| Age | Commit message (Collapse) | Author |
|---|
|
When configuring
set interfaces bridge br10 member interface eth1
set interfaces bridge br20 member interface eth1
commit
Checking the interface assignment afterwards shows
242: br20: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
link/ether 62:34:3a:8a:fe:49 brd ff:ff:ff:ff:ff:ff
[edit]
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master br20 state UP mode DEFAULT group default qlen 1000
link/ether 00:50:56:b3:cd:ba brd ff:ff:ff:ff:ff:ff
altname enp0s19
altname ens19
The later addition wins and the CLI reports eth1 is assigned to br20 "master
br20". A member interface can not be used multiple times.
|
|
|
|
T5810: Add support for RPKI source ip
|
|
firewall: T7177: Update interface-name constraint to allow "pod-" interface names
|
|
|
|
support pod interfaces from containers
|
|
|
|
bgp: T7163: add CLI route-map and metric support for "redistribute table"
|
|
wlb: T4470: Migrate WAN Load Balancer to XML/Python
|
|
|
|
|
|
* set protocols bgp address-family <ipv4-unicast|ipv6-unicast> redistribute
table <n> [metric <n>] [route-map <name>]
|
|
Re-use existing XML constraint added via commit 8f6246da6 ("xml: T7161: provide
re-usable building block for alternative routing tables") and add handy CLI
completion helper.
FRRouting supports redistribution of multiple non-main tables, thus make this
a multi node in addition, too.
|
|
Fixed 'domain-nocache' command.
Added config generation for this command.
|
|
vyos.ifconfig: T5103: force dhclient restart on VRF change
|
|
Previously the DHCPv6 client was restarted on any change to the interface,
including changes only to the interface description. Re-use pattern from IPv4
DHCP to only restart the DHCP client if necessary.
|
|
|
|
Moving an interface in, out or between VRFs will not re-install the received
default route. This is because the dhclient binary is not restarted in the new
VRF. Dhclient itself will report an error like: "receive_packet failed on
eth0.10: Network is down".
Take the return value of vyos.ifconfig.Interface().set_vrf() into account to
forcefully restart the DHCP client process and optain a proper lease.
|
|
|
|
|
|
Rsyslog supports individual VRFs per omfwd remote entry - so we should support
this, too.
|
|
The previously "global" options actually were only relevant for the local
logging to /var/log/messages.
|
|
|
|
Move "global preserve-fqdn" one CLI level up, as it relates to all logging
targets (console, global and remote).
|
|
|
|
|
|
|
|
T4930: Allow WireGuard peers via DNS hostname
|
|
T6641: Add vyos-network-event-logger Service
|
|
|
|
The service parses and logs network events for improved monitoring and diagnostics.
Supported event types include:
- `RTM_NEWROUTE`, `RTM_DELROUTE`
- `RTM_NEWLINK`, `RTM_DELLINK`
- `RTM_NEWADDR`, `RTM_DELADDR`
- `RTM_NEWNEIGH`, `RTM_DELNEIGH`, `RTM_GETNEIGH`
- `RTM_NEWRULE`, `RTM_DELRULE`
Added operational mode commands for filtered log retrieval:
- `show log network-event <event-type> <interface>`: Retrieve logs filtered by event type and interface.
- `show interfaces <type> <name> event-log <event-type>`: Display interface-specific logs filtered by event type.
|
|
|
|
|
|
T7038: T7039: fix broken RADIUS IPv6 source address and add smoketests
|
|
nhrp: T2326: NHRP migration to FRR
|
|
RADIUS is pretty sensible to its configuration. Instead of manual testing,
extend the smoketest platform to ship a freeradius container and perform logins
against a locally running freeradius server in a container.
|
|
ddclient: T5791: Relocate process params to ExecStart
|
|
NHRP migration to FRR
|
|
Pull up all the global parameters controlling
process behavior to systemd service.
Also remove `syslog=yes`` as it is not needed with
`exec` type service.
|
|
|
|
* smoketest: T7023: unify container image loading
* smoketest: T7023: add tac_plus container to live validate login
TACACS is pretty sensible to its configuration. Instead of manual testing,
extend the smoketest platform to ship a tac_plus container and perform logins
against a locally running tac_plus server in a container.
The login username/password and TACACS shared secret is generated randomly on
the fly for every testcase.
|
|
* smoketest: T6747: call wait after commit() only for FRR related tests
Commit 702a60a8de28 ("smoketest: T6746: wait after commit() until frr-reload
is no longer running") added a guard timeout for every commit executed via CLI
smoketests. This commit changes the bahavior to only add the guard timeout
for FRR related testscases.
This improves the overall smoketest time.
* configd: T6747: use one long-lived instance of FRRender
Previously there was one FRRender() instance per config session. This resulted
in re-rendering the FRR configuration every time a new config session was
created.
Example:
vyos@vyos:~$ configure
vyos@vyos# set interfaces dummy dum0 description foo
vyos@vyos# commit
vyos@vyos# exit
vyos@vyos:~$ configure
vyos@vyos# set interfaces dummy dum0 description bar
vyos@vyos# commit
vyos@vyos# exit
In the past this caused a re-render of the FRR configuration as the delta check
added in commit ec80c75d6776 ("frrender: T6746: only re-render FRR config if
config_dict did change") evaluated to false, as it operated on a new instance
of the FRRender class.
With this change there is no FRR re-render, as there is nothing to update
in FRR.
|
|
ddclient: T5791: Keep ddclient.service in foreground
|
|
Improve config parsing for ZBF when using VRFs and interfaces attached to VRFs
|
|
interfaces attached to VRFs
|
|
|
|
T5791: ddclient: Adjust process handling
|
|
T6994: Add textfile collector config option
|
|
srv6: T6984: add locator format configuration
|
|
|
