Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-06-29 | openvpn: T4485: Update PKI migrator to handle full CA chain migration | sarthurdev | |
* Also determines and maps to correct CA for migrated CRL | |||
2022-05-31 | smoketest: policy: T3976: add migratable config snippet | Christian Poessinger | |
2022-05-25 | configtest: T4382: no migration to 'bgp local-as' under vrf | John Estabrook | |
The migration script bgp/0-to-1 did not address 'protocols bgp ASN' -> 'protocols bgp local-as ASN' under a vrf. Move to configs.no-load for review on extending/adding a migration script. | |||
2022-05-25 | configtest: T4382: missing block in migration script vrf/0-to-1 | John Estabrook | |
The config vrf-basic reveals a missing block in the migration script vrf/0-to-1, moving 'next-hop-vrf' to 'vrf'. As this only exists in Sagitta, modify script 0-to-1. Also, fix the 'system nt' typo seen in vrf-ospf. | |||
2022-05-25 | configtest: T4382: inconsistent ipsec component version | John Estabrook | |
The pki-ipsec sagitta-era config contains 'vpn ipsec ipsec-interfaces interface eth0' with ipsec component version ipsec@6, however, this construction is successfully moved by migration script ipsec/5-to-6. Consequently, this must have been an error in translation of the config file. Note that this is unrelated to the corrected error regarding an empty 'ipsec-interfaces' node. Move config to configs.no-load for review. | |||
2022-05-25 | configtest: T4382: bgp_small_as has a nonsensical entry | John Estabrook | |
bgp_small_as contains set commands such as: 'protocols static route 10.0.0.0/8 MY-NAS distance 254' which would appear to have no meaning, in any VyOS version. Move to config.no-load for analysis. | |||
2022-05-25 | configtest: T4382: 'nat ... log' takes no 'enable' argument | John Estabrook | |
The component version in bgp-dmvpn-spoke is nat@5, however, 4-to-5 removes the boolean argument. It is confirmed that the migration script works correctly, hence, it must be a typo in translation; remove argument 'enable'. | |||
2022-05-25 | configtest: T4382: system@20 cannot have 'user level' (16-to-17) | John Estabrook | |
The config file isis-small has system@20, but 'user level' which was migrated in system/16-to-17; remove the line in the config, as there is no problem with the migration script in question. | |||
2022-05-25 | configtest: T4382: remove typo | John Estabrook | |
This is a typo in vrf-ospf: 'system nt' on the line before 'system ntp'. | |||
2022-05-05 | smoketest: do not auto-load big firewall config on smoketest | Christian Poessinger | |
This takes a very long time, but keep the config for manual runs | |||
2022-05-05 | policy: T4414: add support for route-map "as-path prepend last-as x" | Christian Poessinger | |
2022-04-30 | smoketest: import large firewall config from T1230 | Christian Poessinger | |
2022-04-29 | smoketest: add basic QoS configuration | Christian Poessinger | |
2022-04-28 | arp: T4397: change CLI syntax to support interface and VRF bound ARP entries | Christian Poessinger | |
* set protocols static arp interface eth0 address 192.0.2.1 mac 01:23:45:67:89:01 | |||
2022-04-25 | smoketest: config: T4397: add ARP entries for a second interface | Christian Poessinger | |
2022-04-25 | smoketest: config: T4397: add some static ARP entries | Christian Poessinger | |
2022-04-07 | ipv6: T4346: delete (migrate) CLI command to disable IPv6 address family | Christian Poessinger | |
2022-04-06 | firewall: T4345: Fix incorrect rule limit rate syntax | sarthurdev | |
2022-03-06 | smoketest: config: add "recent" firewall rule to dialup-router | Christian Poessinger | |
2022-02-28 | ssh: T4273: bugfix cipher and key-exchange multi nodes | Christian Poessinger | |
After hardning the regex validator to be preceeded with ^ and ending with $ it was no longer possible to have a comma separated list as SSH ciphers. The migrations cript is altered to migrate the previous comma separated list to individual multi node entries - cipher and key-exchange always had been multinodes - so this just re-arranges some values and does not break CLI compatibility | |||
2022-01-17 | firewall: policy: T4178: Migrate and refactor tcp flags | sarthurdev | |
* Add support for ECN and CWR flags | |||
2022-01-11 | policy: T2199: Refactor policy route script for better error handling | sarthurdev | |
* Migrates all policy route references from `ipv6-route` to `route6` * Update test config `dialup-router-medium-vpn` to test migration of `ipv6-route` to `route6` | |||
2021-12-25 | flow-accounting: T4105: drop "sflow agent-address auto" | Christian Poessinger | |
The implementation of the "auto" option to specify the sflow/netflow agent-address is very error prone. The current implementation will determine the IP address used for the "auto" value as follow: Get BGP router-id 1) If not found use OSPF router-id 2) If not found use OSPFv3 router-id 3) If not found use "the first IP address found on the system Well, what is the "first IP address found"? Also this changes if DHCP is in use. Also another disadvantage is when the BGP/OSPF/OSPFv3 router-id is changed, the agent-address is not updated upon the next reboot of the system. This task is about removing the "auto" keyword from the CLI at all and make it either entirely configurable by the user and hardcode the value in CLI, or not use this at all. If "auto" is specified we will query the system in the above order and set the proper router-id in the CLI. If none can be found the CLI node is removed. | |||
2021-10-31 | smoketest: config: add DMVPN hub and spoke examples | Christian Poessinger | |
2021-10-22 | tunnel: T3925: fix configtest - source-interface does not work with gretap | Christian Poessinger | |
2021-10-21 | tunnel: T3925: dhcp-interface was of no use - use source-interface instead | Christian Poessinger | |
(cherry picked from commit c1015d8ce0013719eb898b60b14ffec192b8141c) | |||
2021-10-05 | smoketest: bgp: T3741: bugfix invalid IP address (missing prefix size) | Christian Poessinger | |
2021-10-04 | bgp: T3741: "parameter default no-ipv4-unicast" is now a default option | Christian Poessinger | |
2021-09-06 | smoketest: config: add DHCP name-server to dialup-router-medium-vpn config | Christian Poessinger | |
T3804 changed how DHCP servers from DHCP interfaces are read in and passed to the system. The config migrator is tested with this addition. | |||
2021-08-26 | smoketest: config: drop empty newline at EOF for "isis-small" test | Christian Poessinger | |
2021-07-26 | smoketest: config: azure: also utilize "default-esp-group" feature | Christian Poessinger | |
2021-07-22 | ipsec: T2816: remove "auto-update" CLI option | Christian Poessinger | |
Update/refresh of DNS records is now handled internally by Strongswan. | |||
2021-07-22 | pki: https: T3642: Migrate HTTPS to use PKI configuration | sarthurdev | |
2021-07-20 | pki: sstp: T3642: Migrate SSTP to PKI configuration | sarthurdev | |
2021-07-20 | pki: openconnect: T3642: Migrate OpenConnect SSL to PKI configuration | sarthurdev | |
2021-07-15 | pki: ipsec: l2tp: T2816: T3642: Move IPSec/L2TP code into vpn_ipsec.py and ↵ | sarthurdev | |
update to use PKI. | |||
2021-07-07 | pki: T3642: Migrate rsa-keys to PKI configuration | sarthurdev | |
2021-06-29 | pki: ipsec: T3642: Migrate IPSec to use PKI configuration | sarthurdev | |
2021-06-17 | policy: T3631: migrate "set extcommunity-rt|soo" to "set extcommunity rt|soo" | Christian Poessinger | |
migrate "set extcommunity-rt" and "set extcommunity-soo" to "set extcommunity rt|soo" to match FRR syntax. This also makes it easier to implement the "bandwidth" extended community. | |||
2021-05-20 | smoketest: config: sysctl: T3565: add migratable configuration | Christian Poessinger | |
2021-05-06 | smoketest: configs: azure: convert from DOS to UNIX line endings | Christian Poessinger | |
2021-05-05 | Revert "smoketest: config: bgp: remove graceful-restart option due to ↵ | Christian Poessinger | |
frr-reload bug" This reverts commit 49cfd4e0c56a8b7a85128bfdb4a4e19157137129. | |||
2021-04-10 | smoketest: configs: add bgp l3vpn evpn PE configuration | Christian Poessinger | |
2021-04-10 | smoketest: configs: rename BGP related test configs | Christian Poessinger | |
2021-04-05 | smoketest: config: tunnel-broker: adjust l2tpv3 local/remote addresses | Christian Poessinger | |
For L2TPv3 to properly work there must be a routing entry present for the remote side of the tunnel, or use a directly connected subnet. | |||
2021-04-05 | smoketest: config: evpn-leaf: set 1500 byte mtu on vxlan interface | Christian Poessinger | |
RFC7348 recommends VXLAN tunnels preserve a 1500 byte MTU. | |||
2021-04-05 | smoketest: config: bgp: remove graceful-restart option due to frr-reload bug | Christian Poessinger | |
When loading a configuration for BGP that contains the graceful-restart options, the frr-reload script will not return 0, but the config is accepted. This is a false positive, and related to https://github.com/FRRouting/frr/issues/8403 | |||
2021-03-21 | smoketest: config: add IS-IS example configuration | Christian Poessinger | |
2021-03-20 | smoketest: config: evpn: move NTP into MGMT vrf | Christian Poessinger | |
Within this example a MGMT VRF is used to administer the system, thus also move the NTP portion into that VRF. | |||
2021-03-15 | smoketest: config: add BGP EVPN spine/leaf configurations | Christian Poessinger | |