Ticket: CM-13434
Reviewed by: julien, nikhil, daniel
Testing Done: ifreload and multiple down [yes|no] sequences under
physical and logical interfaces (ifupdown2-tests test case is pending)
This also moves the fix done for CM-4125 (inet manual handling for
logical devices) into a single place under ifupdownmain.
attribute 'down [yes|no]' will not work in all cases when 'inet manual'
is used. This is only to preserve the semantics of 'inet manual'.
Best use of 'down [yes|no]' is to use it without 'inet manual'..
they are conflicting features anyways.
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-14146
Reviewed By: Roopa, Daniel W, Nikhil G
Testing Done:
bridge-portmcfl attribute needs to validate an <interface-yes-no-0-1-list>
to support the yes/no syntax.
This is an incremental commit for CM-8866
$ ifquery -a
auto br0
iface br0
bridge-ports swp1 swp2 swp3 swp4
bridge-portmcfl swp1=yes swp2=no swp3=1 swp4=0
auto br1
iface br1
bridge-vlan-aware yes
bridge-ports swp5 swp6 swp7 swp8
auto swp5
iface swp5
bridge-portmcfl yes
auto swp6
iface swp6
bridge-portmcfl no
auto swp7
iface swp7
bridge-portmcfl 1
auto swp8
iface swp8
bridge-portmcfl 0
$
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: CM-13044
Reviewed By: Roopa, Nikhil G, Daniel W,
Testing Done:
For some reason we can't simply write into a file when we want to purge the
ifalias, we have to exec a command. I wasn't able to make it work in any
other way.
add an alias to an interface, ifreload, ip link show interface
modify it, ifreload, ip link show interface
remove it, ifreload, ip link show interface
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: CM-13044
Reviewed By: Roopa, Nikhil G, Daniel W,
Testing Done:
For some reason we can't simply write into a file when we want to purge the
ifalias, we have to exec a command. I wasn't able to make it work in any
other way.
add an alias to an interface, ifreload, ip link show interface
modify it, ifreload, ip link show interface
remove it, ifreload, ip link show interface
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: CM-14158
Reviewed By: julien, nikhilg
Testing Done: Tested with a bridge config without bridge-ports line.
NCLU wants the ability to create a bridge without ports (to add them
later). Today we cannot specify an attribute without values. We get the
below error:
info: processing interfaces file /etc/network/interfaces
error: /etc/network/interfaces: line10: iface bridge: invalid syntax
'bridge-ports'
The error comes from a generic parser check...we will
need to add exceptions to the generic check if we allow attributes
without values.
This patch simply identifies a bridge by both the bridge-vlan-aware and
bridge-ports keyword. For vlan aware bridge it will simply work.
For old bridge driver nclu will have to specify 'bridge-vlan-aware no'
to achieve the same. nclu does not support old bridge
model today, so defering the old bridge driver discussion for later.
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-8401
Reviewed By: Roopa, Julien
Testing Done: tested on all bridge mstpctl attributes.
This patch resets th following bridge attributes to defauls when
users remove settings from interface config file.
mstpctl-treeprio
mstpctl-ageing
mstpctl-fdelay
mstpctl-maxhops
mstpctl-maxage
mstpctl-txholdcount
mstpctl-forcevers
mstpctl-hello
Added an api in policy manager to get policy default value of any
module attribute.
Added a cache for bridge attributes to save some runtime
Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
Ticket: CM-13996
Reviewed By: Roopa, Nikhil G
Testing Done:
With the following configuration:
auto bond0
iface bond0
bond-min-links 1
bond-mode 802.3ad
bond-slaves eth0 eth1 eth2
bond-xmit-hash-policy layer3+4
auto vlan0
iface vlan0
vlan-raw-device bond0
address 10.132.253.4/31
address 2a03:2260:2342:fe09::1/126
On non cumulus distribution bond-min-links doesn't default to 1
For some reasons the min_links value wasn't cache with the other
bond values, if you issue an ifreload on a running/existing configuration
since the min_links value is not cache ifreload will down the bond, set
min_links to 1, then bond up. When taking the bond down the kernel will
also flush the ipv6 address but not the ipv4 address...
The issue was reported by an ifupdown2 contributor on github. He find out
that when running ifreload the ipv6 were flushed.
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: CM-13996
Reviewed By: Roopa, Nikhil G
Testing Done:
With the following configuration:
auto bond0
iface bond0
bond-min-links 1
bond-mode 802.3ad
bond-slaves eth0 eth1 eth2
bond-xmit-hash-policy layer3+4
auto vlan0
iface vlan0
vlan-raw-device bond0
address 10.132.253.4/31
address 2a03:2260:2342:fe09::1/126
On non cumulus distribution bond-min-links doesn't default to 1
For some reasons the min_links value wasn't cache with the other
bond values, if you issue an ifreload on a running/existing configuration
since the min_links value is not cache ifreload will down the bond, set
min_links to 1, then bond up. When taking the bond down the kernel will
also flush the ipv6 address but not the ipv4 address...
The issue was reported by an ifupdown2 contributor on github. He find out
that when running ifreload the ipv6 were flushed.
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: CM-13967
Reviewed By: julien, nikhil
Testing Done: tested failing config in the bug
This patch fixes a cache_update problem caught during mtu updates.
Cache updates were failing silently, leaving stale cache values.
For the below config, ifupdown2 was falsely reporting an mtu error,
because the cache had a stale mtu default value
$ifquery peerlink-3 peerlink-3.4094
auto peerlink-3
iface peerlink-3
bond-slaves swp32s0 swp32s1
bond-mode 802.3ad
mtu 9202
auto peerlink-3.4094
iface peerlink-3.4094
address 27.0.0.11/32
mtu 9202
$ifreload -a
warning: peerlink-3.4094: vlan dev mtu 9202 is greater than lower realdev peerlink-3 mtu 1500
Before patch:
sequence of events:
- build cache with current system running mtu
- link set mtu 9202 on peerlink-3
- update cache for peerlink-3 to 9202 <---- cache update fails
- when processing peerlink-3.4094, query cache for lowerdev peerlink-3
mtu: this returns 1500 <--- stale cache value
- print warning
After patch:
sequence of events:
- build cache with current system running mtu
- link set mtu 9202 on peerlink-3
- update cache for peerlink-3 to 9202 <---- cache updates to 9202
- when processing peerlink-3.4094, query cache for lowerdev peerlink-3
mtu: this returns 9202
- success and proceed
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-13817
Reviewed By: Roopa, Kanna, Nikhil G
Testing Done:
1) use inet and inet6 dhcp in interfaces file
2) do a ifup -v
3) make sure dhclient v4 and v6 is running
4) now remove inet6 dhcp section
5) ifreload -a -v (should kill dhclient6)
6) replace inet by inet6
7) ifreload -a -v (should kill dhclient4 and exec dhclient6)
etc.. I played with all possible combinations
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: CM-13737
Reviewed By: Roopa, Nikhil G
Testing Done:
Incremental commit for CM-13737
Create a policy file such as:
$ cat /var/lib/ifupdown2/policy.d/defaults_policy.json
{
"README": "This file is automatically generated. Do not edit this file.",
"ethtool": {
"defaults": {
"link-autoneg": "off",
"link-duplex": "full",
"link-speed": "1000"
},
"iface_defaults": {}
}
}
then do ifdown lo && ifup lo
without this patch or af8734d18a
you would reproduce the fail
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
It was initially set in a place where only interfaces with
dependencies were processed. This patch moves it to the right
place.
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
auto br0
iface br0
bridge-ports swp1 swp2
bridge-ports swp3 swp4
running ifquery in this configuration gaves us 2 identical warnings:
warning: br0: ignoring duplicate bridge-ports lines: ['swp3 swp4']
warning: br0: ignoring duplicate bridge-ports lines: ['swp3 swp4']
when running ifreload -a we still see 2 warnings, this will need to be looked
at later.
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: CM-13248
Reviewed By: Roopa, Kanna, Nikhil G
Testing Done: See bug
Today before starting dhclient6, we are sleeping 2 seconds we need to make sure
the configured interface is up and has a link-local address.
In some cases 2 seconds is not enough. This patch will install a retry loop
with a 10 sec timeout.
We are querying ip -6 addr show to make sure the interface is properly confi-
-gured but in the future the plan is to move this call to netlink.
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: CM-12988
Reviewed By: julien, nikhil
Testing Done: Tested ifdown and ifup of vrf device with --with-depends
This patch fixes transient errors like below on vrf slaves when
vrf device is being brought up with --with-depends:
"error: swp1: vrf vrf1 not around, skipping vrf config
error: br100: vrf vrf1 not around, skipping vrf config
error: br101: vrf vrf1 not around, skipping vrf config"
In this patch, the vrf device is brought up on bringing
up of the first vrf slave. This is also done in the normal
ifreload -a case.
history on --with-depends for vrf: On vrf device down,
a bunch of slave state gets cleaned up.
and today, ifup of vrf device alone does not fix all that state
especially when there are vrr (macvlan) interfaces involved.
One has to use --with-depends. This is now also part of documentation
https://tickets.cumulusnetworks.com/browse/UD-851
$ifdown vrf1
$ifup vrf1 --with-depends
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
bridge-access is given
Ticket: CM-13683
Reviewed By: julien
Testing Done: Tested with bridge-access, bridge-pvid and bridge-vids on
a bridge-port
$ifquery swp21 bridge
auto swp21
iface swp21
bridge-access 100
bridge-pvid 100
auto bridge
iface bridge
bridge-ports swp20 swp21
bridge-vlan-aware yes
$ifreload -a
warning: swp21: bridge-access given, bridge-vids and bridge-pvid will be
ignored
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-13221
Reviewed By: julien, nikhil
Testing Done: tested mtu propagation for vlan devices
This is a followup to commit
29de36f36053 ("addons: address: various fixes for mtu handling").
This fixes a pending issue with mtu readjustments on vlan
interfaces on top of physical interfaces.
eg: with the below config:
$ifquery -a
auto swp1.100
iface swp1.100
auto swp1
iface swp1
mtu 9000
/* at boot-up swp1 and swp1.100 mtu is set to 9000 */
$ifdown swp1 /* resets swp1 mtu to 1500. swp1.100 mtu is reset to 1500
implicitly by the kernel */
$ifup swp1 /* swp1 mtu is set to 1500. But swp1.100 mtu stays at 1500
*/
This problem is unique to physical interfaces and vlan devices on
physical interfaces. This is because, when logical interface is ifdown,
kernel deletes all its sub-interfaces. And on the way up (ifup),
ifupdown2 re-creates all these sub-interfaces for you....that
sequence re-adjusts the mtu. For physical
interfaces, since the sub-interfaces are not deleted,
ifupdown2 does not do anything...and mtu of the subinterface is left to
what it was. And this ends up being what was there initially when the
lower interface went down. And ifdown of the lower physical interface,
resets the physical mtu to default which is 1500. The sub-interface mtu
returns to 1500 while the lower physical interface remains down.
(another detail here: kernel vlan driver re-adjusts mtu of the vlan
sub-interface on its own when the lower device mtu becomes lower. But
does not re-adjust its mtu when the lower device mtu increases. This is
expected and correct behavior). We will have to work around it in
ifupdown2 to suit our needs.
two solutions:
a) when physical interface is brought up, ifupdown2 can go and
pro-actively adjust the upper sub-interface mtu
OR
b) when physical interface is brought down, do not reset the mtu on the
device to default
(b) is the easiest and costs less if we dont expect the mtu of a
physical device to go to default on ifdown.
(a) is doable too, but is additional cost to go over all upper
interfaces.
This patch fixes this problem with solution (a). But, makes sure
this does not add additional cost to the default ifreload -a path.
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: None
Reviewed By: Roopa
Testing Done:
This was discover while working on CM-13767 and some other vxlan issues
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
This reverts commit 32e2363a69.
I pushed this commit by mistake. It was a local commit waiting to be reviewed.
Reverting it for now, might be applied later after positive review.
Ticket: CM-13536
Reviewed By: None
Testing Done: Sankaran tested it out
The IFLA_ADDRESS and IFLA_BROADCAST attributes for all interfaces has been a
6-byte MAC address. But the GRE interface uses a 4-byte IP address for this
attribute. This patch allows for decoding a 4-byte value as an IP address as
well as a 6-byte value as a MAC address.
Ticket:
Reviewed By: Roopa, Daniel W, Nikhil G, Dave O, Scott E
Testing Done: ifupdown2 smokes
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: CM-12713
Reviewed By: Roopa, Nikhil G
Testing Done: Test from the bug
% for i in range(1,49):
iface swp${i}
mtu 9216
link-speed 10000
link-duplex full
link-autoneg off
% endfor
auto swp1
iface swp1
% ifup -a -v # should only up swp1
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: CM-13316
Reviewed By: Roopa, Nikhil G
Testing Done:
auto v0
iface v0
vlan-id 100
vlan-raw-device tap1
auto v1
iface v1
vlan-id 100
vlan-raw-device tap2
auto v2
iface v2
vlan-id 100
vlan-raw-device tap3
auto br0
iface br0
bridge-ports tap9 regex v.*
In this specific case, if you remove v0 then execute ifreload ifupdown2 will
barf and say that v0 still exists as a dependency of br0.
From roopa:
The problem here is that the dependency gathering should have been done after
the ifdown's. However the ifdown's need the dependency tree for built in
interfaces which could be part of globs. And this dependency tree needs to be
the current state of things so can't do the selective picking of interfaces
either. So, its a chicken and egg problem.
Ideally when one uses regex, if he is removing an interface that was matched by
a regex, he has to do a 'ifdown' manually today. 'ifdown v0' in this case.
So today we decided to change the warning message to let the user know that he
should manually down the interface that matches a regex.
This is not a permanent fix but a work-around. We don't want to introduce new
changes that may introduce false positive case for existing and working config
post 3.2:
-----------
we should consider doing the down's in two phases during ifreload
a) down everything that we are very certain was removed from the file
(to make sure regex's don't catch it).
b) build dependency tree and run through the down's once more, to
catch all glob matches for built-in interfaces
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
