Age | Commit message (Collapse) | Author |
|
Every time when set configuration bgp, you need set AS number. There is very
less benefit in this system so the AS number is moved from a tagNode level down
to a leafNode with the name "local-as", same as on the neighbor or peer-group
level.
This changes the CLI configuration from:
set protocols bgp 100 neighbor 10.10.1.2 remote-as 200
to
set protocols bgp local-as 100
set protocols bgp neighbor 10.10.1.2 remote-as 200
|
|
|
|
Removing a VLAN (VIF) interface from the CLI always deleted all interfaces the
kernel listed as "upper" in the /sys/class/net folder. This had the drawback
that when deleting a VIF, also the VRF interface was simply deleted - killing
all VRF related services.
|
|
http api: T3412: use FastAPI as web framework; support application/json
|
|
Replace the Flask micro-framework with FastAPI, in order to support
extensions to the API and OpenAPI 3.* generation. This change will
remain backwards compatible with previous versions. Notably, the
multipart forms version of requests remain supported; in addition
application/json requests are now natively supported.
|
|
|
|
bgp: ospf: T3434: op-mode refactoring for support vrf
|
|
|
|
|
|
vyos-configd now supports calling a script with a passed argument;
re-include the conf_mode scripts that were excluded in ba251b3f2c.
|
|
|
|
After upgrading FRR to a newer revision in stable/7.5 branch we can drop the
workaround where an additional whitespace was required after the "router
isis FOOO " statement.
Related to https://github.com/FRRouting/frr/pull/8306
|
|
This reverts commit d89455ee7f5dc21d00bbeddd57eaee2e32f45f99.
|
|
routing: T3217: Save configs of daemon per commit
|
|
Allows Dynamic DNS services with custom names to use the zone field if
the protocol is set to cloudflare
(cherry picked from commit 5ab6c20f8acd4dda1870b9a71fe73129d2f78b24)
|
|
|
|
If the script name is mangled, for any reason (e.g. missing support for
script arguments) checking against the exclude_set will yield a false
positive; check against the include_set, even if this is a longer
search.
|
|
|
|
processing
vyos-configd does yet not support calling a script with a passed argument, thus
we will exclude the routing protocols during this time from the vyos-configd
processing.
|
|
|
|
|
|
util: T3419: Handle IP addresses with netmasks and subnet prefixes in strip-private
|
|
|
|
configquery: T3402: add library for querying config values from op mode
|
|
strip-private
|
|
A small library that allows querying existence or value(s) of config
settings from op mode, and execution of arbitrary op mode commands.
|
|
ISIS: add VRF support
|
|
|
|
op-mode: T3403: Fix show pppoe sessions interupt
|
|
As we and FRR do not support multiple FRR process instances, there is no need
to make this configurable for a user. We rather rely on a solid default "VyOS".
|
|
|
|
|
|
We need to adjust the regex pattern for the default VRF as a trailing whitespace
is required due to an FRR issue: https://github.com/FRRouting/frr/issues/8300
|
|
|
|
|
|
The regex only validated interfaces according to the VyOS naming scheme, but
third party interfacs that are legit (e.g. exists within the kernel) failed
to validate.
The validator now also supports any kind of local interfaces attached to
the OS kernel.
|
|
Instead of multiple if/else paths, use a common vrf string variable which is
either populated or not. In addtion when interfaces are configured for a given
VRF, harden the regex for config reload.
|
|
VRF support can be tested using:
set vrf name red table 1000
set vrf name red protocols isis domain FOOO
set vrf name red protocols isis net 49.0001.1921.6800.1002.00
set vrf name red protocols isis interface eth1
|
|
|
|
As there can only be one running IS-IS process (FRR limitation) there is no need
in having a tagNode here. This adds artifical restrictions/limitations when
moving on to support VRFs for IS-IS protocol.
|
|
|
|
|
|
|
|
|
|
When NTP is executed inside a VRF context, we also must execute the op-mode
commands inside the given VRF.
This is a workaround until the op-mode programming library from T3402 is
available.
|
|
|
|
Within this example a MGMT VRF is used to administer the system, thus also move
the NTP portion into that VRF.
|
|
Private VLAN, also known as port isolation, is a technique in computer
networking where a VLAN contains switch ports that are restricted such that
they can only communicate with a given "uplink". The restricted ports are
called "private ports".
Each private VLAN typically contains many private ports, and a single uplink.
The uplink will typically be a port (or link aggregation group) connected to a
router, firewall, server, provider network, or similar central resource.
Q: https://en.wikipedia.org/wiki/Private_VLAN
|
|
|
|
|