summaryrefslogtreecommitdiff
path: root/interface-definitions
AgeCommit message (Collapse)Author
2021-08-26ipsec: T1210: support road-warrior IP assignment via RADIUS Framed-IP-AddressChristian Poessinger
Extended CLI command: "set vpn ipsec remote-access connection rw pool" with a "radius" option.
2021-08-24bgp: T3759: "l2vpn evpn" and ipv4/ipv6 safi route-targets differChristian Poessinger
The "l2vpn evpn" address-family route-target command only accepts a single route-target value consisting of (A.B.C.D:MN|EF:OPQR|GHJK:MN). The "ipv4-unicast or ipv6-unicast" address-family route-target command for VPNs support multiple, whitespace separated route-target values. This commit adds a new custom validator named "bgp-route-target" with a --single and a --multi option to pass one or more route-target values.
2021-08-24policy: T2425: rename validator large-community-list -> bgp-large-community-listChristian Poessinger
... as we will get another bgp route-target validator soon.
2021-08-23container: T2216: add option to "disable" a containerChristian Poessinger
2021-08-23container: T2216: use common "generic-description.xml.i" building blockChristian Poessinger
2021-08-23container: T2216: increase default memory limit to 512MBChristian Poessinger
2021-08-23container: T2216: name of container must be alphanumeric and can contain a ↵Christian Poessinger
hyphen
2021-08-23containers: T2216: add CLI commands to specify restart behavior and memory usageChristian Poessinger
A container is limited to 256MB memory by default and will always restart on failure.
2021-08-23containers: T2216: xml: impove help string for address commandChristian Poessinger
2021-08-23containers: T2216: add environmnet variable constraintChristian Poessinger
An environment variable passed to podman can only consist out of alphanumeric characters, a hypend and an underscore.
2021-08-22ipsec: T2816: l2tp ipsec VPN must be started after strongSwanChristian Poessinger
2021-08-21pppoe: T1318: bump priority by 1 so we can source from pseudo-ethernet ↵Christian Poessinger
interfaces
2021-08-21pppoe: T1318: implement missing access-concentrator CLI optionChristian Poessinger
2021-08-21pppoe: T3090: support forward disable on a PPPoE linkChristian Poessinger
2021-08-21xml: interfaces: use one common building block for "disable-forwarding"Christian Poessinger
Both building blocks only differed in the help text, so use IP for both IPv4 and IPv6.
2021-08-21vti: T1441: enable ipv4/ipv6 interface optionsChristian Poessinger
Now that we are based on XFRM interfaces we can also enable specific IPv4 and IPv6 interface options.
2021-08-21interfaces: T3090: migrate adjust-mss from "firewall options" to "interface" ↵Christian Poessinger
level Getting rid of "set firewall options" and move it from: set firewall options interface ethX adjust-mss 1400 set firewall options interface ethX adjust-mss6 1400 to: set interfaces ethernet ethX ip adjust-mss 1400 set interfaces ethernet ethX ipv6 adjust-mss 1400 In addition add an extra option called clamp-mss-to-pmtu instead of a value.
2021-08-20bgp: T3759: add IPv4/IPv6 unicast AFI route-map for VPN import/exportChristian Poessinger
This adds the following new commands: set protocols bgp address-family ipv4-unicast route-map vpn export foo-map-out set protocols bgp address-family ipv4-unicast route-map vpn import foo-map-in set protocols bgp address-family ipv6-unicast route-map vpn export foo-map-out set protocols bgp address-family ipv6-unicast route-map vpn import foo-map-in
2021-08-20bgp: T3759: fix DOS -> UNIX line endings on route-target building blocksChristian Poessinger
2021-08-20bgp: T3759: create common export/import building block for re-usable route-mapsChristian Poessinger
2021-08-20xml: remove superfluous "interface" prefix from interface includesChristian Poessinger
2021-08-19xml: T3768: drop early XML syntaxVersion implementationJohn Estabrook
2021-08-18bgp: T3759: add l3vpn "route-target vpn" commandsChristian Poessinger
Add the following new commands: * set protocols bgp address-family ipv4-unicast route-target vpn both 1.1.1.1:100 * set protocols bgp address-family ipv4-unicast route-target vpn export 1.1.1.1:100 * set protocols bgp address-family ipv4-unicast route-target vpn import 1.1.1.1:100
2021-08-18bgp: evpn: T1513: re-structure route-target XML blocksChristian Poessinger
Make the both, export and import XML block re-usable by the IPv4 AFI.
2021-08-18bgp: T3759: fix "label vpn" help stringChristian Poessinger
2021-08-18bgp: T3759: add l3vpn "rd" route-distinguisher commandsChristian Poessinger
Add the following new commands: * set protocols bgp address-family ipv4-unicast rd vpn export * set protocols bgp address-family ipv6-unicast rd vpn export
2021-08-18bgp: T3759: add l3vpn "label vpn export" commandsChristian Poessinger
Add the following new commands: * set protocols bgp address-family ipv4-unicast label vpn export (auto | 0-1048575) * set protocols bgp address-family ipv6-unicast label vpn export (auto | 0-1048575)
2021-08-18bgp: T3759: import/export is for AFI "ipv4 unicast" not "ipv4 multicast"Christian Poessinger
2021-08-17bgp: T3759: add l3vpn "import vrf" commandsChristian Poessinger
2021-08-17xml: cleanup - replace format "text" with "txt" as required by the BASH helpersChristian Poessinger
2021-08-17bgp: T3759: add l3vpn import/export vpn command for IPv4/IPv6 AFIChristian Poessinger
2021-08-17bgp: T2174: create building block for path-limit which is used in IPv4/IPv6 AFIChristian Poessinger
2021-08-17policy: T2425: bgp large-community-list name also supports - and _Christian Poessinger
2021-08-17policy: T2425: bgp ext-community-list name also supports - and _Christian Poessinger
2021-08-17policy: T2425: add missing validator for large-community-listsChristian Poessinger
without the validators FRR commit errors would happen.
2021-08-17policy: T2425: add missing constraints for extended and large community listsChristian Poessinger
2021-08-17policy: T2425: update help test for BGP communitiesChristian Poessinger
2021-08-17xml: proxy: use port-number building block for system proxyChristian Poessinger
2021-08-17xml: webproxy: use port-number building block for LDAP connectionChristian Poessinger
2021-08-17xml: wireguard: use port-number building blockChristian Poessinger
2021-08-17xml: syslog: use port-number building blockChristian Poessinger
2021-08-17xml: tftp: use port-number building blockChristian Poessinger
2021-08-17xml: bcast-relay: use port-number building blockChristian Poessinger
2021-08-17xml: vxlan: use port-number building blockChristian Poessinger
2021-08-17xml: include: add error message to port-numberChristian Poessinger
2021-08-17isis: T1316: use common redistribute XML building block for IPv4 and IPv6Christian Poessinger
2021-08-16openvpn: T690: Add metric for pushed routesViacheslav
2021-08-15ospf: T3757: support to configure area at an interface levelChristian Poessinger
FRR supports configuring either network prefixes per area, or assign an interface to an area to participate in the routing process. This is already well known from other venders and supported by FRR. A valid VyOS OSPF configuration would then look like: vyos@vyos# show protocols ospf { interface dum0 { area 0 } interface eth0.201 { area 0 authentication { md5 { key-id 10 { md5-key vyos } } } dead-interval 40 hello-interval 10 priority 1 retransmit-interval 5 transmit-delay 1 } log-adjacency-changes { detail } parameters { abr-type cisco router-id 172.18.254.201 } passive-interface default passive-interface-exclude eth0.201 }
2021-08-15conntrack: T3275: bugfix XML generationChristian Poessinger
This commit fixes an error introduced by 43fcc0db0 ("conntrack: T3275: migrate 'disable' syntax to 'enable' syntax for the new default behavior") as the <valueless/> option can only be used on leafNodes. THis triggered the following build error: ValueError: <valueless/> is only allowed in <leafNode>
2021-08-15Merge pull request #944 from sever-sever/T3702Christian Poessinger
pbr: T3702: Add rules match fwmark