Age | Commit message (Collapse) | Author |
|
backport: T4515: T4219: policy local-route6 and inbound-interface support
|
|
|
|
Ability to set virtual_address on not vrrp-listen interface
Add ability don't track primary vrrp interface "exclude-vrrp-interface"
Add ability to set tracking (state UP/Down) on desired interfaces
For example eth0 is used for vrrp and we want to track another eth1
interface that not belong to any vrrp-group
set high-avail vrrp group WAN interface 'eth0'
set high-avail vrrp group WAN virtual-address 192.0.2.222/24 interface 'eth2'
set high-avail vrrp group WAN track exclude-vrrp-interface
set high-avail vrrp group WAN track interface 'eth1'
|
|
(cherry picked from commit d96bab4e6da517f07133667834cd6f8bcfb5160f)
|
|
Add ability to set for services like "SSH/NTP" listen IPv6 link-local
addresses
|
|
|
|
|
|
conf-mode: NAT interface definition typo fix (Equuleus)
|
|
|
|
|
|
(cherry picked from commit b8f702bc7b6e92b8841271b4a2355d2b65ccb247)
|
|
|
|
To allow IPv6 only for vpn sstp sessions we have to add
'ppp-options' which can disable IPv4 allocation explicity.
Additional IPv6 ppp-options and fix template for it.
|
|
shared-network
(cherry picked from commit 689d1824d251ea9fbd81bf0c941dbd36e33ef420)
|
|
(cherry picked from commit 59e5b5eb4c0507f9d3831483152a748b58560bfd)
|
|
DHCP servers "shared-network" level only makes sense if one can specify
configuration items that can be inherited by individual subnets. This is now
possible for name-servers and the domain-name.
set service dhcp-server shared-network-name LAN domain-name 'vyos.net'
set service dhcp-server shared-network-name LAN name-server '192.0.2.1'
(cherry picked from commit d411a40a3598c55fae7abd8bc5f1876007aa704b)
|
|
(cherry picked from commit 83ea0cb273e29db22062cc133b6eabd4ba2761c7)
|
|
IPv4 DHCP uses "dns-server" to specify one or more name-servers for a given
pool. In order to use the same CLI syntax this should be renamed to name-server,
which is already the case for DHCPv6.
(cherry picked from commit e2f9f4f4e8b2e961a58d935d09798ddb4e1e0460)
|
|
(cherry picked from commit ec9503a9ec487ec7aa3524cb9847357f0631ca25)
|
|
(cherry picked from commit 794f193d11c8c1b5fed78f4e40280480446ab593)
|
|
As IS-IS is a new feature and the CLI configuration changed from 1.3 -> 1.4
(required by T3417) it makes sense to synchronize the CLI configuration for
both versions. This means backporting the CLI from 1.4 -> 1.3 to not confuse
the userbase already with a brand new feature.
As 1.3.0-epa1 is on the way and should not contain any CLI changes afterwards,
this is the perfect time.
|
|
(cherry picked from commit b121ee14ff1961b56568b0116de3c246ea4af934)
|
|
Both building blocks only differed in the help text, so use IP for both
IPv4 and IPv6.
(cherry picked from commit 0e751221d0832acac807e7f0bc97d7bb31230c3a)
|
|
(cherry picked from commit 0a8a0188033d6b27c521f082fdddae9873dd5d3d)
|
|
and port
Tested using:
set destination rule 100 inbound-interface 'eth0'
set destination rule 100 translation address '19.13.23.42'
set destination rule 100 translation options address-mapping 'random'
set destination rule 100 translation options port-mapping 'none'
set source rule 1000 outbound-interface 'eth0'
set source rule 1000 translation address '122.233.231.12'
set source rule 1000 translation options address-mapping 'persistent'
set source rule 1000 translation options port-mapping 'fully-random'
|
|
(cherry picked from commit 065c6b620cb52a3235c7b6e210d34dc8cb943b95)
|
|
|
|
Some APNs require a username/password. Add CLI nodes (matching the PPPoE
syntax) for client authentication.
One APN would be the IPv4/IPv6 APN from Deutsche Telekom (Germany)
APN Name: Telekom Internet IPv6
APN: internet.v6.telekom
Benutzername: telekom
Passwort: tm
|
|
(cherry picked from commit 556e03922f78f8e258c6d6630ad47569be376e11)
|
|
Set default TTL value for tunnels from 0 to 64
There are a lot of situation when default value 0 (inherit)
not work properly when you have routing configuration for OSPF
or BGP over the tunnels. To fix it you need explicit set TTL
value other then 0. Or hardcode another value as default.
(cherry picked from commit b4db37507635bf95161bea32b18736fc0732a9e6)
|
|
equuleus
|
|
(cherry picked from commit 85d0ae7b434a3ae9f3bd50ad7fee1fcd23b26a26)
|
|
The previously used regex allowed an address value of "dhcpfoo" which is invalid
and will raise an OSError. Harden the regex that it explicitly must be dhcp or
dhcpv6.
(cherry picked from commit dd4c60c1c3423f02457bc1dcc25e36d03d537a5f)
|
|
Sometimes a modem might give a local IP before it retrieves a WAN IP.
This can be an issue with failover routes,
since the default route will get overridden.
(cherry picked from commit e8535616aae2bf0c20aacee6a4d0761183bae6d9)
|
|
(cherry picked from commit dd2eb5e5686655c996ae95285b8ad7eb73d63d0b)
|
|
VyOS 1.2 (crux) rejected prefixes other then of site /64.
[ interfaces ethernet eth0 ipv6 address eui64 2006:ab00:abe1::2/127 ]
Error: Prefix lenght is 127. It must be 64.
Same should be done on VyOS 1.3 and newer
(cherry picked from commit 6f6cd6552384704700f08e9367e167796b1f7fde)
|
|
(cherry picked from commit b9ba3c08736b63c2455c06e6f36108128776fa00)
|
|
This is an extension to commit 801c5235 ("xdp: T2666: disable this highly
experimental feature in 1.3 LTS") by dropping all XDP references in the
equuleus codebase.
|
|
As the amount of include files now has reached a certain amount, it is getting
more and more crowsded, thuse introducing "per topic" subdirectories on the
filesystem to keep a clean structure makes sense.
|
|
As the amount of include files now has reached a certain amount, it is getting
more and more crowsded, thuse introducing "per topic" subdirectories on the
filesystem to keep a clean structure makes sense.
|
|
When including XML files they all contained a comment from where the snipped
had actually been included from. The comment had been "included start" and
"included end" instead of "include start" and "include end".
This commit corrects the glitch.
(cherry-picked from commit ee2dfee43f8319726c2225a5ad2367d936ec3176)
|
|
(cherry picked from commit d41e8e860a66f45d295081f024aa2918f221443f)
|
|
|
|
|
|
(cherry picked from commit 913cd3c8809ea8a17ede7608654e956dcf718980)
|
|
VXLAN will get tos, ttl and flowlabel options thus make individual parameter
settings reusable by splitting tunnel-parameters-ip.xml.i into individual files.
(cherry picked from commit 577ae00d0c7329bea8102fcf75de82cb188b4fb8)
|
|
(cherry picked from commit f89969c1729a94901a817bd97da6f5b2a3712af0)
|
|
(cherry picked from commit b23323922939a9ac3b43e0761b0af84dc9e3b47e)
|
|
(cherry picked from commit 7a5461bf4cb74fcb06b9096ef1d81c66798eb06c)
|
|
(cherry picked from commit 8926edf6b64adc550ee2f6bee9a78a43d46a2053)
|