Age | Commit message (Collapse) | Author |
|
The current uptime for tunnels is getting from parent SA
That is incorrect as we should get value from child SA
|
|
This prevents a failover from MASTER -> BACKUP when changing any MASTER related
configuration.
(cherry picked from commit 2c82c9acbde2ccca9c7bb5e646a45fd646463afe)
|
|
op-mode: T3942: Add feature generate IPSec debug-archive
|
|
|
|
In addition to commit 0b414bcd ("vyos.ethtool: T3874: do not throw exception
if adapter has issues with autoneg") we should also not care too strict when
locating the driver name.
This might cause false positives.
(cherry picked from commit 8cf5a4f023c5459cad4c84e93f73a9ddd69be81a)
|
|
sstp: T2566: Fix verify section for pool ipv6 only
|
|
|
|
(cherry picked from commit 594c57d9b16cac5810f796f15ad7458bd0877435)
|
|
dhclient hooks: T3920: avoid 'too many args' error when no vrf
|
|
(cherry picked from commit 78cfb949cc6bceab744271cf23f269276b178182)
|
|
(cherry picked from commit 9c825a3457a88a4eebc6475f92332822e5102889)
|
|
|
|
|
|
(cherry picked from commit ead10909ba9104733930bb3f59c90610138bd047)
|
|
|
|
T3904: Fix NTP pool associations
|
|
As of NTP 4.2.7, 'nopeer' also blocks pool associations.
See https://bugs.ntp.org/show_bug.cgi?id=2657
See also https://github.com/geerlingguy/ansible-role-ntp/pull/84
|
|
(cherry picked from commit 0191c089f94455f53f3f234c094891353583f64c)
(cherry picked from commit 8fcff3112b235307b78eb23833c1d646f0e7f9f4)
|
|
(cherry picked from commit 4218a5bcb1093108e25d4e07fa07050b4f79d3d5)
|
|
It seems not all systems have eth0 - get a list of all available Ethernet
interfaces on the system (without VLAN subinterfaces) and then take the
first one.
(cherry picked from commit f19c92f255011149eeb7626a2e158456abe4c9b8)
|
|
Different types of tunnels have different keys set in get_interface_config().
Thus it should be properly verified (by e.g. using dict_search()) that the key
in question esits to not raise KeyError.
(cherry picked from commit 5aadf673497b93e2d4ad304e567de1cd571f9e25)
|
|
|
|
* rename: "show log dhcp" will become "show log dhcp server"
* add: "show log dhcp client" to display logs from ALL DHCP client processes
* add: "show log dhcp client interface <name>" to display logs from individual
DHCP client processes
* add: "show log dhcpv6 server" to display infos about running DHCPv6 server
* add: "show log dhcpv6 client" to display logs from ALL DHCPv6 client processes
* add: "show log dhcpv6 client interface <name>" to display logs from individual
DHCPv6 client processes
|
|
|
|
This reverts commit 184f25819fa43fc892b97c0044813b8aa56855b4.
|
|
We can not pass None as VRF name, this raises an exception.
OSError: [Errno 255] failed to run command: ip link set dev eth2 master None
|
|
|
|
|
|
|
|
Do not create rfc3768-compatibility interfaces by default because of wrong
Jinja2 syntax. Backporting the entire system makes it easier in the future to
additional bugfixes.
|
|
(cherry picked from commit 2974628487abb9127922bf695331fd706a1d0e51)
|
|
Instead of throwing an exception when an adapters autoneg capabilities can not
be detected, just pretend it does not support autoneg.
(cherry picked from commit 0b414bcd2930a1469df0a747962f4650d0fb964b)
|
|
dhclient: T3852: Fixed dhclient processes search
|
|
Backported commits:
13abffe43b2a5c41bb4ec4675c227f6cf1f868da
01158a8eaa574c48c726c20693479e4aa6e18ee6
This allows finding all running dhclient processes properly.
|
|
openvpn: T690: Fix template for gateway and metric
|
|
Some OpenVPN clients doesnt support option gateway and metric.
Set metric option only when 'metric' was added in config
explicity.
|
|
The group CLI node takes a multicast IPv4 or IPv6 address - this must be input
validated to not case any OS exception
cpo@LR1.wue3# show interfaces vxlan
vxlan vxlan0 {
+ group 254.0.0.1
source-address 172.18.254.201
+ source-interface dum0
vni 10
}
Results in OSError beeing rasied with the following context:
Error: argument "254.0.0.1" is wrong: invalid group address
(cherry picked from commit 0d7cd4ed5725d3e79faad5abc0801631c2ffc813)
|
|
|
|
Commit 081e23996f (vyos.ifconfig: get_mac_synthetic() must generate a stable
"MAC") calculated a "stable" synthetic MAC address per the interface based on
UUID and the interface name. The problem is that this calculation is too stable
when run on multiple instances of VyOS on different hosts/hypervisors.
Having R1 and R2 setup a connection both via "tun10" interface will become the
same "synthetic" MAC address manifesting in the same link-local IPv6 address.
This e.g. breaks OSPFv3 badly as both neighbors communicate using the same
link-local address.
As workaround one can:
set interfaces tunnel tun1337 address 'fe80::1:1337/64'
set interfaces tunnel tun1337 ipv6 address no-default-link-local
This commit changes the way in how the synthetic MAC address is generated. It's
based on the first 48 bits of a sha256 sum build from a CPU ID retrieved via
DMI, the MAC address of eth0 and the interface name as used before. This should
add enough entropy to get a stable pseudo MAC address.
(cherry picked from commit 8d6861290f39298701b0a89bd358545763cee14b)
|
|
(cherry picked from commit 0ee26592772a14e829d9d1f8e64f9db875f31a63)
|
|
The <command> node was missed out when adding the XML definitions.
(cherry picked from commit 801123eff1bf232ca1e5202ceb0989c2fba34c86)
|
|
(cherry picked from commit d1c58addd881e06b389799a9c14d8ebf5d03c567)
|
|
Commit dd2eb5e5686655 ("dhcp: T3300: add DHCP default route distance") changed
the logic on how the DHCP process is going to be started. The systemd unit was
always "started" even if it was already running. It should rather be re-started
to track changes in e.g. the DHCP hostname setting.
(cherry picked from commit 8ba8f0e097527e3aaaf8b395bfc07cce47e2c788)
|
|
(cherry picked from commit 6187ce264a39cd72285f6cb73cc746a04268c253)
|
|
This reverts commit 38e02c12a50de685c6d70954cd94a224e8083f0b.
|
|
(cherry picked from commit 6935c263f5022896e96bec9daa8a5ba29b04b51b)
|
|
Commit 260f3832 ("vrrp: keepalived: T616: drop /etc/default/keepalived") dropped
the old daemon configuration but there was one line of code that tried to delete
the file which was no longer present.
This resulted in: KeyError: 'daemon'
|
|
This is a follow-up commit to 65398e5c8 ("vrrp: keepalived: T616: move
configuration to volatile /run directory") as it makes no sense to store a
static /etc/default/keepalived file marked as "Autogenerated by VyOS" that only
enabled the SNMP option to keepalived.
Better pass the --snmp switch via the systemd override file and drop all other
references/files.
|
|
(cherry picked from commit 590cf0e626f6a5e813ec4f3021c028a5e098e27d)
|
|
Move keepalived configuration from /etc/keepalived to /run/keepalived.
(cherry picked from commit b243795eba1b36cadd81c3149e833bdf5c5bea70)
|