Page MenuHomeVyOS Platform
Feed All Stories

All Stories
Use Results
Edit Query

Sep 19 2022

n.fort changed the status of T4706: NAT and NAT66 issues from Open to Confirmed.
Sep 19 2022, 6:34 PM · VyOS 1.4 Sagitta
n.fort claimed T4706: NAT and NAT66 issues.
Sep 19 2022, 6:34 PM · VyOS 1.4 Sagitta
n.fort created T4706: NAT and NAT66 issues.
Sep 19 2022, 6:33 PM · VyOS 1.4 Sagitta
n.fort changed the status of T4699: Firewall - Add jump action - Add return action from In progress to Needs testing.
Sep 19 2022, 11:02 AM · VyOS 1.4 Sagitta
mike-pisman created T4705: Add Thunderbolt networking and interfaces supported in the config environment.
Sep 19 2022, 3:30 AM · Restricted Project, VyOS 1.5 Circinus

Sep 18 2022

jmarmorato added a comment to T4694: Allow VyOS Firewall to Match Outbound IPSec Traffic.

@n.fort Maybe set firewall name <name> rule <rule> ipsec match-gre? This feels a bit hacky though... Almost like match should be its own block and contain ipsec, none, or gre

Sep 18 2022, 10:06 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
roedie claimed T4639: Crowdsec in VyOS (Blocking only).
Sep 18 2022, 5:57 PM · VyOS 1.5 Circinus
danhusan closed T3155: ospfv3 mtu-ignore not working on ethernet vifs as Resolved.
Sep 18 2022, 4:41 PM · VyOS 1.2 Crux

Sep 17 2022

roedie moved T4526: keepalived-fifo.py unable to load config from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Sep 17 2022, 8:34 PM · vyos-keepalived, vyatta-vrrp, VyOS 1.4 Sagitta
roedie moved T4665: Keepalived cannot use same VRID for VRRPv2 and VRRPv3 from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Sep 17 2022, 8:31 PM · VyOS 1.4 Sagitta
roedie closed T4665: Keepalived cannot use same VRID for VRRPv2 and VRRPv3 as Resolved.

It works for me (tm)

Sep 17 2022, 8:30 PM · VyOS 1.4 Sagitta
c-po closed T4666: EAP-TLS no longer allows TLSv1.0 after T4537, T4584 as Resolved.
Sep 17 2022, 7:13 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta, wpa
c-po moved T4702: Wireguard peers configuration is not synchronized with CLI from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.3) board.
Sep 17 2022, 7:13 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po added a comment to T4702: Wireguard peers configuration is not synchronized with CLI.

PR for VyOS 1.3.3 https://github.com/vyos/vyos-1x/pull/1548

Sep 17 2022, 7:13 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po moved T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node from Need Triage to In Progress on the VyOS 1.4 Sagitta board.
Sep 17 2022, 6:41 PM · VyOS 1.4 Sagitta
c-po moved T4702: Wireguard peers configuration is not synchronized with CLI from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Sep 17 2022, 6:41 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po changed Why the issue appeared? from none to implementation-mistake on T4702: Wireguard peers configuration is not synchronized with CLI.
Sep 17 2022, 6:41 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po changed the status of T4702: Wireguard peers configuration is not synchronized with CLI from Confirmed to Needs testing.
Sep 17 2022, 6:41 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po edited projects for T4702: Wireguard peers configuration is not synchronized with CLI, added: VyOS 1.3 Equuleus (1.3.3); removed VyOS 1.3 Equuleus.
Sep 17 2022, 5:53 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
jack9603301 added a comment to T4689: Support RFS(Receive Flow Steering).

PR: https://github.com/vyos/vyos-1x/pull/1542

Sep 17 2022, 12:27 PM · VyOS 1.4 Sagitta
c-po claimed T4702: Wireguard peers configuration is not synchronized with CLI.
Sep 17 2022, 7:41 AM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta

Sep 16 2022

aalmenar created T4704: Allow to set metric (MED) to rtt with rtt,+rtt or -rtt.
Sep 16 2022, 8:35 PM · VyOS 1.4 Sagitta
c-po changed the status of T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node from Open to In progress.
Sep 16 2022, 7:31 PM · VyOS 1.4 Sagitta
c-po created T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node.
Sep 16 2022, 7:31 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T4118: IPsec syntax overhaul from In progress to Needs testing.
Sep 16 2022, 6:04 PM · VyOS 1.4 Sagitta
n.fort added a comment to T4699: Firewall - Add jump action - Add return action.

PR https://github.com/vyos/vyos-1x/pull/1546

Sep 16 2022, 5:11 PM · VyOS 1.4 Sagitta
danhusan awarded T4702: Wireguard peers configuration is not synchronized with CLI a Love token.
Sep 16 2022, 5:05 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
Viacheslav added a comment to T4557: fastnetmon: allow configure limits per protocol (tcp, udp, icmp).

PR https://github.com/vyos/vyos-1x/pull/1545
PR https://github.com/vyos/vyatta-cfg-system/pull/185

set service ids ddos-protection direction 'in'
set service ids ddos-protection listen-interface 'eth1'
set service ids ddos-protection mode mirror
set service ids ddos-protection threshold general fps '1000'
set service ids ddos-protection threshold general mbps '200'
set service ids ddos-protection threshold general pps '150000'
set service ids ddos-protection threshold tcp fps '25'
set service ids ddos-protection threshold tcp mbps '55'
set service ids ddos-protection threshold tcp pps '155'
set service ids ddos-protection threshold udp fps '100'
set service ids ddos-protection threshold udp mbps '100'
set service ids ddos-protection threshold udp pps '100'
set service ids ddos-protection threshold icmp fps '200'
set service ids ddos-protection threshold icmp mbps '210'
set service ids ddos-protection threshold icmp pps '2040'

Expected fastnermon config entries:

# General threshold
ban_for_flows = on
threshold_flows = 1000
ban_for_bandwidth = on
threshold_mbps = 200
ban_for_pps = on
threshold_pps = 150000
Sep 16 2022, 4:31 PM · VyOS 1.4 Sagitta
zsdc raised the priority of T4702: Wireguard peers configuration is not synchronized with CLI from Normal to High.
Sep 16 2022, 3:19 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
zsdc renamed T4702: Wireguard peers configuration is not synchronized with CLI from A `disable` option does not work for Wireguard peers to Wireguard peers configuration is not synchronized with CLI.
Sep 16 2022, 1:01 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
zsdc created T4702: Wireguard peers configuration is not synchronized with CLI.
Sep 16 2022, 12:41 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
Viacheslav changed the status of T4118: IPsec syntax overhaul from Open to In progress.
Sep 16 2022, 12:24 PM · VyOS 1.4 Sagitta
n.fort changed the status of T4701: Firewall - Implement global option to use one single general chian from Open to In progress.
Sep 16 2022, 10:51 AM · VyOS 1.4 Sagitta
n.fort created T4701: Firewall - Implement global option to use one single general chian.
Sep 16 2022, 10:50 AM · VyOS 1.4 Sagitta
n.fort changed the status of T4700: Firewall - Add interface match criteria from Open to In progress.
Sep 16 2022, 10:40 AM · VyOS 1.4 Sagitta
n.fort created T4700: Firewall - Add interface match criteria.
Sep 16 2022, 10:40 AM · VyOS 1.4 Sagitta
n.fort changed the status of T4699: Firewall - Add jump action - Add return action from Open to In progress.
Sep 16 2022, 10:36 AM · VyOS 1.4 Sagitta
n.fort created T4699: Firewall - Add jump action - Add return action.
Sep 16 2022, 10:35 AM · VyOS 1.4 Sagitta
Viacheslav changed the status of T3896: Extend ocserv support to allow for per-group configs from Open to Needs testing.
Sep 16 2022, 8:06 AM · VyOS 1.4 Sagitta
c-po changed the status of T4656: Support the listen-host config field of openconnect server from In progress to Needs testing.
Sep 16 2022, 7:33 AM · VyOS 1.4 Sagitta
Viacheslav added a project to T4697: policy route: Generating ConfigError failes when tcp flag is missing on set tcp-mss rule commit: VyOS 1.4 Sagitta.

PR https://github.com/vyos/vyos-1x/pull/1544

Sep 16 2022, 7:22 AM · VyOS 1.4 Sagitta
c-po closed T4698: Drop validator name="range" and replace it with numeric, a subtask of T4669: Extend numeric.ml for inversion of values and range values, as Resolved.
Sep 16 2022, 7:16 AM · VyOS 1.4 Sagitta
c-po closed T4698: Drop validator name="range" and replace it with numeric as Resolved.
Sep 16 2022, 7:16 AM · VyOS 1.4 Sagitta
Viacheslav changed the status of T4697: policy route: Generating ConfigError failes when tcp flag is missing on set tcp-mss rule commit from Open to In progress.
Sep 16 2022, 7:03 AM · VyOS 1.4 Sagitta
Viacheslav closed T4695: Add 'es' and 'jp106' keymap option keyboard-layout as Resolved.
Sep 16 2022, 6:47 AM · VyOS 1.4 Sagitta
c-po changed Why the issue appeared? from none to other on T4698: Drop validator name="range" and replace it with numeric.
Sep 16 2022, 6:37 AM · VyOS 1.4 Sagitta
c-po closed T4669: Extend numeric.ml for inversion of values and range values as Resolved.
Sep 16 2022, 6:37 AM · VyOS 1.4 Sagitta
c-po triaged T4698: Drop validator name="range" and replace it with numeric as Normal priority.
Sep 16 2022, 6:37 AM · VyOS 1.4 Sagitta
Viacheslav closed T4687: Canot change configuration after image update from 202207220217 to 202209090217 as Invalid.
Sep 16 2022, 6:18 AM · VyOS 1.4 Sagitta
Cheeze_It added a comment to T4693: ISIS segment routing was broken....

Added a new pull request to make ISIS segment routing work again.

Sep 16 2022, 4:09 AM · VyOS 1.4 Sagitta

Sep 15 2022

vishvas added a comment to T1973: Allow route-map to match on BGP local preference value.

Dear Sir
Will it work with 1.4 ?
BR
Vishvas

Sep 15 2022, 9:49 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.2 Crux (VyOS 1.2.6), vyatta-cfg-quagga
Sophie added a comment to T160: Support NAT64.

Jool is still being maintained for bugfixes etc. and it has all the features we're looking for, then it sounds fairly ideal. If no new features are being added to it, it's less likely to break in future releases too

Sep 15 2022, 9:15 PM · VyOS 1.4 Sagitta (1.4.0-epa1)
runar created T4697: policy route: Generating ConfigError failes when tcp flag is missing on set tcp-mss rule commit.
Sep 15 2022, 7:39 PM · VyOS 1.4 Sagitta
syncer moved T4695: Add 'es' and 'jp106' keymap option keyboard-layout from Need Triage to In Progress on the VyOS 1.4 Sagitta board.
Sep 15 2022, 6:55 PM · VyOS 1.4 Sagitta
syncer triaged T4695: Add 'es' and 'jp106' keymap option keyboard-layout as Normal priority.
Sep 15 2022, 6:55 PM · VyOS 1.4 Sagitta
syncer triaged T3424: PPPoE IA-PD doesn't work in VRF as Normal priority.
Sep 15 2022, 6:53 PM · VyOS 1.3 Equuleus (1.3.4), VyOS 1.4 Sagitta
jack9603301 updated subscribers of T4689: Support RFS(Receive Flow Steering).

I re-reviewed this PR and the following commit from @c-po

Sep 15 2022, 6:45 PM · VyOS 1.4 Sagitta
xPakrikx added a comment to T4687: Canot change configuration after image update from 202207220217 to 202209090217.

Ok now its working. Thanks. My bad.

Sep 15 2022, 4:51 PM · VyOS 1.4 Sagitta
c-po closed T4630: Prevent attempts to use the same interface as a source interface for pseudo-ethernet and MACsec at the same time as Resolved.
Sep 15 2022, 4:01 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.3)
Viacheslav moved T4679: OpenVPN site-to-site incorrect check for IPv6 local and remote address from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.3) board.
Sep 15 2022, 2:08 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.3)
Viacheslav closed T4679: OpenVPN site-to-site incorrect check for IPv6 local and remote address as Resolved.
Sep 15 2022, 2:08 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.3)
v.huti added a comment to T4180: Support for QoS Policy Propagation via BGP (QPPB).

Changes on the FRR side:

  • Convert xdp helper library to an optional plugin + bgp hook
  • Minor fixes + cleanups
  • Figured out most of the permission problems

Changes on the XDP side:

  • Convert mappings from legacy iproute format to the latest libbpf one
  • New mappings improve debugging experience by implementing pretty-printing for XDP map dumping
  • Added an xdp-loader for xdp-tools repo
Sep 15 2022, 1:57 PM · VyOS 1.5 Circinus
c-po closed T4696: Extend bgp parameters for bgp bestpath peer-type multipath-relax as Resolved.
Sep 15 2022, 12:33 PM · VyOS 1.4 Sagitta
c-po changed the status of T4696: Extend bgp parameters for bgp bestpath peer-type multipath-relax from Open to In progress.
Sep 15 2022, 12:14 PM · VyOS 1.4 Sagitta
c-po closed T4691: Upgrade Linux Kernel to latest 5.15.y train as Resolved.
Sep 15 2022, 12:13 PM · VyOS 1.4 Sagitta
dmbaturin deleted 1.3.2.
Sep 15 2022, 10:43 AM · VyOS 1.3 Equuleus
dmbaturin created an object: 1.3.2.
Sep 15 2022, 10:42 AM · VyOS 1.3 Equuleus (1.3.2)
aalmenar created T4696: Extend bgp parameters for bgp bestpath peer-type multipath-relax.
Sep 15 2022, 9:52 AM · VyOS 1.4 Sagitta
jack9603301 added a comment to T4689: Support RFS(Receive Flow Steering).

https://github.com/vyos/vyos-1x/pull/1535

Sep 15 2022, 9:44 AM · VyOS 1.4 Sagitta
Unknown Object (User) added a comment to T874: Support for Two Factor Authentication for CLI access via Google Authenticator/OTP.

PR adding libpam-google-authenticator package to VyOS:
https://github.com/vyos/vyos-1x/pull/1541

Sep 15 2022, 5:57 AM · VyOS 1.4 Sagitta (1.4.0-epa1)
Cheeze_It added a comment to T4693: ISIS segment routing was broken....

It seems that we have two constraints here.

Sep 15 2022, 4:35 AM · VyOS 1.4 Sagitta
Cheeze_It added a comment to T4693: ISIS segment routing was broken....

Made a fix and now we have:

Sep 15 2022, 4:32 AM · VyOS 1.4 Sagitta
Cheeze_It added a comment to T4693: ISIS segment routing was broken....

Let me see if I can fix it.

Sep 15 2022, 4:06 AM · VyOS 1.4 Sagitta
Cheeze_It added a comment to T4693: ISIS segment routing was broken....

Doing further testing, it seems adding the explicit-null broke the configuration:

Sep 15 2022, 3:59 AM · VyOS 1.4 Sagitta
Cheeze_It added a comment to T4693: ISIS segment routing was broken....

Good news. It seems the patch worked properly. Here we show MPLS labels generated via segment routing for the prefix command:

Sep 15 2022, 3:57 AM · VyOS 1.4 Sagitta

Sep 14 2022

Viacheslav changed the status of T4680: Telegraf prometheus-client listen-address invalid format from Open to In progress.
Sep 14 2022, 7:31 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
Viacheslav changed the status of T4685: Interface does not exist on boot when used as inbound-interface for local policy route from Open to Needs testing.
Sep 14 2022, 7:28 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T4695: Add 'es' and 'jp106' keymap option keyboard-layout from In progress to Needs testing.
Sep 14 2022, 7:21 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4687: Canot change configuration after image update from 202207220217 to 202209090217.

As I mentioned above, use it before the configuration, it described in the doc

#!/bin/vbash
Sep 14 2022, 7:17 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T4693: ISIS segment routing was broken... from Open to Needs testing.
Sep 14 2022, 7:12 PM · VyOS 1.4 Sagitta
n.fort added a comment to T4694: Allow VyOS Firewall to Match Outbound IPSec Traffic.

Interesting article on how and when to match ipsec options: https://thermalcircle.de/doku.php?id=blog:linux:nftables_demystifying_ipsec_expressions

Sep 14 2022, 6:18 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
Viacheslav added a comment to T4694: Allow VyOS Firewall to Match Outbound IPSec Traffic.

There is PR https://github.com/vyos/vyos-1x/pull/1516 for T4667 but it brakes all GRE traffic

Sep 14 2022, 6:04 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
Viacheslav added a comment to T4695: Add 'es' and 'jp106' keymap option keyboard-layout.

PR https://github.com/vyos/vyos-1x/pull/1540

Sep 14 2022, 5:51 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T4695: Add 'es' and 'jp106' keymap option keyboard-layout from Open to In progress.
Sep 14 2022, 5:29 PM · VyOS 1.4 Sagitta
Viacheslav renamed T4695: Add 'es' and 'jp106' keymap option keyboard-layout from Add 'es' and 'jp106' keymap to Add 'es' and 'jp106' keymap option keyboard-layout.
Sep 14 2022, 5:28 PM · VyOS 1.4 Sagitta
Viacheslav created T4695: Add 'es' and 'jp106' keymap option keyboard-layout.
Sep 14 2022, 5:28 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4679: OpenVPN site-to-site incorrect check for IPv6 local and remote address.

PR for 1.3 https://github.com/vyos/vyos-1x/pull/1539

Sep 14 2022, 3:17 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.3)
lferrarotti added a comment to T3424: PPPoE IA-PD doesn't work in VRF.

Hi all,

Sep 14 2022, 3:09 PM · VyOS 1.3 Equuleus (1.3.4), VyOS 1.4 Sagitta
n.fort added a comment to T4694: Allow VyOS Firewall to Match Outbound IPSec Traffic.

Do you have a proposed cli format?

Sep 14 2022, 2:22 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
jmarmorato created T4694: Allow VyOS Firewall to Match Outbound IPSec Traffic.
Sep 14 2022, 1:40 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
nickomarsa updated nickomarsa.
Sep 14 2022, 4:31 AM
Cheeze_It added a comment to T4693: ISIS segment routing was broken....

Added a pull request for this fix.

Sep 14 2022, 2:48 AM · VyOS 1.4 Sagitta
xPakrikx added a comment to T4687: Canot change configuration after image update from 202207220217 to 202209090217.

Nope, i use CLI for configuration and script for vrrp (wireguard interface enable/disable)

Sep 14 2022, 12:45 AM · VyOS 1.4 Sagitta

Sep 13 2022

Cheeze_It created T4693: ISIS segment routing was broken....
Sep 13 2022, 11:52 PM · VyOS 1.4 Sagitta
c-po added a comment to T2913: Failure to install fpm while building builder docker image.

Fix for 1.3 https://github.com/vyos/vyos-build/pull/261

Sep 13 2022, 7:47 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.2 Crux (VyOS 1.2.8)
c-po edited projects for T2913: Failure to install fpm while building builder docker image, added: VyOS 1.2 Crux (VyOS 1.2.8), VyOS 1.3 Equuleus (1.3.3); removed VyOS 1.2 Crux.
Sep 13 2022, 7:45 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.2 Crux (VyOS 1.2.8)
c-po changed the status of T2913: Failure to install fpm while building builder docker image from Open to In progress.
Sep 13 2022, 7:45 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.2 Crux (VyOS 1.2.8)
absolutesantaja created T4692: Docker Builds of Equuleus Fail - public_suffix requires Ruby version >= 2.6.
Sep 13 2022, 5:05 PM
absolutesantaja added a comment to T2913: Failure to install fpm while building builder docker image.

This is also an issue on the 1.3.x builds due to a similar issue. See https://github.com/jordansissel/fpm/issues/1923

Sep 13 2022, 5:00 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.2 Crux (VyOS 1.2.8)
Viacheslav added a subtask for T2199: Rewrite firewall in new XML/Python style: T1185: Firewall rulesets are ignored in RFC-compliant VRRP setups.
Sep 13 2022, 1:03 PM · VyOS 1.4 Sagitta (1.4.0-epa2)
First
Prev
Next