Skip to content

Infix v25.11.0

Choose a tag to compare

View all tags
@github-actions github-actions released this 03 Dec 08:44
· 388 commits to main since this release
v25.11.0
This tag was signed with the committer’s verified signature.
troglobit Joachim Wiberg
GPG key ID: ECA826A37B6C7409
Verified
Learn about vigilant mode.
19a09a8
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Note

Noteworthy changes and additions in this release:

  • DHCPv6 client support
  • Configurable support for TTL in GRE/VXLAN tunnels
  • Extensive filtering support for syslog messages

Changes

  • Upgrade Buildroot to 2025.02.8 (LTS)
  • Upgrade Linux kernel to 6.12.60 (LTS)
  • Initial support for 32-bit ARM systems, reference board: Raspberry Pi 2B
  • Enable MVEBU SafeXcel Crypto Engine firmware for Marvell Armada SOCs (37xx, 7k, 8k, and CN913x series). Fixes kernel warnings about firmware load failures and crypto-safexcel probe errors on affected boards
  • Major improvements to OSPF and BFD operational data and CLI commands:
    • CLI commands now use data from the operational datastore instead of calling vtysh directly, providing better integration and consistency
    • New show ip ospf command family (neighbor, interface, route) to align with industry standard CLI conventions. Legacy show ospf commands are deprecated but still work with warnings
    • The show ip ospf database subcommand has been dropped for now, the advanced user can still use vtysh from Bash if necessary, issue #1253
    • Extended BFD commands: show bfd (status), show bfd peers (detailed), show bfd peers brief (table format), and show bfd peer <address>
    • All command names now use singular form (interface, route, neighbor) matching Cisco/FRR conventions, as well as configure context naming
    • New support for configuring OSPF interface priority for DR/BDR election
  • The DHCP client configuration has moved from /infix-dhcp-client:dhcp-client to /interfaces/interface[name]/ipv4/infix-dhcp-client:dhcp, issue #1109. The configuration is automatically migrated on upgrade. The DHCP client is now enabled using a presence container instead of a separate enabled leaf
  • The enabled node for IPv4 autoconf (ZeroConf) has been dropped, autoconf is now a presence container. Configuration automatically migrated on upgrade
  • Add DHCPv6 client support for per-interface IPv6 configuration, augmenting /interfaces/interface[name]/ipv6/infix-dhcpv6-client:dhcp, issue #1110
  • Fix namespace for DHCPv4 client YANG module from urn:ietf:params:xml:ns:yang to urn:infix:params:xml:ns:yang to properly reflect custom implementation
  • Improvements to sdcard.img generation, useful for developers mostly:
    • The NanoPi R2S bootloader is now automatically built and uploaded to the latest-boot release tag
    • The utils/mkimage.sh script now supports fetching the bootloader
    • The raspberrypi-rpi64 board's bootloader is now aptly named rpi64
  • Add support for configuring TTL, ToS/DSCP, and Path MTU Discovery on GRE and VXLAN tunnels. This also changes the default TTL of tunnels to 64, from the kernel default (inherit), which in turn fixes reported issues with dropped OSPF Hello frames in GRE tunnels
  • Document how to go from SD card to eMMC on BPi-R3
  • Add CLI commands for managing boot partition order: show boot-order and set boot-order allow viewing and changing the boot order from the CLI, complementing the existing YANG RPC support, issue #1032
  • Extended syslog filtering capabilities, issue #1091:
    • Add support for pattern matching using POSIX extended regular expressions on message content (IETF select-match feature)
    • Add support for advanced severity comparison: exact match (equals) and exclusion (block/stop) in addition to the default equals-or-higher (IETF select-adv-compare feature)
    • Add support for hostname-based filtering, useful when acting as a log server to route messages from different devices to separate log files
    • Add support for property-based filtering with operators (contains, isequal, startswith, regex, ereregex) on message properties (msg, msgid, programname, hostname, source, data), with optional case-insensitive and negate modifiers
  • Update factory configuration for BPi-R3 and NanoPi R2S boards to enable DHCPv6 client on WAN interface and allow traffic forwarding from LAN to WAN zone in the firewall (this is what most users expect)
  • New support command for collecting system diagnostics to aid in both troubleshooting and support. Run support collect > data.tar.gz locally or remotely via SSH to gather configuration, logs, network state, and system information (encryption using gpg available too)

Fixes

  • Fix #855: User admin sometimes fails to be added to wheel group
  • Fix #1112: setting hostname via DHCP client sometimes gets overridden by the configured system hostname
  • Fix #1247: Prevent invalid configuration of OSPF backbone area (0.0.0.0) as stub or NSSA. The backbone must always be a normal area per RFC 2328. Any existing invalid configurations are automatically corrected during upgrade
  • Fix #1255: serious regression in boot time, introduced in v25.10, delays the boot step "Mounting filesystems ...", from 30 seconds up to five minutes!
  • Fix #1289: SSH host key generation warning at boot after factory reset
  • Fix broken intra-document links in container and tunnel documentation
  • Fix show dhcp-server command crashing with invalid timestamp format. DHCP lease expiry timestamps had double timezone suffix causing libyang validation errors
  • Fix show dhcp-server output alignment. The EXPIRES column was misaligned when CLIENT ID field was empty, and CLIENT ID column was too narrow for typical 20-character client IDs

Tip

Try Infix in GNS3! Download the appliance from the GNS3 Marketplace to test Infix in a virtual network environment without hardware.

Assets 10
Loading
0 Join discussion