Julien Fortin [Thu, 4 May 2023 11:18:09 +0000 (13:18 +0200)]
debian: changelog: new entry: 3.2.0
* Fix: Sonarqube issues
* Fix: ifquery hangs indefinitely on ^C
* Fix: Skipping admin down on deleted vlans
* Fix: Merge existing MTU into new netlink object
* Fix: scheduler: env variable not properly set for user commands (fixes #218)
* Fix: ifquery-check: vlan-protocol for dotted interfaces
* Fix: Down ops on vrf-slave should set the slave admin down
* New: Allow bond creation without slaves
* New: Add `--set-ring` option to ethtool
* New: Openvswitch : add support for fakebridge
* New: add support for systemd logging (--systemd)
* New: Process hwaddress before processing ip addresses
* New: Set protodown off on bond slave before bond is deleted
* New: Make sure bond speed and slaves (swps) speed are matching
Tal Berlowitz [Wed, 6 Jul 2022 15:08:13 +0000 (18:08 +0300)]
Fix the return value of utils._execute_subprocess
If the output of the subprocess is empty, then an empty <bytes> object
is returned (b''), and not decoded into an empty <string> object.
This may result in errors such as:
info[109734]: executing /bin/ip -6 addr show eth0
networking[109734]: error: eth0: cannot use a string pattern on a
bytes-like object
error[109734]: eth0: cannot use a string pattern on a bytes-like object
Adrien Banlin [Tue, 31 May 2022 08:40:36 +0000 (10:40 +0200)]
gvgen: fix module dependency
gvgen module require the six module from python3-six package.
This new dependency is only necessary for python2/python3 cross
compatibility on dict.iteritems() (py2) vs dict.items() (py3).
ifupdown2 does not support python2 so we could replace every iteritems
occurrences to it's python3 format but this means the gvgen module will
diff from upstream.
The simplest way is to make ifupdown depends on python3-six.
Julien Fortin [Thu, 5 Aug 2021 16:48:23 +0000 (18:48 +0200)]
graph: import gvgen class into ifupdown2 package
python2's ifupdown2 used python-gvgen to output the dependency graph in dot
format. There's not python3 version of that package available in debian.
Resulting in: error: main exception: name 'GvGen' is not defined
The package is in fact a single class that is already compatible with python3
According to the license (MIT) we can pull in the code in our own tree.
Old code was a bit messy and all over the place. This
resulted in a loophole breaking sync between bridge-learning
and vxlan-learning. This patch simplifies the existing code
and fixes the bug.
Julien Fortin [Fri, 20 Aug 2021 15:45:51 +0000 (17:45 +0200)]
addons: bridge: fix sync between bridge-learning and vxlan-learning
if not specified by the user vxlan brport learning is controlled by the
bridge_vxlan_port_learning policy (on by default).
4.4 introduced vxlan-learning off via policy. The syncing code between
bridge-learning and vxlan-learning was incomplete and was written at the
time when we didn't have a default vxlan-learning policy. This patch fixes
the sync-ing gap and makes sure vxlan-learning is sync'd with bridge-learning
which wasn't always the case before.
for every vxlan brport BRPORT_LEARNING is turned on
Julien Fortin [Fri, 27 May 2022 12:21:06 +0000 (14:21 +0200)]
addons: bond: set IFLA_MASTER when updating bond settings
On bond creation and update, ifupdown2 directly caches the netlink
object sent to the kernel. If the bond already exists it overrides
the existing cached object. If the existing bond was enslaved to a
bridge, some bridge vlan data would get purged because the new
netlink object didn't have the IFLA_MASTER attribute (thus tricking
the cache into thinking that the bond got unslaved from the bridge).
Here is a snippet of the bond013 /en/i config in the first topology:
Trey Aspelund [Tue, 29 Mar 2022 15:20:12 +0000 (11:20 -0400)]
addons: Fix vrrp addrgenmode
Prior commit (from me) that changed ipv6_addrgenmode for VRRP macvlan
interfaces from RANDOM --> NONE incorrectly disabled this for vrrp6.
The IPv6 link-local address is used as the SIP for vrrp6 hellos, so we
need to make sure that we are only setting addrgenmode to NONE for vrrp4.
Trey Aspelund [Fri, 15 Oct 2021 16:53:20 +0000 (12:53 -0400)]
addons: set addrgenmode to none for vrrp macvlan
A VRRP macvlan interface should only have addresses matching the
VIP defined by the user. This change ensures we set ipv6 addrgenmode
to none, that way there won't be any unexpected (from user standpoint)
ipv6 link-local addresses to cause confusion or erroneous Type-2 EVPN
routes (in the case of advertise-default-gw with VRRP instead of VRR)
that advertise IP addresses that don't represent a VIP.
Julien Fortin [Tue, 28 Dec 2021 21:47:48 +0000 (22:47 +0100)]
log: add extra try except when removing log dirs and fix eni.d cp
The extra try/except are necessary just in case something goes wrong
we still want to go through the entire list of extra log dir present
on the system.
enable persistent ifupdown2 debug logs
ifupdown2 will keep debug logs in /etc/network/ifupdown2/logs
by default the last 42 configurations logs will be kept.
yes - (default) enable persistent logging (42 configs)
no - disable persistent logging
[2-9]+ - specify how many configuration logs should be stored
enable_persistent_debug_logging=yes
Julien Fortin [Tue, 22 Mar 2022 11:52:12 +0000 (12:52 +0100)]
addons: bridge: l2 vni evpn: don't warn for static vxlans
Due to missing checks, ifupdown2 may display the following warning for
static vxlan configs.
"warning: possible mis-configuration detected: l2-vni configured
with bridge-learning ON while EVPN is also configured - these two
parameters conflict with each other."
Julien Fortin [Tue, 15 Mar 2022 16:38:56 +0000 (17:38 +0100)]
addons: bond: ifquery-check: es-sys-mac value is not part of netlink dump for non-root run
For some reason es-sys-mac (IFLA_BOND_AD_ACTOR_SYSTEM) is not part
of the netlink dump if requested by non-root user. This commit adds
a log info and will ignore es-sys-mac in that case.
addons: address: clear stale svi fdb entries when svi mac is changed
Three issues:
- when `hwaddress` is removed from an SVI (on top of a bridge), the svi
mac is not resetted back to the bridge mac: fixed
- when `hwaddress` is used on an svi, stale fdb enties were added with the
bridge mac: fixed
- on ifdown we were leaving a leftover fdb entry on the deleted svi: fixed
Upon ipv6_dad_handling_enabled module global parameter set to true, the
address addon will handle ipv6 dad tentatives by either
* set nodad when adding an ipv6 address
* waiting for dad to finish or warn of a timeout
This handling should be quick close to the ifupdown process.
projects / mirror_ifupdown2.git / log