| Age | Commit message (Collapse) | Author |
|---|
|
The previously "global" options actually were only relevant for the local
logging to /var/log/messages.
|
|
|
|
Move "global preserve-fqdn" one CLI level up, as it relates to all logging
targets (console, global and remote).
|
|
|
|
|
|
|
|
T4930: Allow WireGuard peers via DNS hostname
|
|
T6641: Add vyos-network-event-logger Service
|
|
Change some values from the defaults in the used smoketest config for
basic-vyos-no-ntp to make it a litte bit more interesting for the underlaying
config load subsystem.
|
|
An errornous OSPF router-id slipped through in the config load test validation.
|
|
With T3008 we moved from ntpd to chrony. This came with a restructuring of the
CLI (mainly moving ntp out of system to services). In addition the definition
of a server was made mandatory.
The bug itself manifests at a more crucial point - config migration
vyos-router[1265]: Migration script error: /opt/vyatta/etc/config-migrate/migrate/ntp/1-to-2:
[Errno 1] failed to run command: ['/opt/vyatta/etc/config-migrate/migrate/ntp/1-to-2',
'/opt/vyatta/etc/config/config.boot']
vyos-router[1265]: returned: - op: copy old_path: ['system', 'ntp'] new_path: ['service', 'ntp']
vyos-router[1265]: - op: delete path: ['system', 'ntp']
The fix is that we will no longer migrate an empty ntp CLI node from the old
syntax to the new.
|
|
|
|
The service parses and logs network events for improved monitoring and diagnostics.
Supported event types include:
- `RTM_NEWROUTE`, `RTM_DELROUTE`
- `RTM_NEWLINK`, `RTM_DELLINK`
- `RTM_NEWADDR`, `RTM_DELADDR`
- `RTM_NEWNEIGH`, `RTM_DELNEIGH`, `RTM_GETNEIGH`
- `RTM_NEWRULE`, `RTM_DELRULE`
Added operational mode commands for filtered log retrieval:
- `show log network-event <event-type> <interface>`: Retrieve logs filtered by event type and interface.
- `show interfaces <type> <name> event-log <event-type>`: Display interface-specific logs filtered by event type.
|
|
|
|
|
|
T7038: T7039: fix broken RADIUS IPv6 source address and add smoketests
|
|
nhrp: T2326: NHRP migration to FRR
|
|
RADIUS is pretty sensible to its configuration. Instead of manual testing,
extend the smoketest platform to ship a freeradius container and perform logins
against a locally running freeradius server in a container.
|
|
ddclient: T5791: Relocate process params to ExecStart
|
|
NHRP migration to FRR
|
|
Pull up all the global parameters controlling
process behavior to systemd service.
Also remove `syslog=yes`` as it is not needed with
`exec` type service.
|
|
|
|
This complements commit dda428fc4 ("T6841: firewall: migrate existing VRF in
zone based firewall") which provides the new configuration files after CLI
was migrated.
|
|
* smoketest: T7023: unify container image loading
* smoketest: T7023: add tac_plus container to live validate login
TACACS is pretty sensible to its configuration. Instead of manual testing,
extend the smoketest platform to ship a tac_plus container and perform logins
against a locally running tac_plus server in a container.
The login username/password and TACACS shared secret is generated randomly on
the fly for every testcase.
|
|
* smoketest: T6747: call wait after commit() only for FRR related tests
Commit 702a60a8de28 ("smoketest: T6746: wait after commit() until frr-reload
is no longer running") added a guard timeout for every commit executed via CLI
smoketests. This commit changes the bahavior to only add the guard timeout
for FRR related testscases.
This improves the overall smoketest time.
* configd: T6747: use one long-lived instance of FRRender
Previously there was one FRRender() instance per config session. This resulted
in re-rendering the FRR configuration every time a new config session was
created.
Example:
vyos@vyos:~$ configure
vyos@vyos# set interfaces dummy dum0 description foo
vyos@vyos# commit
vyos@vyos# exit
vyos@vyos:~$ configure
vyos@vyos# set interfaces dummy dum0 description bar
vyos@vyos# commit
vyos@vyos# exit
In the past this caused a re-render of the FRR configuration as the delta check
added in commit ec80c75d6776 ("frrender: T6746: only re-render FRR config if
config_dict did change") evaluated to false, as it operated on a new instance
of the FRRender class.
With this change there is no FRR re-render, as there is nothing to update
in FRR.
|
|
ddclient: T5791: Keep ddclient.service in foreground
|
|
Improve config parsing for ZBF when using VRFs and interfaces attached to VRFs
|
|
interfaces attached to VRFs
|
|
|
|
T5791: ddclient: Adjust process handling
|
|
T6994: Add textfile collector config option
|
|
srv6: T6984: add locator format configuration
|
|
|
|
frrender: T6991: do not loose DHCP default route when no static route is defined
|
|
* T6949: adds blackbox exporter
* T6949: adds basic config generation
* T6949: extract shared module config options
* T6949: switch to ipv4/6 literals
* T6949: moves config file to /run
* T6949: adds dns query name option
* T6949: adds dns query type values
* T6949: adds blackbox exporter to debian/control
|
|
The reason is that DHCP routes are not re-generated during FRRrender as long
as there is no protocols static entry in the configuration at all. Move out the
DHCP configuration read-in from the static section.
|
|
|
|
* smoketest: T6746: add substring search in getFRRconfig()
Some daemons (e.g. bgpd) have several nested substrings/sections like
router bgp 100
address-family ipv4 unicast
..
exit-address-family
exit
We can now use getFRRconfig() with the substring option to extract only
address-family ipv4 unicast
..
exit-address-family
Making config validation more granular
* frrender: T6746: only re-render FRR config if config_dict did change
* frrender: T6746: fix naming glitch isis/eigrp
* frrender: T6746: add --stdout option when running with debug flags
* smoketest: T6746: remove unneeded commit_guard time
It was an invalid workarround as the underlaying issue seems to be a race
condition in CStore.
The commit process is not finished until all pending files from
VYATTA_CHANGES_ONLY_DIR are copied to VYATTA_ACTIVE_CONFIGURATION_DIR. This is
done inside libvyatta-cfg1 and the FUSE UnionFS part. On large non-interactive
commits FUSE UnionFS might not replicate the real state in time, leading to
errors when querying the working and effective configuration.
TO BE DELETED AFTER SWITCH TO IN MEMORY CONFIG
|
|
|
|
|
|
|
|
This extends commit c2d84b03d ("T5791: Modify ddclient smoketest for
reliability").
|
|
This extends commit 90e9aa9df ("frr: T6746: add guard time after cli_commit()
and before getFRRconfig()").
|
|
local and remote CA keys
|
|
Currently FRR does not like it if redistribution tests are run last.
|
|
|
|
T6953: merges node and frr exporter under prometheus section
|
|
Instead of checking for the existence of a PID file,
check if the process is running by name.
|
|
|
|
T6934: Add preshared key for zabbix-agent monitoring service
|
