- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Apr 6 2023
We have targets-checks 203.0.113.1, 192.0.2.1, and if any of these targets are unreachable, we delete this route.
Is it correct?
@c-po How is the review and discussion on this feature going?
A similar output exists
show system login users Possible completions: <Enter> Execute the current command all Show information about all accounts locked Show information about locked accounts other Show information about non VyOS user accounts vyos Show information about VyOS user accounts`
Apr 5 2023
In T4362#146398, @Viacheslav wrote:@marc_s Will be fixed in the next rolling release, could you check?
Thanks @Viacheslav will test ASAP, next week I have a maintenance window, will let you know.
Apr 4 2023
PR https://github.com/vyos/vyos-1x/pull/1939
set system login max-login-session '1' set system login timeout '600'
Is it possible to implement multiple test targets instead of just one?
Bug: unable to rename a failover route:
@Viacheslav Ok!
@Harliff It is better to write to this task if you find bugs or propose new features.
So anyone could claim/fix it.
Thanks.
@Viacheslav, where is best place to discuss the feature (ask a question or report a bug)?
Nice feature. I'm testing it now.
@neilmckee Thanks.
If output looks good we can close the task
Apr 3 2023
I think one of the problems is that all tables are generated even if there are no rules in it.
Yes. Packet drops are classed as "event_samples" internally. Definitions for telemetry counters are here:
https://github.com/sflow/host-sflow/blob/v2.0.50-4/src/Linux/hsflowd.h#L460-L486
@marc_s Will be fixed in the next rolling release, could you check?
Will be available in the next rolling release.
PR https://github.com/vyos/vyos-1x/pull/1933
set vpn ipsec authentication psk MY-PEER id '192.0.2.1' set vpn ipsec authentication psk MY-PEER id '192.0.2.10' set vpn ipsec authentication psk MY-PEER secret 'SeCrEt' set vpn ipsec esp-group ESP proposal 1 set vpn ipsec ike-group IKE key-exchange 'ikev2' set vpn ipsec ike-group IKE lifetime '0' set vpn ipsec ike-group IKE proposal 1 dh-group '14' set vpn ipsec ike-group IKE proposal 1 encryption 'aes256' set vpn ipsec ike-group IKE proposal 1 hash 'sha256' set vpn ipsec interface 'eth1' set vpn ipsec site-to-site peer MY-PEER authentication mode 'pre-shared-secret' set vpn ipsec site-to-site peer MY-PEER ike-group 'IKE' set vpn ipsec site-to-site peer MY-PEER local-address '192.0.2.1' set vpn ipsec site-to-site peer MY-PEER remote-address '192.0.2.10' set vpn ipsec site-to-site peer MY-PEER tunnel 1 esp-group 'ESP' set vpn ipsec site-to-site peer MY-PEER tunnel 1 local prefix '10.0.2.0/25' set vpn ipsec site-to-site peer MY-PEER tunnel 1 remote prefix '10.5.5.0/25'
Expected `no rekeying
vyos@r14:~$ sudo swanctl -L MY-PEER: IKEv2, no reauthentication, no rekeying, dpd delay 30s local: 192.0.2.1 remote: 192.0.2.10 local pre-shared key authentication: remote pre-shared key authentication: id: %any MY-PEER-tunnel-1: TUNNEL, rekeying every 3272s, dpd action is none local: 10.0.2.0/25 remote: 10.5.5.0/25 vyos@r14:~$
PR https://github.com/vyos/vyos-1x/pull/1932
vyos@r14:~$ show sflow -------------------------- ----------------------------------- Agent address 192.168.122.14 sFlow interfaces ['eth0', 'eth1'] sFlow servers ['192.168.122.1', '192.168.122.11'] Counter samples sent 159 Datagrams sent 949 Packet samples sent 124 Packet samples dropped 0 Packet drops sent 815 Packet drops suppressed 0 Flow samples suppressed 0 Counter samples suppressed 0 -------------------------- ----------------------------------- vyos@r14:~$
@lcrockett Add please a new bug report.
It actually already exists: https://vyos.dev/T1981
@PSDev Add please a separate bug report
PR for VyOS 1.3 https://github.com/vyos/vyatta-cfg-system/pull/199
As mentioned on slack, there are quite a few contenders:
Apr 2 2023
I can confirm this bug in rolling 1.3-2023-03-30.
I created a PR based on the changes from the OSPF PR: https://github.com/vyos/vyos-1x/pull/1931
https://vyos.dev/T5085 did the changes for OSPF, but we need this for BGP too
We actually need the same for BGP...