Age | Commit message (Collapse) | Author |
|
Basic proxy functionality is working but the squidguard smoketest still fails
as this is yet not implemented.
|
|
mpls: T915: Add ordered control for LDP
|
|
In here we are adding the latest FRR update to
allow for LDP label distribution to operate in
ordered control mode.
|
|
|
|
|
|
|
|
|
|
flow-accounting: T3132: enable egress traffic accounting
|
|
trim blocks removes newlines after {% endif %} blocks. Added the required newlines.
|
|
|
|
|
|
|
|
mpls-conf: T915: Add LDP import and export control
|
|
In this commit we added the ability to control import and export
of LDP FECs. This allows for an operator to specify which to
filter on ingress, and which to not announce on egress.
|
|
|
|
|
|
dhcp: T2562: add "listen-address" CLI node for better DHCP relay support
|
|
mpls-conf: T915: Add LDP local label allocation control
|
|
|
|
Running ISC DHCP server as backend server for multiple pools served to relay
agents requires DHCPd to explicitly listen on give interfaces or a "transit"
subnet declaration facing the network where we receive the DHCPREQ messages on.
This implements a new "listen-address" CLI node, the given address is validated
if it is assigned to the system and upon success, a proper "subnet { }" statement
is added into dhcpd.conf
|
|
While rewriting the code to get_config_dict() in commit 84b7ade286 ("dhcp: T3100:
migrate server configuration to get_config_dict()") a regression was added not
properly joining strings when multiple search-somains had been given.
Wrong: domain-search "domain1, domain2";
Correct: domain-search "domain1", "domain2";
|
|
In this commit we added the ability to control the local label allocation
control for FECs. It allows for the router to not allocate a label for every
interface, just the interfaces that are desired by the operator.
|
|
|
|
IPv6 enable can be considered once the ipv6 node is present!
|
|
isis: T1316: Fix isis delete section. Use an updated frr framework
|
|
|
|
Commit c87ad948999 ("vyos.template: T2720: fix remaining in-line time_block
syntax") did not take into account when there is an if/endif statement on one
line, the following new-line will be discarded.
|
|
|
|
|
|
|
|
- Upstream interfaces require a DHCPv6 server to be configured
- Listen interface must have a a global unicast address assigned, else
ISC dhcrelay won't start.
|
|
|
|
|
|
set system ntp server <server> pool
|
|
|
|
|
|
The NAT system consists out of nested tag nodes which makes manual parsing very
hard. This is a perfect candidate for migrating this to get_config_dict() as
there is already a smoketest in place.
In addition this should make it easier to add features like static nat/hairpin.
|
|
Commit a2ac9fac ("vyos.template: T2720: always enable Jinja2 trim_blocks
feature") globally enabled the trim_blocks feature. Some templates still used
in-line trim_blocks "{%"- or "-%}" which caused miss-placed line endings.
This is fixed by removing all in-line trim_block statememnts of Jinja2 templates.
|
|
After commit a2ac9fac16eeb626d3969092fecf463650750640 remove no longer
required template trim block statements.
|
|
|
|
Trimming blocks manually is not needed as the renderer is already called with
the 'trim_blocks' option.
|
|
When rendering the configs "ifconfig" statement wrong IP addresses have been
used for the "tun" operating mode. This has been corrected.
|
|
mpls-conf: T915: Refactored template, handler, added global features
|
|
global features
So this is a big update.
The first thing that was done was a refactor to the FRR LDP template, MPLS handler, and XML conf tree MPLS global additions.
The refactors should work and I did test them in my lab. It seems that everything does work as needed so far in my testing.
There is something here that is considered configuration breaking from the old setup though. In the old setup the MPLS interface operation (as in the interfaces accepting MPLS labels and processing them) was tied with LDP. What this means is that MPLS processing was enabled at the same time as LDP interfaces were configured. We do not want this behavior for the future as there's other MPLS underlay technologies like SR and RSVP. If someone wants to enable SR or RSVP without enabling LDP then they now can. Before, they couldn't. The other additions are global changes to MPLS TTL propagation and MPLS max TTL enforcement. They have now been added.
Lastly, there is an frr-reload bug that Runar Borge found with this. We have found that when totally deleting LDP that there has to be 3 commits done. This is because frr-reload doesn't properly do what it needs to do in 1 operation so we had to do 3. This will only affect people that are doing an entire LDP clear using "delete protocols mpls ldp." Otherwise it isn't seen.
Anyway, this refactor now works with the FRR daemon directly for all changes. This also makes it much easier for adding stuff in the future.
Thank you
|
|
The Jinja2 template contained a lot of redundant paths which only differed in
either the address-family or neighbor vs. peer-group. This paths have been
combined into for loops and a macro for generating a neighbor statement as
peer-groups and regular neighbors share ~95% of the config.
|
|
|
|
|
|
|
|
In commit 193323ba ('system: T3078: rename "system options" -> "system option'")
the Python handler was renamed but so was not the JSON file corresponding to
the vyos-configd enabled scripts.
|
|
policy-conf: T439: Add policy local-route PBR
|