@NikolayP Try the next command:
- Feed Queries
- All Stories
- Search
- Feed Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Jul 25 2022
Jul 25 2022
GitHub <noreply@github.com> committed rVYOSONEX3337aedd5f7f: Merge pull request #1431 from jestabro/gql-dev (authored by dmbaturin).
Viacheslav added a comment to T4271: bgp: show ipv6 bgp summary doesn't display neighbor information.
Jul 24 2022
Jul 24 2022
GitHub <noreply@github.com> committed rVYOSONEX4168e03721b2: Merge pull request #1416 from sever-sever/T2763-eq (authored by dmbaturin).
alainlamar updated the task description for T4566: Cannot log in on serial console on Equuleus v1.3.1.
alainlamar updated the task description for T4566: Cannot log in on serial console on Equuleus v1.3.1.
Jul 23 2022
Jul 23 2022
Viacheslav added a parent task for T4552: Unable to reset IPsec IPv6 peer: T4564: Root task for rewriting [op-mode] to vyos.opmode format.
Viacheslav added a parent task for T4545: Rewrite show nat source rules: T4564: Root task for rewriting [op-mode] to vyos.opmode format.
Viacheslav added a parent task for T4562: Rewrite show vrf to new format: T4564: Root task for rewriting [op-mode] to vyos.opmode format.
It will be fixed in T4545
PR https://github.com/vyos/vyos-1x/pull/1426
PR https://github.com/vyos/vyos-1x/pull/1430
vyos@r14:~$ show vrf Name State MAC address Flags Interfaces ------ ------- ----------------- ------------------------ --------------- foo up be:e3:5c:f1:54:99 noarp,master,up,lower_up eth1.50,eth1.55 bar up 1e:7c:94:da:e0:35 noarp,master,up,lower_up n/a vyos@r14:~$
Viacheslav changed the subtype of T4562: Rewrite show vrf to new format from "Bug" to "Feature Request".
goodNETnick <pknet@ya.ru> committed rVYOSONEXdbadbbf6453d: route-map: T4542: match prefix-len Kernel notice.
GitHub <noreply@github.com> committed rVYOSONEXe1e9f690d3eb: Merge pull request #1427 from goodNETnick/rm-pref-len (authored by c-po).
Unknown Object (User) added a comment to T4542: route-map: "match prefix-len" incorrect behavior.
New PR (Notice corrected):
https://github.com/vyos/vyos-1x/pull/1427
aalmenar added a comment to T4556: fastnetmon: Allow configure white_list_path and populate with hosts/networks that should be ignored..
I have added a pull request for this:
PR https://github.com/vyos/vyos-1x/pull/1428
vyos@r14:~$ reset vpn ipsec-peer 2001:db8::2
CHILD_SA {21241} closed successfully
CHILD_SA {21243} closed successfully
CHILD_SA {21245} closed successfully
CHILD_SA {21244} closed successfully
CHILD_SA {21247} closed successfully
CHILD_SA {21246} closed successfully
CHILD_SA {21249} closed successfully
CHILD_SA {21248} closed successfully
closing CHILD_SA peer_2001-db8--2_tunnel_0{21250} with SPIs cab47d6b_i (0 bytes) c3cbba13_o (0 bytes) and TS 2001:db8:1111::/64 === 2001:db8:2222::/64
sending DELETE for ESP CHILD_SA with SPI cab47d6b
generating INFORMATIONAL request 14065 [ D ]
sending packet: from 2001:db8::1[500] to 2001:db8::2[500] (69 bytes)
received packet: from 2001:db8::2[500] to 2001:db8::1[500] (69 bytes)
parsed INFORMATIONAL response 14065 [ D ]
received DELETE for ESP CHILD_SA with SPI c3cbba13
CHILD_SA closed
CHILD_SA {21250} closed successfully
establishing CHILD_SA peer_2001-db8--2_tunnel_0{21251}
generating CREATE_CHILD_SA request 14066 [ SA No KE TSi TSr ]
sending packet: from 2001:db8::1[500] to 2001:db8::2[500] (497 bytes)
received packet: from 2001:db8::2[500] to 2001:db8::1[500] (497 bytes)
parsed CREATE_CHILD_SA response 14066 [ SA No KE TSi TSr ]
selected proposal: ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ
CHILD_SA peer_2001-db8--2_tunnel_0{21251} established with SPIs ccaff1e5_i c5a2b674_o and TS 2001:db8:1111::/64 === 2001:db8:2222::/64
connection 'peer_2001-db8--2_tunnel_0' established successfully
Peer reset result: success
vyos@r14:~$Jul 22 2022
Jul 22 2022
Viacheslav changed the status of T4546: Does not connect Cisco spoke to VyOS hub. from In progress to Needs testing.
Commit fails b/c of frr-reload output: 200 % Local-AS allowed only for EBGP peers - we should add an appropriate verify() stage I guess.
GitHub <noreply@github.com> committed rVYOSONEX929915b57382: Merge pull request #1418 from zdc/T4546-sagitta (authored by c-po).
GitHub <noreply@github.com> committed rVYOSONEX875560ae8a84: Merge pull request #1425 from sever-sever/T4145 (authored by c-po).
PR https://github.com/vyos/vyos-1x/pull/1426
An example with only one rule 10 raw output
vyos@r14:~$ /usr/libexec/vyos/op_mode/nat.py show_rules --direction source --raw
[
{
"rule": {
"family": "ip",
"table": "nat",
"chain": "POSTROUTING",
"handle": 114,
"comment": "SRC-NAT-10",
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "eth0"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"masquerade": null
}
]
}
}
]
vyos@r14:~$PR to new format + IPv6 entries https://github.com/vyos/vyos-1x/pull/1425
c-po added a comment to T4561: reset ip bgp <neighbor> allows reset bgp peer for ipv4, also it should exist one for ipv6.
Unfortunately not all commands are present when using the bgp <afi> syntax. We should find the remaining ones and then move all to the new syntax - less confusing
aalmenar added a comment to T4561: reset ip bgp <neighbor> allows reset bgp peer for ipv4, also it should exist one for ipv6.
@Viacheslav yep that one works...
Viacheslav added a comment to T4561: reset ip bgp <neighbor> allows reset bgp peer for ipv4, also it should exist one for ipv6.
@aalmenar try the next command
vyos@r14# run reset bgp ipv6
Possible completions:
<h:h:h:h:h:h:h:h>
IPv6 neighbor to clear
1-4294967295 Reset peers with the AS number
all Clear all peers
external Reset all external peers
peer-group Reset all members of peer-groupaalmenar changed Version from - to 1.4-rolling-202207220217 on T4561: reset ip bgp <neighbor> allows reset bgp peer for ipv4, also it should exist one for ipv6.
aalmenar updated the task description for T4561: reset ip bgp <neighbor> allows reset bgp peer for ipv4, also it should exist one for ipv6.
aalmenar updated the task description for T4561: reset ip bgp <neighbor> allows reset bgp peer for ipv4, also it should exist one for ipv6.
@aaliddell I am not too concerned about tayga's maintenance. It have been proved to work well for years, and the package is already a part of the official repository of debian. Actually debian's tayga package includes a few patches: https://salsa.debian.org/debian/tayga/-/tree/debian/master/debian/patches
GitHub <noreply@github.com> committed rVYOSONEX99a0c88dd9dd: Merge pull request #1421 from vfreex/radvd-prefix-specific-options (authored by c-po).
Viacheslav changed the status of T4550: router-advert: Add deprecate-prefix & decrement-lifetimes options from Open to In progress.
Viacheslav changed the subtype of T4556: fastnetmon: Allow configure white_list_path and populate with hosts/networks that should be ignored. from "Task" to "Feature Request".
Viacheslav added a comment to T4558: Incomplete error message when duplicate firewall port-group used.
I just leave it here. We must not return to bug T2189 with this fix.
Jul 21 2022
Jul 21 2022
c-po renamed T4537: MACsec not working with cipher gcm-aes-256 from Macsec not working with cipher gcm-aes-256 to MACsec not working with cipher gcm-aes-256.
That's XPN support but GCM-AES-256 was added back in 2018 in https://w1.fi/cgit/hostap/commit/?id=1ff8605775
aalmenar updated the task description for T4557: fastnetmon: allow configure limits per protocol (tcp, udp, icmp).
Put in pull request https://github.com/vyos/vyos-1x/pull/1423
That's what commit 5e510e45f6f9 did :)
c-po added a project to T4553: Allow to set ban time on ddos-protection configuration: VyOS 1.4 Sagitta.