Age | Commit message (Collapse) | Author |
|
Apply next round of configuration tree updates to 'service dns dynamic'
with the following changes:
- Migrate `service dns dynamic interface <interface> [use-web]`
to `service dns dynamic address <interface>`
or `service dns dynamic address web [web-options]`
This communicates the intent that dynamic dns IP address is detected
in only one way - using the `<interface>` or using an external web
request, not both.
- When using external web request, (`service dns dynamic address web`),
external url is optional (`web-options url`). Ddclient defaults are
used when unspecified,
- Rename all config `login` to `username` for consistency and also to
align better with alternative ddclient backends in consideration.
- Apply global 'ipv6-enable' to per service 'ip-version: ipv6'. Selecting
usage of IPv4 or IPv6 (or both simultaneously) is now at per service
(protocol) level instead of global level. This allows more control on
the ability to select IPv4 in some cases and IPv6 in some other cases
wherever supported by the underlying ddclient protocol.
- While the IP address (and by extension, the detection mechanism) is
global, the way it is applied to a particular ddclient protocol depends
on whether it supports IPv4 or IPv6 or both.
- Related to the above, this also prevents generating incorrect config
file (`ddclient.conf`) with multiple global sections leading to an
unpredictable behavior of ddclient.
- Implement provider (protocol) specific custom tweaks whenever possible
(e.g., `zone`, `username`, `server` are not necessary in all cases).
- Move service name from a combination of 'protocol' (with protocol
config autodetected) and custom (with protocol config specified) to a
single 'service' key. This allows for consisent setup of multiple
config for the same ddclient protocol (with different options and
credentials). This also avoid ambiguity with usual networking term
'protocol' and ddclient specific term 'protocol' (and can change with
a move to a different backend).
- Apply upfront XML constraints and validations consistently wherever
applicable.
- RFC2136 specific change: Rename rfc2136 config `record` to `host-name`
for consistency.
- Cloudflare specific change: While ddclient still supports authenticating
with email and global auth key, skipping `username` in config will
indicate the intent to use API token authentication (with special
'token' literal as `username`).
|
|
|
|
|
|
|
|
T5257: Fix netflow VRF and bracketize v6 source addresses for netflow…
|
|
|
|
configtree: T5251: catch/raise errors in functions delete and delete_value
|
|
The node was already deleted in the 'if path exists' branch; attempt to
delete in 'else' branch will now raise an error.
|
|
Configtree functions delete/delete_value do not check return value of
libvyosconfig functions; raise error on non-zero return value.
|
|
T5210:VPN:Fix typo in Warning
|
|
|
|
|
|
After commit 9c677c81b ("vyos.util: extend process_named_running() signature
with cmdline") we need an exact match for the process name. In the past
we used a in b and now we test for a == b.
|
|
|
|
|
|
|
|
|
|
namespace
|
|
|
|
|
|
process_named_running() was introduced in commit 16b2fc8fc4ca ("dns-forwarding:
T2298: fix path to control file") and thus remained more or less unchanged.
Smoketests use process_named_running() heavily and might spawn multiple
processes with the same name but ifferent options (e.g. dhcp6c or dhclient) and
it was yet not possible to properly filter on the "real-deal" like the process
bound to a given interface.
One can now optionally specify a string that is searched inside the command
line argument list of the process.
Example:
>>> process_named_running('dhcp6c', 'veth0')
['/usr/sbin/dhcp6c', '-D', '-k', '/run/dhcp6c/dhcp6c.veth0.sock', '-c',
'/run/dhcp6c/dhcp6c.veth0.conf', '-p', '/run/dhcp6c/dhcp6c.veth0.pid', 'veth0']
4215
>>> process_named_running('dhcp6c', 'veth1')
['/usr/sbin/dhcp6c', '-D', '-k', '/run/dhcp6c/dhcp6c.veth1.sock', '-c',
'/run/dhcp6c/dhcp6c.veth1.conf', '-p', '/run/dhcp6c/dhcp6c.veth1.pid', 'veth1']
4253
Where the debug list returned is the commandline searched.
|
|
Connection ID Username Protocol State Uptime Tunnel IP
--------------- ---------- ---------- ------- -------- -----------------
27 cpo IKEv2 UP 11s ['172.16.222.17']
"Tunnel IP" should be a string over list.
|
|
This is a radvd limitation.
|
|
|
|
* t5242-smoketest-dynamic:
smoketest: T5242: automatically detect interface "capabilities"
geneve: T2630: change lower limit MTU to 1200 bytes
gitignore: T5242: add XML dict cache file
bridge: T4579: fix error message for bridge and bond membership
T5242: example use of cli_defined
xml: T5242: add cli_defined boolean test for node existing under path
|
|
Current state of vyos-1x smoketests have hardcoded features to test. The
feature support is inside the base class BasicInterfaceTest
class BasicInterfaceTest:
class TestCase(VyOSUnitTestSHIM.TestCase):
_test_dhcp = False
_test_ip = False
_test_mtu = False
_test_vlan = False
_test_qinq = False
_test_ipv6 = False
_test_ipv6_pd = False
_test_ipv6_dhcpc6 = False
_test_mirror = False
All derived classes need to enable the tests that are supported on this
interface type. Adding new feature to a given interface (like vif support in
T5237) require manually enabling those tests for the given interface.
It would make much more sense, if we can query the config backend for supported
interface options - or in other words - is there a CLI node available that
corresponds to set interfaces ethernet <name> vif - if that's the case,
_test_vlan = True.
|
|
|
|
|
|
|
|
t5242-smoketest-dynamic
* 'cli-defined' of https://github.com/jestabro/vyos-1x:
T5242: example use of cli_defined
xml: T5242: add cli_defined boolean test for node existing under path
|
|
|
|
If non_local=False (default), cli_defined returns True if the node is a
child of the path in interface-definitions; otherwise True if node is a
descendent of the path.
|
|
T5237: Add support VLANs and QinQ for virtual-ethernet interfaces
|
|
Ability to use 'vif' and 'vif-s' for virtual-ethernet "vethX" interfaces
set interfaces virtual-ethernet veth10 vif 50
|
|
|
|
|
|
xml: T5218: revise vyos xml lib for bug fixes and extensions
|
|
|
|
Operations get_defaults and get_config_defaults return default values
only for nodes with parent in the config dict (get_config_defaults) or
at the path (get_defaults). To include default values of decendent
nodes, set option recursive=True.
|
|
T5230: Added missing enforce-first-as option to bgp protocol common c…
|
|
T5222: reverse-proxy fix listen-address template and add smoketest
|
|
and frr bgp jinja template.
|
|
|
|
To accept a Proxy Protocol header on incoming TCP connections,
add an accept-proxy parameter to the bind line in a frontend section.
This parameter detects both Proxy Protocol version 1 (text format)
and Proxy Protocol version 2 (binary format).
set load-balancing reverse-proxy backend <tag> server <tag> send-proxy
|
|
Load-balancing reverse-proxy listen-address is multi-value node
Use bracketize for correct set bind config for IPv6 addresses
Listen by default IPv4 and IPv6 if listen-address is not defined
|
|
T5222: Refactoring load-balancing reverse-proxy
|
|
Improve and refactoring "load-balancing reverse-proxy"
- replace 'reverse-proxy server <tag>'
=> 'reverse-proxy service <tag>'
- replace 'reverse-proxy global-parameters tls <xxx>'
=> 'reverse-proxy global-parameters tls-version-min xxx'
=> 'reverse-proxy global-parameters ssl-bind-ciphers xxx'
- replace 'reverse-proxy service https rule <tag> set server 'xxx'
=> 'reverse-proxy service https rule <tag> set backend 'xxx'
'service https rule <tag> domain-name xxx' set as multinode
|
|
|
|
mdns: T5227: Relax 'allow-service' pattern
|
|
Relax allow service pattern to allow for '.' as well for SRV records.
|