From 11149e19ef744a30dcb761d2fcf1aadebed71574 Mon Sep 17 00:00:00 2001 From: Christian Breunig Date: Fri, 11 Aug 2023 22:34:26 +0200 Subject: T5464: ipv6: add support for per-interface dad (duplicate address detection) setting --- docs/_include/interface-ipv6.txt | 32 ++++++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) (limited to 'docs/_include') diff --git a/docs/_include/interface-ipv6.txt b/docs/_include/interface-ipv6.txt index eb60b4e8..0c222d80 100644 --- a/docs/_include/interface-ipv6.txt +++ b/docs/_include/interface-ipv6.txt @@ -67,6 +67,34 @@ .. hint:: MSS value = MTU - 40 (IPv6 header) - 20 (TCP header), resulting in 1432 bytes on a 1492 byte MTU. - - Instead of a numerical MSS value `clamp-mss-to-pmtu` can be used to + + Instead of a numerical MSS value `clamp-mss-to-pmtu` can be used to automatically set the proper value. + +.. cfgcmd:: set interfaces {{ var0 }} {{ var2 }} {{ var3 }} + {{ var5 }} {{ var6 }} ipv6 accept-dad <1-3> + + Whether to accept DAD (Duplicate Address Detection). + + - 0: Disable DAD + - 1: Enable DAD (default) + - 2: Enable DAD, and disable IPv6 operation if MAC-based duplicate link-local address has been found. + + Example: + + .. code-block:: none + + set interfaces {{ var0 }} {{ var1 }} {{ var2 }} {{ var4 }} {{ var5 }} {{ var7 }} ipv6 accept-dad 2 + +.. cfgcmd:: set interfaces {{ var0 }} {{ var2 }} {{ var3 }} + {{ var5 }} {{ var6 }} ipv6 dup-addr-detect-transmits + + The amount of Duplicate Address Detection probes to send. + + Default: 1 + + Example: + + .. code-block:: none + + set interfaces {{ var0 }} {{ var1 }} {{ var2 }} {{ var4 }} {{ var5 }} {{ var7 }} ipv6 dup-addr-detect-transmits 5 -- cgit v1.2.3 From 2c5edb372f0ddce953893b379a990794e1a00520 Mon Sep 17 00:00:00 2001 From: rebortg Date: Mon, 14 Aug 2023 06:05:05 +0000 Subject: Github: update current branch --- docs/_include/vyos-1x | 2 +- docs/changelog/1.3.rst | 12 +++++++ docs/changelog/1.4.rst | 96 ++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 109 insertions(+), 1 deletion(-) (limited to 'docs/_include') diff --git a/docs/_include/vyos-1x b/docs/_include/vyos-1x index 1a44d860..50c0bc7b 160000 --- a/docs/_include/vyos-1x +++ b/docs/_include/vyos-1x @@ -1 +1 @@ -Subproject commit 1a44d8607f715934f2c03f28a9bf547321b26ed8 +Subproject commit 50c0bc7b2582618fe340b0ca2da1087933e0c6be diff --git a/docs/changelog/1.3.rst b/docs/changelog/1.3.rst index 775257d4..313cc144 100644 --- a/docs/changelog/1.3.rst +++ b/docs/changelog/1.3.rst @@ -8,6 +8,18 @@ _ext/releasenotes.py +2023-08-10 +========== + +* :vytask:`T5329` ``(bug): Wireguard interface as GRE tunnel source causes configuration error on boot`` + + +2023-08-06 +========== + +* :vytask:`T3424` ``(default): PPPoE IA-PD doesn't work in VRF`` + + 2023-07-24 ========== diff --git a/docs/changelog/1.4.rst b/docs/changelog/1.4.rst index 9b8ca26a..a388ab4f 100644 --- a/docs/changelog/1.4.rst +++ b/docs/changelog/1.4.rst @@ -8,6 +8,102 @@ _ext/releasenotes.py +2023-08-12 +========== + +* :vytask:`T5467` ``(bug): ospf(v3): removing an interface from the OSPF process does not clear FRR configuration`` + + +2023-08-11 +========== + +* :vytask:`T5465` ``(feature): adjust-mss: config migration fails if applied to a VLAN or Q-in-Q interface`` +* :vytask:`T2665` ``(bug): vyos.xml.defaults for tag nodes`` +* :vytask:`T5434` ``(enhancment): Replace remaining calls of vyos.xml library`` +* :vytask:`T5319` ``(enhancment): Remove remaining workarounds for incorrect defaults`` +* :vytask:`T5464` ``(feature): ipv6: add support for per-interface dad (duplicate address detection) setting`` + + +2023-08-10 +========== + +* :vytask:`T5416` ``(bug): Ignoring "ipsec match-none" for firewall`` +* :vytask:`T5329` ``(bug): Wireguard interface as GRE tunnel source causes configuration error on boot`` + + +2023-08-09 +========== + +* :vytask:`T5452` ``(bug): Uncaught error in generate_cache during vyos-1x build`` +* :vytask:`T5443` ``(enhancment): Add merge_defaults as Config method`` +* :vytask:`T5435` ``(enhancment): Expose utility function for default values at path`` + + +2023-08-07 +========== + +* :vytask:`T5406` ``(bug): "update webproxy blacklists" fails when vrf is being configured`` +* :vytask:`T5302` ``(bug): QoS class with multiple matches generates one filter rule but expects several rules`` +* :vytask:`T5266` ``(bug): QoS- HTB error when match with a dscp parameter for queue-type 'priority'`` +* :vytask:`T5071` ``(bug): QOS-Rewrite: DSCP match missing`` + + +2023-08-06 +========== + +* :vytask:`T5420` ``(feature): nftables - upgrade to latest 1.0.8`` +* :vytask:`T3424` ``(default): PPPoE IA-PD doesn't work in VRF`` +* :vytask:`T5445` ``(feature): dyndns: add possibility to specify update interval (timeout)`` + + +2023-08-05 +========== + +* :vytask:`T5291` ``(bug): vyatta-cfg-cmd-wrapper missing ${vyos_libexec_dir} variable`` +* :vytask:`T5290` ``(bug): Failing commits for SR-IOV interfaces using ixgbevf driver due to change speed/duplex settings`` +* :vytask:`T5439` ``(bug): Upgrade to FRR version 9.0 added new daemons which must be adjusted`` + + +2023-08-04 +========== + +* :vytask:`T5427` ``(bug): Change migration script len arguments checking`` + + +2023-08-03 +========== + +* :vytask:`T5301` ``(bug): NTP: chrony only allows one bind address`` +* :vytask:`T5154` ``(bug): Chrony - multiple listen addresses`` + + +2023-08-02 +========== + +* :vytask:`T5374` ``(feature): Ability to set 24-hour time format`` +* :vytask:`T5350` ``(bug): Confusing warning message when committing VRRP config`` +* :vytask:`T5430` ``(bug): bridge: vxlan interfaces are not listed as bridgable in completion helpers`` +* :vytask:`T5429` ``(bug): vxlan: source-interface is not honored and throws config error`` +* :vytask:`T5415` ``(feature): Upgrade FRR to version 9.0`` +* :vytask:`T5422` ``(feature): Support LXD Agent`` + + +2023-08-01 +========== + +* :vytask:`T5399` ``(bug): "show ntp" fails when vrf is being configured`` +* :vytask:`T5346` ``(bug): MPLS sysctl not persistent for L2TP interfaces`` +* :vytask:`T5343` ``(feature): BGP peer group VPNv4 & VPNv6 Address Family Support`` +* :vytask:`T5339` ``(feature): Geneve interface - option to use IPv4 as inner protocol`` +* :vytask:`T5335` ``(bug): ISIS: error when loading config from file`` + + +2023-07-31 +========== + +* :vytask:`T5421` ``(feature): Add arg to completion helper 'list_interfaces' to filter out vlan subinterfaces`` + + 2023-07-29 ========== -- cgit v1.2.3 From abd405b91e20786409fc5d9e2163940b9bcdfc90 Mon Sep 17 00:00:00 2001 From: Christian Breunig Date: Thu, 17 Aug 2023 22:01:18 +0200 Subject: T5409: add per-client-thread CLI option for wireguard and wireless interfaces --- docs/_include/interface-per-client-thread.txt | 14 ++++++++++++++ docs/configuration/interfaces/wireguard.rst | 4 ++++ docs/configuration/interfaces/wireless.rst | 4 ++++ 3 files changed, 22 insertions(+) create mode 100644 docs/_include/interface-per-client-thread.txt (limited to 'docs/_include') diff --git a/docs/_include/interface-per-client-thread.txt b/docs/_include/interface-per-client-thread.txt new file mode 100644 index 00000000..877be591 --- /dev/null +++ b/docs/_include/interface-per-client-thread.txt @@ -0,0 +1,14 @@ +.. cfgcmd:: set interfaces {{ var0 }} {{ var2 }} {{ var3 }} + {{ var5 }} {{ var6 }} per-client-thread + + Provides a per-device control to enable/disable the threaded mode for + all the NAPI instances of the given network device, without the need for + a device up/down. + + If CLI option is not specified, this feature is disabled. + + Example: + + .. code-block:: none + + set interfaces {{ var0 }} {{ var1 }} {{ var2 }} {{ var4 }} {{ var5 }} {{ var7 }} per-client-thread diff --git a/docs/configuration/interfaces/wireguard.rst b/docs/configuration/interfaces/wireguard.rst index 5eb10fe8..d2916d9f 100644 --- a/docs/configuration/interfaces/wireguard.rst +++ b/docs/configuration/interfaces/wireguard.rst @@ -183,6 +183,10 @@ traffic. The command :opcmd:`show interfaces wireguard wg01 public-key` will then show the public key, which needs to be shared with the peer. +.. cmdinclude:: /_include/interface-per-client-thread.txt + :var0: wireguard + :var1: wg01 + **remote side - commands** .. code-block:: none diff --git a/docs/configuration/interfaces/wireless.rst b/docs/configuration/interfaces/wireless.rst index f45101b5..c321f208 100644 --- a/docs/configuration/interfaces/wireless.rst +++ b/docs/configuration/interfaces/wireless.rst @@ -122,6 +122,10 @@ Wireless options * ``station`` - Connects to another access point * ``monitor`` - Passively monitor all packets on the frequency/channel +.. cmdinclude:: /_include/interface-per-client-thread.txt + :var0: wireless + :var1: wlan0 + PPDU ---- -- cgit v1.2.3 From 6f6b4222d66351ed529a4cc60fc4db18240bd010 Mon Sep 17 00:00:00 2001 From: rebortg Date: Mon, 21 Aug 2023 06:05:11 +0000 Subject: Github: update current branch --- docs/_include/vyos-1x | 2 +- docs/changelog/1.3.rst | 20 ++++++++++++++++++++ docs/changelog/1.4.rst | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 67 insertions(+), 1 deletion(-) (limited to 'docs/_include') diff --git a/docs/_include/vyos-1x b/docs/_include/vyos-1x index 50c0bc7b..ffb798b4 160000 --- a/docs/_include/vyos-1x +++ b/docs/_include/vyos-1x @@ -1 +1 @@ -Subproject commit 50c0bc7b2582618fe340b0ca2da1087933e0c6be +Subproject commit ffb798b4678f3b1bd0a40cc42b1f0477470346dc diff --git a/docs/changelog/1.3.rst b/docs/changelog/1.3.rst index 313cc144..b452274c 100644 --- a/docs/changelog/1.3.rst +++ b/docs/changelog/1.3.rst @@ -8,6 +8,26 @@ _ext/releasenotes.py +2023-08-20 +========== + +* :vytask:`T5470` ``(bug): wlan: can not disable interface if SSID is not configured`` + + +2023-08-17 +========== + +* :vytask:`T5486` ``(bug): Service dns dynamic cannot pass the smoketest`` +* :vytask:`T5223` ``(bug): tunnel key doesn't clear`` + + +2023-08-15 +========== + +* :vytask:`T5273` ``(default): Add op mode commands for displaying certificate details and fingerprints`` +* :vytask:`T5270` ``(default): Make OpenVPN `tls dh-params` optional`` + + 2023-08-10 ========== diff --git a/docs/changelog/1.4.rst b/docs/changelog/1.4.rst index a388ab4f..c654199b 100644 --- a/docs/changelog/1.4.rst +++ b/docs/changelog/1.4.rst @@ -8,6 +8,52 @@ _ext/releasenotes.py +2023-08-20 +========== + +* :vytask:`T5470` ``(bug): wlan: can not disable interface if SSID is not configured`` + + +2023-08-18 +========== + +* :vytask:`T5488` ``(bug): System conntrack ignore does not take any effect`` + + +2023-08-17 +========== + +* :vytask:`T4202` ``(bug): NFT: Zone policies fail to apply when "l2tp+" is in the interface list`` +* :vytask:`T5409` ``(feature): Add 'set interfaces wireguard wgX threaded'`` +* :vytask:`T5476` ``(feature): netplug: replace Perl helper scripts with a Python equivalent`` +* :vytask:`T5223` ``(bug): tunnel key doesn't clear`` +* :vytask:`T5490` ``(feature): login: add missing regex for home direcotry and radius server key`` + + +2023-08-16 +========== + +* :vytask:`T5483` ``(bug): Residual dhcp-server test file causing zabbix-agent smoketest to fail`` + + +2023-08-15 +========== + +* :vytask:`T5293` ``(feature): Support for Floating Rules (Global Firewall-Rules that are automatically applied before all other Zone Rules)`` +* :vytask:`T5273` ``(default): Add op mode commands for displaying certificate details and fingerprints`` +* :vytask:`T5270` ``(default): Make OpenVPN `tls dh-params` optional`` + + +2023-08-14 +========== + +* :vytask:`T5477` ``(bug): op-mode pki.py should use Config for defaults`` +* :vytask:`T5461` ``(feature): Improve rootfs directory variable`` +* :vytask:`T5457` ``(feature): Add environmental variable pointing to current rootfs directory`` +* :vytask:`T5440` ``(bug): Restore pre/postconfig scripts if user deleted them`` +* :vytask:`T5436` ``(bug): vyos-preconfig-bootup.script is missing`` + + 2023-08-12 ========== -- cgit v1.2.3