Page MenuHomeVyOS Platform

Multiple push-route options cause error generating openvpn configuration
Closed, ResolvedPublicBUG

Description

Using the follwowing:

[edit interfaces openvpn vtun0]
vyos@vyos# show server push-route 
+push-route 10.3.0.0/16
+push-route 10.10.1.0/24

Results in:

vyos@vyos# commit
[ interfaces openvpn vtun0 ]
Traceback (most recent call last):
  File "/usr/libexec/vyos/conf_mode/interface-openvpn.py", line 905, in <module>
    c = get_config()
  File "/usr/libexec/vyos/conf_mode/interface-openvpn.py", line 556, in get_config
    network = conf.return_value('server push-route')
  File "/usr/lib/python3/dist-packages/vyos/config.py", line 269, in return_value
    raise VyOSError("Cannot use return_value on multi node: {0}".format(full_path))
vyos.config.VyOSError: Cannot use return_value on multi node: interfaces openvpn vtun0 server push-route

[[interfaces openvpn vtun0]] failed

Details

Difficulty level
Unknown (require assessment)
Version
vyos-1.3-rolling-201909030923
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)

Event Timeline

c-po changed the task status from Open to In progress.Sep 4 2019, 7:20 AM
c-po claimed this task.
c-po triaged this task as High priority.

@jdevincentis is this a custom build? Using VyOS 1.2-rolling-201909040337 I can not reproduce the issue with:

openvpn vtun10 {
    encryption aes256
    hash sha512
    local-host 172.18.201.10
    local-port 1194
    mode server
    persistent-tunnel
    protocol udp
    server {
        client client1 {
            ip 10.10.0.10
            push-route 194.145.150.0/23
            subnet 192.0.2.0/24
        }
        domain-name vyos.net
        max-connections 250
        name-server 172.16.254.30
        push-route 10.3.0.0/16
        push-route 10.10.1.0/24
        subnet 10.10.0.0/24
        topology subnet
    }
    tls {
        ca-cert-file /config/auth/ca.crt
        cert-file /config/auth/server.crt
        dh-file /config/auth/dh.pem
        key-file /config/auth/server.key
    }
    use-lzo-compression
}

Just noticed you used VyOS 1.2-rolling-201909040337, this is for 1.3 rolling.

1.3 rolling is not recommended for users - its pre-alpha.

I'm aware, I'm testing it since 1.2 has an unresolvable bug (due to the age of the distribution it's built on) in the isc-dhcp-relay package.

I found this bug as part of testing 1.3

This is actually a duplicate of T1617.

I cherry-picked the fixe to the equuleus branch. good luck

https://github.com/vyos/vyos-1x/commit/501908ae54a1aaae1337673617ebfcc281b02662

erkin set Issue type to Bug (incorrect behavior).Aug 31 2021, 6:52 PM