Skip to content

Infix v23.11.0-rc1

Pre-release
Pre-release
Compare
Choose a tag to compare
@github-actions github-actions released this 28 Nov 13:02
· 1239 commits to main since this release
v23.11.0-rc1
f61e8e4

Note: this is the first release where the root account is disabled in default builds.
Only the admin user, generated from factory-config, can log in to the system.
This can be changed only in developer builds:
make menuconfig -> System configuration -> [*]Enable root login with password

YANG Status

  • ieee802-ethernet-interface: Currently supported (read-only) features:

    • Status of auto-negotiation, and if enabled.
    • Current speed and duplex
    • Frame counters:
    YANG Linux / Ethtool
    out-frames FramesTransmittedOK
    out-multicast-frames MulticastFramesXmittedOK
    out-broadcast-frames BroadcastFramesXmittedOK
    in-total-octets FramesReceivedOK
    + FrameCheckSequenceErrors
    + FramesLostDueToIntMACRcvError
    + AlignmentErrors
    + etherStatsOversizePkts
    + etherStatsJabbers
    in-frames FramesReceivedOK
    in-multicast-frames MulticastFramesReceivedOK
    in-broadcast-frames BroadcastFramesReceivedOK
    in-error-undersize-frames undersize_pkts
    in-error-fcs-frames FrameCheckSequenceErrors

  • ietf-system:

    • augments:
      • MotD (Message of the Day)
      • User login shell, default: /bin/false (no SSH or console login)
      • State information for remotely querying firmware version information
    • deviations:
      • timezone-name, using IANA timezones instead of plain string
      • UTC offset, only support per-hour offsets with tzdata
      • Usernames, clarifying Linux restrictions
      • Unsupported features marked as deviations, e.g. RADIUS
    • infix-system-software: firmware upgrade with install-bundle RPC

  • ietf-interfaces:

    • deviation to allow read-write if:phys-address for custom MAC address
    • ietf-ip: augments
      • IPv4LL similar to standardized IPv6LL
    • ietf-ip: deviations (not-supported) added for IPv4 and IPv6:
      • /if:interfaces/if:interface/ip:ipv4/ip:address/ip:subnet/ip:netmask
      • /if:interfaces/if:interface/ip:ipv6/ip:address/ip:status
      • /if:interfaces/if:interface/ip:ipv4/ip:neighbor
      • /if:interfaces/if:interface/ip:ipv6/ip:neighbor
    • ietf-routing: Base model for routing
    • ietf-ipv4-unicast-routing: Static unicast routing, incl. operational data, i.e., setting static IPv4 routes and reading IPv4 routing table
    • infix-ethernet-interface: deviations for ieee802-ethernet-interface
    • infix-routing: Limit ietf-routing to one instance default per routing protocol, also details unsupported features (deviations)
    • infix-if-bridge: Linux bridge interfaces with native VLAN support
    • infix-if-type: deviation for interface types, limiting number to supported types only. New identities are derived from default IANA interface types, ensuring compatibility with other standard models, e.g., ieee802-ethernet-interface.yang
    • infix-if-veth: Linux VETH pairs
    • infix-if-vlan: Linux VLAN interfaces, e.g. eth0.10

  • Configurable services:

Changes

  • The CLI built-in command password generate has been changed to use the secure mode of the pwgen tool, and 13 chars for increased entropy

  • The qemu.sh -c command, available in developer builds and the release zip, can now be used to modify the RAM size and enable VPD emulation

  • Add support for overriding generated factory defaults in derivatives using a /etc/confdrc.lcocal file -- incl. updated branding docs.

  • Add support for detecting factory reset condition from a bootloader

  • Ensure /var is also cleared (properly) during factory reset

  • Add support for port auto-negotiation status in operational datastore

  • Add CLI support for showing veth pairs in show interfaces

  • Speedups to CLI detailed view of a single interface

  • Updated documentation of VLAN interfaces and VLAN filtering bridge

  • Updated documentation for how to customize services in Hybrid Mode

  • In RMA mode (runlevel 9), the system no longer has any login services

  • Disable root login in all NETCONF builds, only admin available

  • Add support for VPD data in ONIE EEPROM format

  • Add iito, the intelligent input/output daemon for LED control

  • Add port autoneg and speed/duplex status to operational data

  • Upgrade Linux to v6.5.11, with kkit extensions

  • Add support for static IPv4 routing using ietf-routing@2018-03-13.yang and ietf-ipv4-unicast-routing@2018-03-13.yang, one default instance only

  • Add support for partitioning and self-provisioning of new devices

  • Add support for reading admin user's default password from VPD. Devices that do not have a VPD can set a password hash in the device tree

  • Add support for upgrading software bundles (images) from the CLI. Supported remote servers: ftp, tftp, and http/https.

  • Traversing the CLI configure context has been simplified by collapsing all YANG containers that only contain a single list element.
    Example:

      edit interfaces interface eth0

    becomes

      edit interface eth0

  • Add CLI support for creating configuration backups and transferring files to/from remote servers: tftp, ftp, http/https (download only). Issue #155

Fixes

  • Fix #111: fix auto-inference of dynamic interface types (bridge, veth)
  • Fix #125: improved feedback on invalid input in configure context
  • Fix #198: drop bridge default PVID setting, for VLAN filtering bridge.
    All bridge ports must have explicit VLAN assignment (security)
  • Fix #215: impossible to enable NTP client, regression from v23.06.0
  • Fix regression in CLI show factory-config command
  • Fix missing version in /etc/os-release variable PRETTY_NAME
  • Fix failure to start podman in GNS3 (missing Ext4 filesystem feature)
  • Fix initial terminal size probing in CLI when logging in from console port
  • Fix CLI show running-config, use proper JSON format like other files
Assets 6
Loading