Infix v23.11.0-rc1
Pre-releaseNote: this is the first release where the
root
account is disabled in default builds.
Only theadmin
user, generated fromfactory-config
, can log in to the system.
This can be changed only in developer builds:
make menuconfig
-> System configuration ->[*]Enable root login with password
YANG Status
-
ieee802-ethernet-interface: Currently supported (read-only) features:
- Status of auto-negotiation, and if enabled.
- Current speed and duplex
- Frame counters:
YANG Linux / Ethtool out-frames
FramesTransmittedOK
out-multicast-frames
MulticastFramesXmittedOK
out-broadcast-frames
BroadcastFramesXmittedOK
in-total-octets
FramesReceivedOK
+ FrameCheckSequenceErrors
+ FramesLostDueToIntMACRcvError
+ AlignmentErrors
+ etherStatsOversizePkts
+ etherStatsJabbers
in-frames
FramesReceivedOK
in-multicast-frames
MulticastFramesReceivedOK
in-broadcast-frames
BroadcastFramesReceivedOK
in-error-undersize-frames
undersize_pkts
in-error-fcs-frames
FrameCheckSequenceErrors
-
- augments:
- MotD (Message of the Day)
- User login shell, default:
/bin/false
(no SSH or console login) - State information for remotely querying firmware version information
- deviations:
- timezone-name, using IANA timezones instead of plain string
- UTC offset, only support per-hour offsets with tzdata
- Usernames, clarifying Linux restrictions
- Unsupported features marked as deviations, e.g. RADIUS
- infix-system-software: firmware upgrade with
install-bundle
RPC
- augments:
-
- deviation to allow read-write
if:phys-address
for custom MAC address - ietf-ip: augments
- IPv4LL similar to standardized IPv6LL
- ietf-ip: deviations (
not-supported
) added for IPv4 and IPv6:/if:interfaces/if:interface/ip:ipv4/ip:address/ip:subnet/ip:netmask
/if:interfaces/if:interface/ip:ipv6/ip:address/ip:status
/if:interfaces/if:interface/ip:ipv4/ip:neighbor
/if:interfaces/if:interface/ip:ipv6/ip:neighbor
- ietf-routing: Base model for routing
- ietf-ipv4-unicast-routing: Static unicast routing, incl. operational data, i.e., setting static IPv4 routes and reading IPv4 routing table
- infix-ethernet-interface: deviations for ieee802-ethernet-interface
- infix-routing: Limit ietf-routing to one instance
default
per routing protocol, also details unsupported features (deviations) - infix-if-bridge: Linux bridge interfaces with native VLAN support
- infix-if-type: deviation for interface types, limiting number to supported types only. New identities are derived from default IANA interface types, ensuring compatibility with other standard models, e.g.,
ieee802-ethernet-interface.yang
- infix-if-veth: Linux VETH pairs
- infix-if-vlan: Linux VLAN interfaces, e.g.
eth0.10
- deviation to allow read-write
-
Configurable services:
- ieee802-dot1ab-lldp: stripped down to an
enabled
setting - infix-services: support for enabling mDNS service/device discovery
- ieee802-dot1ab-lldp: stripped down to an
Changes
-
The CLI built-in command
password generate
has been changed to use the secure mode of thepwgen
tool, and 13 chars for increased entropy -
The
qemu.sh -c
command, available in developer builds and the release zip, can now be used to modify the RAM size and enable VPD emulation -
Add support for overriding generated factory defaults in derivatives using a
/etc/confdrc.lcocal
file -- incl. updated branding docs. -
Add support for detecting factory reset condition from a bootloader
-
Ensure
/var
is also cleared (properly) during factory reset -
Add support for port auto-negotiation status in operational datastore
-
Add CLI support for showing veth pairs in
show interfaces
-
Speedups to CLI detailed view of a single interface
-
Updated documentation of VLAN interfaces and VLAN filtering bridge
-
Updated documentation for how to customize services in Hybrid Mode
-
In RMA mode (runlevel 9), the system no longer has any login services
-
Disable
root
login in all NETCONF builds, onlyadmin
available -
Add support for VPD data in ONIE EEPROM format
-
Add
iito
, the intelligent input/output daemon for LED control -
Add port autoneg and speed/duplex status to operational data
-
Upgrade Linux to v6.5.11, with kkit extensions
-
Add support for static IPv4 routing using
[email protected]
and[email protected]
, onedefault
instance only -
Add support for partitioning and self-provisioning of new devices
-
Add support for reading
admin
user's default password from VPD. Devices that do not have a VPD can set a password hash in the device tree -
Add support for upgrading software bundles (images) from the CLI. Supported remote servers: ftp, tftp, and http/https.
-
Traversing the CLI configure context has been simplified by collapsing all YANG containers that only contain a single list element.
Example:edit interfaces interface eth0
becomes
edit interface eth0
-
Add CLI support for creating configuration backups and transferring files to/from remote servers: tftp, ftp, http/https (download only). Issue #155
Fixes
- Fix #111: fix auto-inference of dynamic interface types (bridge, veth)
- Fix #125: improved feedback on invalid input in configure context
- Fix #198: drop bridge default PVID setting, for VLAN filtering bridge.
All bridge ports must have explicit VLAN assignment (security) - Fix #215: impossible to enable NTP client, regression from v23.06.0
- Fix regression in CLI
show factory-config
command - Fix missing version in
/etc/os-release
variablePRETTY_NAME
- Fix failure to start
podman
in GNS3 (missing Ext4 filesystem feature) - Fix initial terminal size probing in CLI when logging in from console port
- Fix CLI
show running-config
, use proper JSON format like other files