Age | Commit message (Collapse) | Author |
|
vyos@vyos# show service dhcp-server
shared-network-name LAN {
subnet 10.0.0.0/24 {
default-router 10.0.0.1
dns-server 194.145.150.1
lease 88
range 0 {
start 10.0.0.100
stop 10.0.0.200
}
static-route 192.168.10.0/24 {
next-hop 10.0.0.2
}
static-route 192.168.20.0/24 {
router 10.0.0.2
}
}
}
(cherry picked from commit a4440bd589db645eb99f343a8163e188a700774c)
|
|
T3275: conntrack: Backport XML/Python implementation of conntrack CLI
|
|
|
|
This commit also extends the smoketest to verify that the exception for this
error is raised.
(cherry picked from commit 84a429b41175b95634ec9492e0cf3a564a47abdd)
|
|
While migrating to get_config_dict() in commit e8a1c291b1 ("login: radius:
T3192: migrate to get_config_dict()") the user-name was not excluded
from mangling (no_tag_node_value_mangle=True).
This resulted in a username "vyos-user" from CLI to be actually created as
"vyos_user" on the system.
This commit also adds respective Smoketests to prevent this in the future.
(cherry picked from commit 658de9ea0fbe91e593f9cf0a8c434791282af100)
|
|
|
|
As IS-IS is a new feature and the CLI configuration changed from 1.3 -> 1.4
(required by T3417) it makes sense to synchronize the CLI configuration for
both versions. This means backporting the CLI from 1.4 -> 1.3 to not confuse
the userbase already with a brand new feature.
As 1.3.0-epa1 is on the way and should not contain any CLI changes afterwards,
this is the perfect time.
|
|
|
|
(cherry picked from commit 8c1c9e1c37be9e88e8a7ea0182a43a3396eff623)
|
|
This completes commit e7d841d285 ("smoketest: shim: remove superfluous sleep()
in getFRRconfig()").
(cherry picked from commit 9b21e4a769385514f0bf625d665d588266dc6de4)
|
|
The sleep was intended to handle a FRR issue where the config was/is somehow
now available in vtysh even with the commit was done. This rather feels
like a race-condition and is fixed in the subsequent commit.
(cherry picked from commit e7d841d2854d8e0ebb95cb6f0bd83e84fba3a9fa)
|
|
(cherry picked from commit f89a0cfc7d0d908cbe1715b760b07926ffa3f7b9)
|
|
Currently every smoketest does the setup and destruction of the configsession
on its own durin setUp(). This creates a lot of overhead and one configsession
should be re-used during execution of every smoketest script.
In addiion a test that failed will leaf the system in an unconsistent state.
For this reason before the test is executed we will save the running config
to /tmp and the will re-load the config after the test has passed, always
ensuring a clean environment for the next test.
(cherry picked from commit 0f3def974fbaa4a26e6ad590ee37dd965bc2358f)
|
|
It is easier to backport the entire vyos.ifconfig library from 1.4 instead of
backporting single pieces which are required to add new feature to the tunnel
interface section.
In addition that both libraries are now back in sync it will become much easier
to backport any other new feature introduced in VyOS 1.4!
|
|
WARNING: Using --genkey --secret filename is DEPRECATED.
Use --genkey secret filename instead.
|
|
|
|
(cherry picked from commit 63a094b339296d97ecf3b87eac8d1d3ce8fadd3a)
|
|
(cherry picked from commit 2318c874c4ec43076c2664e473f7273928d9f2a6)
|
|
(cherry picked from commit 065c6b620cb52a3235c7b6e210d34dc8cb943b95)
|
|
(cherry picked from commit 6b7b19c93f90839549dd668116c4da2f38cfdc66)
VyOS 1.3 will ship OpenVPN 2.5.1 and thus it is the perfect timing to still
remove this option before introducing it in a new LTS release.
|
|
(cherry picked from commit 9431383abc926ca4513928c56924e942ea250cc8)
|
|
A validator is missing checking that if authentication is used on a PPPoE
interface, both username and password are set.
|
|
(cherry picked from commit c2a1c071e7d0a9ca754d7f5016eed7db188b3d1a)
|
|
Set default TTL value for tunnels from 0 to 64
There are a lot of situation when default value 0 (inherit)
not work properly when you have routing configuration for OSPF
or BGP over the tunnels. To fix it you need explicit set TTL
value other then 0. Or hardcode another value as default.
(cherry picked from commit b4db37507635bf95161bea32b18736fc0732a9e6)
|
|
Added by commit 8ff36fa268f ("smoketest: vif: T3570: fix vlan interface MTU test
for pseudo-ethernet interfaces"), but it used the new API available through
VyOSUnitTestSHIM.
This has ben fixed to use the old API.
|
|
(cherry picked from commit bee080daffad41468eee6084f54bc67b1470f914)
|
|
interfaces
The MTU size of the source-interface must be greater or equal to the MTU of the
pseudo ethernet interface.
(cherry picked from commit 06dae2734aee09885e34aec0df397985c2a36961)
|
|
(cherry picked from commit ed817477dd418f4b448910e990f38a9a3de5ee73)
|
|
We always read back the RPS value from eth1 which worked on the CI smoketests,
but not when running a smoketest with only one interface e.g. by:
$ TEST_ETH="eth2" /usr/libexec/vyos/tests/smoke/cli/test_interfaces_ethernet.py
(cherry picked from commit a431adf8676ea377175b91776082eb37d4773e80)
|
|
Replace function get_interface_config to
function get_interface_config, as we have
in 1.4 branch.
It need after this cherry-picked commit edcdea8
|
|
Commit b0520172 ("dhcpv6-server: T3549: fix incorrect syntax for global
name-server definition") changed how the daemon configuration represents global
DNS nameservers.
Test updated.
(cherry-picked from commit ae57c5dc783d8c87382e25e031e21d8c2be59d03)
|
|
As we do not allow any invalid raw options passed into ISC dhcpd we should also
verify this behavior with a smoketest.
(cherry picked from commit 8ab55eb237370b2152b2c0027af5cf16a69675af)
|
|
Option specifying the rate in which we'll ask our link partner to transmit
LACPDU packets in 802.3ad mode.
set interfaces bonding bond0 lacp-rate <slow|fast>
slow: Request partner to transmit LACPDUs every 30 seconds (default)
fast: Request partner to transmit LACPDUs every 1 second
(cherry picked from commit 8e392a3dbc16f7b80a979f7b4e9c11408d700e6f)
|
|
(cherry picked from commit ca75162b3bbace38fcad5c91ad07c4fedac8444c)
|
|
|
|
|
|
(cherry picked from commit 117533482d29ce0bd1bc7f3a3f2536921c16565c)
|
|
(cherry picked from commit 0ac696663b6885e659987efdbe83ae7d4a3f7779)
|
|
Linux does not support changing the remote address from any (multipoint
GRE as used by DMVPN) to a discrete remote address. THis will return an
error: add tunnel "tun1" failed: Invalid argument
This can be handled by detecting the mGRE -> GRE change and re-create the tunnel
silently.
(cherry picked from commit ea2a22f7844735021fb638c911527e612abfbc69)
|
|
There had been four implementations of "ip -d -j link show interface" scattered
accross the codebase. Those implementations have now been combined into a new
helper:
vyos.util.get_json_iface_options()
(cherry picked from commit f13cc56d665a91ff3fac47df260301afefb1a3a5)
|
|
Commit 52ee92b8 ("pppoe: T3386: Fix client ip-pool stop range") fixed the
generated client range configuration line for Accel-PPP but missed out altering
the testcase, too which validates the generated configuration line.
(cherry picked from commit 00d3ba7c7bc2f16a0a029d5f1be964bcd3c45fd9)
|
|
When a VIF/VLAN interface is placed in admin down state but the lower
interface, serving the vlan, is moved from admin down -> admin up, all its
vlan interfaces will be placed in admin up state, too.
This is bad as a VLAN interface will become admin up even if its specified as
admin down after a reboot.
To reproduce:
set interfaces ethernet eth1 vif 20 disable
set interfaces ethernet eth1 disable
commit
delete interfaces ethernet eth1 disable
commit
Now check the interface state and it returns UP,LOWER_UP
7: eth1.20@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:50:56:b3:09:07 brd ff:ff:ff:ff:ff:ff
inet6 fe80::250:56ff:feb3:907/64 scope link
valid_lft forever preferred_lft forever
(cherry picked from commit 49bc3f1e3ff8416908fc986bb60b444a75a1722d)
|
|
(cherry picked from commit 04724ed189553ce43f8504f68fef8024ef5796de)
|
|
(cherry picked from commit d41e8e860a66f45d295081f024aa2918f221443f)
|
|
(cherry picked from commit 5bcc549edeaeaa767d77a68b33751e834d467c34)
|
|
Linux prevents changing parameters on a gretap (which is used by gre-bridge)
interfaces. To overcome this limitation a tunnel must be destroyed and recreated
on demand when gre-bridge is used.
|
|
No sequence number support in FRR 7.3 for
- community-list
- extcommunity-list
- large-community-list
|
|
|
|
|
|
.. if BFD connections will be source from invalid sources this will
crash bfdd in FRR 7.3
(cherry picked from commit 82bdae42ceefb1132f8a98628fa9681543f4f269)
|