I just leave it here. We must not return to bug T2189 with this fix.

That's XPN support but GCM-AES-256 was added back in 2018 in https://w1.fi/cgit/hostap/commit/?id=1ff8605775

Put in pull request https://github.com/vyos/vyos-1x/pull/1423

That's what commit 5e510e45f6f9 did :)

As I remember fastnetmon wasn’t rewritten to dict
And requires manual set default value in config dictionary

You can find the latest version of the demo implementation here:

1. volodymyrhuti/linux/tree/QPPB_DEMO_V1.1
2. volodymyrhuti/frr/tree/QPPB_DEMO_V1.1

I installed wpa_supplicant version 2.10. But it did not help.
I compared debugs of wpa_supplicant and found the difference

Modyfing file pointed by @Viacheslav , makes ipv6 peer option available.
But while testing config, it's not possible to insert an ipv6 address: validator rejects input.
Validator used: syntax:expression: exec "/opt/vyatta/sbin/vyatta-policy.pl --check-peer-syntax $VAR(@)"; "peer must be either an IP or local"

@daniil Could you re-check it?

It seems wpa_supplicant doesn't support GCM-AES-256
https://w1.fi/wpa_supplicant/devel/dir_4261af1259721e3e39e0d2dd7354b511.html

PR https://github.com/vyos/vyos-1x/pull/1420

I have just tested it again. Macsec does not work.

PR with notice:
https://github.com/vyos/vyos-1x/pull/1419

PR for 1.4: https://github.com/vyos/vyos-1x/pull/1418

This is a behavior "by design". The prefix-len option cannot be used for BGP routes. We should add this notice to the CLI.
Check: http://docs.frrouting.org/en/latest/routemap.html#clicmd-match-ip-address-prefix-len-0-32

While i like the inclusion of NAT64 inside vyos (And the effort vfreex has made), i believe that tayga is not the way to go, it was last updated on 2010-12-12 according to the readme in it. Jool on the other hand has a bigger throughput being kernel module. The only issue i believe is the module compilation cause configuration is quite easy.

Can you check with the latest rolling release? it uses FRR 8.3

Probably a problem with FRR