PR https://github.com/vyos/vyos-1x/pull/1016
Change priority for nat66
- Feed Queries
- All Stories
- Search
- Feed Search
- Transactions
- Transaction Logs
Feed Search
Sep 27 2021
Sep 27 2021
Viacheslav added a comment to T3853: nat66 rules gets deleted on reboot in 1.4-rolling-202109240217.
Not all clients support the gateway option (get issues in mac and windows):
Mac
tun_prop_route_error: route destinations other than vpn_gateway or net_gateway are not supported
set interfaces openvpn vtun20 openvpn-option '--push dhcp-option DNS 203.0.113.1'
generated config:
--push dhcp-option DNS 203.0.113.1
expected configuration:
push dhcp-option "DNS 203.0.113.1"
Sep 24 2021
Sep 24 2021
Viacheslav edited projects for T3855: Bgp peer-group and neighbor specific confiugration bugs, added: VyOS 1.3 Equuleus (1.3.0-epa1); removed VyOS 1.3 Equuleus.
Viacheslav updated the task description for T3855: Bgp peer-group and neighbor specific confiugration bugs.
Viacheslav added a comment to T3853: nat66 rules gets deleted on reboot in 1.4-rolling-202109240217.
Additional logs:
Sep 24 12:32:23 r1-roll systemd[1]: Starting NDP Proxy Daemon... Sep 24 12:32:23 r1-roll ndppd[2150]: (notice) ndppd (NDP Proxy Daemon) version 0.2.4 Sep 24 12:32:23 r1-roll ndppd[2150]: (notice) Using configuration file '/run/ndppd/ndppd.conf' Sep 24 12:32:23 r1-roll ndppd[2150]: (warning) Low prefix length (80 <= 120) when using 'static' method Sep 24 12:32:23 r1-roll ndppd[2150]: (warning) Low prefix length (80 <= 120) when using 'static' method Sep 24 12:32:23 r1-roll systemd[1]: ndppd.service: Can't open PID file /run/ndppd/ndppd.pid (yet?) after start: Operation not permitted Sep 24 12:32:23 r1-roll kernel: [ 131.465473] NET: Registered protocol family 17 Sep 24 12:32:23 r1-roll isisd[1006]: circuit already connected
Viacheslav added a comment to T3853: nat66 rules gets deleted on reboot in 1.4-rolling-202109240217.
[ OK ] Finished Update UTMP about System Runlevel Changes. [ 117.227867] vyos-router[751]: Starting VyOS router: migrate firewall configure [ 117.228588] vyos-router[2121]: failed! [ 117.482910] vyos-config[1646]: Configuration error
Viacheslav changed the status of T3853: nat66 rules gets deleted on reboot in 1.4-rolling-202109240217 from Open to Confirmed.
Sep 22 2021
Sep 22 2021
Viacheslav changed the subtype of T3848: Abbility to set local/remote id for dmvpn from "Bug" to "Feature Request".
Sep 21 2021
Sep 21 2021
Duplicate T1797
This command already exists, VyOS 1.3.0-rc6
Viacheslav changed the status of T3843: l2tp configuration not cleared after delete from Open to Confirmed.
Sep 16 2021
Sep 16 2021
Viacheslav changed the status of T3831: External traffic stops routing when IPSEC tunnel comes up with interface vti0 from Open to Confirmed.
xfrm if_id should not be 0
Sep 14 2021
Sep 14 2021
This line doesn't match ipv6 addresses https://github.com/vyos/vyos-1x/blob/f86b7314d025fd0cf11c2d91638ed3cc7c4fa507/src/helpers/strip-private.py#L66
Sep 13 2021
Sep 13 2021
To start the proposed CLI:
Needs to be discussed.
Viacheslav added a parent task for T478: Firewall address group (multi and nesting): T2199: Rewrite firewall in new XML/Python style.
FRR behaviour without "interface" in route - it replaced metric with value without metric
r12-lts(config)# ip route 0.0.0.0/0 192.168.122.1 r12-lts(config)# r12-lts(config)# do sho run | include 0.0.0.0 ip route 0.0.0.0/0 192.168.122.1 r12-lts(config)# r12-lts(config)# ip route 0.0.0.0/0 192.168.122.1 210 r12-lts(config)# r12-lts(config)# do sho run | include 0.0.0.0 ip route 0.0.0.0/0 192.168.122.1 210 r12-lts(config)# r12-lts(config)# ip route 0.0.0.0/0 192.168.122.1 r12-lts(config)# r12-lts(config)# do sho run | include 0.0.0.0 ip route 0.0.0.0/0 192.168.122.1 r12-lts(config)# r12-lts(config)# ip route 0.0.0.0/0 192.168.122.1 eth0 210 r12-lts(config)# r12-lts(config)# do sho run | include 0.0.0.0 ip route 0.0.0.0/0 192.168.122.1 ip route 0.0.0.0/0 192.168.122.1 eth0 210 r12-lts(config)#
To reproduce:
set interfaces ethernet eth0 address 'dhcp' set protocols static route 0.0.0.0/0 next-hop 192.168.122.1
Viacheslav edited projects for T3825: [DHCP]removes default route , added: VyOS 1.2 Crux (VyOS 1.2.9); removed VyOS 1.2 Crux.
Viacheslav changed the status of T3810: webproxy squidguard rules don't work properly after rewriting to python. from Open to Needs testing.
Sep 10 2021
Sep 10 2021
Viacheslav updated the task description for T3810: webproxy squidguard rules don't work properly after rewriting to python. .
Viacheslav updated the task description for T3810: webproxy squidguard rules don't work properly after rewriting to python. .
Viacheslav edited projects for T1770: webproxy breaks commit and http access on routed client, added: VyOS 1.3 Equuleus (1.3.0-epa1); removed test, VyOS 1.3 Equuleus.
Viacheslav closed T1770: webproxy breaks commit and http access on routed client, a subtask of T563: webproxy: migrate 'service webproxy' to get_config_dict(), as Resolved.
Viacheslav added a comment to T2738: Modifying configuration in the "interfaces" section from VRRP transition scripts causes configuration lockup and high CPU utilization.
Not reproducible in 1.2.8
Sep 9 2021
Sep 9 2021
Viacheslav renamed T3810: webproxy squidguard rules don't work properly after rewriting to python. from webproxy squidguard rules doesn't work properly to webproxy squidguard rules don't work properly after rewriting to python. .
Viacheslav updated the task description for T3810: webproxy squidguard rules don't work properly after rewriting to python. .
Viacheslav updated the task description for T3810: webproxy squidguard rules don't work properly after rewriting to python. .
Viacheslav updated the task description for T3810: webproxy squidguard rules don't work properly after rewriting to python. .
Viacheslav updated the task description for T3810: webproxy squidguard rules don't work properly after rewriting to python. .
Sep 8 2021
Sep 8 2021
Viacheslav updated the task description for T3813: Some custom sysctl parameters can't be applied bug.
Viacheslav moved T3786: GRE tunnel source address 0.0.0.0 error from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0-epa1) board.
Sep 7 2021
Sep 7 2021
Viacheslav updated the task description for T3810: webproxy squidguard rules don't work properly after rewriting to python. .
Viacheslav updated the task description for T3810: webproxy squidguard rules don't work properly after rewriting to python. .
Viacheslav updated the task description for T3810: webproxy squidguard rules don't work properly after rewriting to python. .
Viacheslav updated the task description for T3810: webproxy squidguard rules don't work properly after rewriting to python. .
@mbailey Can you check it in 1.3.0-rc6?
Viacheslav moved T1894: FRR config not loaded after daemons segfault or restart from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Viacheslav closed T1894: FRR config not loaded after daemons segfault or restart, a subtask of T3217: Save FRR configuration on each commit, as Resolved.
Fixed in T3217
Viacheslav moved T3217: Save FRR configuration on each commit from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Viacheslav moved T3217: Save FRR configuration on each commit from In Progress to Finished on the VyOS 1.4 Sagitta board.
You don't need line like "begin|end"
For example
set pki ca openvpn_vtun10 certificate 'MIIDSzCCAjOgAwIBAgIUEtkjCVKmZCwUeYLenoznpkxMeZswQ=='
Sep 6 2021
Sep 6 2021
It seems some bug in KVM.
I still see this bug
VyOS 1.3.0-rc6 config
vyos@r4-1.3# run show conf com | match mac set interfaces macsec macsec1 address '10.0.0.2/30' set interfaces macsec macsec1 security cipher 'gcm-aes-128' set interfaces macsec macsec1 security encrypt set interfaces macsec macsec1 security mka cak 'f42e15acecc0c1634582bdd32429efdf' set interfaces macsec macsec1 security mka ckn '0ef5ebf77ba031e45ad270e9f80c804d500a2649789db1c87b751114f329e032' set interfaces macsec macsec1 source-interface 'eth1'
Viacheslav closed T2920: Commit crash when adding the second mGRE tunnel with the same key as Resolved.
@kroy Did you get it with any other rc versions?
Viacheslav added a comment to T2920: Commit crash when adding the second mGRE tunnel with the same key.
PR for 1.3 https://github.com/vyos/vyos-1x/pull/999
Viacheslav added a project to T3806: Don't set link local ipv6 address if MTU less then 1280: VyOS 1.4 Sagitta.
Required migration script to set commands to proper AFI.
Viacheslav added a comment to T3191: PAM RADIUS freezing when accounting does not configured on RADIUS server.
Maybe disable sent "accounting messages" by default and enable it as a configuration option explicitly?
Viacheslav edited projects for T3396: syslog can't be configured with an ipv6 literal destination in 1.2.x, added: VyOS 1.3 Equuleus (1.3.0-epa1); removed VyOS 1.3 Equuleus.
Fixed VyOS 1.3-beta-202109060342
set interfaces ethernet eth0 redirect 'ifb0' set interfaces input ifb0 traffic-policy out 'MY-INGRESS-SHAPING' set traffic-policy shaper MY-INGRESS-SHAPING bandwidth '1000kbit' set traffic-policy shaper MY-INGRESS-SHAPING default bandwidth '1000kbit' set traffic-policy shaper MY-INGRESS-SHAPING default queue-type 'fair-queue'
Viacheslav moved T3396: syslog can't be configured with an ipv6 literal destination in 1.2.x from Backport Candidates to Finished on the VyOS 1.4 Sagitta board.
Viacheslav added a comment to T3396: syslog can't be configured with an ipv6 literal destination in 1.2.x.
PR for 1.3 https://github.com/vyos/vyos-1x/pull/998
@francis Can you check 1.3.0-rc6?
Viacheslav moved T3431: Show version all bug from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0-epa1) board.
Viacheslav moved T3431: Show version all bug from Backport Candidates to Finished on the VyOS 1.4 Sagitta board.