Ticket: CM-5832
Reviewed By: CCR-2875
Testing Done: Tested with test case in the bug and other orders
kernel(upstream and us) does not seem to honor the vidinfo flags
during the deletes. Hence, this reordering becomes necessary.
tested with the example in the bug and also some other examples.
code wise this combines two existing methods but leaves the two existing methods
around for future use. Will remove them if they become completely
unnecessary.
sections for that interface changed
Ticket: CM-5841
Reviewed By:
Testing Done: tested ifreload with new iface section
<email_notes>
problem stmt:
if the user adds a new section for an existing interface, I mark the
interface for down.
Basically the below:
if len(newifaceobjlist) != len(lastifaceobjlist):
ifacedownlist.append(ifname)
continue
You rarely need to add a new section to the interfaces file. It is not
recommended even by the user guide.
sankaran was trying to add a new address. Which he could have added to
the same iface section.
But, looking at his trivial example, i am thinking of not marking an
interface for down if the user merely tried to add a new section to an
existing interface
</email_notes>
Ticket: CM-5764
Reviewed By: TBA
Testing Done: of course none ;) Will update when I have some time to test
fupdown2's postinst and postrm scripts do not conform to Debian's policy
for maintainer scripts [1]. Specific non-conformance follows:
* fixed maintainer scripts so they only use /bin/sh as other shells are
non-essential packages and may not exist on the system
* fixed maintainer scripts so only actions specified by $1 are performed
per run of the script
* fixed maintainer scripts to only support specific values for $1, and
will otherwise exit with error
* included at the bottom of the postrm script the "#DEBHELPER#" tag as
during package building debianhelper will inject extra code at this
location
[1] https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html
(cherry picked from commit 2289fe4e90a0134fcb07fe7e2e838de755d73e68)
ifdown behaviour.
Ticket: CM-5819
Reviewed By: CCR-2846
Testing Done: tested ifreload evo test case
ifreload_down_changed is 0 by default which will make
sure ifreload will not execute down on changed interfaces
but only on deleted interfaces making it non-disruptive.
some notes from CCR:
ifreload was designed to be an optimization for 'service networking
restart' or 'ifdown -a + ifup -a'.
essentially it is a combination of 'ifdown + ifup' with some smarts in
which interfaces it will execute ifdown on.
By default it does the below:
ifdown all interfaces that were deleted from the interfaces file
ifdown all interfaces that were changed from the last time they were
ifup'ed
ifup -a (execute ifup on all interfaces marked auto)
Did not realize people will use ifreload as much as they do today. Also,
they may execute it on a production box when changes are made. ifdown on a production box can be
disruptive because if the ifdown which is part of the ifreload.
To have a non-disruptive option to ifreload, 2.5 added a new option -c
that only executed 'ifup' on all interfaces. Thus reloading all auto +
any other interfaces that were once brought up on the box (essentially
all interfaces present in the saved state file). This by default did not
do anything to the interfaces that got deleted from the file. But had an
ifupdown2.conf toggle to do so.
Looking at the evo use case, they do want to use a single command that
modifies, adds, deletes with
minimum disruption. we can achieve maybe what they want with multiple
commands (But there is also a case of a bug in the build evo is running
which makes it not so easy ).
This patch fixes the bug and also tries to change the default ifreload
behaviour controllable via a variable in ifupdown2.conf.
when ifreload_down_changed=0 in ifupdown2.conf, ifreload will only
ifdown interfaces that were deleted
from the file but not the ones that changed. subsequent ifup as part of
ifreload on the interfaces
that changed will apply the delta. And ifreload_down_changed default
value is '0'.
WIth the patch, ifreload by default will do the below (going back to the
previous default is just a toggle in the ifupdown.conf file):
ifdown all interfaces that were deleted from the interfaces file
ifup -a (execute ifup on all interfaces marked auto)
It sounds like a big change of behaviour for a hotfix release, but
essentially the patch just moves a few things around. And the change in
behaviour is so subtle that it is not very visible.
It just makes it non-disruptive.
(cherry picked from commit 2f7977834d4912a69159d27e54ba201f58a321d8)
Ticket: CM-5693
Reviewed By: roopa
Testing Done: tested bridge and bonds with interfaces with configs
Both bridge and mstpctl modules set priv_flags on interfaces
that have configs (like link-speed) even when used as bridge-ports.
And this collision causes statemanager.ifaceobj_sync() to never get called
because ifaceobj.priv_flags is 1 (we return immediately):
The fix was to create a new iface module_flags array to carry module info.
Ticket: CM-5735
Reviewed By: no one
Testing Done: lots of repo upgrade testing by John B.
This partially reverts commit 8959e8e4ec93487228733b17ef2b220ed47c1260 ("Fix
bash completion for sudo users (mostly cosmetic)") in the sections where
the Debian maintainer scripts were modified.
In addition fixed up the Debian maintainer scripts to prevent a
potential upgrade failure, discussion follows:
The Cause For the upgrade Failure
=================================
Commit 8959e8e4ec93487228733b17ef2b220ed47c1260 introduced changes to
ifupdown2's package maintainer scripts to override some files provided
by the bridge-utils and udev packages as they conflict with ifupdown2.
The change to ifupdown2's postrm script is currently causing the script
to exit with a failure code if the following files do not exist on the
box:
/etc/udev/rules.d/80-networking.rules
/etc/udev/rules.d/60-bridge-network-interface.rules
The reason for this is in how the script is written.
Since the postrm script is configured to exit on the first command
failure, the "set -e" on line 3, the commands on lines 20 and 22 will
fail if the files being looked for do not exist, causing the script to
exit with a non-zero exit code. Causing apt to fail the upgrade.
.postrm script excerpt
----------
20 udevlink=$(readlink /etc/udev/rules.d/80-networking.rules 2>/dev/null)
21 [ -n "$udevlink" -a "$udevlink" == "/dev/null" ] && rm -f /etc/udev/rules.d/80-networking.rules
22 udevlink=$(readlink /etc/udev/rules.d/60-bridge-network-interface.rules 2>/dev/null)
23 [ -n "$udevlink" -a "$udevlink" == "/dev/null" ] && rm -f /etc/udev/rules.d/60-bridge-network-interface.rules
----------
Solution
--------
The solution requires having the newer version of the ifupdown2 package
provide a preinst script that gets run before the older package's postrm
script is run[1,2]. This gives us the opportunity to quietly fix the
problem. We also fix the postrm script in newer versions of the package
so it cannot bomb out in this way.
Finally, removed what appears to be a poor merge from commit
5f5d84e3261bf70dd3541666a3d3a7f817727ce6.
Fixes: 8959e8e4ec93487228733b17ef2b220ed47c1260
(cherry picked from commit 0eab79eb5aed4cdf0674e3f0ddad3631dd457bdc)
Ticket: CM-5637
Reviewed By: CCR-2755
Testing Done:
Replaced vxlan-peernodeip attribute with vxlan-remoteip. Updated
the vxlan and iproute2 modules to configure head end replication
using bridge fdb commands.
Ticket: CM-5571
Reviewed By:
Testing Done: tested ifreload with example in the bug
ifdown of the bridge svi was following the lowerdev and downing the
bridge. kernel implicitly deletes all svi's on bridge down.
ifup of the bridge usually handles it, but a change done in 2.5.1
was causing it not to. Thinking about this some more, its safe
to not follow dependents on down during a ifreload. This patch does
just that.
Ticket: CM-5355
Reviewed By: roopa
Testing Done: Tested config in ticket
MTU settings are defaulted 1500 when interface is ifdowned.
This has the effect of changing the MTU on the interface and any subinterfaces to
1500. And if these subinterfaces are in a bridge, the bridge will pick the MIN MTU
so the bridge keeps this MTU even after the interface is brought back up. The sub
interface does not change to a higher value then 1500 (kernel VLAN driver only
moves the MTU is the decreasing direction.
Ticket: CM-5349
Reviewed By: Trivial
Testing Done: Tested on cel box
Corrected a minor error in how we handle unsupported config attributes.
Instead of
error: not enough arguments for format string
we will now print this:
warning: peerlink.4000: unsupported attribute 'clagd-foobar'
(cherry picked from commit 44c6004a33d59ee234f8ee3d5f450e158c9e5bdc)
way)
Ticket:
Reviewed By: trivial
Testing Done: Tested interface upperiface bring up
This was causing the auto upperiface bringup to pick all upperifaces on
malliks setup. This is a large number in a 500 svi setup.
handling.
Ticket: CM-4802
Reviewed By: CCR-2565
Testing Done: Yes
1. Earlier various clag components where using link admin state for enforcing
proto_down. With the introduction of a seperate proto_down state this is no
longer needed. Now on clag bond "proto_down" the bond and its slaves are
explicitly placed in a proto_down state. This carrier downs the slaves and
oper-downs the clag-bond. Change has been done in clagd, clag-monit script and
bonding driver.
2. Earlier misc tricks where needed in ifupdown2 to prevent slave state changes
for clag bond outside of clagd. These tricks are no longer needed and have been
reverted to keep ifupdown2 handling simple/consistent. This change basically
reverts #6985e1a376b538fbfa2346ef657427ae7e8f117a.
Ticket: CM-4417
Reviewed By: roopa
Testing Done: Build powerpc image and tested alternate json format
ifupdown2 was patched to handle nonlist JSON input since this
is a valid format.
(cherry picked from commit 2597194f6f34344495f3a2b44bfe1d05887e1e77)
Ticket: CM-4859, CM-4382
Reviewed By:
Testing Done: Tested with config which included bond bridge ports with
zero address on the bond.
The bridge driver rejects the port add with -EINVAL.
A bond with no slaves is one usecase where the bond interface
has a zero hw address and is rejected by the bridge.
EINVAL currently is very confusing.
This patch checks for a valid ether add before enslaving the port to the
bridge.
Ticket: CM-4802
Reviewed By:
Testing Done: yes
1. clag_enable needs to be set before slaves are added to the bond. Otherwise
bonding driver will bring the slaves up independent of clagd.
2. also added post_down clagd addon to cleanup the clag-id on ifdown.
Ticket: CM-4802
Reviewed By: CCR-2507
Testing Done: Yes
1. For clag bonds the slaves are kept down under various conditions (when clagd
is holding the bond in an errDisabled state). ifupdown2 should not set the slave
states for clag bonds.
2. Bonding driver sets the slave states on enslave and release (also for
non-clag bonds) so ifupdown2 doesn't need to set the slave state.
Ticket: CM-4723
Reviewed By: CCR-2408
Testing Done: vxlan_fld_test.py:test_bond_vxlinux_convergence_flaps, manual testing
On tunnel delete, tunnel termination object in BCM sdk is not cleaned properly.
As a result, mpls_entry in the hardware is left around even though software has
deleted the tunnel. This prevents subsequent dynamic creation of the same tunnel
and also mac learning, as mpls_entry points to invalid SVP with no CML setting
to do hardware learning.
Also, changes in ifupdown2 to make "vxlan-learning on" as default, so that
user/script doesn't have to explicitly turn on the learning.
Ticket: CM-4639
Reviewed By:
Testing Done: Tested with interfaces file and steps from the bug
This is a Hack to make sure the primary address
is the first in the routing table. Its not a full proof solution.
We use `ip route get` on the vrr network to see which
device the kernel returns. if it is the mac vlan device,
flap the macvlan device to adjust the routing table entry.
flapping the macvlan device makes sure the macvlan
connected route goes through delete + add, hence adjusting
the order in the routing table.
the vrr network is pointing to it
Ticket: CM-4639
Reviewed By:
Testing Done: Tested with interfaces file and steps from the bug
This is a Hack to make sure the primary address
is the first in the routing table. Its not a full proof solution.
We use `ip route get` on the vrr network to see which
device the kernel returns. if it is the mac vlan device,
flap the macvlan device to adjust the routing table entry.
flapping the macvlan device makes sure the macvlan
connected route goes through delete + add, hence adjusting
the order in the routing table.
1. clag_enable flag in the bonding driver
2. And clagid in clagd
Ticket: CM-4091
Reviewed By:
Testing Done: yes
1. Two new commands have been introduced in clagctl - setclagid and showclagid.
These commands will be used by ifupdown2 to set and read/check the clagid.
2. In addition a bit will be maintained per-bond in the bonding driver to
indicate if a bond is a CLAG bond.
(cherry picked from commit cb160bad45d330fe5f544d0d9a40c1c77b9b563f)
Ticket:
Reviewed By:
Testing Done: Yes
1. ifupdown2/bonding-driver changes to show/store clag-id (errDisabled/dormant states for bond slaves will follow in 2.5.1)
2. clagd changes for
a. --forceDynamic - clagid is ignored in this mode
b. (default) static mode - clagid is matched along with partner mac for dualConnection; also ad_sys_mac is only changed for clag bonds (bonds with a non-zero clag-id).
Conflicts:
patches/kernel/series
Ticket: CM-4462
Reviewed By:
Testing Done: Tested with interfaces file given in the bug.
The 'network down' msg from the kernel is when the lower device is not
'admin up'. In CM-4462 it is seen when the vlan interface on the bond
is 'admin up' when the bond is still in 'admin down' state.
The bond is also a bridge port so, bond will be 'admin up' when
the bridge it belongs to is brought up.
As link_master_slave feature is on only when all network interfaces
are brought up/down, the states of all interfaces will eventually
converge to 'admin up', so ignoring such transient 'network down' messages.
