summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2024-02-17Merge pull request #3021 from aapostoliuk/T3722-circinusChristian Breunig
T3722: Fixed L-Time in 'show vpn ike sa' command
2024-02-16T3722: Fixed L-Time in 'show vpn ike sa' commandaapostoliuk
Fixed L-Time in 'show vpn ike sa' command
2024-02-16Merge pull request #3016 from c-po/nhtChristian Breunig
T6001: add option to disable next-hop-tracking resolve-via-default
2024-02-16T6001: add option to disable next-hop-tracking resolve-via-default in VRF ↵Christian Breunig
context * set vrf name <name> ip nht no-resolve-via-default * set vrf name <name> ipv6 nht no-resolve-via-default
2024-02-16T6001: add option to disable next-hop-tracking resolve-via-defaultChristian Breunig
* set system ip nht no-resolve-via-default * set system ipv6 nht no-resolve-via-default
2024-02-16T5150: rename smoketest config egb-igp-route-maps -> egp-igp-route-mapsChristian Breunig
EDB should be EGP for exterior gateway protocol
2024-02-15Merge pull request #3012 from sarthurdev/T5993Christian Breunig
dhcpv6-server: T5993: Extend interface migrator to check VLAN/QinQ
2024-02-15Merge pull request #3011 from c-po/rpki-smoketestsDaniil Baturin
rpki: T6034: extend config migration testcase
2024-02-15Merge pull request #3004 from aapostoliuk/T6029-circinusDaniil Baturin
T6029: Rewritten Accel-PPP services to an identical feature set
2024-02-15T6029: Rewritten Accel-PPP services to an identical feature setaapostoliuk
Removed dhcp-interface option (l2tp) Added wins-server (sstp) Added description (ipoe, pppoe, sstp, pptp) Added exteded-script (l2tp, sstp, pptp) Added shaper (ipoe, pptp, sstp, l2tp) Added limits (ipoe, pptp, sstp, l2tp) Added snmp ( ipoe, pptp,sstp, l2tp) Refactoring and reformated code.
2024-02-15eigrp: T2472: remove smoketestChristian Breunig
Commit 0eb4168aa ("eigrp: T2472: improve code for later tests") added a basic smoketest for EIGRP, which is also run by the CI hence not having a +x bit at all. This just deletes the basic smoketest testing for ASN and EIGRP router-id. We can revert it once it's fixed in FRR upstream. https://github.com/FRRouting/frr/pull/14765
2024-02-14rpki: T6034: extend config migration testcaseChristian Breunig
2024-02-14eigrp: T2472: improve code for later testsChristian Breunig
2024-02-14dhcpv6-server: T5993: Extend interface migrator to check VLAN/QinQsarthurdev
Updates smoketest config to test migrator change
2024-02-13Merge pull request #3005 from sever-sever/T6019Christian Breunig
T6019: Fix smoketest test_system_conntrack custom timeout
2024-02-13T6019: Fix smoketest test_system_conntrack custom timeoutViacheslav Hletenko
After updateing netfilter in the commit https://github.com/vyos/vyos-build/commit/b31f5fe934bcb37534d49acdb5f7756bf05422e8 The nftables format for conntrack timeouts is different. Fix this.
2024-02-13Merge pull request #2998 from sarthurdev/T5992Christian Breunig
dhcpv6-server: T5992: Fix op-mode DHCP lease output + updates
2024-02-13Merge pull request #2999 from sever-sever/T5928Christian Breunig
T5928: Change firewall priority to 319
2024-02-13Merge pull request #3000 from sever-sever/T5064Christian Breunig
T5064: Firewall fix RegEx for for domain-group
2024-02-13Merge pull request #2987 from c-po/evpn-macvrf-sooChristian Breunig
bgp: T6032: add EVPN MAC-VRF Site-of-Origin support
2024-02-13T5064: Firewall fix RegEx for for domain-groupViacheslav Hletenko
Improve RegEx for firewall domain-groups. This domain group looks good, but the current RegEx validation fils: ``` set firewall group domain-group a_aa ```
2024-02-13T5928: Smoketest change firewall flowtable test to use VLANViacheslav Hletenko
2024-02-13T5928: Change firewall priority to 319Viacheslav Hletenko
Change the firewall priority to 319, after interface ethernet configuration For example if we use VLANs and the vlan interface must be created before we can use it in the firewall/flowtable The current priority ``` 199 firewall 300 interfaces/dummy 300 interfaces/loopback 300 interfaces/virtual-ethernet 310 interfaces/bridge 310 interfaces/input 318 interfaces/ethernet ... ```
2024-02-13Merge pull request #2988 from c-po/pki-rpki-t6034Christian Breunig
rpki: T6034: move file based SSH keys for authentication to PKI subsystem
2024-02-13Merge pull request #2997 from sarthurdev/T5993Christian Breunig
dhcpv6-server: T5993: Add subnet `interface` node, link subnet to locally connected interfaces
2024-02-13dhcp: dhcpv6: T3316: Add op-mode for showing DHCP(v6) static-mappingssarthurdev
2024-02-13dhcpv6-server: T3316: Display delegated prefix length in lease outputsarthurdev
2024-02-13dhcpv6-server: T5992: Fix op-mode Kea DHCP lease outputsarthurdev
Due to Kea's lease file cleanup, the CSV file content is inconsistent. This commit makes changes to use the Kea control socket to fetch current lease information.
2024-02-13dhcpv6-server: T5993: Add subnet `interface` node, link subnet to locally ↵sarthurdev
connected interfaces Prior dhcpd behaviour implicitly handled requests for locally connected subnets. Kea requires an explicit link between subnets and an interface.
2024-02-12rpki: T6034: Add missing sections to configtestsarthurdev
2024-02-12Merge pull request #2993 from sarthurdev/T5981Christian Breunig
ipsec: T5981: Strip '@' from migrated peer PKI name
2024-02-12Merge pull request #2994 from c-po/init-T2044Christian Breunig
init: T2044: fix "binary operator expected" when two or more RPKI caches are defined
2024-02-12init: T2044: fix "binary operator expected" when two or more RPKI caches are ↵Christian Breunig
defined Fix commit 9b8e11e07 ("init: T2044: only start rpki if cache is configured") which showed a disturbing error on tty0 after boot that a "binary operator expected" when checking for RPKI caches when multiple results got returned.
2024-02-12rpki: T6024: add migration scripts from file based keys to PKI subsystemChristian Breunig
2024-02-12rpki: T6034: remove OpenSSH keys from /run/frr when unloadedChristian Breunig
2024-02-12pki: T6034: add dependencies to trigger rpki re-run on openssh key updateChristian Breunig
2024-02-12ipsec: T5981: Strip '@' from migrated peer namesarthurdev
2024-02-12Merge pull request #2991 from nicolas-fort/T6019Christian Breunig
T6019: fix smoketest after upgrading nftables and libnftnl packages.
2024-02-12T6019: fix smoketest after upgrading nftables and libnftnl packages.Nicolas Fort
2024-02-11Merge pull request #2980 from c-po/srv6-T5849Daniil Baturin
srv6: T5849: add segment support to "protocols static route6"
2024-02-11Merge pull request #2986 from c-po/bgp-t6010Daniil Baturin
bgp: T6010: support setting multiple values for neighbor path-attribute
2024-02-11rpki: T6034: move SSH authentication keys to PKI subsystemChristian Breunig
2024-02-11pki: T6034: add OpenSSH key supportChristian Breunig
set pki openssh rpki private key ... set pki openssh rpki public key ... set pki openssh rpki public type 'ssh-rsa'
2024-02-11bgp: T6032: add EVPN MAC-VRF Site-of-Origin supportChristian Breunig
In some EVPN deployments it is useful to associate a logical VTEP's Layer 2 domain (MAC-VRF) with a Site-of-Origin "site" identifier. This provides a BGP topology-independent means of marking and import-filtering EVPN routes originated from a particular L2 domain. One situation where this is valuable is when deploying EVPN using anycast VTEPs set protocols bgp address-family l2vpn-evpn mac-vrf soo
2024-02-11srv6: T5849: add segment support to "protocols static route6"Christian Breunig
* set protocols static route6 <prefix> next-hop <address> segments 'x:x::x:x/y:y::y/z::z' * set protocols static route6 <prefix> interface <interface> segments 'x:x::x:x/y:y::y/z::z'
2024-02-10bgp: T6010: support setting multiple values for neighbor path-attributeChristian Breunig
2024-02-10Merge pull request #2983 from c-po/rpki-t6004Christian Breunig
rpki: T6004: add missing startup priority
2024-02-10Merge pull request #2982 from c-po/pki-xmlChristian Breunig
xml: T5738: improve PKI building blocks for CLI
2024-02-10rpki: T6004: add missing startup priorityChristian Breunig
2024-02-10xml: T5738: improve PKI building blocks for CLIChristian Breunig