For some time now commit-archive has failed to actually use the address specified by source-address. Here's the router I'm configuring for commit-archive:
trae@cr01a-vyos# set system config-management commit-archive source-address 'fd52:d62e:8011:fffe:192:168:253:6' [edit] trae@cr01a-vyos# commit Using source address fd52:d62e:8011:fffe:192:168:253:6 Archiving config... sftp://stor01z-cs.int.trae32566.org:/dal13/cr01a-vyos curl: (7) Failed to connect to stor01z-cs.int.trae32566.org port 22: Connection timed out Failed!
Here's the switch with ACLs for the source address specified above:
ir01(config)#show ipv6 access-lists EXTSTOR_OUT-V6 | i fffe 110 permit tcp fd52:d62e:8011:fffe::/64 host fd52:d62e:8011:46:192:168:9:254 eq ssh ir01(config)#show log all | i EXTSTOR_OUT-V6 Mar 2 00:41:03 ir01 Acl: %ACL-6-IP6ACCESS: egress list EXTSTOR_OUT-V6 Vlan70 denied tcp fd52:d62e:8011:1397::1(38572) -> fd52:d62e:8011:46:192:168:9:254(22) Mar 2 00:41:18 ir01 Acl: message repeated 4 times: [ %ACL-6-IP6ACCESS: egress list EXTSTOR_OUT-V6 Vlan70 denied tcp fd52:d62e:8011:1397::1(38572) -> fd52:d62e:8011:46:192:168:9:254(22)] Mar 2 00:41:31 ir01 Acl: %ACL-6-IP6ACCESS: egress list EXTSTOR_OUT-V6 Vlan70 denied tcp fd52:d62e:8011:13d0::2(37198) -> fd52:d62e:8011:46:192:168:9:254(22) Mar 2 00:41:32 ir01 Acl: %ACL-6-IP6ACCESS: egress list EXTSTOR_OUT-V6 Vlan70 denied tcp fd52:d62e:8011:13d0::2(37198) -> fd52:d62e:8011:46:192:168:9:254(22) Mar 2 00:41:34 ir01 Acl: %ACL-6-IP6ACCESS: egress list EXTSTOR_OUT-V6 Vlan70 denied tcp fd52:d62e:8011:1397::1(38572) -> fd52:d62e:8011:46:192:168:9:254(22) Mar 2 00:42:08 ir01 Acl: %ACL-6-IP6ACCESS: egress list EXTSTOR_OUT-V6 Vlan70 denied tcp fd52:d62e:8011:1397::1(38572) -> fd52:d62e:8011:46:192:168:9:254(22)
You can see here it works fine when I specify the source using ssh manually:
trae@cr01a-vyos# ssh -b fd52:d62e:8011:fffe:192:168:253:6 stor01z-cs.int The authenticity of host 'stor01z-cs.int (fd52:d62e:8011:46:192:168:9:254)' can't be established. ECDSA key fingerprint is SHA256:hIdI/80WQLKKCsoO/nLW4+yxXCUOFxDdfkLhfPypsOw. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'stor01z-cs.int,fd52:d62e:8011:46:192:168:9:254' (ECDSA) to the list of known hosts. First Factor: [edit]