Age | Commit message (Collapse) | Author |
|
Commit d768aee9 ("ipsec: T1441: Clean up vti-up-down script for XFRM interfaces")
removed a parameter from the updown scripts which is no longer necessary as
XFRM interfaces are superior to VTI interfaces b/c they use dynamic endpoints
by default.
|
|
|
|
|
|
|
|
IPv4 DHCP uses "dns-server" to specify one or more name-servers for a given
pool. In order to use the same CLI syntax this should be renamed to name-server,
which is already the case for DHCPv6.
|
|
vyos@vyos# show service dhcp-server
shared-network-name LAN {
subnet 10.0.0.0/24 {
default-router 10.0.0.1
dns-server 194.145.150.1
lease 88
range 0 {
start 10.0.0.100
stop 10.0.0.200
}
static-route 192.168.10.0/24 {
next-hop 10.0.0.2
}
static-route 192.168.20.0/24 {
router 10.0.0.2
}
}
}
|
|
|
|
The key defaults to 0 and will match any policies which similarly do not have
a lookup key configuration. This means that a vti0 named interface will pull in
all traffic and others will stop working. Thus we simply shift the key by one
to also support a vti0 interface.
|
|
Modify template for squid
Replace old directives to actual
|
|
|
|
This commit also extends the smoketest to verify that the exception for this
error is raised.
|
|
Commit 5f1c1ae4 ("bgp: T3798: add support for neighbor local-as <n> replace-as")
added support for a new CLI option when the local-as is changed for a specified
neighbor or peer-group.
There was an error in the CLI / design as the "replace-as" option can only be
used when "no-prepend" is defined. Thus "no-prepend" became a <node> and
the new "replace-as" leafNode is now a child of "no-prepend".
|
|
|
|
While migrating to get_config_dict() in commit e8a1c291b1 ("login: radius:
T3192: migrate to get_config_dict()") the user-name was not excluded
from mangling (no_tag_node_value_mangle=True).
This resulted in a username "vyos-user" from CLI to be actually created as
"vyos_user" on the system.
This commit also adds respective Smoketests to prevent this in the future.
|
|
Mandatory FRR options for spf-delay-ietf did not get rendered in the Jinja2
template.
|
|
bgp: evpn: T3739: add route-map match support
|
|
Commit 474db49a ("bgp: T3759: "l2vpn evpn" and ipv4/ipv6 safi route-targets
differ") made it possible to specify a whitelist separated list of route-targets,
this is now validated through the smoketests.
|
|
redistributed routes
|
|
Now that the PPPoE interface also makes use of the vyos.ifconfig.interface
class, we need to adjust the smoketests to reflect all those changes.
TODO:
Start a local PPPoE server in a namespace and connect locally for deeper
testing.
|
|
|
|
level
Getting rid of "set firewall options" and move it from:
set firewall options interface ethX adjust-mss 1400
set firewall options interface ethX adjust-mss6 1400
to:
set interfaces ethernet ethX ip adjust-mss 1400
set interfaces ethernet ethX ipv6 adjust-mss 1400
In addition add an extra option called clamp-mss-to-pmtu instead of a value.
|
|
This adds the following new commands:
set protocols bgp address-family ipv4-unicast route-map vpn export foo-map-out
set protocols bgp address-family ipv4-unicast route-map vpn import foo-map-in
set protocols bgp address-family ipv6-unicast route-map vpn export foo-map-out
set protocols bgp address-family ipv6-unicast route-map vpn import foo-map-in
|
|
|
|
|
|
|
|
Add the following new commands:
* set protocols bgp address-family ipv4-unicast route-target vpn both 1.1.1.1:100
* set protocols bgp address-family ipv4-unicast route-target vpn export 1.1.1.1:100
* set protocols bgp address-family ipv4-unicast route-target vpn import 1.1.1.1:100
|
|
Add the following new commands:
* set protocols bgp address-family ipv4-unicast rd vpn export
* set protocols bgp address-family ipv6-unicast rd vpn export
|
|
Add the following new commands:
* set protocols bgp address-family ipv4-unicast label vpn export (auto | 0-1048575)
* set protocols bgp address-family ipv6-unicast label vpn export (auto | 0-1048575)
|
|
... minor change to speed-up test time
|
|
... minor change to speed-up test time
|
|
|
|
|
|
|
|
smoketest: conntrack: Update smoketests for new conntrack modules syntax
|
|
|
|
|
|
|
|
|
|
pbr: T3702: Add rules match fwmark
|
|
This completes commit e7d841d285 ("smoketest: shim: remove superfluous sleep()
in getFRRconfig()").
|
|
The sleep was intended to handle a FRR issue where the config was/is somehow
now available in vtysh even with the commit was done. This rather feels
like a race-condition and is fixed in the subsequent commit.
|
|
FRR 7.5.1 supports:
vyos(config-route-map)# match evpn
default-route default EVPN type-5 route
rd Route Distinguisher
route-type Match route-type
vni Match VNI
This commit adds a proper VyOS CLI abstraction.
|
|
|
|
see: https://github.com/FRRouting/frr/issues/7978
|
|
|
|
bgp: T1176: Add solo option for neighbor
|
|
|
|
|
|
(cherry picked from commit 7292631373ea50f9908796ef2eda32e672d1df2e)
|
|
|