Feature now also in crux version ob libpam-radius.
- Feed Queries
- All Stories
- Search
- Feed Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Jun 17 2020
Jun 17 2020
c-po edited projects for T2478: login radius: use NAS-IP-Address if defined source address, added: VyOS 1.2 Crux (VyOS 1.2.6); removed Ready for Crux (1.2.x).
c-po moved T2478: login radius: use NAS-IP-Address if defined source address from Need Triage to Finished on the VyOS 1.3 Equuleus board.
GitHub <noreply@github.com> committed rVYOSONEX99bdbf785957: Merge pull request #462 from DmitriyEshenko/cur-1x-17062020 (authored by c-po).
Unknown Object (User) changed the status of T2299: login radius-server priority from Open to Needs testing.
Add PR for rolling https://github.com/vyos/vyos-1x/pull/462
Unknown Object (User) claimed T2225: PIM/IGMP documentation.
There is another use of is_tag/is_leaf in python/vyos/validate.py is_member, as it can work on both bridge and bond members, and they have different syntax for member interfaces. It would only be possible to hardcode each case and remove the use of is_*
Viacheslav changed the status of T2141: Static ARP is not applied on boot from Open to Needs testing.
In the latest rolling, I don't see this bug.
VyOS 1.3-rolling-202006170117
Hmmm is it the fact I have a remote syslog configured that triggers this bug?
I didn't realise that, I'll have to remove it and see if it helps.
It's very frustrating not having the firewall logs available to view.
For what little to no weight my opinion matters, I also agree that this should be backported to Crux.
As I've bashed my head into it testing :-)
Jun 16 2020
Jun 16 2020
Unknown Object (User) added a comment to T2584: pppoe-server NAS-Filter-Rule attribute.
Implementation steps:
- Add $INCLUDE dictionary.rfc4849 to /usr/share/accel-ppp/radius/dictionary file
- Add required modules for use ip-pre-up/ip-up/ip-down scripts
[modules] sigchld pppd_compat
And pppd_compat params
[pppd-compat] verbose=1 ip-pre-up=/path/to/ip-pre-up radattr-prefix=/var/run/radattr
- Create ip-pre-up/ip-down script which will get configured firewall names and rules from CLI or supported script
Note: When ip-pre-up return 1 then the session will not start like described in https://tools.ietf.org/html/rfc4849
Viacheslav closed T2156: PIM op-mode commands, a subtask of T1729: PIM (Protocol Independent Multicast) implementation, as Resolved.
GitHub <noreply@github.com> committed rVYOSONEX883426259651: Merge pull request #459 from DmitriyEshenko/1x-ppp-16062020 (authored by c-po).
GitHub <noreply@github.com> committed rVYOSONEX5692f4324277: Merge pull request #460 from DmitriyEshenko/1xl2tp16062020 (authored by c-po).
c-po moved T2605: SNMP service is not disabled by default from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2605: SNMP service is not disabled by default from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.6) board.
jestabro closed T2568: Add some missing checks in config, a subtask of T2501: Cannot recover from failed boot config load, as Resolved.
Unknown Object (User) added a comment to T2602: pptp/sstp/l2tp add possibility enable or disable CCP.
Unknown Object (User) added a comment to T2602: pptp/sstp/l2tp add possibility enable or disable CCP.
Does not possible to disable ccp in l2tp
vyos@RTR1# set vpn l2tp remote-access ccp-disable [edit] vyos@RTR1# commit [ vpn l2tp ] VyOS had an issue completing a command.
Unknown Object (User) created T2603: pppoe-server: reduce min MTU.
Unknown Object (User) claimed T2602: pptp/sstp/l2tp add possibility enable or disable CCP.
Unknown Object (User) created T2602: pptp/sstp/l2tp add possibility enable or disable CCP.
Unknown Object (User) changed the status of T2601: pppoe-server: Cannot disable CCP from Open to Needs testing.
Unknown Object (User) claimed T2601: pppoe-server: Cannot disable CCP.
Unknown Object (User) created T2601: pppoe-server: Cannot disable CCP.
Jun 15 2020
Jun 15 2020
Unknown Object (User) added a comment to T2572: Wrong default units when defining traffic policy bandwidth.
By the way, shouldn't we better talk through slack? : )
Unknown Object (User) added a comment to T2572: Wrong default units when defining traffic policy bandwidth.
I tested on PPPoE the simple configuration I gave you on slack. It works perfectly, delay goes down for interactive traffic and bulk flows are distributed fairly.
My fault. defaultValue must pe placed outside of properties
GitHub <noreply@github.com> committed rVYOSONEX9c4d9a76d58d: Merge pull request #458 from thomas-mangin/T2599 (authored by c-po).
@alexandrestein can I assume you‘re using NPTv6 on VyOS 1.2 series? If so you mind sharing an example/configuration so we can also improve our documentation?
@alexandrestein Sorry, I didn't understand some of them, but I opened this task list to track 1.3 nptv6 process, not about the DHCP support of wireguard. If you need this function or find that there is a bug in wireguard's DHCP, you should submit a bug report task list separately.
Thank you @jack9603301.
@Dmitry correct same bug - thank you. resolved.
Unknown Object (User) added a comment to T2572: Wrong default units when defining traffic policy bandwidth.
@c-po I have never tested QoS on PPPoE in my lab. I'm having a look and come back to you.
Unknown Object (User) added a comment to T2599: "show interfaces" does not list VIF interfaces in ascending order.
I think this is a related task https://phabricator.vyos.net/T2591
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface IP Address S/L Description
--------- ---------- --- -----------
dum0 172.18.254.201/32 u/u
eth0 - u/u
eth0.5 - u/u
eth0.10 - u/u
eth0.15 - u/u
eth0.201 172.18.201.10/24 u/u
eth0.202 2001:affe::201/64 u/u
eth1 fd00::ffff/64 u/u
eth2 - A/D
lo 127.0.0.1/8 u/u
::1/128GitHub <noreply@github.com> committed rVYOSONEX8193515fe6fe: Merge pull request #457 from thomas-mangin/T2599 (authored by c-po).
vyos@vyos:~$ show config commands | grep traffic set interfaces pppoe pppoe0 traffic-policy out 'QoS' set traffic-policy shaper QoS bandwidth '50mbit' set traffic-policy shaper QoS default bandwidth '100%' set traffic-policy shaper QoS default queue-type 'fq-codel' vyos@vyos:~$ tc class show dev pppoe0 vyos@vyos:~$
Unknown Object (User) added a comment to T2572: Wrong default units when defining traffic policy bandwidth.
Hey @zsdc , thanks for having a look into it.
Thanks to all of you
c-po moved T2599: "show interfaces" does not list VIF interfaces in ascending order from Need Triage to Backlog on the VyOS 1.3 Equuleus board.
c-po moved T2576: "show interfaces" does not return VTI from Need Triage to In Progress on the VyOS 1.3 Equuleus board.
c-po changed the status of T2600: RADIUS system login configuration rendered wrongly from Open to In progress.
c-po renamed T2599: "show interfaces" does not list VIF interfaces in ascending order from "show interfaces" does not list VIF interfaces in natural sorted order to "show interfaces" does not list VIF interfaces in ascending order.
The patch was merged and the issue should be resolved with the next ISO.
GitHub <noreply@github.com> committed rVYOSONEXd119be2a5d9f: Merge pull request #456 from thomas-mangin/T2576 (authored by c-po).
zsdc assigned T2572: Wrong default units when defining traffic policy bandwidth to Unknown Object (User).
@s.lorente can you check this with actually configured tc values?
This config was lost after first boot. Ping T2598
VyOS 1.2.3
And i wonder why there is a rule which is 'WANLOADBALANCE_OUT -p icmp -m icmp --icmp-type any -j ACCEPT'.
May i know the purpose of the rule ?
It seems to be ok in vyos-1.3-rolling-202006150117-amd64.iso. Thanks a lot.
When googling on the error given, T109 shows up where I had posted about this in 2018. I'm not sure it's related to this. Im not sure any configuration has been lost on reboot.
I did not config any nat rule.
Please also share your NAT configuration
And I found that when I changed the wan load-balance configuration, the load-balance process failed to come up.
And I excuted the show wan-load-balance command, it returned the message 'WAN load balancing is not configured'.
After reboot, it became all right then.
This is my config below:
load-balancing {
wan {
enable-local-traffic
interface-health pppoe0 {
failure-count 5
nexthop dhcp
success-count 1
test 0 {
resp-time 5
target 119.29.29.29
ttl-limit 1
type ping
}
}
interface-health pppoe1 {
failure-count 5
nexthop dhcp
success-count 1
test 0 {
resp-time 5
target 119.29.29.29
ttl-limit 1
type ping
}
}
interface-health pppoe2 {
failure-count 5
nexthop dhcp
success-count 1
test 0 {
resp-time 5
target 119.29.29.29
ttl-limit 1
type ping
}
}
interface-health pppoe3 {
failure-count 5
nexthop dhcp
success-count 1
test 0 {
resp-time 5
target 119.29.29.29
ttl-limit 1
type ping
}
}
rule 1 {
inbound-interface eth1
interface pppoe0 {
weight 1
}
interface pppoe1 {
weight 1
}
interface pppoe2 {
weight 1
}
interface pppoe3 {
weight 1
}
protocol all
}
sticky-connections {
}
}
}The same issue is present in site-to-site mode. local-host can be set there, but should not be required as the WAN ip might be dynamic
Jun 14 2020
Jun 14 2020
Probably is can be set in a curlrc file which is populated from CLI options
Confirmed fixed, thanks @c-po!
c-po added a project to T1538: Update conntrack-sync packages to fix VRRP issues: VyOS 1.3 Equuleus.
Unknown Object (User) added a project to T1729: PIM (Protocol Independent Multicast) implementation: VyOS 1.2 Crux (VyOS 1.2.6).
Unknown Object (User) added a comment to T1729: PIM (Protocol Independent Multicast) implementation.