Ifupdown2 is now setting a default metric on macvlan ips. This policy will let
users disable this new default behavior. addressvirtual_with_route_metric is
boolean policy variable.
addressvirtual_with_route_metric: yes|no|on|off|1|0 (default to yes)
$ cat /var/lib/ifupdown2/policy.d/addressvirtual.json
{
"addressvirtual": {
"module_globals": {
"addressvirtual_with_route_metric": "no"
}
}
}
Reviewed-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
closes#58
In linux its possible to assign a vlan-aware bridge an ip address
For some use cases is it useful to restrict users from configuring
ips on bridges VA. This patch will let admins and distributions
decide if it is necessary to warn the user in such case.
The patch introduces a new 'address' policy:
vlan_aware_bridge_address_support: yes|no|on|off|0|1 (default to yes)
[16:46:09] root:~ # cat /var/lib/ifupdown2/policy.d/address.json
{
"address": {
"module_globals": {
"enable_l3_iface_forwarding_checks": "yes"
},
"defaults": {
"mtu": "1500",
"ip-forward": "on",
"ip6-forward": "on"
}
}
}
[16:46:16] root:~ # ifquery -a
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto bridge
iface bridge
bridge-ports swp1
bridge-vlan-aware yes
address 10.10.10.10/32
[16:46:20] root:~ # ifup -a --syntax-check
[16:46:22] root:~ # echo $?
0
[16:46:33] root:~ # nano /var/lib/ifupdown2/policy.d/address.json
[16:46:47] root:~ # cat /var/lib/ifupdown2/policy.d/address.json
{
"address": {
"module_globals": {
"enable_l3_iface_forwarding_checks": "yes",
"vlan_aware_bridge_address_support": "no"
},
"defaults": {
"mtu": "1500",
"ip-forward": "on",
"ip6-forward": "on"
}
}
}
[16:46:48] root:~ # ifup -a --syntax-check
warning: bridge: ignoring ip address. Assigning an IP address is not allowed on bridge vlan aware interfaces
[16:46:51] root:~ # echo $?
1
[16:46:52] root:~ #
Reviewed-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
$ ifquery -a
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
vrf mgmt
link-down yes
auto mgmt
iface mgmt
vrf-table auto
$ ifup -a -d
...
...
debug: mgmt: pre-up : running module vrf
info: executing /usr/lib/vrf/vrf-helper create mgmt 1001
debug: mgmt: eth0: slave configured with link-down yes
info: mgmt: netlink: ip link set dev mgmt up
...
$ ip link show eth0
2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master mgmt state DOWN mode DEFAULT group default qlen 1000
link/ether 08:00:27:80:e2:97 brd ff:ff:ff:ff:ff:ff
Reviewed-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
In linux its possible to assign an ip address to a vlan-aware bridge
For some use cases is it useful to restrict users from configuring ips on
bridges VA. This patch will let admins and distributions decide if it is
necessary to warn the user in such case.
The patch introduces a new configuration variable in:
/etc/network/ifudpown2/ifupdown2.conf
vlan_aware_bridge_address_support: yes|no|on|off|0|1 (default to yes)
[8:30:41] root:~ # cat /etc/network/ifupdown2/ifupdown2.conf | grep "vlan_aware_bridge_address_support"
[8:30:43] root:~ # ifquery bridge
auto bridge
iface bridge
bridge-ports swp1
bridge-vlan-aware yes
address 10.10.10.10
[8:30:46] root:~ # ifup bridge --syntax-check
[8:30:52] root:~ # echo $?
0
[8:30:54] root:~ # echo "vlan_aware_bridge_address_support=no" >> /etc/network/ifupdown2/ifupdown2.conf
[8:31:11] root:~ # ifup bridge --syntax-check
warning: bridge: ignoring ip address. Assigning an IP address is not allowed on bridge vlan aware interfaces
[8:31:14] root:~ # echo $?
1
[8:31:17] root:~ #
[8:31:20] root:~ # ifup -a
[8:31:22] root:~ # echo $?
0
[8:31:25] root:~ # ifquery bridge -c
auto bridge
iface bridge [fail]
bridge-vlan-aware yes [pass]
bridge-ports swp1 [pass]
address 10.10.10.10 [fail]
[8:31:29] root:~ # ifdown bridge && ifup bridge -v |& grep "bridge vlan aware interfaces"
info: bridge: ignoring ip address. Assigning an IP address is not allowed on bridge vlan aware interfaces
[8:31:57] root:~ #
Reviewed-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
This is a major update coming all at once from master-next branch
master-next branch was started with --orphan option which is basically a new
branch without history.
The major changes are:
- repackaging
- cleanup the directory tree
- rewritte setup.py to allow install from deb file or pypi (pip install)
- add a Makefile to make things (like building a deb) easier
- review all debian files
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: CM-12370
Reviewed By: Roopa, Kanna, Scott E
Testing Done:
This patch also fixes a problem where dhcp6 used to create lease file with
a trailing whitespace. dhcp6 operation were also sometimes using the wrong
pid file. I added some code in the debian.postinst script to correctly
rename these files if they exists when we install/update ifupdown2.
(cumulus-qa-infra/cl-tests/tests/smoke/testdhcp.py:Testdhcp_relay)
auto swp1
iface swp1 inet dhcp
link-speed 10000
link-duplex full
link-autoneg off
auto swp1
iface swp1 inet6 dhcp
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
