Page MenuHomeVyOS Platform
Feed All Stories

All Stories
Use Results
Edit Query

Jul 3 2021

sarthurdev <965089+sarthurdev@users.noreply.github.com> committed rVYOSONEXe19317716477: pki: T3642: Fix for correct method on encoding certificate request.
Jul 3 2021, 7:38 PM
c-po committed rVYOSONEX405954522b8e: ipsec: T1210: T1251: add dependency on libcharon-extauth-plugins.
Jul 3 2021, 5:58 PM
c-po committed rVYOSONEXfb1802111155: ipsec: T2816: drop duplicate dict key "data" from generate().
Jul 3 2021, 5:58 PM
c-po committed rVYOSONEX2aec3e61c913: ipsec: T2816: provide x509 certificate base auth building blocks.
Jul 3 2021, 5:58 PM
c-po committed rVYOSONEX32fab6c7c5a7: ipsec: T2816: provide esp and ike-group XML building block.
Jul 3 2021, 5:58 PM
c-po claimed T1210: About IKEv2 IPSec VPN remote access.
Jul 3 2021, 5:22 PM · VyOS 1.4 Sagitta
c-po closed T57: Make it possible to disable the entire IPsec peer, a subtask of T2816: Rewrite IPsec scripts with the new XML/Python approach, as Resolved.
Jul 3 2021, 5:22 PM · VyOS 1.4 Sagitta
c-po closed T57: Make it possible to disable the entire IPsec peer as Resolved.
Jul 3 2021, 5:22 PM · VyOS 1.4 Sagitta
c-po edited projects for T1210: About IKEv2 IPSec VPN remote access, added: VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus.
Jul 3 2021, 5:20 PM · VyOS 1.4 Sagitta
c-po merged task T1251: IKEv2 Agile VPN Support into T1210: About IKEv2 IPSec VPN remote access.
Jul 3 2021, 5:20 PM · VyOS 1.3 Equuleus (1.3.0)
c-po merged T1251: IKEv2 Agile VPN Support into T1210: About IKEv2 IPSec VPN remote access.
Jul 3 2021, 5:20 PM · VyOS 1.4 Sagitta
sarthurdev <965089+sarthurdev@users.noreply.github.com> committed rVYOSONEX50f71042d7a0: pki: T3642: Add support for signing and revoking subordinate CAs.
Jul 3 2021, 3:49 PM
GitHub <noreply@github.com> committed rVYOSONEX094d79aee118: Merge pull request #905 from sarthurdev/pki_subca (authored by c-po).
Jul 3 2021, 3:49 PM
c-po committed rVYOSONEX469cd1de9f90: ipsec: T2816: rework log options for debugging.
Jul 3 2021, 3:49 PM
jack9603301 triaged T3662: Container configuration upgrade destroys system as High priority.
Jul 3 2021, 2:09 PM · VyOS 1.4 Sagitta
jack9603301 created T3662: Container configuration upgrade destroys system.
Jul 3 2021, 2:00 PM · VyOS 1.4 Sagitta
c-po committed rVYOSONEXdcfeb0de0a51: Merge branch 'ipsec-ikev2-remote-access' of github.com:c-po/vyos-1x into current.
Jul 3 2021, 1:43 PM
c-po committed rVYOSONEXa1abb118c9eb: ipsec: T2816: rework IKE and ESP key assignment.
Jul 3 2021, 1:43 PM
c-po committed rVYOSONEX1e74c0df2179: ipsec: T2816: remove default values from Jinja2 template and place them in XML.
Jul 3 2021, 1:43 PM
c-po committed rVYOSONEX2d79a5000c8a: ipsec: T2816: add Jinja2 converter for ESP/IKE groups to string.
Jul 3 2021, 1:43 PM
c-po committed rVYOSONEXff004bee54df: ipsec: T2816: adjust Jinja2 template to coding style.
Jul 3 2021, 1:43 PM
c-po committed rVYOSONEX1a859a97f840: xml: provide building block for a generic description node.
Jul 3 2021, 1:43 PM
c-po added a comment to T3661: [vrf} route-leaking missing command.

Commands are implemented.

Jul 3 2021, 12:07 PM · VyOS 1.3 Equuleus (1.3.0)

Jul 2 2021

fernando created T3661: [vrf} route-leaking missing command.
Jul 2 2021, 10:57 PM · VyOS 1.3 Equuleus (1.3.0)
m1nus added a comment to T3660: Conntrack-Sync configuration command to specify destination udp port for peer.

Thanks Chris I'll test it once available and let you know!!

Jul 2 2021, 8:31 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
c-po added a comment to T3660: Conntrack-Sync configuration command to specify destination udp port for peer.

Added command set service conntrack-sync interface <intrerface> port <port>

Jul 2 2021, 8:26 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
c-po committed rVYOSONEX68d8250fe525: conntrack: T3660: make peer port configurable.
Jul 2 2021, 8:25 PM
c-po committed rVYOSONEX13924804aafa: conntrack: T3535: add support for multiple failsave links.
Jul 2 2021, 8:25 PM
c-po committed rVYOSONEXbc01277bdfdf: conntrack: T3660: make peer port configurable.
Jul 2 2021, 8:25 PM
c-po changed the status of T3660: Conntrack-Sync configuration command to specify destination udp port for peer from Confirmed to Needs testing.
Jul 2 2021, 8:23 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
c-po committed rVYOSONEX7c1f2dab543f: conntrack: T3535: add missing valueHelp/constraint for peer CLI node.
Jul 2 2021, 7:56 PM
c-po committed rVYOSONEX96dce0f47805: conntrack: T3535: add missing valueHelp/constraint for peer CLI node.
Jul 2 2021, 7:55 PM
Viacheslav moved T3535: Rewrite vyatta-conntrack-sync in new XML and Python flavor from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Jul 2 2021, 5:45 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav added a project to T3535: Rewrite vyatta-conntrack-sync in new XML and Python flavor: VyOS 1.3 Equuleus.
Jul 2 2021, 5:45 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav added a comment to T3045: Changes to Conntrack-Sync don't apply correctly (Mutlicast->UDP).

Fixed for 1.3 in commit https://github.com/vyos/vyos-1x/commit/21527ef4551613fe9b7eed9e4b2ce33ad46fe540

Jul 2 2021, 5:37 PM · VyOS 1.3 Equuleus (1.3.5), VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav added a comment to T3076: Router reboot adds unwanted 'conntrack-sync mcast-group '225.0.0.50'' line to configuration.

Fixed for 1.3 in commit https://github.com/vyos/vyos-1x/commit/21527ef4551613fe9b7eed9e4b2ce33ad46fe540 and T3535

Jul 2 2021, 5:37 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
Viacheslav moved T3045: Changes to Conntrack-Sync don't apply correctly (Mutlicast->UDP) from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Jul 2 2021, 5:35 PM · VyOS 1.3 Equuleus (1.3.5), VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav moved T3076: Router reboot adds unwanted 'conntrack-sync mcast-group '225.0.0.50'' line to configuration from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Jul 2 2021, 5:35 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
c-po committed rVYOSONEXbfcc86ea5cf6: smoketest: ipam: add site2site x509 auth testcase.
Jul 2 2021, 4:16 PM
c-po committed rVYOSONEX7f97e165a8f3: smoketest: ipsec: IKE and ESP settings can be done one time in setUp().
Jul 2 2021, 4:16 PM
c-po committed rVYOSONEX9c5462908617: smoketest: ipsec: place peer local-address into variable.
Jul 2 2021, 4:16 PM
cohn added a comment to T109: VyOS Can Lose Parts Of Its Config On Reboot - In Certain Situations.

I'm seeing the same behavior for the OSPF v2 configuration on the 1.4 train for an image built on April 26th 2021. Just a heads up.

Jul 2 2021, 3:19 PM · VyOS 1.3 Equuleus (1.3.3)
Viacheslav committed rVYOSONEX4e1a5c7cf421: conntrack-sync: T3535: Rewrite conf and op modes to XML python style.
Jul 2 2021, 2:50 PM
GitHub <noreply@github.com> committed rVYOSONEX21527ef45516: Merge pull request #904 from sever-sever/T3535 (authored by c-po).
Jul 2 2021, 2:50 PM
Viacheslav added a comment to T3535: Rewrite vyatta-conntrack-sync in new XML and Python flavor.

PR for 1.3
https://github.com/vyos/vyos-1x/pull/904
https://github.com/vyos/vyos-world/pull/4

Jul 2 2021, 1:55 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
raphielscape added a comment to T3648: op-mode: nat rules broken.

Source NAT Rules went Out of Range in VyOS 1.4-rolling-202107010320

Jul 2 2021, 1:11 PM · VyOS 1.4 Sagitta
m1nus added a comment to T3660: Conntrack-Sync configuration command to specify destination udp port for peer.

Hi @c-po I hope you're doing great!

Jul 2 2021, 12:04 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
GitHub <noreply@github.com> committed rVYOSONEX15d8cc3ad93b: Merge pull request #903 from sarthurdev/T3659_T3656 (authored by c-po).
Jul 2 2021, 10:45 AM
sarthurdev <965089+sarthurdev@users.noreply.github.com> committed rVYOSONEXf480346bb8e9: ipsec: T3656: T3659: Fix pass-through with ipv6. Fix op-mode ipsec commands..
Jul 2 2021, 10:45 AM
sarthurdev changed the status of T3659: Configuration won't accept IPv6 addresses for site-to-site VPN tunnel prefixes/traffic selectors from In progress to Needs testing.
Jul 2 2021, 10:38 AM · VyOS 1.4 Sagitta
sarthurdev added a comment to T3656: IPSec 1.4 : "show vpn ike sa" does not show the correct default ike version.

Should be resolved in PR: https://github.com/vyos/vyos-1x/pull/903

Jul 2 2021, 10:38 AM · VyOS 1.4 Sagitta
sarthurdev added a comment to T3659: Configuration won't accept IPv6 addresses for site-to-site VPN tunnel prefixes/traffic selectors.

Fixed in PR: https://github.com/vyos/vyos-1x/pull/903

Jul 2 2021, 10:37 AM · VyOS 1.4 Sagitta
sarthurdev changed the status of T3659: Configuration won't accept IPv6 addresses for site-to-site VPN tunnel prefixes/traffic selectors from Open to In progress.
Jul 2 2021, 9:00 AM · VyOS 1.4 Sagitta

Jul 1 2021

c-po changed the status of T3660: Conntrack-Sync configuration command to specify destination udp port for peer from Open to Confirmed.
Jul 1 2021, 7:50 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
c-po added a project to T3660: Conntrack-Sync configuration command to specify destination udp port for peer: VyOS 1.4 Sagitta.
Jul 1 2021, 7:50 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
c-po added a comment to T3660: Conntrack-Sync configuration command to specify destination udp port for peer.

conntrack implementation changed form 1.3 -> 1.4 by a rewrite. Can you please tell us which version of VyOS you are using?

Jul 1 2021, 7:46 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
c-po assigned T3659: Configuration won't accept IPv6 addresses for site-to-site VPN tunnel prefixes/traffic selectors to sarthurdev.
Jul 1 2021, 7:45 PM · VyOS 1.4 Sagitta
c-po renamed T3318: Update Linux Kernel to v5.4.208 / 5.10.142 from Update Linux Kernel to v5.4.128 / 5.10.46 to Update Linux Kernel to v5.4.129 / 5.10.47.
Jul 1 2021, 7:43 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
sarthurdev <965089+sarthurdev@users.noreply.github.com> committed rVYOSONEX6f66e71e4622: pki: T3642: New PKI config and management.
Jul 1 2021, 7:39 PM
sarthurdev <965089+sarthurdev@users.noreply.github.com> committed rVYOSONEXf5a8a9cdfe52: pki: ipsec: T3642: Migrate IPSec to use PKI configuration.
Jul 1 2021, 7:39 PM
c-po committed rVYOSONEXc232fdc4c546: vyos.util: remove no longer needed copy_file helper method.
Jul 1 2021, 7:39 PM
sarthurdev <965089+sarthurdev@users.noreply.github.com> committed rVYOSONEX30e4f083c98f: pki: ipsec: T3642: Update migration script to account for file permission issues.
Jul 1 2021, 7:39 PM
c-po committed rVYOSONEX469e57398f3a: Merge branch 'pki_ipsec' of https://github.com/sarthurdev/vyos-1x into pki-cli.
Jul 1 2021, 7:39 PM
m1nus created T3660: Conntrack-Sync configuration command to specify destination udp port for peer.
Jul 1 2021, 7:17 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
c-po committed rVYOSONEXd565d4baffb9: ipsec: T3643: bugfix on wrong destination file path for x509 key file.
Jul 1 2021, 6:50 PM
c-po committed rVYOSONEX63e6c00864a8: vyos.util: fix IsADirectoryError and SameFileError for copy_file.
Jul 1 2021, 6:50 PM
stepler closed T3658: Add support for dhcpdv6 fixed-prefix6 as Resolved.

Looks good on 1.4-rolling-202107010537 and 1.3-beta-202106301443:

Jul 1 2021, 2:53 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
mgperkow created T3659: Configuration won't accept IPv6 addresses for site-to-site VPN tunnel prefixes/traffic selectors.
Jul 1 2021, 2:50 PM · VyOS 1.4 Sagitta
erkin changed the status of T3556: Commit-archive via scp causes 100% CPU on boot, a subtask of T3356: Script for remote file transfers, from Open to In progress.
Jul 1 2021, 2:48 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
erkin changed the status of T3556: Commit-archive via scp causes 100% CPU on boot from Open to In progress.
Jul 1 2021, 2:48 PM · VyOS 1.4 Sagitta
jestabro moved T3651: Move certbot request to op-mode from Backlog to In Progress on the VyOS 1.4 Sagitta board.
Jul 1 2021, 1:23 PM · VyOS 1.3 Equuleus (1.3.6), VyOS 1.4 Sagitta
c-po moved T3083: Add feature event-handler from Open to Backlog on the VyOS 1.4 Sagitta board.
Jul 1 2021, 9:11 AM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po closed T2035: Executing vyos-smoketest multiple times makes ssh test fail on execution as Resolved.
Jul 1 2021, 9:09 AM · VyOS 1.4 Sagitta
c-po added a comment to T2035: Executing vyos-smoketest multiple times makes ssh test fail on execution.

Should be addresses using the new vyos smoketest shim from 1.4 branch.

Jul 1 2021, 9:09 AM · VyOS 1.4 Sagitta
c-po removed a project from T2035: Executing vyos-smoketest multiple times makes ssh test fail on execution: VyOS 1.3 Equuleus.
Jul 1 2021, 9:09 AM · VyOS 1.4 Sagitta
c-po moved T3636: SSTP / L2TP ipv6 support broken from Open to In Progress on the VyOS 1.4 Sagitta board.
Jul 1 2021, 9:08 AM · VyOS 1.4 Sagitta
c-po moved T3642: PKI configuration from Open to Backlog on the VyOS 1.4 Sagitta board.
Jul 1 2021, 9:08 AM · VyOS 1.4 Sagitta (1.4.0-epa1)
c-po moved T2778: Migrate "system syslog" to get_config_dict() to support new features from Open to Backlog on the VyOS 1.4 Sagitta board.
Jul 1 2021, 9:08 AM · VyOS 1.4 Sagitta
c-po moved T2769: Add VRF support for syslog from Open to Backlog on the VyOS 1.4 Sagitta board.
Jul 1 2021, 9:08 AM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po added a comment to T3657: BGP neighbors ipv6 not able to establish with IPv6 link-local addresses.

Please share your configuration.

Jul 1 2021, 7:39 AM · VyOS 1.4 Sagitta

Jun 30 2021

fernando added a comment to T3655: NAT doesn't work correctly with VRF.

Hi ruben

Jun 30 2021, 10:52 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
Matwolf added a comment to T3657: BGP neighbors ipv6 not able to establish with IPv6 link-local addresses.

All of my neighbors are connected with me via wireguard interfaces (a different interface for every peering). I have no physical direct link with any peer.
All neighbors using IPv4 or ULA IPv6 addresses are working properly.

Jun 30 2021, 9:30 PM · VyOS 1.4 Sagitta
c-po added a comment to T3657: BGP neighbors ipv6 not able to establish with IPv6 link-local addresses.

Please share your entire setup then somwe are able to help out.

Jun 30 2021, 7:39 PM · VyOS 1.4 Sagitta
Matwolf added a comment to T3657: BGP neighbors ipv6 not able to establish with IPv6 link-local addresses.

i was referring to the FRR command as deprecated, not the corresponding VyOS command. The VyOS command is not even available in the last version of VyOS... I was able to try it only via vtysh...

Jun 30 2021, 7:04 PM · VyOS 1.4 Sagitta
c-po added a comment to T3657: BGP neighbors ipv6 not able to establish with IPv6 link-local addresses.

please stop the idea of "deprecated" command. VyOS commands are in no relation to FRR commands.
If (and when) the FRR syntax changes, we will ensure it will still work by either migrating the VyOS CLI configuration dynamically on upgrade or by adjusting to the FRR configuration "under the hood" with our Jinja2 template.

Jun 30 2021, 6:48 PM · VyOS 1.4 Sagitta
c-po edited projects for T2769: Add VRF support for syslog, added: VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus.
Jun 30 2021, 6:43 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po removed a project from T2778: Migrate "system syslog" to get_config_dict() to support new features: VyOS 1.3 Equuleus.
Jun 30 2021, 6:43 PM · VyOS 1.4 Sagitta
c-po changed the status of T3658: Add support for dhcpdv6 fixed-prefix6 from In progress to Needs testing.
Jun 30 2021, 6:43 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
c-po moved T3658: Add support for dhcpdv6 fixed-prefix6 from Open to Finished on the VyOS 1.4 Sagitta board.
Jun 30 2021, 6:43 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
c-po moved T3658: Add support for dhcpdv6 fixed-prefix6 from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Jun 30 2021, 6:42 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
c-po committed rVYOSONEXf4dd2ea487d6: smoketest: ipsec: add more re-usable variable definitions throughout the test.
Jun 30 2021, 6:42 PM
c-po committed rVYOSONEXcef8147afd1d: dhcpdv6: T3658: add support for dhcpdv6 fixed-prefix6 (authored by stepler).
Jun 30 2021, 6:09 PM
stepler committed rVYOSONEX2318c874c4ec: dhcpdv6: T3658: add support for dhcpdv6 fixed-prefix6.
Jun 30 2021, 5:25 PM
GitHub <noreply@github.com> committed rVYOSONEX1a4f40b6176f: Merge pull request #902 from bstepler/T3658 (authored by c-po).
Jun 30 2021, 5:25 PM
stepler added a comment to T3658: Add support for dhcpdv6 fixed-prefix6.

PR https://github.com/vyos/vyos-1x/pull/902
PR https://github.com/vyos/vyos-documentation/pull/561

Jun 30 2021, 5:23 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
stepler updated the task description for T3658: Add support for dhcpdv6 fixed-prefix6.
Jun 30 2021, 5:18 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
stepler changed the status of T3658: Add support for dhcpdv6 fixed-prefix6 from Open to In progress.
Jun 30 2021, 3:32 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
stepler created T3658: Add support for dhcpdv6 fixed-prefix6.
Jun 30 2021, 3:32 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
rherold added a comment to T3655: NAT doesn't work correctly with VRF.

It seems that what I thought is true:

Jun 30 2021, 2:17 AM · VyOS 1.4 Sagitta (1.4.0-epa3)
rherold added a comment to T3655: NAT doesn't work correctly with VRF.

could this help https://patchwork.ozlabs.org/project/netfilter-devel/patch/776b8819c85c83088478b933a35691133055347a.1430733932.git.daniel@iogearbox.net ?

Jun 30 2021, 2:04 AM · VyOS 1.4 Sagitta (1.4.0-epa3)
First
Prev
Next