From 08aed634b4bf3893a0c84d93e3df48e1230a3ac2 Mon Sep 17 00:00:00 2001 From: rebortg <24626486+rebortg@users.noreply.github.com> Date: Mon, 22 Apr 2024 06:06:10 +0000 Subject: Github: update current branch --- docs/_include/vyos-1x | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/_include') diff --git a/docs/_include/vyos-1x b/docs/_include/vyos-1x index 8f778f98..2208c846 160000 --- a/docs/_include/vyos-1x +++ b/docs/_include/vyos-1x @@ -1 +1 @@ -Subproject commit 8f778f989d8fed30eec0a95d5b1fbb67594c67df +Subproject commit 2208c846d6bffeecac99afa7ebc3eda5c467aebc -- cgit v1.2.3 From e5a51412f1e8f459e8564e05171161fe7b3d015a Mon Sep 17 00:00:00 2001 From: rebortg <24626486+rebortg@users.noreply.github.com> Date: Mon, 29 Apr 2024 06:05:51 +0000 Subject: Github: update current branch --- docs/_include/vyos-1x | 2 +- docs/changelog/1.3.rst | 12 ++++++++++++ docs/changelog/1.4.rst | 40 ++++++++++++++++++++++++++++++++++------ docs/changelog/1.5.rst | 45 ++++++++++++++++++++++++++++++++++++++------- 4 files changed, 85 insertions(+), 14 deletions(-) (limited to 'docs/_include') diff --git a/docs/_include/vyos-1x b/docs/_include/vyos-1x index 2208c846..f980f8b8 160000 --- a/docs/_include/vyos-1x +++ b/docs/_include/vyos-1x @@ -1 +1 @@ -Subproject commit 2208c846d6bffeecac99afa7ebc3eda5c467aebc +Subproject commit f980f8b8010a9681c387d47c476254c89b0c4a25 diff --git a/docs/changelog/1.3.rst b/docs/changelog/1.3.rst index 97874b7b..dc1b4620 100644 --- a/docs/changelog/1.3.rst +++ b/docs/changelog/1.3.rst @@ -8,6 +8,18 @@ _ext/releasenotes.py +2024-04-25 +========== + +* :vytask:`T6249` ``(default): ISO builder fails because of changed buster-backport repository`` + + +2024-04-23 +========== + +* :vytask:`T6261` ``(default): Typo in op_mode connect_disconnect print statement for check_ppp_running`` + + 2024-04-17 ========== diff --git a/docs/changelog/1.4.rst b/docs/changelog/1.4.rst index a92eda45..0ad129e1 100644 --- a/docs/changelog/1.4.rst +++ b/docs/changelog/1.4.rst @@ -8,6 +8,40 @@ _ext/releasenotes.py +2024-04-25 +========== + +* :vytask:`T6263` ``(bug): Multicast: Could not commit multicast config with multicast join group using source-address`` +* :vytask:`T5833` ``(bug): Not all AFIs compatible with VRF`` + + +2024-04-24 +========== + +* :vytask:`T6255` ``(bug): Static table description should not contain white-space`` +* :vytask:`T6226` ``(feature): add HAPROXY `tcp-request content accept` related block to load-balancing reverse proxy config`` +* :vytask:`T6109` ``(bug): remote syslog do not get all the logs`` +* :vytask:`T6217` ``(feature): VRRP contrack-sync script change name of the logger`` +* :vytask:`T6244` ``(feature): Spacing of "Show System Uptime" hard to parse`` + + +2024-04-23 +========== + +* :vytask:`T6260` ``(bug): image-tools: remove failed image directory if 'No space left on device' error`` +* :vytask:`T6261` ``(default): Typo in op_mode connect_disconnect print statement for check_ppp_running`` +* :vytask:`T6237` ``(feature): IPSec remote access VPN: ability to set EAP ID of clients`` + + +2024-04-22 +========== + +* :vytask:`T5996` ``(bug): unescape backslashes for config save, compare commands`` +* :vytask:`T6103` ``(bug): DHCP-server bootfile-name double slash syntax weird behaviour`` +* :vytask:`T6080` ``(default): Default NTP server settings`` +* :vytask:`T5986` ``(bug): Container: Error on commit when environment variable value contains \n line break`` + + 2024-04-21 ========== @@ -30,12 +64,6 @@ * :vytask:`T6242` ``(feature): Loadbalancer reverse-proxy: SSL backend skip CA certificate verification`` -2024-04-18 -========== - -* :vytask:`T6245` ``(bug): Show openvpn server fails sometime`` - - 2024-04-17 ========== diff --git a/docs/changelog/1.5.rst b/docs/changelog/1.5.rst index ce3dfff9..94d7b9ab 100644 --- a/docs/changelog/1.5.rst +++ b/docs/changelog/1.5.rst @@ -8,6 +8,44 @@ _ext/releasenotes.py +2024-04-26 +========== + +* :vytask:`T6259` ``(feature): PKI: Support RFC822 (email) names in SAN`` + + +2024-04-25 +========== + +* :vytask:`T6263` ``(bug): Multicast: Could not commit multicast config with multicast join group using source-address`` +* :vytask:`T5833` ``(bug): Not all AFIs compatible with VRF`` + + +2024-04-24 +========== + +* :vytask:`T6255` ``(bug): Static table description should not contain white-space`` +* :vytask:`T6226` ``(feature): add HAPROXY `tcp-request content accept` related block to load-balancing reverse proxy config`` +* :vytask:`T6109` ``(bug): remote syslog do not get all the logs`` +* :vytask:`T6262` ``(default): Update the boot splash for VyOS 1.5 ISO`` +* :vytask:`T6217` ``(feature): VRRP contrack-sync script change name of the logger`` +* :vytask:`T6244` ``(feature): Spacing of "Show System Uptime" hard to parse`` + + +2024-04-23 +========== + +* :vytask:`T6260` ``(bug): image-tools: remove failed image directory if 'No space left on device' error`` +* :vytask:`T6261` ``(default): Typo in op_mode connect_disconnect print statement for check_ppp_running`` +* :vytask:`T6237` ``(feature): IPSec remote access VPN: ability to set EAP ID of clients`` + + +2024-04-22 +========== + +* :vytask:`T5996` ``(bug): unescape backslashes for config save, compare commands`` + + 2024-04-21 ========== @@ -30,12 +68,6 @@ * :vytask:`T6242` ``(feature): Loadbalancer reverse-proxy: SSL backend skip CA certificate verification`` -2024-04-18 -========== - -* :vytask:`T6245` ``(bug): Show openvpn server fails sometime`` - - 2024-04-17 ========== @@ -104,7 +136,6 @@ * :vytask:`T6106` ``(bug): Valid commit error for route-reflector-client option defined in peer-group`` * :vytask:`T5750` ``(bug): Upgrade from 1.3.4 to 1.4 Rolling fails QoS`` * :vytask:`T5740` ``(bug): Generate wiregurad keys via HTTP-API fails`` -* :vytask:`T6206` ``(bug): L2tp smoketest fails if vyos-configd is running`` * :vytask:`T5858` ``(bug): Show conntrack statistics formatting is all over the place`` -- cgit v1.2.3 From 0ac48851041f43656e08988b2d33fe8eb93da28f Mon Sep 17 00:00:00 2001 From: Christian Breunig Date: Sat, 11 May 2024 14:34:49 +0200 Subject: evpn: T6306: add multihoming documentation --- docs/_include/interface-evpn-uplink.txt | 11 +++++++ docs/configuration/interfaces/bonding.rst | 49 +++++++++++++++++++++++++++++- docs/configuration/interfaces/ethernet.rst | 9 +++++- 3 files changed, 67 insertions(+), 2 deletions(-) create mode 100644 docs/_include/interface-evpn-uplink.txt (limited to 'docs/_include') diff --git a/docs/_include/interface-evpn-uplink.txt b/docs/_include/interface-evpn-uplink.txt new file mode 100644 index 00000000..3495361d --- /dev/null +++ b/docs/_include/interface-evpn-uplink.txt @@ -0,0 +1,11 @@ +.. cfgcmd:: set interfaces {{ var0 }} evpn uplink + + When all the underlay links go down the PE no longer has access + to the VxLAN +overlay. To prevent blackholing of traffic the + server/ES links are protodowned on the PE. + + A link can be setup for uplink tracking via the following example: + + .. code-block:: none + + set interfaces {{ var0 }} {{ var1 }} evpn uplink diff --git a/docs/configuration/interfaces/bonding.rst b/docs/configuration/interfaces/bonding.rst index 3c8ebd0d..dfc5fab9 100644 --- a/docs/configuration/interfaces/bonding.rst +++ b/docs/configuration/interfaces/bonding.rst @@ -286,6 +286,54 @@ Port Mirror (SPAN) :var1: bond1 :var2: eth3 +EVPN Multihoming +---------------- + +All-Active Multihoming is used for redundancy and load sharing. Servers are +attached to two or more PEs and the links are bonded (link-aggregation). +This group of server links is referred to as an :abbr:`ES (Ethernet Segment)`. + +An Ethernet Segment can be configured by specifying a system-MAC and a local +discriminator or a complete ESINAME against the bond interface on the PE. + +.. cfgcmd:: set interfaces bonding evpn es-id <<1-16777215|10-byte ID> +.. cfgcmd:: set interfaces bonding evpn es-sys-mac + + The sys-mac and local discriminator are used for generating a 10-byte, Type-3 + Ethernet Segment ID. ESINAME is a 10-byte, Type-0 Ethernet Segment ID - + "00:AA:BB:CC:DD:EE:FF:GG:HH:II". + + Type-1 (EAD-per-ES and EAD-per-EVI) routes are used to advertise the locally + attached ESs and to learn off remote ESs in the network. Local Type-2/MAC-IP + routes are also advertised with a destination ESI allowing for MAC-IP syncing + between Ethernet Segment peers. Reference: RFC 7432, RFC 8365 + + EVPN-MH is intended as a replacement for MLAG or Anycast VTEPs. In multihoming + each PE has an unique VTEP address which requires the introduction of a new + dataplane construct, MAC-ECMP. Here a MAC/FDB entry can point to a list of + remote PEs/VTEPs. + +.. cfgcmd:: set interfaces bonding evpn es-df-pref <1-65535> + + Type-4 (ESR) routes are used for Designated Forwarder (DF) election. + DFs forward BUM traffic received via the overlay network. This + implementation uses a preference based DF election specified by + draft-ietf-bess-evpn-pref-df. + + The DF preference is configurable per-ES. + + BUM traffic is rxed via the overlay by all PEs attached to a server but + only the DF can forward the de-capsulated traffic to the access port. + To accommodate that non-DF filters are installed in the dataplane to drop + the traffic. + + Similarly traffic received from ES peers via the overlay cannot be forwarded + to the server. This is split-horizon-filtering with local bias. + +.. cmdinclude:: /_include/interface-evpn-uplink.txt + :var0: bonding + :var1: bond0 + ******* Example ******* @@ -590,4 +638,3 @@ Operation Partner Churn State: churned Actor Churned Count: 1 Partner Churned Count: 1 - diff --git a/docs/configuration/interfaces/ethernet.rst b/docs/configuration/interfaces/ethernet.rst index a1151fd4..dd524035 100644 --- a/docs/configuration/interfaces/ethernet.rst +++ b/docs/configuration/interfaces/ethernet.rst @@ -118,6 +118,14 @@ Authentication (EAPoL) :var0: ethernet :var1: eth0 +EVPN Multihoming +---------------- + +Uplink/Core tracking. + +.. cmdinclude:: /_include/interface-evpn-uplink.txt + :var0: ethernet + :var1: eth0 VLAN ==== @@ -289,4 +297,3 @@ Operation Date code : 0506xx .. stop_vyoslinter - -- cgit v1.2.3