Age | Commit message (Collapse) | Author |
|
inbound-interface support""
This reverts commit 45a2a7d0adc7e9d27d6c7aee1ccbd9b64a1437ad.
|
|
support"
|
|
(cherry picked from commit eaf4b60c9e7fa094d17b87b29bebaf81182ee7a1)
|
|
backport: T4515: T4219: policy local-route6 and inbound-interface support
|
|
|
|
This reverts commit 72d7152f794cfe48821797d62865024c1843096e.
|
|
(cherry picked from commit d418cd36027aef5993122ec62419e8c66fe7a1ed)
|
|
VXLAN does support using multiple remotes but VyOS does not. Add the ability
to set multiple remotes and add their flood lists using "bridge" command.
(cherry picked from commit 0ecddff7cffa8900d351d5c15e32420f9d780c0b)
|
|
backport: T4515: T4219: policy local-route6 and inbound-interface support
|
|
|
|
Ability to set virtual_address on not vrrp-listen interface
Add ability don't track primary vrrp interface "exclude-vrrp-interface"
Add ability to set tracking (state UP/Down) on desired interfaces
For example eth0 is used for vrrp and we want to track another eth1
interface that not belong to any vrrp-group
set high-avail vrrp group WAN interface 'eth0'
set high-avail vrrp group WAN virtual-address 192.0.2.222/24 interface 'eth2'
set high-avail vrrp group WAN track exclude-vrrp-interface
set high-avail vrrp group WAN track interface 'eth1'
|
|
(cherry picked from commit d96bab4e6da517f07133667834cd6f8bcfb5160f)
|
|
Add ability to set for services like "SSH/NTP" listen IPv6 link-local
addresses
|
|
|
|
|
|
conf-mode: NAT interface definition typo fix (Equuleus)
|
|
|
|
|
|
(cherry picked from commit b8f702bc7b6e92b8841271b4a2355d2b65ccb247)
|
|
|
|
To allow IPv6 only for vpn sstp sessions we have to add
'ppp-options' which can disable IPv4 allocation explicity.
Additional IPv6 ppp-options and fix template for it.
|
|
shared-network
(cherry picked from commit 689d1824d251ea9fbd81bf0c941dbd36e33ef420)
|
|
(cherry picked from commit 59e5b5eb4c0507f9d3831483152a748b58560bfd)
|
|
DHCP servers "shared-network" level only makes sense if one can specify
configuration items that can be inherited by individual subnets. This is now
possible for name-servers and the domain-name.
set service dhcp-server shared-network-name LAN domain-name 'vyos.net'
set service dhcp-server shared-network-name LAN name-server '192.0.2.1'
(cherry picked from commit d411a40a3598c55fae7abd8bc5f1876007aa704b)
|
|
(cherry picked from commit 83ea0cb273e29db22062cc133b6eabd4ba2761c7)
|
|
IPv4 DHCP uses "dns-server" to specify one or more name-servers for a given
pool. In order to use the same CLI syntax this should be renamed to name-server,
which is already the case for DHCPv6.
(cherry picked from commit e2f9f4f4e8b2e961a58d935d09798ddb4e1e0460)
|
|
(cherry picked from commit ec9503a9ec487ec7aa3524cb9847357f0631ca25)
|
|
(cherry picked from commit 794f193d11c8c1b5fed78f4e40280480446ab593)
|
|
As IS-IS is a new feature and the CLI configuration changed from 1.3 -> 1.4
(required by T3417) it makes sense to synchronize the CLI configuration for
both versions. This means backporting the CLI from 1.4 -> 1.3 to not confuse
the userbase already with a brand new feature.
As 1.3.0-epa1 is on the way and should not contain any CLI changes afterwards,
this is the perfect time.
|
|
(cherry picked from commit b121ee14ff1961b56568b0116de3c246ea4af934)
|
|
Both building blocks only differed in the help text, so use IP for both
IPv4 and IPv6.
(cherry picked from commit 0e751221d0832acac807e7f0bc97d7bb31230c3a)
|
|
(cherry picked from commit 0a8a0188033d6b27c521f082fdddae9873dd5d3d)
|
|
and port
Tested using:
set destination rule 100 inbound-interface 'eth0'
set destination rule 100 translation address '19.13.23.42'
set destination rule 100 translation options address-mapping 'random'
set destination rule 100 translation options port-mapping 'none'
set source rule 1000 outbound-interface 'eth0'
set source rule 1000 translation address '122.233.231.12'
set source rule 1000 translation options address-mapping 'persistent'
set source rule 1000 translation options port-mapping 'fully-random'
|
|
(cherry picked from commit 065c6b620cb52a3235c7b6e210d34dc8cb943b95)
|
|
|
|
Some APNs require a username/password. Add CLI nodes (matching the PPPoE
syntax) for client authentication.
One APN would be the IPv4/IPv6 APN from Deutsche Telekom (Germany)
APN Name: Telekom Internet IPv6
APN: internet.v6.telekom
Benutzername: telekom
Passwort: tm
|
|
(cherry picked from commit 556e03922f78f8e258c6d6630ad47569be376e11)
|
|
Set default TTL value for tunnels from 0 to 64
There are a lot of situation when default value 0 (inherit)
not work properly when you have routing configuration for OSPF
or BGP over the tunnels. To fix it you need explicit set TTL
value other then 0. Or hardcode another value as default.
(cherry picked from commit b4db37507635bf95161bea32b18736fc0732a9e6)
|
|
equuleus
|
|
(cherry picked from commit 85d0ae7b434a3ae9f3bd50ad7fee1fcd23b26a26)
|
|
The previously used regex allowed an address value of "dhcpfoo" which is invalid
and will raise an OSError. Harden the regex that it explicitly must be dhcp or
dhcpv6.
(cherry picked from commit dd4c60c1c3423f02457bc1dcc25e36d03d537a5f)
|
|
Sometimes a modem might give a local IP before it retrieves a WAN IP.
This can be an issue with failover routes,
since the default route will get overridden.
(cherry picked from commit e8535616aae2bf0c20aacee6a4d0761183bae6d9)
|
|
(cherry picked from commit dd2eb5e5686655c996ae95285b8ad7eb73d63d0b)
|
|
VyOS 1.2 (crux) rejected prefixes other then of site /64.
[ interfaces ethernet eth0 ipv6 address eui64 2006:ab00:abe1::2/127 ]
Error: Prefix lenght is 127. It must be 64.
Same should be done on VyOS 1.3 and newer
(cherry picked from commit 6f6cd6552384704700f08e9367e167796b1f7fde)
|
|
(cherry picked from commit b9ba3c08736b63c2455c06e6f36108128776fa00)
|
|
This is an extension to commit 801c5235 ("xdp: T2666: disable this highly
experimental feature in 1.3 LTS") by dropping all XDP references in the
equuleus codebase.
|
|
As the amount of include files now has reached a certain amount, it is getting
more and more crowsded, thuse introducing "per topic" subdirectories on the
filesystem to keep a clean structure makes sense.
|
|
As the amount of include files now has reached a certain amount, it is getting
more and more crowsded, thuse introducing "per topic" subdirectories on the
filesystem to keep a clean structure makes sense.
|
|
When including XML files they all contained a comment from where the snipped
had actually been included from. The comment had been "included start" and
"included end" instead of "include start" and "include end".
This commit corrects the glitch.
(cherry-picked from commit ee2dfee43f8319726c2225a5ad2367d936ec3176)
|
|
(cherry picked from commit d41e8e860a66f45d295081f024aa2918f221443f)
|