Age | Commit message (Collapse) | Author |
|
When leaking routes to a VRF ensure that the VRF we are leaking to exists.
|
|
Re-issuing the same iproute2 commands can lead to errors, simply ignore
them and not raise a Python exception.
|
|
During assembly of the required config changes we also must move the
interfaces_removed assignemnt to an earlier stage so the value is also populated
when the entire process is removed to cleanup all remaining OSPF process assigned
interfaces.
This was yet not the case and when deleting OSPF I still got my "interface eth0"
with the area key configured.
|
|
|
|
|
|
T3354: Add strip-private script in Python
|
|
|
|
|
|
|
|
conf-mode: T2425: Add XML for policy-lists
|
|
pppoe: T3403: Fix show sessions interrupt for op-mode
|
|
VRF: support for dynamic routing protocols OSPF and BGP
|
|
|
|
Instead of having the dynamic routing protocols OSPF and BGP residing under
the "protocols vrf <name> [ospf|bgp]" nodes, rather move them directly under
the "vrf name <name> protocols [ospf|bgp]" node. Now all VRF related parts
are placed under the same root node.
This eases the verify steps tremendously, as we do not need to check wheter a
VRF eists or not, it will always exist as we operate under a child node.
|
|
nat66: T2518: Modify the command line description of NAT/NAT66
|
|
The following VyOS CLI config
vrf red {
bgp 100 {
neighbor 1.1.1.1 {
peer-group foo
}
peer-group foo {
passive
password bar
remote-as 200
}
}
}
Will generaste the FRR configuration:
!
router bgp 100 vrf red
no bgp ebgp-requires-policy
no bgp network import-check
neighbor foo peer-group
neighbor foo remote-as 200
neighbor foo password bar
neighbor foo passive
neighbor 1.1.1.1 peer-group foo
!
|
|
|
|
VyOS CLI config:
vrf red {
ospf {
default-information {
originate {
always
}
}
default-metric 30
passive-interface default
}
}
Will create the FRR configuration snippet:
!
router ospf vrf red
auto-cost reference-bandwidth 100
timers throttle spf 200 1000 10000
passive-interface default
default-metric 30
default-information originate always
!
|
|
|
|
A user can specify both "set system console device ttyS0 speed '9600'" and
"set service console-server device ttyS0 speed 9600". A serial interface can
not be used multiple times.
commit now produces an error:
vyos@vyos# commit
[ service console-server ]
Port "ttyS0" requires speed to be set!
(cherry picked from commit 7620a8a1d6d20d4bf16e714a9d40b7bdfb133b39)
|
|
|
|
|
|
dhcp: T3392: fix VRF detection
|
|
nptv6: T2518: Support IPv6 address translation
|
|
|
|
|
|
|
|
|
|
This reverts commit e1c993f57efdf91f26a36f1d0339298e63fdf20e.
|
|
Commit e5b335830ef ("vyos.ifconfig: T1579: remove calls to
vyos.ifconfig.Interface.get_config()") removed the PPPoEIf class as it seemed
to be unused. It turns out it is required by the op-mode commands for e.g. "show
interfaces".
|
|
|
|
dhcp: T3300: add DHCP default route distance
|
|
ospf: T3211: Fix default isis redistribution
|
|
|
|
Linux does not support changing the remote address from any (multipoint
GRE as used by DMVPN) to a discrete remote address. THis will return an
error: add tunnel "tun1" failed: Invalid argument
This can be handled by detecting the mGRE -> GRE change and re-create the tunnel
silently.
|
|
|
|
|
|
There had been four implementations of "ip -d -j link show interface" scattered
accross the codebase. Those implementations have now been combined into a new
helper:
vyos.util.get_json_iface_options()
|
|
Rename CLI options local-ip to source-address and remote-ip to remote to
get a consistent CLI experience for the user.
|
|
|
|
vyos.ifconfig: cleanup and tunnel refactoring
|
|
Streamline the CLI configuration where we try to use remote on other interfaces
like vxlan, geneve.
|
|
Streamline the CLI configuration where we try to use source-address when
creating connections which are especially sourced from a discrete address.
|
|
The following list shows the mapping of VyOS tunnel encapsulation modes to the
corresponding Linux modes.
VyOS Linux
gre gre
gre-bridge gretap
ipip ipip
ipip6 ipip6
ip6ip6 ip6ip6
ip6gre ip6gre
sit sit
Besides gre-bridge this is pretty consistent. As bridge interfaces are also
called tap interfaces gre-bridge will be renamed to gretap to make the
post-processing much easier.
This means (in detail) that there are no more child classes of _Tunnel and
there will be now one geneirc TunnelIf class handling all sorts of encapsulation.
|
|
Interface.get_config() was always a pure helper which exposed a "per interface
type" dictionary which was then fed by the caller to create interfaces by
iproute2 which required additional options during creation time.
Such interfaces had been:
* tunnel
* vxlan
* geneve
* macsec
* wifi
* macvlan / pseudo-ethernet
The code was always duplicated to convert from the VyOS CLI based get_config_dict()
to a dict which can be used to feed iproute2.
This path has been removed and we now always feed in the entire dictionary
retrieved by get_config_dict() or in the interfaces case, it's high-level wrapper
get_interface_dict() to the interface we wan't to create.
This also adds the - personally long awaited - possibility to get rid of the
derived tunnel classes for e.g. GRE, IPIP, IPIP6 and so on.
|
|
|
|
|
|
|
|
|
|
|