Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-08-24 | smoketest: bgp: T4634: validate "disable-connected-check" option | Christian Poessinger | |
2022-08-22 | bridge: T4632: vlan aware bridge lacks CPU forwarding | Christian Poessinger | |
The VLAN aware bridge was forwarding traffic between member ports, but traffic destined torwards the CPU was dropped. This resulted in a gateway not reachable or DHCP leases that could not be handed out. Tested via: VyOS set interfaces bridge br0 enable-vlan set interfaces bridge br0 member interface eth1 allowed-vlan '10' set interfaces bridge br0 member interface eth1 allowed-vlan '20' set interfaces bridge br0 member interface eth1 allowed-vlan '30' set interfaces bridge br0 member interface eth1 allowed-vlan '40' set interfaces bridge br0 member interface eth1 native-vlan '40' set interfaces bridge br0 member interface eth2 allowed-vlan '30' set interfaces bridge br0 member interface eth2 allowed-vlan '20' set interfaces bridge br0 member interface eth2 allowed-vlan '10' set interfaces bridge br0 member interface eth2 allowed-vlan '40' set interfaces bridge br0 vif 10 address '10.0.10.1/24' set interfaces bridge br0 vif 20 address '10.0.20.1/24' set interfaces bridge br0 vif 30 address '10.0.30.1/24' set interfaces bridge br0 vif 40 address '10.0.40.1/24' Arista vEOS vlan 10,20,30,40 interface Ethernet1 switchport trunk allowed vlan 10,20,30,40 interface Vlan10 ip address 10.0.10.2/24 interface Vlan20 ip address 10.0.20.2/24 interface Vlan30 ip address 10.0.30.2/24 interface Vlan40 ip address 10.0.40.2/24 interface Ethernet1 switchport trunk allowed vlan 10,20,30,40 switchport mode trunk spanning-tree portfast Cisco vIOS interface GigabitEthernet0/0 ip address 10.0.40.3 255.255.255.0 duplex auto speed auto media-type rj45 ! interface GigabitEthernet0/0.10 encapsulation dot1Q 10 ip address 10.0.10.3 255.255.255.0 ! interface GigabitEthernet0/0.20 encapsulation dot1Q 20 ip address 10.0.20.3 255.255.255.0 ! interface GigabitEthernet0/0.30 encapsulation dot1Q 30 ip address 10.0.30.3 255.255.255.0 ! | |||
2022-08-15 | ocserv: openconnect: T4614: add support for split-dns | Christian Poessinger | |
set vpn openconnect network-settings split-dns <domain> | |||
2022-08-15 | smoketest: ocserv: implement config file validation | Christian Poessinger | |
2022-08-05 | nat66: T4598: Add exclude options in nat66 | Nicolas Fort | |
2022-08-05 | bgp: T4257: bugfixes after renaming "local-as" to "system-as" | Christian Poessinger | |
2022-08-04 | Merge https://github.com/Cheeze-It/vyos-1x into current | Christian Poessinger | |
* https://github.com/Cheeze-It/vyos-1x: bgp: T4257: Changing BGP "local-as" to "system-as" | |||
2022-08-04 | smoketest: macsec: T4537: validate macsec_csindex for both AES-GCM-128 and ↵ | Christian Poessinger | |
AES-GCM-256 | |||
2022-08-04 | smoketest: macsec: T4537: verify macsec_csindex | Christian Poessinger | |
2022-08-03 | Merge pull request #1369 from nicolas-fort/T4480 | Daniil Baturin | |
T4480: webproxy: Add safe-ports and ssl-safe-ports for acl squid config | |||
2022-07-31 | smoketest: bridge: T4565: changes to lower interfaces must not destroy VLAN ↵ | Christian Poessinger | |
aware bridge | |||
2022-07-30 | bgp: T4257: Changing BGP "local-as" to "system-as" | Cheeze_It | |
bgp: T4257: Changing BGP "local-as" to "system-as" This change is to change the global BGP name for the node "local-as" to "system-as" This is needed so that there's less ambiguity with the local-as feature per neighbor. bgp: T4257: Changing BGP "local-as" to "system-as" bgp: T4257: Changing BGP "local-as" to "system-as" This change is to change the global BGP name for the node "local-as" to "system-as" This is needed so that there's less ambiguity with the local-as feature per neighbor. | |||
2022-07-25 | bgp: T4560: neighbor/peer-group local-as option is only allowed for eBGP | Christian Poessinger | |
2022-07-25 | fastnetmon: T4556: Allow configure white_list_path and populate with ↵ | Adrian Almenar | |
hosts/networks that should be ignored. | |||
2022-07-24 | graphql: T3993: add smoketest for GraphQL key authorization | John Estabrook | |
2022-07-22 | smoketest: router-advert: T4550: test deprecate-prefix & decrement-lifetime ↵ | Christian Poessinger | |
CLI option | |||
2022-07-22 | smoketest: router-advert: use setUpClass() | Christian Poessinger | |
2022-07-21 | smoketest: fastnetmon: T4555: add IPv6 support | Christian Poessinger | |
2022-07-21 | fastnetmon: T2659: move configuration files to /run | Christian Poessinger | |
2022-07-21 | fastnetmon: T4555: add IPv6 support | Christian Poessinger | |
2022-07-20 | T4480:webproxy: Add safe-ports and ssl-safe-ports for acel squid config -- ↵ | Nicolas Fort | |
Fix conflicts | |||
2022-07-19 | smoketest: telegraf: use generic service availability check | Christian Poessinger | |
2022-07-15 | smoketest: component_version: print details on failure | John Estabrook | |
2022-07-15 | smoketest: T4532: Update smoketest flow-accounting | Viacheslav Hletenko | |
2022-07-11 | smoketest: bridge: also test QinQ bridge member interfaces | Christian Poessinger | |
2022-07-10 | bond: T4522: add ability to specify mii monitor interval via CLI | Christian Poessinger | |
Linux Kernel supports to specify the MII link monitoring frequency in milliseconds. This determines how often the link state of each slave is inspected for link failures. A value of zero disables MII link monitoring. A value of 100 is a good starting point. The default value is 100. set interfaces bonding bond0 mii-mon-interval <n> | |||
2022-07-10 | smoketest: bond: remove second instance of layer2+3 hash-policy test | Christian Poessinger | |
2022-07-10 | smoketest: bond: add testcase for conflicting bridge member | Christian Poessinger | |
A bond member can not also be used as a member of a bridge interface. | |||
2022-07-10 | smoketest: bond: add testcase for source-interface re-use | Christian Poessinger | |
A bond member is not allowed to also be used as a source interface for e.g. PPPoE or MACsec. | |||
2022-07-09 | ip: T4517: drop forwarding from CLI "system ip ↵ | Christian Poessinger | |
disable-directed-broadcast-forwarding" | |||
2022-07-09 | ip: T4517: add option to enable directed broadcast forwarding | Yuxiang Zhu | |
Directed broadcast is described in rfc1812#section-5.3.5.2 and rfc2644. By default Linux kernel doesn't forward directed broadcast packets unless both of `/proc/sys/net/ipv4/conf/all/bc_forwarding` and `/proc/sys/net/ipv4/conf/$iface/bc_forwarding` are set to 1. | |||
2022-07-07 | smoketest: T4411: Add influxdb node | Viacheslav Hletenko | |
2022-07-07 | smoketest: dns: T4509: use dedicated 6to4 testcase | Christian Poessinger | |
2022-07-07 | smoketest: dns: forwarding: use setUpClass() | Christian Poessinger | |
2022-07-05 | Merge pull request #1389 from sever-sever/T4509 | Christian Poessinger | |
dns: T4509: Add dns64-prefix option | |||
2022-07-05 | dns: T4509: Add dns64-prefix option | Viacheslav Hletenko | |
rfc6147: DNS Extensions for Network Address Translation from IPv6 Clients to IPv4 Servers set service dns forwarding dns64-prefix 2001:db8:aabb::/96 | |||
2022-07-04 | Merge pull request #1386 from sarthurdev/geoip_negate | Christian Poessinger | |
firewall: T4299: Add ability to inverse match country-codes | |||
2022-07-04 | firewall: T4299: Add ability to inverse match country codes | sarthurdev | |
2022-07-04 | ntp: T4456: support listening on specified interface | Christian Poessinger | |
When clients only use DHCP for interface addressing we can not bind NTPd to an address - as it will fail if the address changes. This commit adds support to bind ntpd to a given interface in addition to a given address. set system ntp interface <name> | |||
2022-07-04 | smoketest: bridge: T4498: add IGMP testcase | Christian Poessinger | |
2022-07-01 | smoketest: T2455: add interface smoketests | Christian Poessinger | |
2022-06-29 | router-advert: T4477: support RDNSS lifetime option | Christian Poessinger | |
set service router-advert interface eth0 name-server-lifetime <value> | |||
2022-06-22 | Policy: T4475: add support for matching ipv6 addresses on peer option in ↵ | Nicolas Fort | |
route-map | |||
2022-06-16 | smoketest: policy: T4467: validate relative route-map metric | Christian Poessinger | |
2022-06-14 | firewall: T970: Use set prefix to domain groups | sarthurdev | |
2022-06-14 | firewall: T4147: Use named sets for firewall groups | sarthurdev | |
* Refactor nftables clean-up code * Adds policy route test for using firewall groups | |||
2022-06-10 | Merge pull request #1356 from sarthurdev/nested_groups | Christian Poessinger | |
firewall: T478: Add support for nesting groups | |||
2022-06-10 | firewall: T478: Add support for nesting groups | sarthurdev | |
2022-06-10 | Firewall:T4458: Add ttl match option in firewall | Nicolas Fort | |
2022-06-10 | Merge pull request #1322 from nicolas-fort/T3907-fwall-log | Daniil Baturin | |
Firewall: T3907: add log-level options in firewall |