summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2021-12-12graphql: T3993: add requests for firewall ipv6-address-groupJohn Estabrook
2021-12-12graphql: T3993: distinguish queries and mutations; update README.graphqlJohn Estabrook
2021-12-12validator: T4036: validate if multicast address is single (no netmask)Christian Poessinger
2021-12-12bgp: T3967: add support for conditional advertisementChristian Poessinger
The BGP conditional advertisement feature uses the non-exist-map or the exist-map and the advertise-map keywords of the neighbor advertise-map command in order to track routes by the route prefix. non-exist-map ============= * If a route prefix is not present in the output of non-exist-map command, then advertise the route specified by the advertise-map command. * If a route prefix is present in the output of non-exist-map command, then do not advertise the route specified by the addvertise-map command. exist-map ========= * If a route prefix is present in the output of exist-map command, then advertise the route specified by the advertise-map command. * If a route prefix is not present in the output of exist-map command, then do not advertise the route specified by the advertise-map command. This feature is useful when some prefixes are advertised to one of its peers only if the information from the other peer is not present (due to failure in peering session or partial reachability etc). The conditional BGP announcements are sent in addition to the normal announcements that a BGP router sends to its peer. CLI nodes can be found under: * set protocols bgp neighbor <ip> address-family <afi> conditional-advertisement * set protocols bgp peer-group <p> address-family <afi> conditional-advertisement
2021-12-12xml: bgp: rename afi-common.xml.i -> neighbor-afi-ipv4-ipv6-common.xml.iChristian Poessinger
2021-12-12bgp: smoketest: add proper peer-group assignment testsChristian Poessinger
In the past a peer-group was only assigned to the BGP process but not bound to any neighbor. This has been changed.
2021-12-12bgp: T4069: add "parameters suppress-fib-pending" CLI optionChristian Poessinger
This command is applicable at the global level and at an individual bgp level. If applied at the global level all bgp instances will wait for fib installation before announcing routes and there is no way to turn it off for a particular BGP vrf.
2021-12-12bgp: T4069: add "parameters shutdown" CLI optionChristian Poessinger
Administrative shutdown of all peers of a bgp instance. Drop all BGP peers, but preserve their configurations. The peers are notified in accordance with RFC 8203 by sending a NOTIFICATION message with error code Cease and subcode Administrative Shutdown prior to terminating connections. This global shutdown is independent of the neighbor shutdown, meaning that individually shut down peers will not be affected by lifting it.
2021-12-12bgp: T4069: add "parameters reject-as-sets" CLI optionChristian Poessinger
This command enables rejection of incoming and outgoing routes having AS_SET or AS_CONFED_SET type.
2021-12-12bgp: T4069: add "parameters minimum-holdtime <n>" CLI optionChristian Poessinger
This command allows user to prevent session establishment with BGP peers with lower holdtime less than configured minimum holdtime. When this command is not set, minimum holdtime does not work.
2021-12-12bgp: T4069: add "parameters fast-convergence" CLI optionChristian Poessinger
Whenever BGP peer address becomes unreachable we must bring down the BGP session immediately. Currently only single-hop EBGP sessions are brought down immediately. IBGP and multi-hop EBGP sessions wait for hold-timer expiry to bring down the sessions. This new configuration option helps user to teardown BGP sessions immediately whenever peer becomes unreachable. This configuration is available at the bgp level. When enabled, configuration is applied to all the neighbors configured in that bgp instance.
2021-12-12bgp: T3967: add "parameters conditional-advertisement timer <n>" optionChristian Poessinger
Set the period to rerun the conditional advertisement scanner process. The default is 60 seconds.
2021-12-12xml: bgp: fix "shutdown" help string (remove whitespace)Christian Poessinger
2021-12-11T3912: migrate "Welcome to VyOS" from issue file to motd to not silently ↵Christian Poessinger
expose OS
2021-12-11vyos.util: T4061: fix typo in function nameJohn Estabrook
2021-12-11smoketest: bfd: only read in FRR configuration from bfddChristian Poessinger
2021-12-11bfd: T3310: bugfix on profile names using hyphensChristian Poessinger
2021-12-10vxlan: T3700: unindent other tunnels cleanup codeChristian Poessinger
2021-12-10wwan: T3795: remove superfluous import (render)Christian Poessinger
(cherry picked from commit 5e7243db4ced47dbad48913f86909ba284fcc24d)
2021-12-10wwan: T3795: only enable cron helper when interface is in useChristian Poessinger
(cherry picked from commit e73b40a04ee90a91b778ce72a60cbb751f42a306)
2021-12-10wwan: T3795: only run ModemManager when interface is in useChristian Poessinger
(cherry picked from commit a8ebb4817955b3f33f773a4d05c753dfc77958cd)
2021-12-10vxlan: T3700: can not specify both "external" and "VNI"Christian Poessinger
2021-12-10vxlan: T3700: add support for external controlled FDBChristian Poessinger
Background information [1]. Specifies whether an external control plane (e.g. ip route encap/EVPN) or the internal FDB should be used. [1]: https://legacy.netdevconf.info/2.2/slides/prabhu-linuxbridge-tutorial.pdf
2021-12-10ConfigError: T4068: automatically wrap message at 72 charactersChristian Poessinger
2021-12-10smoketest: interfaces: bugfix loop iteration - same config set multiple timesChristian Poessinger
2021-12-10T562: bugfix missing "," on variable listingChristian Poessinger
This prevented VyOS to actually boot as the configuration could not be loaded, as "system host-name" was unable to commit.
2021-12-09ospf(v3): T4058: add support for BFD profilesChristian Poessinger
2021-12-09isis: T4058: add support for BFD profilesChristian Poessinger
2021-12-09bgp: T4058: add support for BFD profilesChristian Poessinger
2021-12-09xml: T4058: provide building block for BFD profilesChristian Poessinger
2021-12-09xml: include: create dedicated bfd subfolderChristian Poessinger
2021-12-09Revert "vrrp: T4059: do "late" read of the CLI configuration as this fails ↵Christian Poessinger
in __init__" This reverts commit bcfe967f607a83192d75c01e7f414655891eec60.
2021-12-09vyos.configdict: T4064: bugfix for IP addresses not removed from KernelChristian Poessinger
Commit ee80d0aebd ("vyos.ifconfig: T2738: do not remove OS assigned IP addresses from interface") addressed an issue with IP addresses added to interfaces by daemons and not by the CLI. The solution in this commit for IP address removal unfortunately did not cover VLAN (802.1q and 802.1ad) IP address removal in the same way as it is done for non VLAN interfaces. The code was missing. (cherry picked from commit 91898b8bd876af6b4d7fae54981e78400f57e008)
2021-12-09smoketest: vlan: T4064: verify IP addresses do not stick after deletionChristian Poessinger
(cherry picked from commit 1a814661a0ade01f144398b91dd6998e42018fdd)
2021-12-09Merge pull request #1024 from lucasec/dns-authoritativeChristian Poessinger
T562: Config syntax for defining DNS forward authoritative zones
2021-12-08configquery: T4060: allow use before boot configuration is completeJohn Estabrook
2021-12-08vyos.util: T4061: add function to check for completion of boot configJohn Estabrook
2021-12-08vrrp: T4059: do "late" read of the CLI configuration as this fails in __init__Christian Poessinger
... thus we simply read the configuration the first time it really becomes necessary and a message requireing the data needs it actually.
2021-12-08Merge pull request #1100 from DmitriyEshenko/sg-1x-03122021-02Daniil Baturin
pppoe-server: T3006: Add range to regex generator
2021-12-07pppoe-server: T3006: Add range to regex generatorDmitriyEshenko
2021-12-08Merge pull request #1102 from dmbaturin/T3006Daniil Baturin
T3006: add a range validator
2021-12-07T3006: add a range validatorDaniil Baturin
2021-12-07Merge pull request #1101 from goodNETnick/vrrpHealth_1.4Christian Poessinger
VRRP: T4033: VRRP script_security parameter removed
2021-12-07VRRP: T4033: VRRP script_security parameter removedgoodNETnick
2021-12-06Revert "bfd: T3753: FRR 8.1 uses a default echo-interval of 50 - reflect ↵Christian Poessinger
this in CLI" This reverts commit 49047b88c9bac0b2e007ccce7ac7d42e82ee0a2b. > Echo mode is only available for single hop sessions
2021-12-06bfd: T3753: FRR 8.1 uses a default echo-interval of 50 - reflect this in CLIChristian Poessinger
2021-12-06xml: ntp: remove indentChristian Poessinger
2021-12-06xml: vrf: use "txt" in valueHelpChristian Poessinger
2021-12-06https: T4055: add vrf supportChristian Poessinger
2021-12-06https: pki: T3642: remove debug print()Christian Poessinger
Remove superfluous print() statement added in commit 0852c588d55 ("https: pki: T3642: embed CA certificate into chain if specified").