This issue should be fixed after these changes https://phabricator.vyos.net/T1970 (udevadm settle)
Tested on EdgeCore SAF51015I with generic ISOs.
- Feed Queries
- All Stories
- Search
- Feed Search
- Transactions
- Transaction Logs
Feed Search
Nov 15 2021
Nov 15 2021
Unknown Object (User) created T3992: Unhandled exception when trying to add an interface with an assigned address to a bridge.
Unknown Object (User) created T3991: PKI operational command return traceback.
Nov 11 2021
Nov 11 2021
Unknown Object (User) closed T1349: L2TP remote-access vpn terminated and not showing as connected as Resolved.
Does not possible to reproduce this behavior on 1.3-epa3.
Nov 10 2021
Nov 10 2021
Unknown Object (User) committed rVYOSONEXee02ca93ec7b: interface-names: T3871: Add temporary interface names to properly renaming.
Nov 5 2021
Nov 5 2021
Unknown Object (User) closed T3294: Images for Dell VEP platform use no default baud rate for this platform as Resolved.
Nov 4 2021
Nov 4 2021
Unknown Object (User) changed the status of T3294: Images for Dell VEP platform use no default baud rate for this platform from Open to Confirmed.
Nov 3 2021
Nov 3 2021
haakon.nore awarded T3294: Images for Dell VEP platform use no default baud rate for this platform a Like token.
Unknown Object (User) edited projects for T3294: Images for Dell VEP platform use no default baud rate for this platform, added: VyOS 1.2 Crux (VyOS 1.2.9); removed VyOS 1.2 Crux.
Oct 28 2021
Oct 28 2021
Unknown Object (User) created T3950: CLI backtrace on update if DNS not defined .
Oct 25 2021
Oct 25 2021
Unknown Object (User) changed the status of T3934: Openconnect VPN broken: ocserv-worker general protection fault on client connect from Open to Confirmed.
Oct 3 2021
Oct 3 2021
Unknown Object (User) created T3886: DHCP server can not start.
Sep 2 2021
Sep 2 2021
Unknown Object (User) changed the status of T2661: SSTP wrong certificates check from Open to Needs testing.
Unknown Object (User) committed rVYOSONEX90031f21dc66: sstp-server: T2661: Delete CA certificate redundancy check.
Unknown Object (User) closed T3790: Does not possible to configure PPTP static ip-address to users as Resolved.
Unknown Object (User) added a comment to T2661: SSTP wrong certificates check.
Unknown Object (User) changed the status of T3790: Does not possible to configure PPTP static ip-address to users from Open to Needs testing.
Unknown Object (User) added a comment to T3790: Does not possible to configure PPTP static ip-address to users.
PR for current https://github.com/vyos/vyos-1x/pull/988
Sep 1 2021
Sep 1 2021
Unknown Object (User) committed rVYOSONEX23388fe193f0: pptp-server: T3790: Change ippool priority and define gw-ip-address.
Unknown Object (User) added a comment to T3790: Does not possible to configure PPTP static ip-address to users.
PR https://github.com/vyos/vyos-1x/pull/987
Can we cherry-pick this patch to the current branch?
Unknown Object (User) claimed T3790: Does not possible to configure PPTP static ip-address to users.
Unknown Object (User) created T3790: Does not possible to configure PPTP static ip-address to users.
Aug 18 2021
Aug 18 2021
Unknown Object (User) created T3764: Unconfigurable IKE and ESP lifetime.
Aug 12 2021
Aug 12 2021
Unknown Object (User) changed the status of T2432: dhcpd: Can't create new lease file: Permission denied from Unknown Status to Resolved.
Aug 9 2021
Aug 9 2021
Unknown Object (User) added a comment to T3731: verify_accel_ppp_base_service return wrong config error for SSP.
PR for Equuleus https://github.com/vyos/vyos-1x/pull/959
Unknown Object (User) changed the status of T3731: verify_accel_ppp_base_service return wrong config error for SSP from Open to In progress.
Unknown Object (User) created T3731: verify_accel_ppp_base_service return wrong config error for SSP.
Unknown Object (User) closed T2776: QAT acceleration not working for IPSec AES-128 (CBC) / SHA256 tunnel as Invalid.
Unknown Object (User) added a comment to T2776: QAT acceleration not working for IPSec AES-128 (CBC) / SHA256 tunnel .
Tested on 1.3-rc5, all works properly
set vpn ipsec esp-group ESP_DEFAULT compression 'disable' set vpn ipsec esp-group ESP_DEFAULT lifetime '3600' set vpn ipsec esp-group ESP_DEFAULT mode 'tunnel' set vpn ipsec esp-group ESP_DEFAULT pfs 'dh-group19' set vpn ipsec esp-group ESP_DEFAULT proposal 10 encryption 'aes128' set vpn ipsec esp-group ESP_DEFAULT proposal 10 hash 'sha256' set vpn ipsec ike-group IKEv2_DEFAULT close-action 'none' set vpn ipsec ike-group IKEv2_DEFAULT dead-peer-detection action 'hold' set vpn ipsec ike-group IKEv2_DEFAULT dead-peer-detection interval '30' set vpn ipsec ike-group IKEv2_DEFAULT dead-peer-detection timeout '120' set vpn ipsec ike-group IKEv2_DEFAULT ikev2-reauth 'no' set vpn ipsec ike-group IKEv2_DEFAULT key-exchange 'ikev2' set vpn ipsec ike-group IKEv2_DEFAULT lifetime '10800' set vpn ipsec ike-group IKEv2_DEFAULT mobike 'disable' set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 dh-group '19' set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 encryption 'aes128' set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 hash 'sha256'
Flow served QAT
vyos@R2-QAT# run show system acceleration qat device qat_dev0 flows +------------------------------------------------+ | FW Statistics for Qat Device | +------------------------------------------------+ | Firmware Requests [AE 0]: 60046 | | Firmware Responses[AE 0]: 60046 | +------------------------------------------------+ | Firmware Requests [AE 1]: 112720 | | Firmware Responses[AE 1]: 112720 | +------------------------------------------------+ | Firmware Requests [AE 2]: 219657 | | Firmware Responses[AE 2]: 219657 | +------------------------------------------------+ | Firmware Requests [AE 3]: 60046 | | Firmware Responses[AE 3]: 60046 | +------------------------------------------------+ | Firmware Requests [AE 4]: 112722 | | Firmware Responses[AE 4]: 112722 | +------------------------------------------------+ | Firmware Requests [AE 5]: 219657 | | Firmware Responses[AE 5]: 219657 | +------------------------------------------------+
Interrupts
vyos@R2-QAT# run show system acceleration qat interrupts 140: 44039 0 0 0 0 0 0 0 IR-PCI-MSI 524288-edge qat0-bundle0 141: 0 42358 0 0 0 0 0 0 IR-PCI-MSI 524289-edge qat0-bundle1 142: 0 0 0 0 0 0 0 0 IR-PCI-MSI 524290-edge qat0-bundle2 143: 0 0 0 0 0 0 0 0 IR-PCI-MSI 524291-edge qat0-bundle3 144: 0 0 0 0 0 0 0 0 IR-PCI-MSI 524292-edge qat0-bundle4 145: 0 0 0 0 0 0 0 0 IR-PCI-MSI 524293-edge qat0-bundle5 146: 0 0 0 0 0 0 0 0 IR-PCI-MSI 524294-edge qat0-bundle6 147: 0 0 0 0 0 0 0 0 IR-PCI-MSI 524295-edge qat0-bundle7 148: 0 0 0 0 0 0 0 0 IR-PCI-MSI 524296-edge qat0-bundle8 149: 0 0 0 0 0 0 0 0 IR-PCI-MSI 524297-edge qat0-bundle9 150: 0 0 0 0 0 0 0 0 IR-PCI-MSI 524298-edge qat0-bundle10 151: 0 0 0 0 0 0 0 0 IR-PCI-MSI 524299-edge qat0-bundle11 152: 0 0 0 0 0 0 0 0 IR-PCI-MSI 524300-edge qat0-bundle12 153: 0 0 0 0 0 0 0 0 IR-PCI-MSI 524301-edge qat0-bundle13 154: 0 0 0 0 0 0 0 0 IR-PCI-MSI 524302-edge qat0-bundle14 155: 0 0 0 0 0 0 0 0 IR-PCI-MSI 524303-edge qat0-bundle15 156: 0 0 0 0 0 0 0 0 IR-PCI-MSI 524304-edge qat0-ae-cluster
Unknown Object (User) committed rVYOSONEXc3d536f77d62: openconnect: T3695: Add systemd service checker on commit.
Unknown Object (User) changed the status of T3695: OpenConnect reports commit success when ocserv fails to start due to SSL cert/key file issues from Open to Needs testing.
PR for 1.3 https://github.com/vyos/vyos-1x/pull/957
Aug 6 2021
Aug 6 2021
Unknown Object (User) added a comment to T3724: Allow setting host-name in l2tp section of accel-ppp.
Hello @maznu , I also prefer the first variant set vpn l2tp remote-access lns host-name example.com I'm sure that we no need to overload l2tp remote-access root noded
Aug 5 2021
Aug 5 2021
Unknown Object (User) added a comment to T2851: Invalid passthrough routes installing by strongSwan into table 220.
It is not critical, please test without this package "libstrongswan-standard-plugins"
All necessary data is already installed.
Unknown Object (User) added a comment to T2851: Invalid passthrough routes installing by strongSwan into table 220.
strongswan.tar2 MBDownload
I have patched packages for 1.2.8. It works on my routers in the virtual environment.
Instruction:
- Upload package to the router
- Unarchiv it
sudo tar -xvf strongswan.tar
- Install packages
sudo dpkg -i *.deb
- Reboot router or reconfigure IPSec
Aug 3 2021
Aug 3 2021
Unknown Object (User) closed T2432: dhcpd: Can't create new lease file: Permission denied as Unknown Status.
Unknown Object (User) added a comment to T2661: SSTP wrong certificates check.
@Viacheslav I believe it is still actual for 1.3 https://github.com/vyos/vyos-1x/blob/equuleus/src/conf_mode/vpn_sstp.py#L60-L78
I saw we changed the PKI model only for 1.4. Implement PKI model for 1.3-epa1 a risky
Jul 29 2021
Jul 29 2021
Unknown Object (User) committed rVYOSONEX54abd97845fd: dhcp-server: T2432: Run dhcpd in group vyattacfg to allow recreate lease files.
Unknown Object (User) changed the status of T2432: dhcpd: Can't create new lease file: Permission denied from Open to In progress.
Unknown Object (User) added a comment to T2432: dhcpd: Can't create new lease file: Permission denied.
PR https://github.com/vyos/vyos-1x/pull/945
Also, need to cherry-pick it to Equuleus
Unknown Object (User) added a project to T2432: dhcpd: Can't create new lease file: Permission denied: VyOS 1.4 Sagitta.
Jul 26 2021
Jul 26 2021
Unknown Object (User) reopened T2432: dhcpd: Can't create new lease file: Permission denied as "Open".
I think we need to reopen this task. Sometimes (one per hour) some users and I got similar messages on version 1.3-rc4/rc5
Jun 29 2021
Jun 29 2021
Unknown Object (User) changed the status of T3593: PPPoE server called-sid format does not work from Unknown Status to Resolved.
Unknown Object (User) added a comment to T3408: vyos 1.4 not delivering ipv6 to devices via PPPOE.
Hello @joeudes , it looks like without enabled ppp-option ipv6 it should not work
set service pppoe-server ppp-options ipv6 allow
Unknown Object (User) added a comment to T2883: op-mode reset vpn command shows wrong completion.
@Viacheslav it is reproducible in 1.2.7
vyos@vyos:~$ touch file1 vyos@vyos:~$ touch file2 vyos@vyos:~$ touch file3 vyos@vyos:~$ ls file1 file2 file3 vyos@vyos:~$ reset vpn remote-access user Possible completions: file1 Terminate specified user's current remote access VPN session(s) file2 file3
Unknown Object (User) added projects to T3405: PPPoE server unit-cache: VyOS 1.3 Equuleus, Restricted Project.
Unknown Object (User) changed the status of T3405: PPPoE server unit-cache from Open to Needs testing.
Jun 25 2021
Jun 25 2021
Unknown Object (User) committed rVYOSONEX9431383abc92: T3649: bonding: Add additional hash policies.
Unknown Object (User) added a comment to T3649: Add bonding additional hash-policy.
Unknown Object (User) changed the status of T3649: Add bonding additional hash-policy from Open to In progress.
Unknown Object (User) created T3649: Add bonding additional hash-policy.
Jun 16 2021
Jun 16 2021
Unknown Object (User) changed the status of T3629: IPoE server shifting address in the range from Open to In progress.
Unknown Object (User) created T3629: IPoE server shifting address in the range.
Jun 3 2021
Jun 3 2021
Please, backport it to 1.3 rolling https://phabricator.vyos.net/rVYOSONEX4b646c1fb31a1a9f9c9d1658734d478fed5f19f1
Jun 2 2021
Jun 2 2021
Unknown Object (User) added a comment to T3546: Add support for running scripts on PPPoE server session events.
Extended scripts receive from PPPoE daemon the following variables:
$1 - Interface name $4 - Tunnel GW IP address $5 - Delegated IP address to the client $6 - Calling Station ID (MAC)
For example, how to get received RADIUS attributes
note: In this case, Filter-Id attribute used as an indicator for block user adding to ipset
configure set firewall group address-group blocked commit
Jun 1 2021
Jun 1 2021
Unknown Object (User) added a comment to T3546: Add support for running scripts on PPPoE server session events.
PR https://github.com/vyos/vyos-1x/pull/860
To provide the possibility to read RADIUS attribute by script, also need to define radattr=/run/radattr param
Unknown Object (User) changed the status of T3593: PPPoE server called-sid format does not work from Open to In progress.
Unknown Object (User) created T3593: PPPoE server called-sid format does not work.
Unknown Object (User) changed the status of T3546: Add support for running scripts on PPPoE server session events from Open to In progress.
May 28 2021
May 28 2021
Properly works on the latest 1.4 rolling. Is it possible to backport changes to 1.3?
May 27 2021
May 27 2021
Unknown Object (User) added a comment to T2123: Configure 3 NTP servers.
PR https://github.com/vyos/vyos-build/pull/166
server "time1.vyos.net" server "time2.vyos.net" server "time3.vyos.net"
May 26 2021
May 26 2021
Unknown Object (User) added a comment to T3546: Add support for running scripts on PPPoE server session events.
I propose something like
set service pppoe-server extended-scripts on-pre-up <path> set service pppoe-server extended-scripts on-up <path> set service pppoe-server extended-scripts on-down <path> set service pppoe-server extended-scripts on-change <path>
May 18 2021
May 18 2021
Unknown Object (User) committed rVYOSONEX5b5e74fb667f: openconnect-server: T3559: Add restart op-command.
Unknown Object (User) added a comment to T3559: Add restart op-command for OpenConnect Server.
Unknown Object (User) changed the status of T3559: Add restart op-command for OpenConnect Server from Open to In progress.
Unknown Object (User) created T3559: Add restart op-command for OpenConnect Server.
Tested on 1.4-rolling-202105170417 works correct. Propose to backport this to 1.3
Unknown Object (User) changed the status of T3461: OpenConnect Server redundancy check from Open to In progress.
May 14 2021
May 14 2021
Unknown Object (User) renamed T3546: Add support for running scripts on PPPoE server session events from Add pppoe CLI custom script feature to Add pppoe-server CLI custom script feature .
Unknown Object (User) created T3546: Add support for running scripts on PPPoE server session events.
May 13 2021
May 13 2021
Unknown Object (User) created T3545: Does not possible to update VyOS from 1.1.8.
May 2 2021
May 2 2021
Unknown Object (User) added a comment to T3480: Does not possible to change console baud-rate.
Hi @hard, I think behavior should be another for VM. Did you try to change speed when you connected via serial?
Apr 27 2021
Apr 27 2021
Unknown Object (User) added a project to T3494: DHCPv6 leases traceback when PD using: VyOS 1.3 Equuleus.
Work as expected on 1.4-rolling-202104260417
vyos@R1:~$ show dhcpv6 server leases IPv6 address State Last communication Lease expiration Remaining Type Pool IAID_DUID ------------------ ------- -------------------- ------------------- ----------- ----------------- ----------- ----------------------------------------------------- 2001:db8:290::/64 active 2021/04/23 14:52:48 prefix delegation VyOS-DHCPv6 00:00:00:00:00:01:00:01:28:15:9b:bd:50:00:00:06:00:00 2001:db8:3456::15b active 2021/04/27 05:07:51 2021/04/27 17:07:51 10:28:27 non-temporary VyOS-DHCPv6 00:00:00:00:00:01:00:01:28:15:9b:bd:50:00:00:06:00:00
Apr 26 2021
Apr 26 2021
Unknown Object (User) committed rVYOSONEXee4891fe9ad6: dhcpv6-server: T3494: Get address from network to correct sorting.
Unknown Object (User) changed the status of T3494: DHCPv6 leases traceback when PD using from Open to Needs testing.
Apr 23 2021
Apr 23 2021
Unknown Object (User) created T3494: DHCPv6 leases traceback when PD using.
Unknown Object (User) created T3493: DHCPv6 does not have prefix range validation.
Apr 18 2021
Apr 18 2021
Unknown Object (User) updated the task description for T3484: Kernel panic when QAT uses.
Unknown Object (User) created T3484: Kernel panic when QAT uses.
Apr 16 2021
Apr 16 2021
Unknown Object (User) created T3480: Does not possible to change console baud-rate.
Apr 9 2021
Apr 9 2021
Unknown Object (User) added a comment to T3465: PPPoE server: dual-stack IPv4/IPv6 provisioning with Prefix Delegation not working.
Add PR with improvements to documentation https://github.com/vyos/vyos-documentation/pull/503
Unknown Object (User) added a comment to T3465: PPPoE server: dual-stack IPv4/IPv6 provisioning with Prefix Delegation not working.
Thanks. I think the main issue is missing required modules in the generated pppoe server config file
sudo cat /run/accel-pppd/pppoe.conf ### generated by accel_pppoe.py ### [modules] log_syslog pppoe shaper chap-secrets ippool auth_pap auth_chap_md5 auth_mschap_v1 auth_mschap_v2
Required
ipv6pool ipv6_nd ipv6_dhcp
These option enables by the foloowing CLI command::
set service pppoe-server ppp-options ipv6 allow
Apr 8 2021
Apr 8 2021
Unknown Object (User) added a comment to T3465: PPPoE server: dual-stack IPv4/IPv6 provisioning with Prefix Delegation not working.
It looks like the same nature of this issue https://phabricator.vyos.net/T3393
@c-po , could you try to test fast solution
configure set system sysctl custom net.ipv6.conf.default.addr_gen_mode value 0 commit
Apr 7 2021
Apr 7 2021
Unknown Object (User) created T3461: OpenConnect Server redundancy check.
Mar 17 2021
Mar 17 2021
Unknown Object (User) added a comment to T3403: Error on interrupting list of pppoe sessions.
Works correct for q, but still show backtrace by Ctrl+C
:Traceback (most recent call last):
File "/usr/libexec/vyos/op_mode/ppp-server-ctrl.py", line 74, in <module>
main()
File "/usr/libexec/vyos/op_mode/ppp-server-ctrl.py", line 63, in main
print(output)
KeyboardInterruptLets change except BrokenPipeError: to except:
Mar 16 2021
Mar 16 2021
Unknown Object (User) added a comment to T3353: PPPoE server wrong vlan-range generating config.
@Viacheslav . Ok this is not a problem, because we have a workaround with pseudo ethernet interfaces
set interfaces pseudo-ethernet peth1 source-interface 'eth1' set service pppoe-server interface peth1 set service pppoe-server interface eth1 vlan-id '50' set service pppoe-server interface eth1 svlan 1000 vlan-range '1-4095'
Now all looks good and works properly, but need to add better help value
vyos@vyos# set service pppoe-server interface eth3 vlan-id Possible completions: <text> VLAN monitor for the automatic creation of vlans (user per vlan)
Unknown Object (User) added a comment to T3242: PPPoE Server overhead on virtual interfaces creation.
To disable udev link_config redundancy call we need to delete /usr/lib/systemd/network/99-default.link
Mar 15 2021
Mar 15 2021
Unknown Object (User) added a comment to T3329: "system conntrack ignore" rules can no longer be created due to an iptables syntax change.
@dmbaturin please cherry-pick this to equuleus. Successfully tested on VyOS-1.3-RC1
Mar 13 2021
Mar 13 2021
Unknown Object (User) added a comment to T3405: PPPoE server unit-cache.
Yes, some time ago, it could produce kernel issues https://www.mail-archive.com/netdev@vger.kernel.org/msg218964.html
And I think it will be good to add the possibility to control unit-cache to have the opportunity to influence this.
Mar 12 2021
Mar 12 2021
Unknown Object (User) updated the task description for T3405: PPPoE server unit-cache.
Unknown Object (User) claimed T3405: PPPoE server unit-cache.
Unknown Object (User) created T3405: PPPoE server unit-cache.
Unknown Object (User) created T3403: Error on interrupting list of pppoe sessions.
Mar 11 2021
Mar 11 2021
Unknown Object (User) edited a custom field on T486: Static IPv6 default route via OSPFv3-learned loopback is not activated.
Unknown Object (User) changed the subtype of T486: Static IPv6 default route via OSPFv3-learned loopback is not activated from "Task" to "Bug".
Unknown Object (User) added a comment to T3242: PPPoE Server overhead on virtual interfaces creation.
Fresh SNMP Daemon has some option which might be helpful
https://manpages.debian.org/unstable/snmpd/snmpd.conf.5.en.html
ifmib_max_num_ifaces NUM
Unknown Object (User) added a comment to T3242: PPPoE Server overhead on virtual interfaces creation.
Configured SNMP also add impact
top - 12:51:59 up 3:25, 2 users, load average: 1.35, 0.70, 0.28 Tasks: 214 total, 2 running, 210 sleeping, 2 stopped, 0 zombie %Cpu0 : 0.0 us, 0.0 sy, 0.0 ni, 99.7 id, 0.0 wa, 0.0 hi, 0.3 si, 0.0 st %Cpu1 : 22.6 us, 77.4 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st %Cpu2 : 0.0 us, 0.3 sy, 0.0 ni, 99.7 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st %Cpu3 : 0.0 us, 0.0 sy, 0.0 ni,100.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st MiB Mem : 9972.9 total, 6710.1 free, 2044.5 used, 1218.3 buff/cache MiB Swap: 0.0 total, 0.0 free, 0.0 used. 7195.8 avail Mem
Mar 10 2021
Mar 10 2021
Unknown Object (User) updated subscribers of T3305: Ingress qdisc does not work anymore in 1.3-rolling-202101 snapshot.
@jack9603301 it looks like this issue related to your patch https://github.com/vyos/vyatta-cfg-qos/commit/6391325271be489d29f0b7aa2982952068c6a53c
T3089
Mar 9 2021
Mar 9 2021
Unknown Object (User) added a comment to T3242: PPPoE Server overhead on virtual interfaces creation.
Also, add some overhead netplug
top - 19:14:34 up 26 min, 1 user, load average: 10.29, 13.17, 8.57 Tasks: 568 total, 5 running, 228 sleeping, 0 stopped, 335 zombie %Cpu0 : 5.0 us, 10.6 sy, 0.0 ni, 84.4 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st %Cpu1 : 9.8 us, 15.2 sy, 0.0 ni, 75.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st %Cpu2 : 40.7 us, 3.0 sy, 0.0 ni, 56.2 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st %Cpu3 : 9.6 us, 86.4 sy, 0.0 ni, 4.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st MiB Mem : 3870.9 total, 1375.2 free, 1499.9 used, 995.8 buff/cache MiB Swap: 0.0 total, 0.0 free, 0.0 used. 1716.8 avail Mem