Age | Commit message (Collapse) | Author |
|
T5181: Fix condition to detect correct vrf name for vrf-vni
|
|
When we delete vrf vni there is a dictionary
{'only_vrf': 'red', 'new_frr_config': '!\n'}
|
|
conntrack-sync: T4888: rewrite the op mode script in the new format
|
|
Add verify() section to check if l3vni was removed in addition to the BGP
process under any given VRF.
|
|
|
|
T5181: Fix for correct deleting vni under vrf
|
|
|
|
xml: T5179: fix missed case in multi_to_list conversion
|
|
|
|
|
|
openvpn: T4402: Update openvpn server.conf.j2
|
|
FastAPI v0.92.0 (starlette v0.24.0) sets default attribute
Request._form; check for value == None instead of existence when
overriding Request class.
|
|
The ifconfig-pool command requires the arguments separated by a space.
Hence the space was added before the subnet mask.
|
|
|
|
|
|
T1237: Failover route add policy for targets checking
|
|
|
|
dns: T5144: Make dns dynamic status output legacy format compatible
|
|
We must only search and replace for "vrf red" or "vrf green" - the regex
used infact matched on all VRFs which is wrong. This would remove all VRF VNI
configurations when only changing a single VRf.
|
|
ipsec: T5042: Rewritten 'show vpn ipsec remote-access' command
|
|
debian packaging: T5172: set minimum Python version to 3.10
|
|
|
|
Add policy (any-available|all-available) for target checking for failover route
set protocols failover route 192.0.2.55/32 next-hop 192.168.122.1 check policy 'any-available'
set protocols failover route 192.0.2.55/32 next-hop 192.168.122.1 check target '192.168.122.1'
set protocols failover route 192.0.2.55/32 next-hop 192.168.122.1 check target '192.168.122.11'
It depends if we need that all targets must be alive on just one target.
|
|
since it's required for match statements
and for op mode introspection
|
|
T5123: op-mode: Support to show detailed ospf route table
|
|
|
|
pki: T3642: Fix show command if no CA certs are present
|
|
op-mode: T5159: dhcpv6 incorrect warning message
|
|
The operational command "show dhcpv6 server leases" shows a warning message e
ven if dhcpv6 setting are configured and ipv6 address
got assigned to clients.
|
|
|
|
Adjust the output of dynamic dns status to be compatible with both
legacy and new ddclient cache format. This is necessary because the
legacy format is still used by some of the dyndns2 family of protocols.
This is a follow-up to commit 3f3621b6874354.
|
|
This extends commit 3fa1092930c (op-mode: bgp: support VRF related "show bgp
vrf" commands).
vyos@vyos:~$ show bgp vni
Possible completions:
1-16777215 VXLAN network identifier (VNI) number
all
vyos@vyos:~$ show bgp vni 1 type
Possible completions:
1 EAD (Type-1) route
2 MAC-IP (Type-2) route
3 Multicast (Type-3) route
ead EAD (Type-1) route
macip MAC-IP (Type-2) route
multicast Multicast (Type-3) route
vyos@vyos:~$ show bgp vni 1 vtep
Possible completions:
<x.x.x.x> Remote VTEP IP address
|
|
|
|
T5137: Refactoring show tech-support report
|
|
Split script to small functions for flexible output reports.
Improve header for commands.
Each funciton easily can be modified or extended.
Remove splitting command/output via percent symbol.
Remove old commands and directiories like /etc/rc.local, iptables,
brctl, etc.
Remove ethtool operation for subinterfaces.
Extend ethtool debug output.
Add correct nftables command.
|
|
There is no need for protocol specific embedded smoketests as the route-map
option got removed. Tests are now conducted under the new CLI tree.
|
|
VLANIf('eth0.10').remove() will create and remove the VLAN in one command.
Thus one can ensure when calling remove() on a VLAN it will always
succeed.
|
|
T5162: Updated configd-include.json to remove extra comma.
|
|
removed extra comma invalidating json.
|
|
Now 'show vpn ipsec remote-access' shows only IKEv2 Remote access
VPN IPSec connections.
Added option 'summary' that shows a summary table for
these connections.
Added option 'detail' that shows only RA SAs output of 'swanctl -l'
Added options 'username' and 'connection-id' that filters output.
Fixed output 'show vpn ipsec sa detail', the previous was
'show vpn ipsec sa verbose'.
|
|
With commit 0ea3e1420 ("container: T5082: switch to netavark network stack")
moving to a new network stack we should also enable the new DNS plugin provided
by default.
TODO: add CLI nodes to manually disable DNS and/or supply external DNS servers
to the container.
|
|
If the name of the network + the length of the podman- prefix exceeds
the maximum supported length of netavark we get an error:
Error: netavark: get bridge interface: Netlink error: Numerical result out of
range (os error 34)
|
|
T5150: implementation of new Kernel/Zebra route-map support
|
|
|
|
T5137: refactoring the tech-support command
|
|
The (v)bash completion helpers trigger on the "txt" keyword for the valueHelp
strings when asking for the tab completion helper.
Replace text -> txt
|
|
|
|
|
|
|
|
It is possible to install a route-map which filters the routes between routing
daemons and the OS kernel (zebra)
As of now this can be done by e.g.
* set protocols ospf route-map foo
* set protocols ospfv3 route-map foo
* set protocols bgp route-map foo
Which in turn will install the following lines into FRR
* ip protocol ospf route-map foo
* ipv6 protocol ospf6 route-map foo
* ip protocol bgp route-map foo
The current state of the VyOS CLI is incomplete as there is no way to:
* Install a filter for BGP IPv6 routes
* Install a filter for static routes
* Install a filter for connected routes
Thus the CLI should be redesigned to close match what FRR does for both the
default and any other VRF
* set system ip protocol ospf route-map foo
* set system ipv6 protocol ospfv3 route-map foo
* set system ip protocol bgp route-map foo
* set system ipv6 protocol bgp route-map foo
The configuration can be migrated accordingly. This commit does not come with
the migrator, it will be comitted later.
|