Age | Commit message (Collapse) | Author |
|
|
|
(cherry picked from commit e5a5684eb4004772439b2dc33ec21b7546db3fe1)
|
|
I use dummy interfaces in a VRF as source-interfaces for VXLAN in order to
force VXLAN send underlay UDP traffic through the VRF where the dummy interface
resides.
However dummy interface has no mtu option so it always gets an MTU of 1500.
This will cause an error when the mtu of dummy is not large enough for the
VXLAN traffic.
Adding this option in the config template will solve this.
(cherry picked from commit 1440ef93e13d15e2247cbfc2cb4ea2afb266fc9e)
|
|
T4809: radvd: (Backport) Allow the use of AdvRASrcAddress
|
|
T3810: Fixed all issues in T3810
|
|
1. Added in script update webproxy blacklists generation of all DBs
2. Fixed: if the blacklist category does not have generated db,
the template generates an empty dest category
in squidGuard.conf and a Warning message.
3. Added template generation for local's categories
in the rule section.
4. Changed syntax in the generation dest section for blacklist's
categories
5. Fixed generation dest local sections in squidGuard.conf
6. Fixed bug in syntax. The word 'allow' changed to the word 'any'
in acl squidGuard.conf
7. Backported all changes from 1.4 to 1.3 which were made in T3810
8. Fixed webproxy smoketest
|
|
This add the AdvRASrcAddress configuration option to configure
a source address for the router advertisements. The source
address still must be configured on the system. This is useful
for VRRP setups where you want fe80::1 on the VRRP interface
for cleaner VRRP failovers.
|
|
backport: T4515: T4219: policy local-route6 and inbound-interface support
|
|
firewall: T4709: fix firewall MSS clamping issues
|
|
Clients supporting this DHCP option (DHCP option 108, per RFC 8925) will
disable its IPv4 network stack for configured number of seconds
and operate in IPv6-only mode.
Example clients supporting this option including iOS 15+ and macOS 12.0.1+.
|
|
(cherry picked from commit 3f91033927d80748b70e1ef58b2941643d1aca33)
|
|
(cherry picked from commit dda62226353ebc198b4dbbd319412bb5d1d1ece2)
|
|
ddclient: T4743: Add option for IPv6 Dynamic DNS
|
|
Use common "url.xml" which allow URL as domain name or IP entrie
|
|
Allow to set IPv6 address for Dynamic DNS
set service dns dynamic interface eth2 ipv6-enable
|
|
This commit fixes MSS clamping ranges as well as reintroduces the
clamp-mss-to-pmtu option value to clamp to PMTU instead.
|
|
Co-authored-by: initramfs <initramfs@initramfs.io>
|
|
|
|
Fix wrong descriptions for the RPKI server
It was mentioned about the NTP server
|
|
(cherry picked from commit 73be77ec42d06a369974bfb1255839164f73c276)
|
|
(cherry picked from commit bfa13e367d0b77105ba350a34da8212859f07f59)
|
|
set vpn openconnect network-settings split-dns <domain>
(cherry picked from commit e41685a2f56cca0a53b4f8c084f61a85cf561c80)
|
|
(cherry picked from commit 393355f7feaa921eba46b83d4f15ad4a5c37adab)
|
|
Ability to get MTU from DHCP-server and don't touch it per
any interface change if interface 'dhcp-options mtu' is
configured
(cherry picked from commit 29b0ee30bf2622a40ca3d17e3f6b9e94e5b62072)
|
|
snmp: T2763: Add protocol TCP for service SNMP
|
|
equuleus: Bond and Bridge interface fixes + new smoketests
|
|
Linux Kernel supports to specify the MII link monitoring frequency in
milliseconds. This determines how often the link state of each slave is
inspected for link failures. A value of zero disables MII link monitoring.
A value of 100 is a good starting point.
The default value is 100.
set interfaces bonding bond0 mii-mon-interval <n>
(cherry picked from commit 4315c8fa5bb090e2b7edd6bda205041623e2511d)
|
|
Ability to listen TCP port for service SNMP
set service snmp protocol tcp
|
|
webproxy: T4468: Fix regex for squidguard source-group 1.3
|
|
accel-ppp: T4373: T4507: Add options multiplier for shaper
|
|
ntp: T4456: support listening on specified interface (equuleus)
|
|
dns: T4509: Add dns64-prefix option (equuleus)
|
|
rfc6147: DNS Extensions for Network Address Translation
from IPv6 Clients to IPv4 Servers
set service dns forwarding dns64-prefix 2001:db8:aabb::/96
(cherry picked from commit 2bdf4798570222b57af2de2f0b443529abdc3feb)
|
|
Add rate-limit options: attribute, muptiplier and vendor
set service ipoe-server auth radius rate-limit attribute 'Mikrotik-Rate-Limit'
set service ipoe-server auth radius rate-limit enable
set service ipoe-server auth radius rate-limit multiplier '0.001'
set service ipoe-server auth radius rate-limit vendor 'Miktorik'
|
|
Multiplier option is required by some vendors for correct shaping
For RADIUS based rate-limits
edit service pppoe-server
set authentication radius rate-limit multiplier '0.001'
|
|
(cherry picked from commit b1db3de80b8b5f4e2dcbc6d687d342986345c4b2)
|
|
When clients only use DHCP for interface addressing we can not bind NTPd to
an address - as it will fail if the address changes. This commit adds support
to bind ntpd to a given interface in addition to a given address.
set system ntp interface <name>
(cherry picked from commit 6732df1edd632b56d3d02970939f51d05d4262e9)
|
|
Fix wrong behavior with priority by using tunnel interfaces
MPLS configuration must be applied after tunnel interfaces
as we use an addition sysctl option 'net.mpls.conf.tun0.input = 1'
which doesn't exist without a tunnel interface
Change priority:
299 protocols/mpls
380 interfaces/tunnel
To:
380 interfaces/tunnel
400 protocols/mpls
|
|
(cherry picked from commit fbd3bef2248de5785f96d2e7803a6811eee78710)
|
|
ipoe: T2580: Add pools and gateway options
|
|
The sla-id parameter of DHCPv6 prefix delegations is limited to 128. While this
is enough to use all /64 subnets of a /57 prefix, with a /56 prefix that is no
longer sufficient.
Increased sla-id length tp 65535 so one could delegate an entire /48.
(cherry picked from commit 283276d457a09c100416c0d4ffccd4f94ccd2540)
|
|
Add new feature to allow to use named pools
Can be used also with Radius attribute 'Framed-Pool'
set service ipoe-server client-ip-pool name POOL1 gateway-address '192.0.2.1'
set service ipoe-server client-ip-pool name POOL1 subnet '192.0.2.0/24'
|
|
Add output Plugin "prometheus-client" for telegraf
set service monitoring telegraf prometheus-client xxx
|
|
(cherry picked from commit 0b466f7a54cfedaf53edec5f3d58676113ece391)
|
|
T4324, T4338, T4339 WWAN interface bugfixes
|
|
(cherry picked from commit a6c936997611de85dc73152297679d0b53095713)
|
|
(cherry picked from commit 175b0a082808955adba811f18424a126e798dd32)
|
|
(cherry picked from commit 671abc96ac607226e208ac94b87a33851c144945)
|
|
inbound-interface support""
This reverts commit 45a2a7d0adc7e9d27d6c7aee1ccbd9b64a1437ad.
|
|
support"
|