summaryrefslogtreecommitdiff
path: root/data
AgeCommit message (Collapse)Author
2021-05-15conntrack: T3535: bugfix on "expect-sync all"Christian Poessinger
Closing bracked "}" was placed on the wrong line inside the template leading to an invalid configuration syntax.
2021-05-15conntrack: T3535: add keepalived notifications for node transitionsChristian Poessinger
2021-05-15conntrack: T3535: add support for icmp6 and dccpChristian Poessinger
2021-05-14conntrack: T3535: remove deprecated options from templateChristian Poessinger
2021-05-14conntrack: T3535: migrate codebase from vyatta-conntrack-syncChristian Poessinger
2021-05-09bgp: T3530: add hyphen support for peer-group namesChristian Poessinger
2021-05-08vrf: bgp: T3523: bugfix Kernel route-map deploymentChristian Poessinger
Commit 4f9aa30f ("vrf: bgp: T3523: add route-map support for kernel routes") added the possibility to also filter BGP routes towards the OS kernel, but the smoketests failed. Reason was a non working CLI command applied to bgpd. Thus the VRF route-map and the BGP configuration is now split into two templates, one to be used for each daemon (zebra and bgpd). Nevertheless one more bug was found in vyos.frr which currently does not suppoort calling modify_section() inside a configuration "block". See [1] for more info. [1]: https://phabricator.vyos.net/T3529
2021-05-06vrf: isis: T3523: add route-map support for kernel routesChristian Poessinger
2021-05-06vrf: ospf: T3523: add route-map support for kernel routesChristian Poessinger
2021-05-06vrf: bgp: T3523: add route-map support for kernel routesChristian Poessinger
2021-05-06bgp: T2850: when concatenating strings in Jinja2 use ~ over +Christian Poessinger
A + simply adds the value, but a ~ will convert the variable to a string first.
2021-05-05dns: T3277: improve Jinja2 templating code for serve-rfc1918 yes/noChristian Poessinger
2021-05-05Merge pull request #829 from Hard7Rock/T3277Christian Poessinger
dns: T3277: DNS Forwarding - reverse zones for RFC1918 addresses
2021-05-04dns: T3277: DNS Forwarding - reverse zones for RFC1918 addresses (v2)Igor Melnyk
2021-05-04dns: T3277: DNS Forwarding - reverse zones for RFC1918 addressesHard7Rock
2021-04-30bgp: T3504: add support for per-peer graceful shutdownChristian Poessinger
This commit has a dependecy on https://github.com/FRRouting/frr/issues/8403, thus support will be "commented out" by default.
2021-04-30ddclient: T3138: Fix typo for keysever-sever
2021-04-25policy: T3497: add verify() that prefix-lists must carry a defined prefixChristian Poessinger
2021-04-21containers: T2216: refine implementationChristian Poessinger
This commit is a cleanup and refinement of the container hosting implementation. - Renamed CLI node ipv4-prefix -> prefix so both IPv4 and IPv6 prefix can be supplied in the future. This is currently limited to IPv4 only as when using IPv6 networks in combination with IPv4 the IPv4 prefix is altered randomly - De-nested if clauses - Use "for foo, bar in baz.items()" to more easily iterate of dictionary values, this means "bar" can be used to access "baz[foo]"
2021-04-20Revert "T2175: properly exist FRR "router" context when rendering templates"Christian Poessinger
This reverts commit 619c518bfc904b060b5b59180940a804fe1beafd.
2021-04-19mroute: T2364: fix Jinja2 template indentationsChristian Poessinger
2021-04-19T2175: properly exist FRR "router" context when rendering templatesChristian Poessinger
When rendering a dynamic routing protocol ensure the context, e.g. "router bgp" or "router ospf" is proberly exited before applying any zebra route-map.
2021-04-18policy: template: T2425: convert DOS to UNIX line endingsChristian Poessinger
2021-04-18policy: T2425: add missing route-map options when rendering templateChristian Poessinger
The following options one can specify in a route-map not got rendered as they have been missed out: * set comm-list * set community * set extcommunity (both route-target and site-of-origin) * set table
2021-04-18policy: T2425: to simplify dictionary use get_first_key=True on ↵Christian Poessinger
get_config_dict()
2021-04-17policy: T2425: re-implement "policy" tree from vyatta-cfg-quagga in XML/PythonChristian Poessinger
2021-04-15bgp: T2771: add vpn, multicast, flowspec address familiesCheeze-It
In this commit we add more address families within BGP. This should bring VyOS the ability to enable the rest of the capabilities within FRR. Co-authored-by: Cheeze_It <none@none.com>
2021-04-13Merge pull request #801 from sever-sever/T2216-podChristian Poessinger
containers: T2216: Add podman for containers
2021-04-13bgp: T3470: add missing as-override to Jinja2 templateThunderstorm
2021-04-12rip: T3328: route-map to zebra/kernel can not be removedChristian Poessinger
Removing the Zebra/Linux Kernel route-map added by "set protocols rip route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not ripd.
2021-04-12isis: T3328: route-map to zebra/kernel can not be removedChristian Poessinger
Removing the Zebra/Linux Kernel route-map added by "set protocols isis route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not isisd.
2021-04-12containers: T2216: Add podman for containerssever-sever
2021-04-09bgp: evpn: T1513: add support for ipv4/ipv6 prefix routes advertisementsChristian Poessinger
set vrf name red protocols bgp address-family l2vpn-evpn advertise ipv4 unicast
2021-04-09bgp: T3463: Jinja2 template re-ordering fir ebgp-requires-policyChristian Poessinger
This is a fix for commit 6f6f45c5 ("bgp: T3463: change no-ipv4-unicast order when applying configuration") as this changed the handling of the "else" path, which lead to failing smoketests as the "no bgp ebgp-requires-policy" option was no longer set.
2021-04-08bgp: T3463: change no-ipv4-unicast order when applying configurationChristian Poessinger
The "no bgp default ipv4-unicast" option must be applied to FRR before adding any neighbor to the system. If this is not the case, neighbors will start exchanging v4 routes over v6 peers.
2021-04-07vrf: T3344: re-add virtual network identifierChristian Poessinger
Commit 548d9057e3e (vrf: T3344: move dynamic routing protocols under "vrf name <name> protocols") temporary removed the possibility to specify the VNI for a given VRF to to changing of the CLI configuration nodes. As VNI is set inside zebra, we can re-use the now widely deployed frr python library to configure and change the configuration without any interference to other FRR daemons.
2021-04-05tunnel: T3030: move erspan type into regular tunnel interfaceChristian Poessinger
Instead of having a dedicated ERSPAN interface type, rather move the specifics into "interface tunnel". A migrator is not needed as there is yet no LTS release with this feature and this is considered experimental.
2021-04-02interfaces: dhcp-client: T3454: add reject optionCharles Surett
Sometimes a modem might give a local IP before it retrieves a WAN IP. This can be an issue with failover routes, since the default route will get overridden.
2021-03-29bgp: T1711: remove ASN tagNode and move to "local-as"Christian Poessinger
Every time when set configuration bgp, you need set AS number. There is very less benefit in this system so the AS number is moved from a tagNode level down to a leafNode with the name "local-as", same as on the neighbor or peer-group level. This changes the CLI configuration from: set protocols bgp 100 neighbor 10.10.1.2 remote-as 200 to set protocols bgp local-as 100 set protocols bgp neighbor 10.10.1.2 remote-as 200
2021-03-26http api: T3412: use FastAPI as web framework; support application/jsonJohn Estabrook
Replace the Flask micro-framework with FastAPI, in order to support extensions to the API and OpenAPI 3.* generation. This change will remain backwards compatible with previous versions. Notably, the multipart forms version of requests remain supported; in addition application/json requests are now natively supported.
2021-03-25configd: T3426: include bgp, isis, ospf and static protocols in processingJohn Estabrook
vyos-configd now supports calling a script with a passed argument; re-include the conf_mode scripts that were excluded in ba251b3f2c.
2021-03-23vyos.configd: T3423: exclude bgp, isis, ospf and static protocols from ↵Christian Poessinger
processing vyos-configd does yet not support calling a script with a passed argument, thus we will exclude the routing protocols during this time from the vyos-configd processing.
2021-03-21isis: T3417: drop artificial "domain" node identifying the IS-IS process nameChristian Poessinger
As we and FRR do not support multiple FRR process instances, there is no need to make this configurable for a user. We rather rely on a solid default "VyOS".
2021-03-21isis: T3417: add VRF supportChristian Poessinger
VRF support can be tested using: set vrf name red table 1000 set vrf name red protocols isis domain FOOO set vrf name red protocols isis net 49.0001.1921.6800.1002.00 set vrf name red protocols isis interface eth1
2021-03-21isis: T3417: move from cli tagNode to nodeChristian Poessinger
As there can only be one running IS-IS process (FRR limitation) there is no need in having a tagNode here. This adds artifical restrictions/limitations when moving on to support VRFs for IS-IS protocol.
2021-03-14vrf: T3344: move dynamic routing protocols under "vrf name <name> protocols"Christian Poessinger
Instead of having the dynamic routing protocols OSPF and BGP residing under the "protocols vrf <name> [ospf|bgp]" nodes, rather move them directly under the "vrf name <name> protocols [ospf|bgp]" node. Now all VRF related parts are placed under the same root node. This eases the verify steps tremendously, as we do not need to check wheter a VRF eists or not, it will always exist as we operate under a child node.
2021-03-14vrf: bgp: T2271: create individual BGP process for specified VRF nameChristian Poessinger
The following VyOS CLI config vrf red { bgp 100 { neighbor 1.1.1.1 { peer-group foo } peer-group foo { passive password bar remote-as 200 } } } Will generaste the FRR configuration: ! router bgp 100 vrf red no bgp ebgp-requires-policy no bgp network import-check neighbor foo peer-group neighbor foo remote-as 200 neighbor foo password bar neighbor foo passive neighbor 1.1.1.1 peer-group foo !
2021-03-14vrf: ospf: T2271: create individual OSPF process for specified VRF nameChristian Poessinger
VyOS CLI config: vrf red { ospf { default-information { originate { always } } default-metric 30 passive-interface default } } Will create the FRR configuration snippet: ! router ospf vrf red auto-cost reference-bandwidth 100 timers throttle spf 200 1000 10000 passive-interface default default-metric 30 default-information originate always !
2021-03-13nat66: T2518: Align the log and comment of nat66 template with natjack9603301
2021-03-10bgp: evpn: T1513: add support for per VNI route-distinguished and route-targetChristian Poessinger
set protocols bgp 65010 address-family l2vpn-evpn vni 100 route-target both 516:10516 set protocols bgp 65010 address-family l2vpn-evpn vni 100 rd 192.168.0.1:514 Todo: add verify() step to check if at least one evpn enabled BGP neighbor exits, else FRR will error out with: This command is only supported under EVPN VRF