---
Makefile | 42 +++++
debian/changelog | 174 +++++++++++++++++++++
debian/compat | 1 +
debian/control | 31 ++++
debian/copyright | 28 ++++
debian/ifupdown2.postinst | 86 ++++++++++
...0001-start-networking-add-usr-bin-in-PATH.patch | 28 ++++
...ns-scripts-fix-ENV-for-interfaces-options.patch | 29 ++++
debian/patches/0003-config-tuning.patch | 52 ++++++
.../0004-manual-interfaces-set-link-up.patch | 58 +++++++
...e-tap-veth-fwpr-interfaces-from-bridge-on.patch | 27 ++++
...6-netlink-IFLA_BRPORT_ARP_SUPPRESS-use-32.patch | 29 ++++
...0007-add-dummy-mtu-bridgevlanport-modules.patch | 69 ++++++++
.../patches/0008-add-vxlan-physdev-support.patch | 159 +++++++++++++++++++
debian/patches/series | 8 +
debian/rules | 21 +++
16 files changed, 842 insertions(+)
create mode 100644 Makefile
create mode 100644 debian/changelog
create mode 100644 debian/compat
create mode 100644 debian/control
create mode 100644 debian/copyright
create mode 100644 debian/ifupdown2.postinst
create mode 100644
debian/patches/0001-start-networking-add-usr-bin-in-PATH.patch
create mode 100644
debian/patches/0002-addons-scripts-fix-ENV-for-interfaces-options.patch
create mode 100644 debian/patches/0003-config-tuning.patch
create mode 100644 debian/patches/0004-manual-interfaces-set-link-up.patch
create mode 100644
debian/patches/0005-don-t-remove-tap-veth-fwpr-interfaces-from-bridge-on.patch
create mode 100644
debian/patches/0006-netlink-IFLA_BRPORT_ARP_SUPPRESS-use-32.patch
create mode 100644
debian/patches/0007-add-dummy-mtu-bridgevlanport-modules.patch
create mode 100644 debian/patches/0008-add-vxlan-physdev-support.patch
create mode 100644 debian/patches/series
create mode 100755 debian/rules
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..0c7b646
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,42 @@
+PACKAGE=ifupdown2
+VERSION=1.1
+PKGREL=cl3u18
+
+DIR=${PACKAGE}-${VERSION}
+SRC=${PACKAGE}-${VERSION}.orig.tar.xz
+
+
+ARCH:=$(shell dpkg-architecture -qDEB_BUILD_ARCH)
+
+GITVERSION:=$(shell git rev-parse HEAD)
+
+DEB=${PACKAGE}_${VERSION}-${PKGREL}_${ARCH}.deb
+
+.PHONY: deb
+${DEB} deb: ${SRC}
+ rm -rf ${DIR}
+ tar xf ${SRC}
+ cp -a debian ${DIR}
+ cd ${DIR}; dpkg-buildpackage -rfakeroot -b -uc -us
+
+.PHONY: download
+download:
+ rm -rf ${DIR} $(SRC)
+ git clone git://github.com/CumulusNetworks/ifupdown2 ${DIR}
+ cd ${DIR}; git checkout ${PKGREL}
+ tar czf ${SRC} ${DIR}/
+
+.PHONY: upload
+upload: ${DEB}
+ tar cf - ${DEB}|ssh -X repo...@repo.proxmox.com -- upload --product
pmg,pve --dist stretch
+
+.PHONY: distclean
+distclean: clean
+
+.PHONY: clean
+clean:
+ rm -rf *~ debian/*~ *.deb ${BUILDDIR} *.changes *.dsc *.buildinfo
+
+.PHONY: dinstall
+dinstall: deb
+ dpkg -i ${DEB}
diff --git a/debian/changelog b/debian/changelog
new file mode 100644
index 0000000..9609ca6
--- /dev/null
+++ b/debian/changelog
@@ -0,0 +1,174 @@
+ifupdown2 (1.1-cl3u18) RELEASED; urgency=medium
+
+ * Closes: CM-20069: Link down does not work on SVI configured in a VRF
+ * Closes: CM-20027: ifreload causes MTU to drop on bridge SVIs
+ * Closes: CM-20002: addons: addressvirtual: check if SVI name is first in
routing table
+ * Closes: CM-19587: ifreload error on deleting bond slaves from an already
configured bond
+ * Closes: CM-19882: ifupdown2 error is confusing when netmask is specified
for vxlan-local-tunnelip
+ * Closes: CM-19760: ifupdown2 syntax check needed for vxlan interfaces
+ * Closes: CM-19081: vxlan-ageing default timer doesn't align with
bridge-ageing
+ * Closes: CM-14031: Error with "ifreload -a -n" when MGMT VRF is not Applied
+ * Closes: CM-19075: using reserved VLAN range reports error but ifreload
returns 0
+ * Closes: CM-18882: unable to set bridge-portmcrouter to "2"
+ * Closes: CM-19760: vxlan syntax-check warn on missing vxlan-local-tunnelip
+ * Closes: github #39: addons: vrf: fix vrf slave link kind
+ * New. Enabled: addons: vxlan: add support for vxlan-port attribute
+
+ -- dev-support <dev-supp...@cumulusnetworks.com> Thu, 08 Feb 2018 10:42:42
+0100
+
+ifupdown2 (1.1-cl3u17) RELEASED; urgency=medium
+
+ * Closes: CM-19671: ip[6]-forward attributes not set at boot
+
+ -- dev-support <dev-supp...@cumulusnetworks.com> Thu, 08 Feb 2018 09:48:37
+0100
+
+ifupdown2 (1.1-cl3u16) RELEASED; urgency=medium
+
+ * Closes: CM-18647, CM-19279. fix python exception on macvlans address dump
+ * Closes: CM-19332. fix eth0 doesn't acquire DHCP address when mgmt VRF is
enabled
+
+ -- dev-support <dev-supp...@cumulusnetworks.com> Tue, 09 Jan 2018 02:02:58
+0100
+
+ifupdown2 (1.1-cl3u15) RELEASED; urgency=medium
+
+ * New. Enabled: bridge: add support for bridge-l2protocol-tunnel
+ * New. Enabled: bridge attributes, when removed reset to default
+ * New. Enabled: vxlan attributes, when removed reset to default
+ * New. Enabled: improve handling of optional resources (if missing
bridge-utils/ethtool)
+ * Closes: CM-17577 & CM-18951. fix policy "iface_defaults" not supported for
MTU
+ * Closes: CM-18161. fix address module: handling of ipv4 & ipv6 (add/remove)
+ * Closes: CM-18262. fix warning for vlan reserved range
+ * Closes: CM-18886. fix MTU handling on bridge SVIs
+
+ -- dev-support <dev-supp...@cumulusnetworks.com> Wed, 22 Nov 2017 19:07:43
+0100
+
+ifupdown2 (1.1-cl3u14) RELEASED; urgency=medium
+
+ * New. Enabled: default policy for bridge MAC address
+ * Closes: CM-18458. ethtool: don't set link speed and duplex if autoneg is on
+
+ -- dev-support <dev-supp...@cumulusnetworks.com> Wed, 25 Oct 2017 23:12:27
+0200
+
+ifupdown2 (1.1-cl3u13) RELEASED; urgency=medium
+
+ * Closes: CM-17789: fix: VRF: ssh session not killed on ifreload
+
+ -- dev-support <dev-supp...@cumulusnetworks.com> Fri, 15 Sep 2017 22:43:12
+0200
+
+ifupdown2 (1.1-cl3u12) RELEASED; urgency=medium
+
+ * New. Enabled: mpls-enable attribute
+ * New. Enabled: bond and bridge module moved to netlink configuration
+ * New. Enabled: handle a mix of auto and specified vrf table ids
+ * Closes: CM-14152. igmp attribute reset to defaults when removed from config
+
+ -- dev-support <dev-supp...@cumulusnetworks.com> Mon, 07 Aug 2017 22:14:03
+0200
+
+ifupdown2 (1.1-cl3u11) RELEASED; urgency=medium
+
+ * Closes: CM-16341. Fix link-down attribute not applied on slave ports
+ * Closes: CM-16225. Fix bug that prevented config of mtu below 1280
+
+ -- dev-support <dev-supp...@cumulusnetworks.com> Thu, 18 May 2017 12:45:21
-0700
+
+ifupdown2 (1.1-cl3u10) RELEASED; urgency=medium
+
+ * New. Enabled: drop the dependency to pkg_resources, hardcode version
number (closes: #855401)
+ * New. Enabled: adjust allow-hotplug behavior to ifupdown (closes: #855598)
+ * New. Enabled: bond-lacp-rate support slow/fast argument
+ * New. Enabled: ifquery --syntax-help: add support for json output
+ * New. Enabled: vlan: add new attribute 'vlan-protocol'
+ * New. Enabled: address: add new attribute 'ip6-forward'
+ * New. Enabled: bridge: add new attribute 'bridge-mcstats'
+ * New. Enabled: bridge: add new attribute 'bridge-vlan-stats'
+ * New. Enabled: bridge: add new attribute 'bridge-vlan-protocol'
+ * New. Enabled: bridge: add new attribute 'bridge-arp-nd-suppress'
+ * Closes: CM-8424. bond: add attribute bond-(up|down)delay
+ * Closes: CM-12320. bridge-vids: --syntax-check accepts legacy syntax
+
+ -- dev-support <dev-supp...@cumulusnetworks.com> Mon, 17 Apr 2017 06:18:04
+0200
+
+ifupdown2 (1.1-cl3u9) RELEASED; urgency=medium
+
+ * New. Enabled: support for bridge-learning attribute
+
+ -- Cumulus Networks <dev-supp...@cumulusnetworks.com> Mon, 06 Feb 2017
13:22:51 -0800
+
+ifupdown2 (1.1-cl3u8) RELEASED; urgency=medium
+
+ * New. Enabled: update link-speed values: add 25G and 50G
+ * New. Enabled: new 'link-down' [yes|no] attribute to keep link down
+
+ -- dev-support <dev-supp...@cumulusnetworks.com> Tue, 17 Jan 2017 08:39:29
+0100
+
+ifupdown2 (1.1-cl3u7) RELEASED; urgency=medium
+
+ * New. Enabled: fix for inet and inet6 dhcp on the same interface
+ * New. Enabled: syntax check to warn on common configuration mistakes
+ * New. Enabled: addons: bridge: disable ip fwding on a bridge with no ip
+ and no upperifaces
+ * Closes: CM-13221: fixes for MTU handling
+ * Closes: CM-13248: dhcpv6 fails if interface doesn't have link-local addr
+
+ -- dev-support <dev-supp...@cumulusnetworks.com> Wed, 07 Dec 2016 05:48:45
+0100
+
+ifupdown2 (1.1-cl3u6) RELEASED; urgency=medium
+
+ * Closes: github #14. add environment variables passed to user scripts
+ * New. Enabled: addons may provide a list of ifupdown scripts to ignore
+
+ -- dev-support <dev-supp...@cumulusnetworks.com> Mon, 19 Sep 2016 16:37:36
-0700
+
+ifupdown2 (1.1-cl3u5) RELEASED; urgency=medium
+
+ * Closes: CM-12798. fix handling of EXISTS errors on address add
+ * Closes: CM-11214. fix handling of mtu on addressvirtual macvlan devices
+ * Closes: CM-12884. fix mako namespace handling
+
+ -- dev-support <dev-supp...@cumulusnetworks.com> Fri, 16 Sep 2016 12:48:04
-0700
+
+ifupdown2 (1.1-cl3u4) RELEASED; urgency=medium
+
+ * Performance improvements
+ * New. Enabled: sbin: start-networking: support hotplug class from init
script
+ * New. Enabled: support for classical numerical bond modes
+ * New. Enabled: extend ifquery support for mstpctl addons
+ * New. Enabled: each addon may perform semantic and syntax checks by
+ implementing a custom method
+ * Closes: CM-11745. Support for address-virtual lines under a vrf slave
+ * Closes: CM-11718. Defaults for link attributes were not applied
+ * Closes: CM-11511. Disable IPv6 duplicate address detection on VRR
interfaces
+ * Closes: CM-11485. Fix ifquery to extract vlan-id from iface if not preset
+ * Closes: CM-8623. Fix for ifquery -c bridge pvid error on a valid config
+
+ -- dev-support <dev-supp...@cumulusnetworks.com> Fri, 29 Jul 2016 08:55:50
-0700
+
+ifupdown2 (1.1-cl3u3) RELEASED; urgency=medium
+
+ * Closes: CM-11214. Interface configuration parsing error when keyword vlan
+ is the interface name.
+
+ -- dev-support <dev-supp...@cumulusnetworks.com> Sun, 05 Jun 2016 08:55:50
-0700
+
+ifupdown2 (1.1-cl3u2) RELEASED; urgency=medium
+
+ * Closes: CM-10478. checks for invalid address-virtual attributes
+ * New. Deprecated: `mstpctl-stp` attribute
+ * New. Deprecated: lacp parameters: bond-ad-sys-priority,
bond-ad-sys-mac-addr
+ * New. Enabled: addon module for configuring vrf
+ * New. Enabled: bridge: display warning when (in vlan unware bridge)
+ an untagged bridge is not configured
+ * New. Enabled: adjusting MTU for vlan devices depending on lower device mtu
+ * New. Enabled: introduce checks for reserved vrf table names
+ * New. Enabled: ifquery: new option '--with-defaults' to include default
+ attributes
+ * New. Enabled: bridge: disabling ipv6 on bridge if any VXLAN port
+ * New. Enabled: vrf awareness in dhcp addon module
+
+ -- dev-support <dev-supp...@cumulusnetworks.com> Tue, 3 May 2016 14:42:42
-0700
+
+ifupdown2 (1.1-cl3u1) unstable; urgency=low
+
+ * Initial release.
+
+ -- dev-support <dev-supp...@cumulusnetworks.com> Thu, 20 Aug 2015 06:14:24
-0700
diff --git a/debian/compat b/debian/compat
new file mode 100644
index 0000000..ec63514
--- /dev/null
+++ b/debian/compat
@@ -0,0 +1 @@
+9
diff --git a/debian/control b/debian/control
new file mode 100644
index 0000000..5748136
--- /dev/null
+++ b/debian/control
@@ -0,0 +1,31 @@
+Source: ifupdown2
+Section: admin
+Priority: optional
+Maintainer: dev-support <dev-supp...@cumulusnetworks.com>
+Standards-Version: 3.9.8
+Build-Depends: python-setuptools, dh-python, python-all (>= 2.6.6-3),
debhelper (>= 9~), python-docutils, dh-systemd
+Homepage: https://github.com/CumulusNetworks/ifupdown2
+X-Python-Version: >= 2.6
+
+Package: ifupdown2
+Architecture: all
+Suggests: python-gvgen, python-mako
+Replaces: ifupdown
+Conflicts: ifupdown
+Provides: ifupdown
+Depends: ${python:Depends}, ${misc:Depends}, python-argcomplete, python-ipaddr
+Description: Network Interface Management tool similar to ifupdown
+ ifupdown2 is ifupdown re-written in Python. It replaces ifupdown and provides
+ the same user interface as ifupdown for network interface configuration.
+ Like ifupdown, ifupdown2 is a high level tool to configure (or, respectively
+ deconfigure) network interfaces based on interface definitions in
+ /etc/network/interfaces. It is capable of detecting network interface
+ dependencies and comes with several new features which are available as
+ new command options to ifup/ifdown/ifquery commands. It also comes with a new
+ command ifreload to reload interface configuration with minimum
+ disruption. Most commands are also capable of input and output in JSON format.
+ It is backward compatible with ifupdown /etc/network/interfaces format and
+ supports newer simplified format. It also supports interface templates with
+ python-mako for large scale interface deployments. See
+ /usr/share/doc/ifupdown2/README.rst for details about ifupdown2. Examples
+ are available under /usr/share/doc/ifupdown2/examples.
diff --git a/debian/copyright b/debian/copyright
new file mode 100644
index 0000000..7820bea
--- /dev/null
+++ b/debian/copyright
@@ -0,0 +1,28 @@
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: ifupdown2
+Upstream-Contact: Cumulus Networks dev support
<dev-supp...@cumulusnetworks.com>
+Source: http://www.cumulusnetworks.com
+
+Files: *
+Copyright: 2014 Cumulus Networks
+License: GPL-2
+
+Files: debian/*
+Copyright: 2014 Cumulus Networks
+License: GPL-2
+
+License: GPL-2
+ This package is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License
+ .
+ This package is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>
+ .
+ On Debian systems, the complete text of the GNU General
+ Public License version 2 can be found in "/usr/share/common-licenses/GPL-2".
diff --git a/debian/ifupdown2.postinst b/debian/ifupdown2.postinst
new file mode 100644
index 0000000..19365db
--- /dev/null
+++ b/debian/ifupdown2.postinst
@@ -0,0 +1,86 @@
+#!/bin/sh
+# postinst script for ifupdown2
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+# * <postinst> `configure' <most-recently-configured-version>
+# * <old-postinst> `abort-upgrade' <new version>
+# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
+# <new-version>
+# * <postinst> `abort-remove'
+# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
+# <failed-install-package> <version> `removing'
+# <conflicting-package> <version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+process_udev()
+{
+ # override default udev bridge and hotplug rules because they interfere
with
+ # networking init script
+ udev_user_rulesdir=/etc/udev/rules.d/
+ udev_sys_rulesdir=/lib/udev/rules.d/
+ if [ -e $udev_user_rulesdir ]; then
+ udev_ifupdown2_overrides="80-networking.rules
+ 60-bridge-network-interface.rules"
+ for u in ${udev_ifupdown2_overrides}
+ do
+ if [ -e ${udev_sys_rulesdir}/$u -a ! -e ${udev_user_rulesdir}/$u
]; then
+ (cd ${udev_user_rulesdir} && ln -sf /dev/null $u)
+ fi
+ done
+ fi
+}
+
+MYNAME="${0##*/}"
+
+report() { echo "${MYNAME}: $*" ; }
+report_warn() { report "Warning: $*" >&2 ; }
+report_err() { report "Error: $*" >&2 ; }
+
+case "$1" in
+ configure)
+
+ # work around to rename the existing dhclient6 lease file containing a
space
+ for filename in `find /var/lib/dhcp/ -name "dhclient.*.leases "`
+ do
+ if [ -f "$filename " ];
+ then
+ interface_name=`echo $filename | cut -d'.' -f2,3,4,5`
+ mv "$filename " /var/lib/dhcp/dhclient6.$interface_name
+ fi
+ done
+
+ # Generic stuff done on all configurations
+ if [ -f /etc/network/interfaces ] ; then
+ if ! grep -q -E
"^[[:space:]]*iface[[:space:]]+l[o0]([[:space:]]+inet([[:space:]]+loopback)?)?[[:space:]]*$"
/etc/network/interfaces ; then
+ report_warn "No 'iface lo' definition found in
/etc/network/interfaces"
+ fi
+
+ if ! grep -q
"^[[:space:]]*\(allow-\|\)auto[[:space:]]\+\(.*[[:space:]]\+\|\)lo0\?\([[:space:]]\+\|$\)"
/etc/network/interfaces ; then
+ report_warn "No 'auto lo' statement found in
/etc/network/interfaces"
+ fi
+ else # ! -f /etc/network/interfaces
+ if [ -z "$2" ]; then
+ echo "Creating /etc/network/interfaces."
+ echo "# interfaces(5) file used by ifup(8) and ifdown(8)" >
/etc/network/interfaces
+ echo "auto lo" >> /etc/network/interfaces
+ echo "iface lo inet loopback" >> /etc/network/interfaces
+ else
+ report_warn "/etc/network/interfaces does not exist"
+ fi
+ fi
+
+ process_udev
+ ;;
+
+ purge)
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
diff --git a/debian/patches/0001-start-networking-add-usr-bin-in-PATH.patch
b/debian/patches/0001-start-networking-add-usr-bin-in-PATH.patch
new file mode 100644
index 0000000..1d5f8f6
--- /dev/null
+++ b/debian/patches/0001-start-networking-add-usr-bin-in-PATH.patch
@@ -0,0 +1,28 @@
+From 46127e614e6d12cebaa53d108ec1b5b883798c3b Mon Sep 17 00:00:00 2001
+From: root <r...@kvmformation1.odiso.net>
+Date: Mon, 14 May 2018 16:25:33 +0200
+Subject: [PATCH 1/4] start-networking : add /usr/bin in PATH
+
+/usr/bin was missing in PATH, so some PATH were not available for addons
scripts
+
+https://github.com/CumulusNetworks/ifupdown2/issues/49
+---
+ sbin/start-networking | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/sbin/start-networking b/sbin/start-networking
+index f4796d8..25e2c8e 100755
+--- a/sbin/start-networking
++++ b/sbin/start-networking
+@@ -4,7 +4,7 @@
+ # Only has start, stop, reload, because that's all systemd has.
+ # restart is implemented in systemd by stop then start.
+
+-PATH="/sbin:/bin"
++PATH="/sbin:/bin:/usr/bin"
+ RUN_DIR="/run/network"
+ IFSTATE_LOCKFILE="${RUN_DIR}/ifstatelock"
+
+--
+2.11.0
+
diff --git
a/debian/patches/0002-addons-scripts-fix-ENV-for-interfaces-options.patch
b/debian/patches/0002-addons-scripts-fix-ENV-for-interfaces-options.patch
new file mode 100644
index 0000000..a5cd586
--- /dev/null
+++ b/debian/patches/0002-addons-scripts-fix-ENV-for-interfaces-options.patch
@@ -0,0 +1,29 @@
+From 9c3dcc88df68adc1acda3faa2118917b038574c5 Mon Sep 17 00:00:00 2001
+From: root <r...@kvmformation1.odiso.net>
+Date: Mon, 14 May 2018 16:27:22 +0200
+Subject: [PATCH 2/4] addons scripts : fix ENV for interfaces options
+
+This is a bug currently, where env vars with interfaces options
+were not reset between interfaces
+
+https://github.com/CumulusNetworks/ifupdown2/issues/49
+---
+ ifupdown/ifupdownmain.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/ifupdown/ifupdownmain.py b/ifupdown/ifupdownmain.py
+index 3c72429..e818880 100644
+--- a/ifupdown/ifupdownmain.py
++++ b/ifupdown/ifupdownmain.py
+@@ -1556,7 +1556,7 @@ class ifupdownMain(ifupdownBase):
+ cenv = None
+ iface_env = ifaceobj.get_env()
+ if iface_env:
+- cenv = os.environ
++ cenv = dict(os.environ)
+ if cenv:
+ cenv.update(iface_env)
+ else:
+--
+2.11.0
+
diff --git a/debian/patches/0003-config-tuning.patch
b/debian/patches/0003-config-tuning.patch
new file mode 100644
index 0000000..ba8a222
--- /dev/null
+++ b/debian/patches/0003-config-tuning.patch
@@ -0,0 +1,52 @@
+From 849e8213baa8483604a0de6a59695fd3dd98b248 Mon Sep 17 00:00:00 2001
+From: root <r...@kvmformation1.odiso.net>
+Date: Mon, 14 May 2018 16:36:58 +0200
+Subject: [PATCH 3/4] config tuning
+
+allow ovs_... options:
+ addon_syntax_check=0
+
+allow custom addons scripts:
+ addon_scripts_support=1
+
+ multiple_vlan_aware_bridge_support=1
+
+don't shutdown tap, veth, vmbrvX, fwbr on reload
+(as they are not defined in /etc/network/interfaces)
+
+ ifreload_down_changed=1
+---
+ config/ifupdown2.conf | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/config/ifupdown2.conf b/config/ifupdown2.conf
+index 906fdea..aa7f120 100644
+--- a/config/ifupdown2.conf
++++ b/config/ifupdown2.conf
+@@ -29,12 +29,12 @@ disable_cli_interfacesfile=0
+ # are used. But when a mix of scripts and modules are used (which is the
+ # default case), you may get false warnings for attributes supported
+ # by scripts
+-addon_syntax_check=1
++addon_syntax_check=0
+
+ # Support executing of ifupdown style scripts.
+ # Note that by default python addon modules override scripts with the same
+ # name
+-addon_scripts_support=0
++addon_scripts_support=1
+
+ # enable python addons
+ addon_python_modules_support=1
+@@ -42,7 +42,7 @@ addon_python_modules_support=1
+ # By default ifupdown2 only supports a single vlan filtering bridge
+ # on the system. Set this flag to 1 to support multiple vlan
+ # filtering bridges
+-multiple_vlan_aware_bridge_support=0
++multiple_vlan_aware_bridge_support=1
+
+ # ifquery check status strings.
+ # By default `ifquery --check` prints the check and
+--
+2.11.0
+
diff --git a/debian/patches/0004-manual-interfaces-set-link-up.patch
b/debian/patches/0004-manual-interfaces-set-link-up.patch
new file mode 100644
index 0000000..c7358a9
--- /dev/null
+++ b/debian/patches/0004-manual-interfaces-set-link-up.patch
@@ -0,0 +1,58 @@
+From 8ae199ef085b051038427f47fba0c719deda4a30 Mon Sep 17 00:00:00 2001
+From: root <r...@kvmformation1.odiso.net>
+Date: Mon, 14 May 2018 17:06:52 +0200
+Subject: [PATCH] manual interfaces : set link up
+
+by default ifdown2 don't set link up for manual interfaces.
+
+classic ifupdown set link up for manual interfaces.
+I think this has change with jessie and systemd.
+
+https://github.com/CumulusNetworks/ifupdown2/issues/4
+---
+ ifupdown/ifupdownmain.py | 15 +--------------
+ 1 file changed, 1 insertion(+), 14 deletions(-)
+
+diff --git a/ifupdown/ifupdownmain.py b/ifupdown/ifupdownmain.py
+index 3c72429..f1cd2fd 100644
+--- a/ifupdown/ifupdownmain.py
++++ b/ifupdown/ifupdownmain.py
+@@ -90,11 +90,6 @@ class ifupdownMain(ifupdownBase):
+ (ifaceobj.link_privflags & ifaceLinkPrivFlags.VRF_SLAVE)):
+ self._keep_link_down(ifaceobj)
+ return
+- # if not a logical interface and addr method is manual,
+- # ignore link admin state changes
+- if (ifaceobj.addr_method == 'manual' and
+- not ifaceobj.link_kind):
+- return
+ if self._delay_admin_state:
+ self._delay_admin_state_iface_queue.append(ifaceobj.name)
+ return
+@@ -127,11 +122,6 @@ class ifupdownMain(ifupdownBase):
+ # there is no real interface behind it
+ if ifaceobj.type == ifaceType.BRIDGE_VLAN:
+ return
+- # if not a logical interface and addr method is manual,
+- # ignore link admin state changes
+- if (ifaceobj.addr_method == 'manual' and
+- not ifaceobj.link_kind):
+- return
+ if self._delay_admin_state:
+ self._delay_admin_state_iface_queue.append(ifaceobj.name)
+ return
+@@ -520,10 +510,7 @@ class ifupdownMain(ifupdownBase):
+ def _set_iface_role_n_kind(self, ifaceobj, upperifaceobj):
+
+ # If addr_method is set and link is not a logical interface,
+- # set flag KEEP_LINK_DOWN. addr_method == 'manual' only applies to
+- # logical interfaces.
+- if (ifaceobj.addr_method == 'manual' and not ifaceobj.link_kind):
+- ifaceobj.link_privflags |= ifaceLinkPrivFlags.KEEP_LINK_DOWN
++ # set flag KEEP_LINK_DOWN.
+
+ if (upperifaceobj.link_kind & ifaceLinkKind.BOND):
+ self._set_iface_role(ifaceobj, ifaceRole.SLAVE, upperifaceobj)
+--
+2.11.0
+
diff --git
a/debian/patches/0005-don-t-remove-tap-veth-fwpr-interfaces-from-bridge-on.patch
b/debian/patches/0005-don-t-remove-tap-veth-fwpr-interfaces-from-bridge-on.patch
new file mode 100644
index 0000000..deb0b23
--- /dev/null
+++
b/debian/patches/0005-don-t-remove-tap-veth-fwpr-interfaces-from-bridge-on.patch
@@ -0,0 +1,27 @@
+From fc168d1897cefd4781722af58f856b2686074d0d Mon Sep 17 00:00:00 2001
+From: root <r...@kvmformation1.odiso.net>
+Date: Wed, 16 May 2018 02:11:45 +0200
+Subject: [PATCH] don't remove (tap|veth|fwpr) interfaces from bridge on ifup
+ bridge
+
+as we don't defined them in /etc/network/interfaces
+---
+ addons/bridge.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/addons/bridge.py b/addons/bridge.py
+index 7c582e9..e294c95 100644
+--- a/addons/bridge.py
++++ b/addons/bridge.py
+@@ -944,7 +944,7 @@ class bridge(moduleBase):
+ runningbridgeports = self.brctlcmd.get_bridge_ports(ifaceobj.name)
+ if runningbridgeports:
+ for bport in runningbridgeports:
+- if not bridgeports or bport not in bridgeports:
++ if ( not bridgeports or bport not in bridgeports ) and
not re.match('^(tap|veth|fwpr)',bport):
+ self.ipcmd.link_set(bport, 'nomaster')
+ # set admin DOWN on all removed ports
+ # that don't have config outside bridge
+--
+2.11.0
+
diff --git a/debian/patches/0006-netlink-IFLA_BRPORT_ARP_SUPPRESS-use-32.patch
b/debian/patches/0006-netlink-IFLA_BRPORT_ARP_SUPPRESS-use-32.patch
new file mode 100644
index 0000000..22c276e
--- /dev/null
+++ b/debian/patches/0006-netlink-IFLA_BRPORT_ARP_SUPPRESS-use-32.patch
@@ -0,0 +1,29 @@
+From 8fc842ad6a75fe0af3a2b8d4937b16e3967fca3c Mon Sep 17 00:00:00 2001
+From: root <r...@kvmformation1.odiso.net>
+Date: Wed, 16 May 2018 02:16:42 +0200
+Subject: [PATCH] netlink : IFLA_BRPORT_ARP_SUPPRESS : use 32
+
+this has been upstreamed recently in linux kernel, with
IFLA_BRPORT_NEIGH_SUPPRESS.
+cumulus was using a temp 152 number.
+---
+ nlmanager/nlpacket.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/nlmanager/nlpacket.py b/nlmanager/nlpacket.py
+index bd6addf..358c06c 100644
+--- a/nlmanager/nlpacket.py
++++ b/nlmanager/nlpacket.py
+@@ -3247,9 +3247,9 @@ class Link(NetlinkPacket):
+ IFLA_BRPORT_VLAN_TUNNEL = 29
+ IFLA_BRPORT_BCAST_FLOOD = 30
+ IFLA_BRPORT_GROUP_FWD_MASK = 31
++ IFLA_BRPORT_ARP_SUPPRESS = 32
+ IFLA_BRPORT_PEER_LINK = 150
+ IFLA_BRPORT_DUAL_LINK = 151
+- IFLA_BRPORT_ARP_SUPPRESS = 152
+ IFLA_BRPORT_GROUP_FWD_MASKHI = 153
+
+ ifla_brport_to_string = {
+--
+2.11.0
+
diff --git a/debian/patches/0007-add-dummy-mtu-bridgevlanport-modules.patch
b/debian/patches/0007-add-dummy-mtu-bridgevlanport-modules.patch
new file mode 100644
index 0000000..12fe5a3
--- /dev/null
+++ b/debian/patches/0007-add-dummy-mtu-bridgevlanport-modules.patch
@@ -0,0 +1,69 @@
+From dee90078b86ff25f90477a6424b4bd555019c433 Mon Sep 17 00:00:00 2001
+From: root <r...@kvmformation1.odiso.net>
+Date: Wed, 16 May 2018 09:20:24 +0200
+Subject: [PATCH] add dummy mtu, bridgevlanport modules
+
+to override proxmox ifupdown scripts
+---
+ addons/bridgevlanport.py | 15 +++++++++++++++
+ addons/mtu.py | 15 +++++++++++++++
+ config/addons.conf | 2 ++
+ 3 files changed, 32 insertions(+)
+ create mode 100755 addons/bridgevlanport.py
+ create mode 100755 addons/mtu.py
+
+diff --git a/addons/bridgevlanport.py b/addons/bridgevlanport.py
+new file mode 100755
+index 0000000..2d6c127
+--- /dev/null
++++ b/addons/bridgevlanport.py
+@@ -0,0 +1,15 @@
++#!/usr/bin/python
++#
++
++try:
++ import os
++
++ from ifupdown.utils import utils
++ from ifupdownaddons.modulebase import moduleBase
++except ImportError, e:
++ raise ImportError('%s - required module not found' % str(e))
++
++
++class bridgevlanport(moduleBase):
++
++ _modinfo = {'mhelp' : 'dummy package to override proxmox script'}
+diff --git a/addons/mtu.py b/addons/mtu.py
+new file mode 100755
+index 0000000..e9ebd78
+--- /dev/null
++++ b/addons/mtu.py
+@@ -0,0 +1,15 @@
++#!/usr/bin/python
++#
++
++try:
++ import os
++
++ from ifupdown.utils import utils
++ from ifupdownaddons.modulebase import moduleBase
++except ImportError, e:
++ raise ImportError('%s - required module not found' % str(e))
++
++
++class mtu(moduleBase):
++
++ _modinfo = {'mhelp' : 'dummy package to override proxmox script'}
+diff --git a/config/addons.conf b/config/addons.conf
+index c0d1ce9..bac0fcc 100644
+--- a/config/addons.conf
++++ b/config/addons.conf
+@@ -33,3 +33,5 @@ post-down,vlan
+ post-down,bond
+ post-down,usercmds
+ post-down,link
++up,mtu
++up,bridgevlanport
+--
+2.11.0
+
diff --git a/debian/patches/0008-add-vxlan-physdev-support.patch
b/debian/patches/0008-add-vxlan-physdev-support.patch
new file mode 100644
index 0000000..ef2eaa1
--- /dev/null
+++ b/debian/patches/0008-add-vxlan-physdev-support.patch
@@ -0,0 +1,159 @@
+From 19f74201008b6e054b7ef652b5d102c572e98184 Mon Sep 17 00:00:00 2001
+From: root <r...@kvmformation1.odiso.net>
+Date: Wed, 16 May 2018 09:58:45 +0200
+Subject: [PATCH] add vxlan-physdev support
+
+backported from master branch
+https://github.com/CumulusNetworks/ifupdown2/pull/19
+---
+ addons/vxlan.py | 19 ++++++++++++++++++-
+ ifupdown/netlink.py | 8 ++++++--
+ ifupdownaddons/LinkUtils.py | 5 ++++-
+ nlmanager/nlmanager.py | 4 +++-
+ 4 files changed, 31 insertions(+), 5 deletions(-)
+
+diff --git a/addons/vxlan.py b/addons/vxlan.py
+index c355c1a..74610b9 100644
+--- a/addons/vxlan.py
++++ b/addons/vxlan.py
+@@ -45,6 +45,9 @@ class vxlan(moduleBase):
+ 'validvals' : ['<ipv4>'],
+ 'example': ['vxlan-remoteip 172.16.22.127'],
+ 'multiline': True},
++ 'vxlan-physdev' :
++ {'help' : 'vxlan physical device',
++ 'example': ['vxlan-physdev eth1']},
+ 'vxlan-learning' :
+ {'help' : 'vxlan learning yes/no',
+ 'validvals' : ['yes', 'no', 'on', 'off'],
+@@ -95,6 +98,13 @@ class vxlan(moduleBase):
+ self.log_warn('%s: multiple clagd-vxlan-anycast-ip lines,
using first one'
+ % (ifaceobj.name,))
+ vxlan._clagd_vxlan_anycast_ip = clagd_vxlan_list[0]
++
++ # If we should use a specific underlay device for the VXLAN
++ # tunnel make sure this device is set up before the VXLAN iface.
++ physdev = ifaceobj.get_attr_value_first('vxlan-physdev')
++ if physdev:
++ return [ physdev ]
++
+ return None
+
+ def _is_vxlan_device(self, ifaceobj):
+@@ -144,6 +154,7 @@ class vxlan(moduleBase):
+ anycastip = self._clagd_vxlan_anycast_ip
+ group = ifaceobj.get_attr_value_first('vxlan-svcnodeip')
+ local = ifaceobj.get_attr_value_first('vxlan-local-tunnelip')
++ physdev = ifaceobj.get_attr_value_first('vxlan-physdev')
+ ageing = ifaceobj.get_attr_value_first('vxlan-ageing')
+ vxlan_port = ifaceobj.get_attr_value_first('vxlan-port')
+ purge_remotes = self._get_purge_remotes(ifaceobj)
+@@ -251,7 +262,8 @@ class vxlan(moduleBase):
+ learning=learning,
+ ageing=ageing,
+ group=group,
+- dstport=vxlan_port)
++ dstport=vxlan_port,
++ physdev=physdev)
+ except Exception as e_netlink:
+ self.logger.debug('%s: vxlan netlink: %s' % (ifname,
str(e_netlink)))
+ try:
+@@ -419,6 +431,11 @@ class vxlan(moduleBase):
+ self._query_check_n_update(ifaceobj, ifaceobjcurr, 'vxlan-ageing',
+ ageing, vxlanattrs.get('ageing'))
+
++ physdev = ifaceobj.get_attr_value_first('vxlan-physdev')
++ if physdev:
++ self._query_check_n_update(ifaceobj, ifaceobjcurr,
'vxlan-physdev',
++ physdev, vxlanattrs.get('physdev'))
++
+ def _query_running(self, ifaceobjrunning):
+ vxlanattrs = self.ipcmd.get_vxlandev_attrs(ifaceobjrunning.name)
+ if not vxlanattrs:
+diff --git a/ifupdown/netlink.py b/ifupdown/netlink.py
+index 17672c2..516d39c 100644
+--- a/ifupdown/netlink.py
++++ b/ifupdown/netlink.py
+@@ -252,7 +252,7 @@ class Netlink(utilsBase):
+ % (ifacename, vlanid, str(e)))
+
+ def link_add_vxlan(self, ifacename, vxlanid, local=None,
dstport=VXLAN_UDP_PORT,
+- group=None, learning=True, ageing=None):
++ group=None, learning=True, ageing=None, physdev=None):
+ cmd = 'ip link add %s type vxlan id %s dstport %s' % (ifacename,
+ vxlanid,
+ dstport)
+@@ -260,16 +260,20 @@ class Netlink(utilsBase):
+ cmd += ' ageing %s' % ageing if ageing else ''
+ cmd += ' remote %s' % group if group else ' noremote'
+ cmd += ' nolearning' if not learning else ''
++ cmd += ' dev %s' % physdev if physdev else ''
+ self.logger.info('%s: netlink: %s' % (ifacename, cmd))
+ if ifupdownflags.flags.DRYRUN: return
+ try:
++ if physdev:
++ physdev = self.get_iface_index (physdev)
+ return self._nlmanager_api.link_add_vxlan(ifacename,
+ vxlanid,
+ dstport=dstport,
+ local=local,
+ group=group,
+ learning=learning,
+- ageing=ageing)
++ ageing=ageing,
++ physdev=physdev)
+ except Exception as e:
+ raise Exception('netlink: %s: cannot create vxlan %s: %s'
+ % (ifacename, vxlanid, str(e)))
+diff --git a/ifupdownaddons/LinkUtils.py b/ifupdownaddons/LinkUtils.py
+index ae541e9..8605704 100644
+--- a/ifupdownaddons/LinkUtils.py
++++ b/ifupdownaddons/LinkUtils.py
+@@ -507,18 +507,21 @@ class LinkUtils(utilsBase):
+ linkattrs['kind'] = 'vxlan'
+ vattrs = {'vxlanid': citems[i + 2],
+ 'svcnode': None,
++ 'physdev': None,
+ 'remote': [],
+ 'ageing': citems[i + 2],
+ 'learning': 'on'}
+ for j in range(i + 2, len(citems)):
+ if citems[j] == 'local':
+ vattrs['local'] = citems[j + 1]
+- elif citems[j] == 'remote':
++ elif citems[j] == 'group':
+ vattrs['svcnode'] = citems[j + 1]
+ elif citems[j] == 'ageing':
+ vattrs['ageing'] = citems[j + 1]
+ elif citems[j] == 'nolearning':
+ vattrs['learning'] = 'off'
++ elif citems[j] == 'dev':
++ vattrs['physdev'] = citems[j + 1]
+ linkattrs['linkinfo'] = vattrs
+ break
+ elif citems[i] == 'vrf' and citems[i + 1] == 'table':
+diff --git a/nlmanager/nlmanager.py b/nlmanager/nlmanager.py
+index e4a5892..14f7066 100644
+--- a/nlmanager/nlmanager.py
++++ b/nlmanager/nlmanager.py
+@@ -969,7 +969,7 @@ class NetlinkManager(object):
+ return self.tx_nlpacket_get_response(nbr)
+
+ def link_add_vxlan(self, ifname, vxlanid, dstport=None, local=None,
+- group=None, learning=True, ageing=None):
++ group=None, learning=True, ageing=None, physdev=None):
+
+ debug = RTM_NEWLINK in self.debug
+
+@@ -980,6 +980,8 @@ class NetlinkManager(object):
+ info_data[Link.IFLA_VXLAN_LOCAL] = local
+ if group:
+ info_data[Link.IFLA_VXLAN_GROUP] = group
++ if physdev:
++ info_data[Link.IFLA_VXLAN_LINK] = int (physdev)
+
+ info_data[Link.IFLA_VXLAN_LEARNING] = int(learning)
+
+--
+2.11.0
+
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..3ef4a9f
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1,8 @@
+0001-start-networking-add-usr-bin-in-PATH.patch
+0002-addons-scripts-fix-ENV-for-interfaces-options.patch
+0003-config-tuning.patch
+0004-manual-interfaces-set-link-up.patch
+0005-don-t-remove-tap-veth-fwpr-interfaces-from-bridge-on.patch
+0006-netlink-IFLA_BRPORT_ARP_SUPPRESS-use-32.patch
+0007-add-dummy-mtu-bridgevlanport-modules.patch
+0008-add-vxlan-physdev-support.patch
diff --git a/debian/rules b/debian/rules
new file mode 100755
index 0000000..82be3aa
--- /dev/null
+++ b/debian/rules
@@ -0,0 +1,21 @@
+#!/usr/bin/make -f
+
+#export DH_VERBOSE=1
+export PYBUILD_NAME=ifupdown2
+export PYBUILD_INSTALL_ARGS=--install-lib=/usr/share/ifupdown2
--install-scripts=/usr/share/ifupdown2
+
+%:
+ dh $@ --with python2 --with systemd --buildsystem=pybuild --with quilt
+
+override_dh_installman:
+ ./scripts/genmanpages.sh ./man.rst ./man
+ dh_installman
+
+override_dh_systemd_start:
+ dh_systemd_start --name=networking --no-start
+
+override_dh_systemd_enable:
+ dh_systemd_enable --name=networking
+
+override_dh_compress:
+ dh_compress -X.py
--
2.11.0
_______________________________________________
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
