because of a typo (use of wrong object) we weren't looking at the correct
ifaceobj for LINK_DOWN lookup. In some cases we didn't honor link-down yes
on VRF slaves
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
A newer iproute2 version changed the bridge vlan show output, ifupdown2 relies
on the previous format, we have the convert data into old format:
{
"vx-1002": [{
"vlan": 1002,
"flags": ["PVID", "Egress Untagged"]
}],
"vx-1004": [{
"vlan": 1004,
"flags": ["PVID", "Egress Untagged"]
}]
}
auto bridge
iface bridge
bridge-vlan-aware yes
bridge-ports vx-1000 vx-1001 vx-1002 vx-1003 vx-1004 hostbond3 hostbond4
bridge-stp on
bridge-vids 1000-1004
bridge-pvid 1
auto vx-1002
iface vx-1002
vxlan-id 1002
bridge-access 1002
vxlan-local-tunnelip 27.0.0.15
bridge-learning off
bridge-arp-nd-suppress on
mstpctl-portbpdufilter yes
mstpctl-bpduguard yes
mtu 9152
auto hostbond4
iface hostbond4
bond-slaves swp2 swp3
bond-mode 802.3ad
bond-min-links 1
bond-lacp-rate 1
mtu 9152
alias Local Node/s TORS1 and Ports swp32s2 swp32s3 <==> Remote Node/s HOSTS12 and Ports swp1 swp2
bridge-pvid 1001
auto swp3
iface swp3
link-speed 10000
link-duplex full
link-autoneg off
auto swp2
iface swp2
link-speed 10000
link-duplex full
link-autoneg off
auto vx-1004
iface vx-1004
vxlan-id 1004
bridge-access 1004
vxlan-local-tunnelip 27.0.0.15
bridge-learning off
bridge-arp-nd-suppress on
mstpctl-portbpdufilter yes
mstpctl-bpduguard yes
mtu 9152
auto vx-1003
iface vx-1003
vxlan-id 1003
bridge-access 1003
vxlan-local-tunnelip 27.0.0.15
bridge-learning off
bridge-arp-nd-suppress on
mstpctl-portbpdufilter yes
mstpctl-bpduguard yes
mtu 9152
auto hostbond3
iface hostbond3
bond-slaves swp5 swp6
bond-mode 802.3ad
bond-min-links 1
bond-lacp-rate 1
mtu 9152
alias Local Node/s TORS1 and Ports swp32s0 swp32s1 <==> Remote Node/s HOSTS11 and Ports swp1 swp2
bridge-pvid 1000
auto swp6
iface swp6
link-speed 10000
link-duplex full
link-autoneg off
auto swp5
iface swp5
link-speed 10000
link-duplex full
link-autoneg off
auto vx-1001
iface vx-1001
vxlan-id 1001
bridge-access 1001
vxlan-local-tunnelip 27.0.0.15
bridge-learning off
bridge-arp-nd-suppress on
mstpctl-portbpdufilter yes
mstpctl-bpduguard yes
mtu 9152
auto vx-1000
iface vx-1000
vxlan-id 1000
bridge-access 1000
vxlan-local-tunnelip 27.0.0.15
bridge-learning off
bridge-arp-nd-suppress on
mstpctl-portbpdufilter yes
mstpctl-bpduguard yes
mtu 9152
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
On some kind-of-minimalistic Ubuntu 18.04.1 extra python package `python-setuptools` was needed in order to compile from source the final DEB.
```
dpkg-buildpackage: info: source version 1.2.1
dpkg-buildpackage: info: source changed by Julien Fortin <julien@cumulusnetworks.com>
dpkg-source --before-build ifupdown2
dpkg-buildpackage: info: host architecture amd64
dpkg-checkbuilddeps: error: Unmet build dependencies: python-setuptools
dpkg-buildpackage: warning: build dependencies/conflicts unsatisfied; aborting
```
on --show-fec ethtool seems to return fec in uppercase while
we only advertise lowercase validvals. We should only deal
and compare lowercase values for running, config and default
root@host:/home/cumulus# /sbin/ethtool --show-fec swp29
FEC parameters for swp29:
FEC encodings : RS
root@host:/home/cumulus#
testing:
set: link-fec rs
ifup/ifreloads
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
As shown in the following example, ifupdown1 sets the default route with the
onlink attribute. This patch will add this capability to ifupdown2 controlled
by a policy variable in the address module: "l3_intf_default_gateway_set_onlink"
default to on
[19:16:07] root:~ # cat /etc/network/interfaces
auto lo
iface lo inet loopback
auto enp0s3
iface enp0s3 inet static
address 78.46.193.234/32
gateway 172.31.1.1
[19:16:19] root:~ # ifup -a -v
ifup: configuring interface enp0s3=enp0s3 (inet)
...
/bin/ip addr add 78.46.193.234/255.255.255.255 broadcast 78.46.193.234 dev enp0s3 label enp0s3
/bin/ip link set dev enp0s3 up
/bin/ip route add default via 172.31.1.1 dev enp0s3 onlink
...
[19:16:21] root:~ # ip route show
default via 172.31.1.1 dev enp0s3 onlink
10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15
169.254.0.0/16 dev enp0s3 scope link metric 1000
[19:16:21] root:~ #
$ cat /etc/network/ifupdown2/policy.d/address.json
{
"address": {
"module_globals": {
"l3_intf_default_gateway_set_onlink": "yes"
}
}
}
$ ifquery swp1
auto swp1
iface swp1 inet static
address 78.46.193.234/32
gateway 172.31.1.1
$ ifreload -av |& grep "route add default"
info: executing /bin/ip route add default via 172.31.1.1 proto kernel dev swp1 onlink
$
$
$ emacs -nw /etc/network/ifupdown2/policy.d/address.json
$ cat /etc/network/ifupdown2/policy.d/address.json
{
"address": {
"module_globals": {
"l3_intf_default_gateway_set_onlink": "no"
}
}
}
$ ifdown -a -X eth0
$ ifreload -av |& grep "route add default"
info: executing /bin/ip route add default via 172.31.1.1 proto kernel dev swp1
$
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
-n sets DRYRUN flags, when DRYRUN is set many functions return True
(like link_exists), in this case vxlanattrs is set to False because
not cached. But since link_exists=True we still try to access it like
a dictionary.
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
The issue here lies with how we query the cache to get the ips addresses
configured on the macvlan. A few months ago we added support for link scope
addresses in the cache, since the kernel may add it's own link addresse to
some interfaces we need to filter them out when querying the cache (because
we just want to get the list of IPs managed by ifupdown2). To perform this
filtering we need to look at the current user configuration (/e/n/i) but we
also need to look at past configuration. To perform this filtering we need
to provide the API LinkUtils:get_running_addrs a special parameter for
address-virtual (we need an ifaceobj).
$ ifquery -a
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto vlan1000
iface vlan1000
address 192.168.10.2/24
address fc00:10::2/64
address-virtual 00:00:5e:00:01:01 192.168.10.1/24 fc00:10::1/64 fe80::1/64
address-virtual-ipv6-addrgen off
vlan-id 1000
vlan-raw-device bridge
vrf blue
auto bridge
iface bridge
bridge-ports swp1
auto blue
iface blue
vrf-table auto
$ ifreload -a
$ echo $?
0
$ ifquery -a -c
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp [pass]
auto vlan1000
iface vlan1000 [pass]
vlan-raw-device bridge [pass]
vlan-id 1000 [pass]
vrf blue [pass]
address 192.168.10.2/24 [pass]
address fc00:10::2/64 [pass]
address-virtual 00:00:5e:00:01:01 192.168.10.1/24 fc00:10::1/64 fe80::1/64 [pass]
address-virtual-ipv6-addrgen off [pass]
auto bridge
iface bridge [pass]
bridge-ports swp1 [pass]
auto blue
iface blue [pass]
vrf-table 1001 [pass]
$ ifquery -r vlan1000
auto vlan1000
iface vlan1000
vlan-id 1000
vlan-protocol 802.1Q
vlan-raw-device bridge
address 192.168.10.2/24
address fc00:10::2/64
address-virtual 00:00:5e:00:01:01 192.168.10.1/24 fe80::1/64 fc00:10::1/64
address-virtual-ipv6-addrgen off
$
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
--syntax-check was failing because "none" was missing in the validvals list for bridge-ports
closes#75
Reported-by: Alexandre Derumier <aderumier@odiso.com>
before the patch we can see that ifreload is displaying an error
with the example config
$ ifquery -a
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto swp1
iface swp1
vrf blue
link-down yes
auto blue
iface blue
vrf-table auto
$ ifreload -a
error: eth0: vrf blue not around, skipping vrf config
$ echo $?
1
$
$ # applying patch
$ ifreload -a
$ echo $?
0
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
ifquery may fail on the following exception:
File "/usr/share/ifupdown2/addons/bridge.py", line 709, in _query_check_l2protocol_tunnel_lldp
return ifla_brport_group_mask & 0x4000
TypeError: unsupported operand type(s) for &: 'NoneType' and 'int'
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
mstpctl might return an empty result on: mstpctl showportdetail bridge json
the cache is not filled with an empty dict so next cache lookup will be a
cache miss and therefore, ifupdown2 thinks we need to fill the cache with fresh
data and will execute showportdetail again (resulting in calling mstpctl cmd
sometime 5 or 6 times in a row).
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
The minimum IPv6 MTU (ipv6 stack should handle at minmum this size)
is 1280 bytes. If you set the MTU below that then you can't really
have ipv6 addrconf follows the MTU changes and if it sees change
below 1280 then it disables ipv6 on the iface
$ ifquery swp1
auto swp1
iface swp1
mtu 420
$ ifreload -a
error: swp1: cmd '/bin/ip -force -batch - [link set dev swp1 down
link set dev swp1 addrgenmode eui64
link set dev swp1 up
]' failed: returned 1 (RTNETLINK answers: Address family not supported by protocol
Command failed -:2
)
Reviewed-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
The building instruction didn't mention that users should checkout the master-next branch and build from it. This branch contains the lastest ifupdown2 version
