PR for VyOS 1.3 https://github.com/vyos/vyos-1x/pull/1318
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
May 7 2022
May 6 2022
1.3 fix via https://github.com/vyos/vyos-1x/pull/1318
In T4417#123158, @Viacheslav wrote:Try to delete sync-group, as you use only one group
I was able to reproduce issue on latest VyOS 1.4-rolling-202205060217
Steps to reproduce:
1 - Fresh/clean vyos router
2 - Add interface configuration (dhcp on WANs and static IP addresses on LAN side), commit and save
3 - Add next WLB configuration:
Try to delete sync-group, as you use only one group
May 5 2022
Implemented as set policy route-map FOO rule 10 set as-path prepend-last-as 2
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1315
PR for 1.3: https://github.com/vyos/vyos-build/pull/231
PR for 1.4: https://github.com/vyos/vyos-build/pull/230
In 1.4 it working
set policy route-map FOO rule 10 action 'permit' set policy route-map FOO rule 10 set as-path-prepend 'last-as 2'
I've creatred a pull request for the above - https://github.com/vyos/vyos-1x/pull/1313
May 4 2022
I can't reproduce it
With such configuration all works fine VyOS 1.4-rolling-202204300743:
set load-balancing wan interface-health eth4 failure-count '5' set load-balancing wan interface-health eth4 nexthop 'dhcp' set load-balancing wan interface-health eth4 success-count '1' set load-balancing wan interface-health eth4 test 10 target '192.0.2.40' set load-balancing wan interface-health eth5 failure-count '5' set load-balancing wan interface-health eth5 nexthop 'dhcp' set load-balancing wan interface-health eth5 success-count '1' set load-balancing wan interface-health eth5 test 10 target '192.0.2.50' set load-balancing wan interface-health eth6 failure-count '5' set load-balancing wan interface-health eth6 nexthop 'dhcp' set load-balancing wan interface-health eth6 success-count '1' set load-balancing wan interface-health eth6 test 10 target '192.0.2.60' set load-balancing wan rule 10 failover set load-balancing wan rule 10 inbound-interface 'eth7' set load-balancing wan rule 10 interface eth4 set load-balancing wan rule 10 interface eth5 set load-balancing wan rule 10 interface eth6 set load-balancing wan rule 10 protocol 'all' set load-balancing wan sticky-connections
Configuration
# cat /etc/sshguard/sshguard.conf #### REQUIRED CONFIGURATION #### # Full path to backend executable (required, no default) BACKEND="/usr/lib/x86_64-linux-gnu/sshg-fw-nft-sets"
May 3 2022
If it helps, I am also getting the exact same errors and problems, would love to see this working please
Resolved in https://github.com/vyos/vyos-cloud-init/pull/54
Also, these routes getting an administrative distance of 1, which is impossible to override. I believe the default route from DHCP normally has 210 which is manageable. So, the quick workaround could be increasing distance of these routes.
r24:/home/dtoubelis# cat /var/lib/dhcp/dhclient_eth4.leases lease { interface "eth4"; fixed-address 100.123.57.53; option subnet-mask 255.192.0.0; option relay-agent-information 1:4:0:0:4:cf:5:4:64:40:0:1:97:8:1:0:14:ed:0:0:14:ed:98:0; option dhcp-lease-time 300; option routers 100.64.0.1; option dhcp-message-type 5; option domain-name-servers 1.1.1.1,8.8.8.8; option dhcp-server-identifier 100.64.0.1; option interface-mtu 1500; option rfc3442-classless-static-routes 32,192,168,100,1,0,0,0,0,32,34,120,255,244,0,0,0,0,0,100,64,0,1; renew 2 2022/05/03 12:42:00; rebind 2 2022/05/03 12:44:26; expire 2 2022/05/03 12:45:04; } lease { interface "eth4"; fixed-address 100.123.57.53; option subnet-mask 255.192.0.0; option relay-agent-information 1:4:0:0:4:cf:5:4:64:40:0:1:97:8:1:0:14:ed:0:0:14:ed:98:0; option dhcp-lease-time 300; option routers 100.64.0.1; option dhcp-message-type 5; option domain-name-servers 1.1.1.1,8.8.8.8; option dhcp-server-identifier 100.64.0.1; option interface-mtu 1500; option rfc3442-classless-static-routes 32,192,168,100,1,0,0,0,0,32,34,120,255,244,0,0,0,0,0,100,64,0,1; renew 2 2022/05/03 12:46:34; rebind 2 2022/05/03 12:48:50; expire 2 2022/05/03 12:49:28; } lease { interface "eth4"; fixed-address 100.123.57.53; option subnet-mask 255.192.0.0; option relay-agent-information 1:4:0:0:4:cf:5:4:64:40:0:1:97:8:1:0:14:ed:0:0:14:ed:98:0; option dhcp-lease-time 300; option routers 100.64.0.1; option dhcp-message-type 5; option domain-name-servers 1.1.1.1,8.8.8.8; option dhcp-server-identifier 100.64.0.1; option interface-mtu 1500; option rfc3442-classless-static-routes 32,192,168,100,1,0,0,0,0,32,34,120,255,244,0,0,0,0,0,100,64,0,1; renew 2 2022/05/03 12:51:33; rebind 2 2022/05/03 12:53:25; expire 2 2022/05/03 12:54:03; } ... }
Could you also provide cat /var/lib/dhcp/dhclient_eth4.leases ?
no-default-route ignore just option routers and don't touch other options like classless-static-routes
https://github.com/vyos/vyos-1x/blob/2c29a3b3b46c7570f4a509f413b208348c0ce647/data/templates/dhcp-client/ipv4.tmpl#L18-L19
Below is a packet capture from DHCP exchange:
It seems that option 121 has more than one route. Could this be causing the abnormal behavior?
May 2 2022
We also need to verify remote-as in v6only or interface definitions:
Done some further research about rt_netlink and charon relationship. As described in the docs of Strongswan the option charon.process_route = no helps and is a good workaround if the destination is always reachable over a known specific interface (i think it can be an issue if wan load-balancing etc. is used).
There was some effort to introduce profiling into the system before, but nothing was developed.
The ticket was opened to verify that the timing values displayed in /var/log/vyatta are correct.
The vyos-debug flag enables tracing for actions described in the templates.
This will be a step-by-step walkthrough of the system profiling, as I have found this to have a bunch of non-obvious technical nuances that might get you stuck.
May 1 2022
Apr 30 2022
Apr 29 2022
Apr 28 2022
I've tried with a new spoke and I can't seem to register using `reload-or-restart', although it resolved the lost connectivity issues the opennhrp process needs a full restart. however, if you restart opennhrp daemon it causes different issues and usually the spoke loses connection.
## hub
Thank you, team, for such a quick response to my request. I have not even had the chance to test it yet but trust that this will work perfectly. Again, many thanks!
Apr 27 2022
I did this change as you mentioned and it worked, , example: