Age | Commit message (Collapse) | Author |
|
Change the firewall priority to 319, after interface ethernet
configuration
For example if we use VLANs and the vlan interface must be
created before we can use it in the firewall/flowtable
The current priority
```
199 firewall
300 interfaces/dummy
300 interfaces/loopback
300 interfaces/virtual-ethernet
310 interfaces/bridge
310 interfaces/input
318 interfaces/ethernet
...
```
|
|
rpki: T6034: move file based SSH keys for authentication to PKI subsystem
|
|
dhcpv6-server: T5993: Add subnet `interface` node, link subnet to locally connected interfaces
|
|
connected interfaces
Prior dhcpd behaviour implicitly handled requests for locally connected subnets. Kea requires an explicit link between subnets and an interface.
|
|
|
|
ipsec: T5981: Strip '@' from migrated peer PKI name
|
|
init: T2044: fix "binary operator expected" when two or more RPKI caches are defined
|
|
defined
Fix commit 9b8e11e07 ("init: T2044: only start rpki if cache is configured")
which showed a disturbing error on tty0 after boot that a "binary operator
expected" when checking for RPKI caches when multiple results got returned.
|
|
|
|
|
|
|
|
|
|
T6019: fix smoketest after upgrading nftables and libnftnl packages.
|
|
|
|
srv6: T5849: add segment support to "protocols static route6"
|
|
bgp: T6010: support setting multiple values for neighbor path-attribute
|
|
|
|
set pki openssh rpki private key ...
set pki openssh rpki public key ...
set pki openssh rpki public type 'ssh-rsa'
|
|
* set protocols static route6 <prefix> next-hop <address> segments 'x:x::x:x/y:y::y/z::z'
* set protocols static route6 <prefix> interface <interface> segments 'x:x::x:x/y:y::y/z::z'
|
|
|
|
rpki: T6004: add missing startup priority
|
|
xml: T5738: improve PKI building blocks for CLI
|
|
|
|
|
|
T6028: Fix QoS policy shaper wrong class_id_max and default_minor_id
|
|
The `class_id_max` is wrong due to `tmp.sort` of Strings
If we have class 5 and class 10 we get sorted max value 5, expected 10
```
>>> tmp = ['5', '10']
>>> tmp.sort()
>>> tmp
['10', '5']
>>>
>>> hex(5+1)
'0x6'
>>>
>>> hex(10+1)
'0xb'
>>>
```
This way we get wrong default maximum class value:
```
tc qdisc replace dev eth1 root handle 1: htb r2q 444 default 6
```
Expect:
```
tc qdisc replace dev eth1 root handle 1: htb r2q 444 default b
```
Fix this converting Strings to Integers and get max value.
|
|
T5703: Fix reapply QoS for connection-oriented interfaces
|
|
After `disconnect` and `connect` connection-oriented interfaces
like PPPoE, QoS policy has to be reapplied
|
|
https: T5902: fix migration of virtual-host port
|
|
CLI source node is port and not listen-port.
|
|
rpki: T6023: add support for CLI knobs expire-interval and retry-interval
|
|
T5685: Keepalived VRRP prefix is not necessary for the virtual address
|
|
|
|
T5960: Rewritten authentication node in PPTP to a single view
|
|
T6026: QoS hide attempts to delete qdisc from devices
|
|
op-mode: T4038: Python rewrite of image tools
|
|
Hide unexpected output by attempts of deleting `qdisc` from
interfaces
[ qos ]
Error: Cannot find specified qdisc on specified device.
Error: Cannot delete qdisc with handle of zero.
|
|
vrf: T5973: module is now statically compiled into the kernel
|
|
bgp: T6024: add additional missing FRR features
|
|
init: T2044: only start rpki if cache is configured
|
|
xml: T302: replace references to Quagga with FRRouting
|
|
|
|
This extends commit 9199c87cf ("init: T2044: always start/stop rpki during
system boot") to check the bootup configuration if an RPKI cache is defined.
Only start RPKI if this is the case.
|
|
vpn: T3843: l2tp configuration not cleared after delete
|
|
* set protocols bgp parameters labeled-unicast <explicit-null | ipv4-explicit-null | ipv6-explicit-null>
* set protocols bgp parameters allow-martian-nexthop
* set protocols bgp parameters no-hard-administrative-reset"
|
|
|
|
T6021: Fix QoS shaper r2q calculation
|
|
Rewritten authentication node in accel-ppp services
to a single view. In particular - PPTP authentication.
|
|
Always enable VRF strict_mode
|
|
The current calculation `r2q` is wrong as it uses `Floor division`
but expecting `division`
This way `math.ceil` calculate wrong value as we expect
round a number upward to its nearest integer
For example for speed 710 mbits expected value `444` but we get `443`
```
from math import ceil
MAXQUANTUM = 200000
speed = 710000000
speed_bps = int(speed) // 8
>>> speed_bps // MAXQUANTUM
443
>>> speed_bps / MAXQUANTUM
443.75
>>>
>>>
>>> ceil(speed_bps // MAXQUANTUM)
443
>>> ceil(speed_bps / MAXQUANTUM)
444
>>>
```
|