The previous 'connection-type respond' option in IPsec site-to-site peers
was misleading - instead of passively waiting for peer initiation, it would
initiate negotiation when matching traffic appeared, potentially causing
SA duplication and renegotiation loops.
* Proofreading About and History
* Apply suggestions from code review
Co-authored-by: Daniil Baturin <daniil@baturin.org>
* Addressed comments on the About and History sections.
---------
Co-authored-by: Daniil Baturin <daniil@baturin.org>
* dhcp-server: T3936: Added support for DHCP Option 82
This commit adds support in both the CLI and the underlying code for
DHCP Option 82 to be used to filter/route DHCP address assignments.
The primary use case for this is to support enterprise switches which
can "tag" DHCP requests with physical real world informaiton such as
which switch first saw the request and which port it originated from
(known in this context as remote-id and circuit-id). Once
client-classes have been defined they can be assigned to subnets or
ranges so that only certain addresses get assigned to specific
requests.
There is also a corresponding code update which pairs with this
documentation change.
---------
Co-authored-by: Daniil Baturin <daniil@baturin.org>
Update title to "VyOS rolling release (current)" to replace
the misleading "VyOS 1.5.x (circinus) documentation"
and keep wording consistent with other pages.
* haproxy: T7906: Probing of a port other than the one to which normal traffic is sent
Add support for specifying a custom health check port for HAProxy backend servers.
This allows health probes to target a dedicated endpoint - such as port 8080 - separate
from normal traffic ports (e.g., 80 or 443).
* Fix article usage
---------
Co-authored-by: Daniil Baturin <daniil@baturin.org>
- Added a dedicated page describing the process of signing the CLA
- Added references to this page on documents explaining how to submit code and documentation
changes
* VPP: Fixed syntax on vpp/dataplane/buffers.rst
- Fixed sections levels markers
- Fixed a list in `buffers-per-numa` section
* vpp: Expanded DPDK options description in interface settings
- Added more details about `num-tx-queues` calculations.
- Fixed section marks on the `configuration/dataplane/interface.rst` page.
- Added missing Kernel Tuning section in system settings for VPP
- Fixed inconsistent section hierarchy in NAT44 configuration documentation
- Fixed lost `netlink` from configuration commands in LCP settings
- Clarified CPU settings logic
This commit introduces extensive documentation for VyOS VPP (Vector Packet Processing)
Dataplane interfaces and features, including examples.
Features documented:
* VPP integration description, base requirements and limitations
* VPP dataplane core settings
* Features enabled in the dataplane: ACL, IPsec, NAT, sFlow
* VPP interface types: bonding, bridge, GRE, IPIP, kernel, loopback, VXLAN, XConnect
Note: This is an initial documentation version that will require ongoing improvements
based on user feedback and questions, real-world deployment testing and validation, additional
use cases and configuration scenarios discovered in production. Therefore, all pages are
marked as "need improvement".
