This reverts commit bed653e31b.
Reverting commit because this does not do the right thing and also
prints 'NoneType' errors. We should not be changing anything for
running values. The ether check is only needed for configured values.
Ticket: CM-9773
Reviewed By: Roopa Prabhu
Testing Done: yes, by installing ifupdown .deb file onto cel-e1031-01
adding default route to ipv6 table when the attribute
vrf-default-route is set to yes
Ticket: CM-7938
Reviewed By: roopa
Testing Done: tested on amd64 cel-redxp box
If the user has not configured a link attribute,
we should not be checking it against the default config.
This will only confuse users into thinking link attributes
were configured.
Modifications to the ethtool.py addon module
to check of configs exist before checking them.
Ticket: CM-6795
Reviewed By: CCR-4270
Testing Done:
root@debian:~# cat /etc/network/interfaces
auto lo
iface lo inet loopback
alias foo_bar
root@debian:~# ip link show lo
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
alias foo_bar
root@debian:~# ifdown -v lo
info: loading builtin modules from /usr/share/ifupdown2/addons
info: module ethtool not loaded (module init failed: no /sbin/ethtool found)
info: module ethtool not loaded (module init failed: no /sbin/ethtool found)
info: looking for user scripts under /etc/network
info: loading scripts under /etc/network/if-pre-up.d ...
info: loading scripts under /etc/network/if-up.d ...
info: loading scripts under /etc/network/if-post-up.d ...
info: loading scripts under /etc/network/if-pre-down.d ...
info: loading scripts under /etc/network/if-down.d ...
info: loading scripts under /etc/network/if-post-down.d ...
info: lo: running ops ...
info: rtnetlink: setting link lo down
info: executing ip -o addr show dev lo
info: Executing echo "" > /sys/class/net/lo/ifalias
info: Executing /etc/network/if-down.d/avahi-autoipd
info: Executing /etc/network/if-down.d/upstart
info: Executing /etc/network/if-down.d/wpasupplicant
info: Executing /etc/network/if-post-down.d/wireless-tools
info: Executing /etc/network/if-post-down.d/avahi-daemon
info: Executing /etc/network/if-post-down.d/wpasupplicant
root@debian:~# ip link show lo
1: lo: <LOOPBACK> mtu 65536 qdisc noqueue state DOWN mode DEFAULT group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
root@debian:~# ifup -v lo
info: loading builtin modules from /usr/share/ifupdown2/addons
info: module ethtool not loaded (module init failed: no /sbin/ethtool found)
info: module ethtool not loaded (module init failed: no /sbin/ethtool found)
info: looking for user scripts under /etc/network
info: loading scripts under /etc/network/if-pre-up.d ...
info: loading scripts under /etc/network/if-up.d ...
info: loading scripts under /etc/network/if-post-up.d ...
info: loading scripts under /etc/network/if-pre-down.d ...
info: loading scripts under /etc/network/if-down.d ...
info: loading scripts under /etc/network/if-post-down.d ...
info: processing interfaces file /etc/network/interfaces
info: lo: running ops ...
info: Executing /etc/network/if-pre-up.d/wireless-tools
info: Executing /etc/network/if-pre-up.d/wpasupplicant
info: rtnetlink: setting link lo up
info: executing ip -o addr show dev lo
info: executing ip link set dev lo alias foo_bar
info: Executing /etc/network/if-up.d/mountnfs
info: Executing /etc/network/if-up.d/avahi-autoipd
info: Executing /etc/network/if-up.d/openssh-server
info: Executing /etc/network/if-up.d/upstart
info: Executing /etc/network/if-up.d/avahi-daemon
info: Executing /etc/network/if-up.d/wpasupplicant
root@debian:~# ip link show lo
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
alias foo_bar
Ticket: CM-6795
Reviewed By:
Testing Done: Julien Fortin <julien@cumulusnetworks.com>
When using ifdown the value of the alias field was checked but never used. Instead this string "\'\'" was used.
change 'or' to 'and'. Its valid for one of them to be null.
This was causing vrf enslavement errors during bootup.
This was a recent regression.
Closes: CM-9757
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-9677
Reviewed By: nikhil
Testing Done: Tested with bond config file in CM-9677
This patch replaces the following attributes:
bond-ad-sys-priority with bond-ad-actor-sys-prio
bond-ad-sys-mac-addr with bond-ad-actor-system
The new attributes correspond to the new sysfs files below:
/sys/class/net/sidelink/bonding/ad_actor_sys_prio
/sys/class/net/sidelink/bonding/ad_actor_system
Old values will be accepted with a deprecated warning:
warning: attribute bond-ad-sys-priority is deprecated. Use bond-ad-actor-sys-prio instead
warning: attribute bond-ad-sys-mac-addr is deprecated. Use bond-ad-actor-system instead
Ticket: CM-8621
Reviewed By: Roopa Prabhu
Testing Done: Yes, by installing ifupdown2 deb onto cel-e1031-01
This patch makes sure ifupdown2 will not delete the address
configured through quagga when address-purge is set to no
Ticket: CM-9596
Reviewed By: Roopa Prabhu
Testing Done: Yes, by installing ifupdown2 deb onto cel-e1031-01
This patch makes sure ifupdown2 will not report a NoneType error
when VRF is defined but not used
Ticket: CM-9594
Reviewed By: Roopa Prabhu
Testing Done: Yes, by installing ifupdown2 deb onto cel-e1031-01
This patch fixes the failure to execute the command
'ip link set dev eth0 nomaster' when 'eth0' is associated with any vrf
This patch also include a review comment update for CCR-4210
Ticket: CM-9541
Reviewed By: Roopa Prabhu
Testing Done: Yes, by installing ifupdown2 deb onto cel-e1031-01
This patch checks if fib rule for local table have higher pref
than vrf table, if not, it deletes fib rule for local table
with lower pref and adds fib rule for local table with
higher pref than vrf table.
This patch also avoid repeated addition of vrf rules on each ifup
Ticket: CM-9107
Reviewed By: Roopa Prabhu
Testing Done: Yes, by installing ifupdown2 deb onto cel-e1031-01
This patch adds a check to detect change in vrf config table id
compared to running table id and throw an error accordingly.
The vrf device may not be up when ifup is executed on the
slaves. This commit makes sure:
- vrf slaves dont try to enslave themselves when vrf device is
not present
- And vrf master enslaves any missing slaves during ifup of vrf master
- Also make vrf device the link master, this will make sure
the vrf device brings the vrf slave links up. This is needed to work
around the ipv6 address flush issue
Closes: CM-9493
Review: dsa, nikhil, wkok (via git send-mail)
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-9494
Reviewed By: CCR-4184
Testing Done:
Also removed legacy 'fallback' options.
Now lacp bypass is enabled and disabled on a bond with:
bond-lacp-bypass-allow [0|1]
Ticket: CM-9520
Reviewed By: CCR-4152
Testing Done: verified service node configuration
Use "remote" attribute in iproute2 command to provision
service node address for service node based replication. Changes also
include allowing only one service node per vxlan device, so its user's
responsiblity to select one service node per vxlan device if there
are multiple nodes to distribute the load.
Ticket:CM-9106
Reviewed By: Roopa Prabhu and Dave Olson
Testing Done: Yes, by installing ifupdown and cumulus-tools deb on to cel-e1031-01
This patch adds per vrf default route: "ip route add table <tbid> unreachable default"
It also accepts a policy file with vrf-default-route [yes/no]
This also includes ifquery fixes for running and check.
Ticket: CM-8773
Reviewed By: CCR-4079
Testing Done:Yes, with following cofiguration
auto swp1
iface swp1
address 71.12.21.43
address 2001:620:5ca1:160::47
preferred-lifetime 30
Fix for this is, a small update in address.py method '_inet_address_convert_to_cidr'
where there is a check for different addres attributes.
Ticket: CM-6806
Reviewed By: CCR-4126
Testing Done:
Currently, when doing ifup of a bridge, the bridge is created
and ports are added to bridge before vlan_filtering is set on
the bridge. This causes extra churn on switchd which has to
configure the hardware one way and then tear it down and
reconfigure it again in the new way. For mlx, it causes even
more problems.
This patch moves the vlan_filtering setting of bridge to before
member ports are being added to the bridge, and it uses the new
iproute2 command for setting the attribute instead of through
sysfs.
Ticket: CM-9078
Reviewed By: CCR-4110
Testing Done: clag bond add/del and clag slave add/del
This change basically does the following -
1. Proto-down swpX pre-clag-bond-enslave
2. Proto-up swpX post-clag-bond-release
Setting/clearing of clag-id will result in similar proto-state changes
and those are handled by clagd.
Note:
I really wanted to keep these changes out of ifupdown2 but the
order of setting is critical i.e. protodown has to happen enslave to
prevent additional flaps/STP TCNs. Theoretically #2 can be done by clagd
but there is no easy way to do #1.
Ticket: CM-9266
Reviewed-by: trivial
Testing-done:
For now disable old LACP bypass options so that ifreload does
not give errors, as the corresponding sysfs nodes do not exist in
the latest 4.1.y kernel.
Ticket: CM-8725
Reviewed By: roopa
Testing Done: tested with user's config on amd64 platform
When setting mstpctl params from user given fdelay and maxage,
ifreload and ifup is setting maxage before fdelay.
Since there is a check for (Bridge Foward Delay - 1 second) >= Bridge Max Age
fdelay must be set before maxage because the fdelay is a default value.
Ticket: CM-9078
Reviewed By: Trivial
Testing Done: bond ifdown/ifup on s6000
This needs to be replaced with protodown of clag bond slaves
pre-enslave (TBD; coming soon).
Ticket: None
Reviewed By: CCR-4058
Testing Done: ifup'd interface with both dhcp-wait: "no" and dhcp-wait: "yes"
and not specified at all.
A previous patch implemented the nowait option for DHCP. This patch changes the
name of the option to "dhcp-wait" and makes the default, if nothing is specified
in the policy files, to be "yes", which means dhclient will be called without
the "-nw" option, causing it to wait for up to a minute for a response from the
DHCP server before continuing.
The format of the JSON in the policy file for this option was also changed so
that it conforms to the other ifupdown2 policy options. This format is now:
{
"dhcp": {
"defaults": { "dhcp-wait": "no" }
}
}
Also, the documented argument values are "yes" and "no". Any other values, will
be interpreted as "yes".
A subsequent patch in cl-basefiles will be made to include this fragment in
/var/lib/ifupdown2/policy.d/dhcp.json so that Cumulus Linux will default to
not waiting for DHCP to complete.
Ticket: None
Reviewed By: CCR-4058
Testing Done: ifup'd interface with both nowait=0 and nowait=1 and not specified
at all.
The Mellanox platform, as well as some others probably, has two management
interfaces: eth0 and eth1. The customer may plug a cable into either one of
these interfaces, and very rarely both of them. If only one cable is plugged in
and we don't know which one, then /etc/network/interfaces must be configured
by default to automatically bring up both interfaces using DHCP. But when an
interface does not have link, it stalls the boot process for 60 seconds while
dhclient times out.
This patch changes the default dhclient behavior to not wait for DHCP to
complete, by using the "-nw" option when calling dhclient. This means that
dhclient will immediately return and DHCP will complete in the background.
A module attribute has been added for the DHCP addon called "nowait", which
defaults to 1. If this attribute is set to 0, then dhclient will revert to its
previous behavior and delay up to a minute while DHCP completes. This attribute
can be specified in a policy file, e.g. /etc/network/ifupdown2/policy.d/dhcp.json,
with contents such as:
{
"dhcp" :
{
"nowait" : 0
}
}
This patch adds initial support for vrf in ifupdown2.
Example interfaces file section:
auto swp1.100
iface swp1.100
vrf blue
auto blue
iface blue
vrf-table 10
iproute2 vrf map is generated under:
/etc/iproute2/rt_tables.d/ifupdown2.vrf_map
this patch also adds prelimnary support for 'vrf-table auto'.
But this needs more work.
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-7756
Reviewed By: roopa
Testing Done: built powerpc and tested ifupdown2 as well as new tests
Once mstpctl-portbpdufilter or mstpctl-bpduguard is enabled for
an interface, removing the configuration in /etc/network/interfaces
does not toggle the mstpctl state back to no.
The root cause of this problem is that "ifreload" does not check default settings for MSTP configuration
for bridge ports and use a default when that setting is removed from the configuration.
This patch adds a check in the existing loop on attribute values.
If there is no configured value, we check to see if a default exists.
self._modinfo['attrs'][attrname]['default'] exists.
If it exists and it is different then the currently running value
we reset the attribute to its default. This is what a customer would expect if
they removed a configured value.
(also added test in cl-tests to check this functionality)
(cherry picked from commit 63d0f7082d44fedabe002aebbb658751dc655a46)
Ticket:
Reviewed By:
Testing Done: Tested ifquery --check with bridge-pvid
bridge-pvid and bridge-vids on a bridge does
not correspond directly to a running config
on the bridge. They correspond to default
values for the bridge ports. And they are
already checked against running config of the
bridge port and reported against a bridge port.
So, This patch ignores these attributes under the bridge.
Uses '2' for ignore today. XXX: '2' will be
mapped to a defined value in subsequent patches.
Before:
auto bridge
iface bridge
[fail]
bridge-vlan-aware yes [pass]
bridge-ports swp3 swp4 [pass]
bridge-pvid notfound [fail]
After:
auto bridge
iface bridge
[pass]
bridge-vlan-aware yes [pass]
bridge-ports swp3 swp4 [pass]
bridge-pvid 20
(cherry picked from commit 29e70abbf7920cf94c3ebd738dd757c2ca27b35c)
Ticket: CM-7917
Reviewed By: CCR-3845
Testing Done: Tested changing address and ifreloading on multiple iface stanzas
In presence of multiple iface stanzas, current ifupdown2 does not purge
existing addresses.
Because each ifaceobject processing looks at only its stanzas and it is
afraid that it may purge running addresses that does not belong to
itself. Historically multiple iface stanzas are processed individually
than squashing them as a single interface. Squashing iface stanzas into
a single iface stanza has been a problem in the past and also does not
work well with iface stanzas that are supported by ifupdown (I dont have
a specific problem example right now...but)
This patch processes all address attributes when processing the first iface
object (or iface stanza). Unsure if this can be a surprise to existing
users. It should not but cant say sometimes people have weird things in
their pre-up/post-up commands. Hence this is controlled by a ifupdown2.conf
variable addr_config_squash=0 set to off by default. still debating if this
can be on by default.
When addr_config_squash=0 and existing addresses are not purged a
warning is displayed:
"warning: swp1: interface has multiple iface stanzas skip purging
existing addresses"
(cherry picked from commit 7aaa75674547392f2abb8273b18671f0795b3eaf)
Ticket:
Reviewed By: CCR-3804
Testing Done: Tested regex parsing failures
This is mostly a cosmetic fix. we were failing with weird/unclear errors
on unable to parse regex expressions correctly.
This patch mainly adds the interface name to the message and plus adds
an info message showing the actual regex being used in searches.
example config:
{noformat}
auto br-roopa
iface br-roopa
bridge-vlan-aware yes
bridge-ports regex '(\\Aswp3\\Z|\\Aswp4\\Z)'
bridge-pvid 20
{noformat}
before the patch:
warning: br-roopa: error getting dependent interfaces (unbalanced
parenthesis)
after the patch (not pretty but easier to debug)
info: br-roopa: evaluating port expr '['regex', "'(", 'Aswp3', 'Z|',
'Aswp4', "Z)'"]'
warning: br-roopa: error getting dependent interfaces (br-roopa: error
searching regex ''(' in swp38 (unbalanced parenthesis))
(cherry picked from commit bcca6f753a25494666d53f1f2f3c855ffa41d7f0)
This reverts commit bbd11771f5571c67c8f110c2b464817ce31155b9.
This introduced an error where if the config has old bridge driver
and configures port attributes on the bridge, the attributes are reset
to defaults after they are configured by the bridge settings.
(cherry picked from commit 651d1980de02fb108975900ed007087d9a79934c)
Ticket: CM-8143
Reviewed By: scotte, roopa
Testing Done: ssim and powerpc
This was first seen as a side issue with switchd terminating and not restarting (filed as CM-8109).
When ifreload -a is issued, all of the vrr interfaces were bounced, even though there were not any
configuration changes.
In keeping with the philosphy of making ifreload non-disruptive, this patch no longer
disrupts vrrs if the existing config has not changed.
Ticket: CM-8248
Reviewed By: Trivial
Testing Done: None
Fix for
On bootup and during service network restart these warning messages are thrown out.
root@cel-ken-01:/var/log# service networking restart
[....] Reconfiguring network interfaces...warning: global name 'get_mod_subattr' is not defined
warning: global name 'get_mod_subattr' is not defined
warning: global name 'get_mod_subattr' is not defined
warning messages in ifupdown2
Ticket: CM-7756
Reviewed By: roopa
Testing Done: Tested ssim and powerpc images
Once mstpctl-portbpdufilter or mstpctl-bpduguard is enabled for
an interface, removing the configuration in /etc/network/interfaces
does not toggle the mstpctl state back to no.
The root cause of this problem is that "ifreload" does not check default settings for MSTP configuration
for bridge ports and use a default when that setting is removed from the configuration.
This patch adds a check in the existing loop on attribute values.
If there is no configured value, we check to see if a default exists.
self._modinfo['attrs'][attrname]['default'] exists.
If it exists and it is different then the currently running value
we reset the attribute to its default. This is what a customer would expect if
they removed a configured value.
Ticket: CM-6626
Reviewed By: CCR-3768
Testing Done: Tested with testcase specified in bug
There was an earlier implementation for this for 2.5.4 (CCR-3599 a quick
fix for 2.5.4). This patch re-implements the fix.
This patch essentially handles stp set before and after the port is
processed. It replaces the below commit with the patch in this review
{noformat}
commit 3af351f0a005236e747913bb499c6165e3ec43a4
Author: Roopa Prabhu <roopa@cumulusnetworks.com>
Date: Tue Sep 29 10:12:07 2015 -0700
Fix mstp settings ordering issues when bridge stp is toggled on and
off
(when mstp settings are specified under the port)
Ticket: CM-6626
Reviewed By: CCR-3599
Testing Done: Tested the problem case mentioned in the bug (Plan to
re-work the fix a bit for 2.5.5)
{noformat}
Example:
{noformat}
auto host1
iface host1
mtu 9000
bond-slaves glob swp[25-26]
bond-mode 802.3ad
bond-miimon 100
bond-use-carrier 1
bond-lacp-rate 1
bond-min-links 1
bond-xmit-hash-policy layer3+4
clag-id 1
mstpctl-portadminedge yes
mstpctl-bpduguard yes
auto bridge
iface bridge
mtu 9000
bridge-vlan-aware yes
bridge-ports peerlink host1
bridge-stp on
bridge-vids 1000-3000
bridge-pvid 1
info log stmts:
--------------------
info: host1: ignoring mstpctl-portadminedge config (stp on bridge bridge
is not on yet)
info: host1: ignoring mstpctl-bpduguard config (stp on bridge bridge is
not on yet)
<snip>
info: bridge: processing bridge config for port host1
info: bridge: processing mstp config for port host1
info: executing /sbin/mstpctl showportdetail bridge host1
admin-edge-port
info: executing /sbin/mstpctl setportadminedge bridge host1 yes
info: executing /sbin/mstpctl showportdetail bridge host1
bpdu-guard-port
info: executing /sbin/mstpctl setbpduguard bridge host1 yes
{noformat}
Ticket: CM-8161
Reviewed By: Roopa
Testing Done:
With vlan-aware bridge, when replacing a port's pvid, the kernel leaves
the port in the original pvid and relies on user space to explicitly
delete the port from that vlan if it is no longer a member of that.
ifupdown does that correctly in ifup and ifreload cases, but missed
removing the port from the default pvid during system reboot. This
patch fixes that by removing the PERFMODE check specifically for pvid
that causes ifupdown to skip checking running config on reboot which
leads to the bug.
(cherry picked from commit 0461a3f3cc82691cd32b9f6dbefaacf7b23eaeea)
