Page MenuHomeVyOS Platform
Feed Search

Search
Use Results
Hide Query

Dec 31 2021

Viacheslav added a comment to T1972: Allow setting interface name for virtual_ipaddress in VRRP VRID.

How about starting with a simple interface and allowing to set interface for binding address?

set high-availability vrrp group foo address 203.0.113.1 interface ethX      
Possible completions:
 > ethN         Interfcae used to assign virtual address
 > eth0         
 > eth1         
 > eth2
Dec 31 2021, 12:09 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav moved T4081: VRRP health-check script stops working when setting up a sync group from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.
Dec 31 2021, 11:04 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav edited projects for T4081: VRRP health-check script stops working when setting up a sync group, added: VyOS 1.3 Equuleus ( 1.3.1); removed VyOS 1.3 Equuleus (1.3.0).
Dec 31 2021, 11:04 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav closed T4081: VRRP health-check script stops working when setting up a sync group as Resolved.
Dec 31 2021, 11:04 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEXda7248337aa0: keepalived: T4081: Fix health-checking when syn-group is used.
Dec 31 2021, 9:36 AM

Dec 29 2021

Viacheslav closed T4023: Add grepcidr or similar functionality as Resolved.

@insignia96 Will be present in the next rolling release.

Dec 29 2021, 6:57 PM · VyOS 1.4 Sagitta
Viacheslav closed T3671: Webproxy not functional in 1.2.8 update as Resolved.
Dec 29 2021, 6:27 PM · VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav reopened T2498: Expected error when deleting vif that has dhcp-server configured as "Open".

Re-opened as this task regarding dhcp-server, not dhcp-client

Dec 29 2021, 5:48 PM · VyOS Rolling
Viacheslav closed T2498: Expected error when deleting vif that has dhcp-server configured as Not Applicable.

Fixed VyOS 1.3.0:

vyos@r4# run show conf com | match dhcp
set interfaces ethernet eth2 vif 35 address 'dhcp'
[edit]
vyos@r4# run show int
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
eth0             192.168.122.14/24                 u/u  WAN
eth1             203.0.113.14/24                   u/u  Lan
                 192.0.2.14/24                          
eth2             -                                 u/u  
eth2.35          10.0.2.10/24                      u/u
Dec 29 2021, 5:14 PM · VyOS Rolling
Viacheslav added a project to T2700: Redirecting traffic from PPPoE interface to IFB fails: VyOS 1.4 Sagitta.

To reproduce:

set interfaces ethernet eth2 vif 35
set interfaces pppoe pppoe0 authentication password 'MYPASSWORD'
set interfaces pppoe pppoe0 authentication user 'MYUSER'
set interfaces pppoe pppoe0 default-route 'force'
set interfaces pppoe pppoe0 mtu '1492'
set interfaces pppoe pppoe0 redirect 'ifb0'
set interfaces pppoe pppoe0 source-interface 'eth2.35'
set interfaces pppoe pppoe0 traffic-policy out 'OUT2'
set interfaces input ifb0

Commit:

vyos@r11-roll# commit
[ interfaces pppoe pppoe0 redirect ifb0 ]
Cannot find device "pppoe0"
tc qdisc ingress failed at /opt/vyatta/sbin/vyatta-qos.pl line 334.
Dec 29 2021, 4:05 PM · VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project
Viacheslav closed T2695: Flow-accounting bug with subinterfaces as Resolved.
Dec 29 2021, 4:00 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav moved T2400: OpenVPN: dont restart server if no need from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.
Dec 29 2021, 3:59 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav closed T2400: OpenVPN: dont restart server if no need, a subtask of T3995: OpenVPN: do not stop/start service on configuration change, as Resolved.
Dec 29 2021, 3:58 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav closed T2400: OpenVPN: dont restart server if no need as Resolved.

Fixed in eceaa3a7

Dec 29 2021, 3:58 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav added a project to T1972: Allow setting interface name for virtual_ipaddress in VRRP VRID: VyOS 1.4 Sagitta.
Dec 29 2021, 3:55 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav closed T4111: IPSec generates wrong configuration colons for IPv6 peers as Resolved.
Dec 29 2021, 3:54 PM · VyOS 1.4 Sagitta
Viacheslav closed T2922: The `vpn ipsec logging log-modes` miss the IPSec daemons state check as Resolved.
Dec 29 2021, 2:52 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav added a comment to T4116: Webproxy/Squid not working with IPv6 listen-address.

Just fork the repository vyos-1x and create a PR with propper commit format.
https://docs.vyos.io/en/equuleus/contributing/development.html#fork-repository-and-submit-patch
https://github.com/vyos/vyos-1x/blob/current/CONTRIBUTING.md

Dec 29 2021, 2:33 PM · VyOS 1.4 Sagitta

Dec 28 2021

Viacheslav added a comment to T2922: The `vpn ipsec logging log-modes` miss the IPSec daemons state check.

PR https://github.com/vyos/vyatta-cfg-vpn/pull/56

Dec 28 2021, 10:40 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav edited projects for T2922: The `vpn ipsec logging log-modes` miss the IPSec daemons state check, added: VyOS 1.3 Equuleus ( 1.3.1); removed VyOS 1.3 Equuleus (1.3.0).
Dec 28 2021, 10:27 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav changed the status of T2922: The `vpn ipsec logging log-modes` miss the IPSec daemons state check from Open to In progress.
Dec 28 2021, 10:21 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav closed T2933: VRRP add option virtual_ipaddress_excluded as Resolved.
Dec 28 2021, 7:28 PM · VyOS 1.3 Equuleus (1.3.0), Restricted Project
Viacheslav changed the subtype of T4112: Incorrect GRUB configuration parsing from "Task" to "Bug".
Dec 28 2021, 7:15 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)
Viacheslav changed the status of T4111: IPSec generates wrong configuration colons for IPv6 peers from In progress to Needs testing.
Dec 28 2021, 7:07 PM · VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEX5e05bfe79003: ipsec: T4111: Fix for swanctl configuration IPV6 peers.
Dec 28 2021, 7:05 PM
Viacheslav added a comment to T2281: DHCP and Static IPs on Same Interface.

One issue with static + dhcp on one interface at the same time.
After renew, the static address 192.168.122.11 is disappears
To reproduce:

vyos@r11-roll:~$ show conf com | match eth0
set interfaces ethernet eth0 address '192.168.122.11/24'
set interfaces ethernet eth0 address 'dhcp'

Renew dhcp:

vyos@r11-roll:~$ renew dhcp interface eth0

Static address not in the system:

vyos@r11-roll:~$ show int
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
eth0             192.168.122.166/24                u/u  WAN
eth1             203.0.113.1/24                    u/u
Dec 28 2021, 6:47 PM · VyOS 1.4 Sagitta
Viacheslav closed T3380: "show vpn ike sa" does not display IPv6 peers as Resolved.

Fixed in https://github.com/vyos/vyatta-op-vpn/pull/31/commits/1dff71494b3ddea72de3df2d08105fe9d8a90c95

Dec 28 2021, 5:38 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T4014: Add “command” and “arg” configuration options for containers.

@johannrichard Is there any real example that you want to achieve?

Dec 28 2021, 5:31 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4023: Add grepcidr or similar functionality.

PR https://github.com/vyos/vyos-user-utils/pull/1

Dec 28 2021, 5:17 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T4023: Add grepcidr or similar functionality from Open to In progress.
Dec 28 2021, 5:05 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T4100: Firewall increase maximum number of rules from Open to Needs testing.
Dec 28 2021, 4:14 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav changed the status of T4109: Extend high-availability/keepalived for support virtual-server lb from Open to In progress.
Dec 28 2021, 4:12 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T4110: [IPV6-SSH/DNS} enable IPv6 link local adresses as listen-address %eth0 from Open to In progress.
Dec 28 2021, 4:02 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T4110: [IPV6-SSH/DNS} enable IPv6 link local adresses as listen-address %eth0.

PR https://github.com/vyos/vyos-1x/pull/1124

set service ssh disable-host-validation
set service ssh listen-address '192.168.122.11'
set service ssh listen-address 'fe80::5054:ff:fe48:a0c6%eth0'

Chek service and listen-addresses:

vyos@r11-roll# cat /run/sshd/sshd_config | grep List
ListenAddress 192.168.122.11
ListenAddress fe80::5054:ff:fe48:a0c6%eth0
Dec 28 2021, 4:02 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav claimed T4110: [IPV6-SSH/DNS} enable IPv6 link local adresses as listen-address %eth0.
Dec 28 2021, 3:30 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav changed the status of T3380: "show vpn ike sa" does not display IPv6 peers from Open to In progress.
Dec 28 2021, 1:25 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav moved T3380: "show vpn ike sa" does not display IPv6 peers from Open to Finished on the VyOS 1.4 Sagitta board.
Dec 28 2021, 1:25 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T3380: "show vpn ike sa" does not display IPv6 peers.

PR https://github.com/vyos/vyatta-op-vpn/pull/31

Dec 28 2021, 1:24 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a project to T3380: "show vpn ike sa" does not display IPv6 peers: VyOS 1.3 Equuleus ( 1.3.1).
Dec 28 2021, 1:08 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav claimed T3380: "show vpn ike sa" does not display IPv6 peers.
Dec 28 2021, 1:05 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T3380: "show vpn ike sa" does not display IPv6 peers.

It still doesn't work for 1.3
This regex not for all IPv6 peers

Dec 28 2021, 1:03 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav changed the status of T4111: IPSec generates wrong configuration colons for IPv6 peers from Open to In progress.
Dec 28 2021, 12:04 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4111: IPSec generates wrong configuration colons for IPv6 peers.

PR https://github.com/vyos/vyos-1x/pull/1123

Dec 28 2021, 12:04 PM · VyOS 1.4 Sagitta

Dec 27 2021

Viacheslav claimed T4111: IPSec generates wrong configuration colons for IPv6 peers.
Dec 27 2021, 8:27 PM · VyOS 1.4 Sagitta
Viacheslav renamed T4111: IPSec generates wrong configuration colons for IPv6 peers from IPSec generates wrong configuration for IPv6 peers to IPSec generates wrong configuration colons for IPv6 peers.
Dec 27 2021, 7:47 PM · VyOS 1.4 Sagitta
Viacheslav created T4111: IPSec generates wrong configuration colons for IPv6 peers.
Dec 27 2021, 7:14 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T3299: Allow the web proxy service to listen on all IP addresses from Resolved to Unknown Status.
Dec 27 2021, 6:45 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav closed T3299: Allow the web proxy service to listen on all IP addresses as Resolved.
Dec 27 2021, 6:45 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav closed T3287: Ability to set DNAT translation address incorrectly as Invalid.

There is a task for "loadbalancing" T4109

Dec 27 2021, 6:42 PM · vyatta-nat, VyOS 1.4 Sagitta
Viacheslav added a comment to T590: openvpn config using openvpn config file.

Some of the options can be included in the config:

set interfaces openvpn vtun10 openvpn-option-include '/config/openvpn/included.conf'

Just configure minimal OpenVPN configuration and include what you want

Dec 27 2021, 6:27 PM · VyOS 1.5 Circinus
Viacheslav assigned T4087: IPsec IKE-group proposals limit of 10 pieces to Unknown Object (User).
Dec 27 2021, 5:32 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav moved T2566: sstp not able to run tunnels ipv6 only from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0) board.
Dec 27 2021, 5:06 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav closed T2566: sstp not able to run tunnels ipv6 only as Resolved.
Dec 27 2021, 5:06 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav closed T2764: Increase maximum number of NAT rules as Resolved.
Dec 27 2021, 4:20 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav changed the status of T4081: VRRP health-check script stops working when setting up a sync group from Confirmed to In progress.
Dec 27 2021, 2:09 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav moved T4081: VRRP health-check script stops working when setting up a sync group from Open to Finished on the VyOS 1.4 Sagitta board.
Dec 27 2021, 2:08 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav closed T3979: vyos-hostd unable to hostfile-update as Resolved.
Dec 27 2021, 2:08 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4081: VRRP health-check script stops working when setting up a sync group.

PR for 1.3 https://github.com/vyos/vyos-1x/pull/1122

Dec 27 2021, 2:07 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEXcd8015a4b60e: syslog: T4039: Add protocol23format logging for UDP.
Dec 27 2021, 11:25 AM
Viacheslav added a comment to T4109: Extend high-availability/keepalived for support virtual-server lb.

PR https://github.com/vyos/vyos-1x/pull/1121

Dec 27 2021, 8:34 AM · VyOS 1.4 Sagitta
Viacheslav created T4109: Extend high-availability/keepalived for support virtual-server lb.
Dec 27 2021, 7:40 AM · VyOS 1.4 Sagitta

Dec 26 2021

Viacheslav changed the subtype of T4100: Firewall increase maximum number of rules from "Task" to "Feature Request".

@NikolayP Change it https://github.com/vyos/vyatta-cfg-firewall/blob/1e06e3f891f8238d565ff0eddb4cd8c9b6032346/templates/firewall/name/node.tag/rule/node.def#L5-L9 to the required range.

Dec 26 2021, 9:26 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta

Dec 25 2021

Viacheslav committed rVYOSONEXee2c382c7c74: keepalived: T4081: Fix health-checking when syn-group is used.
Dec 25 2021, 9:13 PM

Dec 24 2021

Viacheslav closed T3854: Missing op-mode commands for conntrack-sync as Resolved.
Dec 24 2021, 9:45 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav lowered the priority of T891: Current multi-table usage with VRF-netns tables in FRR is partially broken for PBR. from High to Normal.
Dec 24 2021, 9:21 AM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav added a comment to T891: Current multi-table usage with VRF-netns tables in FRR is partially broken for PBR..
In T891#20803, @Watcher7 wrote:
  1. VyOS command syntax cannot currently specify both a next-hop and interface for the same static route, despite FRR being able to do so.
Dec 24 2021, 9:20 AM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav committed rVYOSONEXe317ea904374: conntrack-sync: T3854: Add missed statistics for op-mode.
Dec 24 2021, 9:18 AM
Viacheslav lowered the priority of T1035: SNMP BGP 32 bit AS number fail from High to Normal.
Dec 24 2021, 9:10 AM · VyOS 1.4 Sagitta (1.4.0)
Viacheslav closed T4080: Space in "description" commands as Invalid.
Dec 24 2021, 9:00 AM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)
Viacheslav moved T3854: Missing op-mode commands for conntrack-sync from Open to Finished on the VyOS 1.4 Sagitta board.
Dec 24 2021, 8:55 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T3854: Missing op-mode commands for conntrack-sync.

PR for 1.3 https://github.com/vyos/vyos-1x/pull/1120

Dec 24 2021, 8:44 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta

Dec 23 2021

Viacheslav closed T3467: cannot set vrrp virtual-address with /31 mask when router uses networkaddress. as Resolved.

Fixed in https://github.com/vyos/ipaddrcheck/commit/bd6f75bc8911d46d0a5f5ee21d22f3754af3abcc

Dec 23 2021, 9:57 PM · VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav closed T4092: IKEv2 mobike commit failed with DMVPN nhrp as Resolved.
Dec 23 2021, 9:28 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav committed rVYOSONEXdeda99075e86: conntrack-sync: T3854: Add missed statistics for op-mode.
Dec 23 2021, 9:13 PM
Viacheslav edited projects for T3854: Missing op-mode commands for conntrack-sync, added: VyOS 1.3 Equuleus ( 1.3.1); removed VyOS 1.3 Equuleus (1.3.0).
Dec 23 2021, 9:07 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav moved T4092: IKEv2 mobike commit failed with DMVPN nhrp from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.
Dec 23 2021, 9:06 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav edited projects for T4092: IKEv2 mobike commit failed with DMVPN nhrp, added: VyOS 1.3 Equuleus ( 1.3.1); removed VyOS 1.3 Equuleus.
Dec 23 2021, 9:06 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav added a comment to T4092: IKEv2 mobike commit failed with DMVPN nhrp.

PR for crux https://github.com/vyos/vyatta-cfg-vpn/pull/53

Dec 23 2021, 6:45 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav added a comment to T3854: Missing op-mode commands for conntrack-sync.

PR https://github.com/vyos/vyos-1x/pull/1119

Dec 23 2021, 5:52 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav created T4094: Missed conntrack-sync failover-mechanism cluster.
Dec 23 2021, 3:57 PM · VyOS 1.4 Sagitta
Viacheslav moved T4092: IKEv2 mobike commit failed with DMVPN nhrp from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Dec 23 2021, 3:22 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav edited a custom field on T3854: Missing op-mode commands for conntrack-sync.
Dec 23 2021, 12:29 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav changed the subtype of T3854: Missing op-mode commands for conntrack-sync from "Task" to "Bug".
Dec 23 2021, 12:28 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav changed the status of T3854: Missing op-mode commands for conntrack-sync from Open to In progress.
Dec 23 2021, 12:28 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta

Dec 22 2021

Viacheslav changed the status of T4092: IKEv2 mobike commit failed with DMVPN nhrp from Open to In progress.
Dec 22 2021, 6:53 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav added a project to T4092: IKEv2 mobike commit failed with DMVPN nhrp: VyOS 1.2 Crux (VyOS 1.2.9).
Dec 22 2021, 6:48 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav renamed T4092: IKEv2 mobike commit failed with DMVPN nhrp from Reopen: IKEv2 mobike commit failed to IKEv2 mobike commit failed with DMVPN nhrp.
Dec 22 2021, 6:37 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav added a comment to T4092: IKEv2 mobike commit failed with DMVPN nhrp.

PR https://github.com/vyos/vyatta-cfg-vpn/pull/52

Dec 22 2021, 6:34 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav claimed T4092: IKEv2 mobike commit failed with DMVPN nhrp.
Dec 22 2021, 6:03 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav added a comment to T4092: IKEv2 mobike commit failed with DMVPN nhrp.

It doesn't matter what you add mobike disable or enable
A possible reason it generates incorrect swanctl.conf for option mobike

Dec 22 2021, 5:56 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav added a comment to T4092: IKEv2 mobike commit failed with DMVPN nhrp.

@nikeshhajari thanks, I can reproduce it in 1.3:

set interfaces ethernet eth0 address '192.168.122.14/24'
set interfaces tunnel tun0 encapsulation 'gre'
set interfaces tunnel tun0 multicast 'enable'
set interfaces tunnel tun0 parameters ip key '1'
set interfaces tunnel tun0 source-address '192.168.122.14'
set protocols nhrp tunnel tun0 cisco-authentication 'orange'
set protocols nhrp tunnel tun0 holding-time '300'
set protocols nhrp tunnel tun0 multicast 'dynamic'
set protocols nhrp tunnel tun0 redirect
set protocols nhrp tunnel tun0 shortcut
set vpn ipsec esp-group ESP-HUB compression 'disable'
set vpn ipsec esp-group ESP-HUB lifetime '3600'
set vpn ipsec esp-group ESP-HUB mode 'tunnel'
set vpn ipsec esp-group ESP-HUB pfs 'dh-group21'
set vpn ipsec esp-group ESP-HUB proposal 1 encryption 'aes256'
set vpn ipsec esp-group ESP-HUB proposal 1 hash 'sha256'
set vpn ipsec esp-group ESP-HUB proposal 2 encryption 'aes256'
set vpn ipsec esp-group ESP-HUB proposal 2 hash 'sha256'
set vpn ipsec ike-group IKE-HUB ikev2-reauth 'no'
set vpn ipsec ike-group IKE-HUB key-exchange 'ikev2'
set vpn ipsec ike-group IKE-HUB lifetime '28800'
set vpn ipsec ike-group IKE-HUB proposal 1 dh-group '21'
set vpn ipsec ike-group IKE-HUB proposal 1 encryption 'aes256'
set vpn ipsec ike-group IKE-HUB proposal 1 hash 'sha256'
set vpn ipsec ike-group IKE-HUB proposal 2 dh-group '21'
set vpn ipsec ike-group IKE-HUB proposal 2 encryption 'aes256'
set vpn ipsec ike-group IKE-HUB proposal 2 hash 'sha256'
set vpn ipsec ipsec-interfaces interface 'eth0'
set vpn ipsec profile NHRPVPN authentication mode 'pre-shared-secret'
set vpn ipsec profile NHRPVPN authentication pre-shared-secret 'PRE_SHARED_KEY'
set vpn ipsec profile NHRPVPN bind tunnel 'tun0'
set vpn ipsec profile NHRPVPN esp-group 'ESP-HUB'
set vpn ipsec profile NHRPVPN ike-group 'IKE-HUB'
commit

Add mobile disable:

set vpn ipsec ike-group IKE-HUB mobike 'disable'
commit
[ vpn ]
Warning: unable to [reload changes to swanctl.conf], received error code 5632
Dec 22 2021, 5:51 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav added a comment to T4090: Source port and interface support for `commit-archive`.

I prefer to rewrite the whole https://github.com/vyos/vyatta-config-mgmt to XML/python

Dec 22 2021, 5:30 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav added a comment to T4093: SNMPv3 snmpd.conf generation bug.

A similar bug I see in 1.2 with such configuration:

set service snmp contact 'test'
set service snmp listen-address 192.168.122.12
set service snmp location 'test'
set service snmp v3 user foo auth encrypted-key '0x2e312e332e362e312e362e332e31302e312e322e34'
set service snmp v3 user foo auth type 'sha'
set service snmp v3 user foo privacy encrypted-key '0x'
set service snmp v3 user foo privacy type 'aes'
Dec 22 2021, 3:29 PM · VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav closed T4056: Traffic policy not set in live configuration as Resolved.
Dec 22 2021, 2:13 PM · vyatta-cfg, VyOS 1.4 Sagitta
Viacheslav added projects to T4093: SNMPv3 snmpd.conf generation bug: VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0).
Dec 22 2021, 2:04 PM · VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta

Dec 21 2021

Viacheslav added a comment to T4080: Space in "description" commands.

@m.korobeinikov Could you re-check it and close if necessary?

Dec 21 2021, 11:10 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)
Viacheslav closed T3376: Setting ipv6 address autoconf causes all interfaces besides the target to lose their IP as Not Applicable.
Dec 21 2021, 11:01 PM · VyOS 1.4 Sagitta
Viacheslav closed T3466: Ping command not working as expected as Wontfix.
Dec 21 2021, 10:55 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T3527: Sometimes installing of static routes failes.

@ernstjo Do you have any news regarding this issue or should we close it?

Dec 21 2021, 10:51 PM
Viacheslav added a comment to T3678: VyOS 1.4: Invalid error message while deleting ipsec vpn configuration.

@SrividyaA Could you re-check it?

Dec 21 2021, 10:41 PM · VyOS 1.4 Sagitta
First
Prev
Next