Fixes:
- addresses: reassign ipv6 addresses when IFA_F_DADFAILED flag is set (closes #42)
- link: add most missing vxlan attributes (closes #43)
- routing: improve handling for routes with broken dev setting (closes #40)
- routing: fix exception when removing ip rules (closes #39)
- schema: interfaces needs to have link settings (closes #41)
- schema: require a kind setting in interfaces.link
Changes:
- netns: fail when run from inside a netns if namespaces to be configured
Fixes:
- link: drop master_netns option as it is not supported by the linux kernel
- link: fix netns related temporary link name generation
- link: fix racy netlink exceptions in IPRoute.get_links() for missing links
- wireguard: handle endpoint lookup errors gracefully
Fixes:
- netns: fix vrrp race condition due to concurrent netlink socket access
- wireguard: fix vrrp race condition due to concurrent netlink socket access
Fixes:
- link: set master before applying brport settings (regression from fixing #35)
Changes:
- vrrp: reduce logging severity for skipped interfaces in vrrp actions to debug
Fixes:
- link: make veth links netns aware (fixes #34) (reported by @magic_rb)
- link: fix creating virtual links with master attribute (closes #35)
- link: fix false positive error when removing veth links (closes #36)
- vrrp-fifo: fix exception in worker process if WireGuard is used (closes #37)
Changes:
- show: do not dump lo interfaces
- tc: add missing defaults cleanup option for tc settings (closes #32)
- vrrp-fifo: improve handling of multiple instances/groups, apply config on reload
Fixes:
- link: add missing copy of vrrp options to cshaper ifb devices (closes #31)
- tc: fix false positive exceptions when cleaning qdiscs (closes #33)
- netns: fix process forks for every NetNS on every vrrp-fifo state change
Changes:
- routing: add support for new iproute2 6.5+ rt_* files directory (/usr/lib/iproute2)
Fixes:
- cli: fix broken show commands
Changes:
- vrrp-fifo: track pids and send SIGHUP for reloading vrrp-fifo runners during apply
Fixes:
- do not use /run/ifstate as a state directory since it may collide with the state file of ifupdown*
- vrrp-fifo: fix using outdated LinkRegistry breaking most vrrp setups
This release fixes yet another regression (ifstate 1.9.0+) breaking the vrrp-fifo implementation for interfaces not existing on start-up of the vrrp-fifo action.
Changes:
- logging: add logging.exception to some exception handlers
Fixes:
- vrrp-fifo: fix TypeError exceptions on state changes breaking vrrp
- routing: fix vrrp routing setup for netns (regression by 6feb5ba)
This release fixes a regression (ifstate 1.9.0+) breaking the vrrp-fifo implementation due to an internal exception.
Changes:
- ethtool: allow default settings for ethtool
- link: allow unsetting the master attribute
- link: improve attr state debug logging
- routing: add vrrp conditions for routing item
Fixes:
- ethtool: fix broken speed and duplex advertise
- ethtool: fix 'change' settings not working at all
- link: fix logging a change for orphan physical links which are already down
Changes:
- netns: port set_netnsid from pyroute2 to make netns handling work on pyroute <=0.79
Fixes:
- netns: fix showing new netns namespaces as unchanged
- netns: fix "missing lo" errors due to missing inventory of new created netns namespaces
- schema: xfrm interfaces requires the xfrm_if_id attribute, xfrm_link is optional
Changes:
- fdb: allow to configure bridge fdb permanent and noarp (static) entries
- link: allow binding of virtual tunnel interfaces into another netns (liske/ifstate#28)
- link: configure
lointerface by default in all namespaces (liske/ifstate#24) - link: sort links in stage by netns and name but handle
loalways first - sysctl: add mpls settings support
Fixes:
- cli: fix NameError exception for show action
- vxlan: the vxlan_link attribute is not required
This version adds support to manage bridge fdb entries. This allows, among other things, to build distributed bridges using vxlan tunneling with unicast underlays and static flooding.
Changes:
- defaults: add default interface settings (addresses, link, neighbours)
- netns: add networking namespace support
- link: add link registry and track link dependencies
Fixes:
- link: false positive warnings about settings that could not be changed (liske/ifstate#24)
- xdp: ctype exception if a bpf program refered from xpd is missing
This version adds netns super capabilities. A dependency resolver optimizes the order in which interfaces are configured, circular dependencies are now correctly detected.
Changes:
- vrrp: add SIGHUP handler for config reloading (vrrp-fifo)
- vrrp: set process title to ease reloading by SIGHUP (vrrp-fifo)
Fixes:
- link: recreate virtual interfaces if settings could not be changed (liske/ifstate#17, liske/ifstate#23)
Before this release it was possible that some link settings were not changed unnoticed (if the kernel did not throw a netlink error). A known setting is the vlan_id for vlan links which cannot be changed after link creation nor throws any netlink error. This condition is now detected and the interface is recreated using the correct settings.
Fixes:
- logging: drop defaults from logging formatter to be python 3.9 compatible (liske/ifstate#21)
Fixes:
- link: fix broken interface recreation (liske/ifstate#13)
- link: fix unusable tun/tap implementation (liske/ifstate#14)
- link: do not change link states in check mode (liske/ifstate#16)
- link: fix handling of multiple interface with same mac address (liske/ifstate#18)
- logging: fix using always lastResort logger (liske/ifstate#20)
- vrrp: fix broken fifo instance handling due to extra priority values (liske/ifstate#15)
Changes:
- logging: add syslog logging while running detached (i.e. vrrp script)
Changes:
- link: add missing device group support
Fixes:
- link: fix TypeError exception when a physical link is missing (liske/ifstate#8)
- routing: handle unresolvable rt lookups gracefully
This release fixes a bug that could cause a host to not get a working network configuration at boot time.
When a physical link is missing ifstate prints a warning about it. Due to a TypeError exception (liske/ifstate#8) ifstate did crash in the link configuration phase. This breaks all ip configuration if any referenced physical link was missing.
Changes:
- bpf: add missing map pinning
- bpf: cleanup unused libbpf1 bindings
- bpf: improve error handling
- sysctl: apply settings before interface state is set to up
- xdp: improve error handling
Fixes:
- bpf: do not reload unchanged bpf programs due to broken error condition
- bpf: fix bpffs mount detection
- link: drop IFLA_ALT_IFNAME conflict on IFLA_IFNAME on rename or create
- logging: don't crash if stderr is closed1 (liske/ifstate#5)
- sysctl: fix setting for renamed interfaces2
- sysctl: handle procfs errors gracefully3 (liske/ifstate#6)
- xdp: fix broken detection of current attached xdp
This release fixes critical bugs that could cause a host to not get a working network configuration at boot time.
Remarks:
- This could break the complete network setup if a host is booted with a broken
console=kernel parameter. - The sysctl settings were applied using the wrong interface name. Combined with 3. it breaks the network setup during boot if the sysctl setting was used on a interface which needs to be renamed.
- Do not crash if a procfs file cannot be opened.
Changes:
- brport: add settings to show commands
- bpf: add shared bpf programs support
- shell: add tab completion
- xdp: pin maps for loaded objects
Fixes:
- xdp: fix error handling on libbpf.bpf_object__open_file
- xdp: fix loading of pinned programs
Changes:
- bport: add support for bridge port settings
- logger: silence skipped steps unless being verbose
- shell: add a interactive python shell
Fixes:
- link: fix exception on link recreation
- link: several minor bugfixes
Changes:
- xdp: allow to specify attach mode
- xdp: check libbpf symbols before enabling feature
Fixes:
- schema: fix xdp pinned format pattern
- xdp: fix exception if libbpf.so.1 is not available
Changes:
- xdp: add experimental eXpress Data Path (XDP) support
- link: add txqlen link setting
Fixes:
- schema: fix link kind descriptions
Changes:
- neighbours: add static ip neighbour configuration
Fixes:
- schema: revert to json schema Draft 7 due to regressions
- schema: fix usage of ipv4 & ipv6 format
- packaging: make setup.py work with pyroute2<0.6, pyroute2>=0.6 and pyroute2.minimal
Changes:
- cshaper: add simple tc-cake based shaping
Fixes:
- addresses: add missing exception handling
- pyroute2: workaround NetlinkError regression (pyroute2 #845 #847)
Changes:
- link: add attribute value mappings for bond and vlan interfaces
- schema: add link name validation
Fixes:
- link: fix exception while 'show' for master/link to other netns
- schema: simplify and make it work on jschon validator
- schema: fix shortened path output on validation errors
Fixes:
- ethtool: fix module import for pyroute2 0.6+
- show: fix missing attributes
- tc: fix internal exception during apply
Fixes:
- link: recreate virtual interfaces if updating fails
- wireguard: deep compare a peer's set of allowedips
Fixes:
- schema: fix broken geneve links
Changes:
- routing: make route matching verbose in verbose mode
Fixes:
- routing: fix ipv6 routes get removed accidentally since the kernel uses a default priority of 1024 vs. 0 on ipv4 routes
Fixes:
- check: fix broken check command (TypeError exception)
Changes:
- vrrp: add support for failover link setups, design to work with keepalived's notify script or fifo interface
- ignore: add proto keepalived(18) to builtin lists
Fixes:
- addresses: replacing primary ipv4 addr was broken due to add-before-del
- link: make businfo available in iface settings check
- link: make businfo lower case
- link: supress exceptions on unsupported permaddr or businfo
- wireguard: fix broken apply iface settings
Changes:
- support bus_info link identification [ethtool -i]
Fixes:
- wireguard: fix name of persistent_keepalive_interval
- link: add permaddr to kernel iface settings before for compare
Fixes:
- several bugs in show command:
- show missing master device
- ignore non-scalar link attributes
- fix kind None for some physical devices
Changes:
- support prefered src address on routes
- support preference on routes
- support mtu setting on links
- support permanent address link identification [ethtool -P]
- improve show command output, drop unset values
- apply builtin filters on show command
- add the showall command to view builtin settings
Fixes:
- fix broken show command
Changes:
- add schema support for ifalias
Fixes:
- fix link lookup by mac address
Changes:
- ignore: move defaults to builtin keys to make them extendable by the config
- update project & schema url to new domain (ifstate.net)
- improve tc implementation, support ingress qdisc
Fixes:
- handle empty configs more gracefully
- add quirks to make veth links work
Changes:
- link: add ifb support
- tc: add experimental support
- tc qdisc
- tc filter
- wireguard: catch exception if wireguard netlink support is missing
Changes:
- ignore dynamic ip addresses by default and make it configurable
- logging: make it async to prevent lockup while running ifstatecli from remote connections
- netlink: handle exceptions more gracefully (
EEXIST) - parser: handle pyyaml exceptions more gracefully
- parser: improve
!includetag - schema: add missing additionalProperties constraints
- schema: add missing
masterlink property (for dummy and wireguard links) - schema: add
--soft-schemaCLI parameter
Changes:
- ignore keepalive's vrrp interfaces by default
- make routing ignores more flexible allowing to filter for any properties
- jsonschema: do not allow addtional properties on more settings
- handle missing physical links more gracefully
- ethtool: fallback to predefined executable if it is not found in
$PATH - rules: make table id only required for
to_tblaction - multiple bugfixes
Changes:
- Add missing
dummyinterface type to schema. - Fix WireGuard peer
endpointsetting handling.
Changes:
- ifstatecli: Add
!includetag to read secrets from external files. - Add WireGuard configuration support.
Changes:
- Fix broken ethtool pause schema.
- Make link dependencies work.
- Change interface state in a final dedicated step.
- Minor bugfixes.
Changes:
- Add ethtool support.
- Minor cleanups.
Changes:
- Add sysctl support.
- Add more exception handling for pyroute2 calls (NetLinkErrors).
- Minor bugfixes.
Changes:
- Ignore kernel routes flagged
RTM_F_CLONED. - Ignore IPv6 multicast route prefix (required for
VRF). - Merge
ignoreconfiguration for unset keys with default values. - Handle interface name collisions more gracefully.
- Implement routing rule support.
Changes:
- Add interface index translations for some interface types:
GREIP6GREVXLANXFRM
- Delay route interface lookup to fix exception for routes on new interfaces.
Changes:
- Bugfix: support
masterattribute as interface name (add lookup). - Improve route comparision: ignore unconfigured kernel route settings.
- Update schema to support integer values for various fields.
Changes:
- Add schema support (json-schema).
- Ignore dynamic docker bridges by default (
^br-[\da-f]{12}).