Ticket: CM-11745
Reviewed By: Roopa, Nikhil G
Testing Done: configuration provided in the bug
User was attempting to configure a traditional bridge under a VRF with VRR.
When issuing ifreload -a, the configuration failed to apply with an error.
Applying an address-virtual keyword to an interface with upper interfaces
or parent interfaces was not allowed. But now we are allowing the use of
this keyword only for vrf slaves.
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
and validation
Ticket: CM-8101
Reviewed By: Roopa
Testing Done:
The goal of this commit is to provide the addons a new way to perform their
own specific syntax checks. By implementing `syntax_check` method.
The addons will have to make sure the provided ifaceobj is valid.
e.g. vxlan.py:syntax_check(ifaceobj) should check:
self._is_vxlan_device(ifaceobj)
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: None
Reviewed By: Roopa, Daniel
Testing Done: This is not affecting ifupdown2 yet
the validvals attribute is only used by ifedit
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: CM-11624
Reviewed By: roopa, julien
Testing Done: using configuration mentioned in the bug
This patch fixes 'ifquery -c' failure for 'bridge-pvid' on
all bridge ports.
The following format of '/sbin/bridge -c vlan show' output was not handled properly
by iproute2
port vlan ids
swp1 600
700-710
711 PVID Egress Untagged
712-900
iproute2 was parsing the '/sbin/bridge -c vlan show' output with the assumption that
pvid line '711 PVID Egress Untagged' appears before all the vland ids.
Something like this:
port vlan ids
swp1 711 PVID Egress Untagged
600
700-710
712-900
Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
Ticket: CM-11735
Reviewed By: Roopa, Daniel
Testing Done: creating a vxlan with ifupdown then checking the dstport with
ip -d link show $vlxanName
When creating a vxlan nlmanager didn't re-order/byte swap the dstport value
to little endian
46354 instead of 4789
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: CM-11718
Reviewed By: CCR-4931
Testing Done: Tested complete regression suite on hardnode in 3.0.
This patch fixes a problem in the ethtool addon module where a single iface stanza was
configured for a link-speed (1G) other then the default (10G). The link-speed config is then
removed or commented out but the link-speed is not restored to its default value (10G) because of
incorrect logic.
Ticket: CM-11195
Reviewed By: roopa, julien
Testing Done: used the configuration mentioned in bug description
Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
running values for bridge-portmcrouter, bridge-portmcfl, and bridge-portprios
were accessed using invalid keys.
Ticket: CM-11392
Reviewed By: roopa, dsa, julien
Testing Done: multiple vrf devices on dell-s3000-02
Now that the l3mdev FIB rule is in the CL3.1 kernel tree,
ifupdown2 no longer needs to manage FIB rules for VRF devices.
Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
+ adding one byte attribute class for protodown operations.
Ticket: CM-11581
Reviewed By: CCR-4721
Testing Done: Smoke + custom interface file with clag bond that requires protodown.
- nlmanager will now throw an exception if a user is trying to use the default
attribute class when in fact he should use a more specific attribute class.
- The protodown implementation needed to use a one byte attribute to set the protodown state
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: CM-11511
Reviewed By: CCR-4890
Testing Done: Used "address-virtual" keyword to create VRR interface with IPv6
address. Checked sysctl and dad failures.
In a VRR setup, both switches are programmed with the same IPv6 address and that
address is active on both switches. This causes the IPv6 duplicate address
detection to kick in and diable the use of one of the address on one of the
switches. This patch causes duplicate address detection to be disabled on VRR
interfaces by setting the net.ipv6.conf.<ifname>.accept_dad and
net.ipv6.conf.<ifname>.dad_transmits sysctl's to 0. The only IPv6 addresses
which are defined on these interfaces are the virtual addresses and the link
local address (which is unused). No other operational IPv6 addresses should ever
be assigned to these interfaces. Instead, operational IPv6 addresses should be
assigned to the "base", or lower, interface of the VRR interface.
Ticket: CM-11485
Reviewed By: Roopa
Testing Done: config from the github issue
First reported here https://github.com/CumulusNetworks/ifupdown2/issues/10
ifquery just like ifupdown should try to get the vlan-id from the iface name
if vlan-id attr is not specified.
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: CM-7360
Reviewed By: CCR-4721
Testing Done: smoke / testifreload / Tested on amd64 platform (by Sam)
For now, we use a mirror copy of nlmanager sources to make sure we don't
depend on it as an external package
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: CM-11080
Reviewed By: roopa, dsa, dave olson, daniel, julien
Testing Done: yes, with mgmt VRF configured
This patch parses '/usr/bin/pstree -Aps <pid>' output to find
the pid of current ssh session, and send 'sudo ifreload -a'
to background before killing itself.
Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
Ticket: CM-8623
Reviewed By: Roopa Prabhu, Julien Fortin
Testing Done: yes, using the below mentioned config.
This patch fixes 'ifquery -c' error, bridge pvid error, which is an
unrelated error for the following valid config.
This patch also removes 'bridge-pvid', if configured, from 'bridge-vids' set.
In the below example, 510 is removed from the set bridge-vids 510-550.
The new bridge-vids set is 511-550.
auto swp1
iface swp1 inet6 dhcp
address 14.0.0.5/30
down ip addr flush dev swp1
auto Bridge1
iface Bridge1
address 0.0.0.0/0
down ip addr flush dev Bridge1
bridge-vlan-aware yes
bridge-ports swp1
bridge-pvid 510
bridge-vids 510-550
bridge-stp on
mstpctl-portnetwork swp1=yes
Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
Ticket: CM-8561
Reviewed By: kanna, julien
Testing Done: Tested on amd64 switch
ifreload always deletes and adds back a host IP address
if that address is specified without a "/" and without a "netmask" config.
The problem is fixed so that _inet_address_convert_to_cidr() handles a missing
"/" and a missing "netmask" config. The host addresses is no longer added to a
list of addresses we will del/add. The patch was simply to add a case for the
missing "/" and a missing "netmask".
Ticket: None
Reviewed By: Roopa
Testing Done: smoke/testifupdown2.py:TestMakoJson
ifupdown2.TestMakoJson test was failing because the json values werent trimmed
Because of a trailing whitespace, a list of iface had an empty value, ifupdown2
was throwing an exception.
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: None
Reviewed By: CCR-4692
Testing Done: smoke + scale tests
If called with close_fds=True the subprocess module will try to close every fd
from 3 to MAXFD before executing the specified command. This is done in Python
not even with a C-implementation which truly affecting performances.
This patch aims to better handle the file descriptor used by ifupdown2. Either
by closing them after use or by setting the close-on-exec flag for the file
descriptor, which causes the file descriptor to be automatically
(and atomically) closed when any of the exec-family functions succeed.
With the actual patch all tests are passing, I can't think of any future issue
but if any a possible future modification might be to use the parameter
'preexec_fn', which allows us to set function which will be executed in the
child process before executing the command line. We can always manually close
any remaining open file descriptors with something like:
>>> os.listdir('/proc/self/fd/')
['0', '1', '2', ‘3’, etc..]
>>> for fd in os.listdir('/proc/self/fd/')
>>> if int(fd) > 2:
>>> os.close(fd)
This patch is also totally re-organising the use of subprocesses. By removing
all subprocess code redundancy.
Ticket: CM-7678
Reviewed By: Roopa Prabhu
Testing Done: yes, with vlan aware/unaware bridge on dell-s3000-02
This patch enables bpdu filter and bpdu guard enabled for vxland device under
the bridge if these two attributes are unconfigured
Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
brought up
Ticket: CM-11016
Reviewed By: julien, nikhil
Testing Done: tested with config in the CM bug
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
