summaryrefslogtreecommitdiff
path: root/interface-definitions
AgeCommit message (Collapse)Author
2020-11-12Merge pull request #594 from jack9603301/T3042John Estabrook
bridge: T3042: Support VLAN filter and VLAN sub-interface on the bridge
2020-11-11 mpls-conf: T915: Add MPLS misc parameters, add LDP misc parametersCheeze-It
This commit has to do with the addition of miscellaneous MPLS parameters, as well as miscellaneous LDP parameters. Per c-po, for miscellaneous options and whatnot that do not fit anywhere we will put them into a specific "parameters" node. I also did some global linux configuration changes here. We make changes to kernel options "net.mpls.ip_ttl_propagate" and "net.mpls.default_ttl" which should allow the behavior of VyOS to have the same as routers from the big vendors. I added two LDP options for cisco interoperation TLV and for a dual stack preference. Lastly, I went through and changes some of the help/description fields in the definitions page because I just felt they weren't uniform and the words seemed to not properly explain what they were doing. I also did some code clean up (or tried to...) with comments and whatnot.
2020-11-10bridge: T3042: Support VLAN filter and VLAN sub-interface on the bridgejack9603301
2020-11-08mpls-conf: T915: Add targeted LDP neighbors with parametersCheeze_It
The commit has to do with the addition of targeted LDP neighbors and parameters being added. FRR allows for this functionality and I just wanted to add it. We have basically 4 options that are added. Enabling targeted LDP functionality, the targeted neighbor, the hello interval of targeted sessions, and the hold time of targeted sessions. Both IPv4 and IPv6 has been coded in.
2020-11-07interfaces: dhcp-client: T2997: add option to not request DHCP router addressChristian Poessinger
Some might want to have an IP address handed out by a DHCP server but not want a default route to be installed. This can be done using the CLI command: "set interfaces ethernet eth2 dhcp-options no-default-route"
2020-11-07l2tpv3: T2653: include common "ip" interface optionsChristian Poessinger
2020-11-07macsec: T2653: include common "ip" and "ipv6" interface optionsChristian Poessinger
2020-11-07geneve: T2653: include common "ip" and "ipv6" interface optionsChristian Poessinger
2020-11-07T2653: migrate "ip" and "ipv6" interface options to generic includesChristian Poessinger
This reduces duplicated #include statements as each interface type already contained the individual includes.
2020-11-06system: T3048: add dynamic performance tuning daemonChristian Poessinger
Add new CLI command "set system options performance <latency | throughput>"
2020-11-04mpls-conf: T915: Add session hold time adjustment for static LDP neighborsCheeze_It
The commit has to do with the addition of session hold time parameter for LDP neighbors. This allows for being able to change said hold time on a static neighbor. The way that this works is to have it either delegated to a value (15-65535), or to just be default to whatever FRR stipulates or per the other session configuration values. I opted to remove the "-ipv4-" only because we know it's an IPv4 session that one has to create first. I figure it's redundant to add it there so I removed it.
2020-11-04mpls-conf: T915: Add TTL security for static LDP neighborsCheeze_It
The commit has to do with the addition of TTL security for LDP neighbors. The code was 90% done by Viascheslav. I modified it a little bit to get it to properly work. We added more parameters to the neighbors dynamic loop. Once this is merged then we should be able to add more for the dynamic neighbor statements. The way that this works is to have either TTL disabled, or to add the amount of hops accepted for the neighbor.
2020-11-03Merge branch 'wifi-wpa3' of github.com:c-po/vyos-1x into currentChristian Poessinger
* 'wifi-wpa3' of github.com:c-po/vyos-1x: wireless: T3042: move wifi-regulatory-domain into individual interface definition wireless: T2653: reset wireless priority to crux state wireless: T3034: add WPA3 support wireless: T3043: rename "wpa mode both" to "wpa+wpa2" ifconfig: T2985: fix wireless-bridge creation
2020-11-03wireless: T3042: move wifi-regulatory-domain into individual interface ↵Christian Poessinger
definition
2020-11-03Merge pull request #579 from sever-sever/T2103Christian Poessinger
conf-mode: T2103: Delete value help match en[ospx]N for eth interfaces
2020-11-03Merge pull request #585 from Cheeze-It/currentChristian Poessinger
mpls-conf: T915: Separate IPv4 and IPv6 hello timers, add IPv6 timers
2020-11-03bgp-xml: T2387: Fix validators for neighbor update-sourcesever-sever
2020-11-03wireless: T2653: reset wireless priority to crux stateChristian Poessinger
Now as we can dynamically create bridge interfaces we can also reset the interface priority back to the value it used to be in VyOS 1.2 crux.
2020-11-03wireless: T3034: add WPA3 supportChristian Poessinger
2020-11-03wireless: T3043: rename "wpa mode both" to "wpa+wpa2"Christian Poessinger
2020-11-02bgp-xml: T2387: Fix validators and add capability for new format bgpsever-sever
2020-11-01openvpn: T3036: support IPv6 remote-addressChristian Poessinger
2020-10-30openvpn: T2994: migrate to get_config_dict()Christian Poessinger
2020-10-30conf-mode: T3031: Fix ValueHelp for ipv6 multipathsever-sever
2020-10-28mtu: T2630: add support for ethernet MTU up to 16000 bytesChristian Poessinger
There is a Myricom 10G card with 16k MTU available.
2020-10-27mpls-conf: T915: Separate IPv4 and IPv6 hello timers, add IPv6 timersCheeze_It
The commit has to do with separating the hello/hold timers from being only IPv4 to being both IPv4 and IPv6. I renamed the existing hello and hold timers with an "-ipv4" and added ones that were "-ipv6". I did verify that the commands properly commit under FRR as well. I also added some room on the protocols_mpls.py file for the different variables as it seems we're might end up having longer names. Removed some spaces that I found too that weren't needed on ldpd.frr.tmpl as well.
2020-10-27Merge pull request #584 from sever-sever/T2387_octChristian Poessinger
bgp: T2387: Fix XML sheme for new bgp and bgp.py handler
2020-10-27Merge pull request #581 from sever-sever/T2631Christian Poessinger
accel: T2631: Add option for radius disable-accounting
2020-10-27bgp: T2387: Fix XML sheme for new bgp and bgp.py handlersever-sever
2020-10-27accel: T2631: Add option for radius disable-accountingsever-sever
2020-10-26dhcp-server: xml: T3016: use constraintErrorMessage for subnet definitionChristian Poessinger
2020-10-20conf-mode: T2103: Delete value help match en[ospx]N for eth interfacessever-sever
2020-10-19dhcpv6-server: T3000: fix prefix-degeation prefix-length help stringsChristian Poessinger
Error while copying statement from preference node.
2020-10-17ifconfig: T2985: support on demand bridge creationChristian Poessinger
The current implementation for bridge based interfaces has an issue which is caused by priority inheritance. We always assumed that the bridge interface will be created last, but this may not be true in all cases, where some interfaces will be created "on demand" - e.g. OpenVPN or late (VXLAN, GENEVE). As we already have a bunch of verify steps in place we should not see a bridge interface leak to the underlaying infrastructure code. This means, whenever an interface will be member of a bridge, and the bridge does yet not exist, we will create it in advance in the interface context, as the bridge code will be run in the same commit but maybe sooner or later. This will also be the solution for T2924.
2020-10-17geneve: T1799: add IPv6 CLI optionsChristian Poessinger
2020-10-17Merge pull request #576 from sever-sever/T752Christian Poessinger
sysctl-forwarding: T752: Add disable forwarding for ipv4
2020-10-17sysctl-forwarding: T752: Add disable forwarding for ipv4sever-sever
2020-10-17syslog: T2938: Add format octet-counted for syslog conf-modesever-sever
2020-10-15conf-mode: T915: Add mpls ldp explicit and holdtime commandssever-sever
2020-10-13pppoe-server: T2972: Increase rate limit validatorDmitriyEshenko
2020-10-11tftp-server: T2974: migrate to get_config_dict()Christian Poessinger
2020-10-11nat: T2198: use proper validators for dnat translation addressChristian Poessinger
2020-10-07Merge pull request #563 from lucasec/dns-source-addressChristian Poessinger
pdns_recursor: T2964: Expose query-local-address to dns config.
2020-10-06pdns_recursor: T2964: Expose query-local-address to dns config.Lucas Christian
In certain split DNS configurations, there is a need for more fine-grained control over the local address DNS forwarding uses to issue queries. The current pdns_recursor configuration allows the recursor to send queries from any available address on the interface the OS selects for the query, with no option to limit queries to a particular address or set of addresses. This commit exposes the `query-local-address` option in `recursor.conf` to users via the `service` `dns` `forwarding` `source-address` config node. If the parameter is unspecified, the default value of 0.0.0.0 (any IPv4 address) and :: (any IPv6 address) are used to match current behavior. Users who want more control can specify one or more IPv4 and IPv6 addresses to issue queries from. Per pdns_recursor docs, the recursor will load balance queries between any available addresses in the pools. Since IPv4 and IPv6 are different pools, note that specifying only one type of address will disable issuing queries for the other address family.
2020-10-06openconnect: T2036: reuse accel-name-server.xml.iChristian Poessinger
2020-10-06xml: tftp-server: include/reuse port-number.xml.iChristian Poessinger
2020-10-06xml: include: add common helper file for listen-addressChristian Poessinger
2020-10-05Update search domain error message to match new validation logic.Lucas Christian
(also converted file to unix line endings)
2020-10-05wireless: T2963: set default "both" on "security wpa mode"Christian Poessinger
2020-10-05dhcp(v6)-server: T2961: use fqdn validator wnd move to include snippedChristian Poessinger
Migrate the domain-search node (which occurs three times) to an includable snippet. Also re-use the fqdn validator to keep the regex patterns to as few locations as possible.