vyos-1x.git/src/migration-scripts/l2tp, branch equuleus

vyos-1x.git/src/migration-scripts/l2tp, branch equuleus VyOS command definitions, scripts, and utilities (mirror of https://github.com/vyos/vyos-1x.git) https://git.amelek.net/vyos/vyos-1x.git/atom?h=equuleus 2020-04-18T12:31:51+00:00 pppoe-server: T2314: migrate IPv6 to common CLI nodes with embeeded validation 2020-04-18T12:31:51+00:00 Christian Poessinger christian@poessinger.com 2020-04-18T10:35:10+00:00 urn:sha1:901d5e89ec6e3fb0f3d13f90f0495a4dda592454 vpn: l2tp: T2264: migrate IPv6 prefix node to common CLI style 2020-04-11T13:12:52+00:00 Christian Poessinger christian@poessinger.com 2020-04-11T13:12:52+00:00 urn:sha1:07080afd4015a900fb7474e1c81008f58b478565 Combining multiple options into a single CLI node is considered bad practice. IPv6 prefixes consited of the prefix itself and a mask send to the client in one node only. The following CLI parts have been migrated from client-ipv6-pool { delegate-prefix fc00:0:1::/48,64 prefix 2001:db8::/64,64 } to client-ipv6-pool { delegate fc00:0:1::/48 { delegation-prefix 48 } prefix 2001:db8::/48 { mask 64 } } Thus regular validation steps from the VyOS CLI can be used when a prefix is configured. vpn: l2tp: T2264: remove RADIUS req-limit node 2020-04-11T09:25:59+00:00 Christian Poessinger christian@poessinger.com 2020-04-10T22:34:44+00:00 urn:sha1:9e07ddb150fbf235466ce6de6f209d0ea3038b06 It makes less sense for the user to specify this behavior. vpn: l2tp: T2264: combine WINS CLI syntax 2020-04-11T09:25:13+00:00 Christian Poessinger christian@poessinger.com 2020-04-10T17:43:38+00:00 urn:sha1:a533ca621567150732b58fc5176cd18b608f1f92 There is no reason to distinguish between WINS servers in terms of priority. This is solely a task which can be done in the underlaying Python scripts. vpn: l2tp: T2264: combine IPv4/IPv6 name-server CLI syntax 2020-04-11T09:25:13+00:00 Christian Poessinger christian@poessinger.com 2020-04-10T17:32:24+00:00 urn:sha1:6a2e75dbe4003c6987c6932296e68c486ff7b380 There is no reason to distinguish between an IPv4 and IPv6 name-server node on the CLI - this can be done in the underlaying Python scripts. l2tp: T1858: Delete deprecated outside-nexthop 2019-12-30T11:50:15+00:00 DmitriyEshenko dmitriy.eshenko@vyos.io 2019-12-30T11:50:15+00:00 urn:sha1:685e9fb19140d002bcae9f3b78d5bd0f33b172d0 migration-scripts: l2tp: T1811: add missing check on server existence 2019-11-18T20:15:08+00:00 Eshenko Dmitriy snooppy@mail.ua 2019-11-18T20:15:08+00:00 urn:sha1:fb72bc367234bf35628bdccf84b0b76108f6341e migration/l2tp: fix file comment 2018-11-12T19:37:08+00:00 Christian Poessinger christian@poessinger.com 2018-11-12T19:37:08+00:00 urn:sha1:2375e0876abeff26ba875419b62f974d0ff6122a T987: Unclutter L2TP/IPSec RADIUS configuration nodes 2018-11-11T16:32:34+00:00 Christian Poessinger christian@poessinger.com 2018-11-11T16:32:07+00:00 urn:sha1:979ad1a92af9ee2150ecfe5309a9d1b43fdad59d In other words, remove top level tag nodes from radius-server and introduce a regular "radius" node, thus we can add additional features, too. A migration script is provided in vyos-1x which takes care of this config migration. Change VyOS CLI from: vyos@vyos# show vpn l2tp remote-access { authentication { mode radius radius-server 172.16.100.10 { key barbarbar } radius-server 172.16.100.20 { key foofoofoo } radius-source-address 172.16.254.100 } To: vyos@vyos# show vpn l2tp remote-access { authentication { mode radius radius { server 172.16.100.10 { key barbarbar } server 172.16.100.20 { key foofoofoo } source-address 172.16.254.100 } }