Page MenuHomeVyOS Platform
Feed All Stories

All Stories
Use Results
Edit Query

Sep 21 2020

c-po committed rVYOSONEX79b1ab8dc67c: bridge: ifconfig: T2653: only delete member interfaces which still exist.
Sep 21 2020, 8:26 PM
c-po committed rVYOSONEXe31dfd9f5542: macsec: T2788: source-interface must not be member of a bridge.
Sep 21 2020, 8:26 PM
c-po closed T2788: adding interface with macsec to bridge failded as Resolved.
Sep 21 2020, 8:25 PM
Viacheslav added a comment to T2806: ipsec generates false warning on commit when local prefix is sourced from loopback.

@olofl if was an example with grep, I didn't want to show the complete routing table.
If you want to check the route, this commit exactly check 2 tables. Table 254 and table local
In your case it will be 2 checks:

Sep 21 2020, 6:48 PM · VyOS 1.2 Crux (VyOS 1.2.8)
c-po added a comment to T2788: adding interface with macsec to bridge failded.

The problem is that interface eth1 is exclusivly added to macsec1 as its lower interface. Thus you can not add it as a bridge member to br0.

Sep 21 2020, 4:21 PM
c-po added a parent task for T2088: Increased boot time from 1.2.4 -> 1.3 rolling by 100%: T1230: Improving Boot Time for Large Firewall Configurations.
Sep 21 2020, 4:13 PM · VyOS 1.3 Equuleus (1.3.0)
c-po added a subtask for T1230: Improving Boot Time for Large Firewall Configurations: T2088: Increased boot time from 1.2.4 -> 1.3 rolling by 100%.
Sep 21 2020, 4:13 PM · VyOS 1.3 Equuleus (1.3.6)
c-po committed rVYOSONEX6635d8822a42: wireless: T2887: hostapd: add bridge option.
Sep 21 2020, 3:34 PM
c-po committed rVYOSONEXd22b476e0e1c: wireless: T2887: help when searching hidden SSIDs in station mode.
Sep 21 2020, 3:34 PM
c-po committed rVYOSONEX4ce3720109cd: smoketest: kernel: check for mandatory bond/lacp and bridge options.
Sep 21 2020, 3:34 PM
c-po committed rVYOSONEX7ea3802aa3de: smoketest: macsec: T2023: test MTU setting.
Sep 21 2020, 3:34 PM
c-po claimed T2788: adding interface with macsec to bridge failded.
Sep 21 2020, 3:29 PM
olofl added a comment to T2806: ipsec generates false warning on commit when local prefix is sourced from loopback.

Notice how my loopback interface with mask /32 does *not* show /32 in route table local.

Sep 21 2020, 1:22 PM · VyOS 1.2 Crux (VyOS 1.2.8)
Viacheslav added a comment to T2806: ipsec generates false warning on commit when local prefix is sourced from loopback.

@olofl it checks ip addresses assigned to the loopback interface which located in the table "local"

Sep 21 2020, 1:09 PM · VyOS 1.2 Crux (VyOS 1.2.8)
SteveP created T2911: new pppoe warnings recently.
Sep 21 2020, 12:02 PM
mpueschel added a comment to T2861: route-map "set community additive" not working correctly.

Thanks for testing @SrividyaA . As described in the commit you mentioned (https://phabricator.vyos.net/R12:aba26326537cca5b689e5a32f860608d2a9f8510), the additive keyword works correctly when the string is quoted, and it also works for large-communities, even though "additive" is not suggested in the tab completion for large-communities:

Sep 21 2020, 11:35 AM · VyOS 1.3 Equuleus (1.3.0)
olofl added a comment to T2806: ipsec generates false warning on commit when local prefix is sourced from loopback.

@Viacheslav does that PR check for x.x.x.x/32 ? Because the ip route show table local does not contain the netmask /32. While ip route show table 254 actually shows the prefixes with /cidr notation.

Sep 21 2020, 9:27 AM · VyOS 1.2 Crux (VyOS 1.2.8)
Viacheslav added a comment to T2893: Remove broken MSS-clamping old command.

It use different directions

Sep 21 2020, 7:23 AM
jack9603301 updated the task description for T2898: Support NDP proxy.
Sep 21 2020, 6:41 AM · VyOS 1.4 Sagitta
jack9603301 updated the task description for T2898: Support NDP proxy.
Sep 21 2020, 5:58 AM · VyOS 1.4 Sagitta
jack9603301 updated the task description for T2898: Support NDP proxy.
Sep 21 2020, 5:58 AM · VyOS 1.4 Sagitta

Sep 20 2020

c-po committed rVYOSONEXa420f7637f80: macsec: T2023: add missing mtu CLI option.
Sep 20 2020, 7:09 PM
c-po triaged T2910: XML: generator should support override of variables as Normal priority.
Sep 20 2020, 6:50 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
c-po created T2910: XML: generator should support override of variables.
Sep 20 2020, 6:48 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Magnum added a comment to T2908: VRF and bridge membership isn’t mutually exclusive.

First create a vrf and bridge interface and add eth1 to the bridge:

Sep 20 2020, 3:55 PM · VyOS 1.3 Equuleus (1.3.4)
Magnum added a comment to T2907: OpenVPN: Option to disable encryption.

PR for vyos-1x: https://github.com/vyos/vyos-1x/pull/547

Sep 20 2020, 3:32 PM · VyOS 1.3 Equuleus (1.3.0), openvpn
Magnum added a comment to T2906: OpenVPN: tls-auth missing key direction.

PR for vyos-1x: https://github.com/vyos/vyos-1x/pull/548

Sep 20 2020, 3:31 PM · VyOS 1.3 Equuleus (1.3.0), openvpn
c-po committed rVYOSONEX103e8404cdea: ifconfig: T2653: remove duplicates of get_config().
Sep 20 2020, 1:33 PM
c-po added a comment to T2908: VRF and bridge membership isn’t mutually exclusive.

Can you share some config snippets with real set commands? Sounds like a problem with the bridge validator.

Sep 20 2020, 1:24 PM · VyOS 1.3 Equuleus (1.3.4)
c-po added a comment to T2908: VRF and bridge membership isn’t mutually exclusive.
Sep 20 2020, 1:23 PM · VyOS 1.3 Equuleus (1.3.4)
Magnum created T2908: VRF and bridge membership isn’t mutually exclusive.
Sep 20 2020, 1:17 PM · VyOS 1.3 Equuleus (1.3.4)
c-po closed T2903: Q-in-Q (802.1.ad) ethertype should be defined explicitly and not via its raw value as Resolved.
Sep 20 2020, 12:49 PM · VyOS 1.3 Equuleus (1.3.0)
c-po closed T2903: Q-in-Q (802.1.ad) ethertype should be defined explicitly and not via its raw value, a subtask of T2653: "set interfaces" Python handler code improvements - next iteration, as Resolved.
Sep 20 2020, 12:49 PM · VyOS 1.3 Equuleus (1.3.0)
c-po closed T2904: 802.1ad / Q-in-Q ethertype default not utilized, a subtask of T2653: "set interfaces" Python handler code improvements - next iteration, as Resolved.
Sep 20 2020, 12:49 PM · VyOS 1.3 Equuleus (1.3.0)
c-po closed T2904: 802.1ad / Q-in-Q ethertype default not utilized as Resolved.
Sep 20 2020, 12:49 PM · VyOS 1.3 Equuleus (1.3.0)
c-po closed T2905: Sync CLI nodes between PPPoE and WWAN interface, a subtask of T2653: "set interfaces" Python handler code improvements - next iteration, as Resolved.
Sep 20 2020, 12:48 PM · VyOS 1.3 Equuleus (1.3.0)
c-po closed T2905: Sync CLI nodes between PPPoE and WWAN interface as Resolved.
Sep 20 2020, 12:48 PM · VyOS 1.3 Equuleus (1.3.0)
c-po committed rVYOSONEX993f6873c02f: wwan: ifconfig: T2905: sync CLI nodes in dialup interfaces.
Sep 20 2020, 12:48 PM
c-po committed rVYOSONEX0a21905786d3: vif-s: ifconfig: T2903: use explicit VLAN protocol over raw numbers.
Sep 20 2020, 12:48 PM
c-po committed rVYOSONEXe64ab9ec34ce: smoketest: T2903: test 802.1ad (Q-in-Q) ethertype.
Sep 20 2020, 12:48 PM
c-po committed rVYOSONEXdeb3fba81b62: vyos.configdict: T2665: cleanup get_interface_dict() default dict handling.
Sep 20 2020, 12:48 PM
Magnum created T2907: OpenVPN: Option to disable encryption.
Sep 20 2020, 12:41 PM · VyOS 1.3 Equuleus (1.3.0), openvpn
Magnum created T2906: OpenVPN: tls-auth missing key direction.
Sep 20 2020, 12:37 PM · VyOS 1.3 Equuleus (1.3.0), openvpn
c-po updated the task description for T2903: Q-in-Q (802.1.ad) ethertype should be defined explicitly and not via its raw value.
Sep 20 2020, 11:34 AM · VyOS 1.3 Equuleus (1.3.0)
c-po changed the status of T2905: Sync CLI nodes between PPPoE and WWAN interface, a subtask of T2653: "set interfaces" Python handler code improvements - next iteration, from Open to In progress.
Sep 20 2020, 11:08 AM · VyOS 1.3 Equuleus (1.3.0)
c-po changed the status of T2905: Sync CLI nodes between PPPoE and WWAN interface from Open to In progress.
Sep 20 2020, 11:08 AM · VyOS 1.3 Equuleus (1.3.0)
c-po created T2905: Sync CLI nodes between PPPoE and WWAN interface.
Sep 20 2020, 11:08 AM · VyOS 1.3 Equuleus (1.3.0)
c-po changed the status of T2904: 802.1ad / Q-in-Q ethertype default not utilized, a subtask of T2653: "set interfaces" Python handler code improvements - next iteration, from Open to In progress.
Sep 20 2020, 11:04 AM · VyOS 1.3 Equuleus (1.3.0)
c-po changed the status of T2904: 802.1ad / Q-in-Q ethertype default not utilized from Open to In progress.
Sep 20 2020, 11:04 AM · VyOS 1.3 Equuleus (1.3.0)
c-po created T2904: 802.1ad / Q-in-Q ethertype default not utilized.
Sep 20 2020, 11:04 AM · VyOS 1.3 Equuleus (1.3.0)
c-po updated the task description for T2902: "add system image" fails when appending XX to image name.
Sep 20 2020, 8:15 AM · VyOS 1.2 Crux (VyOS 1.2.7)
c-po updated the task description for T2902: "add system image" fails when appending XX to image name.
Sep 20 2020, 8:09 AM · VyOS 1.2 Crux (VyOS 1.2.7)
c-po updated the task description for T2902: "add system image" fails when appending XX to image name.
Sep 20 2020, 7:47 AM · VyOS 1.2 Crux (VyOS 1.2.7)
c-po changed Version from - to 1.3-rolling-202009200118 on T2903: Q-in-Q (802.1.ad) ethertype should be defined explicitly and not via its raw value.
Sep 20 2020, 7:42 AM · VyOS 1.3 Equuleus (1.3.0)
c-po changed the status of T2903: Q-in-Q (802.1.ad) ethertype should be defined explicitly and not via its raw value, a subtask of T2653: "set interfaces" Python handler code improvements - next iteration, from Open to In progress.
Sep 20 2020, 7:42 AM · VyOS 1.3 Equuleus (1.3.0)
c-po changed the status of T2903: Q-in-Q (802.1.ad) ethertype should be defined explicitly and not via its raw value from Open to In progress.
Sep 20 2020, 7:42 AM · VyOS 1.3 Equuleus (1.3.0)
c-po updated the task description for T2903: Q-in-Q (802.1.ad) ethertype should be defined explicitly and not via its raw value.
Sep 20 2020, 7:41 AM · VyOS 1.3 Equuleus (1.3.0)
c-po created T2903: Q-in-Q (802.1.ad) ethertype should be defined explicitly and not via its raw value.
Sep 20 2020, 7:41 AM · VyOS 1.3 Equuleus (1.3.0)
c-po updated the task description for T2902: "add system image" fails when appending XX to image name.
Sep 20 2020, 7:37 AM · VyOS 1.2 Crux (VyOS 1.2.7)
c-po created T2902: "add system image" fails when appending XX to image name.
Sep 20 2020, 7:36 AM · VyOS 1.2 Crux (VyOS 1.2.7)
jack9603301 added a comment to T2898: Support NDP proxy.

@c-po If I want to be an interface-ethernet.xml.in Add custom configuration actions (such as proxy NDP) with certain extensibility (its configuration can be extended in other places). What should I do?

Sep 20 2020, 3:19 AM · VyOS 1.4 Sagitta
Cheeze_It added a comment to T2898: Support NDP proxy.
In T2898#75677, @jack9603301 wrote:

@Cheeze_It

I also take into account the specific situation of the ndp proxy, the configuration of this link prompts, the configuration format of the ndp proxy is like this.

https://manpages.debian.org/buster/ndppd/ndppd.conf.5.en.html

Sep 20 2020, 12:22 AM · VyOS 1.4 Sagitta

Sep 19 2020

eronlloyd updated eronlloyd.
Sep 19 2020, 11:26 PM
eronlloyd updated eronlloyd.
Sep 19 2020, 11:26 PM
c-po closed T2901: Update Linux Kernel to v4.19.146 as Resolved.
Sep 19 2020, 8:40 PM · VyOS 1.3 Equuleus (1.3.0)
c-po created T2901: Update Linux Kernel to v4.19.146.
Sep 19 2020, 8:38 PM · VyOS 1.3 Equuleus (1.3.0)
c-po closed T2900: DNS forwarding: invalid warning is shown for "system name-server" or "system name-servers-dhcp" even if present as Resolved.
Sep 19 2020, 8:36 PM · VyOS 1.3 Equuleus (1.3.0)
c-po committed rVYOSONEXe0797331774a: dns: forwarding: T2900: restore proper Config() level in verify().
Sep 19 2020, 8:34 PM
c-po updated the task description for T2900: DNS forwarding: invalid warning is shown for "system name-server" or "system name-servers-dhcp" even if present.
Sep 19 2020, 8:34 PM · VyOS 1.3 Equuleus (1.3.0)
c-po updated the task description for T2900: DNS forwarding: invalid warning is shown for "system name-server" or "system name-servers-dhcp" even if present.
Sep 19 2020, 8:26 PM · VyOS 1.3 Equuleus (1.3.0)
c-po created T2900: DNS forwarding: invalid warning is shown for "system name-server" or "system name-servers-dhcp" even if present.
Sep 19 2020, 8:25 PM · VyOS 1.3 Equuleus (1.3.0)
c-po committed rVYOSONEX670536709b69: wifi: ifconfig: T2875: add_to_bridge() must be called after starting services.
Sep 19 2020, 8:19 PM
c-po added a comment to T2875: WiFi interface configured as station can not be added to bridge.

Interesting post: https://serverfault.com/questions/152363/bridging-wlan0-to-eth0

Sep 19 2020, 8:14 PM · VyOS 1.3 Equuleus (1.3.0)
c-po renamed T2875: WiFi interface configured as station can not be added to bridge from Cannot add WiFi interface to Bridge to WiFi interface configured as station can not be added to bridge.
Sep 19 2020, 8:08 PM · VyOS 1.3 Equuleus (1.3.0)
c-po committed rVYOSONEX31f6afc34ce9: ifconfig: T2653: cleanup VLAN interface comments.
Sep 19 2020, 7:57 PM
c-po committed rVYOSONEX41a8c45c6b18: smoketest: T2886: validate RADIUS configuration.
Sep 19 2020, 7:57 PM
c-po committed rVYOSONEXd1c9ee33f25e: ifconfig: T2653: convert VLAN interfaces do discrete class.
Sep 19 2020, 7:12 PM
c-po closed T2894: bond: lacp: member interfaces get removed once bond interface has vlans configured as Resolved.
Sep 19 2020, 7:12 PM · VyOS 1.3 Equuleus (1.3.0)
c-po added a comment to T2894: bond: lacp: member interfaces get removed once bond interface has vlans configured.

Resolved via https://github.com/vyos/vyos-1x/commit/d1c9ee33f25e45cea0d01f9685f99c960ed4d7f8

Sep 19 2020, 7:12 PM · VyOS 1.3 Equuleus (1.3.0)
rob created T2899: remote syslog server migration error on update.
Sep 19 2020, 6:54 PM · Restricted Project
jack9603301 moved T2898: Support NDP proxy from Need Triage to In Progress on the VyOS 1.3 Equuleus board.
Sep 19 2020, 6:12 PM · VyOS 1.4 Sagitta
jack9603301 moved T2518: Add support for IPv6 NAT (NPTv6) from Need Triage to In Progress on the VyOS 1.3 Equuleus board.
Sep 19 2020, 6:12 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
jack9603301 added a comment to T2898: Support NDP proxy.

I also take into account the specific situation of the ndp proxy, the configuration of this link prompts, the configuration format of the ndp proxy is like this.

Sep 19 2020, 6:06 PM · VyOS 1.4 Sagitta
jack9603301 updated the task description for T2898: Support NDP proxy.
Sep 19 2020, 5:51 PM · VyOS 1.4 Sagitta
jack9603301 updated the task description for T2898: Support NDP proxy.
Sep 19 2020, 5:51 PM · VyOS 1.4 Sagitta
jack9603301 added a comment to T2898: Support NDP proxy.

No arp proxy option is found in the configuration path, ndp proxy can manage multiple address rules under one interface

vyos@vyos# set interfaces ethernet eth0 ip 
Possible completions:
   arp-cache-timeout
                ARP cache entry timeout in seconds
   disable-arp-filter
                Disable ARP filter on this interface
   enable-arp-accept
                Enable ARP accept on this interface
   enable-arp-announce
                Enable ARP announce on this interface
   enable-arp-ignore
                Enable ARP ignore on this interface
   enable-proxy-arp
                Enable proxy-arp on this interface
 > ospf         Open Shortest Path First (OSPF) parameters
   proxy-arp-pvlan
                Enable private VLAN proxy ARP on this interface
 > rip          Routing Information Protocol (RIP)
   source-validation
                Policy for source validation by reversed path, as specified in RFC3704
Sep 19 2020, 5:46 PM · VyOS 1.4 Sagitta
jack9603301 added a comment to T2898: Support NDP proxy.

Although I intended to think that it is easier to write scripts under the protocol, but from an intuitive point of view, it seems that this path is also a good choice (users can use the same command line as the arp proxy to configure) I have written it A sample, then only need to decide how to modify the cli

Sep 19 2020, 5:24 PM · VyOS 1.4 Sagitta
jack9603301 added a comment to T2898: Support NDP proxy.
In T2898#75670, @Cheeze_It wrote:
In T2898#75656, @jack9603301 wrote:

set interfaces ethernet eth0 ip proxy-arp

The more suitable position may be set protocol ndp-proxy

I...really would like to not put it under "protocols" but to put it under the interface. It's *much* easier and more intuitive to see it under the interface/sub-interface than to see it in its' own stanza under "protocol" node.

Also, I'd argue it would be reasonable to separate ARP proxy and NDP proxy. That way one can pick and choose. Of course ARP proxy can't work without an IP address configured. NDP proxy can't be configured without an IPv6 address configured (those could be used as checks against configuring it on an empty interface).

Sep 19 2020, 5:21 PM · VyOS 1.4 Sagitta
jack9603301 added a comment to T2898: Support NDP proxy.

If possible, give your suggested cli path for my reference

Sep 19 2020, 5:18 PM · VyOS 1.4 Sagitta
Cheeze_It added a comment to T2898: Support NDP proxy.
In T2898#75656, @jack9603301 wrote:

set interfaces ethernet eth0 ip proxy-arp

The more suitable position may be set protocol ndp-proxy

Sep 19 2020, 5:00 PM · VyOS 1.4 Sagitta
c-po changed the status of T2894: bond: lacp: member interfaces get removed once bond interface has vlans configured from Open to In progress.
Sep 19 2020, 2:34 PM · VyOS 1.3 Equuleus (1.3.0)
jack9603301 updated the task description for T2898: Support NDP proxy.
Sep 19 2020, 1:34 PM · VyOS 1.4 Sagitta
jack9603301 changed the status of T2898: Support NDP proxy, a subtask of T2518: Add support for IPv6 NAT (NPTv6), from Open to In progress.
Sep 19 2020, 9:39 AM · VyOS 1.4 Sagitta (1.4.0-epa3)
jack9603301 changed the status of T2898: Support NDP proxy from Open to In progress.
Sep 19 2020, 9:39 AM · VyOS 1.4 Sagitta
jack9603301 updated the task description for T2898: Support NDP proxy.
Sep 19 2020, 7:21 AM · VyOS 1.4 Sagitta
jack9603301 added a comment to T2898: Support NDP proxy.

I can't find how to enable ipv6 connection tracking. Recompiling and modifying the linux kernel switch does not seem to see the module loaded. I think the current nat66 has completed 90%, and only need to implement ndp proxy to make it work normally.

Sep 19 2020, 7:20 AM · VyOS 1.4 Sagitta
jack9603301 added a comment to T2898: Support NDP proxy.

set interfaces ethernet eth0 ip proxy-arp

Sep 19 2020, 7:17 AM · VyOS 1.4 Sagitta
jack9603301 added a comment to T2898: Support NDP proxy.

I think we do need it, we can’t let users manage all IP manually unless we implement stateful NAT66

Sep 19 2020, 7:15 AM · VyOS 1.4 Sagitta
c-po added a comment to T2898: Support NDP proxy.

set interfaces ethernet eth0 ip proxy-arp. Isn‘t the Kernel sysctl interface enough? Do we really need a daemon?

Sep 19 2020, 6:57 AM · VyOS 1.4 Sagitta
jack9603301 triaged T2898: Support NDP proxy as Normal priority.
Sep 19 2020, 6:41 AM · VyOS 1.4 Sagitta
First
Prev
Next