Age | Commit message (Collapse) | Author |
|
vyos@vyos# run show vrf MGMT processes
2282 sshd
There is no dhclient process running in given VRF. dhclient complains it can
not send out packets via the given interface (as it's not bound to that VRF)
Aug 02 20:29:54 dhclient[1686]: send_packet: Network is unreachable
Aug 02 20:29:54 dhclient[1686]: send_packet: please consult README file regarding broadcast address.
Aug 02 20:29:54 dhclient[1686]: dhclient.c:3001: Failed to send 300 byte long packet over fallback interface.
|
|
Multiple scripts use the same hardcoded path for DHCP client leases in
different direcotries - this can't be worse.
|
|
|
|
cpo@leaf-02# show interfaces vxlan
+vxlan vxlan1 {
+ mtu 1500
+ parameters {
+ nolearning
+ }
+ port 4789
+ source-interface dum1
+ vni 100
+}
cpo@leaf-02# commit
[ interfaces vxlan vxlan1 ]
Group, remote or source-address must be configured
[[interfaces vxlan vxlan1]] failed
Extend verify() check to also honor source-interface definition.
|
|
|
|
When booting a system with DHCP clients running inside a VRF we require multiple
restarts - prevent systemd from putting the service into a "failed" state.
|
|
|
|
T5427: Fix migration script arguments len expects 2 args
|
|
wireguard: T5413: Blocked adding the peer with the router's public key
|
|
Disabeled adding the peer with the same public key as the router has.
Added smoketest
|
|
The script's name is always provided as the first argument sys.argv[0]
Expected length for argv is 2 (script itself + config file)
Change: 'if (len(argv) < 1)' to 'if len(argv) < 2'
|
|
Ability to set locate time format 12|24-hour
set system option time-format 12-hour|24-hour
$ date
Tue Aug 1 12:33:45 PM EEST 2023
$ date
Tue 1 Aug 12:34:09 EEST 2023
|
|
|
|
|
|
Change code for new syntax
|
|
|
|
balance within a single rule.
|
|
When no-release is specified, dhcp6c client will not release allocated address or prefix on client exit.
vyos.ifconfig: dhcpv6: T5387: re-use options_file for no release flag [WIP]
* Todo: render Jinja2 template and fill it
vyos.ifconfig: dhcpv6: T5387: finish options_file and no release flag in cli
vyos.ifconfig: dhcpv6: T5387: fix missing/wrong end tag
vyos.ifconfig: dhcpv6: T5387: fix options, no var for -n
dhcpv6-client: T5387: fix missing / from filepaths
|
|
|
|
ISC dhcp client contains least_update timestamp in human readable format this
makes less sense for an API and also the expiry timestamp is provided in UNIX
time. Convert string (e.g. Sun Jul 30 18:13:44 CEST 2023) to UNIX time (1690733624)
vyos@vyos:~$ ${vyos_op_scripts_dir}/dhcp.py show_client_leases --family inet --interface eth0.10
Interface eth0.10
IP address 172.16.33.123 [Active]
Subnet Mask 255.255.255.0
Domain Name vyos.net
Router 172.16.33.254
Name Server 172.16.254.30
DHCP Server 172.16.33.254
DHCP Server 86400
Last Update Sun Jul 30 18:13:44 CEST 2023
Expiry Mon Jul 31 18:13:43 CEST 2023
vyos@vyos:~$ ${vyos_op_scripts_dir}/dhcp.py show_client_leases --family inet --interface eth0.10 --raw
[
{
"last_update": 1690733624,
"reason": "RENEW",
"interface": "eth0.10",
"new_expiry": "1690820023",
"new_dhcp_lease_time": "86400",
"medium": "",
"alias_ip_address": "",
"new_ip_address": "172.16.33.123",
"new_broadcast_address": "172.16.33.255",
"new_subnet_mask": "255.255.255.0",
"new_domain_name": "vyos.net",
"new_network_number": "172.16.33.0",
"new_domain_name_servers": "172.16.254.30",
"new_routers": "172.16.33.254",
"new_static_routes": "",
"new_dhcp_server_identifier": "172.16.33.254",
"new_dhcp_message_type": "5",
"old_ip_address": "172.16.33.123",
"old_subnet_mask": "255.255.255.0",
"old_domain_name": "vyos.net",
"old_domain_name_servers": "172.16.254.30",
"old_routers": "172.16.33.254",
"old_static_routes": ""
}
]
|
|
vyos@vyos# ${vyos_op_scripts_dir}/dhcp.py show_client_leases --family inet --interface eth0.10
Interface eth0.10
IP address 172.16.33.123 [Active]
Subnet Mask 255.255.255.0
Domain Name vyos.net
Router 172.16.33.254
Name Server 172.16.254.30
DHCP Server 172.16.33.254
DHCP Server 86400
Last Update Sat Jul 29 21:13:32 CEST 2023
Expiry Sun Jul 30 21:13:31 CEST 2023
vyos@vyos# ${vyos_op_scripts_dir}/dhcp.py show_client_leases --family inet --interface eth0.10 --raw
[
{
"last_update": "Sat Jul 29 21:13:32 CEST 2023",
"reason": "BOUND",
"interface": "eth0.10",
"new_expiry": "1690744411",
"new_dhcp_lease_time": "86400",
"medium": "",
"alias_ip_address": "",
"new_ip_address": "172.16.33.123",
"new_broadcast_address": "172.16.33.255",
"new_subnet_mask": "255.255.255.0",
"new_domain_name": "vyos.net",
"new_network_number": "172.16.33.0",
"new_domain_name_servers": "172.16.254.30",
"new_routers": "172.16.33.254",
"new_static_routes": "",
"new_dhcp_server_identifier": "172.16.33.254",
"new_dhcp_message_type": "5",
"old_ip_address": "",
"old_subnet_mask": "",
"old_domain_name": "",
"old_domain_name_servers": "",
"old_routers": "",
"old_static_routes": ""
}
]
|
|
T5368: service ids ddos-protection add support sflow mode
|
|
T5127: vpnv4/v6 : warning for router-id
|
|
|
|
|
|
inetfaces
Keep a common CLI structure by re-using the already established offload
node from ethernet.
|
|
Preparation to make the code flow look more intuitive and add room to add
parsing of additional OpenVPN interfaces for DCO module load.
|
|
|
|
Module should be loaded/unloaded on demand.
|
|
T5154: NTP: allow maximum of one ipv4 and one ipv6 address on paramet…
|
|
|
|
|
|
|
|
<listen-address>. Also allow only one single value <interface>.
|
|
T4659: op-mode: Display bridge interface details
|
|
T4889: NAT Redirect: adddestination nat redirection (to local host) feature.
|
|
ospf: T5377: add graceful restart FRR feature (RFC 3623)
|
|
Comply with the code comment and not remove the users home directory.
This also fixes the issue that user homes get cleaned on system reboot
|
|
sFlow mode requires fewer resources then mode "mirror"
Integrate it into configuration mode
set service ids ddos-protection mode 'sflow'
set service ids ddos-protection sflow listen-address '127.0.0.1'
set service ids ddos-protection sflow port '6343'
|
|
|
|
New CLI commands:
* set protocols ospf graceful-restart grace-period 300
* set protocols ospf graceful-restart helper planned-only
* set protocols ospf graceful-restart helper no-strict-lsa-checking
* set protocols ospf graceful-restart helper supported-grace-time 400
* set protocols ospf graceful-restart helper enable router-id 192.0.2.1
* set protocols ospf graceful-restart helper enable router-id 192.0.2.2
* set protocols ospfv3 graceful-restart grace-period 300
* set protocols ospfv3 graceful-restart helper planned-only
* set protocols ospfv3 graceful-restart helper lsa-check-disable
* set protocols ospfv3 graceful-restart helper supported-grace-time 400
* set protocols ospfv3 graceful-restart helper enable router-id 192.0.2.1
* set protocols ospfv3 graceful-restart helper enable router-id 192.0.2.2
|
|
Fixed verifying peer without AFI, if the peer is interface.
|
|
|
|
T4497: ping: andd option to force ipv4 or ipv6 (-4 | -6)
|
|
|
|
|
|
|
|
There was no /var/log/messages handler for logrotate making rsyslog
crash after a few days.
In addition we had some JIna2 templating errors for hosts, user and file
CLI nodes
jinja2.exceptions.UndefinedError: 'dict object' has no attribute 'facility'
Looks like therey are used rarely ;) - lucky me!
|
|
|
|
|