summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-03-17Merge pull request #1898 from sever-sever/T5086-defChristian Breunig
T5086: Fix sflow fix default values for server
2023-03-17T5086: Fix sflow fix default values for serverViacheslav Hletenko
We drop default values 'port' but don't set it again per server Fix it
2023-03-17Merge pull request #1897 from sever-sever/T5086Christian Breunig
T5086: Add sFlow drop-monitor-limit option
2023-03-17T5086: Add sFlow drop-monitor-limit optionViacheslav Hletenko
hsflowd will export the headers of dropped packets (along with the name of the function in the Linux kernel where that skb was dropped) as part of the standard sFlow feed. This measurement complements the sFlow packet sampling and counter-telemetry well because it provides visibility into the traffic that is not flowing. Very helpful for troubleshooting. The limit (a rate limit max of N drops per second sent out in the sFlow datagrams) is the parameter you would set in the CLI. set system sflow drop-monitor-limit 50
2023-03-16Merge pull request #1895 from sever-sever/T5091Christian Breunig
T5091: IPoE-server verify RADIUS settings
2023-03-16opmode: T4837: support ip route display for specific prefixes inside VRFChristian Breunig
2023-03-16Merge pull request #1893 from sever-sever/T5092Christian Breunig
T5092: IPoE-server named pool must not rely on auth type
2023-03-16Merge pull request #1891 from sever-sever/T5086Christian Breunig
T5086: Add sFlow feature based on hsflowd
2023-03-16T5091: IPoE-server verify RADIUS settingsViacheslav Hletenko
As we don't have global option 'gateway-address' for ipoe-server we cannot use general configverify.verify_accel_ppp_base_service Add verify radius setting for configuration mode 'radius' Radius authentication required at least one RADIUS server
2023-03-16T5092: IPoE-server named pool must not rely on auth typeViacheslav Hletenko
Named pools for ipoe-server must not rely on autentication type It is a separate global option for [ipoe] and [ip-pool] sections
2023-03-16T5086: Add sFlow feature based on hsflowdViacheslav Hletenko
Add sFlow feature based on hsflowd According to user reviews, it works more stable and more productive than pmacct I haven't deleted 'pmacct' 'system flow-accounting sflow' yet It could be migrated or deprecated later set system sflow agent-address '192.0.2.14' set system sflow interface 'eth0' set system sflow interface 'eth1' set system sflow polling '30' set system sflow sampling-rate '100' set system sflow server 192.0.2.1 port '6343' set system sflow server 192.0.2.11 port '6343'
2023-03-14Merge pull request #1890 from nicolas-fort/T5055Viacheslav Hletenko
T5055: NAT: extend packet-type to NAT
2023-03-14T5055: NAT: extend packet-type match option which was previously introduced ↵Nicolas Fort
in firewall, to NAT
2023-03-14Merge pull request #1888 from sever-sever/T5085Christian Breunig
T5085: Fix ipv6 route-map for ospfv3
2023-03-14T5085: Fix ipv6 route-map for ospfv3Viacheslav Hletenko
Add template to generate zebra "ipv6 protocol ospf6 route-map xxx"
2023-03-13Merge pull request #1886 from sever-sever/T2516Christian Breunig
T2516: Exclude veth interfaces from duplex and speed check
2023-03-13T2516: Exclude veth interfaces from duplex and speed checkViacheslav Hletenko
Exclude interfaces with 'veth' driver from duplex and speed check
2023-03-12Debian: bump compat (debian helper) version 10 -> 12Christian Breunig
2023-03-12Revert "Debian: T2216: add netavark dependency for podman containers"Christian Breunig
This reverts commit 9ed4113d6c4809a0126d04c99d60eaa76a7b6b15.
2023-03-11container: T5003: add dependency on fuse-overlayfsChristian Breunig
Fix podman error about invalid storage: [graphdriver] prior storage driver overlay failed: 'overlay' is not supported over overlayfs, a mount_program is required: backing file system is unsupported for this graph driver" Error: 'overlay' is not supported over overlayfs, a mount_program is required: backing file system is unsupported for this graph driver.
2023-03-11keepalived: T5003: remove Debian default config path from ConditionFileNotEmptyChristian Breunig
Also ExecReload is a duplicate of the base service file
2023-03-11Debian: T2216: add netavark dependency for podman containersChristian Breunig
2023-03-11keepalived: T5003: move to Debian upstream versionChristian Breunig
2023-03-11Debian: remove python3-pyhumps from build dependencies, provided via pip in ↵Christian Breunig
container
2023-03-10openvpn: xml: T1843: re-use generic username and password building blockChristian Breunig
2023-03-10rpki: xml: T3255: re-use generic username building blockChristian Breunig
2023-03-10system: proxy: xml: T1843: re-use generic username and password building blockChristian Breunig
2023-03-10Merge pull request #1871 from nicolas-fort/T5055Christian Breunig
T5055: Firewall: add packet-type matcher in firewall and route policy
2023-03-10container: T4959: add registry authentication optionChristian Breunig
Container registry CLI node changed from leafNode to tagNode with the same defaults. In addition we can now configure an authentication option per registry.
2023-03-10schema: T5079: extension to support defaultValues on tagNodesChristian Breunig
2023-03-10xml: bgp: T5070: split out CLI definitions to include files which can be reusedChristian Breunig
2023-03-10Merge pull request #1884 from sever-sever/T5058Christian Breunig
T5058: Fix range_to_regex list argument
2023-03-10T5058: Fix range_to_regex list argumentViacheslav Hletenko
Values of the list for the 'range_to_regex' could be not only range values as ['10-20', '22-30'] but also and not range values like ['10-20', '30', '80'] Fix if we args is list and non range values are exists in ths list % range_to_regex(['10-20', '80']) '(1\\d|20|80)'
2023-03-10Merge pull request #1876 from jestabro/codegenChristian Breunig
graphql: T5068: generate client operations for code generation tools
2023-03-10Merge pull request #1880 from ichdasich/add_bgp_nexthop_to_vrfChristian Breunig
T5070: Added show bgp martian/show bgp nexthop to bgp in vrf
2023-03-10Merge pull request #1883 from sever-sever/T4973Christian Breunig
T4973: DHCP server fix output for long leases
2023-03-10Merge pull request #1882 from aapostoliuk/T5074-sagittaChristian Breunig
util: T5074: Fixed decoding of certificate value to UTF-8 string
2023-03-10T4973: DHCP server fix output for long leasesViacheslav Hletenko
With long lease time for example lease '4294967295' seconds it is impossible to get end lease as value is 'ends never;' It cause error to get timestamp() from 'ends never' and remaining time 'lease.end - datetime.utcnow()' Set default remaining and end lease to '-' if we cannot get this info
2023-03-10util: T5074: Fixed decoding of certificate value to UTF-8 stringaapostoliuk
Fixed decoding of certificate value returned by vici to UTF-8 string.
2023-03-09xml: T4952: improve interface completion helper CLI experienceChristian Breunig
2023-03-09Merge pull request #1881 from sarthurdev/qos_fixChristian Breunig
qos: T5018: Fix issues between QoS and interface mirror/redirect
2023-03-09qos: T5018: Use configdep to fix interface mirror/redirect issuesarthurdev
This will check if mirror/redirect is present on a QoS interface and use `vyos.configdep` module to update the interface again after QoS is applied.
2023-03-09qos: T5018: Fix interface tc qdisc cleanupsarthurdev
2023-03-09Merge pull request #1877 from sever-sever/T5073Christian Breunig
T5073: IPoE-server fix parse empty range option
2023-03-09T5070: Added show bgp martian/show bgp nexthop to bgp in vrfTobias Fiebig
2023-03-09Merge pull request #1879 from sever-sever/T5063Christian Breunig
T5063: IPoE-server ethX vlan must not be used with client-subnet
2023-03-09T5063: IPoE-server ethX vlan must not be used with client-subnetViacheslav Hletenko
IPoE-server 'interface ethX vlan xxx' (aka vlan-mon) must not be used with 'interface ethX client-subnet' So instead of shared pool accel-ppp uses the same pool for each dynamically added VLAN eth1 client-subnet '192.0.2.0/24' eth1 vlan '2000-2021' It cause this issue: eth1.2000 range 192.0.2.0/24 (the first client gets address from 192.0.2.2) eth2.2001 range 192.0.2.0/24 (the first client gets address from 192.0.2.2) Only named pools with vlan option must be used.
2023-03-09T5073: IPoE-server fix parse empty range optionViacheslav Hletenko
If the 'client-subnet' is not used we must exclude it from the ipoe.config.j2 template. Otherwise we get wrong empty parameter ',range=,'
2023-03-08graphql: T5068: generate client operations for code generation toolsJohn Estabrook
2023-03-08Merge pull request #1875 from sever-sever/T5066Christian Breunig
T5066: Fix GRE tunnel variable name which checks keys