Age | Commit message (Collapse) | Author |
|
bridge: T3042: Support VLAN filter and VLAN sub-interface on the bridge
|
|
This commit has to do with the addition of miscellaneous MPLS parameters, as well as miscellaneous LDP parameters. Per c-po, for miscellaneous options and whatnot that do not fit anywhere we will put them into a specific "parameters" node.
I also did some global linux configuration changes here. We make changes to kernel options "net.mpls.ip_ttl_propagate" and "net.mpls.default_ttl" which should allow the behavior of VyOS to have the same as routers from the big vendors.
I added two LDP options for cisco interoperation TLV and for a dual stack preference.
Lastly, I went through and changes some of the help/description fields in the definitions page because I just felt they weren't uniform and the words seemed to not properly explain what they were doing. I also did some code clean up (or tried to...) with comments and whatnot.
|
|
|
|
The commit has to do with the addition of targeted LDP neighbors and parameters being added. FRR allows for this functionality and I just wanted to add it.
We have basically 4 options that are added. Enabling targeted LDP functionality, the targeted neighbor, the hello interval of targeted sessions, and the hold time of targeted sessions. Both IPv4 and IPv6 has been coded in.
|
|
Some might want to have an IP address handed out by a DHCP server but not want
a default route to be installed. This can be done using the CLI command:
"set interfaces ethernet eth2 dhcp-options no-default-route"
|
|
|
|
|
|
|
|
This reduces duplicated #include statements as each interface type already
contained the individual includes.
|
|
Add new CLI command "set system options performance <latency | throughput>"
|
|
The commit has to do with the addition of session hold time parameter for LDP neighbors. This allows for being able to change said hold time on a static neighbor.
The way that this works is to have it either delegated to a value (15-65535), or to just be default to whatever FRR stipulates or per the other session configuration values.
I opted to remove the "-ipv4-" only because we know it's an IPv4 session that one has to create first. I figure it's redundant to add it there so I removed it.
|
|
The commit has to do with the addition of TTL security for LDP neighbors. The code was 90% done by Viascheslav. I modified it a little bit to get it to properly work.
We added more parameters to the neighbors dynamic loop. Once this is merged then we should be able to add more for the dynamic neighbor statements.
The way that this works is to have either TTL disabled, or to add the amount of hops accepted for the neighbor.
|
|
* 'wifi-wpa3' of github.com:c-po/vyos-1x:
wireless: T3042: move wifi-regulatory-domain into individual interface definition
wireless: T2653: reset wireless priority to crux state
wireless: T3034: add WPA3 support
wireless: T3043: rename "wpa mode both" to "wpa+wpa2"
ifconfig: T2985: fix wireless-bridge creation
|
|
definition
|
|
conf-mode: T2103: Delete value help match en[ospx]N for eth interfaces
|
|
mpls-conf: T915: Separate IPv4 and IPv6 hello timers, add IPv6 timers
|
|
|
|
Now as we can dynamically create bridge interfaces we can also reset the interface
priority back to the value it used to be in VyOS 1.2 crux.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
There is a Myricom 10G card with 16k MTU available.
|
|
The commit has to do with separating the hello/hold timers from being only IPv4 to being both IPv4 and IPv6.
I renamed the existing hello and hold timers with an "-ipv4" and added ones that were "-ipv6". I did verify that the commands properly commit under FRR as well. I also added some room on the protocols_mpls.py file for the different variables as it seems we're might end up having longer names. Removed some spaces that I found too that weren't needed on ldpd.frr.tmpl as well.
|
|
bgp: T2387: Fix XML sheme for new bgp and bgp.py handler
|
|
accel: T2631: Add option for radius disable-accounting
|
|
|
|
|
|
|
|
|
|
Error while copying statement from preference node.
|
|
The current implementation for bridge based interfaces has an issue which is
caused by priority inheritance. We always assumed that the bridge interface will
be created last, but this may not be true in all cases, where some interfaces
will be created "on demand" - e.g. OpenVPN or late (VXLAN, GENEVE).
As we already have a bunch of verify steps in place we should not see a bridge
interface leak to the underlaying infrastructure code. This means, whenever an
interface will be member of a bridge, and the bridge does yet not exist, we will
create it in advance in the interface context, as the bridge code will be run
in the same commit but maybe sooner or later.
This will also be the solution for T2924.
|
|
|
|
sysctl-forwarding: T752: Add disable forwarding for ipv4
|
|
|
|
|
|
|
|
|
|
|
|
|
|
pdns_recursor: T2964: Expose query-local-address to dns config.
|
|
In certain split DNS configurations, there is a need for more
fine-grained control over the local address DNS forwarding uses to
issue queries. The current pdns_recursor configuration allows the
recursor to send queries from any available address on the interface
the OS selects for the query, with no option to limit queries to a
particular address or set of addresses.
This commit exposes the `query-local-address` option in
`recursor.conf` to users via the `service` `dns` `forwarding`
`source-address` config node.
If the parameter is unspecified, the default value of 0.0.0.0 (any
IPv4 address) and :: (any IPv6 address) are used to match current
behavior.
Users who want more control can specify one or more IPv4 and IPv6
addresses to issue queries from. Per pdns_recursor docs, the recursor
will load balance queries between any available addresses in the
pools. Since IPv4 and IPv6 are different pools, note that specifying
only one type of address will disable issuing queries for the other
address family.
|
|
|
|
|
|
|
|
(also converted file to unix line endings)
|
|
|
|
Migrate the domain-search node (which occurs three times) to an includable
snippet. Also re-use the fqdn validator to keep the regex patterns to as few
locations as possible.
|