Ticket: CM-7840
Reviewed By: julien, nikhil
Testing Done: Tested ifquery with and without --with-defaults option
commit "6e16e5ae90f2" introduced --with-defaults for ifquery --check
output. But the base ifquery --with-defaults should also include
the default policy attributes we support. This patch adds infrastructure
to query default attributes --with-defaults in base ifquery output.
example:
{noformat}
$ifquery br0
auto br0
iface br0 inet static
bridge-ports swp1 swp2
$ifquery br0 --with-defaults
auto br0
iface br0 inet static
bridge-ports swp1 swp2
bridge-stp yes
{noformat}
Ticket: CM-10465
Reviewed By: julien, nikhil
Testing Done: Tested creating more than 64 vrf devices
example config:
{noformat}
%for v in range(1, 66):
auto vrf${v}
iface vrf${v}
vrf-table auto
%endfor
{noformat}
also, since vrf module already does a link up on vrf dev, remove
link up of vrf dev from ifupdownmain scheduler callback
Ticket: CM-7840
Reviewed By: Roopa Prabhu
Testing Done: yes, by installing ifupdown .deb file onto dell-s3000-02
This patch adds a new argument '--with-defaults' to 'ifquery'
when 'ifquery --with-defaults' is executed, running states of all interface
attributes are compared against respective configured attributes from
/etc/network/interfaces file, if configured. Otherwise, compared against
default attributes from policy file
This patch also: (1) fixes ifquery check failure for bridge-* stp attributes.
(2) removes vrf-default-route and vrf-cgroup attributes from ifupdown2 policy
and just have the vrf-helper attribute
Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
Ticket: CM-10178
Review: trivial
Testing: tested with failing testcase in the CM
This patch fixes a check in vrf map initialization code which did
not account for running vrfs correctly. This caused the case where
there were no running vrfs but stale map file to fail.
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
addons,ifupdown,sbin: adding ifquery --with-defaults option
Ticket: CM-7840
Reviewed By: Roopa Prabhu
Testing Done: yes, by installing ifupdown .deb file onto dell-s3000-02
This patch adds a new argument '--with-defaults' to 'ifquery'
when 'ifquery --with-defaults' is executed, running states of all interface
attributes are compared against respective configured attributes from
/etc/network/interfaces file, if configured. Otherwise, compared against
default attributes from policy file
Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
Ticket:
Reviewed By: julien
Testing Done: Tested ifquery -l and checked that it is compatible with
ifupdown
ifquery list lists all matching interfaces. By default that is all auto
interfaces:
example:
{noformat}
$cat /etc/network/interfaces
auto lo
iface lo inet loopback
allow-mgmt eth0
iface eth0 inet dhcp
vrf mgmt
allow-mgmt mgmt
iface mgmt
address 127.0.0.1/8
vrf-table auto
$ifquery -l --allow=mgmt
eth0
mgmt
$ifquery -a -l
lo
{noformat}
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: cleanup
Reviewed By:
Testing Done: Tested ifupdown sanity
This gets rid of some ugly previous flag handling which was
passed through modules. This creates a global instance of
flags that all addon modules and helper modules can use.
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: found during other testing
Reviewed By: trivial
Testing Done: Tested ifreload with dependency errors and dependencies
with upperiface being a master and also vlan device
This patch avoids false positives when set role is called twice
for an interface which is a vrf slave but also has a vlan device on
top of it.
Ticket: trivial
Reviewed By: wkok
Testing Done: Tested ifupdown2 sanity and checked log messages from rtnetlink api
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
This is cherry-pick of commit 269ff43d09ca4 from cumulus2.5
the same name
Ticket: CM-10051
Reviewed By: julien, nikhil
Testing Done: tested that bridge vlan attributes get applied correctly + ran ssim test testifupdown2.py
This was introduced by a patch that squashed multiple iface objects
into a single object.
That led to the below interfaces getting squashed into one. Which is not
the right thing to do:
{noformat}
auto Newbr.325
iface Newbr.325
address 24.0.0.22/30
address 3101🔤bcad:1::3/64
auto Newbr.325
vlan Newbr.325
bridge-igmp-querier-src 194.31.10.45
{noformat}
The 'vlan Newbr.325' ifaceobject needs to be kept separately and it is
of type BRIDGE_VLAN. so, this patch just makes sure these interfaces are
kept separately in the squash function.
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-10188, CM-10061
Reviewed By: dsa, nikhil, julien
Testing Done: Tested static routes with vrf names for tables
This patch does the following:
- if a single vrf device is present in the config,
builds the vrf map by reading vrf interfaces from the kernel (with
existing link cache. Builds a shadow vrf only attribute cache)
- reads existing table map and adjusts it if required
- main change is the iproute2 map file on disk is updated
immediately on vrf creation, so that static routes used along with the
vrf slaves can use the vrf name for the table. This also helps dhclient dns
hook script which may use mgmt table name directly.
- cleans up default routes on down
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-10188, CM-9881
Reviewed By: nikhil, julien, dsa, daniel
Testing Done: Tested mgmt vrf bringup, teardown, static routes at boot
etc
This patch fixes a few things:
- kill existing ssh clients on enslavement change for mgmt vrf (original patch by NikhilG)
- bring vrf master up first during vrf slave enslavement if
master does not exist. This was originally done only for
vrf dhcp slaves. With this patch we do it for all vrf slaves.
needed for static routes on vrf slaves (CM-10188).
- cleanup: reorganize code and a few cleanups and corner case handling
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: Nikhil Gajendrakumar <nikhil@cumulusnetworks.com>
Ticket: CM-10027
Reviewed By: julien, nikhil
Testing Done: Tested with an interfaces file with shared dependents
In the process of fixing this saw a few more issues with link kind
handing. Its better to separate kind from interface private flags
like bond slave and bridge port. this patch cleans up all that handling.
Example errors:
error: misconfig..? swp5.2 vrfslave is enslaved to multiple interfaces
['vrf1012', 'br2']
error: misconfig..? swp5.2 bridgeport is enslaved to multiple
interfaces ['vrf1012', 'br2']
This was bringing down vrf master earlier than required
leading to ssh session hangs in case of management vrf
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
This was bringing down vrf master earlier than required
leading to ssh session hangs in case of management vrf
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-10016
Reviewed By:
Testing Done: Tested with the upperiface bring up case described in
CM-10016
upperiface bringup is best effort and does not imply that the current
interface bring up has an error. It only means that the upperiface may
be in an incomplete state. Hence this patch resets scheduler error state
before returning from upperiface bringup.
Ticket: CM-9993
Reviewed By: julien
Testing Done: Tested with interfaces file and steps described in the CM
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-7168
Reviewed By: julien, nikhil, stannous
Testing Done: Tested with errors in interfaces file
This patch changes a few errors to warns. and propagates errors
on ifaceobjects to upperlayers.
- any exception passed to upper layers (/sbin/ifupdown) results in
exit code of 1
- It uses a global SCHED flag to flag a scheduler error (maybe there is
a better way). But traversing all the interfaces again to check status
is an overkill
- Changes a few errors to warns
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
default
Ticket:
Reviewed By: CCR-4268 (previous review)
Testing Done: Tested ifup/ifdown/ifreload/ifquery of multiple iface stanzas for
same interface
This patch is an extension to previous commit 99ce689411.
The previous commit squashes both external (ifquery) and internal
(ifup/ifdown/ifreload) representation of multiple iface stanzas into
one and it is off by default.
What we really want is internal representation to be squashed by
default. To that effect this patch introduces a new config flag
ifaceobj_squash_internal to only squash internal representation which is
used by ifup/ifdown/ifreload. ifquery forces this flag to off so that
external representations remain unsquashed and user does not see any
difference. This flag is on by default.
User can still get a squashed external representation if he sets
ifaceobj_squash=1 in ifupdown2.conf
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket:
Reviewed By: trivial
Testing Done:
This patch adds WARNING to ifaceStatus and adds a new method
iface:set_status
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket:
Reviewed By: CCR-4268
Testing Done: Tested squashing of interfaces with multiple iface stanzas
This is controlled by ifaceobj_squash config variable in
/etc/network/ifupdown2/ifupdown2.conf.
With ifaceobj_squash=1, ifquery and all commands will
output squashed interfaces.
$cat /etc/network/interfaces
auto swp3
iface swp3
mtu 9000
auto swp3
iface swp3 inet static
address 10.0.17.3/24
auto swp3
iface swp3 inet static
address 10.0.18.3/24
address 2000:1000:1000:1000:3::5/128
$ifquery -a
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto swp3
iface swp3
mtu 9000
address 10.0.17.3/24
address 10.0.18.3/24
address 2000:1000:1000:1000:3::5/128
When and why do we need this ?
- If we preserve multiple ifaceobjects for the same iface,
it gets tricky in some cases to set default policy
values because the addon module run methods are called
on each ifaceobject.
- Each ifaceobject belonging to the same interface
is treated as a separate interface. It is difficult
to remember things accross addon module run methods
- we have a few hacks in place which we would like to
get rid of
Why not turn it on by default ?
- still debating about it. Dont want to break existing
scripts with change of output. Will get some feedback before
I switch the default to squash.
We dont need to fail on saved state dependency graph generation errors.
Also dont check for shared dependents during dependency graph generation
on saved state (optimization)
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-9677
Reviewed By: nikhil
Testing Done: Tested with bond config file in CM-9677
This patch replaces the following attributes:
bond-ad-sys-priority with bond-ad-actor-sys-prio
bond-ad-sys-mac-addr with bond-ad-actor-system
The new attributes correspond to the new sysfs files below:
/sys/class/net/sidelink/bonding/ad_actor_sys_prio
/sys/class/net/sidelink/bonding/ad_actor_system
Old values will be accepted with a deprecated warning:
warning: attribute bond-ad-sys-priority is deprecated. Use bond-ad-actor-sys-prio instead
warning: attribute bond-ad-sys-mac-addr is deprecated. Use bond-ad-actor-system instead
Ticket: CM-8729
Reviewed By: Nikhil
Testing Done: Tested with vlan device with vlan-raw-device in interfaces
file
also reported here: https://github.com/CumulusNetworks/ifupdown2/issues/10
is_keyword was matching iface attribute 'vlan-raw-device' to the vlan
keyword and dropping it from ifaceobj config.
Ticket: CM-9595
Reviewed By:
Testing Done: tested with failing vrf config in CM-9595
due to same upperiface getting processed more than once,
there was an unnecessary refcount inc on the lowerdevice.
This patch aborts processing upperiface if already
processed and also adds a new debug function to
dump lower and uppper ifaces of all interfaces in the
file.
The vrf device may not be up when ifup is executed on the
slaves. This commit makes sure:
- vrf slaves dont try to enslave themselves when vrf device is
not present
- And vrf master enslaves any missing slaves during ifup of vrf master
- Also make vrf device the link master, this will make sure
the vrf device brings the vrf slave links up. This is needed to work
around the ipv6 address flush issue
Closes: CM-9493
Review: dsa, nikhil, wkok (via git send-mail)
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
This patch adds a new upperiface module handler get_upper_ifacenames
to get upperifaces from a addon module. This is called during building
dependency graph.
Closes: CM-9493
Review: dsa, nikhil, wkok (via git send-email)
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-8455
Review: CCR-4181
Testing: tested ifreload on builtin interface change
This patch handles removal of builtin interfaces (example swp*.100
below..which dont have iface sections) during a ifreload.
{noformat}
auto bridge
iface bridge
bridge-vlan-aware yes
bridge-ports swp3.100 swp15.100
{noformat}
if user changes swp15.100 to another interface and does a ifreload,
before this patch swp15.100 used to be around. This patch makes sure
swp15.100 is deleted in the process
I had to do some cleanup of flags in the process. I might have added
some extra cycles to ifreload. But i dont see an easy way to handle this
case.
Ticket: CM-9078
Reviewed By: CCR-4110
Testing Done: clag bond add/del and clag slave add/del
This change basically does the following -
1. Proto-down swpX pre-clag-bond-enslave
2. Proto-up swpX post-clag-bond-release
Setting/clearing of clag-id will result in similar proto-state changes
and those are handled by clagd.
Note:
I really wanted to keep these changes out of ifupdown2 but the
order of setting is critical i.e. protodown has to happen enslave to
prevent additional flaps/STP TCNs. Theoretically #2 can be done by clagd
but there is no easy way to do #1.
Ticket: None
Reviewed By: CCR-4058
Testing Done: ifup'd interface with both dhcp-wait: "no" and dhcp-wait: "yes"
and not specified at all.
A previous patch implemented the nowait option for DHCP. This patch changes the
name of the option to "dhcp-wait" and makes the default, if nothing is specified
in the policy files, to be "yes", which means dhclient will be called without
the "-nw" option, causing it to wait for up to a minute for a response from the
DHCP server before continuing.
The format of the JSON in the policy file for this option was also changed so
that it conforms to the other ifupdown2 policy options. This format is now:
{
"dhcp": {
"defaults": { "dhcp-wait": "no" }
}
}
Also, the documented argument values are "yes" and "no". Any other values, will
be interpreted as "yes".
A subsequent patch in cl-basefiles will be made to include this fragment in
/var/lib/ifupdown2/policy.d/dhcp.json so that Cumulus Linux will default to
not waiting for DHCP to complete.
Change policy manager default policy file location:
from /var/lib/ifupdownaddons/policy.d to
/var/lib/ifupdown2/policy.d
This aligns well with the user policy file location:
/etc/network/ifupdown2/policy.d/
Fixes 59dad2ca80("debian: sync debian files with from upstream debian repo")
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
before this commit, an error in reading a sourced file would
result in an error. This commit converts it to a warning and continue
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Add back missing ifupdown/ifupdownconfig.py.
fixes a cherry-pick error.
Fixes 0582f185ed ("ifupdown2: address: squash addr config and process
them on the youngest sibling")
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-8330
Reviewed By: balki
Testing Done: Tested with interfaces file in the bug
(cherry picked from commit 14570e6d442d1c9a3742f1dd989f7af673e3cc7f)
Ticket: CM-7995
Reviewed By: CCR-3850
Testing Done: Tested exit code on syntax errors
This patch adds members 'errors' and 'warns' to networkinterfaces.py
to track errors and warns during parsing interfaces file.
This patch also adds --syntax-check option to ifreload
given people seem to use ifreload more than ifup these days.
$ ifreload --syntax-check -a
error: /etc/network/interfaces: iface swp1.200: unsupported keyword (roopa-attr)
$ echo $?
1
(cherry picked from commit e643a136fcf5d387ff0f9a31cb6a6af4983e1012)
Ticket:
Reviewed By:
Testing Done: Tested ifquery --check with bridge-pvid
bridge-pvid and bridge-vids on a bridge does
not correspond directly to a running config
on the bridge. They correspond to default
values for the bridge ports. And they are
already checked against running config of the
bridge port and reported against a bridge port.
So, This patch ignores these attributes under the bridge.
Uses '2' for ignore today. XXX: '2' will be
mapped to a defined value in subsequent patches.
Before:
auto bridge
iface bridge
[fail]
bridge-vlan-aware yes [pass]
bridge-ports swp3 swp4 [pass]
bridge-pvid notfound [fail]
After:
auto bridge
iface bridge
[pass]
bridge-vlan-aware yes [pass]
bridge-ports swp3 swp4 [pass]
bridge-pvid 20
(cherry picked from commit 29e70abbf7920cf94c3ebd738dd757c2ca27b35c)
Ticket: CM-7917
Reviewed By: CCR-3845
Testing Done: Tested changing address and ifreloading on multiple iface stanzas
In presence of multiple iface stanzas, current ifupdown2 does not purge
existing addresses.
Because each ifaceobject processing looks at only its stanzas and it is
afraid that it may purge running addresses that does not belong to
itself. Historically multiple iface stanzas are processed individually
than squashing them as a single interface. Squashing iface stanzas into
a single iface stanza has been a problem in the past and also does not
work well with iface stanzas that are supported by ifupdown (I dont have
a specific problem example right now...but)
This patch processes all address attributes when processing the first iface
object (or iface stanza). Unsure if this can be a surprise to existing
users. It should not but cant say sometimes people have weird things in
their pre-up/post-up commands. Hence this is controlled by a ifupdown2.conf
variable addr_config_squash=0 set to off by default. still debating if this
can be on by default.
When addr_config_squash=0 and existing addresses are not purged a
warning is displayed:
"warning: swp1: interface has multiple iface stanzas skip purging
existing addresses"
(cherry picked from commit 7aaa75674547392f2abb8273b18671f0795b3eaf)
listed interface that had a blacklisted parent
Ticket: CM-7851
Reviewed By: CCR-3664
Testing Done: Tested with auto/non-auto dependent and non-dependent interfaces
example config from sam:
iface swp3.100
auto swp3
iface swp3
iface swp3
address 66.66.66.66/24
Ticket: CM-6740
Reviewed By: roopa
Testing Done: tested multiple ifreloads with various test cases
In the case of duplicate iface stanzas where one of the stanzas sets
the link attributes, ifupdown2 was confused because the absence
of link attributes forced it to reset them to default values
(when they existed).
This patch tracks link changes and prevents resetting to defaults
only if there are no explicit settings configured. Furthermore,
only the last interface processed (from the duplicates) will take
care of resetting to defaults.
