Age | Commit message (Collapse) | Author |
|
WireGuard has been the only subsystem combining a remote ip address and a
remote port number into a single node. This is bad as there is no possiblity
for the XML based input validation for IP address and port numbers.
That's the reason the peer endpoint node goets migrated into a peer address
and a peer port node utilizing the embedded syntax node checking for IP
addresses and port ranges.
|
|
|
|
|
|
... those nodes mean link-mtu advertisement is disabled in radvd and thus we
delete the node completely as it's useless.
|
|
|
|
Instead of letting the user choose between auto and none where auto is default,
it makes more sesne to just offer an option to disable the default behavior.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
vyos@vyos# show interfaces pppoe
pppoe pppoe0 {
default-route force
link eth2.7
mtu 400
name-server auto
password 12345678
user-id vyos@vyos.io
}
|
|
|
|
VLAN interfaces assigned to a bridge as member have not been migrated so far.
This was the case for vif, vif-s and vif-c interfaces. The migration code has
been generalized in migrate_bridge() so it is re-usable for regular interfaces,
vif, vif-s and vif-c interfaces - all now use the same code.
|
|
Adopt RADIUS configuration and harmonize it with the rest of VyOS. Move the
following configuration block:
security {
wpa {
cipher CCMP
mode wpa2
radius-server 172.16.100.10 {
port 1812
secret secretkey
}
radius-server 172.16.100.11 {
port 1812
secret secretkey
}
}
}
to the harmonized version of:
security {
wpa {
cipher CCMP
mode wpa2
radius {
server 172.16.100.10 {
port 1812
secret secretkey
}
server 172.16.100.11 {
port 1812
secret secretkey
}
}
}
}
And add the new "set interfaces wireless wlan0 security wpa radius
source-address" CLI command to specify the origin of any RADIUS query on
systems having multiple IP addresses.
|
|
convert all nodes to lowercase
|
|
Working:
- Wireless modes b, g, n, ac
- WPA/WPA2 psk and RADIUS (tested using Microsoft NPS)
|
|
[OpenVPN]: T1704: Changed config structure for OpenVPN encryption to support ncp-ciphers.
[OpenVPN]: T1704: Added migration scripts for interface 2-to-3
|
|
As in the past during the priority race of the bash script invalid configuration
could appear in the CLI and are de-synced from the kernle state, e.g. some
bonding modes do not support arp_interval.
This is no longer allowed and added to the migration script so that the config
again represents the truth.
|
|
The node 'interfaces ethernet eth0 bond-group' has been changed and
de-nested. Bond members are now configured in the bond interface itself.
set interfaces bonding bond0 member interface eth0
|
|
|
|
Fixes:
Traceback (most recent call last):
File "/opt/vyatta/etc/config-migrate/migrate/interfaces/0-to-1", line 27, in <module>
for br in config.list_nodes(base):
File "/usr/lib/python3/dist-packages/vyos/configtree.py", line 255, in list_nodes
raise ConfigTreeError("Path [{}] doesn't exist".format(path_str))
vyos.configtree.ConfigTreeError: Path [b'interfaces bridge'] doesn't exist
|
|
|
|
This is the new syntax
bridge br0 {
member {
interface eth0 {
cost 10
}
interface eth1 {
cost 11
}
}
}
|