summaryrefslogtreecommitdiff
path: root/smoketest/configs
AgeCommit message (Collapse)Author
2022-06-29openvpn: T4485: Update PKI migrator to handle full CA chain migrationsarthurdev
* Also determines and maps to correct CA for migrated CRL
2022-05-31smoketest: policy: T3976: add migratable config snippetChristian Poessinger
2022-05-25configtest: T4382: no migration to 'bgp local-as' under vrfJohn Estabrook
The migration script bgp/0-to-1 did not address 'protocols bgp ASN' -> 'protocols bgp local-as ASN' under a vrf. Move to configs.no-load for review on extending/adding a migration script.
2022-05-25configtest: T4382: missing block in migration script vrf/0-to-1John Estabrook
The config vrf-basic reveals a missing block in the migration script vrf/0-to-1, moving 'next-hop-vrf' to 'vrf'. As this only exists in Sagitta, modify script 0-to-1. Also, fix the 'system nt' typo seen in vrf-ospf.
2022-05-25configtest: T4382: inconsistent ipsec component versionJohn Estabrook
The pki-ipsec sagitta-era config contains 'vpn ipsec ipsec-interfaces interface eth0' with ipsec component version ipsec@6, however, this construction is successfully moved by migration script ipsec/5-to-6. Consequently, this must have been an error in translation of the config file. Note that this is unrelated to the corrected error regarding an empty 'ipsec-interfaces' node. Move config to configs.no-load for review.
2022-05-25configtest: T4382: bgp_small_as has a nonsensical entryJohn Estabrook
bgp_small_as contains set commands such as: 'protocols static route 10.0.0.0/8 MY-NAS distance 254' which would appear to have no meaning, in any VyOS version. Move to config.no-load for analysis.
2022-05-25configtest: T4382: 'nat ... log' takes no 'enable' argumentJohn Estabrook
The component version in bgp-dmvpn-spoke is nat@5, however, 4-to-5 removes the boolean argument. It is confirmed that the migration script works correctly, hence, it must be a typo in translation; remove argument 'enable'.
2022-05-25configtest: T4382: system@20 cannot have 'user level' (16-to-17)John Estabrook
The config file isis-small has system@20, but 'user level' which was migrated in system/16-to-17; remove the line in the config, as there is no problem with the migration script in question.
2022-05-25configtest: T4382: remove typoJohn Estabrook
This is a typo in vrf-ospf: 'system nt' on the line before 'system ntp'.
2022-05-05smoketest: do not auto-load big firewall config on smoketestChristian Poessinger
This takes a very long time, but keep the config for manual runs
2022-05-05policy: T4414: add support for route-map "as-path prepend last-as x"Christian Poessinger
2022-04-30smoketest: import large firewall config from T1230Christian Poessinger
2022-04-29smoketest: add basic QoS configurationChristian Poessinger
2022-04-28arp: T4397: change CLI syntax to support interface and VRF bound ARP entriesChristian Poessinger
* set protocols static arp interface eth0 address 192.0.2.1 mac 01:23:45:67:89:01
2022-04-25smoketest: config: T4397: add ARP entries for a second interfaceChristian Poessinger
2022-04-25smoketest: config: T4397: add some static ARP entriesChristian Poessinger
2022-04-07ipv6: T4346: delete (migrate) CLI command to disable IPv6 address familyChristian Poessinger
2022-04-06firewall: T4345: Fix incorrect rule limit rate syntaxsarthurdev
2022-03-06smoketest: config: add "recent" firewall rule to dialup-routerChristian Poessinger
2022-02-28ssh: T4273: bugfix cipher and key-exchange multi nodesChristian Poessinger
After hardning the regex validator to be preceeded with ^ and ending with $ it was no longer possible to have a comma separated list as SSH ciphers. The migrations cript is altered to migrate the previous comma separated list to individual multi node entries - cipher and key-exchange always had been multinodes - so this just re-arranges some values and does not break CLI compatibility
2022-01-17firewall: policy: T4178: Migrate and refactor tcp flagssarthurdev
* Add support for ECN and CWR flags
2022-01-11policy: T2199: Refactor policy route script for better error handlingsarthurdev
* Migrates all policy route references from `ipv6-route` to `route6` * Update test config `dialup-router-medium-vpn` to test migration of `ipv6-route` to `route6`
2021-12-25flow-accounting: T4105: drop "sflow agent-address auto"Christian Poessinger
The implementation of the "auto" option to specify the sflow/netflow agent-address is very error prone. The current implementation will determine the IP address used for the "auto" value as follow: Get BGP router-id 1) If not found use OSPF router-id 2) If not found use OSPFv3 router-id 3) If not found use "the first IP address found on the system Well, what is the "first IP address found"? Also this changes if DHCP is in use. Also another disadvantage is when the BGP/OSPF/OSPFv3 router-id is changed, the agent-address is not updated upon the next reboot of the system. This task is about removing the "auto" keyword from the CLI at all and make it either entirely configurable by the user and hardcode the value in CLI, or not use this at all. If "auto" is specified we will query the system in the above order and set the proper router-id in the CLI. If none can be found the CLI node is removed.
2021-10-31smoketest: config: add DMVPN hub and spoke examplesChristian Poessinger
2021-10-22tunnel: T3925: fix configtest - source-interface does not work with gretapChristian Poessinger
2021-10-21tunnel: T3925: dhcp-interface was of no use - use source-interface insteadChristian Poessinger
(cherry picked from commit c1015d8ce0013719eb898b60b14ffec192b8141c)
2021-10-05smoketest: bgp: T3741: bugfix invalid IP address (missing prefix size)Christian Poessinger
2021-10-04bgp: T3741: "parameter default no-ipv4-unicast" is now a default optionChristian Poessinger
2021-09-06smoketest: config: add DHCP name-server to dialup-router-medium-vpn configChristian Poessinger
T3804 changed how DHCP servers from DHCP interfaces are read in and passed to the system. The config migrator is tested with this addition.
2021-08-26smoketest: config: drop empty newline at EOF for "isis-small" testChristian Poessinger
2021-07-26smoketest: config: azure: also utilize "default-esp-group" featureChristian Poessinger
2021-07-22ipsec: T2816: remove "auto-update" CLI optionChristian Poessinger
Update/refresh of DNS records is now handled internally by Strongswan.
2021-07-22pki: https: T3642: Migrate HTTPS to use PKI configurationsarthurdev
2021-07-20pki: sstp: T3642: Migrate SSTP to PKI configurationsarthurdev
2021-07-20pki: openconnect: T3642: Migrate OpenConnect SSL to PKI configurationsarthurdev
2021-07-15pki: ipsec: l2tp: T2816: T3642: Move IPSec/L2TP code into vpn_ipsec.py and ↵sarthurdev
update to use PKI.
2021-07-07pki: T3642: Migrate rsa-keys to PKI configurationsarthurdev
2021-06-29pki: ipsec: T3642: Migrate IPSec to use PKI configurationsarthurdev
2021-06-17policy: T3631: migrate "set extcommunity-rt|soo" to "set extcommunity rt|soo"Christian Poessinger
migrate "set extcommunity-rt" and "set extcommunity-soo" to "set extcommunity rt|soo" to match FRR syntax. This also makes it easier to implement the "bandwidth" extended community.
2021-05-20smoketest: config: sysctl: T3565: add migratable configurationChristian Poessinger
2021-05-06smoketest: configs: azure: convert from DOS to UNIX line endingsChristian Poessinger
2021-05-05Revert "smoketest: config: bgp: remove graceful-restart option due to ↵Christian Poessinger
frr-reload bug" This reverts commit 49cfd4e0c56a8b7a85128bfdb4a4e19157137129.
2021-04-10smoketest: configs: add bgp l3vpn evpn PE configurationChristian Poessinger
2021-04-10smoketest: configs: rename BGP related test configsChristian Poessinger
2021-04-05smoketest: config: tunnel-broker: adjust l2tpv3 local/remote addressesChristian Poessinger
For L2TPv3 to properly work there must be a routing entry present for the remote side of the tunnel, or use a directly connected subnet.
2021-04-05smoketest: config: evpn-leaf: set 1500 byte mtu on vxlan interfaceChristian Poessinger
RFC7348 recommends VXLAN tunnels preserve a 1500 byte MTU.
2021-04-05smoketest: config: bgp: remove graceful-restart option due to frr-reload bugChristian Poessinger
When loading a configuration for BGP that contains the graceful-restart options, the frr-reload script will not return 0, but the config is accepted. This is a false positive, and related to https://github.com/FRRouting/frr/issues/8403
2021-03-21smoketest: config: add IS-IS example configurationChristian Poessinger
2021-03-20smoketest: config: evpn: move NTP into MGMT vrfChristian Poessinger
Within this example a MGMT VRF is used to administer the system, thus also move the NTP portion into that VRF.
2021-03-15smoketest: config: add BGP EVPN spine/leaf configurationsChristian Poessinger