1.4 Sagitta

2022-08-04

  • T4257 (feature): Discussion on changing BGP autonomous system number syntax

2022-08-02

  • T4585 (feature): Rewrite op-mode containers to vyos.opmode

  • T4515 (default): Reduce telegraf binary size

2022-08-01

  • T4581 (bug): ‘show system cpu’ not working

  • T4578 (feature): Rewrite show dns forwarding statistics to new format

2022-07-31

  • T4580 (bug): Handle the case of op-mode file names with hyphens in GraphQL schema/resolver generation

2022-07-30

  • T4575 (feature): vyos.utill add new wrapper “rc_cmd” to get the return code and output

  • T4562 (feature): Rewrite show vrf to new format

  • T4545 (feature): Rewrite show nat source rules

  • T4543 (bug): Show source nat statistics shows incorrect interface

  • T4503 (default): Prevent op mode scripts from restarting services if there’s a commit in progress

  • T4411 (feature): Add migration for service monitoring telegraf influxdb

2022-07-29

  • T4554 (enhancment): Implement GraphQL resolvers for standardized op-mode scripts

  • T4518 (feature): Add XML for CLI conf mode load-balancing wan

  • T4544 (enhancment): Generate schema definitions from standardized op-mode scripts

2022-07-28

  • T4531 (bug): NAT op-mode errors with exclude rules

  • T3435 (bug): NAT rules show corruption

2022-07-27

  • T4571 (bug): Sflow with vrf configured does not use vrf to validate agent-address IP from vrf-configured interfaces

  • T4552 (bug): Unable to reset IPsec IPv6 peer

2022-07-26

  • T4568 (bug): show vpn debug peer doesn’t work

  • T4556 (feature): fastnetmon: Allow configure white_list_path and populate with hosts/networks that should be ignored.

  • T4495 (feature): Combine BGP reset op commands

2022-07-25

  • T4567 (default): Merge experimental branch of GraphQL development

  • T4560 (bug): VRF and BGP neighbor local-as error

  • T4493 (bug): Incorrect help for “show bgp neighbors”

  • T1233 (bug): ipsec vpn sa showing down

2022-07-22

  • T4145 (bug): Conntrack table not showing after firewall rewriting

2022-07-21

  • T4555 (feature): fastnetmon: add IPv6 support

  • T4553 (default): Allow to set ban time on ddos-protection configuration

2022-07-20

  • T4056 (bug): Traffic policy not set in live configuration

2022-07-18

  • T4523 (feature): OP-mode Extend conntrack output to get marks, zones and directions

  • T4228 (bug): bond: OS error thrown when two bonds use the same member

  • T4539 (feature): qat: update Intel QuickAssist release version 1.7.L.4.16.0-00017

  • T4534 (bug): bond: bridge: error out if member interface is assigned to a VRF instance

  • T4525 (bug): Delete interface from VRF and add it to bonding error

  • T4522 (feature): bond: add ability to specify mii monitor interval via CLI

  • T4535 (feature): FRR: upgrade to stable/8.3 version

  • T4521 (bug): bond: ARP monitor interval is not configured despite set via CLI

  • T4540 (feature): firmware: update to Linux release 20220708

2022-07-17

  • T4028 (bug): FRR 8.1 routes not being applied to routing table after reboot if an interface has 2 ip addresses

2022-07-15

  • T4494 (bug): Cannot reset BGP peer within VRF

  • T4536 (feature): FRR: move to systemd for daemon control

2022-07-14

  • T4491 (bug): Use empty string for internal name of root node of config_tree

2022-07-13

  • T1375 (feature): Add clear dhcp server lease function

2022-07-12

  • T4527 (bug): Prevent to create VRF name default

  • T4084 (default): Dehardcode the default login banner

  • T3948 (feature): IPSec VPN: Add a new option “none” for the connection-type

  • T235 (feature): Ability to configure manual IP Rules

2022-07-10

  • T3836 (bug): Setting a default IPv6 route while getting IPv4 gateway via DHCP removes the IPv4 gateway

2022-07-09

  • T4507 (feature): IPoE-server add multiplier option for shaper

  • T4499 (bug): NAT source translation not showing a single output

  • T4468 (bug): web-proxy source group cannot start with a number bug

  • T4373 (feature): PPPoE-server add multiplier option for shaper

  • T3353 (bug): PPPoE server wrong vlan-range generating config

  • T3648 (bug): op-mode: nat rules broken

  • T4517 (feature): ip: Add options to enable directed broadcast forwarding

2022-07-07

  • T4456 (bug): NTP client in VRF tries to bind to interfaces outside VRF, logs many messages

  • T4509 (feature): Feature Request: DNS64

2022-07-06

  • T4513 (bug): Webproxy monitor commands do not work

  • T4299 (feature): Firewall - GeoIP filtering

2022-07-05

  • T4378 (bug): Unable to submit wildcard (”*.example.com”) A or AAAA records in dns forwarder

  • T2683 (default): no dual stack in system static-host-mapping host-name

  • T478 (feature): Firewall address group (multi and nesting)

2022-07-04

  • T4501 (bug): Syslog-identifier does not work in event handler

  • T3600 (bug): DHCP Interface static route breaks PBR

  • T4498 (feature): bridge: Add option to enable/disable IGMP/MLD snooping

2022-07-01

  • T2455 (bug): No support for the IPv6 VTI

  • T4490 (feature): BGP- warning message that AFI/SAFI is needed to establish the neighborship

  • T4489 (bug): MPLS sysctl not persistent for tunnel interfaces

2022-06-29

  • T4477 (feature): router-advert: support RDNSS lifetime option

2022-06-28

  • T4486 (bug): Container can’t be deleted

  • T4473 (bug): Use container network without network declaration error

  • T4458 (feature): Firewall - add support for matching ip ttl in firewall rules

  • T3907 (feature): Firewall - Set log levels

2022-06-27

  • T4484 (default): Firewall op-mode summary doesn’t correctly handle address group containing ranges

2022-06-25

  • T4482 (bug): dhcp: toggle of “dhcp-options no-default-route” has no effect

  • T4483 (feature): Upgrade fastnetmon to v1.2.2 community edition

2022-06-22

  • T1748 (feature): vbash: beautify tab completion output/line breaks

2022-06-20

  • T1856 (feature): Support configuring IPSec SA bytes

2022-06-18

  • T4467 (bug): Validator Does Not Accept Signed Numbers

2022-06-17

  • T4209 (bug): Firewall incorrect handler for recent count and time

2022-06-16

  • T4352 (bug): wan-load balance - priority traffic rule doesn’t work

2022-06-15

  • T4450 (feature): Route-map - Extend options for ip|ipv6 address match

  • T4449 (feature): Route-map - Extend options for ip next-hop match

  • T990 (feature): Make DNAT/SNAT a valid state in firewall rules.

2022-06-12

  • T4420 (feature): Feature Request: ocserv: show configured 2FA OTP key

  • T4380 (default): Feature Request: ocserv: 2FA OTP key generator in VyOS CLI

2022-06-10

  • T4365 (bug): NAT - Error on setting up tables

  • T4465 (feature): node.def generation misses whitespace on multiple use of <path>

2022-06-09

  • T4444 (default): sstp: Feature request. Port number changing support

  • T2580 (feature): Support for ip pools for ippoe

2022-06-08

  • T4447 (bug): DHCPv6 prefix delegation sla-id limited to 128

2022-05-31

  • T4212 (default): PermissionError when generating/installing server Certificate (generate pki certificate sign …)

  • T4199 (bug): Commit failed when setting icmpv6 type any

  • T4148 (bug): Firewall - Error messages not that clear as it were in old firewall

  • T3659 (bug): Configuration won’t accept IPv6 addresses for site-to-site VPN tunnel prefixes/traffic selectors

2022-05-30

  • T4315 (feature): Telegraf - Output to prometheus

2022-05-29

  • T2473 (feature): Xml for EIGRP [conf_mode]

2022-05-28

  • T4448 (feature): rip: add support for explicit version selection

2022-05-26

  • T4442 (feature): HTTP API add action “reset”

2022-05-25

  • T4410 (feature): Telegraf - Output to Splunk

  • T4382 (bug): Replacing legacy loadFile exposes missing steps in migration scripts and other errors

2022-05-21

  • T4437 (bug): flow-accounting: support IPv6 flow collectors

2022-05-20

  • T4418 (feature): Telegraf - output Plugin azure-data-explorer

2022-05-19

  • T4434 (bug): DMVPN: cisco-authentication password length is 8 characters

  • T3938 (default): Rewrite the uptime script in Python to allow using it as a library

  • T4334 (default): Make the config lexer reentrant

2022-05-17

  • T4424 (bug): policy local-route6 shows ipv4 format

2022-05-16

  • T4377 (default): generate tech-support archive includes previous archives

2022-05-12

  • T4417 (bug): VRRP doesn’t start with conntrack-sync

  • T4100 (feature): Firewall increase maximum number of rules

2022-05-11

  • T4405 (bug): DHCP client sometimes ignores no-default-route option of an interface

2022-05-10

  • T4156 (default): Adding DHCP Option 13 (bootfile-size)

  • T1972 (feature): Allow setting interface name for virtual_ipaddress in VRRP VRID

2022-05-07

  • T4361 (bug): vyos.config.exists() does not work for nodes with multiple values

  • T4354 (bug): Slave interfaces fall out from bonding during configuration change

  • T4419 (feature): vrf: support to disable IP forwarding within a given VRF

2022-05-06

  • T4385 (bug): bgp: peer-group member cannot override remote-as of peer-group

2022-05-05

  • T4414 (feature): Add route-map “as-path prepend last-as x” option

2022-05-03

  • T4395 (feature): Extend show vpn debug

2022-05-01

  • T4369 (bug): OpenVPN: daemon not restarted on changes to “openvpn-option” CLI node

  • T4363 (bug): salt-minion: default mine_interval option is not set

  • T4353 (feature): Add Jinja2 linter to vyos-1x build process

2022-04-29

  • T4388 (bug): dhcp-server: missing constraint on tftp-server-name option

  • T4366 (bug): geneve: interface is removed on changes to e.g. description

2022-04-28

  • T4400 (bug): Container OP mode has delete where show and update should be

2022-04-27

  • T4398 (bug): IPSec site-to-site generates unexpected passthrough option

  • T4397 (feature): arp: migrate static ARP entry configuration to get_config_dict() and make it VRF aware

  • T4357 (feature): Allow free-form setting of DHCPv6 server options

2022-04-26

  • T4210 (bug): NAT source/destination negated ports throws an error

  • T4235 (default): Add config tree diff algorithm

2022-04-25

  • T4390 (feature): op-mode: extend “show log” and “monitor log” with additional daemons/subsystems to read journalctl logs

  • T4391 (bug): PPPoE: IPv6 not working after system boot

2022-04-24

  • T4342 (bug): “show ip ospf neighbor address x.x.x.x” gives “unknown command” error

2022-04-23

  • T4386 (default): Applying limiter on traffic-policy “in” fails, incorrectly reports mirror or redirect policy in use

2022-04-22

  • T4389 (feature): dhcp: add vendor option support for Ubiquity Unifi controller

2022-04-21

  • T4384 (feature): pppoe: replace default-route CLI option with common CLI nodes already present for DHCP

2022-04-20

  • T4345 (bug): New firewall code does not accept “rate/time interval” syntax used in old config

  • T4231 (feature): Feature Request: ocserv: 2FA (password+OTP) support in Openconnect

2022-04-19

  • T4379 (bug): PPPoE: default-route lost after applying additional static routes

  • T4344 (bug): DHCP statistics not matching, conf-mode generates incorrect pool name with dash

  • T4268 (bug): Elevated LA while using VyOS monitoring feature

2022-04-18

  • T4351 (bug): Openvpn conf-mode “openvpn-option” is not respected

  • T4278 (default): vyos-vm-images: fix vagrant libvirt box

  • T4368 (bug): bgp: AS specified for local as is the same as the remote as and this is not allowed.

  • T4370 (feature): vxlan: geneve: support configuration of df bit option

2022-04-15

  • T4327 (default): Ethernet interface configuration fails on Hyper-V due to speed/duplex/autoneg ethtool command error

  • T4364 (feature): salt-minion: Upgrade to 3004 and migrate to get_config_dict()

2022-04-13

  • T4333 (feature): Jinja2: add plugin to test if a variable is defined and not none to reduce template complexity

2022-04-08

  • T4331 (bug): IPv6 link local addresses are not configured when an interface is in a VRF

  • T4347 (default): Return complete and consistent error codes from HTTP API

  • T4339 (bug): wwan: tab-completion results in “No such file or directory” if there is no WWAN interface

  • T4338 (bug): wwan: changing interface description should not trigger reconnect

  • T4324 (bug): wwan: check alive script should only be run via cron if a wwan interface is configured at all

2022-04-07

  • T4330 (bug): MTU settings cannot be applied when IPv6 is disabled

  • T4346 (feature): Deprecate “system ipv6 disable” option to disable address family within OS kernel

  • T4319 (bug): The command “set system ipv6 disable” doesn’t work as expected.

  • T4341 (feature): login: disable user-account prior to deletion and wait until deletion is complete

  • T4336 (feature): isis: add support for MD5 authentication password on a circuit

2022-04-06

  • T4308 (feature): Op-comm “Show log frr” to view specific protocol logs

2022-04-04

  • T4329 (bug): Bgp policy route-map bug with set several extcommunity rt

2022-04-02

  • T4335 (bug): open-vmdk fails to build under gcc-10.+

2022-04-01

  • T4332 (bug): bgp: deterministic-med cannot be disabled while addpath-tx-bestpath-per-AS is in use

2022-03-31

  • T4326 (feature): Add bgp option no-suppress-duplicates

  • T4323 (default): ospf6d crashes on latest vyos nightly

2022-03-29

  • T3686 (bug): Bridging OpenVPN tap with no local-address breaks

  • T3635 (default): Add ability to use mDNS repeater with VRRP

2022-03-26

  • T4321 (default): Allow BGP neighbors between different VIFs on the same VyOS

2022-03-24

  • T4301 (bug): The “arp-monitor” option in bonding interface settings does not work

  • T4294 (bug): Adding a new openvpn-option does not restart the OpenVPN process

  • T4290 (bug): BGP source-interface fails to commit

  • T4230 (bug): OpenVPN server configuration deleted after reboot when using a VRRP virtual-address

2022-03-23

  • T4314 (bug): Latest 1.4 Rolling release config migration error

2022-03-21

  • T4304 (feature): [OSPF]import/export filter inter-area prefix

2022-03-20

  • T4298 (default): vyos-vm-images: fix ansible group name and remove obsolete empty command

2022-03-18

  • T4286 (bug): Fix for firewall ipv6 name address validator

2022-03-15

  • T4302 (feature): FRRouting upgrade to release 8.2.2

  • T4293 (default): Add “set ip-next-hop unchanged” in route-map

2022-03-14

  • T4275 (default): Incorrect val_help for local/remote prefix in ipsec vpn

2022-03-12

  • T4296 (bug): Interface config injected by Cloud-Init may interfere with VyOS native

  • T4265 (feature): Add op-mode for bgp flowspec state and routes

2022-03-11

  • T4297 (bug): Interface configuration saving fails for ice/iavf based interfaces because they can’t change speed/duplex settings

2022-03-09

  • T3981 (feature): VRF support for flow-accounting

2022-03-05

  • T4259 (bug): The conntrackd daemon can be started wrongly

2022-03-03

  • T4283 (feature): Add support to “reject” routes - emit an ICMP unreachable when matched

2022-03-01

  • T4277 (feature): flow-accounting: support sending flow-data via VRF interface

2022-02-28

  • T4273 (bug): ssh: Upgrade from 1.2.X to 1.3.0 breaks config

  • T4115 (bug): reboot in <x> not working as expected

  • T3656 (bug): IPSec 1.4 : “show vpn ike sa” does not show the correct default ike version

2022-02-26

  • T4272 (feature): lldp: migrate Python script to use get_config_dict()

2022-02-25

  • T4269 (feature): node.def generator should automatically add default values

2022-02-24

  • T4267 (bug): Error - Missing required “ip key” parameter

2022-02-23

  • T4194 (bug): prefix-list no check for duplicate entries

  • T4264 (bug): vxlan: interface is destroyed and rebuild on description change

  • T4263 (bug): vyos.util.leaf_node_changed() dos not honor valueLess nodes

2022-02-21

  • T4120 (feature): [VXLAN] add ability to set multiple unicast-remotes

2022-02-20

  • T4254 (feature): VPN IPSec charon add options cisco_flexvpn and install_virtual_ip_on

  • T4249 (feature): Add support for device mapping in containers

  • T3617 (bug): IPSec 1.4 generate invalid configuration

  • T4261 (feature): MACsec: add DHCP client support

  • T4203 (bug): Reconfigure DHCP client interface causes brief outages

2022-02-19

  • T4258 (bug): [DHCP-SERVER] error parameter on Failover

2022-02-17

  • T4255 (bug): Unexpected print of dict bridge on delete

  • T4240 (bug): Cannot add wlan0 to bridge via configure

  • T4154 (bug): Error add second gre tunnel with the same source interface

2022-02-16

  • T4237 (bug): Conntrack-sync error - error adding listen-address command

2022-02-15

  • T4160 (bug): Firewall - Error in rules that matches everything except something

  • T3006 (bug): Accel-PPP & vlan-mon config get invalid VLAN

  • T3494 (bug): DHCPv6 leases traceback when PD using

  • T1292 (bug): Issues while deleting all rules from a firewall

2022-02-13

  • T4242 (bug): ethernet speed/duplex can never be switched back to auto/auto

  • T4191 (bug): Lost access to host after VRF re-creating

2022-02-11

  • T3872 (feature): Add configurable telegraf monitoring service

2022-02-08

  • T4227 (bug): Typo in help completion of hello-time option of bridge interface

2022-02-07

  • T4233 (bug): ssh: sync regex for allow/deny usernames to “system login”

2022-02-06

  • T4223 (bug): policy route cannot have several entries with the same table

  • T4216 (bug): Firewall: can’t use negated groups in firewall rules

  • T4178 (bug): policy based routing tcp flags issue

  • T4164 (bug): PBR: network groups (as well as address and port groups) don’t resolve in nftables_policy.conf

  • T3970 (feature): Add support for op-mode PKI direct install into an active config session

  • T3828 (bug): ipsec: Subtle change in “pfs enable” behavior from equuleus -> sagitta

2022-02-05

  • T4226 (bug): VRRP transition-script does not work for groups name which contains -(minus) sign

2022-02-04

  • T4196 (bug): DHCP server client-prefix-length parameter results in non-functional leases

2022-02-03

  • T4218 (bug): firewall: rule name is not allowed to start with a number

  • T3643 (bug): show vpn ipsec sa doesn’t show tunnels in “down” state

2022-02-01

  • T4224 (bug): Ethernet interfaces configured for DHCP not working on latest rolling snapshot (vyos-1.4-rolling-202201291849-amd64.iso)

  • T4225 (bug): Performance degration with latest rolling release

  • T4220 (bug): Commit broke dhclient 78b247b724f74bdabab0706aaa7f5b00e5809bc1

  • T4138 (bug): NAT configuration allows to set incorrect port range and invalid port

2022-01-29

  • T4153 (bug): Monitor bandwidth-test initiate not working

2022-01-28

  • T4184 (bug): NTP allow-clients address doesn’t work it allows to use ntp server for all addresses

  • T4217 (bug): firewall: port-group requires protocol to be set - but not in VyOS 1.3

2022-01-27

  • T4213 (default): ipv6 policy routing not working anymore

  • T4188 (bug): Firewall does not correctly handle conntracking

  • T3762 (feature): Support network and address groups for policy ipv6-route

  • T3560 (feature): Ability to create groups of MAC addresses

  • T3495 (feature): Modernising port/protocol definitions

2022-01-25

  • T4205 (feature): Disable Debian Version in SSH (DebianBanner->no)

  • T4131 (bug): Show firewall group incorrect format members

2022-01-24

  • T4204 (feature): Update Accel-PPP to a newer revision

  • T1795 (default): Commit rollback by timeout

2022-01-23

  • T4186 (bug): Firewall icmp type - Offered options not supported

  • T4181 (bug): Firewall ipv6-network-group - incorrect description on helper

2022-01-22

  • T4173 (bug): Wan Load Balancing - Error on firewall NAT rules

2022-01-21

  • T4200 (bug): Assigning ipv6-name to interface is not generating nftables rules

  • T4144 (bug): Firewall address-group - Improve error messages

  • T4137 (bug): Firewall group configuration allows to set incorrect port range and invalid port

  • T4133 (bug): Firewall network group error with zone-based firewall rules

2022-01-20

  • T4171 (bug): Interface config migration error on 1.2.8 -> 1.4 upgrade

2022-01-19

  • T4195 (feature): [OSPF-ECMP]enable set maximun-path

2022-01-18

  • T4159 (bug): Empty firewall group (address, network & port) generates invalid nftables config, commit fails

  • T4155 (bug): PBR: set table main fails in firewall.py with newer rolling releases

  • T3873 (feature): Zone based Firewall - Filter traffic in same zone

  • T3286 (feature): Switch the firewall from iptables to nftables

  • T292 (feature): [ZBF] Allow filtering intra zone traffic

2022-01-17

  • T3164 (bug): console-server ssh does not work with RADIUS PAM auth

2022-01-15

  • T4183 (feature): IPv6 link-local address not accepted as wireguard peer

  • T4150 (bug): VRRP with conntrack-sync does not work

  • T4110 (feature): [IPV6-SSH/DNS} enable IPv6 link local adresses as listen-address %eth0

2022-01-14

  • T4182 (bug): Show vrrp if vrrp not configured bug

  • T4179 (feature): Add op-mode CLI for show high-availability virtual-server

  • T4177 (bug): Strip-private doesn’t work for service monitoring

2022-01-13

  • T4175 (bug): BGP configuration failed

  • T4109 (feature): Extend high-availability/keepalived for support virtual-server lb

2022-01-12

  • T4174 (bug): Validation fails when entering port range with upper port 65535

  • T4162 (bug): VPN ipsec ike-group - Incorrect value help for ikev2-reauth

  • T4161 (bug): Policy route-map - Incorrect value help for local preference

  • T4152 (bug): NHRP shortcut-target holding-time does not work

2022-01-11

  • T4149 (bug): [Firewall-IPV6] Error delete Fw rules on VIF/INT

  • T3950 (bug): CLI backtrace on update if DNS not defined

  • T4166 (bug): Debug output missing when frr.py called under vyos-configd

2022-01-10

  • T3299 (bug): Allow the web proxy service to listen on all IP addresses

  • T3115 (feature): Add support for firewall on L3 VIF bridge interface

2022-01-09

  • T4142 (bug): Input ifbX interfaces not displayed in op-mode

  • T3914 (bug): VRRP rfc3768-compatibility doesn’t work with unicast peers

2022-01-08

  • T4116 (bug): Webproxy/Squid not working with IPv6 listen-address

2022-01-07

  • T3924 (bug): VRRP stops working with VRF

2022-01-06

  • T4135 (bug): Declare zone policy firewall without local zone errors

  • T4130 (bug): Firewall state policy errors chain

  • T4141 (bug): Set high-availability vrrp sync-group without members error

2022-01-04

  • T4134 (bug): Incorrect firewall protocol completion help uppercase and duplicates

  • T4132 (bug): Impossible to show a specific firewall group

2022-01-03

  • T4126 (feature): Ability to set priority to site to site IPSec vpn tunnels

  • T4052 (bug): Validator return traceback on VRRP configuration with the script path not in config dir

  • T4128 (bug): keepalived: Upgrade package to add VRF support

2021-12-31

  • T4081 (bug): VRRP health-check script stops working when setting up a sync group

2021-12-30

  • T4124 (feature): snmp: migrate to get_config_dict()

2021-12-29

  • T4111 (bug): IPSec generates wrong configuration colons for IPv6 peers

  • T4023 (feature): Add grepcidr or similar functionality

  • T4086 (default): system login banner is not removed on deletion.

2021-12-28

  • T3380 (bug): “show vpn ike sa” does not display IPv6 peers

2021-12-27

  • T3979 (bug): vyos-hostd unable to hostfile-update

  • T2566 (bug): sstp not able to run tunnels ipv6 only

  • T4093 (bug): SNMPv3 snmpd.conf generation bug

  • T2764 (enhancment): Increase maximum number of NAT rules

2021-12-26

  • T4104 (bug): RAID1: “add raid md0 member sda1” does not restore boot sector

  • T4108 (default): OSPFv3: add support for auto-cost parameter

  • T4107 (default): OSPFv3: add support for “default-information originate”

2021-12-25

  • T4101 (bug): commit-archive: Use of uninitialized value $source_address in concatenation

  • T4099 (feature): flow-accounting: sync “source-ip” and “source-address” between netflow and sflow ion CLI

  • T4097 (feature): flow-accounting: migrate implementation to get_config_dict()

  • T4105 (feature): flow-accounting: drop “sflow agent-address auto”

  • T4106 (feature): flow-accounting: support specification of capture packet lenght

  • T4102 (feature): OSPFv3: add support for NSSA area-type

  • T4055 (feature): Add VRF support for HTTP(S) API service

2021-12-24

  • T3854 (bug): Missing op-mode commands for conntrack-sync

2021-12-23

  • T3354 (default): Convert strip-private script from Perl to Python

2021-12-22

  • T3678 (bug): VyOS 1.4: Invalid error message while deleting ipsec vpn configuration

  • T3356 (feature): Script for remote file transfers

2021-12-21

  • T4083 (bug): Cluster heartbeat doesn’t start b.c lack of directory /run/heartbeat/

  • T4070 (bug): NATv4 : inbound-interface type “any” is missing.

  • T4053 (bug): VRRP impossible to set scripts out of the /config directory

  • T3931 (bug): SSTP doesn’t work after rewriting to PKI

2021-12-20

  • T4088 (default): Fix typo in login banner

2021-12-19

  • T3912 (default): Use a more informative default post-login banner

2021-12-17

  • T4059 (bug): VRRP sync-group transition script does not persist after reboot

2021-12-16

  • T4046 (feature): Sflow - Add Source address parameter

  • T3556 (bug): Commit-archive via scp causes 100% CPU on boot

  • T4076 (enhancment): Allow setting CORS options in HTTP API

  • T4037 (default): HTTP transfers do not follow redirects

  • T4029 (default): Broken SFTP uploads

2021-12-15

  • T4077 (bug): op-mode: bfd: drop “show protocols bfd” in favour of “show bfd”

  • T4073 (bug): “show protocols bfd peer <>” shows incorrect peer information.

2021-12-14

  • T4071 (feature): Allow HTTP API to bind to unix domain socket

2021-12-12

  • T4069 (feature): BGP: add additional available parameters to VyOS CLI

  • T4036 (bug): VXLAN incorrect raiseError if set multicast network instead of singe address

2021-12-10

  • T4068 (feature): Python: ConfigError should insert line breaks into the error message

2021-12-09

  • T4033 (bug): VRRP - Error security when setting scripts

  • T4064 (bug): IP address for vif is not removed from the system when deleted in configuration

  • T4060 (enhancment): Extend configquery for use before boot configuration is complete

  • T4058 (bug): BFD: add BGP and OSPF “bfd profile” support

  • T4054 (bug): BFD profiles configuration incorrect behavior.

2021-12-07

  • T4041 (servicerequest): “transition-script” doesn’t work on “sync-group”

2021-12-06

  • T4012 (feature): Add VRF support for TFTP

2021-12-04

  • T4049 (feature): support command-style output with compare command

  • T4047 (bug): Wrong regex validation in XML definitions

  • T4042 (bug): BGP L2VPN / EVPN and RD type 0 set

  • T4048 (bug): BGP: L2VPN/EVPN and individual RD and RT settings for each VNI

  • T4045 (bug): Unable to “format disk <new> like <old>”

  • T4044 (feature): BFD: add vrf support

  • T4043 (feature): BFD: add support for passive mode

2021-12-02

  • T4035 (bug): Geneve interfaces aren’t displayed by operational mode commands

2021-12-01

  • T3695 (bug): OpenConnect reports commit success when ocserv fails to start due to SSL cert/key file issues

2021-11-30

  • T4010 (bug): DMVPN generates incorrect configuration life_time for swanctl.conf

  • T3725 (feature): show configuration in json format

2021-11-29

  • T3946 (enhancment): Automatically resize the root partition if the drive has extra space

2021-11-28

  • T3999 (bug): show lldp neighbor Traceback error

  • T3928 (feature): Add OSPFv3 VRF support

2021-11-27

  • T3755 (feature): ospf: adjust to new FRR 8 syntax where “no passive-interface ” moved to interface section

  • T3753 (feature): frr: upgrade to stable/8.1 release train

2021-11-26

  • T3978 (bug): containers add network without declaring prefix raise ConfigError

2021-11-25

  • T4006 (default): Add additional Linux capabilities to container configuration

  • T3986 (bug): Incorrect description for vpn ipsec site-to-site authentication and connection

2021-11-24

  • T4015 (feature): Update Accel-PPP to a newer revision

  • T3865 (bug): loadkey command help text missing escape sequence

  • T1083 (feature): Implement persistent/random address and port mapping options for NAT rules

2021-11-23

  • T3990 (bug): WATCHFRR: crashlog and per-thread log buffering unavailable (due to files left behind in /var/tmp/frr/ after reboot)

2021-11-20

  • T3998 (bug): route-target completion incorrect description

2021-11-19

  • T4003 (bug): API for “show interfaces ethernet” does not include the interface description

  • T4011 (bug): ethernet: deleting interface should place interface in admin down state

2021-11-18

  • T3612 (bug): IPoE Server address pool issues.

  • T3995 (feature): OpenVPN: do not stop/start service on configuration change

  • T3680 (bug): Static routes with dhcp-interface are flaky

  • T4008 (feature): dhcp: change client retry interval form 300 -> 60 seconds

  • T3795 (bug): WWAN: issues with non connected interface / no signal

  • T3510 (bug): RADIUS usersname is not shown on CLI

2021-11-17

  • T3350 (bug): OpenVPN config file generation broken

  • T3996 (bug): SNMP service error in log

2021-11-15

  • T3994 (bug): VRF: unable to delete vrf when name contains numbers, hyphen or underscore

  • T3960 (bug): FRR Misconfig when using multiple VRF VNI

  • T3724 (feature): Allow setting host-name in l2tp section of accel-ppp

  • T645 (feature): Allow multiple prefixes in ipsec tunnel

2021-11-10

  • T3966 (default): OpenVPN fix the smoketests

  • T3834 (default): [OPENVPN] Support for Two Factor Authentication totp.

  • T3982 (bug): DHCP server commit fails if static-mapping contains + or .

2021-11-09

  • T3962 (bug): Image cannot be built without open-vm-tools

2021-11-07

  • T3626 (bug): Configuring and disabling DHCP Server

2021-11-06

  • T3514 (bug): NIC flap at any interface change

2021-11-05

  • T3972 (bug): Removing vif-c interface raises KeyError

2021-11-04

  • T3969 (bug): Container incorrect raiseError format if network doesn’t exist

  • T3662 (bug): Container configuration upgrade destroys system

  • T3964 (bug): SSTP: local-user static-ip CLI node accepts invalid IPv4 addresses

2021-11-03

  • T3952 (default): Add sh bgp ipv4/ipv6 vpn command

  • T3610 (bug): DHCP-Server creation for not primary IP address fails

2021-11-01

  • T3958 (default): OpenVPN breaks the smoketests

  • T3956 (bug): GRE tunnel - unable to move from source-interface to source-address, commit error

2021-10-31

  • T3945 (feature): Add route-map for bgp aggregate-address

  • T3954 (bug): FTDI cable makes VyOS sagitta latest hang, /dev/serial unpopulated, config system error

  • T3943 (bug): “netflow source-ip” prevents image upgrades if IP address does not exist locally

2021-10-29

  • T3942 (feature): Generate IPSec debug archive from op-mode

2021-10-28

  • T3951 (bug): After resetting vti ipsec tunnel old child SA still active

  • T3941 (bug): “show vpn ipsec sa” shows established time of parent SA not child SA’s

  • T3916 (feature): Add additional Linux capabilities to container configuration

2021-10-27

  • T3944 (bug): VRRP fails over when adding new group to master

2021-10-22

  • T3897 (feature): Dynamic DNS doesn’t work with IPv6 addresses

  • T3832 (feature): Allow to set DHCP client-id in hexadecimal format

  • T3188 (bug): Tunnel local-ip to dhcp-interface Change Fails to Update

  • T3917 (default): Use Avahi as mDNS repeater for IPv6 support

2021-10-21

  • T3926 (bug): strip-private does not sanitize “cisco-authentication” from NHRP configuration

  • T3925 (feature): Tunnel: dhcp-interface not implemented - use source-interface instead

  • T3923 (feature): Kernel: Enable TLS/IPSec offload support for Mellanox ConnectX NICs

  • T3927 (feature): Kernel: Enable kernel support for HW offload of the TLS protocol

2021-10-20

  • T3918 (bug): DHCPv6 prefix delegation incorrect verify error

  • T3921 (bug): tunnel: KeyError when using dhcp-interface

2021-10-19

  • T3396 (bug): syslog can’t be configured with an ipv6 literal destination in 1.2.x

2021-10-18

  • T3002 (default): VRRP change on IPSec interface causes packet routing issues

2021-10-17

  • T3786 (bug): GRE tunnel source address 0.0.0.0 error

  • T3217 (default): Save FRR configuration on each commit

  • T3381 (bug): Change GRE tunnel failed

  • T3254 (bug): Dynamic DNS status shows incorrect last update time

  • T1243 (bug): BGP local-as accept wrong values

  • T697 (bug): Clean up and sanitize package dependencies

  • T578 (feature): Support Linux Container

2021-10-16

  • T3879 (bug): GPG key verification fails when upgrading from a 1.3 beta version

2021-10-15

  • T3748 (bug): Container deletion bug

  • T3693 (feature): ISIS Route redistribution ipv6 support missing

  • T3676 (feature): Container option to add Linux capabilities

  • T3613 (feature): Selectors for route-based IPsec tunnel (vti)

  • T3692 (bug): VyOS build failing due to repo.saltstack.com

  • T3673 (feature): BGP large-community del operation missing

2021-10-14

  • T3811 (bug): NAT (op_mode): NAT op_mode command fails.

  • T3801 (feature): containers: do not use podman CLI to create container networks

2021-10-13

  • T3904 (bug): NTP pool associations silently fail

  • T3277 (feature): DNS Forwarding - reverse zones

2021-10-12

  • T3216 (bug): Removal of restricted-shell broke configure mode for RADIUS users

  • T3881 (bug): Wrong description for container section restart

  • T3868 (bug): Regex and/or wildcard not accepted with large-community-list

  • T3701 (bug): ipoe server fails to start when configuring radius dynamic-author on ipoe

2021-10-10

  • T3750 (bug): pdns-recursor 4.4 issue with dont-query and private DNS servers

  • T3885 (default): dhcpv6-pd: randomly generated DUID is not persisted

  • T3899 (enhancment): Add support for hd44780 LCD displays

2021-10-09

  • T3894 (bug): Tunnel Commit Failed if system does not have eth0

2021-10-08

  • T3893 (bug): MGRE Tunnel commit crash If sit tunnel available

2021-10-05

  • T3741 (feature): [BGP] default no-ipv4-unicast - by default

2021-10-04

  • T3888 (bug): Incorrect warning when poweroff command executed from configure mode.

  • T3890 (feature): dhcp(v6): provide op-mode commands to retrieve both server and client logfiles

  • T3889 (feature): Migrate to journalctl when reading daemon logs

2021-10-03

  • T3880 (bug): EFI boot shows error on display

2021-10-02

  • T3882 (feature): Upgrade PowerDNs recursor to 4.5 series

  • T3883 (bug): VRF - Delette vrf config on interface

2021-09-30

  • T3874 (bug): D-Link Ethernet Interface not working.

  • T3869 (default): Rewrite vyatta_net_name/vyatta_interface_rescan in Python

2021-09-28

  • T3853 (default): nat66 rules gets deleted on reboot in 1.4-rolling-202109240217

2021-09-27

  • T3863 (default): nat66: commit fails/hangs on non existing interface

2021-09-26

  • T3860 (bug): Error on pppoe, tunnel and wireguard interfaces for IPv6 EUI64 addresses

  • T3857 (feature): reboot: send wall message to all users for information

  • T3867 (bug): vxlan: multicast group address is not validated

  • T3859 (bug): Add “log-adjacency-changes” to ospfv3 process

  • T3826 (bug): PKI: op-mode - do input validation when listing certificates

2021-09-25

  • T3657 (default): BGP neighbors ipv6 not able to establish with IPv6 link-local addresses

2021-09-23

  • T3850 (bug): Dots are no longer allowed in SSH public key names

2021-09-21

  • T3847 (feature): keepalived/vrrp: migrate to get_config_dict() - cleanup

2021-09-20

  • T3823 (bug): strip-private does not filter public IPv6 addresses

2021-09-19

  • T3841 (feature): dhcp-server: add ping-check option to CLI

  • T2738 (bug): Modifying configuration in the “interfaces” section from VRRP transition scripts causes configuration lockup and high CPU utilization

  • T3840 (feature): dns forwarding: Cache size should allow values > 10k

  • T3672 (bug): DHCP-FO with multiple subnets results in invalid/non-functioning dhcpd.conf configuration file output

2021-09-18

  • T3831 (bug): External traffic stops routing when IPSEC tunnel comes up with interface vti0

  • T1968 (default): Allow multiple static routes in dhcp-server

  • T3838 (feature): dhcp-server - sync cli for name-servers to other subsystems

  • T3839 (feature): dhcp-server: Allow configuration of a DNS server and domain name on the shared-network level

2021-09-17

  • T3830 (bug): ipsec: remote-id no longer included in IKE AUTH if not explicitly specified

2021-09-11

  • T3402 (feature): Add VyOS programming library for operational level commands

  • T3275 (default): Disable conntrack helpers by default

2021-09-10

  • T3802 (bug): Commit fails if ethernet interface doesn’t support flow control

  • T3819 (bug): Upgrade Salt Stack 3002.3 -> 3003 release train

  • T915 (feature): MPLS Support

2021-09-09

  • T3812 (bug): Vyos and frr route-map config out of sync

  • T3814 (bug): wireguard: commit error showing incorrect peer name from the configured name

  • T3805 (bug): OpenVPN insufficient privileges for rtnetlink when closing TUN/TAP interface

  • T3815 (bug): pki : the file command ‘generate pki wireguard key-pair file’ is not working

2021-09-07

  • T1894 (bug): FRR config not loaded after daemons segfault or restart

  • T3807 (bug): Op Command “show interfaces wireguard” does not show the output

2021-09-06

  • T3806 (bug): Don’t set link local ipv6 address if MTU less then 1280

  • T3803 (default): Add source-address option to the ping CLI

  • T3431 (bug): Show version all bug

  • T2920 (bug): Commit crash when adding the second mGRE tunnel with the same key

2021-09-05

  • T3804 (feature): cli: Migrate and merge “system name-servers-dhcp” into “system name-server”

2021-09-04

  • T3619 (bug): Performance Degradation 1.2 –> 1.3 | High ksoftirqd CPU usage

2021-09-03

  • T3788 (bug): Keys are not allowed with ipip and sit tunnels

  • T3634 (feature): Add op command option for ping for do not fragment bit to be set

  • T3798 (feature): bgp: add support for “neighbor <X> local-as replace-as” option

2021-09-02

  • T3792 (bug): login: A hypen present in a username from “system login user” is replaced by an underscore

  • T3790 (bug): Does not possible to configure PPTP static ip-address to users

  • T2947 (bug): Nat translation many-many with prefix does not map 1-1.

2021-08-31

  • T3789 (feature): Add custom validator for base64 encoded CLI data

  • T3782 (default): Ingress Shaping with IFB No Longer Functional with 1.3

2021-08-30

  • T3768 (default): Remove early syntaxVersion implementation

  • T2941 (default): Using a non-ASCII character in the description field causes UnicodeDecodeError in configsource.py

  • T3787 (bug): Remove deprecated UDP fragmentation offloading option

2021-08-29

  • T3708 (bug): isisd and gre-bridge commit error

  • T3783 (bug): “set protocols isis spf-delay-ietf” is not working

  • T2750 (default): Use m4 as a template processor

2021-08-28

  • T3743 (bug): l2tp doesn’t work after reboot if outside-address not 0.0.0.0

2021-08-27

  • T3182 (bug): Main blocker Task for FRR 7.4/7.5 series update

  • T3568 (feature): Add XML for firewall conf-mode

  • T2108 (default): Use minisign/signify instead of GPG for release signing

2021-08-26

  • T3776 (default): Rename FRR daemon restart op-mode commands

  • T3739 (feature): policy: route-map: add EVPN match support

2021-08-25

  • T3773 (bug): Delete the “show system integrity” command (to prepare for a re-implementation)

  • T3775 (bug): Typo in generated Strongswan VPN-config

2021-08-24

  • T3772 (bug): VRRP virtual interfaces are not shown in show interfaces

2021-08-23

  • T3769 (feature): Containers: Network Bridging

2021-08-22

  • T3090 (feature): Move ‘adjust-mss’ firewall options to the interface section.

  • T3765 (default): container: additional op-mode commands

2021-08-20

  • T1950 (default): Store VyOS configuration syntax version data in JSON file

2021-08-19

  • T3751 (bug): pki generate ca add new line after passphrase

  • T3764 (bug): Unconfigurable IKE and ESP lifetime

  • T3234 (bug): multi_to_list fails in certain cases, with root cause an element redundancy in XML interface-definitions

  • T3732 (feature): override-default helper should support adding defaultValues to default less nodes

  • T3574 (default): Add constraintGroup for combining validators with logical AND

  • T3759 (default): [L3VPN] VPNv4/VPNv6 add commands

2021-08-18

  • T3752 (bug): generate pki certificate file xxx doesn’t touch file

2021-08-16

  • T3738 (default): openvpn fails if server and authentication are configured

  • T1594 (bug): l2tpv3 error on IPv6 local-ip

2021-08-15

  • T3756 (default): VyOS generates invalid QR code for wireguard clients

  • T3757 (default): OSPF: add support to configure the area at an interface level

2021-08-14

  • T3745 (feature): op-mode IPSec show vpn ipse sa sorting

2021-08-13

  • T3749 (bug): V4/V6 Counters in network container validation aren’t being reset

  • T3728 (bug): FRR not respect configured RD and RT for L3VNI

  • T3727 (bug): VPN IPsec ESP proposal and ESP presented in config missmatch

  • T3740 (bug): HTTPs API breaks when the address is IPv6

2021-08-12

  • T3731 (bug): verify_accel_ppp_base_service return wrong config error for SSP

  • T3405 (feature): PPPoE server unit-cache

  • T2432 (default): dhcpd: Can’t create new lease file: Permission denied

  • T3746 (feature): Inform users logging into the system about a pending reboot

  • T3744 (default): Dns forwarding statistics formatting missing a new line

2021-08-11

  • T3709 (feature): Snmp: Allow enable MIDs/OIDs ipCidrRouteTable

2021-08-09

  • T3720 (bug): IPSec set vti secondary address cause interface disable

2021-08-08

  • T3705 (bug): IPSec: VTI interface does not honor default-esp-group

  • T2027 (bug): get_config_dict is failing when the configuration section is empty/missing

2021-08-05

  • T3719 (bug): Restart vpn shows some missed files

2021-08-04

  • T3704 (feature): Add ability to interact with Areca RAID adapers

  • T3718 (bug): VPN IPsec IKE group by default not use DH-group 2

2021-08-02

  • T3601 (default): Error in ssh keys for vmware cloud-init if ssh keys is left empty.

2021-08-01

  • T3707 (bug): Ping incorrect ip host checks

2021-07-31

  • T3716 (feature): Linux kernel parameters ignore_routes_with_link_down- ignore disconnected routing connections

2021-07-30

  • T1176 (default): FRR - BGP replicating routes

  • T1210 (feature): About IKEv2 IPSec VPN remote access

2021-07-23

  • T3699 (bug): login: verify selected “system login user” name is not already used by the base system.

  • T3698 (default): Support bridge monitoring

2021-07-13

  • T3679 (default): Point the unexpected exception message link to the new rolling release location

2021-07-11

  • T3665 (bug): Missing VRF support for VxLAN but already documented

2021-07-10

  • T3636 (feature): SSTP / L2TP ipv6 support broken

2021-07-09

  • T3667 (bug): brctl is damaged

2021-07-06

  • T3660 (feature): Conntrack-Sync configuration command to specify destination udp port for peer

2021-07-03

  • T57 (enhancment): Make it possible to disable the entire IPsec peer

2021-07-01

  • T3658 (feature): Add support for dhcpdv6 fixed-prefix6

  • T2035 (bug): Executing vyos-smoketest multiple times makes ssh test fail on execution

2021-06-29

  • T3593 (bug): PPPoE server called-sid format does not work

  • T1441 (feature): Add support for IPSec XFRM interfaces

2021-06-25

  • T3641 (feature): Upgrade base system from Debian Buster -> Debian Bullseye

  • T3649 (feature): Add bonding additional hash-policy

2021-06-23

  • T3647 (feature): Bullseye: gcc defaults to passing –as-needed to linker

2021-06-22

  • T3629 (bug): IPoE server shifting address in the range

  • T3645 (feature): Bullseye: ethtool changed output for ring-buffer information

2021-06-21

  • T3563 (default): commit-archive breaks with IPv6 source addresses

2021-06-20

  • T3637 (bug): vrf: bind-to-all didn’t work properly

  • T3639 (default): GCC preprocessor clobbers C comments

2021-06-19

  • T3633 (feature): Add LRO offload for interface ethernet

2021-06-18

  • T3599 (default): Migrate NHRP to XML/Python

2021-06-17

  • T3624 (feature): BGP: add support for extended community bandwidth definition

2021-06-16

  • T3623 (default): Fix for dummy interface option in the operational command “clear interfaces dummy”

  • T3630 (feature): op-mode: add “show version kernel” command

2021-06-13

  • T3620 (feature): Rename WWAN interface from wirelessmodem to wwan to use QMI interface

  • T2173 (feature): Add the ability to use VRF on VTI interfaces

  • T3622 (feature): WWAN: add support for APN authentication

  • T3606 (bug): SNMP unknown notification OID

  • T3621 (bug): PPPoE interface does not validate if password is supplied when username is set

2021-06-12

  • T3611 (bug): WWAN interface (MC7710) no longer works on Kernel 5.10

  • T1534 (bug): IPSec w/ IKEv2 Invalid local-address “any”

  • T3616 (bug): Update to FastAPI causes regression in vyos-http-api-server

2021-06-11

  • T3614 (bug): Container network name with hyphen fail

2021-06-10

  • T3250 (bug): PPPoE server: wrong local usernames

  • T3138 (bug): ddclient improperly updated when apply rfc2136 config

  • T2645 (default): Editing route-map action requires adding a new rule

2021-06-08

  • T3605 (default): Allow to set prefer-global for ipv6-next-hop

  • T3607 (feature): [route-map] set ipv6 next-hop prefer-global

  • T3289 (bug): No description for node “service” conf-mode

2021-06-07

  • T3461 (bug): OpenConnect Server redundancy check

  • T3455 (bug): system users can not be added in “edit”

  • T3588 (default): IPSec: migrate no longer available options from CLI which are now hardcoded/enabled in strongSwan

2021-06-06

  • T842 (feature): Adopt VyOS CLI to latest StrongSwan options and deprecated Keywords

2021-06-04

  • T3595 (default): Cannot create new VTI interface

  • T3592 (feature): Set default TTL 64 for tunnels

2021-06-03

  • T3384 (feature): Support UDP bandwidth testing

2021-06-02

  • T3233 (bug): Interface redirect to dum0

2021-06-01

  • T3585 (default): Fix NHRP module for updated interfaces tunnel syntax

  • T3594 (bug): Disable by default service strongswan-starter

2021-05-30

  • T3518 (bug): Warning messages when using SCP commit-archive

  • T3093 (default): Add xml for vpn ipsec

  • T1866 (bug): Commit archive over SFTP doesn’t work with non-standard ports

  • T3590 (feature): bgp: add option for limiting maximum number of prefixes to be sent to a peer

  • T3589 (feature): op-mode: support clearing out logfiles from CLI

  • T2641 (feature): Rewrite vpn ipsec OP commands in new style XML syntax

  • T3351 (feature): Installer checking MD5 checksums on the ISO image

2021-05-29

  • T1944 (bug): FRR: Invalid route in BGP causes update storm, memory leak, and failure of Zebra

  • T1888 (feature): Update to StrongSwan 5.9.1

2021-05-27

  • T3561 (feature): router-advert: support advertising specific routes

  • T2669 (bug): DHCP-server overlapping ranges.

2021-05-26

  • T3540 (bug): Keepalived memory utilisation issue when constantly getting its state in JSON format

2021-05-24

  • T3575 (bug): pseudo-ethernet: must check source-interface MTU

  • T3571 (bug): Broken Show Tab Complete

  • T3555 (bug): GRE TAP tunnel does not silent fragment packets / kernel fix available

  • T3576 (bug): ISIS does not support IPV6

2021-05-23

  • T3570 (default): Prevent setting of a larger MTU on child interfaces

  • T3573 (bug): as-path-prepend Description Invalid

  • T3572 (feature): Basic Drive Diagnostic Tools

2021-05-22

  • T3564 (default): Multiple BGP Confederation Peers Not Allowed

2021-05-21

  • T3551 (bug): QoS control failure of VLAN sub interface

2021-05-20

  • T3554 (feature): Add area-type stub for ospfv3

  • T3565 (feature): sysctl: rewrite in XML and Python and drop from vyatta-cfg-system

2021-05-19

  • T3562 (feature): Update Accel-PPP to a newer revision

  • T3559 (feature): Add restart op-command for OpenConnect Server

2021-05-18

  • T3525 (default): VMWare resume script syntax errors

2021-05-15

  • T3549 (bug): DHCPv6 “service dhcpv6-server global-parameters name-server” is not correctly exported to dhcpdv6.conf when multiple name-server entries are present

  • T3532 (bug): Not possible to change ethertype after interface creation

  • T3550 (bug): Router-advert completion typo

  • T3547 (feature): conntrackd: remove deprecated config options

  • T3535 (feature): Rewrite vyatta-conntrack-sync in new XML and Python flavor

2021-05-14

  • T3346 (bug): nat 4-to-5 migration script fails when a ‘source’ or ‘destination’ node exists but there are no rules

  • T3248 (default): Deal with VRRP mode-force command that exists in 1.2 but not in 1.3

  • T3426 (default): add support for script arguments to vyos-configd

2021-05-13

  • T3539 (bug): Typo in RPKI interface definition

  • T439 (feature): local PBR support

  • T3544 (feature): DHCP server should validate configuration before applying it

  • T3543 (feature): Support for setting lacp_rate on LACP bonded interfaces

2021-05-12

  • T3302 (default): Make vyos-configd relay stdout from scripts to the user’s console

  • T3542 (bug): udev net.rules not installed in image since may 2nd

2021-05-10

  • T3374 (bug): IPv6 GRE Tunnel issues

2021-05-09

  • T3530 (bug): BGP peer-group can’t contain a hyphen

2021-05-06

  • T3523 (bug): VRF BGP daemon route-map command missing

  • T3519 (bug): Cannot add / assign L2TPv3 to vrf

2021-05-05

  • T3520 (bug): Cannot add tunnel interface to isis within vrf

  • T3335 (bug): Some OSPFv3 show commands do not work

2021-05-04

  • T3504 (feature): BGP Per Peer Graceful Restart

2021-05-02

  • T3511 (bug): Update libnss-mapuser and libpam-radius packages from CUMULUS Linux

2021-05-01

  • T3379 (feature): Add global-parameters name-server for dhcpv6-server

  • T3491 (default): Change Kernel HZ to 1000

2021-04-29

  • T3503 (bug): “route-reflector-client” fails when “remote-as” is “internal”

  • T3502 (bug): “system ip multipath layer4-hashing” doesn’t work

2021-04-28

  • T3473 (bug): IPSec op-mode show sa error

2021-04-27

  • T2946 (bug): Calling ‘stty_size’ causes show interfaces API to fail

2021-04-25

  • T3490 (bug): priority inversion on PBR “policy route” create, breaks default route from dhcp (live iso)

  • T3468 (bug): Tunnel interfaces aren’t suggested as being available for bridging (regression)

  • T3497 (bug): Prefix list with rule containing only action is not detected as error during parse

  • T3492 (bug): BGP Configuration Migration failed (badly!) from rolling 202102240218 to rolling 202104221210

  • T1802 (feature): Wireguard QR code in cli for mobile devices

2021-04-24

  • T3472 (bug): commit-confirm script not found

  • T3439 (bug): Commit-archive location not working for scp

2021-04-23

  • T3395 (bug): WAN load-balancing fails with nexthop dhcp

  • T3290 (bug): Disabling GRE conntrack module fails

2021-04-20

  • T3488 (bug): Specifying an invalid “interface address” like dhcph leads to commit error

2021-04-18

  • T3481 (default): Exclude tag node values from key mangling

  • T3475 (bug): XML dictionary cache unable to process syntaxVersion elements

2021-04-17

  • T3470 (bug): as-override isn’t applied to frr

2021-04-15

  • T3386 (bug): PPPoE-server don’t start with local authentication

  • T3190 (feature): Unable to subtract value from local-preference in route-map

2021-04-14

  • T3398 (bug): Can’t commit

  • T3055 (bug): op-mode incorrect naming for ipsec policy-based tunnels

2021-04-13

  • T3436 (feature): Refactoring ospf op-mode for support vrf

  • T3434 (feature): Refactoring bgp op-mode for support vrf

2021-04-12

  • T3454 (enhancment): dhclient reject option

  • T3328 (bug): Bgp not possible to delete bgp route-map

2021-04-10

  • T3460 (bug): bgp, Configuration FRR failed while commiting code

2021-04-09

  • T3464 (bug): OSPF: route-map names containing a hypen are not “found”

2021-04-08

  • T3462 (default): show ipv6 bgp – missing

  • T3463 (bug): Prevent IPv4 Route exchange with IPv6 neighbors

2021-04-05

  • T3438 (bug): VRF: removing vif which belongs to a vrf, will delete the entire vrf from the operating system

  • T3418 (bug): BGP: system wide known interface can not be used as neighbor

2021-04-04

  • T3457 (feature): Output the “monitor log” command in a colorful way

2021-03-31

  • T3445 (bug): vyos-1x build include not all nodes

2021-03-30

  • T3448 (bug): Loading vyos on a system without xdp installed fails

2021-03-29

  • T3415 (feature): bridge: add support for isolated interfaces (private-vlan)

  • T1711 (feature): BGP - migrate from tagNode to node (remove ASN from tagNode)

2021-03-28

  • T3440 (bug): HTTP API: give uvicorn time to initialize before restarting Nginx proxy

2021-03-27

  • T3423 (bug): Cannot create ipv4 static route for default gateway in vrf

2021-03-26

  • T3412 (default): HTTP API: move to FastAPI as web framework

  • T2397 (feature): HTTP API: export OpenAPI definition

2021-03-24

  • T3419 (bug): show interfaces | strip-private fails

2021-03-22

  • T3284 (bug): merge/load fail silently if unable to resolve host

2021-03-21

  • T3417 (default): ISIS: provide per VRF instance support

  • T3416 (bug): NTP: when running inside a VRF op-mode commands do not work

2021-03-20

  • T3392 (bug): vrrp over dhcp default route bug (unexpected vrf)

  • T3373 (feature): Upgrade to SaltStack version 3002.5

  • T3329 (default): “system conntrack ignore” rules can no longer be created due to an iptables syntax change

  • T3300 (feature): Add DHCP default route distance

  • T3306 (feature): Extend set route-map aggregator as to 4 Bytes

2021-03-18

  • T3411 (default): Extend the redirect_stdout context manager in vyos-configd to redirect stdout from subprocesses

  • T3271 (bug): qemu-kvm grub issue

2021-03-17

  • T3413 (bug): Configuring invalid IPv6 EUI64 address results in “OSError: illegal IP address string passed to inet_pton”

2021-03-14

  • T3345 (default): BGP: add per VRF instance support

  • T3344 (default): Per VRF dynamic routing support

  • T3325 (bug): Bgp listen-range wrong commit message

  • T1513 (default): Move OSPF and RIP interface configuration under protocols

2021-03-13

  • T3406 (bug): tunnel: interface no longer supports specifying encaplimit none - or migrator is missing

  • T3407 (bug): console-server: do not allow to spawn a console-server session on serial port used by “system console”

2021-03-11

  • T3305 (bug): Ingress qdisc does not work anymore in 1.3-rolling-202101 snapshot

  • T2927 (bug): isc-dhcpd release and expiry events never execute

2021-03-09

  • T3382 (bug): Error creating Console Server

2021-03-08

  • T3387 (bug): Command “Monitor vpn ipsec” is not working

2021-03-07

  • T3388 (bug): show interfaces doesn’t display pppoeX

  • T3211 (feature): ability to redistribute ISIS into other routing protocols

2021-03-04

  • T3377 (bug): show interfaces throws error

2021-03-02

  • T3375 (bug): Interface becomes up at boot even when disabled

2021-02-28

  • T3370 (bug): dhcp: Invalid domain name “private”

  • T3369 (feature): VXLAN: add IPv6 underlay support

  • T3363 (bug): VyOS-Build interactive prompt when using Podman

  • T3320 (bug): Bgp neighbor peer-group without peer-group fail

2021-02-27

  • T3365 (bug): Bgp neighbor interface ordering for remote-as

  • T3225 (bug): Adding a BGP neighbor with an address on a local interface throws a vyos.frr.CommitError: Configuration FRR failed while committing code: ‘’

  • T3368 (feature): macsec: add support for gcm-aes-256 cipher

  • T3173 (feature): Need ‘nopmtudisc’ option for tunnel interface

2021-02-26

  • T3324 (bug): Bgp space in the password

  • T3357 (default): HTTP-API redirect from http correct https port

  • T3323 (bug): Bgp ttl-security and ebgp-multihop fail

2021-02-24

  • T3303 (feature): Change welcome message on boot

2021-02-22

  • T3322 (bug): Bgp neighbor timers not applyed to FRR config

  • T3327 (bug): OSPFv3: Cannot add dummy interface

2021-02-21

  • T3331 (bug): Bgp unsuppress-map should be as “value leafNode”

  • T3330 (bug): Bgp capability orf prefix-list fail

  • T3163 (feature): ethernet ring-buffer can be set with an invalid value

2021-02-19

  • T3326 (bug): OSPFv3: Cannot add L2TPv3 interface

  • T3332 (bug): BGP unnumbered - UnboundLocalError: local variable ‘peer_group’ referenced before assignment

2021-02-18

  • T3259 (default): many dnat rules makes the vyos http api crash, even showConfig op timeouts

2021-02-17

  • T3312 (feature): SolarFlare NICs support

2021-02-16

  • T3313 (bug): ospfv3 interface missing options

  • T3318 (feature): Update Linux Kernel to v5.4.208 / 5.10.135

2021-02-15

  • T3311 (bug): BGP Error: Remote AS must be set for neighbor or peer-group

2021-02-14

  • T2848 (feature): bgp-add-path configuration options

  • T1875 (feature): Add the ability to use network address as BGP neighbor (bgp listen range)

2021-02-12

  • T3301 (bug): Wrong format and valueHelp for policy as-path-list regex

2021-02-11

  • T3281 (default): Rewrite protocol RIPng [conf-mode] to new XML/Python style

  • T3282 (default): Add XML for [conf-mode] RIPng

  • T3279 (default): Rewrite protocol STATIC [op-mode] to new XML/Python style

  • T3297 (bug): Optimize irrelevant error stack hints

2021-02-08

  • T3295 (feature): Update Linux Kernel to v5.4.96 / 5.10.14

2021-02-05

  • T3030 (feature): Support ERSPAN Tunnel Protocol

2021-02-04

  • T3283 (feature): Support for IPv4 neigh tables

  • T3280 (default): Add XML for [conf-mode] STATIC

2021-02-03

  • T3278 (feature): Add XML for “protocols vrf” [conf-mode]

  • T3239 (default): XML: override ‘defaultValue’ for mtu of certain interfaces; remove workarounds

  • T2910 (feature): XML: generator should support override of variables

2021-02-02

  • T3018 (bug): Unclear behaviour when configuring vif and vif-s interfaces

  • T3255 (default): Rewrite protocol RPKI to new XML/Python style

  • T3263 (feature): OSPF Hello subsecond timer

2021-01-31

  • T3276 (feature): Update Linux Kernel to v5.4.94 / 5.10.12

2021-01-30

  • T3240 (feature): Support per-interface DHCPv6 DUIDs

  • T3273 (default): PPPoE static default-routes deleted on interface down when not added by interface up

2021-01-29

  • T3261 (bug): Does not possible to disable pppoe client interface.

  • T3272 (default): OSPF: interface config is not removed

2021-01-27

  • T3257 (feature): tcpdump supporting complete protocol

  • T3244 (default): Rewrite protocol OSPFv3 to new XML/Python style

2021-01-26

  • T3251 (bug): PPPoE client trying to authorize with the wrong username

  • T3256 (default): Add XML for protocol RPKI [conf-mode]

2021-01-25

  • T3249 (feature): Support operation mode forwarding table output

2021-01-24

  • T3227 (bug): Latest releases don’t work with RPKI (crash)

  • T3230 (bug): RPKI can’t be deleted

  • T3221 (bug): FRR config

  • T3245 (default): Add XML for protocol ospfv3 [conf-mode]

2021-01-23

  • T3236 (default): Add XML for [conf-mode] OSPF

2021-01-17

  • T3222 (bug): Typo in BGP dampening description

  • T3226 (bug): Repair bridge smoke test damage

2021-01-16

  • T3215 (bug): Operational command “show ipv6 route” is broken

  • T3157 (bug): salt-minion fails to start due to permission error accessing /root/.salt/minion.log

  • T3137 (feature): Let VLAN aware bridge approach the behavior of professional equipment

2021-01-15

  • T3210 (feature): ISIS three-way-handshake

  • T3184 (feature): Add correct desctiptions for BGP neighbors

2021-01-14

  • T3213 (bug): show interface command python error

2021-01-12

  • T3205 (bug): Does not possible to configure tunnel mode gre-bridge

2020-12-20

  • T3132 (feature): Enable egress flow accounting

2020-11-29

  • T2297 (feature): NTP add support for pool configuration