Age | Commit message (Collapse) | Author |
|
* Move Kea socket permission change on-demand and speed up conf scripts
* Fix issue with DHCP reservations when no `ip-address` value
|
|
ddclient: T5144,T5791: Fix migration to avoid config name conflict
|
|
ocserv: T5796: add CLI knob "http-security-headers"
|
|
|
|
OCserv manual recommended HTTP headers tobe included in the configuration.
(cherry picked from commit ad65d37ddf92ec8416c84707d7d41e63346b550c)
|
|
Since `service dns dynamic address <address> service <service> ...`
changed to `service dns dynamic name <service> address <address> ...`,
the resulting service and address config flip can result in conflicting
`service` name.
Additionally, since dynamic DNS service name now have name constraint,
we need to normalize the service name to conform with the constraint.
We now migrate the service name to (service|rfc2136)-<service>-<address>
to avoid the conflict and optionally append an index if there is still a
name conflict after normalization.
|
|
frr: T4020: add option to define number of open file descriptors
|
|
This allows the operator to control the number of open file descriptors each
daemon is allowed to start with. The current assumed value on most operating
systems is 1024.
If the operator plans to run bgp with several thousands of peers then this is
where we would modify FRR to allow this to happen.
set system frr descriptors <n>
|
|
|
|
T5823: Add recursive_defaults for BGP get_config dictionary
|
|
Add recursive_defaults values for BGP "get_config" dictionary.
|
|
T5749: Add a more scrict search for get_vrf method
|
|
The current implementation is wrong as it searches `master` in the
iproute2 JSON output. It is a worng as it could include bridges
or bonding interfaces
Add the more strict search `info_slave_kind == vrf`
|
|
T4163: Add BGP Monitoring Protocol BMP feature
|
|
T5798: load-balancing revese-proxy add multiple SSL certificates
|
|
Add BMP feature.
BMP (BGP Monitoring Protocol, RFC 7854) is used to send monitoring
data from BGP routers to network management entities
https://docs.frrouting.org/en/latest/bmp.html
Example:
set system frr bmp
commit
run restart bgp
set protocols bgp system-as '65001'
set protocols bgp neighbor 192.0.2.11 address-family ipv4-unicast
set protocols bgp neighbor 192.0.2.11 remote-as '65001'
set protocols bgp bmp mirror-buffer-limit '256000000'
set protocols bgp bmp target foo address '127.0.0.1'
set protocols bgp bmp target foo port '5000'
set protocols bgp bmp target foo min-retry '1000'
set protocols bgp bmp target foo max-retry '2000'
set protocols bgp bmp target foo mirror
set protocols bgp bmp target foo monitor ipv4-unicast post-policy
set protocols bgp bmp target foo monitor ipv4-unicast pre-policy
set protocols bgp bmp target foo monitor ipv6-unicast post-policy
set protocols bgp bmp target foo monitor ipv6-unicast pre-policy
|
|
image-tools: T5825: restore authentication for add system image
|
|
T5827: made show system image alphabetical
|
|
|
|
|
|
|
|
|
|
|
|
image-tools: T5821: restore vrf-aware add system image
|
|
T5826: ensure dmidecode is installed as a dependency of vyos-1x
|
|
dmicode is used in the "show hardware dmi" and to derive
synthetic MAC addresses (see python/vyos/ifconfig/interface.py).
On non-x86 platforms like arm64 it may not be pulled in explictly
by other packages (like libparted2) so add it as an explicit dependency.
|
|
|
|
image-tools: T5806: clear previous raid configs on install
|
|
Enforce constraint on Dynamic DNS service name to be alphanumeric
(including hyphens and underscores).
|
|
When migrating from `service dns dynamic interface <interface> ...` to
`service dns dynamic address <address> ...`, the config name can
potentially have a conflict when `address == 'web'`.
Although the `/run/ddclient/ddclient.conf` that was generated earlier
was incorrect, one could still potentially have misconfigured VyOS
config without realizing it.
We now append the old <interface> name to the config name to avoid
conflict.
|
|
|
|
T5774: fix regression in remote.upload
|
|
|
|
SRv6: T591: initial implementation to support locator definition
|
|
ddclient: T5791: Adjust warning messages, minor refactor and smoketest updates
|
|
image-tools: T5819: do not echo password on image install
|
|
dhcp: T3316: Fix raw op-mode lease output
|
|
validator: T5816: large community validator should only allos character set and basic format
|
|
and basic format
|
|
|
|
|
|
T5804: nat: remove inbound|outbound interface from old configuration when it was set to <any>.
|
|
|
|
|
|
Add the ability to rollback configs without rebooting
```
sudo /usr/bin/config-mgmt rollback_soft --rev 1
rollback-soft 1
```
|
|
load-config: T5815: provide a variety of load config methods
|
|
|
|
|
|
|
|
Collect in a module several versions of a 'load config' function.
They have different use cases according to performance and error
reporting, and allow comparison of non-legacy and legacy variants.
|