7 files changed, 39 insertions, 25 deletions
diff --git a/data/templates/dhcp-client/dhcp6c-script.j2 b/data/templates/dhcp-client/dhcp6c-script.j2
new file mode 100644
index 000000000..14fb25cf6
--- /dev/null
+++ b/data/templates/dhcp-client/dhcp6c-script.j2
@@ -0,0 +1,31 @@
+#!/bin/sh
+# Update DNS information for DHCPv6 clients
+# should be used only if vyos-hostsd is running
+
+if /usr/bin/systemctl -q is-active vyos-hostsd; then
+    hostsd_client="/usr/bin/vyos-hostsd-client"
+    hostsd_changes=
+
+    if [ -n "$new_domain_name" ]; then
+        logmsg info "Deleting search domains with tag \"dhcpv6-{{ ifname }}\" via vyos-hostsd-client"
+        $hostsd_client --delete-search-domains --tag "dhcpv6-{{ ifname }}"
+        logmsg info "Adding domain name \"$new_domain_name\" as search domain with tag \"dhcpv6-{{ ifname }}\" via vyos-hostsd-client"
+        $hostsd_client --add-search-domains "$new_domain_name" --tag "dhcpv6-{{ ifname }}"
+        hostsd_changes=y
+    fi
+
+    if [ -n "$new_domain_name_servers" ]; then
+        logmsg info "Deleting nameservers with tag \"dhcpv6-{{ ifname }}\" via vyos-hostsd-client"
+        $hostsd_client --delete-name-servers --tag "dhcpv6-{{ ifname }}"
+        logmsg info "Adding nameservers \"$new_domain_name_servers\" with tag \"dhcpv6-{{ ifname }}\" via vyos-hostsd-client"
+        $hostsd_client --add-name-servers $new_domain_name_servers --tag "dhcpv6-{{ ifname }}"
+        hostsd_changes=y
+    fi
+
+    if [ $hostsd_changes ]; then
+        logmsg info "Applying changes via vyos-hostsd-client"
+        $hostsd_client --apply
+    else
+        logmsg info "No changes to apply via vyos-hostsd-client"
+    fi
+fi
diff --git a/data/templates/dhcp-client/ipv6.j2 b/data/templates/dhcp-client/ipv6.j2
index b5e55cdd1..311c856c8 100644
--- a/data/templates/dhcp-client/ipv6.j2
+++ b/data/templates/dhcp-client/ipv6.j2
@@ -23,6 +23,7 @@ interface {{ ifname }} {
     send ia-pd {{ pd }}; # prefix delegation #{{ pd }}
 {%     endfor %}
 {% endif %}
+    script "{{ dhcp6_script_file }}";
 };
 
 {% if address is vyos_defined and 'dhcpv6' in address %}
@@ -59,4 +60,3 @@ id-assoc pd {{ pd }} {
 };
 {%     endfor %}
 {% endif %}
-
diff --git a/data/templates/dhcp-client/override.conf.j2 b/data/templates/dhcp-client/override.conf.j2
index d09320270..c2e059c7b 100644
--- a/data/templates/dhcp-client/override.conf.j2
+++ b/data/templates/dhcp-client/override.conf.j2
@@ -3,9 +3,6 @@
 {% set if_metric = '-e IF_METRIC=' ~ dhcp_options.default_route_distance if dhcp_options.default_route_distance is vyos_defined else '' %}
 {% set dhclient_options = '-d -nw -cf ' ~ isc_dhclient_dir ~ '/dhclient_' ~ ifname ~ '.conf -pf ' ~ isc_dhclient_dir ~ '/dhclient_' ~ ifname  ~ '.pid -lf ' ~ isc_dhclient_dir ~ '/dhclient_' ~ ifname ~ '.leases ' ~ if_metric %}
 
-[Unit]
-ConditionPathExists={{ isc_dhclient_dir }}/dhclient_%i.conf
-
 [Service]
 ExecStart=
 ExecStart={{ vrf_command }}/sbin/dhclient -4 {{ dhclient_options }} {{ ifname }}
diff --git a/data/templates/frr/bgpd.frr.j2 b/data/templates/frr/bgpd.frr.j2
index e9422b257..e5bfad59d 100644
--- a/data/templates/frr/bgpd.frr.j2
+++ b/data/templates/frr/bgpd.frr.j2
@@ -290,10 +290,7 @@ router bgp {{ system_as }} {{ 'vrf ' ~ vrf if vrf is vyos_defined }}
 {%         endif %}
 {%         if afi_config.aggregate_address is vyos_defined %}
 {%             for aggregate, aggregate_config in afi_config.aggregate_address.items() %}
-  aggregate-address {{ aggregate }}{{ ' as-set' if aggregate_config.as_set is vyos_defined }}{{ ' summary-only' if aggregate_config.summary_only is vyos_defined }}
-{%                 if aggregate_config.route_map is vyos_defined %}
-  aggregate-address {{ aggregate }} route-map {{ aggregate_config.route_map }}
-{%                 endif %}
+  aggregate-address {{ aggregate }} {{ 'as-set' if aggregate_config.as_set is vyos_defined }} {{ 'summary-only' if aggregate_config.summary_only is vyos_defined }} {{ 'route-map ' ~ aggregate_config.route_map if aggregate_config.route_map is vyos_defined }}
 {%             endfor %}
 {%         endif %}
 {%         if afi_config.maximum_paths.ebgp is vyos_defined %}
@@ -537,6 +534,9 @@ router bgp {{ system_as }} {{ 'vrf ' ~ vrf if vrf is vyos_defined }}
 {% if parameters.allow_martian_nexthop is vyos_defined %}
  bgp allow-martian-nexthop
 {% endif %}
+{% if parameters.disable_ebgp_connected_route_check is vyos_defined %}
+ bgp disable-ebgp-connected-route-check
+{% endif %}
 {% if parameters.always_compare_med is vyos_defined %}
  bgp always-compare-med
 {% endif %}
diff --git a/data/templates/high-availability/keepalived.conf.j2 b/data/templates/high-availability/keepalived.conf.j2
index 240161748..c0d66ae54 100644
--- a/data/templates/high-availability/keepalived.conf.j2
+++ b/data/templates/high-availability/keepalived.conf.j2
@@ -138,8 +138,8 @@ vrrp_instance {{ name }} {
 {%         endif %}
 {%         if group_config.excluded_address is vyos_defined %}
     virtual_ipaddress_excluded {
-{%             for addr in group_config.excluded_address %}
-        {{ addr }}
+{%             for addr, addr_config in group_config.excluded_address.items() %}
+        {{ addr }}{{ ' dev ' + addr_config.interface if addr_config.interface is vyos_defined }}
 {%             endfor %}
     }
 {%         endif %}
diff --git a/data/templates/ipsec/swanctl/remote_access.j2 b/data/templates/ipsec/swanctl/remote_access.j2
index bce8684fe..af7f2994e 100644
--- a/data/templates/ipsec/swanctl/remote_access.j2
+++ b/data/templates/ipsec/swanctl/remote_access.j2
@@ -4,7 +4,7 @@
 {% set esp = esp_group[rw_conf.esp_group] %}
     ra-{{ name }} {
         remote_addrs = %any
-        local_addrs = {{ rw_conf.local_address if rw_conf.local_address is vyos_defined else '%any' }}
+        local_addrs = {{ rw_conf.local_address if rw_conf.local_address is not vyos_defined('any') else '%any' }} # dhcp:{{ rw_conf.dhcp_interface if rw_conf.dhcp_interface is vyos_defined else 'no' }}
         proposals = {{ ike_group[rw_conf.ike_group] | get_esp_ike_cipher | join(',') }}
         version = {{ ike.key_exchange[4:] if ike.key_exchange is vyos_defined else "0" }}
         send_certreq = no
diff --git a/data/templates/ssh/override.conf.j2 b/data/templates/ssh/override.conf.j2
deleted file mode 100644
index 4454ad1b8..000000000
--- a/data/templates/ssh/override.conf.j2
+++ /dev/null
@@ -1,14 +0,0 @@
-{% set vrf_command = 'ip vrf exec ' ~ vrf ~ ' ' if vrf is vyos_defined else '' %}
-[Unit]
-StartLimitIntervalSec=0
-After=vyos-router.service
-ConditionPathExists={{ config_file }}
-
-[Service]
-EnvironmentFile=
-ExecStart=
-ExecStart={{ vrf_command }}/usr/sbin/sshd -f {{ config_file }}
-Restart=always
-RestartPreventExitStatus=
-RestartSec=10
-RuntimeDirectoryPreserve=yes