check if the bond mac address is correctly inherited from it's
first slave. There's a case where that might not be happening:
$ ip link show swp1 | grep ether
link/ether 08:00:27:04:d8:01 brd ff:ff:ff:ff:ff:ff
$ ip link show swp2 | grep ether
link/ether 08:00:27:04:d8:02 brd ff:ff:ff:ff:ff:ff
$ ip link add dev bond0 type bond
$ ip link set dev swp1 master bond0
$ ip link set dev swp2 master bond0
$ ip link show bond0 | grep ether
link/ether 08:00:27:04:d8:01 brd ff:ff:ff:ff:ff:ff
$ ip link add dev bond1 type bond
$ ip link set dev swp1 master bond1
$ ip link show swp1 | grep ether
link/ether 08:00:27:04:d8:01 brd ff:ff:ff:ff:ff:ff
$ ip link show swp2 | grep ether
link/ether 08:00:27:04:d8:01 brd ff:ff:ff:ff:ff:ff
$ ip link show bond0 | grep ether
link/ether 08:00:27:04:d8:01 brd ff:ff:ff:ff:ff:ff
$ ip link show bond1 | grep ether
link/ether 08:00:27:04:d8:01 brd ff:ff:ff:ff:ff:ff
$
ifupdown2 will automatically correct and fix this unexpected behavior
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
with kernel 4.19, slaves that are removed from a bond will be
admin down, this patch makes sure that the links are admin up
if they are part of the "auto" class and link-down yes is not set
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
When creating a bond, we first use a netlink call, if that
call fails we try to create and setup the bond via sysfs.
If the bond name is longer than 15 chars the netlink call
will fail, we will then enter the sysfs path which creates
the bond by writing to /sys/class/net/bonding_masters. In
this case the bonding driver will simply truncate the bond
name to fit into the 15 chars limit.
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
From Mike Manning:
In the case of vlan filtering on bridges, the bridge may also have the
corresponding vlan devices as upper devices. Currently the link state
of vlan devices is transferred from the lower device. So this is up if
the bridge is in admin up state and there is at least one bridge port
that is up, regardless of the vlan that the port is a member of.
The link state of the vlan device may need to track only the state of
the subset of ports that are also members of the corresponding vlan,
rather than that of all ports.
Add a flag to specify a vlan bridge binding mode, by which the link
state is no longer automatically transferred from the lower device,
but is instead determined by the bridge ports that are members of the
vlan.
----
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
User may want to have persistent name of dummy port if
"bridge-always-up" option is enabled.
Now the name can be defined in "bridge_always_up_dummy_brport" policy
for bridge module.
Signed-off-by: Alexander Petrovskiy <alexpe@nvidia.com>
The exception could have never come from read_file_oneline, also value
was an undefined variable, so it would have thrown an exception while
handling an exception thus being useless anyway.
Signed-off-by: Markus Hauschild <markus@moepman.eu>
this patch adds support for the vxlan-mcastgrp attribute on single
vxlan device. Prior to this commit the vxlan-mcastgrp was only
applied to regular vxlans.
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
When creating a single-vxlan device we were sending local tunnel ip address with ip
network prefix. This patch avoid the following error:
error: cmd '/bin/ip link add dev vxlan0 type vxlan external local 27.0.0.9/32 dstport 4789' failed: returned 1 (Error: any valid address is expected rather than "27.0.0.9/32".
)
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
This was added back when ifupdown2 was using brctl to del bridges.
brctl doesn't allow deleting a bridge if the bridge is still admin up.
Now that we moved to netlink this is not needed anymore.
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Openvswitch already manage mtu if ovs-mtu is defined.
(Ovs manage mtu in userland, and sync mtu for some interfaces in kernel).
If mtu is changed by address module, before the ovs userland mtu,
this give packets drop.
original commit ported to the python3 branch:
commit bffa619b11
Author: Maximilian Wilhelm <max@rfc2324.org>
Date: Sat Jan 14 19:08:01 2017 +0100
Add option 'veth-peer-name' to veth links and ensure proper configuration.
The option »veth-peer-name« forces an veth peer link to be created with
a specific interface name. As the interface name of the "local" part of
the veth link pair already is defined by the name of the interface stanza
this option is added to, now both sides are clearly named.
As there is a bidirectional dependency of both link pairs - both cannot
exist without the other - this presents a problem when setting up all
interfaces. Depending on which interface is set up first there might be
a problem when only on dependency is specified. Therefore adding the
»veth-peer-name« option to both interface of the veth link pair ensures
that regardless of which side is configured first the peer name will be
set correctly. This intentionally creates a circular dependency which is
handled accordingly.
Fixing the config check for veth link-type while at it :)
Signed-off-by: Maximilian Wilhelm <max@rfc2324.org>
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Enabling this attribute on a bridge will
enslave a dummy interface to the bridge
example:
auto bridge
iface bridge
bridge-vlan-aware yes
bridge-always-up yes
bridge-ports vni42
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
ifupdown2 now tries to monitor the dhclient call to see if an ip address was
successfully assigned on the requested device. The number of retry can be
customized using the "dhclient_retry_on_failure" policy variable (which defaults to 0)
This commit also add debugging capabilities by automatically enabling sysloging when
configuring dhcp at boot (with PERFMODE option).
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
In the addressvirtual module we have some code that checks if stale macvlans should
be deleted (when the address-virtual or vrrp keywords are removed from the config).
To find those stale macvlans we basically do a glob search in /sys/class/net/ with
the macvlan prefix (ifname) defined by ifupdown2: '%s-v' % ifaceobj.name[0:13], which
for a device foo would create macvlans named foo-v0...foo-vN.
In this particular case we have a vxlan named: sha3szx4-vpn, which gets matched
and removed without actually checking if this device is a macvlan or not.
This commit adds a link_kind check to ensure that we are only removing macvlans.
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
ES bonds have the same "init state" requirements as CLAG bonds -
1. A bond needs to be designated as an "es-bond" for this purpose.
For clag-bonds we used "clag-id" attr (to designate a bond as a "clag-bond").
For ES bonds we will use "es-sys-mac" attr.
2. Slaves added to an "ES bond" must have protodown-on.
This is again similar to CLAG bonds
3. And vice-versa i.e. when a slave is removed from an "es-bond",
protodown-on must be cleared.
4. When es-sys-mac is first set on a bond, all the bond-slaves must be
placed in "protodown-on" state. This is needed whether FRR is running at that point or not.
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
When --with-defaults is provided we update the stanza-data structure without
making sure we are dealing with a vxlan intf.
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
