The cluster feature will be deprecated, as we use systemd we should avoid init.d scripts.
All logic should be rewritten to VRRP
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Aug 28 2023
Aug 28 2023
Viacheslav updated the task description for T5521: Home owner directory changed to vyos for the user after reboot.
Viacheslav updated the task description for T5521: Home owner directory changed to vyos for the user after reboot.
Viacheslav edited projects for T2037: Make use of a systemd environment file, added: VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus (1.3.5).
Viacheslav updated subscribers of T1764: Use lists instead of whitespace-separated strings in vyos.config .
@dmaasland @jestabro Can we close it?
Viacheslav edited projects for T1674: Support [virtual] dvd device in add system image, added: VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus (1.3.5).
Viacheslav edited projects for T1647: event-handler configurable syslog.pipe level , added: VyOS 1.3 Equuleus (1.3.4); removed VyOS 1.3 Equuleus (1.3.5).
The event handler was rewritten to python3 and doesn't use pipes.
Viacheslav closed T1647: event-handler configurable syslog.pipe level , a subtask of T3083: Add feature event-handler, as Invalid.
Viacheslav edited projects for T1449: Add opportunity to include custom default configs (few) at building , added: VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus (1.3.5).
@runar Can we close it?
vyos@r1# set interfaces bridge br0 member interface eth1 Possible completions: + allowed-vlan Specify VLAN id which is allowed in this trunk interface cost Bridge port cost isolated Port is isolated (also known as Private-VLAN) native-vlan Specify VLAN id which should natively be present on the link priority Bridge port priority
Viacheslav moved T1311: WAN load-balancing can't flush connections when conntrack-sync is enabled from Open to Finished on the VyOS 1.4 Sagitta board.
Aug 28 2023, 10:08 AM · VyOS 1.3 Equuleus (1.3.9), VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project, test
There are not such options in FRR
r14(config-route-map)# set ip next-hop A.B.C.D IP address of next hop peer-address Use peer address (for BGP only) unchanged Don't modify existing Next hop address r14(config-route-map)#
It must be next-hop
Viacheslav edited projects for T1002: install image - fast install, added: VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus (1.3.5).
Viacheslav closed T1012: vyos-build configure script should check /etc/issue to avoid confusion as Not Applicable.
The best option is to use containers https://docs.vyos.io/en/latest/contributing/build-vyos.html#build-container
Close it as out of date.
Same issue. So building Equuleus isn't possible at all anymore? I don't quite understand that the message is "it will be fixed eventually" but at the same time it's tagged as "Wont fix".
Viacheslav added a comment to T738: Add local-port and resolver port options for powerdns in CLI configuration tree.
PR for 1.3 https://github.com/vyos/vyos-1x/pull/2181
Viacheslav edited projects for T469: Problem after commit with errors, added: VyOS 1.3 Equuleus (1.3.4); removed VyOS 1.3 Equuleus (1.3.5).
I don't see any errors in VyOS 1.3-stable-202308240442
vyos@r1# set firewall group network-group FW-OUT network '191.200.161.8/31' [edit] vyos@r1# set firewall group network-group FW-OUT network '191.200.161.8/32' [edit] vyos@r1# commit [edit] vyos@r1# delete firewall group [edit] vyos@r1# commit [edit] vyos@r1#
limitations of old backend
Viacheslav closed T4745: CLI TAB issue with values with '-' at the beginning in conf mode, a subtask of T4704: Allow to set metric (MED) to rtt with rtt,+rtt or -rtt, as Resolved.
Viacheslav closed T4745: CLI TAB issue with values with '-' at the beginning in conf mode as Resolved.
Viacheslav edited projects for T4745: CLI TAB issue with values with '-' at the beginning in conf mode, added: VyOS 1.3 Equuleus (1.3.4); removed VyOS 1.3 Equuleus (1.3.5).
Fixed
[edit] vyos@r1# set policy route-map TEST rule 10 set metric -10 [edit] vyos@r1# commit [edit] vyos@r1# sudo vtysh -c "show run" Building configuration...
This task for the ldpd
https://vyos.dev/T4020
My bad, I don't know how I missed them!
The smoketest was in the same PR https://github.com/vyos/vyos-1x/pull/2162/files#diff-59a88cf4e56c56db9de173bbdeb31600f9733d8598570831364d2d368402af77
@Apachez thanks to you.
Let me check it.
syncer triaged T5510: Shrink imagesize and improve read performance by changing mksquashfs syntax as Normal priority.
Apachez added a comment to T5510: Shrink imagesize and improve read performance by changing mksquashfs syntax.
Some tests on filesystem.squashfs from VyOS 1.4-rolling-202308280021.
In T5472#157591, @aderouineau wrote:Should a smoke test be added?
Better to have it
it will be fixed eventually
jestabro updated the task description for T5520: Likely source of corruption on system update exposed by change in coreutils for Bookworm.
jestabro updated the task description for T5520: Likely source of corruption on system update exposed by change in coreutils for Bookworm.
jestabro updated the task description for T5520: Likely source of corruption on system update exposed by change in coreutils for Bookworm.
jestabro updated the task description for T5520: Likely source of corruption on system update exposed by change in coreutils for Bookworm.
jestabro triaged T5520: Likely source of corruption on system update exposed by change in coreutils for Bookworm as High priority.
Apachez added a comment to T5511: Cleanup of unused directories (and files) in order to shrink image-size.
A note from https://forum.vyos.io/t/clear-logs-on-vyos/6878/10?u=viacheslav that there might be issues if removing directories from within / var/log/* doesnt occur to PR381 since that PR was specific about which files and directories to remove when it comes to / var/log. That is only files NOT directories were removed from / var/log.
Validated the change on version 1.4-rolling-202308250021.
https://github.com/vyos/vyos-1x/pull/2180 implement a workaround by changing the default values of stdout and stderr from PIPE to None.
Aug 27 2023
Aug 27 2023
sarthurdev closed T1097: Make firewall groups work everywhere that's appropropriate, a subtask of T2199: Rewrite firewall in new XML/Python style, as Resolved.
A baseline could be to look at the linux kernel config used by Alpine Linux for their RPI-builds:
@sdev I saw c-po revert the merge.
and I didn't expect that it will cost lots of time also.
It's better to revert it.
Currently, I will maintain kernel configs in my own branch.
dmbaturin renamed T5512: build linux-firmware script cannot expand asterisks if firmware name is a glob string from build linux-firmware script cannot expend star sign if firmware name is a glob string to build linux-firmware script cannot expand asterisks if firmware name is a glob string.
@tjjh89017 This will need to be re-evaluated. The build from your PR was taking in excess of 8 hours on the build server - the defconfig likely needs to be brought down to only the minimum required modules/drivers for successful builds on target devices.
Just a comment:
tjjh89017 added a comment to T5512: build linux-firmware script cannot expand asterisks if firmware name is a glob string.
It should be fixed via https://github.com/vyos/vyos-build/pull/382
This does still need to be addressed in 1.4. Without a version string, the 2-to-3 migrator is adding the conntrack helpers to the default config.
Duplicate T3275
GitHub <[email protected]> committed rVYOSONEXd3edda22573f: Merge pull request #2176 from sarthurdev/T5080 (authored by c-po).
GitHub <[email protected]> committed rVYOSONEX904cbe448c57: Merge pull request #2178 from sarthurdev/labels (authored by c-po).
GitHub <[email protected]> committed rVYOSONEX63012d655fbe: Merge pull request #2175 from sarthurdev/labels (authored by c-po).
sarthurdev added a comment to T5479: Helper leftovers found in nftables (firewall) even with all helpers disabled.
The kernel modules handle tracking of those, rpc/tns are userspace helpers.
Apachez added a comment to T5479: Helper leftovers found in nftables (firewall) even with all helpers disabled.
So how are all the other helpers added to the ruleset if not dynamically?
sarthurdev added a comment to T5479: Helper leftovers found in nftables (firewall) even with all helpers disabled.
They are only defined. Only when the VYOS_CT_HELPER chain is reached will they take effect - see links in my above comment. Being in the default config will have no effect on connection tracking if bypassed by the notrack rule.
Apachez reopened T5479: Helper leftovers found in nftables (firewall) even with all helpers disabled as "Open".
Then how come these helpers are always enabled as pointed out at https://vyos.dev/T5080#149232 ?
How come these helpers (pointed out by @saintclairpcarvalho but also )https://vyos.dev/T5479) are always enabled?
sarthurdev changed the status of T5080: Disable conntrack by default, a subtask of T5160: Firewall refactor, from In progress to Needs testing.
sarthurdev changed the status of T5080: Disable conntrack by default from In progress to Needs testing.
sarthurdev closed T5479: Helper leftovers found in nftables (firewall) even with all helpers disabled as Invalid.
They are created but unused by default (see VYOS_CT_HELPER chain)
sarthurdev changed the status of T5511: Cleanup of unused directories (and files) in order to shrink image-size from Open to Needs testing.
GitHub <[email protected]> committed rVYOSONEXf7b7c6df9822: Merge pull request #2174 from sarthurdev/T5018_fix (authored by c-po).
Found some anomalies regarding show firewall command (I assume related to the refactoring) which I have reported in https://vyos.dev/T5513
sarthurdev changed the status of T5018: Redirect to IFB removed after change in qos policy from Confirmed to Needs testing.
Thanks for following up on this issue @rayzilt
syncer edited projects for T4869: A network with `/32` or `/128` mask cannot be removed from a network-group, added: VyOS 1.3 Equuleus (1.3.4); removed VyOS 1.3 Equuleus.
syncer edited projects for T4745: CLI TAB issue with values with '-' at the beginning in conf mode, added: VyOS 1.3 Equuleus (1.3.5); removed VyOS 1.3 Equuleus.
syncer edited projects for T4774: Disallow duplicate pubkey on peers of a wireguard interface, added: VyOS 1.3 Equuleus (1.3.5); removed VyOS 1.3 Equuleus.
syncer edited projects for T4692: Docker Builds of Equuleus Fail - public_suffix requires Ruby version >= 2.6, added: VyOS 1.3 Equuleus (1.3.5); removed VyOS 1.3 Equuleus.
syncer edited projects for T4769: Conntrack settings are not apply properly, added: VyOS 1.3 Equuleus (1.3.5); removed VyOS 1.3 Equuleus.
syncer edited projects for T4776: NVME storage is not detected properly during installation, added: VyOS 1.3 Equuleus (1.3.5); removed VyOS 1.3 Equuleus.
syncer edited projects for T4811: Webproxy bypassing CLI whitelist command is missing, added: VyOS 1.3 Equuleus (1.3.5); removed VyOS 1.3 Equuleus.
syncer edited projects for T4840: Backend qmicli commands fail, when ModemManager is starting the cellular service, need to use qmi-proxy., added: VyOS 1.3 Equuleus (1.3.5); removed VyOS 1.3 Equuleus.
syncer edited projects for T4874: Add Warning message to Equuleus, added: VyOS 1.3 Equuleus (1.3.5); removed VyOS 1.3 Equuleus.
syncer edited projects for T4855: Trying to create more than one tunnel of the same type to the same address causes unhandled exception, added: VyOS 1.3 Equuleus (1.3.5); removed VyOS 1.3 Equuleus.
syncer edited projects for T4972: Support FQDN and IPv6 addresses for RADIUS servers in accel-ppp-backed protocols, added: VyOS 1.3 Equuleus (1.3.5); removed VyOS 1.3 Equuleus.
syncer edited projects for T4894: Using the same name for address and network group yields in ipset error, added: VyOS 1.3 Equuleus (1.3.5); removed VyOS 1.3 Equuleus.
syncer edited projects for T4895: Tag nodes are overwritten when configured by Cloud-Init from User-Data, added: VyOS 1.3 Equuleus (1.3.5); removed VyOS 1.3 Equuleus.
syncer edited projects for T4976: Unable to form bond with Broadcom Inc. BCM57454 NetXtrem-E, added: VyOS 1.3 Equuleus (1.3.5); removed VyOS 1.3 Equuleus.