Page MenuHomeVyOS Platform
Feed All Stories

All Stories
Use Results
Edit Query

Jul 31 2023

n.fort updated the task description for T5420: nftables - upgrade to latest 1.0.8.
Jul 31 2023, 5:19 PM · VyOS 1.4 Sagitta
n.fort created T5420: nftables - upgrade to latest 1.0.8.
Jul 31 2023, 5:17 PM · VyOS 1.4 Sagitta
n.fort changed the status of T5406: "update webproxy blacklists" fails when vrf is being configured from Open to In progress.

PR: https://github.com/vyos/vyos-1x/pull/2123

Jul 31 2023, 4:59 PM · VyOS 1.4 Sagitta
Viacheslav changed the subtype of T5418: Allow arbitrary subnets in PPPoE client IP pools from "Task" to "Bug".
Jul 31 2023, 1:59 PM · VyOS 1.4 Sagitta (1.4.0-epa1), VyOS 1.3 Equuleus (1.3.7)
Viacheslav edited projects for T5418: Allow arbitrary subnets in PPPoE client IP pools, added: VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.4); removed VyOS 1.3 Equuleus.
Jul 31 2023, 1:59 PM · VyOS 1.4 Sagitta (1.4.0-epa1), VyOS 1.3 Equuleus (1.3.7)
Viacheslav added a comment to T5418: Allow arbitrary subnets in PPPoE client IP pools.

The same bug was with ipoe-server https://vyos.dev/T5283
It is the actual address x.x.x.0 for UNIX devices and PPP interfaces, but it could be issue work Windows clients
There is a simple fix https://github.com/vyos/vyos-1x/commit/8a79769bf447cb18d456f061afd6a7997b8264f8

Jul 31 2023, 1:58 PM · VyOS 1.4 Sagitta (1.4.0-epa1), VyOS 1.3 Equuleus (1.3.7)
RFigas added a comment to T5418: Allow arbitrary subnets in PPPoE client IP pools.

I'm sorry.
I tested this is VyOS 1.3.3.
I tested mutliple configurations, from subnet /23 all the way up to /32 with the command "set service pppoe-server client-ip-pool subnet <x.x.x.x/x>"
After setting the subnet i'd connect multiple clients to VyOS and check wether all the available IP addresses were used, and they were.

Jul 31 2023, 12:16 PM · VyOS 1.4 Sagitta (1.4.0-epa1), VyOS 1.3 Equuleus (1.3.7)
n.fort added a comment to T5416: Ignoring "ipsec match-none" for firewall.

PR: https://github.com/vyos/vyos-1x/pull/2121

Jul 31 2023, 10:12 AM · VyOS 1.4 Sagitta
n.fort changed the status of T5416: Ignoring "ipsec match-none" for firewall from Open to Confirmed.
Jul 31 2023, 10:00 AM · VyOS 1.4 Sagitta
Viacheslav added a comment to T5418: Allow arbitrary subnets in PPPoE client IP pools.

Which version?
Which tested config? Which generated config?
It would be more clear if you provided tangible examples.

Jul 31 2023, 9:20 AM · VyOS 1.4 Sagitta (1.4.0-epa1), VyOS 1.3 Equuleus (1.3.7)

Jul 30 2023

Apachez added a comment to T5414: dhcp-server does not allow valid bootfile-names.

Just to sync this task to PR 2118:

Jul 30 2023, 11:17 AM · VyOS 1.4 Sagitta
Apachez added a comment to T4502: Consider implementing (NAT/other) flow table offload.

As mentioned in https://vyos.dev/T5419 the offloading should not only apply for NAT.

Jul 30 2023, 8:06 AM · VyOS 1.4 Sagitta
Viacheslav added a comment to T5419: Software/Hardware fastpath with nftables flowtable.

Duplicate of the task https://vyos.dev/T4502
And there also a PR https://github.com/vyos/vyos-1x/pull/2062
It is waiting for merging firewall refactoring

Jul 30 2023, 7:16 AM · VyOS 1.4 Sagitta

Jul 29 2023

Apachez created T5419: Software/Hardware fastpath with nftables flowtable.
Jul 29 2023, 11:59 PM · VyOS 1.4 Sagitta
Apachez added a comment to T5417: nft -o (optimizing ruleset) fails with error: "internal:0:0-0: Error: Could not process rule: File exists" .

This particular case was resolved by adding:

Jul 29 2023, 10:46 PM · Restricted Project, VyOS 1.4 Sagitta (1.4.0-GA)
RFigas changed the status of T5418: Allow arbitrary subnets in PPPoE client IP pools from Open to In progress.
Jul 29 2023, 10:40 PM · VyOS 1.4 Sagitta (1.4.0-epa1), VyOS 1.3 Equuleus (1.3.7)
RFigas created T5418: Allow arbitrary subnets in PPPoE client IP pools.
Jul 29 2023, 10:11 PM · VyOS 1.4 Sagitta (1.4.0-epa1), VyOS 1.3 Equuleus (1.3.7)
Apachez created T5417: nft -o (optimizing ruleset) fails with error: "internal:0:0-0: Error: Could not process rule: File exists" .
Jul 29 2023, 9:44 PM · Restricted Project, VyOS 1.4 Sagitta (1.4.0-GA)
daniil created T5416: Ignoring "ipsec match-none" for firewall.
Jul 29 2023, 9:11 PM · VyOS 1.4 Sagitta
c-po added a comment to T3355: Remove all remaining legacy Vyatta code.

For "show dhcp client" command https://github.com/vyos/vyos-1x/pull/2120

Jul 29 2023, 9:00 PM · VyOS 1.5 Circinus
Apachez added a comment to T5414: dhcp-server does not allow valid bootfile-names.

I added this comment to PR 2118:

Jul 29 2023, 7:58 PM · VyOS 1.4 Sagitta
Apachez added a comment to T3316: Use Kea DHCP(v6) instead of ISC DHCP(v6).

A not too uncommon workaround for this is to disable the lease-file (if possible) and give out leases based on option82 information instead.

Jul 29 2023, 7:41 PM · VyOS 1.5 Circinus
Apachez added a comment to T5413: Deny the opportunity to use one public/private key pair on both wireguard peers..

Is this a limit of wireguard?

Jul 29 2023, 7:38 PM · VyOS 1.3 Equuleus (1.3.5), VyOS 1.4 Sagitta
twan added a comment to T3316: Use Kea DHCP(v6) instead of ISC DHCP(v6).

I'm using the *-parameters in isc-dhcp to manage ddns updates to an external nameserver. This way dns-entries supplied by dhcp-server will be kept in sync, even when using dhcp-failover.
I would love to still be able to keep this functionality with Kea in some way. Either by providing corresponding custom-parameters, or adding native support for this scenario.

Jul 29 2023, 2:47 PM · VyOS 1.5 Circinus
c-po added a parent task for T3700: Support VLAN tunnel mapping of VLAN aware bridges: T5415: Upgrade FRR to version 9.0.
Jul 29 2023, 10:24 AM · VyOS 1.4 Sagitta
c-po added a subtask for T5415: Upgrade FRR to version 9.0: T3700: Support VLAN tunnel mapping of VLAN aware bridges.
Jul 29 2023, 10:24 AM · VyOS 1.4 Sagitta
c-po changed the status of T5415: Upgrade FRR to version 9.0 from Open to In progress.
Jul 29 2023, 10:24 AM · VyOS 1.4 Sagitta
c-po created T5415: Upgrade FRR to version 9.0.
Jul 29 2023, 9:18 AM · VyOS 1.4 Sagitta
jestabro closed T5403: Add support for extending xml cache as Resolved.
Jul 29 2023, 1:45 AM · VyOS 1.4 Sagitta

Jul 28 2023

c-po closed T5411: Remove old background monitoring implementation, a subtask of T3355: Remove all remaining legacy Vyatta code, as Resolved.
Jul 28 2023, 8:50 PM · VyOS 1.5 Circinus
c-po closed T5411: Remove old background monitoring implementation as Resolved.
Jul 28 2023, 8:50 PM · VyOS 1.4 Sagitta
etedor added a comment to T5414: dhcp-server does not allow valid bootfile-names.

I have submitted PR 2118 for this issue.

Jul 28 2023, 6:26 PM · VyOS 1.4 Sagitta
etedor updated the task description for T5414: dhcp-server does not allow valid bootfile-names.
Jul 28 2023, 6:11 PM · VyOS 1.4 Sagitta
etedor updated the task description for T5414: dhcp-server does not allow valid bootfile-names.
Jul 28 2023, 5:57 PM · VyOS 1.4 Sagitta
etedor created T5414: dhcp-server does not allow valid bootfile-names.
Jul 28 2023, 5:51 PM · VyOS 1.4 Sagitta
jestabro closed T5317: configtree: remove mutable references, a subtask of T5316: configtree: use a single pass of the diff algorithm, as Resolved.
Jul 28 2023, 4:49 PM · VyOS 1.4 Sagitta
jestabro closed T5317: configtree: remove mutable references as Resolved.
Jul 28 2023, 4:49 PM · VyOS 1.4 Sagitta
jestabro closed T5316: configtree: use a single pass of the diff algorithm as Resolved.
Jul 28 2023, 4:49 PM · VyOS 1.4 Sagitta
zsdc changed the status of T5410: Improve `utils.convert.convert_data()` to process all stdtypes from Open to In progress.

PR: https://github.com/vyos/vyos-1x/pull/2117

Jul 28 2023, 2:45 PM · VyOS 1.4 Sagitta
a.apostoliuk changed the status of T5413: Deny the opportunity to use one public/private key pair on both wireguard peers. from Open to In progress.
Jul 28 2023, 1:50 PM · VyOS 1.3 Equuleus (1.3.5), VyOS 1.4 Sagitta
a.apostoliuk triaged T5413: Deny the opportunity to use one public/private key pair on both wireguard peers. as Normal priority.
Jul 28 2023, 1:50 PM · VyOS 1.3 Equuleus (1.3.5), VyOS 1.4 Sagitta
Viacheslav closed T5401: Using load config restarts containers every time as Invalid.

You skip this warning and delte version number line

// Warning: Do not remove the following line
// vyos-config-version: "bgp@4:broadcast-relay@1:cluster@1:config-management@1:conntrack@3:conntrack-sync@2:container@1:dhcp-relay@2:dhcp-server@6:dhcpv6-server@1:dns-dynamic@1:dns-forwarding@4:firewall@10:flow-accounting@1:https@4:ids@1:interfaces@29:ipoe-server@1:ipsec@12:isis@3:l2tp@4:lldp@1:mdns@1:monitoring@1:nat@5:nat66@1:ntp@2:openconnect@2:ospf@2:policy@5:pppoe-server@6:pptp@2:qos@2:quagga@11:rip@1:rpki@1:salt@1:snmp@3:ssh@2:sstp@4:system@26:vrf@3:vrrp@4:vyos-accel-ppp@2:wanloadbalance@3:webproxy@2"
// Release version: 1.4-rolling-202307090317
Jul 28 2023, 10:31 AM · VyOS 1.4 Sagitta
m4rcu5 closed T4602: DHCP `ping-check` enabled by default as Resolved.

I've recently migrated from a PCEngines APU2C4 to a Wyse 5070 with a X520 card, as well as upgrading to VyOS 1.4-rolling-202305081003
After which I was unable to reproduce this issue. Roaming now works fine without the ICMP check.

Jul 28 2023, 10:28 AM · VyOS 1.4 Sagitta

Jul 27 2023

jestabro added a subtask for T4820: Support for inter-config-mode script dependencies: T5412: Add support for extending config-mode dependencies in supplemental package.
Jul 27 2023, 6:58 PM · VyOS 1.4 Sagitta
jestabro added a parent task for T5412: Add support for extending config-mode dependencies in supplemental package: T4820: Support for inter-config-mode script dependencies.
Jul 27 2023, 6:58 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
jestabro added a subtask for T5403: Add support for extending xml cache : T5412: Add support for extending config-mode dependencies in supplemental package.
Jul 27 2023, 6:56 PM · VyOS 1.4 Sagitta
jestabro added a parent task for T5412: Add support for extending config-mode dependencies in supplemental package: T5403: Add support for extending xml cache .
Jul 27 2023, 6:56 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
jestabro triaged T5412: Add support for extending config-mode dependencies in supplemental package as Normal priority.
Jul 27 2023, 6:56 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
c-po changed the status of T5411: Remove old background monitoring implementation, a subtask of T3355: Remove all remaining legacy Vyatta code, from Open to In progress.
Jul 27 2023, 6:52 PM · VyOS 1.5 Circinus
c-po changed the status of T5411: Remove old background monitoring implementation from Open to In progress.
Jul 27 2023, 6:52 PM · VyOS 1.4 Sagitta
c-po created T5411: Remove old background monitoring implementation.
Jul 27 2023, 6:52 PM · VyOS 1.4 Sagitta
Viacheslav closed T5368: FastNetmon service ids ddos-protection add support sflow mode as Resolved.
Jul 27 2023, 6:00 PM · VyOS 1.4 Sagitta
zsdc created T5410: Improve `utils.convert.convert_data()` to process all stdtypes.
Jul 27 2023, 4:20 PM · VyOS 1.4 Sagitta
a.apostoliuk changed the status of T5409: Add 'set interfaces wireguard wgX threaded' from Open to In progress.
Jul 27 2023, 3:01 PM · VyOS 1.4 Sagitta
a.apostoliuk created T5409: Add 'set interfaces wireguard wgX threaded'.
Jul 27 2023, 3:00 PM · VyOS 1.4 Sagitta
jestabro added a comment to T5403: Add support for extending xml cache .

PR:
https://github.com/vyos/vyos-1x/pull/2116

Jul 27 2023, 1:23 PM · VyOS 1.4 Sagitta
n.fort claimed T5406: "update webproxy blacklists" fails when vrf is being configured.
Jul 27 2023, 10:11 AM · VyOS 1.4 Sagitta
sarthurdev added a comment to T5404: Ability to completely disable firewall/conntrack.

It is a bug that it’s on by default, see other task. Will be fixed after new firewall refactor is merged.

Jul 27 2023, 9:31 AM · VyOS 1.4 Sagitta
c-po added a comment to T4974: OpenVPN- Data Channel Offload(DCO).

From the VyOS documentation and https://community.openvpn.net/openvpn/wiki/DataChannelOffload

Jul 27 2023, 9:26 AM · VyOS 1.4 Sagitta
Apachez added a comment to T5404: Ability to completely disable firewall/conntrack.

Then how come conntrack modules are loaded (and there is content in the ruleset "sudo nft -s list ruleset") when I have no firewall rules configured?

Jul 27 2023, 9:25 AM · VyOS 1.4 Sagitta
c-po added a comment to T4974: OpenVPN- Data Channel Offload(DCO).

CLI adjusted to:

Jul 27 2023, 9:23 AM · VyOS 1.4 Sagitta
Viacheslav awarded T5403: Add support for extending xml cache a Like token.
Jul 27 2023, 9:06 AM · VyOS 1.4 Sagitta
Viacheslav added a comment to T5404: Ability to completely disable firewall/conntrack.

Conntrack should be disabled by default https://vyos.dev/T5080

Jul 27 2023, 9:03 AM · VyOS 1.4 Sagitta
Viacheslav added a comment to T5408: 15-16 tacacs folders under /home directory.

It is not a bug.
It is the implementation of TACACS authentication https://github.com/vyos/vyos-1x/pull/2038
https://github.com/vyos/vyos-1x/blob/fa07179ae7f1dc07e6ccc1b20d2b81384b6efe07/debian/vyos-1x.postinst#L47-L52

Jul 27 2023, 8:56 AM · VyOS 1.4 Sagitta
a.hajiyev created T5408: 15-16 tacacs folders under /home directory.
Jul 27 2023, 8:00 AM · VyOS 1.4 Sagitta
jvoss created T5407: Static routes pointed to container networks fail to persist after reboot.
Jul 27 2023, 2:53 AM · VyOS 1.4 Sagitta
Apachez created T5406: "update webproxy blacklists" fails when vrf is being configured.
Jul 27 2023, 2:43 AM · VyOS 1.4 Sagitta
Apachez created T5405: "update geoip" fails when vrf is being configured.
Jul 27 2023, 2:37 AM · Restricted Project, VyOS 1.4 Sagitta (1.4.1)
Apachez created T5404: Ability to completely disable firewall/conntrack.
Jul 27 2023, 2:24 AM · VyOS 1.4 Sagitta

Jul 26 2023

c-po closed T4974: OpenVPN- Data Channel Offload(DCO) as Resolved.
Jul 26 2023, 9:15 PM · VyOS 1.4 Sagitta
c-po closed T5365: Container systemd units require authentication as Resolved.
Jul 26 2023, 7:47 PM · VyOS 1.4 Sagitta
jestabro changed the status of T5403: Add support for extending xml cache from Open to In progress.
Jul 26 2023, 6:51 PM · VyOS 1.4 Sagitta
Apachez added a comment to T5399: "show ntp" fails when vrf is being configured.

Tested and verified as described in the pull request:

Jul 26 2023, 5:55 PM · VyOS 1.4 Sagitta
jack9603301 added a comment to T5341: Improve CLI for high-availability virtual-server to work with multiple ports.
Jul 26 2023, 4:49 PM · VyOS 1.4 Sagitta
n.fort added a comment to T5399: "show ntp" fails when vrf is being configured.

Thanks for testing and submitting PR

Jul 26 2023, 1:37 PM · VyOS 1.4 Sagitta
a.apostoliuk changed the status of T5402: VRRP router with rfc3768-compatibility sends multiple ARP replies from Open to In progress.
Jul 26 2023, 12:17 PM · VyOS 1.5 Circinus, VyOS 1.3 Equuleus (1.3.5), VyOS 1.4 Sagitta
a.apostoliuk created T5402: VRRP router with rfc3768-compatibility sends multiple ARP replies .
Jul 26 2023, 12:17 PM · VyOS 1.5 Circinus, VyOS 1.3 Equuleus (1.3.5), VyOS 1.4 Sagitta
Viacheslav closed T5398: FRR mangles container network interface names as Resolved.
Jul 26 2023, 12:01 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T5399: "show ntp" fails when vrf is being configured from Open to Needs testing.
Jul 26 2023, 12:01 PM · VyOS 1.4 Sagitta
Apachez added a comment to T5399: "show ntp" fails when vrf is being configured.

Pull request created: https://github.com/vyos/vyos-1x/pull/2112

Jul 26 2023, 9:51 AM · VyOS 1.4 Sagitta
Viacheslav added a comment to T5399: "show ntp" fails when vrf is being configured.

There is this line in the code https://github.com/vyos/vyos-1x/blob/688755a988e233e221bf920e391e35d5ddc9cb56/src/op_mode/show_ntp.sh#L21

Jul 26 2023, 7:56 AM · VyOS 1.4 Sagitta
yzguy added a comment to T5401: Using load config restarts containers every time.

https://github.com/vyos/vyos-1x/pull/2111

Jul 26 2023, 4:32 AM · VyOS 1.4 Sagitta
yzguy created T5401: Using load config restarts containers every time.
Jul 26 2023, 3:11 AM · VyOS 1.4 Sagitta
yzguy updated subscribers of T5365: Container systemd units require authentication.

@c-po just added the sudo on a live box to test the changes and I can confirm that fixes it. No auth prompt when doing a load config.
Now I did notice that every time I do a load config it runs that migration script which stops/starts the container which is not ideal.

Jul 26 2023, 2:23 AM · VyOS 1.4 Sagitta

Jul 25 2023

Apachez added a comment to T5399: "show ntp" fails when vrf is being configured.

I can confirm that altering line 21 as suggested fixes this issue.

Jul 25 2023, 11:29 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T5398: FRR mangles container network interface names from Open to Needs testing.
Jul 25 2023, 9:28 PM · VyOS 1.4 Sagitta
c-po added a comment to T4974: OpenVPN- Data Channel Offload(DCO).

We probably wan't to load/unload the Kernel Module given what the user want's to do

Jul 25 2023, 9:15 PM · VyOS 1.4 Sagitta
c-po closed T5377: ospf: add graceful restart FRR feature (RFC 3623) as Resolved.
Jul 25 2023, 9:13 PM · VyOS 1.4 Sagitta
jvoss claimed T5398: FRR mangles container network interface names.

https://github.com/vyos/vyos-1x/pull/2110

Jul 25 2023, 9:05 PM · VyOS 1.4 Sagitta
Apachez added a comment to T5116: Better VRF support.

Out of the blue it seems like "network namespaces" would solve alot of current VRF compatability issues within VyOS:

Jul 25 2023, 8:34 PM · Restricted Project, VyOS 1.5 Circinus
jestabro triaged T5400: Move libvyosconfig build out of the Docker image as Wishlist priority.
Jul 25 2023, 8:00 PM · VyOS 1.5 Circinus
Apachez added a comment to T5371: "system name-server" is not vrf aware.

Workaround until "system name-server" becomes vrf aware seems to be to change context into vrf INTERNET and then do a ping with VRF syntax like so:

Jul 25 2023, 7:42 PM · Restricted Project, VyOS 1.5 Circinus
Apachez added a comment to T5374: Ability to set 24-hour time format.

I would vote for:

Jul 25 2023, 7:40 PM · VyOS 1.4 Sagitta
1vivy added a comment to T5387: dhcp6c: add a no release option.

PR: https://github.com/vyos/vyos-1x/pull/2108
PR: https://github.com/vyos/vyos-build/pull/372

Jul 25 2023, 6:32 PM · VyOS 1.3 Equuleus (1.3.5), VyOS 1.4 Sagitta
1vivy changed the status of T5387: dhcp6c: add a no release option from Open to Confirmed.
Jul 25 2023, 6:28 PM · VyOS 1.3 Equuleus (1.3.5), VyOS 1.4 Sagitta
n.fort added a comment to T5399: "show ntp" fails when vrf is being configured.

Can you check changing

Jul 25 2023, 5:07 PM · VyOS 1.4 Sagitta
yzguy updated the task description for T5365: Container systemd units require authentication.
Jul 25 2023, 4:13 PM · VyOS 1.4 Sagitta
yzguy updated the task description for T5365: Container systemd units require authentication.
Jul 25 2023, 4:06 PM · VyOS 1.4 Sagitta
yzguy updated the task description for T5365: Container systemd units require authentication.
Jul 25 2023, 4:05 PM · VyOS 1.4 Sagitta
yzguy updated the task description for T5365: Container systemd units require authentication.
Jul 25 2023, 3:54 PM · VyOS 1.4 Sagitta
First
Prev
Next