Ticket: CM-14628
Reviewed By: julien, nikhil, vivek, mallik
Testing Done: Tested with vxlan config and remote ips added externally
Recent handling of vxlan-purge-routes as part of CM-13815 did not fix
handling of remote ips during ifquery --check and ifquery --running.
This patch fixes ifquery -c and ifquery running for external
vxlan controller cases.
Without this, ifquery --check always returns exit code of 1 for
external vxlan controller configs
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-13815
Reviewed By:
Testing Done: Tested remote purging
vxlan purging remotes is a feature where we clean up
existing fdb remote entries in favor of the ones specified in the
interfaces file. Obviously in precense of an external controller
like bgp or vxrd this is not a good thing because these remotes
maybe installed by these external controller daemons.
This patch makes the purgining behaviour explicit by a new attribute.
We will ship with a default policy file which sets vxlan-purge-remotes to no.
This also cleans up a bug introduced by fix to CM-13767 where we were
trying to delete default remote entry pointing to the local ip.
more details below.
problem:
for static configuration, ifupdown2 has some code to "purge" existing
default remote fdb entries and install
new ones corresponding to the ones specified in the interfaces file
(with vxlan-remoteip).
For non-static configuration (ie in presence of an external controller),
it skips this "purge"...because these entries
maybe added by an external controller. To detect that there is no
external controller running..., today it
checks if the vxrd process is running or not. We need to extend this
check to now include bgp (for evpn)...and it gets trickier with bgp
since just checking the quagga pid is not good.
Solution:
I would like to make this purging explicit with an attribute. This patch
adds a 'vxlan-purge-remotes yes|no' attribute. vxlan remote address purging
will take into affect when:
vxlan-remoteip attribute is present in the interfaces file
or
vxlan-purge-remotes is set to 'yes'
We will ship a ifupdown2 default policy file to disable purging by
default (vxlan-purge-remotes no).
For existing customer deployed static configs, since the interfaces file
will already have remote entries, this change
will behave as existing code (ie purge = yes).
For existing vxrd deployments, as long as already deployed interfaces
files have no vxlan-remoteip entries,
this patch does not change any behavior (can people confirm that
existing vxrd deployments have no vxlan-remoteip entries in their
interfaces ?)
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-13434
Reviewed by: julien, nikhil, daniel
Testing Done: ifreload and multiple down [yes|no] sequences under
physical and logical interfaces (ifupdown2-tests test case is pending)
This also moves the fix done for CM-4125 (inet manual handling for
logical devices) into a single place under ifupdownmain.
attribute 'link-down [yes|no]' will not work in all cases when 'inet manual'
is used. This is only to preserve the semantics of 'inet manual'.
Best use of 'link-down [yes|no]' is to use it without 'inet manual'..
they are conflicting features anyways.
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
This reverts commit 02e00f54bb.
reverting this commit to move it to link.py addon module.
down conflicts with usercmds.py 'down'
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-13434
Reviewed by: julien, nikhil, daniel
Testing Done: ifreload and multiple down [yes|no] sequences under
physical and logical interfaces (ifupdown2-tests test case is pending)
This also moves the fix done for CM-4125 (inet manual handling for
logical devices) into a single place under ifupdownmain.
attribute 'down [yes|no]' will not work in all cases when 'inet manual'
is used. This is only to preserve the semantics of 'inet manual'.
Best use of 'down [yes|no]' is to use it without 'inet manual'..
they are conflicting features anyways.
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: None
Reviewed By: Roopa
Testing Done:
This was discover while working on CM-13767 and some other vxlan issues
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
This reverts commit 32e2363a69.
I pushed this commit by mistake. It was a local commit waiting to be reviewed.
Reverting it for now, might be applied later after positive review.
Ticket: CM-8101
Reviewed By: CCR-4949
Testing Done: smoke tests + ran ifup -a -s on every interface configuration file from GSS cl-supports collection
This commit is introducing ~20 keywords. The value of the different attributes
will be check against raw values and <keywords>:
'<mac>'
'<text>'
'<ipv4>'
'<ipv6>'
'<auto>': "auto"
'<ipaddr>': ipv4/6 with preflix len
'<number>'
'<interface>'
'<ipv4-vrf-text>': equivalent to: <ipv4> "vrf" <text>
'<number-ipv4-list>': example: "100=172.16.100.1 101=172.16.101.1"
'<interface-list>': example: "swp1 swp2 swp3"
'<ipv4/prefixlen>'
'<ipv6/prefixlen>'
'<ipaddr/prefixlen>'
'<number-range-list>': example: "2000 2200-3000"
'<interface-range-list>': example: "swp1=100 swp2=100" ('validrange' : ['0', '65535'])
'<mac-ipaddr/prefixlen-list>'
'<number-interface-list>': example: "4 swp1 swp2"
'<interface-yes-no-list>': example: "swp1=yes swp2=no"
'<interface-yes-no-0-1-list>'
'<interface-yes-no-auto-list>'
It's possible to combine a keyword with a range from validrange. example:
validrange: 10-50
validvals: <intrface-range-list>
value: swp1=21 swp2=42 ...
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: None
Reviewed By: Roopa, Daniel
Testing Done: This is not affecting ifupdown2 yet
the validvals attribute is only used by ifedit
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: None
Reviewed By: Roopa
Testing Done: This error happened when running ifquery -c -a with
auto vx-42
iface vx-42
vxlan-id 42
vxlan-local-tunnelip 27.0.0.11
mtu 1500
Ticket: cleanup
Reviewed By:
Testing Done: Tested ifupdown sanity
This gets rid of some ugly previous flag handling which was
passed through modules. This creates a global instance of
flags that all addon modules and helper modules can use.
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-9520
Reviewed By: CCR-4152
Testing Done: verified service node configuration
Use "remote" attribute in iproute2 command to provision
service node address for service node based replication. Changes also
include allowing only one service node per vxlan device, so its user's
responsiblity to select one service node per vxlan device if there
are multiple nodes to distribute the load.
Ticket: CM-7410
Reviewed By: CCR-3470
Testing Done:
When vxrd is not enabled in /etc/default/vxrd, the 'service vxrd status'
command returns 0, causing the vxlan-remoteip to be not applied even
though it should have. Fix is to change to checking pidfile of vxrd.
Ticket: CM-7087
Reviewed By: CCR-3379
Testing Done: unit testing with clag_vxlan_clos_spec/cfg.py
On clag pairing, clagd changes local address of vxlan device to anycast ip.
If user does ifreload now, ifupdown2 will overwrite local address with
individual ip contained in /etc/netwrok/interfaces. vxlan.py caches
anycast_ip configuration so that ifquery -c can skip it from flagging error
and ifreload skip overwriting vxlan device's local ip.
vxrd provisions head-end replication endpoints by adding bridge fdb entries.
If /etc/network/interfaces doesn't have remote-ip attribute, then on ifreload
ifupdown2 will delete all vxrd provisioned entries. ifupdown will check for
presence of vxrd service and skip add/delete bridge fdb entries for
head-end replication
On ifreload vxlan device are put in proto-down even if they are up and running.
Check for operstate and put it in proto-down only if operstate transitions from
down to up.
Ticket: CM-6815, CM-6816, CM-6817
Reviewed By: CCR-3234
Testing Done: unit testing
CM-6815 : ip link set syntax for svcnode has been changed. Absence of svcnode
will retain the existing values. svcnode 0.0.0.0 is needed to wipe out service
node addresses in vxlan device. Modified ifupdown2 to use svcnode 0.0.0.0 to
clean up service node address.
CM-6816: "bridge-clan-aware no" is not handled in query-check and hence ifquery
on bridge interface with "bridge-vlan-aware no" fails. Modified bridge's
query-check to take care of this.
CM-6817: With default ageing value (300), if query -c <vxlan device> was
failing. Set ageing to 300 if not specified and compare it with running config.
Ticket: CM-5146
Reviewed By: roopa,jtoppins
Testing Done: built new ifupdown package and ran testifupdown2 suite of tests
This patch prevents enslaved interfaces from having IP addresses.
(cherry picked from commit 0c00606fbc76db11557a8e946310e93a2b376aa7)
(cherry picked from commit dc30987acfc6af356b9e055db95d94ae45f0de9f)
Ticket: CM-5105
Reviewed By: roopa
Testing Done: tested configs before and after change
We needed a configuration option to add vxlan-ageing to
ifupdown2 configs. This patch adds the option to change
the vxlan-ageing timer currently set with "ip link"
commands.
(cherry picked from commit 9832462c365bd2b900b98f5675d407d1b11c4a95)
Conflicts:
packages/ifupdown2/addons/vxlan.py
packages/ifupdown2/ifupdownaddons/iproute2.py
Ticket: CM-5637
Reviewed By: CCR-2755
Testing Done:
Replaced vxlan-peernodeip attribute with vxlan-remoteip. Updated
the vxlan and iproute2 modules to configure head end replication
using bridge fdb commands.
Ticket: CM-4723
Reviewed By: CCR-2408
Testing Done: vxlan_fld_test.py:test_bond_vxlinux_convergence_flaps, manual testing
On tunnel delete, tunnel termination object in BCM sdk is not cleaned properly.
As a result, mpls_entry in the hardware is left around even though software has
deleted the tunnel. This prevents subsequent dynamic creation of the same tunnel
and also mac learning, as mpls_entry points to invalid SVP with no CML setting
to do hardware learning.
Also, changes in ifupdown2 to make "vxlan-learning on" as default, so that
user/script doesn't have to explicitly turn on the learning.
Ticket: CM-3346
Reviewed By:
Testing Done: Tested ifupdown2 sanity
- moved 'admin up' delays that we introduced recently to be
configurable via two ifupdown2.conf attributes
# Let link master (bridges, bonds) own the link state of slaves
link_master_slave=1
# Delay admin state change till the end
delay_admin_state_change=0
- reduced some redundant traversal of dependency trees
- fixed a few bugs in query check
