| Age | Commit message (Collapse) | Author |
|---|
|
Currently VyOS only supports binding a service to one individual VRF. It might
become handy to have the services (initially it will be VRF, NTP and SNMP) be
bound to multiple VRFs.
Changed VRF from leafNode to multi leafNode with defaultValue: default - which
is the name of the default VRF.
|
|
|
|
|
|
system: T6193: invalid warning "is not a DHCP interface but uses DHCP name-server option"
|
|
dhcpv6-client: T2590: fix vyos-hostsd update for nameserver and search domains
|
|
T6178: Check that certificate exists during reverse-proxy commit
|
|
After migrating from ISC DHCLIENT for IPv6 to wide-dhcp-client the logic which
was present to update /etc/resolv.conf with the DHCP specified nameservers and
also the search domain list was no longer present.
This commit adds a per interface rendered script to inform vyos-hostsd about
the received IPv6 nameservers and search domains.
|
|
name-server option"
This fixes an invalid warning when using a DHCP VLAN interface to retrieve the
system nameserver to be used. VLAN CLI config is not properly expanded
leading to a false warning:
[ system name-server eth1.10 ]
WARNING: "eth1.10" is not a DHCP interface but uses DHCP name-server option!
|
|
|
|
T6185: simplify marshalling of section and config data for config-sync
|
|
dhcp-server: T4718: Listen-address is not commit if the ip address is on the interface with vrf
|
|
accel-ppp: T6187: use correct CPU counts adjusted for SMT
|
|
|
|
bgp: T6106: Valid commit error for route-reflector-client option defined in peer-group
|
|
image-tools: T6186: simplify image annotations fixing regression
|
|
|
|
peer-group
changed exception condition
Improved route_reflector_client test
|
|
|
|
Package path/section data in single command containing a tree (dict) of
section paths and the accompanying config data. This drops the call to
get_config_dict and the need for a list of commands in request.
|
|
|
|
dhcp: T6174: Add TACACS/Radius users to _kea group
|
|
Also raise op-mode error when unable to fetch data from Kea socket
|
|
openvpn: T6159: Openvpn Server Op-cmd adds heading "OpenVPN status on vtunx" for every client connection
|
|
vyos.system.grub: T3664: add chroot argument to the GRUB install function
|
|
vyos.template: T3664: add an environment variable for template location
|
|
to allow unmodified code to be executed from anywhere,
even outside of VyOS installations
|
|
to faciliate running it outside of a VyOS installation
|
|
T5832: VRRP allow set interface for exluded-address
|
|
ipsec: T5606: T5871: Use multi node for CA certificates
|
|
T5872: ipsec remote access VPN: support dhcp-interface.
|
|
grub: T4516: correct a format string
|
|
|
|
This changes behaviour from fetching CA chain in PKI, to the user manually setting CA certificates.
Prevents unwanted parent CAs existing in PKI from being auto-included as may not be desired/intended.
|
|
Ability to set interface for `excluded-address`
The excluded-addresses are not listed in the VRRP packet (adverts packets).
We have this ability for `address`, add the same feature for the
excluded-address
```
set high-availability vrrp group GRP-01 excluded-address 192.0.2.202 interface 'dum2'
set high-availability vrrp group GRP-01 excluded-address 192.0.2.203 interface 'dum3'
```
|
|
op-mode: T6175: "renew dhcp interface <name>" does not check for DHCP interface
|
|
for every client connection
Don't show duplicate info of vtunx
show header when clints is not connected but server is configured
|
|
interface with vrf
|
|
image-tools: T6168: compat mode update should preserve console type
|
|
T6121: Extend config-sync for QoS and system options
|
|
The current op-mode script simply calls sudo systemctl restart "dhclient@$4.service"
with no additional information about a client interface at all.
This results in useless dhclient processes
root 47812 4.7 0.0 5848 3584 ? Ss 00:30 0:00 /sbin/dhclient -4 -d
root 48121 0.0 0.0 4188 3072 ? S 00:30 0:00 \_ /bin/sh /sbin/dhclient-script
root 48148 50.0 0.2 18776 11264 ? R 00:30 0:00 \_ python3 -
Which also assign client leases to all local interfaces, if we receive one
valid DHCPOFFER
vyos@vyos:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface IP Address MAC VRF MTU S/L Description
----------- ----------------- ----------------- ------- ----- ----- -------------
eth0 - 00:50:56:bf:c5:6d default 1500 u/u
eth0.10 172.16.33.102/24 00:50:56:bf:c5:6d default 1500 u/u
eth1 172.16.33.131/24 00:50:56:b3:38:c5 default 1500 u/u
172.16.33.102/24 and 172.16.33.131/24 are stray DHCP addresses.
This commit moved the renew command to the DHCP op-mode script to properly
validate if the interface we request a renew for, has actually a dhcp address
configured. In additional this exposes the renew feature to the API.
|
|
Extent the service config-sync for sections:
- qos interface
- qos policy
- system conntrack
- system flow-accounting
- system option
- system sflow
- system static-host-mapping
- system sysctl
|
|
Add system image in compatibility mode would set the default boot
without reference to console_type; fix the translation of default to
the correct index in compat grub.cfg.
|
|
bgp: T6106: fix test and verify()
|
|
T6171: dhcp-server: add fix for smoketest
|
|
|
|
|
|
T6171: migrate <set service dhcp-server failover> to <set service dhcp-server high-availability>
|
|
dhcp-server high-availability>.
|
|
ospf: T6066: can not define the same network in different areas
|
|
Users can not (FRR fails) commit the same network belonging to different OSPF
areas. Add verify() check to prevent this.
|
