Age | Commit message (Collapse) | Author |
|
tagNode
This will save an entire level for the configuration and there is no need for a
parent "multicast" node, as it will only have "route" as tagNode below.
Move set protocols static multicast route <x.x.x.x/y> to:
* set protocols static mroute <x.x.x.x/y>
|
|
With FRR 10.0 daemons started to be migrated to integrated FRR mgmtd and a
northbound interface. This led to some drawbacks in the current state how
changes to FRR are handled. The current implementation will use frr-reload.py
and specifies excatly WHICH daemon needs a config update and will only replace
this part inside FRR.
With FRR10 and mgmtd when a partial configuration is sent to mgmtd, it will
remove configuration parts from other daemons like bgpd or ospfd which have
not yet been migrated to mgmtd.
It's not possible to call frr-reload.py with daemon mgmtd - it will error out.
This commit will also change the CLI for static routes:
CLI command "set protocols static route 10.0.0.0/8 next-hop 1.2.3.4 bfd multi-hop
source 1.1.1.1" will be split into:
* set protocols static route 10.0.0.0/8 next-hop 1.2.3.4 bfd source-address 1.1.1.1
* set protocols static route 10.0.0.0/8 next-hop 1.2.3.4 bfd multi-hop
To make the XML blocks reusable, and comply with the FRR CLI - this was actually
a wrong implementation from the beginning as you can not have multiple BFD
source addresses.
CLI command "set protocols static route 10.0.0.0/8 next-hop 1.2.3.4 bfd multi-hop
source 1.1.1.1 profile bar" is changed to:
* set protocols static route 10.0.0.0/8 next-hop 1.2.3.4 bfd profile bar
CLI commands "set protocols static multicast interface-route" is moved to:
* set protocols static multicast route <x.x.x.x/x> interface
To have an identical look and feel with regular static routes.
|
|
|
|
static: T4214: Allow several dhcp-interfaces to the same static rote
|
|
ipoe_server: T6628: Add option to assign static IP address to end users with local auth
|
|
set `default-route-distance` to 1
|
|
pki: T6368: Add ability for acme to listen on IPv6 addresses
|
|
|
|
|
|
|
|
T6630: ntp: fix timestamp nested under ptp
|
|
|
|
|
|
Add the abbility to start IPoE session by unclassified-packet.
It allows the cases when subscriber configures the address manually
(static) and accel-ppp can start session on any packet.
By default start session on DHCPv4 Discover packet.
set service ipoe-server interface eth1 start-session unclassified-packet
|
|
ipoe_server: T6872: Add the ability to configure LUA scripts and username
|
|
T264: IPsec add base64 encoded secret-type feature
|
|
|
|
* avahi: T6908: reduce runtime overhead in smoketests by using setUpClass/tearDownClass
* avahi: T6908: add option to define mdns-repeater max-cache entries
Add CLI option to configure `cache-entries-max` entries in Avahi daemon
configuration.
Default value of 4096 for "cache-entries" CVLI node was retrieved from
source code.
|
|
|
|
Add the ability to configure base64 encoded passwords for
VPN IPSec site-to-site peers
authentication psk PSK secret 'xxxxx=='
authentication psk PSK secret-type <base64|plaintext>
|
|
|
|
- Removed default `m1` and `m2` values from interface definitions
- Adjusted filter priorities for shapers
- Fixed SFQ qdisc and HFSC class creation to fully support `m1`, `d`, and `m2` parameters
- Added validation logic similar to VyOS 1.3 to improve error handling and user experience
|
|
- Fixed handling of flow isolation parameters.
- Corrected support for `nat` and `nonat` in flow isolation.
- Extended RTT values to cover the full range supported by `tc`.
- Make migration script 2-to-3 qos
|
|
|
|
|
|
numbers
|
|
|
|
|
|
T3501: Allow using more than one tuned profile
|
|
|
|
Allow the use of a trailing slash `("/")` at the of the user's home directory path. For example `/home/test/`
|
|
|
|
|
|
|
|
config-mgmt: T5976: add option for commit-confirm to use 'soft' rollback
|
|
|
|
|
|
* This is the `policy local-route*` part of T6430, manipulating ip rules,
another PR covers firewall-backed `policy route*` for similar functionality
* Local PBR (policy local-route*) can only target table IDs up to 200 and
the previous PR to extend the range was rejected
* PBR with this PR can now also target VRFs directly by name, working around
targeting problems for VRF table IDs outside the overlapping 100-200 range
* Validation ensures rules can't target both a table ID and a VRF name
(internally they are handled the same)
* Relocated TestPolicyRoute.verify_rules() into VyOSUnitTestSHIM.TestCase,
extended to allow lookups in other address families (IPv6 in the new tests).
verify_rules() is used by original pbr and new lpbr smoketests in this PR.
|
|
set system option keyboard-layout it
|
|
Commit-confirm will restore a previous configuration if a confirmation
is not received in N minutes. Traditionally, this was restored by a
reboot into the last configuration on disk; add a configurable option to
reload the last completed commit without a reboot. The default setting
is to reboot.
|
|
http-api: T6736: move REST API to a node distinct from GraphQL API
|
|
T973: add basic node_exporter implementation
|
|
|
|
regular firewall ruleset.
|
|
policy: T6751: add missing completion helpers for community-list
|
|
T6687: add fqdn support to nat rules.
|
|
Add all missing, well-known values for the community-list regex.
|
|
|
|
|
|
T6630: ntp: support hardware timestamp offload and other mechanisms to improve accuracy
|