VyOS Project December 2023 update

VyOS Developer Erkin Batu Altunbas

Posted 30 Nov, 2023

Hello, community! While we are now mostly busy with stabilizing the future 1.4.0 LTS release and also working on the new 1.3.5 maintenance release, there's still news to share about the current developments. During the last month, we've added Git support for commit archive, VNI filtering for VXLAN, and made a bunch of other improvements — read on for details!

New configuration options

Option to set the maximum number of concurrent sessions for PPPoE, IPoE, L2TP and SSTP services (T5704):

set [ipoe-server|pppoe-server] max-concurrent-sessions <n>
set vpn [pptp|sstp] max-concurrent-sessions <n>

Option to set static IP neighbor proxy (T5559):

set protocols static neighbor-proxy arp <address> interface <interface>
set protocols static neighbor-proxy nd <address> interface <interface>

DHCP user class parameter (T5760):

set interfaces ethernet eth0 dhcp-options user-class <identifier>

VNI filtering for VXLAN interfaces (T5753):

set interfaces vxlan <interface> parameters vni-filter
set interfaces vxlan <interface> parameters nolearning
set interfaces vxlan <interface> parameters external
set interfaces vxlan <interface> source-address <address>

Interface prefixes can be individually set to be processed for SNMP IF-MIB, ignoring all others. An arbitrary number of prefixes can be set this way. It is also possible to set a maximum number of interfaces to process (T5702):
```
set service snmp mib interface <prefix>
set service snmp mib interface-max <n>
```

Git support for commit archive (T2405):

set system config-management commit-archive location git+https://<user>:<password>@<host>/path

New commands

mDNS repeater operational mode commands (T5719):

restart mdns repeater
show log mdns repeater
monitor mdns repeater

Commands to display EVPN next hops and Ethernet segment per VRF (T5698):
```
show bgp l2vpn evpn es-vrf
show bgp l2vpn evpn next-hops
```
VRF support for traceroute monitoring (T5658):
```
monitor traceroute <address> vrf <name>
```
Commands to display VNI mapping information (T5150, T5753):
```
show vrf vni
show vrf <name> vni
show bridge vni
```
show interfaces now displays MTU, VRF and MAC address information. Previous version with the brief output is now under the summary subcommand (T5747):
```
show interfaces
show interfaces summary
```

New PIM features from FRR v9.1. Consult FRR documentation for details (T5733):

set protocols pim interface <interface> bfd [profile <name>]
set protocols [pim|pim6] interface <interface> dr-priority <n>
set protocols [pim|pim6] interface <interface> hello
set protocols [pim|pim6] interface <interface> no-bsm
set protocols [pim|pim6] interface <interface> no-unicast-bsm
set protocols [pim|pim6] interface <interface> passive

Other changes

Dual-stack support for multiple dynamic DNS protocols (T5708):

Remote reboot and poweroff endpoints for the HTTPS API (T5767):

POST {"op": "reboot": ["now"]} to /reboot
POST {"op": "poweroff": ["now"]} to /poweroff

Firewall CLI syntax is moving away from enable and disable for boolean options for better congruence with the rest of the CLI. The presence and absence of the node will determine the state now (T5729):

# previously
set firewall ipv4 name <name> rule <n> log enable
set firewall ipv4 name <name> rule <n> log disable
# now
set firewall ipv4 name <name> rule <n> log
delete firewall ipv4 name <name> rule <n> log

The default VXLAN MTU value was changed from 1450 to 1500 (T5759).
The default PPPoE MRU uses the existing MTU value instead of 1492 (T5630).
As of 1.5, it is no longer possible to downgrade to legacy 1.2 images from the current version, due to the drastic changes in the installation scripts we have to make to improve them.

That's all for now, but stay tuned for updates!

The post categories: project updates 1.4 1.5

VyOS Networks Blog