Today, I upgraded my router system and found several serious communication problems, as follows:
- The communication between the PC host of the primary router is abnormal, but it is strange that the communication between the secondary router and vyos (primary local) is normal, but the raspberry pie directly connected to vyos cannot communicate externally
- DHCPv6 PD is no longer in effect
- After deleting DHCPv6 PD, an error is found
Note: The basic communication on vyos version 1.4-rolling-202108150117 is normal. It can be determined that major changes may have occurred in this time period, damaging the communication of the router.
If it is a fake bug report caused by configuration change, please let me know. Otherwise, please discuss how to modify this bug
laste config:
########### FILE INFO ###########
File Name: 1.4-rolling-202108250117://config/config.boot
Text File:
Permissions: -rwxrwxr-x
Owner: root
Size: 14K
Modified: Aug 25 19:33
Description: ASCII text, with very long lines
########### FILE DATA ###########
container {
name adguardhome {
allow-host-networks
description AdGuardHome
image adguard/adguardhome
volume conf {
destination /opt/adguardhome/conf
source /config/adguardhome/conf
}
}
name pac {
allow-host-networks
description PAC-NGINX
image nginx
volume nginx-conf {
destination /etc/nginx/conf.d
source /config/pac/vhost
}
volume pac {
destination /www/root/default
source /config/pac/www
}
}
}
interfaces {
bridge br1 {
address 192.168.0.1/24
address fc00:470:f1cd::1/64
description "Primary switching bridge"
enable-vlan
member {
interface eth0 {
native-vlan 2
}
interface eth1 {
allowed-vlan 1-2
}
interface eth2 {
allowed-vlan 2
native-vlan 1
}
interface eth3 {
allowed-vlan 2
native-vlan 1
}
interface eth4 {
native-vlan 2
}
}
mtu 1500
stp
vif 2 {
address 192.168.101.1/24
address fc00:470:f1cd:101::1/64
description "Terminal Network SVI"
}
}
ethernet eth0 {
description "Huawei Switch"
hw-id 00:98:2b:f8:3f:11
ip {
adjust-mss 1452
}
ipv6 {
address {
}
adjust-mss 1452
dup-addr-detect-transmits 1
}
mtu 1492
offload {
gro
gso
lro
rps
sg
tso
ufo
}
}
ethernet eth1 {
description "DELL R410(Trunk)"
hw-id 00:98:2b:f8:3f:12
ip {
adjust-mss 1452
}
ipv6 {
adjust-mss 1452
}
mtu 1500
offload {
gro
gso
lro
rps
sg
tso
ufo
}
speed auto
}
ethernet eth2 {
description DNS/SNMP
hw-id 00:98:2b:f8:3f:13
ip {
adjust-mss 1452
}
ipv6 {
adjust-mss 1452
}
mtu 1492
offload {
gro
gso
lro
rps
sg
tso
ufo
}
}
ethernet eth3 {
description LAN
hw-id 00:98:2b:f8:3f:14
ip {
adjust-mss 1452
}
ipv6 {
adjust-mss 1452
}
mtu 1492
offload {
gro
gso
lro
rps
sg
tso
ufo
}
}
ethernet eth4 {
description "netgear R6260 AP"
hw-id 00:98:2b:f8:3f:15
ip {
adjust-mss 1452
}
ipv6 {
adjust-mss 1452
}
mtu 1492
offload {
gro
gso
lro
rps
sg
tso
ufo
}
}
ethernet eth5 {
description "ISP WAN"
hw-id 00:98:2b:f8:3f:16
mtu 1500
offload {
gro
gso
lro
rps
sg
tso
ufo
}
}
loopback lo {
address 127.0.0.1/8
address ::1/128
address 1.1.1.1/32
description loopback
}
pppoe pppoe0 {
authentication {
password password
user user
}
default-route force
description ISP
dhcpv6-options {
parameters-only
pd 0 {
interface br1 {
address 101
sla-id 2
}
interface br1.2 {
address 101
sla-id 1
}
interface tun1 {
address 101
sla-id 3
}
length 60
}
}
ip {
adjust-mss 1452
}
ipv6 {
address {
autoconf
}
adjust-mss 1452
}
mtu 1492
source-interface eth5
traffic-policy {
out WAN-SHAPER
}
}
tunnel tun1 {
address fc00:470:f1cd:3::1/64
description "GRE Over IPv6"
encapsulation ip6gre
remote fc00:470:f1cd::4
source-address fc00:470:f1cd::1
}
tunnel tun2 {
address 192.168.3.1/24
description "GRE Over IPv4"
encapsulation gre
remote 192.168.0.4
source-address 192.168.0.1
}
wireguard wg01 {
address 192.168.10.4/24
address fc00:320:f1cd::4/64
description Wg-VPN
peer qhjack {
address 66.42.99.20
allowed-ips 192.168.10.0/24
allowed-ips fc00:320:f1cd::/64
persistent-keepalive 15
port 51820
public-key bSdvz0fjDBOTSaqI/aPJRamUYNoz1lFFQaYkxnJbWEQ=
}
port 12224
private-key qIpTocuJ4JrUWvB/5HhwuQ4AE4UyPiM1uqfBA9I15E0=
}
}
nat {
source {
rule 1 {
description PUBLIC
log
outbound-interface pppoe0
protocol all
source {
address 192.168.0.0/16
}
translation {
address masquerade
}
}
}
}
protocols {
ospf {
area 0 {
network 192.168.0.0/24
network 192.168.101.0/24
network 192.168.3.0/24
network 192.168.5.0/24
}
interface br1 {
dead-interval 40
hello-interval 10
network point-to-point
priority 1
retransmit-interval 5
transmit-delay 1
}
log-adjacency-changes {
}
parameters {
abr-type cisco
router-id 1.1.1.1
}
redistribute {
connected {
metric-type 2
}
kernel {
metric-type 2
}
}
}
ospfv3 {
area 0 {
interface br1.1
interface br1.2
interface tun1
interface wg01
range fc00:470:f1cd:5::/64 {
}
range fc00:470:f1cd:101::/64 {
}
range fc00:470:f1cd::/64 {
}
}
parameters {
router-id 1.1.1.1
}
redistribute {
connected {
}
}
}
static {
route 0.0.0.0/0 {
interface pppoe0 {
}
}
route 192.168.5.0/24 {
interface wg01 {
}
}
route6 ::/0 {
interface pppoe0 {
}
}
route6 fc00:470:f1cd:5::/64 {
interface wg01 {
}
}
table 150 {
route 0.0.0.0/0 {
interface pppoe0 {
}
}
route6 ::/0 {
interface pppoe0 {
}
}
}
}
}
service {
dhcp-server {
dynamic-dns-update
hostfile-update
shared-network-name pri101 {
description "DHCP 101"
subnet 192.168.101.0/24 {
default-router 192.168.101.1
dns-server 192.168.101.1
domain-name pri101.local
domain-search pri101.local
lease 86400
ntp-server 192.168.101.1
range 0 {
start 192.168.101.9
stop 192.168.101.254
}
static-mapping deepstack-wlan {
ip-address 192.168.101.246
mac-address e4:5f:01:06:66:1a
}
static-mapping esp32-cam {
ip-address 192.168.101.199
mac-address ec:94:cb:4b:6e:b4
}
static-mapping esp8266_dc1 {
ip-address 192.168.101.210
mac-address 60:01:94:2b:57:02
}
static-mapping pi4 {
ip-address 192.168.101.246
mac-address e4:5f:01:06:66:1a
}
static-mapping xiaomi-air {
ip-address 192.168.101.208
mac-address 24:ce:00:cc:ad:29
}
static-mapping xiaomi-gateway {
ip-address 192.168.101.206
mac-address 34:ce:00:88:ab:14
}
}
}
}
mdns {
repeater {
}
}
router-advert {
interface br1 {
hop-limit 60
interval {
max 600
min 10
}
link-mtu 1492
name-server fc00:470:f1cd::1
prefix ::/0 {
}
reachable-time 0
retrans-timer 0
}
interface br1.2 {
hop-limit 60
interval {
max 600
min 10
}
link-mtu 1492
name-server fc00:470:f1cd:101::1
prefix ::/0 {
}
reachable-time 0
retrans-timer 0
}
interface tun1 {
hop-limit 60
interval {
max 600
min 10
}
link-mtu 1492
name-server fc00:470:f1cd::1
prefix ::/0 {
}
reachable-time 0
retrans-timer 0
}
}
snmp {
listen-address 192.168.0.1 {
port 161
}
listen-address fc00:470:f1cd::1 {
port 161
}
location HOME
v3 {
engineid ff42
group default {
mode ro
seclevel priv
view public
}
user vyos {
auth {
encrypted-password 3f12d57df3c6cb28f359930e369e701f73b509fe
type sha
}
group default
mode ro
privacy {
encrypted-password 3f12d57df3c6cb28f359930e369e701f73b509fe
type aes
}
}
view public {
oid 1 {
}
}
}
}
ssh {
listen-address 0.0.0.0
listen-address ::
}
}
system {
config-management {
commit-revisions 100
}
conntrack {
modules {
ftp
h323
nfs
pptp
sip
sqlnet
tftp
}
}
console {
device ttyS0 {
speed 115200
}
}
domain-name router
host-name vyos
ip {
arp {
table-size 2048
}
multipath {
layer4-hashing
}
}
ipv6 {
multipath {
layer4-hashing
}
neighbor {
table-size 2048
}
strict-dad
}
login {
user vyos {
authentication {
encrypted-password $6$UaXQViDvJ.Hr$85U/9Q5d/tc9hdtrnntMVgrztOCext..OJCHaJYZUo82GAdD95lchvSjI3vCZJTNte7cIAs87YctYlXODGXAz1
plaintext-password ""
}
}
}
name-server 202.96.134.33
name-server 202.96.128.86
name-server 114.114.114.114
ntp {
allow-clients {
address 192.168.0.0/16
address fc00:470:f1cd::/48
}
listen-address ::
listen-address 0.0.0.0
server 0.debian.pool.ntp.org {
}
server 1.debian.pool.ntp.org {
}
server 2.debian.pool.ntp.org {
}
server 3.debian.pool.ntp.org {
}
}
option {
performance latency
reboot-on-panic
}
sysctl {
parameter net.ipv4.conf.all.rp_filter {
value 0
}
parameter net.ipv4.conf.default.rp_filter {
value 0
}
parameter net.ipv4.conf.eth0.rp_filter {
value 0
}
parameter net.ipv6.conf.all.accept_ra {
value 2
}
parameter net.ipv6.conf.all.forwarding {
value 1
}
parameter vm.swappiness {
value 0
}
}
syslog {
global {
facility all {
level info
}
facility protocols {
level debug
}
}
}
time-zone Asia/Shanghai
}
traffic-policy {
shaper WAN-SHAPER {
bandwidth 300mbps
default {
bandwidth 100%
burst 15k
priority 7
queue-type fq-codel
}
}
}
// Warning: Do not remove the following line.
// vyos-config-version: "bgp@1:broadcast-relay@1:cluster@1:config-management@1:conntrack@3:conntrack-sync@2:dhcp-relay@2:dhcp-server@5:dhcpv6-server@1:dns-forwarding@3:firewall@6:https@3:interfaces@23:ipoe-server@1:ipsec@8:isis@1:l2tp@4:lldp@1:mdns@1:nat@5:nat66@1:ntp@1:openconnect@1:policy@1:pppoe-server@5:pptp@2:qos@1:quagga@9:rpki@1:salt@1:snmp@2:ssh@2:sstp@4:system@21:vrf@3:vrrp@2:vyos-accel-ppp@2:wanloadbalance@3:webproxy@2:zone-policy@1"
// Release version: 1.4-rolling-202108250117