summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/404.rst3
m---------docs/_include/vyos-1x0
-rw-r--r--docs/automation/cloud-init.rst16
-rw-r--r--docs/changelog/1.3.rst51
-rw-r--r--docs/changelog/1.4.rst80
-rw-r--r--docs/configuration/policy/local-route.rst31
-rw-r--r--docs/configuration/protocols/bfd.rst8
-rw-r--r--docs/configuration/service/dhcp-server.rst10
8 files changed, 183 insertions, 16 deletions
diff --git a/docs/404.rst b/docs/404.rst
index 85444615..5073773a 100644
--- a/docs/404.rst
+++ b/docs/404.rst
@@ -7,4 +7,5 @@ Sorry, We could not find a page.
Try using the search box or go to the release homepage:
* `1.2.x (crux) <https://docs.vyos.io/en/crux/>`_
- * `rolling release (equuleus) <https://docs.vyos.io/en/latest/>`_ \ No newline at end of file
+ * `1.3.x (equuleus) <https://docs.vyos.io/en/equuleus/>`_
+ * `rolling release (sagitta) <https://docs.vyos.io/en/latest/>`_
diff --git a/docs/_include/vyos-1x b/docs/_include/vyos-1x
-Subproject 221aee86f4d4291434dc60569d3d58da99639ff
+Subproject b4185f8356d69476292906ebe32daf1c4867601
diff --git a/docs/automation/cloud-init.rst b/docs/automation/cloud-init.rst
index 3ca8739b..0096d428 100644
--- a/docs/automation/cloud-init.rst
+++ b/docs/automation/cloud-init.rst
@@ -20,9 +20,11 @@ VyOS support three types of config sources.
* Metadata - Metadata is sourced by the cloud platform or hypervisor.
In some clouds, there is implemented as an HTTP endpoint at
``http://169.254.169.254``.
+
* Network configuration - This config source informs the system about the
network settings like IP addresses, routes, DNS. Available only in several
cloud and virtualization platforms.
+
* User-data - User-data is specified by the user. This config source offers the
ability to insert any CLI configuration commands into the configuration before
the first boot.
@@ -49,9 +51,9 @@ In VyOS, by default, enables only two modules:
* ``write_files`` - this module allows to insert any files into the filesystem
before the first boot, for example, pre-generated encryption keys,
certificates, or even a whole ``config.boot`` file.
+
* ``vyos_userdata`` - the module accepts a list of CLI configuration commands in
a ``vyos_config_commands`` section, which gives an easy way to configure the
-
system during deployment.
************************
@@ -75,9 +77,9 @@ commands are supported.
Commands requirements:
-* one command per line
-* if command ends in a value, it must be inside single quotes
-* a single-quote symbol is not allowed inside command or value
+* One command per line.
+* If command ends in a value, it must be inside single quotes.
+* A single-quote symbol is not allowed inside command or value.
The commands list produced by the ``show configuration commands`` command on a
VyOS router should comply with all the requirements, so it is easy to get a
@@ -105,9 +107,9 @@ System Defaults/Fallbacks
These are the VyOS defaults and fallbacks.
-* SSH is configured on port 22
-* ``vyos``/``vyos`` credentials if no others specified by data source
-* DHCP on first Ethernet interface if no network configuration is provided
+* SSH is configured on port 22.
+* ``vyos``/``vyos`` credentials if no others specified by data source.
+* DHCP on first Ethernet interface if no network configuration is provided.
All of these can be overridden using the configuration in user-data.
diff --git a/docs/changelog/1.3.rst b/docs/changelog/1.3.rst
index 8dcc08b0..210a17fa 100644
--- a/docs/changelog/1.3.rst
+++ b/docs/changelog/1.3.rst
@@ -8,6 +8,55 @@
_ext/releasenotes.py
+2022-02-06
+==========
+
+* :vytask:`T4228` (bug): bond: OS error thrown when two bonds use the same member
+
+
+2022-02-05
+==========
+
+* :vytask:`T4226` (bug): VRRP transition-script does not work for groups name which contains -(minus) sign
+
+
+2022-02-04
+==========
+
+* :vytask:`T4196` (bug): DHCP server client-prefix-length parameter results in non-functional leases
+
+
+2022-02-03
+==========
+
+* :vytask:`T3643` (bug): show vpn ipsec sa doesn't show tunnels in "down" state
+
+
+2022-02-01
+==========
+
+* :vytask:`T4198` (bug): Error shown on commit
+
+
+2022-01-29
+==========
+
+* :vytask:`T4153` (bug): Monitor bandwidth-test initiate not working
+
+
+2022-01-28
+==========
+
+* :vytask:`T4184` (bug): NTP allow-clients address doesn't work it allows to use ntp server for all addresses
+* :vytask:`T4115` (bug): reboot in <x> not working as expected
+
+
+2022-01-24
+==========
+
+* :vytask:`T4204` (feature): Update Accel-PPP to a newer revision
+
+
2022-01-17
==========
@@ -1418,7 +1467,7 @@
2021-02-16
==========
-* :vytask:`T3318` (feature): Update Linux Kernel to v5.4.172 / 5.10.92
+* :vytask:`T3318` (feature): Update Linux Kernel to v5.4.175 / 5.10.95
2021-02-14
diff --git a/docs/changelog/1.4.rst b/docs/changelog/1.4.rst
index 4d9c1ada..25a09d5e 100644
--- a/docs/changelog/1.4.rst
+++ b/docs/changelog/1.4.rst
@@ -8,6 +8,84 @@
_ext/releasenotes.py
+2022-02-06
+==========
+
+* :vytask:`T4223` (bug): policy route cannot have several entries with the same table
+* :vytask:`T4216` (bug): Firewall: can't use negated groups in firewall rules
+* :vytask:`T4178` (bug): policy based routing tcp flags issue
+* :vytask:`T4164` (bug): PBR: network groups (as well as address and port groups) don't resolve in `nftables_policy.conf`
+* :vytask:`T3970` (feature): Add support for op-mode PKI direct install into an active config session
+* :vytask:`T3828` (bug): ipsec: Subtle change in "pfs enable" behavior from equuleus -> sagitta
+* :vytask:`T4228` (bug): bond: OS error thrown when two bonds use the same member
+
+
+2022-02-05
+==========
+
+* :vytask:`T4226` (bug): VRRP transition-script does not work for groups name which contains -(minus) sign
+
+
+2022-02-04
+==========
+
+* :vytask:`T4196` (bug): DHCP server client-prefix-length parameter results in non-functional leases
+
+
+2022-02-03
+==========
+
+* :vytask:`T4218` (bug): firewall: rule name is not allowed to start with a number
+* :vytask:`T3643` (bug): show vpn ipsec sa doesn't show tunnels in "down" state
+
+
+2022-02-01
+==========
+
+* :vytask:`T4224` (bug): Ethernet interfaces configured for DHCP not working on latest rolling snapshot (vyos-1.4-rolling-202201291849-amd64.iso)
+* :vytask:`T4225` (bug): Performance degration with latest rolling release
+* :vytask:`T4220` (bug): Commit broke dhclient 78b247b724f74bdabab0706aaa7f5b00e5809bc1
+* :vytask:`T4138` (bug): NAT configuration allows to set incorrect port range and invalid port
+
+
+2022-01-29
+==========
+
+* :vytask:`T4153` (bug): Monitor bandwidth-test initiate not working
+
+
+2022-01-28
+==========
+
+* :vytask:`T4184` (bug): NTP allow-clients address doesn't work it allows to use ntp server for all addresses
+* :vytask:`T4115` (bug): reboot in <x> not working as expected
+* :vytask:`T4217` (bug): firewall: port-group requires protocol to be set - but not in VyOS 1.3
+
+
+2022-01-27
+==========
+
+* :vytask:`T4213` (default): ipv6 policy routing not working anymore
+* :vytask:`T4188` (bug): Firewall does not correctly handle conntracking
+* :vytask:`T3762` (feature): Support network and address groups for policy ipv6-route
+* :vytask:`T3560` (feature): Ability to create groups of MAC addresses
+* :vytask:`T3495` (feature): Modernising port/protocol definitions
+
+
+2022-01-25
+==========
+
+* :vytask:`T4205` (feature): Disable Debian Version in SSH (DebianBanner->no)
+* :vytask:`T4131` (bug): Show firewall group incorrect format members
+
+
+2022-01-24
+==========
+
+* :vytask:`T4204` (feature): Update Accel-PPP to a newer revision
+* :vytask:`T1795` (default): Commit rollback by timeout
+
+
2022-01-23
==========
@@ -1661,7 +1739,7 @@
==========
* :vytask:`T3313` (bug): ospfv3 interface missing options
-* :vytask:`T3318` (feature): Update Linux Kernel to v5.4.172 / 5.10.92
+* :vytask:`T3318` (feature): Update Linux Kernel to v5.4.175 / 5.10.95
2021-02-15
diff --git a/docs/configuration/policy/local-route.rst b/docs/configuration/policy/local-route.rst
index 0b0122ab..e938f3cc 100644
--- a/docs/configuration/policy/local-route.rst
+++ b/docs/configuration/policy/local-route.rst
@@ -8,8 +8,8 @@ Policies for local traffic are defined in this section.
Configuration
*************
-Local Route
-===========
+Local Route IPv4
+================
.. cfgcmd:: set policy local-route rule <1-32765> set table <1-200|main>
@@ -18,3 +18,30 @@ Local Route
.. cfgcmd:: set policy local-route rule <1-32765> source <x.x.x.x|x.x.x.x/x>
Set source address or prefix to match.
+
+.. cfgcmd:: set policy local-route rule <1-32765> destination <x.x.x.x|x.x.x.x/x>
+
+ Set destination address or prefix to match.
+
+.. cfgcmd:: set policy local-route rule <1-32765> inbound-interface <interface>
+
+ Set inbound interface to match.
+
+Local Route IPv6
+================
+
+.. cfgcmd:: set policy local-route6 rule <1-32765> set table <1-200|main>
+
+ Set routing table to forward packet to.
+
+.. cfgcmd:: set policy local-route6 rule <1-32765> source <h:h:h:h:h:h:h:h|<h:h:h:h:h:h:h:h/x>
+
+ Set source address or prefix to match.
+
+.. cfgcmd:: set policy local-route6 rule <1-32765> destination <h:h:h:h:h:h:h:h|<h:h:h:h:h:h:h:h/x>
+
+ Set destination address or prefix to match.
+
+.. cfgcmd:: set policy local-route6 rule <1-32765> inbound-interface <interface>
+
+ Set inbound interface to match. \ No newline at end of file
diff --git a/docs/configuration/protocols/bfd.rst b/docs/configuration/protocols/bfd.rst
index 60f9ffd0..dac1bf0f 100644
--- a/docs/configuration/protocols/bfd.rst
+++ b/docs/configuration/protocols/bfd.rst
@@ -1,4 +1,4 @@
-:lastproofread: 2021-09-28
+:lastproofread: 2022-02-05
.. include:: /_include/need_improvement.txt
@@ -72,11 +72,11 @@ Enable BFD in BGP
Enable BFD in OSPF
------------------
-.. cfgcmd:: set interfaces ethernet <interface> ip ospf bfd
+.. cfgcmd:: set protocols ospf interface <interface> bfd
Enable BFD for OSPF on an interface
-.. cfgcmd:: set interfaces ethernet <interface> ipv6 ospfv3 bfd
+.. cfgcmd:: set protocols ospfv3 interface <interface> bfd
Enable BFD for OSPFv3 on an interface
@@ -93,7 +93,7 @@ Enable BFD in ISIS
Operational Commands
====================
-.. opcmd:: show protocols bfd peer
+.. opcmd:: show bfd peers
Show all BFD peers
diff --git a/docs/configuration/service/dhcp-server.rst b/docs/configuration/service/dhcp-server.rst
index 9d0e0855..357203fd 100644
--- a/docs/configuration/service/dhcp-server.rst
+++ b/docs/configuration/service/dhcp-server.rst
@@ -21,6 +21,16 @@ address.
Configuration
=============
+.. cfgcmd:: set service dhcp-server hostfile-update
+
+ Create DNS record per client lease, by adding clients to /etc/hosts file.
+ Entry will have format: `<shared-network-name>_<hostname>.<domain-name>`
+
+.. cfgcmd:: set service dhcp-server host-decl-name
+
+ Will drop `<shared-network-name>_` from client DNS record, using only the
+ host declaration name and domain: `<hostname>.<domain-name>`
+
.. cfgcmd:: set service dhcp-server shared-network-name <name> domain-name <domain-name>
The domain-name parameter should be the domain name that will be appended to