Allow specifying source IP for 'add system image'
If your machine has multiple interfaces, the source IP of outgoing connections will be the interface of the default route:

[email protected]:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
eth0             -                                 u/u
eth0.101                    u/u
eth0.115                    u/u
lo                            u/u
[email protected]:~$
[email protected]:~$ show ip route
Routing entry for
  Known via "ospf", distance 110, metric 10, best
  Last update 16:36:34 ago
  *, via eth0.101, weight 1
  *, via eth0.101, weight 1
[email protected]:~$

When this machine connects out to the internet, it will establish a connection from eth0.101, which is the default route. However, as that's a RFC1918 address, it will not have internet connectivity unless something upstream is doing NAT.

Historically, in Cisco land, this was resolved by having a loopback interface that the device used as a source IP, but that is becoming harder and harder to manage.

A simpler option would be to an option to add system image of from (or, preferably, a system configuration parameter?) that sets the --interface and related dns params to curl:

     --dns-interface <interface> Interface to use for DNS requests
     --dns-ipv4-addr <address> IPv4 address to use for DNS requests
     --dns-ipv6-addr <address> IPv6 address to use for DNS requests
     --dns-servers <addresses> DNS server addrs to use
     --interface <name> Use network INTERFACE (or address)

This means that the add system image command could be something like this;

add system image from eth0.115

However, the current curl binary itself has the --dns-interface command removed, which makes this harder.

[email protected]:~$ curl --dns-interface eth0.115 --interface eth0.115 -O /tmp/vyos.iso
curl: (4) A requested feature, protocol or option was not found built-in in this libcurl due to a build-time decision.
curl: (4) A requested feature, protocol or option was not found built-in in this libcurl due to a build-time decision.
[email protected]:~$

A workaround for the missing curl DNS feature issue is to hard-code the IP address (which, admittedly, IS A TERRIBLE IDEA), and pass that as a curl param, as well:

[email protected]:~$ curl --resolve --interface eth0.115 -o /tmp/vyos.iso
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  314M  100  314M    0     0  10.7M      0  0:00:29  0:00:29 --:--:-- 12.0M
[email protected]:~$ ls -al /tmp/vyos.iso
-rw-r--r-- 1 vyos users 329252864 Jun 14 20:44 /tmp/vyos.iso
[email protected]:~$

Edit, with a thought later: Rather than hard-coding IP addresses (which is guaranteed to break someone in the future), dig has a 'bind' param:

[email protected]:~$ dig -bPUB.IP.ADD.RESS +short A | awk '/^[0-9\.]+$/'
[email protected]:~$

Which means this could be used to generate the --resolve line:

dig -bPUB.IP.ADD.RESS +short | awk '/^[0-9\.]+$/ { printf (!x) ? "--resolve"$0 : ","$0; x=1}'


Probably is can be set in a curlrc file which is populated from CLI options

