option with common CLI nodes already ↵Christian Poessinger
present for DHCP VyOS 1.4 still leverages PPPd internals on the CLI. pppd supports three options for a default route, none, auto, force. * none: No default route is installed on interface up * auto: Default route is only installed if there is yet no default route * force: overwrite any default route There are several drawbacks in this design for VyOS and the users. If auto is specified, this only counted for static default routes - but what about dynamic ones? Same for force, only a static default route got replaced but dynamic ones did not got taken into account. The CLI is changed and we now re-use already existing nodes from the DHCP interface configuration: * no-default-route: On link up no default route is installed, same as the previous default-route none * default-route-distance: We can now specify the distance of this route for the routing table on the system. This defaults to 210 as we have for DHCP interfaces. All this will be migrated using a CLI migration script.
2022-01-16Revert "migrator: interfaces: T4171: bugfix ConfigTreeError"Christian Poessinger
This reverts commit 29efbf51efea559773f61703f11a77a8aee6de36.
2022-01-16Revert "migrator: interfaces: T4171: bugfix ConfigTreeError"Christian Poessinger
This reverts commit 391ce22b76190309f81e048ebffab778b0fdee1d.
2022-01-11migrator: interfaces: T4171: bugfix ConfigTreeErrorChristian Poessinger
2022-01-11migrator: interfaces: T4171: bugfix ConfigTreeErrorChristian Poessinger
Migrating 1.2.8 -> 1.4-rolling-202201110811 vyos-router[970]: Waiting for NICs to settle down: settled in 0sec.. vyos-router[1085]: Started watchfrr. vyos-router[970]: Mounting VyOS Config...done. vyos-router[970]: Starting VyOS router: migrate vyos-router[1490]: Traceback (most recent call last): vyos-router[1490]: File "/opt/vyatta/etc/config-migrate/migrate/interfaces/5-to-6", line 112, in <module> vyos-router[1490]: for if_type in config.list_nodes(['interfaces']): vyos-router[1490]: File "/usr/lib/python3/dist-packages/vyos/configtree.py", line 236, in list_nodes vyos-router[1490]: raise ConfigTreeError("Path [{}] doesn't exist".format(path_str)) vyos-router[1490]: vyos.configtree.ConfigTreeError: Path [b'interfaces'] doesn't exist vyos-router[1455]: Migration script error: /opt/vyatta/etc/config-migrate/migrate/interfaces/5-to-6: Command '['/opt/vyatta/etc/config-migrate/migrate/interfaces/5-to-6', '/opt/vyatta/etc/config/config.boot']' returned non-zero exit status 1.. vyos-router[970]: configure. vyos-config[979]: Configuration success
2021-10-21tunnel: T3925: dhcp-interface was of no use - use source-interface insteadChristian Poessinger
(cherry picked from commit c1015d8ce0013719eb898b60b14ffec192b8141c)
2021-10-21tunnel: T3925: shift migration scripts by oneChristian Poessinger
Required for the dhcp-interface migration
2021-08-31vyos.ethtool: T3163: purify code to read and change flow-control settingsChristian Poessinger
It makes no sense to have a parser for the ethtool values in ethtool.py and ethernet.py - one instance ios more then enough!
2021-08-31ethernet: T2241: check if interface supports changing speed/duplex settingsChristian Poessinger
Not all interface drivers have the ability to change the speed and duplex settings. Known drivers with this limitation are vmxnet3, virtio_net and xen_netfront. If this driver is detected, an error will be presented to the user.
2021-08-30ethernet: T3787: remove deprecated UDP fragmentation offloading optionChristian Poessinger
Deprecated in the Linux Kernel by commit 08a00fea6de277df12ccfadc21 ("net: Remove references to NETIF_F_UFO from ethtool."). (cherry picked from commit f5e46ee6cc2b6c1c1869e26beca4ccd5bf52b62f)
2021-08-30ethernet: T3619: fix VyOS 1.2 -> 1.3 performance degradationChristian Poessinger
An analysis of the code base from VyOS 1.2 -> 1.3 -> 1.4 revealed the following "root-cause" VyOS 1.2 uses the "old" node.def file format for: * Generic Segmentation Offloading * Generic Receive Offloading So if any of the above settings is available on the configuration CLI, the node.def file will be executed - this is how it works. By default, this CLI option is not enabled in VyOS 1.2 - but the Linux Kernel enables offloading "under the hood" by default for GRO, GSO... which will boost the performance for users magically. With the rewrite in VyOS 1.3 of all the interface related code T1579, and especially T1637 this was moved to a new approach. There is now only one handler script which is called whenever a user changes something under the interfaces ethernet tree. The Full CLI configuration is assembled by get_interface_dict() - a wrapper for get_config_dict() which abstracts and works for all of our interface types - single source design. The problem now comes into play when the gathered configuration is actually written to the hardware, as there is no GSO, GRO or foo-offloading setting defined - we behave as instructed and disable the offloading. So the real bug originates from VyOS 1.2 and the old Vyatta codebase, but the recent XML Python rewrites brought that one up to light. Solution: A configuration migration script will be provided starting with VyOS 1.3 which will read in the CLI configuration of the ethernet interfaces and if not enabled, will query the adapter if offloading is supported at all, and if so, will enable the CLI nodes. One might say that this will "blow" the CLI configuration but it only represents the truth - which was masked in VyOS 1.2. (cherry picked from commit a515212f4efb08846df04405f31a828edcd63552)
2021-08-30ethernet: T3619: rename interfaces migration scriptsChristian Poessinger
VyOS 1.4 already had a migrator for interfaces 20 -> 21, but this is a different one compared to the one in VyOS 1.3 - thus we bump every migration scripts version by one to have the same 20-to-21 converter in both VyOS 1.3 and 1.4. This is possible as VyOS 1.4 (sagitta) is still a highly experimental version and expected to break from time to time :(.
2021-07-25tunnel: T3366: re-order migration scriptsChristian Poessinger
The migrator from 20-to-21 is required as 19-to-20 on VyOS 1.3 - thus simply rename/reorder the two migrators to not break things the hard way when upgrading from 1.3 -> 1.4.
2021-07-21pki: openvpn: T3642: Migrate OpenVPN to PKI and refactorsarthurdev
2021-07-20pki: eapol: T3642: Migrate EAPoL to use PKI configurationsarthurdev
2021-07-20pki: T3642: Fix Wireguard migration commentsarthurdev
2021-07-19pki: wireguard: T3642: Migrate Wireguard private key directly into CLIsarthurdev
Also renames peer pubkey to public-key for consistency
2021-06-13wwan: T3620: reorder mirgation scripts for 1.3 backportChristian Poessinger
As the new WWAN interface style is backported to VyOS 1.3 we also need to shift the order of the interface migration scripts. so the same order from VyOS 1.4 also applies to VyOS 1.3. In short, 21-to-22 is renamed to 18-to-19 and all other migrators are shifted up one version.
2021-06-13wwan: T3620: adjust NAT inbound/outbound interfaces on config migrationChristian Poessinger
2021-06-13wwan: T3620: fix backup route metric in migration scriptChristian Poessinger
2021-06-13wwan: T3620: rename "wirelessmodem wlm" interfaces to new wwan interface treeChristian Poessinger
2021-06-07vti: T3588: remove interfaces not bound to IPSec tunnelChristian Poessinger
A VTI interface also requires an IPSec configuration - VyOS 1.2 supported having a VTI interface in the CLI but no IPSec configuration - drop VTI configuration if this is the case for VyOS 1.4.
2021-05-24router-advert: T3561: fix inconsistent use of tabs and spaces in indentationChristian Poessinger
Commit c17f259d ("router-advert: T3561: add support for specific routes") used tabs over spaces in the Migration script which triggered a TabError (inconsistent use of tabs and spaces in indentation").
2021-05-23router-advert: T3561: add support for specific routesMark Royds
Co-authored-by: Mark Royds <mark.royds@vitaminit.co.uk>
2021-02-28l2tpv3: T3366: migrate local-ip and remote-ip CLI optionsChristian Poessinger
Rename CLI options local-ip to source-address and remote-ip to remote to get a consistent CLI experience for the user.
2021-02-28tunnel: T3366: rename remote-ip to remoteChristian Poessinger
Streamline the CLI configuration where we try to use remote on other interfaces like vxlan, geneve.
2021-02-28tunnel: T3366: rename local-ip to source-addressChristian Poessinger
Streamline the CLI configuration where we try to use source-address when creating connections which are especially sourced from a discrete address.
2021-02-28tunnel: T3364: rename encapsulation mode "gre-bridge" to "gretap"Christian Poessinger
The following list shows the mapping of VyOS tunnel encapsulation modes to the corresponding Linux modes. VyOS Linux gre gre gre-bridge gretap ipip ipip ipip6 ipip6 ip6ip6 ip6ip6 ip6gre ip6gre sit sit Besides gre-bridge this is pretty consistent. As bridge interfaces are also called tap interfaces gre-bridge will be renamed to gretap to make the post-processing much easier. This means (in detail) that there are no more child classes of _Tunnel and there will be now one geneirc TunnelIf class handling all sorts of encapsulation.
2021-02-11ospfv3: T3267: move interface specific options to "protocols ospfv3"Christian Poessinger
2021-02-11ripng: T3281: move interface specific options to "protocols ripng"Christian Poessinger
2021-02-07rip: T2547: migrate interface specific configuration under protocols ripChristian Poessinger
2021-02-04migrator: ospf: T3267: cleanup empty interface "ip" nodesChristian Poessinger
When per interface OSPF configuration is migrated into "protocols ospf interface" we should cleanup and empty ip {} node unter the individual interface. This makes the config look more nicely.
2021-01-29ospf: T3267: fix invalid migrator version numberChristian Poessinger
2021-01-29ospf: T3267: move "interface ip ospf" configuration to "protocols ospf ↵Christian Poessinger
interface" For easier maintenance and operability move the interface specific protocol setting of OSPF to the OSPF protocol section. This is now also in-line with IS-IS. This means to migrate: ethernet eth0 { vif 202 { ip { ospf { authentication { md5 { key-id 10 { md5-key vyosvyos } } } dead-interval 40 hello-interval 10 priority 1 retransmit-interval 5 transmit-delay 1 } } } } to protocols { ospf { interface eth0.201 { authentication { md5 { key-id 10 { md5-key vyosvyos } } } dead-interval 40 hello-interval 10 priority 1 retransmit-interval 5 transmit-delay 1 } }
2020-12-20ethernet: T3140: relax "ethernet offload-options" CLI definitionChristian Poessinger
Migrate from ethernet eth1 { offload-options { generic-receive on generic-segmentation on scatter-gather on tcp-segmentation on udp-fragmentation on } } to ethernet eth1 { offload { ufo tso sg gso gro } }
2020-12-20wifi: T3043: country-code should be lower caseChristian Poessinger
2020-12-08mirror: T3089: support two-way traffic mirroringjack9603301
2020-12-06migration: interfaces: remove superfluous importsChristian Poessinger
2020-12-04pppoe: T3112: drop "ipv6 enable" optionChristian Poessinger
IPv6 enable can be considered once the ipv6 node is present!
2020-11-21ethernet: T3048: fix migrator to also support a plain configChristian Poessinger
When VyOS boots the first time with the default configuration there it actually no "interface ethernet" node present in the config, thus we must exit the migrator. Without this change vyos.configtree.ConfigTreeError: Path [b'interfaces ethernet'] doesn't exist will be thrown.
2020-11-21ethernet: T3048: drop static smp-affinity for dynamic performance tuningChristian Poessinger
After migrating the ethernet interfaces from the good old Perl days the smp-affinity node yet has no effect anymore as the code is still missing (my bad, sorry). Drop the smp-affinity node and rather use tuned instead with the network-throughput or network-latency profile. - network-throughput: Profile for throughput network tuning. It is based on the throughput-performance profile. It additionaly increases kernel network buffers. - network-latency: Profile for low latency network tuning. It is based on the latency-performance profile. It additionaly disables transparent hugepages, NUMA balancing and tunes several other network related sysctl parameters. I'd set network-throughput as the default on a new set system option performance <throughput | latency> CLI node which is present in the default configuration. https://access.redhat.com/sites/default/files/attachments/201501-perf-brief-low-latency-tuning-rhel7-v2.1.pdf
2020-11-03wireless: T3042: move wifi-regulatory-domain into individual interface ↵Christian Poessinger
definition
2020-11-03wireless: T3043: rename "wpa mode both" to "wpa+wpa2"Christian Poessinger
2020-09-20wwan: ifconfig: T2905: sync CLI nodes in dialup interfacesChristian Poessinger
Both PPPoE and WWAN interfaces are dialer interfaces handled by ppp, but use different CLI nodes for the same functionality. PPPoE has "connect-on-demand" to initiate an "on-demand" dialing and WWAN uses "ondemand" for this purpose. Rename WWAN "ondemand" node to "connect-on-demand".
2020-09-20vif-s: ifconfig: T2903: use explicit VLAN protocol over raw numbersChristian Poessinger
In the past we had to provide the ethertype value used for the VLAN protocol (0x88A8 -> 802.1ad or 0x8100 -> 802.1q). This should be changed to a more user friendly CLI node (protocol over ethertype) and 802.1ad over it's raw value 0x88A8. There is no need in presenting RAW information from the ethernet header to the user. Also iproute2 calls it protocol which makes way more sense over the "raw" value.
2020-08-22dhcpv6-pd: T2677: optimize CLI interface for PD configurationChristian Poessinger
The current CLI did not support multiple prefix-delegations per interface. Some ISPs only send one /64 to a client per prefix-delegation request, but they allow the customer to request multiple prefixes. The 'dhcpv6-options prefix-delegation' node has been renamed and converted to a tag node named 'dhcpv6-options pd'. The tag node specifies a PD request (>=0). In the past the user needed to know what prefix will be assigned and required to calculate the sla-len by himself. The 'sla-len' node was dropped and is now calculated in the background from the 'dhcpv6-options pd 0 length' node. It is no longer mandatory to supply the 'sla-id' node, if sla-id is not specified it is 'guessed' by counting upwards. Example configuration: ---------------------- ethernet eth1 { address dhcpv6 dhcpv6-options { pd 0 { length 56 interface eth2 { address 1 } } } } This will request a /56 assignment from the ISP and will delegate a /64 network to interface eth2. VyOS will use the interface address ::1 on the delegate interface (eth2) as its local address.
2020-07-29wireguard: T2743: move key migration from config script to migration scriptChristian Poessinger
Migration files on the storage should be done one time by a migration script instead of every time the configuration changes. Moving this to an older migration script is fine as this is around for a long time and all rolling releases are already up2date. It only affects updates from VyOS 1.2 series.
2020-06-26migration: interfaces: T2622: fix pseudo-ethernet migrationChristian Poessinger
By implementation misstake we exited the migrationscript if no VXLAN interface was found but this was wrong as the same loop is used on pseudo-ethernet interfaces. The Migrator previously only worked on pseudo-ethernet when also a VXLAN interface was present. This has been corrected.
2020-06-19router-advert: T2618: fix for wrongly converted "autonomous-flag"Christian Poessinger
Boolean nodes have been removed b/c a boolean value makes less sense. The same behavior can be achieved with the presence or absence of a node. Unfortunately the 'autonomous-flag' node has been a negated one which did not migrate it to 'no-autonomous-flag' if it was set to false previously.