summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--docs/_include/interface-xdp.txt32
m---------docs/_include/vyos-1x0
-rw-r--r--docs/changelog/1.4.rst42
-rw-r--r--docs/configuration/interfaces/bonding.rst7
-rw-r--r--docs/configuration/interfaces/ethernet.rst23
-rw-r--r--docs/configuration/interfaces/wireguard.rst2
-rw-r--r--docs/configuration/vpn/l2tp.rst22
7 files changed, 56 insertions, 72 deletions
diff --git a/docs/_include/interface-xdp.txt b/docs/_include/interface-xdp.txt
deleted file mode 100644
index cee9933b..00000000
--- a/docs/_include/interface-xdp.txt
+++ /dev/null
@@ -1,32 +0,0 @@
-.. cfgcmd:: set interfaces {{ var0 }} <interface> xdp
-
- Enable support for Linux :abbr:`XDP (eXpress Data Path)` on recent 1.4 rolling
- releases. You must enable it for every interface which should participate in
- the XDP forwarding.
-
- XDP is an eBPF based high performance data path merged in the Linux kernel
- since version 4.8. The idea behind XDP is to add an early hook in the RX path
- of the kernel, and let a user supplied eBPF program decide the fate of the
- packet. The hook is placed in the NIC driver just after the interrupt
- processing, and before any memory allocation needed by the network stack
- itself, because memory allocation can be an expensive operation.
-
- .. warning:: This is highly experimental!
-
- .. note:: Enabling this feature will break any form of NAT or Firewalling on
- this interface, as XDP is handled way earlier in the driver then iptables/
- nftables.
-
- Enabling this feature will only load the XDP router code as described here:
-
- .. stop_vyoslinter
-
- https://blog.apnic.net/2020/04/30/how-to-build-an-xdp-based-bgp-peering-router/
-
- .. start_vyoslinter
-
- Example:
-
- .. code-block:: none
-
- set interfaces {{ var0 }} {{ var1 }} xdp
diff --git a/docs/_include/vyos-1x b/docs/_include/vyos-1x
-Subproject 12b7da289665c75c3839b32c77a491d8909f3e7
+Subproject 062b1e857bb70f75315826fee756784244fbd46
diff --git a/docs/changelog/1.4.rst b/docs/changelog/1.4.rst
index d7c75ee6..233fe0fd 100644
--- a/docs/changelog/1.4.rst
+++ b/docs/changelog/1.4.rst
@@ -8,6 +8,48 @@
_ext/releasenotes.py
+2023-06-18
+==========
+
+* :vytask:`T5295` ``(bug): QoS shaper incorrect rate limit the traffic``
+* :vytask:`T5256` ``(bug): QoS expects protocol number but not protocol name``
+
+
+2023-06-13
+==========
+
+* :vytask:`T5258` ``(bug): git Actions use ubuntu-22.04 instead of deprecated ubuntu-18.04 for PR conflicts checker``
+* :vytask:`T5222` ``(feature): Add load-balancing reverse-proxy based on haproxy``
+* :vytask:`T5213` ``(feature): Accel-ppp sending accounting interim updates acct-interim-interval option``
+* :vytask:`T5171` ``(feature): Use XML for conf-mode "load-balancing wan" instead of legacy templates``
+
+
+2023-06-12
+==========
+
+* :vytask:`T5282` ``(bug): Poweroff now does not work``
+* :vytask:`T5264` ``(feature): Add Mellanox Technologies firmware flash module mlxfw to kernel``
+* :vytask:`T5286` ``(feature): Remove XDP support``
+
+
+2023-06-10
+==========
+
+* :vytask:`T5231` ``(feature): Add op-mode for load-balancing reverse-proxy``
+
+
+2023-06-09
+==========
+
+* :vytask:`T5253` ``(bug): MPLS config removed at boot when wireguard interfaces present``
+
+
+2023-06-05
+==========
+
+* :vytask:`T5259` ``(bug): Openconnect cannot pass migration 1-to-2``
+
+
2023-06-02
==========
diff --git a/docs/configuration/interfaces/bonding.rst b/docs/configuration/interfaces/bonding.rst
index 3d30f1a5..3c8ebd0d 100644
--- a/docs/configuration/interfaces/bonding.rst
+++ b/docs/configuration/interfaces/bonding.rst
@@ -271,13 +271,6 @@ Bond options
The maximum number of targets that can be specified is 16. The default value
is no IP address.
-Offloading
-----------
-
-.. cmdinclude:: /_include/interface-xdp.txt
- :var0: bondinging
- :var1: bond0
-
VLAN
====
diff --git a/docs/configuration/interfaces/ethernet.rst b/docs/configuration/interfaces/ethernet.rst
index 76f02d6d..4eb1b5f4 100644
--- a/docs/configuration/interfaces/ethernet.rst
+++ b/docs/configuration/interfaces/ethernet.rst
@@ -289,26 +289,3 @@ Operation
.. stop_vyoslinter
-.. opcmd:: show interfaces ethernet <interface> xdp
-
- Display XDP forwarding statistics
-
- .. code-block:: none
-
- vyos@vyos:~$ show interfaces ethernet eth1 xdp
-
- Collecting stats from BPF map
- - BPF map (bpf_map_type:6) id:176 name:xdp_stats_map key_size:4 value_size:16 max_entries:5
- XDP-action
- XDP_ABORTED 0 pkts ( 0 pps) 0 Kbytes ( 0 Mbits/s) period:0.250340
- XDP_DROP 0 pkts ( 0 pps) 0 Kbytes ( 0 Mbits/s) period:0.250317
- XDP_PASS 0 pkts ( 0 pps) 0 Kbytes ( 0 Mbits/s) period:0.250314
- XDP_TX 0 pkts ( 0 pps) 0 Kbytes ( 0 Mbits/s) period:0.250313
- XDP_REDIRECT 0 pkts ( 0 pps) 0 Kbytes ( 0 Mbits/s) period:0.250313
-
- XDP-action
- XDP_ABORTED 0 pkts ( 0 pps) 0 Kbytes ( 0 Mbits/s) period:2.000410
- XDP_DROP 0 pkts ( 0 pps) 0 Kbytes ( 0 Mbits/s) period:2.000414
- XDP_PASS 0 pkts ( 0 pps) 0 Kbytes ( 0 Mbits/s) period:2.000414
- XDP_TX 0 pkts ( 0 pps) 0 Kbytes ( 0 Mbits/s) period:2.000414
- XDP_REDIRECT 0 pkts ( 0 pps) 0 Kbytes ( 0 Mbits/s) period:2.000414
diff --git a/docs/configuration/interfaces/wireguard.rst b/docs/configuration/interfaces/wireguard.rst
index 18a888df..5eb10fe8 100644
--- a/docs/configuration/interfaces/wireguard.rst
+++ b/docs/configuration/interfaces/wireguard.rst
@@ -194,6 +194,7 @@ traffic.
set interfaces wireguard wg01 peer to-wg01 port '51820'
set interfaces wireguard wg01 peer to-wg01 public-key 'EKY0dxRrSD98QHjfHOK13mZ5PJ7hnddRZt5woB3szyw='
set interfaces wireguard wg01 port '51820'
+ set interfaces wireguard wg01 private-key 'OLTQY3HuK5qWDgVs6fJR093SwPgOmCKkDI1+vJLGoFU='
set protocols static route 192.168.1.0/24 interface wg01
@@ -291,6 +292,7 @@ value needs to be lower than the UDP timeout.
pubkey BknHcLFo8nOo8Dwq2CjaC/TedchKQ0ebxC7GYn7Al00=
}
port 2224
+ private-key OLTQY3HuK5qWDgVs6fJR093SwPgOmCKkDI1+vJLGoFU=
}
The following is the config for the iPhone peer above. It's important to
diff --git a/docs/configuration/vpn/l2tp.rst b/docs/configuration/vpn/l2tp.rst
index 8dc34ee4..6ea1cc7d 100644
--- a/docs/configuration/vpn/l2tp.rst
+++ b/docs/configuration/vpn/l2tp.rst
@@ -73,15 +73,16 @@ parameter to the client.
set vpn l2tp remote-access name-server '198.51.100.8'
set vpn l2tp remote-access name-server '198.51.100.4'
-Established sessions can be viewed using the **show vpn remote-access**
-operational command, or **show l2tp-server sessions**
+Established sessions can be viewed using the **show l2tp-server sessions**
+operational command
.. code-block:: none
- vyos@vyos:~$ show vpn remote-access
- ifname | username | calling-sid | ip | rate-limit | type | comp | state | uptime
- --------+----------+--------------+---------------+------------+------+------+--------+----------
- ppp0 | vyos | 192.168.0.36 | 192.168.255.1 | | l2tp | | active | 00:06:13
+ vyos@vyos:~$ show l2tp-server sessions
+ ifname | username | ip | ip6 | ip6-dp | calling-sid | rate-limit | state | uptime | rx-bytes | tx-bytes
+ --------+----------+---------------+-----+--------+-------------+------------+--------+----------+----------+----------
+ l2tp0 | test | 192.168.255.3 | | | 192.168.0.36 | | active | 02:01:47 | 7.7 KiB | 1.2 KiB
+
LNS (L2TP Network Server)
@@ -128,10 +129,11 @@ The rate-limit is set in kbit/sec.
set vpn l2tp remote-access authentication local-users username test rate-limit download 20480
set vpn l2tp remote-access authentication local-users username test rate-limit upload 10240
- vyos@vyos:~$ show vpn remote-access
- ifname | username | calling-sid | ip | rate-limit | type | comp | state | uptime
- -------+----------+--------------+---------------+-------------+------+------+--------+-----------
- ppp0 | test | 192.168.0.36 | 192.168.255.2 | 20480/10240 | l2tp | | active | 00:06:30
+ vyos@vyos:~$ show l2tp-server sessions
+ ifname | username | ip | ip6 | ip6-dp | calling-sid | rate-limit | state | uptime | rx-bytes | tx-bytes
+ --------+----------+---------------+-----+--------+-------------+------------+--------+----------+----------+----------
+ l2tp0 | test | 192.168.255.3 | | | 192.168.0.36 | | active | 02:01:47 | 7.7 KiB | 1.2 KiB
+
RADIUS authentication
======================