summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2020-12-17xdp: T2666: initial XDP (generic mode) forwarding supportChristian Poessinger
The CLI command 'set interfaces ethernet <interface> offload-options xdp" enables the XDP generic mode on the given interface. vyos@vyos:~$ show interfaces ethernet eth1 eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 xdpgeneric/id:151 qdisc mq state DOWN group default qlen 1000 link/ether 00:50:56:bf:ef:aa brd ff:ff:ff:ff:ff:ff inet6 fe80::250:56ff:febf:efaa/64 scope link tentative valid_lft forever preferred_lft forever Description: fooa XDP code is thankfully copied from [1], thank you for this nice tutorial. NOTE: this is an experimental feature which might break your forwarding/filtering. [1]: https://medium.com/swlh/building-a-xdp-express-data-path-based-peering-router-20db4995da66
2020-12-17flow-accounting: T3132: enable egress traffic accountingJan-Philipp Benecke
2020-12-14netplug: T3130: use Debian upstream versionChristian Poessinger
2020-12-10test: vyos.validate: check is_addr_assigned()Christian Poessinger
2020-12-08Merge pull request #633 from jack9603301/T3089Christian Poessinger
mirror: T3089: support two-way traffic mirroring
2020-12-08bgp: T2174: Fix Template. Update to use FRRConfig frameworksever-sever
2020-12-08mirror: T3089: support two-way traffic mirroringjack9603301
2020-12-07system: T3119: migrate "system ip" to get_config_dict() incl. smoketestChristian Poessinger
2020-12-07Merge pull request #636 from c-po/t2562-dhcpChristian Poessinger
dhcp: T2562: add "listen-address" CLI node for better DHCP relay support
2020-12-06Revert "vyos.ifconfig: T1579: do not remove IPv6 link-local address on ↵Christian Poessinger
reconfiguration" This reverts commit d247736f67cc056062b75a4215a031bebcfee2ee. We need to clean link-local IPv6 addresses on link reconfiguration to also drop no longer existing link-local addresse son MAC address change.
2020-12-06migration: interfaces: remove superfluous importsChristian Poessinger
2020-12-06dhcpv6-relay: T3095: is_ipv6_link_local() now supports a prefix lengthChristian Poessinger
2020-12-06vyos.ifconfig: T1579: do not remove IPv6 link-local address on reconfigurationChristian Poessinger
2020-12-06dhcpv6: T3100: migrate server configuration to get_config_dict()Christian Poessinger
2020-12-06dhcp: T2562: add "listen-address" CLI node for better DHCP relay supportChristian Poessinger
Running ISC DHCP server as backend server for multiple pools served to relay agents requires DHCPd to explicitly listen on give interfaces or a "transit" subnet declaration facing the network where we receive the DHCPREQ messages on. This implements a new "listen-address" CLI node, the given address is validated if it is assigned to the system and upon success, a proper "subnet { }" statement is added into dhcpd.conf
2020-12-06test: vyos.template: test additional templating functionsChristian Poessinger
2020-12-04dhcp: T3100: re-add range slicing support when exclude addresses are usedChristian Poessinger
Support was not yet present after the rewrite from commit 84b7ade2 ("dhcp: T3100: migrate server configuration to get_config_dict()")
2020-12-04dhcp: T3100: migrate server configuration to get_config_dict()Christian Poessinger
2020-12-04pppoe: T3112: drop "ipv6 enable" optionChristian Poessinger
IPv6 enable can be considered once the ipv6 node is present!
2020-12-03pim: igmp: T2744: Define the absolute path to pimdDmitriyEshenko
2020-12-03isis: T1316: Fix isis delete section. Use an updated frr frameworksever-sever
2020-12-02op-mode: lldp: T3104: bugfix AttributeError on multiple hosts/networkChristian Poessinger
2020-12-01nat: T3102: Check key in dictionaryDmitriyEshenko
2020-12-01vpn: ipsec: T3093: add XML for vpn ipsec conf-modeViacheslav Hletenko
2020-12-01dhcpv6: T1433: combine templates for v4 and v6Christian Poessinger
2020-11-30Merge pull request #624 from Cheeze-It/currentChristian Poessinger
mpls-conf: T915: Add ethernet vif sub interface MPLS enable
2020-11-30mpls-conf: T915: Add ethernet vif MPLS enableCheeze_It
In this commit we added ethernet sub interface MPLS enablement. Per request by @bbs2web, this functionality is now possible. This should now allow ethernet switched networks with VLAN tags to also allow for MPLS packet flow.
2020-11-30Merge pull request #612 from sever-sever/T1316Daniil Baturin
frr-isis: T1316: Add new routing feature ISIS
2020-11-30frr-is-is: T1316: Add new routing feature IS-ISsever-sever
2020-11-29dhcpv6-relay: T3095: improve verify()Christian Poessinger
- Upstream interfaces require a DHCPv6 server to be configured - Listen interface must have a a global unicast address assigned, else ISC dhcrelay won't start.
2020-11-29dhcpv6-relay: T3095: migrate service to get_config_dict()Christian Poessinger
2020-11-29smoketest: dhcpv6-relay: T3095: initial testsChristian Poessinger
2020-11-29dhcp-relay: T3095: migrate service to get_config_dict()Christian Poessinger
2020-11-29smoketest: dhcp-relay: T3095: initial testsChristian Poessinger
2020-11-28nat: T3092: migrate to get_config_dict()Christian Poessinger
The NAT system consists out of nested tag nodes which makes manual parsing very hard. This is a perfect candidate for migrating this to get_config_dict() as there is already a smoketest in place. In addition this should make it easier to add features like static nat/hairpin.
2020-11-28system: T3038: remove /dev/console from loadkeysChristian Poessinger
/dev/console is not always present, e.g. on headless devices like an APU4.
2020-11-28vyos.template: T2720: fix remaining in-line time_block syntaxChristian Poessinger
Commit a2ac9fac ("vyos.template: T2720: always enable Jinja2 trim_blocks feature") globally enabled the trim_blocks feature. Some templates still used in-line trim_blocks "{%"- or "-%}" which caused miss-placed line endings. This is fixed by removing all in-line trim_block statememnts of Jinja2 templates.
2020-11-27vyos.template: T2720: always enable Jinja2 trim_blocks featureChristian Poessinger
2020-11-27igmp-proxy: T3088: migrate to get_config_dict()Christian Poessinger
2020-11-26pim: igmp: igmp-proxy: T2744: Add check to prevent pimd and igmp-proxy conflictDmitriyEshenko
2020-11-23mpls-conf: T915: fix Python format string after refactoringCheeze-It
2020-11-23op-mode: wireless: T3084: fix TypeErrorChristian Poessinger
2020-11-23mpls: T915: unclutter verify() code by using "not" statementsChristian Poessinger
2020-11-23mpls: T915: replace os.system() calls with vyos.util.call()Christian Poessinger
Also drop the Python2 print formatting code in favour of Python3 formatted strings.
2020-11-23openvpn: T3074: fix site-2-site operation modeChristian Poessinger
When rendering the configs "ifconfig" statement wrong IP addresses have been used for the "tun" operating mode. This has been corrected.
2020-11-23Merge pull request #616 from Cheeze-It/currentChristian Poessinger
mpls-conf: T915: Refactored template, handler, added global features
2020-11-22mpls-conf: T915: Refactored FRR LDP template, MPLS handler, added MPLS ↵Cheeze_It
global features So this is a big update. The first thing that was done was a refactor to the FRR LDP template, MPLS handler, and XML conf tree MPLS global additions. The refactors should work and I did test them in my lab. It seems that everything does work as needed so far in my testing. There is something here that is considered configuration breaking from the old setup though. In the old setup the MPLS interface operation (as in the interfaces accepting MPLS labels and processing them) was tied with LDP. What this means is that MPLS processing was enabled at the same time as LDP interfaces were configured. We do not want this behavior for the future as there's other MPLS underlay technologies like SR and RSVP. If someone wants to enable SR or RSVP without enabling LDP then they now can. Before, they couldn't. The other additions are global changes to MPLS TTL propagation and MPLS max TTL enforcement. They have now been added. Lastly, there is an frr-reload bug that Runar Borge found with this. We have found that when totally deleting LDP that there has to be 3 commits done. This is because frr-reload doesn't properly do what it needs to do in 1 operation so we had to do 3. This will only affect people that are doing an entire LDP clear using "delete protocols mpls ldp." Otherwise it isn't seen. Anyway, this refactor now works with the FRR daemon directly for all changes. This also makes it much easier for adding stuff in the future. Thank you
2020-11-22bgp: T2174: refactor Jinja template and reduce redundant pathsChristian Poessinger
The Jinja2 template contained a lot of redundant paths which only differed in either the address-family or neighbor vs. peer-group. This paths have been combined into for loops and a macro for generating a neighbor statement as peer-groups and regular neighbors share ~95% of the config.
2020-11-22isis: T1316: remove debug printChristian Poessinger
2020-11-21openvpn: T3060: fix client authentication username and password fileChristian Poessinger