Age | Commit message (Collapse) | Author |
|
(cherry picked from commit 32d6a693de99021d2cd44fb4235e929caf7b4a6d)
|
|
(cherry picked from commit 24d0400b9c55cadef1eb99b3e84a363dd6ad5033)
|
|
(cherry picked from commit 84b6f6bcf59d526c35928c974e3f2d03c4d5ec06)
|
|
(cherry picked from commit 85e5ccbab85c8ded426896d61bcf64d329768f2c)
|
|
(cherry picked from commit 010c4061a8884a3617368f3618a425dc517d0675)
|
|
T6121: Extend config-sync for QoS and system options (backport #3193)
|
|
Ability to set interface for `excluded-address`
The excluded-addresses are not listed in the VRRP packet (adverts packets).
We have this ability for `address`, add the same feature for the
excluded-address
```
set high-availability vrrp group GRP-01 excluded-address 192.0.2.202 interface 'dum2'
set high-availability vrrp group GRP-01 excluded-address 192.0.2.203 interface 'dum3'
```
(cherry picked from commit 0daf445abcd00446da21fe0220d41d5fdde95ebd)
|
|
T5872: ipsec remote access VPN: support dhcp-interface. (backport #2965)
|
|
This changes behaviour from fetching CA chain in PKI, to the user manually setting CA certificates.
Prevents unwanted parent CAs existing in PKI from being auto-included as may not be desired/intended.
(cherry picked from commit 952b1656f5164f6cfc601e040b48384859e7a222)
|
|
(cherry picked from commit f7834324d3d9edd7e161e7f2f3868452997c9c81)
|
|
Extent the service config-sync for sections:
- qos interface
- qos policy
- system conntrack
- system flow-accounting
- system option
- system sflow
- system static-host-mapping
- system sysctl
(cherry picked from commit 9d5ad172034ae510288b11313d307f0a24bb4b7d)
|
|
xml: T5738: use common constraint include for container network (backport #3181)
|
|
(cherry picked from commit 37a4fdf229a7ab74718655f1d6e35fd94e5ad69a)
|
|
(cherry picked from commit 6be463fcca574e051420ae7549bed72e74486470)
|
|
Linux bridge uses EtherType 0x8100 by default. In some scenarios, an EtherType
value of 0x88A8 is required.
Reusing CLI command from VIF-S (QinQ) interfaces:
set interfaces bridge br0 protocol 802.1ad
(cherry picked from commit 9c9b1febff6863ccd3632a04d9e307909b3efe7a)
|
|
The maximum timeout for the `service config-sync` is 300 seconds
(Connection API timeout). It could not be enough for the real massive
configurations.
Increase the maximum value to 3600
```
set service config-sync secondary address 192.0.2.1
set service config-sync secondary timeout 3600
```
(cherry picked from commit 4a90e00a886397d9f4202b78cc8995ed93d40014)
|
|
add mtu to default and specified class
update smoke test
(cherry picked from commit 84bbcdf5b7980f701aba6e158a2be4a05e7076d9)
|
|
Extend `service config-sync` with new sections:
- LeafNodes: pki, policy, vpn, vrf (syncs the whole sections)
- Nodes: interfaces, protocols, service (syncs subsections)
In this cae the Node allows to uses the next level section
i.e subsection
For example any of the subsection of the node `interfaces`:
- set service config-sync section interfaces pseudo-ethernet
- set service config-sync section interfaces virtual-ethernet
Example of the config:
```
set service config-sync mode 'load'
set service config-sync secondary address '192.0.2.1'
set service config-sync secondary key 'xxx'
set service config-sync section firewall
set service config-sync section interfaces pseudo-ethernet
set service config-sync section interfaces virtual-ethernet
set service config-sync section nat
set service config-sync section nat66
set service config-sync section protocols static
set service config-sync section pki
set service config-sync section vrf
```
(cherry picked from commit 25b611f504521181f85cb4460bfdfd702c377b5e)
|
|
Remove all AS numbers from the AS_PATH of the BGP path's NLRI.
set policy route-map <name> rule <rule> set as-path exclude all
(cherry picked from commit 16395c902ff79fcb34019a6d499467488ed45849)
|
|
xml: T2518: T160: improve NAT66/NPTv6 and NAT64 help string s (backport #3135)
|
|
(cherry picked from commit 7ca0ad91744044f74690179eaec4160d9c4fee65)
|
|
(cherry picked from commit 63de63f43aaa720993faf06ba2789789d87d63c6)
|
|
(cherry picked from commit d6226d60dce4a46c9fa63adbf85f2df86c7bd1b1)
|
|
radvd: T6118: add nat64prefix support RFC8781 (backport #3125)
|
|
Add support for pref64 option, as defined in RFC8781. The prefix valid lifetime
must not be smaller than the "interface interval max" definition which defaults
to 600.
set service router-advert interface eth1 nat64prefix 64:ff9b::/96
(cherry picked from commit f1ead5c6a16aba00699b8a5b9c18ef6cffe8cc4d)
|
|
Lower available CPU C states to a minimum if this option set. This will set
Kernel commandline options "intel_idle.max_cstate=0 processor.max_cstate=1".
(cherry picked from commit 3a3e0dff4ff1f80835eca6b2362d792e3ecacc8e)
|
|
Added health-check to sync-group in CLI
Don't use instance health-check when instance in sync group member
Disallow wrong healtch-check configurations
New smoke test
|
|
dhcp-client: T6093: extend regex for client class-id's with DOT (backport #3117)
|
|
A restriction to ascii in the constraint disallowed earlier support for
unicode bytes.
(cherry picked from commit 66b92e1cd4ec948c1e2df4bee9b21da9633f5bd8)
|
|
The regex used is not working if the string contains dots.
Originally authored by: Lucas <pinheirolucas@pm.me>
(cherry picked from commit c8670ae7941a8bac31e2174d4c6426b47272bfcc)
|
|
be allowed
This reverts a change from commit a72ededa0 ("xml: T5738: lower maximum
description to 255 characters") which incresaed the lower limit from 0 to 1.
We actually require 0 length value for description nodes as introduced in
commit 6eea12512e ("xml: T1579: allow zero length for description").
(cherry picked from commit 724c685cba423758bece827d6d286815933ba912)
|
|
e.g. Linux Kernel only supports 255 and not 256 characters for the ifalias field.
(cherry picked from commit a72ededa0b29c25efaab52f2db170c34eba50248)
|
|
(cherry picked from commit 4792d39bb84991768404f69ff807e43a9979a79e)
|
|
(cherry picked from commit 77a25e95da48549f2791b677f4ba187e547b1c6a)
|
|
(cherry picked from commit c37fb4010c50a18029d6c680c42fceb3b8930dbd)
|
|
All valid country codes can be retrieved from [1] and extracted which resulted
in the completion helper list of this commit.
1: https://git.kernel.org/pub/scm/linux/kernel/git/wens/wireless-regdb.git/tree/db.txt
(cherry picked from commit 45cd735f89a4b6c7419a26d2800d832c9da9f735)
|
|
Make the code more uniform and maintainable.
(cherry picked from commit 21b0bf0168697fdbe514ae49a4a28b39a91ec777)
|
|
(cherry picked from commit 6a97fdfa1ba9b4135a51498ea5acabb804256b2c)
|
|
dhcp-server: T6079: Disable duplicate static-mappings on migration
|
|
Example:
vyos@vyos# set protocols ospfv3 redistribute bgp
Possible completions:
metric OSPF default metric
metric-type OSPF metric type for default routes (default: 2)
route-map Specify route-map name to use
(cherry picked from commit ed2c288c8a9031f91acf76d20b84e2002696981c)
|
|
(cherry picked from commit 3480d92a8c4d84e8c1f94a9362bac2be0cc77921)
|
|
|
|
(cherry picked from commit e2adfdef9e79aa7550e82a12d661718a479aba90)
|
|
|
|
Removed word 'PPPoE' from descriptions in common template for all
accel-ppp services.
(cherry picked from commit 8e1793834bf453ff252f38ae5271f7f9bcea9bf9)
|
|
* set system login user <name> disable
(cherry picked from commit 6e0b146ed3b90da577c3ecba38836883fd435e7a)
|
|
context
* set vrf name <name> ip nht no-resolve-via-default
* set vrf name <name> ipv6 nht no-resolve-via-default
(cherry picked from commit 0fafc4bcdb9efc03796ddab0832471b11ba1bbe0)
|
|
* set system ip nht no-resolve-via-default
* set system ipv6 nht no-resolve-via-default
(cherry picked from commit ece0e768f36e52f8964823d891264d7c187204ec)
|
|
Removed dhcp-interface option (l2tp)
Added wins-server (sstp)
Added description (ipoe, pppoe, sstp, pptp)
Added exteded-script (l2tp, sstp, pptp)
Added shaper (ipoe, pptp, sstp, l2tp)
Added limits (ipoe, pptp, sstp, l2tp)
Added snmp ( ipoe, pptp,sstp, l2tp)
Refactoring and reformated code.
(cherry picked from commit ac6a16f6c5ad7700789759e1ec093236c2e182a2)
|
|
(cherry picked from commit ac2d7dfac6073d0f232191ec494f78a8d12889e4)
|