Age | Commit message (Collapse) | Author |
|
|
|
* set protocols bfd peer <x.x.x.x> minimum-ttl <1-254>
* set protocols bfd profile <name> minimum-ttl <1-254>
|
|
|
|
ethernet: T4638: add smoketests verifying there are no stale VLAN interfaces left
|
|
sflow: T5968: add VRF support
|
|
Add support to run hsflowd in a dedicated (e.g. management) VRF.
Command will be "set system sflow vrf <name>" like with any other service
|
|
For example, port 5353 is reserved for multicast DNS, this means tests
will fail if the host running the tests is also running a mDNS server.
|
|
Streamline configuration and operation of dns forwarding service in
following ways:
- Remove `dns_forwarding_reset.py` as its functionality is now covered
by `dns.py`
- Adjust function names in `dns.py` to disambiguate between DNS
forwarding and dynamic DNS
- Remove `dns_forwarding_restart.sh` as its functionality is inlined in
`dns-forwarding.xml`
- Templatize systemd override for `pdns-recursor.service` and move the
generated override files in /run. This ensures that the override files
are always generated afresh after boot
- Simplify the systemd override file by removing the redundant overrides
- Relocate configuration path for pdns-recursor to `/run/pdns-recursor`
and utilize the `RuntimeDirectory` default that pdns-recursor expects
- We do not need to use custom `--socket-dir` path anymore, the default
path (viz., `/run/pdns-recursor` is fine)
|
|
left
This extends commit 7ba47f027 ("ethernet: T4638: deleting parent interface does
not delete underlying VIFs") with a smoketests ensure no VIFs are left behind.
|
|
* set service ntp leap-second [ignore|smear|system|timezone]
Where timezone is the new and old default resulting in adding "leapsectz right/UTC"
to chrony.conf. The most prominent new option is "smear" which will add
leapsecmode slew
maxslewrate 1000
smoothtime 400 0.001 leaponly
to chrony.
See https://chrony-project.org/doc/4.3/chrony.conf.html leapsecmode for
additional information
|
|
|
|
dhcp: T5952: Fix validate duplicate MAC Address on same subnet
|
|
|
|
T5865: Moved ipv6 pools to named ipv6 pools in accel-ppp
|
|
Moved ipv6 pools to named ipv6 pools in accel-ppp services
|
|
set protocols bgp address-family ipv4-unicast nexthop vpn export <ipv4-address|ipv6-address>
set protocols bgp address-family ipv6-unicast nexthop vpn export <ipv4-address|ipv6-address>
|
|
set protocols bgp address-family ipv4-unicast sid vpn export <auto|1-1048575>
set protocols bgp address-family ipv6-unicast sid vpn export <auto|1-1048575>
|
|
dhcpv6: T3316: Extend scope of DHCP options, bugfixes
|
|
* Also migrate `address-range` to `range` tag node for consistency with dhcpv4 server syntax
|
|
smoketest
|
|
the lease file (#2796)
|
|
bgp: T5913: allow peer-group support for ipv4|6-labeled-unicast SAFI
|
|
|
|
dhcp: T3316: T5787: T5912: Extend scope of DHCP options, bugfixes
|
|
|
|
supported by Kea
|
|
|
|
hyphen (-)
When testing for changed PKI certificates using node_changed(), we should not
use key_mangling=('-', '_'), as this will make certificate updates with a hypen
not possible.
|
|
We have not seen the adoption of the https virtual-host CLI option.
What it did?
* Create multiple webservers each listening on a different IP/port
(but in the same VRF)
* All webservers shared one common document root
* All webservers shared the same SSL certificates
* All webservers could have had individual allow-client configurations
* API could be enabled for a particular virtual-host but was always enabled on
the default host
This configuration tried to provide a full webserver via the CLI but VyOS is a
router and the Webserver is there for an API or to serve files for a local-ui.
Changes
Remove support for virtual-hosts as it's an incomplete and thus mostly useless
"thing". Migrate all allow-client statements to one top-level allow statement.
|
|
pki: T5905: do not use expand_nodes=Diff.ADD|Diff.DELETE) in node_changed()
|
|
Commit ad9bdfc24 ("T5195: add timeout argument to process_named_running()")
added a 2*10 seconds penalty for every interface test (dhcp and dhcpv6).
This leads to long runs of "make test" after an ISO build.
There is no need to wait 10 seconds for a test that checks for a process
not running. The timeout is there to give the process some time to startup.
|
|
|
|
Smoketests heavily rely on process_named_running() so in order to "relax"
system constraints during a test we will add a timeout of 10 seconds for
every testcase provided by base_interfaces_test.py
|
|
exclude-throttle-address
This fixes commit 199ceb1f0a ("dns: T5900: add dont-throttle-netmasks and
serve-stale-extensions powerdns features") where after the latest review round
the Jinja2 template was inconsitently changed and smoketests were not re-run.
|
|
features
|
|
deployments in cgnat. (#2694)
|
|
VyOS has several services relaying on the PKI CLI tree to retrieve certificates.
Consuming services like ethernet, openvpn or ipsec all re-implemented the same
code to retrieve the certificates from the CLI.
This commit extends the signature of get_config_dict() with a new option with_pki
that defaults to false. If this option is set, the PKI CLI tree will be blended
into the resulting dictionary.
|
|
|
|
A tunnel interface can not properly be sourced from a pppoe0 interface when
such interface is not (yet) connected to the BRAS. It might work on a running
system, but subsequent reboots will fail as the source-interface most likely
does not yet exist.
|
|
We will use _ as CLI level divider. The XML definition filename and also
the Python helper should match the CLI node.
Example:
set interfaces ethernet -> interfaces_ethernet.xml.in
set interfaces bond -> interfaces_bond.xml.in
set service dhcp-server -> service_dhcp-server-xml.in
|
|
|
|
This extends commit 1a84c4d0e ("ipsec: T1210: add smoketest for remote-access
(road-warrior) users") in a way that also the IPv4 pool and its DNS servers get
validated. There is no separate IPv6 test, as both address families behave
the same way when configuring these.
|
|
ipsec: T1210: add smoketest for remote-access (road-warrior) users
|
|
|
|
system: T5877: Shorten system domain-search config path
|
|
Python unittest framework treads the comments as test names during execution:
Example:
test_accel_ipv4_pool (__main__.TestVPNPPTPServer.test_accel_ipv4_pool)
Test accel-ppp IPv4 pool ... ok
|
|
In addition to testing for shortening the domain-search path, add and
improve tests for other resolv.conf entries.
|
|
|
|
T5801: Rewritten L2TP to get_config_dict
|
|
dhcp: T3316: Support hostname, DUID and MAC address in reservation
|