$ cat /etc/network/interfaces
auto v0
iface v0
link-type veth
vrf blue
auto blue
iface blue
vrf-table auto
$ ifreload -a
$ echo $?
0
$ ifquery -a -c
auto v0
iface v0 [pass]
link-type veth [pass]
vrf blue [pass]
auto blue
iface blue [pass]
vrf-table 1001 [pass]
$ echo $?
0
Reported-by: Maximilian Wilhelm <max@rfc2324.org>
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
This simple patch allows the creation of bridges which should be set up
without any ports, like a bridge for virtual machines on a hosting box.
With this patch ifupdown2 get's a step closer to feature parity and
compatiblity with ifupdown1.
Signed-off-by: Maximilian Wilhelm <max@sdn.clinic>
This commit adds support to configure and check gretap tunnels. An example
configuration could look like this:
iface tap0 inet tunnel
mode gretap
local 10.132.255.3
endpoint 10.132.255.1
ttl 64
mtu 1400
tunnel-physdev eth0
#
address 10.10.0.1/2
ifup will happily configure the interface (which it does even without this
patch) and ifquery now can successfully validate the configure interface:
cr03.in.ffho.net:~# ifquery -c tap0
iface tap0 inet tunnel [[ OK ]]
tunnel-physdev eth0 [[ OK ]]
endpoint 10.132.255.1 [[ OK ]]
local 10.132.255.3 [[ OK ]]
mode gretap [[ OK ]]
ttl 64 [[ OK ]]
mtu 1400 [[ OK ]]
address 10.10.0.1/24 [[ OK ]]
Signed-off-by: Maximilian Wilhelm <max@sdn.clinic>
* addons: batman_adv: Rework B.A.T.M.A.N. adv. attribute handling.
This commit reworks the internal handling of B.A.T.M.A.N. adv. attributes
within the plugin. The new approach on setting and checking attributes is
more generic and allows adding more B.A.T.M.A.N. adv. which should be set
as attributes of an B.A.T.M.A.N. adv. interface in a simple way.
This commit does not introduce any changes visibile to the user.
Signed-off-by: Maximilian Wilhelm <max@sdn.clinic>
* addons: batman_adv: Add support for more B.A.T.M.A.N. adv. attributes.
This commit adds supports for setting the following optional attributes:
* gw-mode (one of { off, client, server })
* multicast-mode (can be 'enabled' or 'disabled')
* distributed-arp-table (cat be 'enabled' or 'disabled')
Example config:
pandora:~# ifquery -c bat-foo
iface bat-foo [pass]
batman-ifaces dummy-bat [pass]
batman-ifaces-ignore-regex [pass]
batman-hop-penalty 7 [pass]
batman-multicast-mode enabled [pass]
batman-distributed-arp-table enabled [pass]
batman-gw-mode client [pass]
Signed-off-by: Maximilian Wilhelm <max@sdn.clinic>
Due to a simple logic bug the 'pointopoint' attribute was ignored when
specifying and address as <ip/mask> and only considered when IP and mask
where given seperately. This commit fixes this behaviour.
When configured in ptp mode »ip addr« will show the IP address without a
netmask which will make »ifquery -c« mark the IP as failed. The check has
been fixed, too.
Signed-off-by: Maximilian Wilhelm <max@rfc2324.org>
This commit adds support for configuring GRE/IPIP/SIT tunnel interfaces as know
from previous versions of ifupdown. Currently only configuration checks for GRE
and SIT tunnels are implemented.
A tunnel interface configuration could look like this:
auto gre42
iface gre42 inet tunnel
mode gre
local 198.51.100.1
endpoint 203.0.113.2
#
# optional tunnel attributes
ttl 64
mtu 1400
tunnel-physdev eth0
#
address 192.0.2.42/31
address 2001:db8:d0c:23::42/64
auto he-ipv6
iface he-ipv6 inet tunnel
mode sit
endpoint 203.0.113.6
local 198.51.100.66
#
# optional tunnel attributes
ttl 255
mtu 1466
tunnel-physdev vrf_external
#
address 2001:db8:666::2/64
Signed-off-by: Maximilian Wilhelm <max@rfc2324.org>
Previously a single non existing batman member interface could prevent the
configuration of the batman interface. This patch makes sure only existing
member interfaces will be considered when setting up the interface.
Signed-off-by: Maximilian Wilhelm <max@rfc2324.org>
Add interface configuration option »vxlan-physdev« to set »dev« attribute
of VXLAN interfaces and a check for the running configuration.
Signed-off-by: Maximilian Wilhelm <max@rfc2324.org>
The »vxlan-svcnodeip« corresponds with the multicast »group« parameter
of the VXLAN interface and should be checked against this value instead
of the »remote« parameter for unicast ptp tunnels.
Signed-off-by: Maximilian Wilhelm <max@rfc2324.org>
* Add addon module for B.A.T.M.A.N. advanced interface configuration.
This commit adds support for configuring B.A.T.M.A.N. advanced interfaces
with ifupdown2. B.A.T.M.A.N. advanced is a protocol to build Layer2 based
mesh networks with. It's supported in the Linux kernel and thus available
in many Linux environments.
A configuration could look like this
auto bat0
iface bat0
batman-ifaces eth1 eth2.23
batman-ifaces-ignore-regex .*_nodes
batman-hop-penalty 23
#
address 192.0.2.42/24
where »bat0« would be the local connection to the mesh network.
The interfaces »eth1« and »eth2.23« would be used by the B.A.T.M.A.N. adv.
protocol to communicate to other member of the mesh network.
Any interfaces matching the »ifaces-ignore-regex« will be gently ignored
by ifquery and ifreload as there might be some tunnels or interfaces
added to the mesh network by other means which should not be removed by
any subsequent ifreload run.
The »hop-penalty» parameter set the penalty of this node within the mesh
network.
Signed-off-by: Maximilian Wilhelm <max@rfc2324.org>
* addons: batman_adv: replacing rtnetlink by netlink api call and iproute2 instantiation fix
These changes are due to modifications we introduced in debian-prep2.
We no longer use the rtnetlink_api but a new one "netlink" build on top of python-nlmanager.
* Reflect upstream change where flags are stored.
Signed-off-by: Maximilian Wilhelm <max@rfc2324.org>
Pass the same environment variables to addon scripts from /etc/network/
as are passed to user defined commands in interfaces stanzas. This is
needed for compatibility with ifupdown.
Fixes: #14
Checking operstate would require firmware to be loaded and link
negotiation to of taken place. Some firmwares take a few seconds to
upload and online the device, and some link negotiations take a second
or two.
Immediately checking operstate is not feasible here. Checking if the
link is present is a more suitable non-delaying approach.
Signed-off-by: Nigel Kukard <nkukard@lbsd.net>
Ticket:
Reviewed By: Roopa
Testing Done:
Debian Bug#855401, we didn't list pkg_resource as a dependency so the
installation is failing for upstream users.
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: CM-14683
Reviewed By: julien, mallik, anita, vivek, balki, wkok
Testing Done: tested with bridge-learning on off
- support for bridge-learning attribute on bridge ports.
(currently uses sysfs, must move to netlink soon)
- Additional feature for vxlan bridge ports: sync learning
flag to vxlan bridge ports. No ifquery check for this auto
sync feature.
example config for vxlan ports:
auto vxlan1000
iface vxlan1000
vxlan-id 1000
bridge-learning off
bridge-access 100
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-8424
Reviewed By: Roopa, Julien
Testing Done: using the config mentioned in bug
updelay
Specifies the time, in milliseconds, to wait before enabling a
slave after a link recovery has been detected. This option is
only valid for the miimon link monitor.
downdelay
Specifies the time, in milliseconds, to wait before disabling
a slave after a link failure has been detected. This option
is only valid for the miimon link monitor.
Signed-off-by: Nikhil Gajendrakumar <nikhil@cumulusnetworks.com>
Conflicts:
ifupdownaddons/bondutil.py
This reverts commit 65beb82662576c047a281389bd663589dcba09db.
it's causing testifupdown2.py:TestMakoJson to fail... Basically this commit
uncomment codes which parse mc value from brctl output. So `ifquery -r` output
is different (this new attribute show up under the bridge). TestMakoJson at
some point does:
$ ifquery -a -r -t json > running_json
Then later
$ ifup -i running_json...
This ifup fails on:
...
warning: br0: unsupported attribute 'bridge-mclmt'
...
Ticket: CM-14628
Reviewed By: julien, nikhil, vivek, mallik
Testing Done: Tested with vxlan config and remote ips added externally
Recent handling of vxlan-purge-routes as part of CM-13815 did not fix
handling of remote ips during ifquery --check and ifquery --running.
This patch fixes ifquery -c and ifquery running for external
vxlan controller cases.
Without this, ifquery --check always returns exit code of 1 for
external vxlan controller configs
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
