From a8a3f59c74fa4f08963fdce1c3ccaae9799af4a5 Mon Sep 17 00:00:00 2001 From: rebortg Date: Mon, 9 Oct 2023 06:05:22 +0000 Subject: Github: update equuleus branch --- docs/_include/vyos-1x | 2 +- docs/changelog/1.3.rst | 24 ++++++++++++++++++++++++ 2 files changed, 25 insertions(+), 1 deletion(-) diff --git a/docs/_include/vyos-1x b/docs/_include/vyos-1x index da4006c2..e6118a08 160000 --- a/docs/_include/vyos-1x +++ b/docs/_include/vyos-1x @@ -1 +1 @@ -Subproject commit da4006c2a784ff06cf3af3aad6adee7fef8a5330 +Subproject commit e6118a08081faccaccea14fe1c30a633250ef901 diff --git a/docs/changelog/1.3.rst b/docs/changelog/1.3.rst index c3909e87..ba94b7be 100644 --- a/docs/changelog/1.3.rst +++ b/docs/changelog/1.3.rst @@ -8,6 +8,24 @@ _ext/releasenotes.py +2023-10-08 +========== + +* :vytask:`T5630` (feature): pppoe: allow to specify MRU in addition to already configurable MTU + + +2023-10-06 +========== + +* :vytask:`T5576` (feature): Add bgp remove-private-as all option + + +2023-10-04 +========== + +* :vytask:`T5632` (feature): Add jq package to parse JSON files + + 2023-09-25 ========== @@ -236,6 +254,12 @@ * :vytask:`T5280` (bug): Update Expired keys (2023-06-08) for PowerDNS +2023-06-13 +========== + +* :vytask:`T5213` (feature): Accel-ppp sending accounting interim updates acct-interim-interval option + + 2023-05-29 ========== -- cgit v1.2.3 From 6544de786001ddb43af2f4bf7c8019306101ba4d Mon Sep 17 00:00:00 2001 From: rebortg Date: Mon, 16 Oct 2023 06:05:33 +0000 Subject: Github: update equuleus branch --- docs/changelog/1.3.rst | 6 ------ 1 file changed, 6 deletions(-) diff --git a/docs/changelog/1.3.rst b/docs/changelog/1.3.rst index ba94b7be..fb5b2821 100644 --- a/docs/changelog/1.3.rst +++ b/docs/changelog/1.3.rst @@ -229,12 +229,6 @@ * :vytask:`T5313` (bug): UDP broadcast relay - missing verify() that relay interfaces have an IP address assigned -2023-06-28 -========== - -* :vytask:`T1237` (feature): Static Route Path Monitoring, failover - - 2023-06-26 ========== -- cgit v1.2.3 From 02e462900ff6b57102229fe7eaaeaca1dc045246 Mon Sep 17 00:00:00 2001 From: aslanvyos <126803786+aslanvyos@users.noreply.github.com> Date: Wed, 18 Oct 2023 12:14:46 +0400 Subject: Update site2site_ipsec.rst To make easily understandable the Site-to-Site VPN ikev2 configuration for users (specially if the user is new in VyOS) made the following changes: - Added dummy interface to both routers for testing purposes - Added static route for both routers for dummy interface --- docs/configuration/vpn/site2site_ipsec.rst | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/docs/configuration/vpn/site2site_ipsec.rst b/docs/configuration/vpn/site2site_ipsec.rst index 879f8dfa..0be12955 100644 --- a/docs/configuration/vpn/site2site_ipsec.rst +++ b/docs/configuration/vpn/site2site_ipsec.rst @@ -272,15 +272,28 @@ Imagine the following topology IPSec IKEv2 site2site VPN (source ./draw.io/vpn_s2s_ikev2.drawio) +**LEFT:** +* WAN interface on `eth0.201` +* `eth0.201` interface IP: `172.18.201.10/24` +* `vti10` interface IP: `10.0.0.2/31` +* `dum0` interface IP: `10.0.11.1/24` (for testing purposes we create the `dummy` interface) + +**RIGHT:** +* WAN interface on `eth0.202` +* `eth0.201` interface IP: `172.18.202.10/24` +* `vti10` interface IP: `10.0.0.3/31` +* `dum0` interface IP: `10.0.12.1/24` (for testing purposes we create the `dummy` interface) .. note:: Don't get confused about the used /31 tunnel subnet. :rfc:`3021` gives you additional information for using /31 subnets on point-to-point links. -**left** +**LEFT** .. code-block:: none + set interfaces ethernet eth0 vif 201 address '172.18.201.10/24' + set interfaces dummy dum0 address '10.0.11.1/24' set interfaces vti vti10 address '10.0.0.2/31' set vpn ipsec esp-group ESP_DEFAULT compression 'disable' @@ -311,10 +324,14 @@ Imagine the following topology set vpn ipsec site-to-site peer 172.18.202.10 vti bind 'vti10' set vpn ipsec site-to-site peer 172.18.202.10 vti esp-group 'ESP_DEFAULT' -**right** + set protocols static interface-route 10.0.12.0/24 next-hop-interface vti10 + +**RIGHT** .. code-block:: none + set interfaces ethernet eth0 vif 202 address '172.18.202.10/24' + set interfaces dummy dum0 address '10.0.12.1/24' set interfaces vti vti10 address '10.0.0.3/31' set vpn ipsec esp-group ESP_DEFAULT compression 'disable' @@ -345,6 +362,8 @@ Imagine the following topology set vpn ipsec site-to-site peer 172.18.201.10 vti bind 'vti10' set vpn ipsec site-to-site peer 172.18.201.10 vti esp-group 'ESP_DEFAULT' + set protocols static interface-route 10.0.11.0/24 next-hop-interface vti10 + Key Parameters: * ``authentication local-id/remote-id`` - IKE identification is used for -- cgit v1.2.3 From b6e9dbe49e4682d846a348a59f7ffbfb45786f08 Mon Sep 17 00:00:00 2001 From: aslanvyos <126803786+aslanvyos@users.noreply.github.com> Date: Wed, 18 Oct 2023 12:22:34 +0400 Subject: Update site2site_ipsec.rst To make easily understandable the Site-to-Site VPN ikev2 configuration for users (specially if the user is new in VyOS) made the following changes: Added dummy interface to both routers for testing purposes Added static route for both routers for dummy interface --- docs/configuration/vpn/site2site_ipsec.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuration/vpn/site2site_ipsec.rst b/docs/configuration/vpn/site2site_ipsec.rst index 0be12955..53109243 100644 --- a/docs/configuration/vpn/site2site_ipsec.rst +++ b/docs/configuration/vpn/site2site_ipsec.rst @@ -276,13 +276,13 @@ Imagine the following topology * WAN interface on `eth0.201` * `eth0.201` interface IP: `172.18.201.10/24` * `vti10` interface IP: `10.0.0.2/31` -* `dum0` interface IP: `10.0.11.1/24` (for testing purposes we create the `dummy` interface) +* `dum0` interface IP: `10.0.11.1/24` (for testing purposes) **RIGHT:** * WAN interface on `eth0.202` * `eth0.201` interface IP: `172.18.202.10/24` * `vti10` interface IP: `10.0.0.3/31` -* `dum0` interface IP: `10.0.12.1/24` (for testing purposes we create the `dummy` interface) +* `dum0` interface IP: `10.0.12.1/24` (for testing purposes) .. note:: Don't get confused about the used /31 tunnel subnet. :rfc:`3021` gives you additional information for using /31 subnets on point-to-point -- cgit v1.2.3 From fed53e5559e630460e6b22acd083fe0a6f75d218 Mon Sep 17 00:00:00 2001 From: rebortg Date: Mon, 23 Oct 2023 06:05:35 +0000 Subject: Github: update equuleus branch --- docs/_include/vyos-1x | 2 +- docs/changelog/1.3.rst | 21 +++++++++++++++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/docs/_include/vyos-1x b/docs/_include/vyos-1x index e6118a08..ef30b4b0 160000 --- a/docs/_include/vyos-1x +++ b/docs/_include/vyos-1x @@ -1 +1 @@ -Subproject commit e6118a08081faccaccea14fe1c30a633250ef901 +Subproject commit ef30b4b0ee52094edfdf9e230bf0fab1b092ed4e diff --git a/docs/changelog/1.3.rst b/docs/changelog/1.3.rst index fb5b2821..a5c60aba 100644 --- a/docs/changelog/1.3.rst +++ b/docs/changelog/1.3.rst @@ -8,6 +8,27 @@ _ext/releasenotes.py +2023-10-21 +========== + +* :vytask:`T5670` (bug): bridge: missing member interface validator +* :vytask:`T5191` (default): Replace underscores with hyphens in command-line options generated by vyos.opmode +* :vytask:`T4402` (bug): OpenVPN client-ip-pool option is broken +* :vytask:`T2719` (feature): Standardized op mode script structure + + +2023-10-19 +========== + +* :vytask:`T5669` (bug): VXLAN interface changing port does not work + + +2023-10-17 +========== + +* :vytask:`T5235` (bug): SSH keys with special characters cannot be applied via Cloud-init + + 2023-10-08 ========== -- cgit v1.2.3 From caee9ebe51ddd772db2e9d770e3c83a4ea86acf3 Mon Sep 17 00:00:00 2001 From: rebortg Date: Mon, 30 Oct 2023 06:19:15 +0000 Subject: Github: update equuleus branch --- docs/_include/vyos-1x | 2 +- docs/changelog/1.3.rst | 7 +++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/docs/_include/vyos-1x b/docs/_include/vyos-1x index ef30b4b0..ab98f66d 160000 --- a/docs/_include/vyos-1x +++ b/docs/_include/vyos-1x @@ -1 +1 @@ -Subproject commit ef30b4b0ee52094edfdf9e230bf0fab1b092ed4e +Subproject commit ab98f66de7ee115fed89c5304b99cc7bcbecbbcc diff --git a/docs/changelog/1.3.rst b/docs/changelog/1.3.rst index a5c60aba..dcb0959f 100644 --- a/docs/changelog/1.3.rst +++ b/docs/changelog/1.3.rst @@ -8,6 +8,13 @@ _ext/releasenotes.py +2023-10-26 +========== + +* :vytask:`T5684` (bug): services using VRF generates the error "Failed to load BPF prog: 'Operation not permitted'" when the system boots. +* :vytask:`T5594` (bug): VRRP - Error if using IPv6 Link Local as hello source address + + 2023-10-21 ========== -- cgit v1.2.3 From 5c8e68b287af5c3172086384b7227122ef3168d4 Mon Sep 17 00:00:00 2001 From: rebortg Date: Tue, 31 Oct 2023 19:13:51 +0000 Subject: Github: update equuleus branch --- docs/_include/vyos-1x | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/_include/vyos-1x b/docs/_include/vyos-1x index ab98f66d..67d65b70 160000 --- a/docs/_include/vyos-1x +++ b/docs/_include/vyos-1x @@ -1 +1 @@ -Subproject commit ab98f66de7ee115fed89c5304b99cc7bcbecbbcc +Subproject commit 67d65b70c2d63c86fa0dc63e8720d332dc3b6643 -- cgit v1.2.3 From 0744d2ef2b66f5a8fb36180f796d371a350ac9ee Mon Sep 17 00:00:00 2001 From: rebortg Date: Tue, 31 Oct 2023 21:05:32 +0000 Subject: Github: update equuleus branch --- docs/_include/vyos-1x | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/_include/vyos-1x b/docs/_include/vyos-1x index 67d65b70..c7042bd0 160000 --- a/docs/_include/vyos-1x +++ b/docs/_include/vyos-1x @@ -1 +1 @@ -Subproject commit 67d65b70c2d63c86fa0dc63e8720d332dc3b6643 +Subproject commit c7042bd0af8bb6d96a2defb01017cfb8d4c1cb7d -- cgit v1.2.3