Age | Commit message (Collapse) | Author |
|
Fixed verifying peer without AFI, if the peer is interface.
|
|
T4497: ping: andd option to force ipv4 or ipv6 (-4 | -6)
|
|
|
|
|
|
|
|
There was no /var/log/messages handler for logrotate making rsyslog
crash after a few days.
In addition we had some JIna2 templating errors for hosts, user and file
CLI nodes
jinja2.exceptions.UndefinedError: 'dict object' has no attribute 'facility'
Looks like therey are used rarely ;) - lucky me!
|
|
|
|
|
|
|
|
policy: T5357: only delete migrated BGP community rules
|
|
* T5195: move run, cmd, call, rc_cmd helper to vyos.utils.process
* T5195: use read_file and write_file implementation from vyos.utils.file
Changed code automatically using:
find . -type f -not -path '*/\.*' -exec sed -i 's/^from vyos.util import read_file$/from vyos.utils.file import read_file/g' {} +
find . -type f -not -path '*/\.*' -exec sed -i 's/^from vyos.util import write_file$/from vyos.utils.file import write_file/g' {} +
* T5195: move chmod* helpers to vyos.utils.permission
* T5195: use colon_separated_to_dict from vyos.utils.dict
* T5195: move is_systemd_service_* to vyos.utils.process
* T5195: fix boot issues with missing imports
* T5195: move dict_search_* helpers to vyos.utils.dict
* T5195: move network helpers to vyos.utils.network
* T5195: move commit_* helpers to vyos.utils.commit
* T5195: move user I/O helpers to vyos.utils.io
|
|
T5059: relay: add disable options for dhcp-relay and dhcpv6-relay
|
|
T5355:IPSec:op cmd:"sh vpn ike status" not working
|
|
dhclient: T5358: Use return in 99-ipsec-dhclient-hook
|
|
Use return instead of exit in 99-dhclient-exit-hook to allow subsequent unnumbered hooks to run (like rfc3442-classless-routes). Hooks are sourced, not executed.
|
|
Commit 6e621e42f ("bgp: T5338: simplify XML and code handling") hat a wrong if
branch when handling the check if an interface belongs to the proper VRF when
MPLS forwarding is used.
This has been fixed.
|
|
|
|
|
|
validor for dhcpv6-relay which was missing.
|
|
|
|
|
|
|
|
bgp: T5338: Added 'protocols bgp interface <int> mpls forwarding' feature
|
|
|
|
Added 'protocols bgp interface <int> mpls forwarding' feature.
It is possible to permit BGP install VPN prefixes without transport labels.
This configuration will install VPN prefixes originated from an e-bgp session,
and with the next-hop directly connected.
|
|
Migrate:
high-availability virtual-server 203.0.113.1
to: high-availability virtual-server <name> address 203.0.113.1
|
|
T775: Config-sync bracketize IPv6 secondary address
|
|
|
|
bracketize IPv6 remote address to avoid
Failed to parse: https://2001:db8::2/configure-section
|
|
T775: Add service config-sync between 2 routers
|
|
VPP: T1797: Optimizations for VPP memory allocation during startup
|
|
- changed memory requirement from total to available. This allows to start on
systems with less total memory and protects from startup on systems with
overloaded memory.
- prevent startup if sysctl settings were not applied. This protects from
situations when the system cannot allocate enough hugepages or apply other
sysctl settings.
|
|
without vrf
|
|
isis: T5335: fix invalid isis config base in migration script
|
|
* set protocols ospf aggregation timer <seconds>
* set protocols ospf summary-address x.x.x.x/x [tag 1-4294967295]
* set protocols ospf summary-address x.x.x.x/x no-advertise
|
|
After an interface is added/removed from VPP, it will be reinitialized, which
allows reconfiguring IP addresses on it.
Also modified VPP load priority to start before interfaces, and avoid
reconfiguration during boot.
|
|
|
|
Interface may not be present in the op-mode dictionary, it cause
KeyError: 'interface' for policy route
|
|
T1797: VPP verify minimal installed memory and apply sysctl
|
|
Do not allow configure VPP if on the systems with low amount
installed memory
Add sysctl VPP parameters (hugepages, kernel.shmmax)
|
|
|
|
Service config-sync allows synchronizing a section of
the configuration.
As PoC allow only nat, nat66 and firewall sections
Rertreive the configuration for a section from self node and
send this configuration to the section of the 'secondary' node.
This feature adds a symlink from helper 'vyos_config_sync.py'
to '/config/scripts/commit/post-hooks.d' and config that is
located in '/run/config_sync_conf.conf'
It will synchronyze the config only if the setcion
was changed.
set service config-sync secondary address 192.0.2.11
set service config-sync secondary key xxx
set service config-sync section nat
set service config-sync section nat66
set service config-sync section firewall
set service config-sync mode load
|
|
T1797: Add initial vpp configuration
|
|
- added extra renaming operation to be sure that interface has the same name as
before in the system after it was moved from VPP to kernel
- added extra check after PCI device removal/adding
- added check for proper `retval` for CPI calls where it is available
- replaced empty return with an error in `_get_pci_address_by_interface()`
because not resolved address will lead to inconsistency of the system later
|
|
The previous implementation did not iterate over the communit list, so only
one match criteria was supported.
set policy route-map FOO rule 10 action 'permit'
set policy route-map FOO rule 10 set extcommunity rt '1111:2222222'
worked but on the other hand this failed:
set policy route-map FOO rule 20 action 'permit'
set policy route-map FOO rule 20 set extcommunity rt '6500:24 6500:23 192.168.0.1:111 192.168.0.1:222'
|
|
|
|
- added ability to add/remove interfaces without system reboot
- added `attempts` and `interval` to the VPP API connection. This is helpful in
case of high system load or when VPP was just started and API is not yet
available.
- added exceptions to API calls. This allows handling errors in communication
with API properly in conf-mode scripts.
- fixed PCI address search in VPP to match Linux kernel and ethtool style
- fixed systemd daemons control - first reload, then restart
- removed debug prints
- removed `vm.nr_hugepages` configuration. It is not required now but increases
RAM requirements a lot.
|
|
Use info from both ethtool and VPP to find PCI address for an
interface.
|
|
T5304: Container add volume bind propagation option
|
|
Replaced CLI commands with API calls.
CLI commands still can be used via:
```
vpp_control = VPPControl()
vpp_control.cli_cmd('command_here')
```
|