Age | Commit message (Collapse) | Author |
|
This reverts commit b71a04811bd61e1faf2bc4eaceaaae8bdbf97dc6.
|
|
This reverts commit 72d7152f794cfe48821797d62865024c1843096e.
|
|
(cherry picked from commit 3a605ad020d8d20b08a72cb1284f6e590d1fd7b5)
|
|
(cherry picked from commit 25b2f2a8057260ad0d2c59823618d7c9f0fba707)
|
|
VXLAN does support using multiple remotes but VyOS does not. Add the ability
to set multiple remotes and add their flood lists using "bridge" command.
(cherry picked from commit 0ecddff7cffa8900d351d5c15e32420f9d780c0b)
|
|
backport: T4515: T4219: policy local-route6 and inbound-interface support
|
|
openvpn: T3686: Fix for check local-address in script and tmpl
|
|
|
|
|
|
Local-address should be checked/executed only if it exists in the
openvpn configuration, dictionary, jinja2 template
(cherry picked from commit 230ac0a202acd7ae9ad9bccb9e777ee5a0e0b7b7)
|
|
|
|
|
|
Adds support for `ip -6 rule` policy based routing.
Also, extends the existing ipv4 implemenation with a
`destination` key, which is translated as
`ip rule add to x.x.x.x/x` rules.
https://phabricator.vyos.net/T4151
|
|
(cherry picked from commit 122c7a53575f67759f157e02eca776f799658dc1)
|
|
interface
It is impossible for the OS kernel to distinguish multiple GRE tunnels when no
"gre key" is configured when sourcing tunnels from the same interface.
(cherry picked from commit 6f1326d6b68f6dcb83843374c876407ef2922bd1)
|
|
We always mangled and worked on the "ip rule" singleton even when nothing
needed to be changed. This resulted in a VRF hickup when the same VRF was added
and removed multiple times.
set interfaces ethernet eth1 vrf foo
set vrf name foo table '1000'
commit
delete interfaces ethernet eth1 vrf
delete vrf
commit
set interfaces ethernet eth1 vrf foo
set vrf name foo table '1000'
commit
broke reachability on eth1 - a reboot was required.
This change will now only alter the ip rule tables once when VRF instances
are created for the first time and will not touch the Kernel "ip rule"
representation afterwards.
(cherry picked from commit 2cec431e5caf9df85640f707cd6dc3077c17c238)
|
|
Verify section conntrack_sync.py funciton 'is_addr_assigned'
should checks address as string not as list
|
|
OpenVPN can't start if it depends on VRRP virtual-address as
virtual-address is not yet assigned by HA (openvpn and ha
in one commit) as we have checks "if address assigned"
It depends on commit priorities:
460 interfaces/openvpn
800 high-availability
Replace check if local-host address assigned from raise ConfigError
to print (just notification)
Allow to bind OpenVPN service to nonlocal address
|
|
|
|
(cherry picked from commit 11a900e706db59459314622050ced7d4117f090b)
|
|
|
|
Allow setting ipv6-link-local addresses as peer address for
wireguard interfaces
Add validator "ipv6-link-local"
|
|
squid: T3299: Add listen address 0.0.0.0
|
|
(cherry picked from commit 5a73c946000902f6e445b0803ca090f7fc6e0954)
|
|
Without this option systemd startup will hit a timeout and the kill keepalived
again.
(cherry picked from commit 2a279f48e208b90c91eac5d6c5855e65cee39018)
|
|
(cherry picked from commit 1a74e6b3ce061f3c866bcb3f119ee5c73b0c6796)
|
|
In case if a CLI configuration is not available, dhclient cannot add
nameservers to a `resolv.conf` file, because `vyos-hostsd` requires that
an interface be listed in the `set system name-server` option.
This commit introduces two changes:
* `vyos-hostsd` service will not be started before Cloud-Init fetch all
remote data. This is required because all meta-data should be available
for Cloud-Init before any of VyOS-related services start since it is
used for configuration generation.
* the `vyos-hostsd-client` in the `dhclient-script` will be used only if
the `vyos-hostsd` is running. In other words - if VyOS services already
started, dhclient changes `resolv.conf` using `vyos-hostsd`; in other
cases - does this directly.
These changes should protect us from problems with DHCP during system
boot if DHCP is required by third-party utils.
|
|
l2tp-server: T4117: Add dae-server configuration to template
|
|
(cherry picked from commit d2ca2ac1cf9cacd44a04fbb6da9a884c23f043f6)
|
|
|
|
(cherry picked from commit a70a4001fe0b3a91a7d86191ff32dcc7205d2eae)
|
|
(cherry picked from commit 4aaf0ba69139d84f89e5c3feee6edd845af8d1e5)
|
|
After rewriting conntrack-sync to XML/python, part of op-mode
parameters was missed
Add "status" and "statistics" for conntrack-sync
|
|
|
|
(cherry picked from commit 55f8ede2d09a9ad095f9ec5c2a729f8c5fb6aafa)
|
|
|
|
(cherry picked from commit 45d2429aa5d2ffafacdc5d9d00b7097169592427)
|
|
|
|
(cherry picked from commit 0e3c35e6517f5cfebb4206c735a2ea976a7fd383)
|
|
(cherry picked from commit 92c4cc5e1248b3c7ffda03e23eeb21e2073ba7f0)
|
|
(cherry picked from commit 30311db5a00c78872c9ad9b29e7081e0d81a5362)
|
|
(cherry picked from commit c3471fe9d4cf0aab46feae94618925a95bcd5411)
|
|
expose OS
(cherry picked from commit 9ccc353893a3a9a1dc7dfd59463d34449bf05afb)
|
|
(cherry picked from commit 86ab3b7dad7f2ad2c39a8b110e4a845195cda32e)
|
|
|
|
|
|
|
|
(cherry picked from commit 955f260ce682d64d27b3b11e618b1ae0176e4b91)
|
|
in __init__"
This reverts commit f168e409acb314d1c15a4343643be7c07ce79b44.
|
|
(cherry picked from commit d7f0cbdc102a1186cec80d0ebf29b8f4ef415435)
|