Hmm, sshd listens on port 2 by default.

SNMPD must listen to the socket on the loop in vrf default. This is necessary for the protocol agentx to work.

The set protocols bgp XXX neighbor XXX address-family ipv6-unicast peer-group XXX command generate the router bgp XXX; address-family ipv6; neighbor XXX peer-group XXX', for vtysh, which does not supported (anymore? I cannot find any commits in FRR about syntax change, maybe this was migrated from old quagga).

This fixed now introduced a bug with comma separated ports

Please feedback as this is what you expect. Also it would be nice if could write something about that in our documentation: https://docs.vyos.io/en/latest/

Latest rolling release has all the fixes

Works as expected

The != port issue is yet to be fixed ...

Tomorrows rolling ISO will support VRF sourced SSH.

1. commit restrictions/permissions have not changed; all handled in the backend.
2. The daemon can not load the configs, as it does not have/need access to the config session; that's the point.
3. ?
4. the conf_mode script needs to reference the global config; re-setting level is basic hygiene --- the script should ask itself 'what if I am called again?'
5. we want to eat the args in the node.def; so you already have it.

Thank you very much for the POC. Very useful to understand the proposed design.

While I agree, that caching is a feature of the past, we rely heavily on vyatta-webproxy for authentication and also url-filtering (different source networks allowing access to different destination domains and/or IP ranges).

https://phabricator.vyos.net/T1564

Here is my config commands that are having the "!" issue on the adddress, 3 separate NAT rules where I am using NAT to catch sneaky DNS bypass and redirect through my infrastructure

Just adding in here that it is also affecting ip addresses too, not just ports
I am on 1.3-rolling-202006101523

+1 for this, it would be very useful for a lot of use cases, we wouldn't need to add everything to vyos-1x and the config syntax, but users could add "missing" services on their own. For example T2195

ipoe daemon allows us to use this possibility. We need to add CLI commands.
Proposed commands:

set service ipoe-server client-ip-pool name POOL1 subnet 100.64.0.0/24

Radius attribute Framed-Pool.

Tested on VyOS 1.3-rolling-202006101523
SSTP, L2TP and PPPoE work as expected.
As for pptp, needs to create an additional bug report

https://github.com/vyos/vyatta-webproxy/pull/16

Fixed: https://github.com/vyos/ipaddrcheck/commit/27dd86068b1ab3204517b8950746aec7c1c294d0

@alexandrestein Note that vyos 1.2 (crux) does not implement DHCPv6 PD.

Thanks a lot for your time and knowledge on VyOS.
I will try with 1.2.

@alexandrestein Or, a disguised solution is to directly use iptables instruction rules to manually implement temporary nptv6 conversion. But I don't know when it will work. You can try it.
PS: because vyos uses nftables to implement NAT in 1.3, but because of the function limitation of nftables version, this function cannot be realized at present.

If you want NPT, you may have to wait for the time to come when conditions are right, and the community may implement NPT at that time.

@jack9603301, you look to have way more knowledge on IPv6 routing and the VyOS capabilities than I.

Also in 1.2.5

vyos@vyos:~$ show protocols bfd peer 10.203.42.1 
% Unknown command: show bfd     peer 10.203.42.1 local-address 10.203.42.254 vrf default
vyos@vyos:~$ 
vyos@vyos:~$ show protocols bfd peer 10.203.42.1 counters 
% Unknown command: show bfd     peer 10.203.42.1 local-address 10.203.42.254 vrf default counters
vyos@vyos:~$ 
vyos@vyos:~$ 
vyos@vyos:~$ show version 
Version:          VyOS 1.2.5

hello Thomas
What exactly do you need ?

hello Fabio, could you please show me how the vti interfaces are presented under Linux so I can fix the code. I thought I had properly ported the code from Perl to Python must I must have misunderstood something.