Age | Commit message (Collapse) | Author |
|
|
|
The current implementation for bridge based interfaces has an issue which is
caused by priority inheritance. We always assumed that the bridge interface will
be created last, but this may not be true in all cases, where some interfaces
will be created "on demand" - e.g. OpenVPN or late (VXLAN, GENEVE).
As we already have a bunch of verify steps in place we should not see a bridge
interface leak to the underlaying infrastructure code. This means, whenever an
interface will be member of a bridge, and the bridge does yet not exist, we will
create it in advance in the interface context, as the bridge code will be run
in the same commit but maybe sooner or later.
This will also be the solution for T2924.
|
|
|
|
|
|
sysctl-forwarding: T752: Add disable forwarding for ipv4
|
|
|
|
conf-mode: T2938: Add format octet-counted for syslog
|
|
|
|
ipoe-server: T2978: Add required proxy-arp by default
|
|
|
|
T2981, Adding MPLS LDP Neighbor Reset functionality
|
|
Configuration was actually made by Viacheslav. I just added it in here, and tested it. It does test. Viacheslav tested it as well.
I cannot take credit for this, even though he's giving me PR. Thanks goes to him.
|
|
op-mode: T2965: Add CLI protocols bfd peers
|
|
|
|
conf-mode: T915: Add mpls ldp explicit and holdtime commands
|
|
|
|
pppoe-server: T2972: Increase rate limit validator
|
|
We must use XML node style (hyphen over underscore).
|
|
|
|
|
|
|
|
|
|
|
|
The mandatory colon for separating the IPv6 address and port was missing.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
pdns_recursor: T2964: Expose query-local-address to dns config.
|
|
In certain split DNS configurations, there is a need for more
fine-grained control over the local address DNS forwarding uses to
issue queries. The current pdns_recursor configuration allows the
recursor to send queries from any available address on the interface
the OS selects for the query, with no option to limit queries to a
particular address or set of addresses.
This commit exposes the `query-local-address` option in
`recursor.conf` to users via the `service` `dns` `forwarding`
`source-address` config node.
If the parameter is unspecified, the default value of 0.0.0.0 (any
IPv4 address) and :: (any IPv6 address) are used to match current
behavior.
Users who want more control can specify one or more IPv4 and IPv6
addresses to issue queries from. Per pdns_recursor docs, the recursor
will load balance queries between any available addresses in the
pools. Since IPv4 and IPv6 are different pools, note that specifying
only one type of address will disable issuing queries for the other
address family.
|
|
|
|
conf-mode: T2782: Restart rsyslog after changing timezone
|
|
|
|
|
|
|
|
Update search domain error message to match new validation logic
|
|
(also converted file to unix line endings)
|
|
Required to not trigger the "Misssing WPA key or RADIUS server" exception due
to the new default value added in commit 2a0428bf ("wireless: T2963: set default
'both' on 'security wpa mode'").
|
|
|
|
Commit 5db3d631 ("ifconfig: mtu: disallow MTU < 1280 bytes when IPv6 is enabled
on the interface") checked the "mtu" key for it's value and the test only passed
if mtu was larger then the required 1280 bytes when IPv6 address have
been configured on the link.
wireless (WiFi) interfaces have no MTU node - thus this always resulted in a
Python KeyError.
|
|
Migrate the domain-search node (which occurs three times) to an includable
snippet. Also re-use the fqdn validator to keep the regex patterns to as few
locations as possible.
|
|
dhcpv6: T2961: support stateless dhcpv6 clients
|
|
For both source and destination NAT always the LOG name contained DST - which
is definately false. This has been corrected to use SRC and DST on the
appropriate rules.
|
|
This commit adds support for configuring the DHCPv6 server to serve
"stateless" DHCPv6 clients (those that send an information-request
message and do not request an address).
The change introduces a `common-options` node at the
`shared-network-name` level, which allows specifying options
applicable to clients regardless of subnet assigned (or in the case of
stateless clients, when no subnet is assigned). Parameters specified
at the subnet level take precedence over those set at the
shared-network level.
Presently, only parameters that are meaningful to stateless clients
have been exposed under `common-options`, as there is no precedent of
exposing parameters at multiple levels under the current DHCPv4 or
DHCPv6 configuration syntax. If desired, additional parameters could
certainly be added with relative ease.
|
|
Remove duplicate localhost listen IP addresses. Commit ca61add5e7 ("ntp: T2944:
By default do not listen port 123 on any address") explicitly added listen
statements for localhost.
|
|
|
|
|
|
As VyOS vrux (1.2.7) requires a mirgator (1-to-2) for the MPPE node change
(T2829) we need to shift all other migrators in 1.3 by one.
As migrators probe the existance of nodes no negative side-effects are
expected.
|