DNS forwarding was last changed back in August by commit https://github.com/vyos/vyos-1x/commit/fdae741be5ffaa3719ce889d0342c3091ad3c92c
- Feed Queries
- All Stories
- Search
- Feed Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Dec 8 2019
Dec 8 2019
c-po moved T1864: Lower IPSec DPD timeout lower limit from 10s -> 2s from Needs Triage to Backlog on the VyOS 1.2 Crux (VyOS 1.2.4) board.
c-po moved T1864: Lower IPSec DPD timeout lower limit from 10s -> 2s from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po changed the status of T1864: Lower IPSec DPD timeout lower limit from 10s -> 2s from Open to In progress.
I can not reproduce this issue. I just upgraded to the specified version.
vyos@vyos:~$ show version Version: VyOS 1.2-rolling-201912080217 Built by: autobuild@vyos.net Built on: Sun 08 Dec 2019 02:17 UTC Build UUID: b998c0a6-ccf9-47ca-a8f8-7cc561bc5528 Build Commit ID: 7b47b452ce86a9
Please share commands to reproduce this. We do kot hve a 1.2.3 rolling version.
qiuchengxuan changed Version from - to 1.2.3 rolling on T1863: daemon config lost after commit changes.
Dec 7 2019
Dec 7 2019
@zsdc It looks like after boot the DHCP DNS and search does indeed disappear, it just appears to take a minute, so I guess this can be closed (though it seems odd it would get added at all, but I guess that's alright).
Dec 6 2019
Dec 6 2019
Trying to apply the fix manually:
Built a fresh rolling. It failed with:
jestabro moved T1862: Use regex pattern \s+ to split strings on whitespace in Python 3.7 from Need Triage to In Progress on the VyOS 1.3 Equuleus board.
jestabro reopened T1862: Use regex pattern \s+ to split strings on whitespace in Python 3.7 as "In progress".
jestabro closed T1862: Use regex pattern \s+ to split strings on whitespace in Python 3.7 as Resolved.
jestabro updated the task description for T1862: Use regex pattern \s+ to split strings on whitespace in Python 3.7.
jestabro triaged T1862: Use regex pattern \s+ to split strings on whitespace in Python 3.7 as Normal priority.
hagbard moved T1833: radvd: update documentation from Need Triage to Finished on the VyOS 1.3 Equuleus board.
hagbard closed T1833: radvd: update documentation , a subtask of T1832: radvd adding feature DNSSL branch.example.com example.com to existing package, as Wontfix.
FRR will serve RAs in the future.
qiuchengxuan changed Version from - to VyOS 1.2.3 rolling release on T1861: hosts lost after modified static-host-mapping.
https://downloads.vyos.io/rolling/current/amd64/vyos-1.2-rolling-201912061907-amd64.iso and later include the fix
c-po moved T1470: improve output of "show dhcpv6 server leases" from Backlog to Finished on the VyOS 1.2 Crux (VyOS 1.2.4) board.
c-po moved T1485: Enable 'AdvIntervalOpt' option in for radvd.conf from In Progress to Finished on the VyOS 1.2 Crux (VyOS 1.2.4) board.
c-po moved T1857: strip-private pipe option does not handle IPv6 addresses on interfaces from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.4) board.
c-po edited projects for T1857: strip-private pipe option does not handle IPv6 addresses on interfaces, added: VyOS 1.2 Crux (VyOS 1.2.4); removed VyOS 1.2 Crux (VyOS 1.2.5).
c-po moved T1860: Update WireGuard to Debian release 0.0.20191127-2 from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T1859: Update Linux Kernel to v4.19.88 from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T1847: set_level incorrectly handles path given as empty string from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T1852: ifconfig.py - apply interface config takes long from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T1849: DHCPv6 client does not start from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T1854: Dynamic DNS configuration cannot be deleted from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T1568: strip-private command improvement for additional masking of IPv6 and MAC address from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po renamed T1568: strip-private command improvement for additional masking of IPv6 and MAC address from strip-private command improvement for additional masking to strip-private command improvement for additional masking of IPv6 and MAC address.
c-po added a comment to T1568: strip-private command improvement for additional masking of IPv6 and MAC address.
SNMP community should stay. If it should be removed it can be handled via dedicates task
c-po assigned T1568: strip-private command improvement for additional masking of IPv6 and MAC address to Unknown Object (User).
c-po added a comment to T1568: strip-private command improvement for additional masking of IPv6 and MAC address.
backported 20822ca3 to crux
c-po renamed T1849: DHCPv6 client does not start from A bug caused by DHCPv6 client to DHCPv6 client does not start.
hagbard changed the status of T1845: syslog host no longer accepts a port from In progress to Needs testing.
c-po closed T1860: Update WireGuard to Debian release 0.0.20191127-2, a subtask of T1859: Update Linux Kernel to v4.19.88, as Resolved.
Works as expected in VyOS 1.2-rolling and 1.3-rolling.
Unknown Object (User) triaged T1858: l2tp: Delete deprecated outside-nexthop and add gateway-address as Normal priority.
Unknown Object (User) added a comment to T1349: L2TP remote-access vpn terminated and not showing as connected.
Hello @primoz , seems you right. left|rightnexthop deprecated in strongswan.
This parameter is usually not needed any more because the NETKEY IPsec stack does not require explicit routing entries for the traffic to be tunneled. If left|sourceip is used with IKEv1 then left|rightnexthop must still be set in order for the source routes to work properly.
And in CLI rolling l2tp implementation we need replace outside-nexthop to gw-ip-address.
c-po edited projects for T1857: strip-private pipe option does not handle IPv6 addresses on interfaces, added: VyOS 1.2 Crux (VyOS 1.2.5); removed VyOS 1.2 Crux.
c-po added a comment to T1629: IP addresses configured on vif-s interfaces are not added to the system.
I pick this up as I did the rewrite of this whole stuff
@Viacheslav thank you for testing!
I have tried multiple times to reproduce this with 1.2-rolling-201912060217 with no luck. It would be great if together with logs you will provide a detailed description of the environment. Because, possible that even CPU cores count or memory size can lead to some condition, in which dhclient-script cannot get proper values from config and add unwanted servers to the resolv.conf.
c-po edited projects for T1856: Support configuring IPSec SA bytes, added: VyOS 1.3 Equuleus; removed VyOS 1.2 Crux.
@zsdc Maybe Incorrect file location. "ddclient.pid"
kroy added a comment to T1851: wireguard - changing the pubkey on an existing peer seems to destroy the running config..
Okay, so this problem just got a LOT more bizarre.
Dec 5 2019
Dec 5 2019
The runtime errors are fixed by the above commit.
dmbaturin added a parent task for T1826: Misleading message on "reboot at" command: T1855: Clean up the reboot/poweroff CLI and script.
dmbaturin renamed T1826: Misleading message on "reboot at" command from Missleading message on "reboot at" command to Misleading message on "reboot at" command.
hagbard added a comment to T1851: wireguard - changing the pubkey on an existing peer seems to destroy the running config..
@kroy I can't really reproduce it if I disable the peer first when multiple peers are defined on the same wg interface.
Can you please do a touch /tmp/vyos.ifconfig.debug and then run your commands and post it here?
It will show you the commands execute for each step like:
vyos@wg01# set interfaces wireguard wg0 peer wg02 disable [edit] vyos@wg01# commit [ interfaces wireguard wg0 ] DEBUG/wg0 write '1420' > '/sys/class/net/wg0/mtu' DEBUG/wg0 write 'wg0' > '/sys/class/net/wg0/ifalias' DEBUG/wg0 cmd 'wg set wg0 peer G1aA2KkyFyC8xsCUeENvuIW8HC5yDxwi902nR20592Y= remove' DEBUG/wg0 cmd 'wg set wg0 listen-port 12345 fwmark 0 private-key /config/auth/wireguard/default/private.key peer hbwJSCu6SGUKIReNhWxlDIFRNCl5L7PaUSYOo2BF+Rg= preshared-key /dev/null allowed-ips 10.100.100.3/32 endpoint 10.1.1.203:12345 persistent-keepalive 0' DEBUG/wg0 cmd 'ip link set dev wg0 up'
hagbard moved T1853: wireguard - disable peer doesn't work from Need Triage to Finished on the VyOS 1.3 Equuleus board.
hagbard changed the status of T1853: wireguard - disable peer doesn't work , a subtask of T1851: wireguard - changing the pubkey on an existing peer seems to destroy the running config., from In progress to Needs testing.
hagbard changed the status of T1853: wireguard - disable peer doesn't work from In progress to Needs testing.